Medium - CVE-2024-12597 - The HT Mega – Absolute Addons For Elementor...
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'block_css' and 'inner_css' parameters in all versions up...
Medium - CVE-2024-13607 - The JS Help Desk – The Ultimate Help Desk &...
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.8 via the...
NA - CVE-2024-10237 - There is a vulnerability in the BMC firmware...
There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD-X12DPG-OA6 . An attacker can modify the firmware to bypass BMC inspection and bypass the signature...
NA - CVE-2024-10238 - A security issue in the firmware image...
A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6. An attacker can upload a specially crafted image that will cause a stack overflow is caused by...
NA - CVE-2024-10239 - A security issue in the firmware image...
A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 . An attacker with administrator privileges can upload a specially crafted image, which can cause a...
Medium - CVE-2024-12046 - The Medical Addon for Elementor plugin for...
The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.2 via the 'namedical_elementor_template'...
Medium - CVE-2024-13514 - The B Slider- Gutenberg Slider Block for WP...
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.5 via the 'bsb-slider' shortcode due to...
NA - CVE-2025-20881 - Out-of-bounds write in accessing buffer storing...
Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User...
NA - CVE-2025-20882 - Out-of-bounds write in accessing uninitialized...
Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is...