category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.3	CVE-2026-50033	CVE-2026-50033_CVE-2026-50033 Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9...	Acronis	Acronis DeviceLock DLP unspecified	Jun 3, 2026	CVE
HIGH 7.3	CVE-2026-44682	CVE-2026-44682_CVE-2026-44682 Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9...	Acronis	Acronis DeviceLock DLP unspecified	Jun 3, 2026	CVE
HIGH 7.3	CVE-2026-44609	CVE-2026-44609_CVE-2026-44609 Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9...	Acronis	Acronis DeviceLock DLP unspecified	Jun 3, 2026	CVE
MEDIUM 4.8	CVE-2026-43924	FOSSBilling has an open redirect via administrator-configured redirect targets_CVE-2026-43924 FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL sche...	FOSSBilling	FOSSBilling < 0.8.0	Jun 3, 2026	CVE
HIGH 7.3	CVE-2026-42061	CVE-2026-42061_CVE-2026-42061 Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP (W...	Acronis	Acronis DeviceLock DLP unspecified	Jun 3, 2026	CVE
MEDIUM 6.9	CVE-2026-40495	FOSSBilling version exposed via asset cache buster_CVE-2026-40495 FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache ...	FOSSBilling	FOSSBilling < 0.8.0	Jun 3, 2026	CVE
LOW 2	CVE-2026-10766	mlrun DataFrame Hash helpers.py mlrun.utils.helpers.calculate_dataframe_hash weak hash_CVE-2026-10766 A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/...	n/a	mlrun 1.12.0-rc1	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-42507	Arbitrary inputs are included in errors without any escaping in net/textproto_CVE-2026-42507 When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject ...	Go standard library	net/textproto	Jun 2, 2026	CVE
MEDIUM 6.5	CVE-2026-35718	CVE-2026-35718_CVE-2026-35718 A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers t...	n/a	n/a n/a	Jun 2, 2026	CVE
HIGH 8.8	CVE-2026-30652	CVE-2026-30652_CVE-2026-30652 A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firm...	Vivotek	Vivotek FD8136 FD8136-VVTK-0300a	Jun 2, 2026	CVE