category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-10809	itsourcecode Fees Management System manage_user.php sql injection_CVE-2026-10809 A security flaw has been discovered in itsourcecode Fees Management System 1.0. This impacts an unknown function of the file /manage_user.php. The ...	itsourcecode	Fees Management System 1.0	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-10808	itsourcecode Fees Management System manage_student.php sql injection_CVE-2026-10808 A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown function of the file /manage_student.php. The ma...	itsourcecode	Fees Management System 1.0	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-10807	mjperpinosa stumasy change_profile_image.php unrestricted upload_CVE-2026-10807 A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/cha...	mjperpinosa	stumasy 25d695901fbb586bf184b8ba73456d8e5311656c	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-10806	mjperpinosa stumasy add_post.php unrestricted upload_CVE-2026-10806 A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/add_post....	mjperpinosa	stumasy 25d695901fbb586bf184b8ba73456d8e5311656c	Jun 4, 2026	CVE
LOW 3.3	CVE-2025-62338	The HCL BigFix Cloud Lifecycle Management is affected by Lack of Input Validation._CVE-2025-62338 The HCL BigFix Cloud Lifecycle Management is affected by Lack Of Input Validation. It may leads to an information exposure vulnerability. This low-...	HCL	BigFix Cloud Lifecycle Management 10.9.1 and 10.9.2	Jun 4, 2026	CVE
HIGH 8.1	CVE-2025-59874	HCL Hive Telco Observability is affected by a Required directives missing from the CSP ._CVE-2025-59874 HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web applicat...	HCL	Hive 1.0	Jun 4, 2026	CVE
HIGH 7.5	CVE-2025-46638	CVE-2025-46638_CVE-2025-46638 Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potential...	Dell	BSAFE SSL-J	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-47707	Strawberry GraphQL’s Bypass of MaxAliasesLimiter via Fragment Spreads leading to GraphQL Alias Amplification_CVE-2026-47707 Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.172.0 through0.315.6, the MaxAliasesLimiter extension in Strawberry fails ...	strawberry-graphql	strawberry >= 0.172.0, < 0.315.7	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-47706	Strawberry GraphQL has a Circular Fragment Reference DOS_CVE-2026-47706 Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.71.0 through 0.315.6, the QueryDepthLimiter extension is vulnerable to an ...	strawberry-graphql	strawberry >= 0.71.0, < 0.315.7	Jun 4, 2026	CVE
LOW 3.1	CVE-2026-45739	Strawberry GraphQL: Default GraphiQL may expose HTTP headers in URLs_CVE-2026-45739 Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.288.4 through 0.315.3, Strawberry's bundled GraphiQL template wrote values...	strawberry-graphql	strawberry >= 0.288.4, < 0.315.4	Jun 4, 2026	CVE