category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-27869	WEB SERVICE (HTTP) DENIAL OF SERVICE VIA SLOW HEADERS ON REGESTA SMART HD-PLC OF TELDAT_CVE-2026-27869 An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, NO registration action is required) who has t...	Teldat	Regesta Smart HD-PLC - TLDPH16D2 11.02.05.10.02	Jun 17, 2026	CVE
MEDIUM 6.9	CVE-2026-27868	PUBLICATION OF SENSITIVE INFORMATION ON REGESTA SMART HD-PLC OF TELDAT_CVE-2026-27868 An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, NO registration action is required) who has t...	Teldat	Regesta Smart HD-PLC - TLDPH16D2 11.02.05.10.02	Jun 17, 2026	CVE
HIGH 8.8	CVE-2026-12165	Contest Gallery <= 30.0.2 - Authenticated (Author+) Privilege Escalation via 'RegistryUserRole' Parameter_CVE-2026-12165 The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all vers...	contest-gallery	Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe	Jun 17, 2026	CVE
MEDIUM 6.6	CVE-2026-12115	Counter Box <= 2.0.13 - Authenticated (Administrator+) PHP Object Injection via Import_CVE-2026-12115 The Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions...	wpcalc	Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress	Jun 17, 2026	CVE
MEDIUM 6.4	CVE-2026-8607	myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wrap' Shortcode Attribute_CVE-2026-8607 The Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred plugin for WordPress is vulnerable to Stored Cro...	saadiqbal	Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred	Jun 17, 2026	CVE
MEDIUM 6.4	CVE-2026-8494	Permalink Manager Lite <= 2.5.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title_CVE-2026-8494 The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in the admin URI Editor interface in a...	mbis	Permalink Manager Lite	Jun 17, 2026	CVE
CRITICAL 10	CVE-2026-28615	CVE-2026-28615_CVE-2026-28615 In Telecomm, there is a possible way to initiate an unauthorized phone call due to a permissions bypass. This could lead to local escalation of pri...	Google	Android 17	Jun 17, 2026	CVE
CRITICAL 10	CVE-2026-28587	CVE-2026-28587_CVE-2026-28587 In MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This could l...	Google	Android 17	Jun 17, 2026	CVE
CRITICAL 10	CVE-2026-28576	CVE-2026-28576_CVE-2026-28576 In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure...	Android	Android 17	Jun 17, 2026	CVE
CRITICAL 10	CVE-2026-28575	CVE-2026-28575_CVE-2026-28575 In PackageInstaller.Session#transfer of frameworks/base/services/core/java/com/android/server/pm/PackageInstallerSession.java, there is a possible ...	Google	Android 17	Jun 17, 2026	CVE