category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6	CVE-2026-9132	Missing authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository contents via the Copilot pull request diff summary endpoint_CVE-2026-9132 A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from privat...	GitHub	Enterprise Server 3.17.0	Jun 30, 2026	CVE
MEDIUM 4.8	CVE-2026-9106	UI misrepresentation vulnerability in GitHub Enterprise Server allowed unauthorized organization runner management via undisclosed OAuth scope on consent screen_CVE-2026-9106 A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an o...	GitHub	Enterprise Server 3.16.0	Jun 30, 2026	CVE
HIGH 8.7	CVE-2026-44628	OFFIS DCMTK Toolkit Type Confusion_CVE-2026-44628 An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directo...	OFFIS DICOM	DCMTK Toolkit	Jun 30, 2026	CVE
HIGH 8.7	CVE-2026-13207	Frangoteam FUXA SCADA/HMI Authentication Bypass by Spoofing_CVE-2026-13207 FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fai...	Frangoteam	FUXA SCADA/HMI 1.3.1	Jun 30, 2026	CVE
HIGH 8.5	CVE-2026-11594	IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities_CVE-2026-11594 IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console.	IBM	WebSphere Application Server 9.0	Jun 30, 2026	CVE
MEDIUM 5.9	CVE-2026-10562	Unauthenticated Open Redirect Vulnerability on TP-Link Archer AX20 Web Interface_CVE-2026-10562 An unauthenticated URL redirection vulnerability has been identified in Archer AX20 V2 due to improper validation of user-supplied URL input within...	TP-Link Systems Inc.	Archer AX20 V2.0	Jun 30, 2026	CVE
HIGH 8.1	CVE-2025-36359	IBM DevOps Loop is susceptible to an Insufficient Session Expiration vulnerability._CVE-2025-36359 IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to i...	IBM	DevOps Automation 1.0.1	Jun 30, 2026	CVE
MEDIUM 5.9	CVE-2025-36336	Transmission of Sensitive Information found in Watson Data Intelligence_CVE-2025-36336 IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information ...	IBM	watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0	Jun 30, 2026	CVE
MEDIUM 4.3	CVE-2025-36333	Vulnerabilities found in Watson Data Intelligence_CVE-2025-36333 IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enfo...	IBM	watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0	Jun 30, 2026	CVE
MEDIUM 4.3	CVE-2025-36328	Error Message Containing Sensitive Information found in Watson Data Intelligence_CVE-2025-36328 IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical er...	IBM	watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0	Jun 30, 2026	CVE