category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-7761	Ultimate Member <= 2.11.4 - Authenticated (Contributor+) Account Takeover via Password Reset Link Disclosure_CVE-2026-7761 The Ultimate Member plugin for WordPress is vulnerable to Account Takeover via Password Reset Link Disclosure in all versions up to and including 2...	ultimatemember	Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin	Jun 24, 2026	CVE
HIGH 7.6	CVE-2026-56052	WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.5 - SQL Injection vulnerability_CVE-2026-56052 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder by FunnelKit allows ...	FunnelKit	Funnel Builder by FunnelKit n/a	Jun 24, 2026	CVE
MEDIUM 6.5	CVE-2026-9539	libslirp TCP URG OOB Read Information Leak_CVE-2026-9539 An out-of-bounds heap read and integer underflow in the TCP urgent data handling (sosendoob) in freedesktop.org libslirp version before v4.9.2 on h...	freedesktop.org	libslirp	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-12851	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12851 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-12850	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12850 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-12849	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12849 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 10	CVE-2026-12848	GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12848 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 10	CVE-2026-12847	GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12847 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 10	CVE-2026-12846	GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12846 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
MEDIUM 6.2	CVE-2026-12488	GeoVision GV-VMS V20 GV-Cloud memory corruption vulnerability_CVE-2026-12488 A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can l...	GeoVision Inc.	GeoVision V20.0.2	Jun 24, 2026	CVE