category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-44172	MariaDB: mysql_real_escape_string() incorrectly handled big5_CVE-2026-44172 MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input...	MariaDB	server = 3.3.18	Jun 12, 2026	CVE
MEDIUM 6.3	CVE-2026-44171	MariaDB: path traversal in mbstream_CVE-2026-44171 MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before ...	MariaDB	server >= 10.6.1, < 10.6.26	Jun 12, 2026	CVE
MEDIUM 6.3	CVE-2026-44170	MariaDB: Argument injection in CONNECT REST Xcurl on Windows via unsanitized URL_CVE-2026-44170 MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before ...	MariaDB	server >= 10.6.1, < 10.6.26	Jun 12, 2026	CVE
MEDIUM 4.3	CVE-2026-44169	MariaDB: Authorization bypass in role-based routine-level privilege check exposes stored routine definitions_CVE-2026-44169 MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user g...	MariaDB	server >= 11.4.1, < 11.4.11	Jun 12, 2026	CVE
HIGH 8	CVE-2026-44168	MariaDB: wsrep SST unsafe parameter handling on the donor side_CVE-2026-44168 MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before ...	MariaDB	server >= 10.6.1, < 10.6.26	Jun 12, 2026	CVE
MEDIUM 6.9	CVE-2026-53726	Parse Server: Relation `$relatedTo` query bypasses `protectedFields` and owning-object ACL_CVE-2026-53726 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.80 and 9.9.1-alpha.6,...	parse-community	parse-server < 8.6.80	Jun 12, 2026	CVE
MEDIUM 5.9	CVE-2026-53725	Parse Server: Endpoints `/login` and `/verifyPassword` disclose MFA secrets and protected fields when `_User` get is denied_CVE-2026-53725 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. From version 9.8.0 to before version 9.9.1-...	parse-community	parse-server >= 9.8.0, < 9.9.1-alpha.5	Jun 12, 2026	CVE
LOW 2.1	CVE-2026-53724	Parse Server: Stored XSS via trailing-dot filename bypassing file upload extension blocklist_CVE-2026-53724 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 and 9.9.1-alpha.4,...	parse-community	parse-server < 8.6.79	Jun 12, 2026	CVE
HIGH 8.1	CVE-2026-53408	CVE-2026-53408_CVE-2026-53408 Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an un...	Zoom Communications	Zoom Workplace	Jun 12, 2026	CVE
HIGH 8.1	CVE-2026-53407	CVE-2026-53407_CVE-2026-53407 Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an un...	Zoom Communications	Zoom Workplace	Jun 12, 2026	CVE