category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.4	CVE-2026-46326	iio: pressure: mprls0025pa: fix spi_transfer struct initialisation_CVE-2026-46326 In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi_transfer struct initialisation Make sure ...	Linux	Linux a0858f0cd28e822b91376ae288d5548bc1847531	Jun 9, 2026	CVE
CRITICAL 9.8	CVE-2026-46325	RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE_CVE-2026-46325 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE The curren...	Linux	Linux 592627ccbdff0ec6fff00fc761142a76db750dd4	Jun 9, 2026	CVE
MEDIUM 6.8	CVE-2026-54421	CVE-2026-54421_CVE-2026-54421 In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unred...	OpenStack	Ironic	Jun 14, 2026	CVE
HIGH 8.5	CVE-2026-54420	CVE-2026-54420_CVE-2026-54420 LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web...	LiteSpeed Technologies	cPanel Plugin 2.3	Jun 14, 2026	CVE
MEDIUM 5.1	CVE-2026-12175	CodeAstro Student Attendance Management System createStudents.php sql injection_CVE-2026-12175 A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Adm...	CodeAstro	Student Attendance Management System 1.0	Jun 13, 2026	CVE
MEDIUM 5.3	CVE-2026-12176	SourceCodester CET Automated Grading System with AI Predictive Analytics index.php cross site scripting_CVE-2026-12176 A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown ...	SourceCodester	CET Automated Grading System with AI Predictive Analytics 1.0	Jun 13, 2026	CVE
HIGH 8.7	CVE-2026-12174	D-Link DCS-935L HTTP rhea snprintf format string_CVE-2026-12174 A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhe...	D-Link	DCS-935L 1.10.01	Jun 13, 2026	CVE
MEDIUM 5.6	CVE-2026-6428	CVE-2026-6428_CVE-2026-6428 SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x bef...	Koha Community	Koha	Jun 13, 2026	CVE
CRITICAL 9.3	CVE-2026-12183	CVE-2026-12183_CVE-2026-12183 Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-28...	Nefteprodukttekhnika LLC	BUK TS-G Gas Station Automation System 2.9.1, 2.10.2	Jun 13, 2026	CVE
HIGH 7.2	CVE-2026-5513	Online Scheduling and Appointment Booking System – Bookly <= 27.2 - Unauthenticated Stored Cross-Site Scripting via 'bookly-customer-full-name' Cookie_CVE-2026-5513 The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-cus...	ladela	Online Scheduling and Appointment Booking System – Bookly	Jun 13, 2026	CVE