category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-53873	picklescan – Arbitrary Code Execution via profile.run() Blocklist Bypass_CVE-2026-53873 picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level profile.run() function, allowi...	picklescan	picklescan	Jun 17, 2026	CVE
HIGH 8.7	CVE-2026-53872	picklescan – Arbitrary File Read via Unsafe Pickle Deserialization_CVE-2026-53872 picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files ...	picklescan	picklescan	Jun 17, 2026	CVE
CRITICAL 10	CVE-2026-3490	picklescan – Universal Blocklist Bypass via pkgutil.resolve_name_CVE-2026-3490 picklescan before 1.0.4 fails to block pkgutil.resolve_name, allowing attackers to bypass the entire blocklist by resolving any dangerous function ...	picklescan	picklescan	Jun 17, 2026	CVE
MEDIUM 5.7	CVE-2026-35069	CVE-2026-35069_CVE-2026-35069 Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') v...	Dell	PowerFlex	Jun 17, 2026	CVE
LOW 3.5	CVE-2026-35068	CVE-2026-35068_CVE-2026-35068 Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') v...	Dell	PowerFlex	Jun 17, 2026	CVE
HIGH 7.8	CVE-2026-32652	CVE-2026-32652_CVE-2026-32652 Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access c...	Dell	AIOps	Jun 17, 2026	CVE
MEDIUM 6	CVE-2026-20246	Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability_CVE-2026-20246 A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an aff...	Cisco	Cisco Umbrella Insights Virtual Appliance 2.6.0	Jun 17, 2026	CVE
MEDIUM 6.3	CVE-2026-20220	Cisco Crosswork Network Controller Remote Code Execution Vulnerability_CVE-2026-20220 A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to e...	Cisco	Cisco Crosswork Network Change Automation 3.0.0	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-20190	Cisco Identity Services Engine Information Disclosure Vulnerability_CVE-2026-20190 A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. Th...	Cisco	Cisco Identity Services Engine Software 3.4.0	Jun 17, 2026	CVE
CRITICAL 9.1	CVE-2026-20181	Cisco Identity Services Engine Remote Code Execution Vulnerability_CVE-2026-20181 A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating sy...	Cisco	Cisco Identity Services Engine Software 3.1.0	Jun 17, 2026	CVE