category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-57875	GV-LPC2011/LPC2211 – unauthorized null pointer dereference vulnerability in packet parsing_CVE-2026-57875 An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC20...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57874	GV-LPC2011/LPC2211 – unauthorized buffer overflow vulnerability (IEEE8021x_upload.cgi)_CVE-2026-57874 An unauthenticated buffer overflow vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulne...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57873	GV-LPC2011/LPC2211 – unauthorized null pointer dereference vulnerability (IEEE8021x_upload.cgi)_CVE-2026-57873 An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. ...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57872	GV-LPC2011/LPC2211 – unauthorized directory traversal vulnerability (get_fcont.cgi)_CVE-2026-57872 An unauthenticated directory traversal vulnerability exists in get_fcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerab...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 8.3	CVE-2026-2053	Unauthenticated Server-Side Request Forgery via WS-Addressing in WSO2 API Manager_CVE-2026-2053 The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled in...	WSO2	WSO2 API Manager	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-1869	User Registration & Membership <= 5.2.0 - Missing Authorization to Unauthenticated Payment Bypass_CVE-2026-1869 The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Bu...	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-8797	CVE-2026-8797_CVE-2026-8797 An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary co...	NEC Corporation	ExpressUpdate Agent for Windows 3.24 and prior	Jun 26, 2026	CVE
MEDIUM 6.8	CVE-2026-13282	CVE-2026-13282_CVE-2026-13282 Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via ...	Google	Chrome 149.0.7827.201	Jun 25, 2026	CVE
MEDIUM 4.7	CVE-2026-50745	CVE-2026-50745_CVE-2026-50745 A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not fol...	Revive	Adserver	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2026-50744	CVE-2026-50744_CVE-2026-50744 A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID ...	Revive	Adserver	Jun 26, 2026	CVE