category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-46611	Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack_CVE-2026-46611 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s, implemented in glances/ser...	nicolargo	glances < 4.5.5	Jun 25, 2026	CVE
HIGH 7.4	CVE-2026-46608	Glances: XML-RPC Multi-Origin CORS Configuration Silently Falls Back to Wildcard (Incomplete Fix for CVE-2026-33533)_CVE-2026-46608 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s) introduced a configurable ...	nicolargo	glances < 4.5.5	Jun 25, 2026	CVE
HIGH 7.8	CVE-2026-46607	Glances: Insecure Pickle Deserialization in Version Cache Leads to Arbitrary Code Execution_CVE-2026-46607 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load() to read a version-check cac...	nicolargo	glances < 4.5.5	Jun 25, 2026	CVE
HIGH 7.8	CVE-2026-46606	Glances: Command Injection via KVM/QEMU VM Domain Names in glances/plugins/vms/engines/virsh.py_CVE-2026-46606 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances KVM/QEMU monitoring engine (glances/plugins/vms/engine...	nicolargo	glances < 4.5.5	Jun 25, 2026	CVE
HIGH 8.4	CVE-2026-12921	Use after free in AzeoTech DAQFactory_CVE-2026-12921 In AzeoTech DAQFactory versions 21.1 and prior, a Use After Free vulnerability can be exploited by an attacker using specially crafted .ctl files w...	AzeoTech	DAQFactory	Jun 25, 2026	CVE
HIGH 8.4	CVE-2026-12897	Out-of-bounds read in Horner Automation Cscape_CVE-2026-12897 Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exp...	Horner Automation	Cscape	Jun 25, 2026	CVE
HIGH 7.5	CVE-2025-61028	CVE-2025-61028_CVE-2025-61028 An issue in the time_t_to_dt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL ...	n/a	n/a n/a	Jun 23, 2026	CVE
MEDIUM 5.5	CVE-2025-60468	CVE-2025-60468_CVE-2025-60468 GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a d...	n/a	n/a n/a	Jun 24, 2026	CVE
HIGH 7.5	CVE-2025-60474	CVE-2025-60474_CVE-2025-60474 A buffer overflow in the gf_media_import function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Den...	n/a	n/a n/a	Jun 24, 2026	CVE
HIGH 7.5	CVE-2025-60467	CVE-2025-60467_CVE-2025-60467 A use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attac...	n/a	n/a n/a	Jun 24, 2026	CVE