category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-40079	Cacti: Command Injection via escape_command() no-op in RRDtool execution_CVE-2026-40079 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Command Injection due to lack of sa...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
HIGH 7.6	CVE-2026-39951	Cacti: Stored SQL Injection via graph_name_regexp in Reports feature_CVE-2026-39951 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through gra...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
HIGH 7.3	CVE-2026-7539	HP Dock Accessory WMI Provider Installer Security Update_CVE-2026-7539 A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow e...	HP Inc.	HP Dock Accessory	Jun 24, 2026	CVE
MEDIUM 5.4	CVE-2026-52816	Gogs: Unauthenticated Jupyter Notebook (ipynb) Sanitizer allows arbitrary data: URIs leading to XSS_CVE-2026-52816 Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook (ipynb) sanitizer endpoint at POST /-/api/sanitize_ipynb allo...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2026-52815	Gogs: Unauthenticated Organization Teams Information Disclosure via API_CVE-2026-52815 Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs has an unauthenticated information disclosure vulnerability. The GET /api/v1/...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2026-52814	Gogs: Unauthenticated Asymmetric Denial of Service (DoS) via SSH Handshake Stall (File Descriptor Exhaustion)_CVE-2026-52814 Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric De...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-52807	Gogs: DOM-based XSS via Milestone Name on New Issue Page_CVE-2026-52807 Gogs is an open source self-hosted Git service. Prior to 0.14.3, in new_form.tmpl, milestone names are rendered with Go's default auto-escaping ({{...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
CRITICAL 9.9	CVE-2026-52806	Gogs: RCE via git rebase –exec argument injection in pull request merge_CVE-2026-52806 Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs allows authenticated users to achieve Remote Code Execution (RCE) on the serv...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
HIGH 8.7	CVE-2026-52805	Gogs: Migration Redirect Bypass Leads to Internal Repository Theft_CVE-2026-52805 Gogs is an open source self-hosted Git service. Prior to 0.14.3, a Server-Side Request Forgery (SSRF) vulnerability exists in the repository migrat...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2026-52804	Gogs: Privilege Escalation via Collaboration Access Mode Validation_CVE-2026-52804 Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can escalate their privileges to owner-level acces...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE