category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.4	CVE-2026-11356	Ivory Search <= 5.5.15 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_color' Settings_CVE-2026-11356 The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_c...	vinod-dalvi	Ivory Search – WordPress Search Plugin	Jun 27, 2026	CVE
MEDIUM 5.5	CVE-2025-59868	HCL Traveler for Microsoft Outlook (HTMO) is susceptible to sensitive data exposure_CVE-2025-59868 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit applic...	HCLSoftware	Traveler for Microsoft Outlook <3.0.15	Jun 27, 2026	CVE
HIGH 7.2	CVE-2026-56414	H.VIEW HV-500S6 IP Camera Unrestricted Upload of File with Dangerous Type_CVE-2026-56414 A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to store arbitrary file content to fixe...	H.VIEW	HV-500S6 IP Camera IPCAM_V4.06.88.251229	Jun 26, 2026	CVE
HIGH 7.2	CVE-2026-55975	H.VIEW HV-500S6 IP Camera OS Command Injection_CVE-2026-55975 A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate gen...	H.VIEW	HV-500S6 IP Camera IPCAM_V4.06.88.251229	Jun 26, 2026	CVE
CRITICAL 9.8	CVE-2026-28701	Daktronics Controller Firmware Path Traversal_CVE-2026-28701 Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and ...	Daktronics	VFC-DMP-5000	Jun 26, 2026	CVE
HIGH 8.1	CVE-2026-31928	Daktronics Controller Firmware Use of Hard-coded Credentials_CVE-2026-31928 The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed ...	Daktronics	VFC-DMP-5000	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-33560	Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type_CVE-2026-33560 The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users t...	Daktronics	VFC-DMP-5000	Jun 26, 2026	CVE
HIGH 7.8	CVE-2026-45195	GPU DDK – rgxfw_set_mips_fault_address(&psInit->sFaultPhysAddr) is untrusted_CVE-2026-45195 Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the...	Imagination Technologies	Graphics DDK 1.18 RTM	Jun 26, 2026	CVE
HIGH 7.7	CVE-2026-21734	GPU DDK – libusc OOB write at TreeRemove during WebGPU shader compilation_CVE-2026-21734 A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the G...	Imagination Technologies	Graphics DDK 1.18 RTM	Jun 26, 2026	CVE
HIGH 7.2	CVE-2026-13372	CVE-2026-13372_CVE-2026-13372 Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allo...	Devolutions	Remote Desktop Manager 2026.2.5	Jun 26, 2026	CVE