category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-41032	Phoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllers_CVE-2026-41032 It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information.	Phoenix Contact	CHARX SEC-3150 1.0.0	Jun 3, 2026	CVE
HIGH 8.8	CVE-2025-15656	WordPress School Management plugin <= 93.2.0 - Privilege Escalation vulnerability_CVE-2025-15656 Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from...	Mojoomla	School Management n/a	Jun 3, 2026	CVE
HIGH 7.6	CVE-2025-15655	WordPress School Management plugin <= 93.2.0 - SQL Injection vulnerability_CVE-2025-15655 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mojoomla School Management allows SQL Injecti...	Mojoomla	School Management n/a	Jun 3, 2026	CVE
HIGH 7.4	CVE-2025-14774	Communication analysis between the Card Reader and TP2CardReaderService daemon_CVE-2025-14774 Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.	ABB	T-MAC Plus 4.0-24	Jun 3, 2026	CVE
HIGH 8	CVE-2025-14773	Stored Cross-Site Scripting in ABB T-MAC Plus web application_CVE-2025-14773 Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plu...	ABB	T-MAC Plus 4.0-24	Jun 3, 2026	CVE
HIGH 8.8	CVE-2025-14772	Broken Access Control in ABB T-MAC Plus web application_CVE-2025-14772 Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.	ABB	T-MAC Plus 4.0-24	Jun 3, 2026	CVE
CRITICAL 9.9	CVE-2025-14771	File Disclosure in ABB T-MAC Plus web application and in ABB T-MAC plus Server – Default IIS Web Site_CVE-2025-14771 Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.	ABB	T-MAC Plus 4.0-24	Jun 3, 2026	CVE
LOW 2.3	CVE-2026-50052	CVE-2026-50052_CVE-2026-50052 In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request des...	The Vinyl Cache Project	Vinyl Cache 9.0.0	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-5078	morgan vulnerable to Log Forging via unneutralized control characters in :remote-user_CVE-2026-5078 Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to ...	morgan	morgan 1.2.0	Jun 3, 2026	CVE
HIGH 7.5	CVE-2026-50031	CVE-2026-50031_CVE-2026-50031 ipmi-oem in FreeIPMI before 1.16.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) spe...	FreeIPMI	FreeIPMI 0.7.12	Jun 3, 2026	CVE