metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	MSF:EXPLOIT-LINUX-	Invoice Ninja unauthenticated PHP Deserialization Vulnerability_MSF:EXPLOIT-LINUX-HTTP-INVOICENINJA_UNAUTH_RCE_CVE_2024_55555- Invoice Ninja is a free invoicing software for small businesses, based on the PHP framework Laravel. A Remote Code Execution vulnerabilit...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 10	MSF:EXPLOIT-LINUX-	RaspberryMatic unauthenticated Remote Code Execution vulnerability through HMServer File Upload._MSF:EXPLOIT-LINUX-HTTP-RASPBERRYMATIC_UNAUTH_RCE_CVE_2024_24578- RaspberryMatic / OCCU contains a unauthenticated remote code execution (RCE) vulnerability, caused by multiple issues within the Java...	N/A	N/A	Aug 29, 2025	METASPLOIT
HIGH 8.6	MSF:EXPLOIT-LINUX-	Pandora FMS authenticated command injection leading to RCE via chromium_path or phantomjs_bin_MSF:EXPLOIT-LINUX-HTTP-PANDORA_FMS_AUTH_RCE_CVE_2024_12971- Pandora FMS is a monitoring solution that provides full observability for your organization's technology. This module...	N/A	N/A	Aug 29, 2025	METASPLOIT
HIGH 8.8	MSF:EXPLOIT-LINUX-	Netdata ndsudo privilege escalation_MSF:EXPLOIT-LINUX-LOCAL-NDSUDO_CVE_2024_32019- The ndsudo is a tool shipped with Netdata Agent. The version v1.45.0 and...	N/A	N/A	Aug 29, 2025	METASPLOIT
HIGH 8.8	MSF:EXPLOIT-MULTI-	CmsMadeSimple Authenticated File Manager RCE_MSF:EXPLOIT-MULTI-HTTP-CMSMS_FILE_MANAGER_AUTH_RCE- CMS Made Simple <= v2.2.21 allows an authenticated administrator to upload files with the .phar or .phtml extensions, enabling executi...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	Langflow AI RCE_MSF:EXPLOIT-MULTI-HTTP-LANGFLOW_UNAUTH_RCE_CVE_2025_3248- Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. ...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 9.9	MSF:EXPLOIT-MULTI-	pgAdmin Query Tool authenticated RCE (CVE-2025-2945)_MSF:EXPLOIT-MULTI-HTTP-PGADMIN_QUERY_TOOL_AUTHENTICATED- This module exploits a vulnerability in pgAdmin where an authenticated user can establish a connection to the query tool ...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	Oracle Access Manager unauthenticated Remote Code Execution_MSF:EXPLOIT-MULTI-HTTP-ORACLE_ACCESS_MANAGER_RCE_CVE_2021_35587- This module exploits an unauthenticated deserialization of untrusted data vulnerability in the OpenSSO Agent component of...	N/A	N/A	Aug 29, 2025	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	Tomcat Partial PUT Java Deserialization_MSF:EXPLOIT-MULTI-HTTP-TOMCAT_PARTIAL_PUT_DESERIALIZATION- This module exploits a Java deserialization vulnerability in Apache Tomcat's session restoration functionality that can be exploited...	N/A	N/A	Aug 29, 2025	METASPLOIT
NONE	MSF:EXPLOIT-MULTI-	Periodic Script Persistence_MSF:EXPLOIT-MULTI-LOCAL-PERIODIC_SCRIPT_PERSISTENCE- This module will achieve persistence by writing a script to the /etc/periodic directory. According to The Art of Mac Malware no such malw...	N/A	N/A	Aug 29, 2025	METASPLOIT