packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	PACKETSTORM:212666	📄 is-localhost-ip 2.0.0 Restriction Bypass_PACKETSTORM:212666 is-localhost-ip version 2.0.0 suffers from a restriction bypass vulnerability...	N/A	N/A	Dec 10, 2025	PACKETSTORM
NONE	PACKETSTORM:212667	📄 Palo Alto Deep Packet Inspection Information Disclosure_PACKETSTORM:212667 Proof of concept code for Palo Alto deep packet inspection data exfiltration issues that appear to affect PanOS up to version 11.2.0...	N/A	N/A	Dec 10, 2025	PACKETSTORM
HIGH 7.5	PACKETSTORM:212662	📄 Arista NGFW 17.3.1 Information Disclosure Scanner_PACKETSTORM:212662 This is a proof of concept testing script for an information disclosure vulnerability in Arista NGFW version 17.3.1...	N/A	N/A	Dec 10, 2025	PACKETSTORM
HIGH 7.4	PACKETSTORM:212670	📄 YOURLS 1.8.2 SQL Injection_PACKETSTORM:212670 Proof of concept for a remote SQL injection vulnerability in YOURLS version 1.8.2...	N/A	N/A	Dec 10, 2025	PACKETSTORM
NONE	PACKETSTORM:212672	📄 Redash Authenticated Remote Command Execution_PACKETSTORM:212672 Redash’s default setup uses PostgreSQL superuser credentials for its primary data source. Because users can run SQL through Redash, any authenticat...	N/A	N/A	Dec 10, 2025	PACKETSTORM
NONE	PACKETSTORM:212669	📄 Zimbra Collaboration Suite Postjournal 10.1.0 Remote Code Execution_PACKETSTORM:212669 Proof of concept for a critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arb...	N/A	N/A	Dec 10, 2025	PACKETSTORM
CRITICAL 9.1	PACKETSTORM:212671	📄 Xorcom CompletePBX 5.2.35 Remote Code Execution_PACKETSTORM:212671 Xorcom CompletePBX suffers from an authenticated command injection vulnerability within the Task Scheduler subsystem. An attacker with valid supera...	N/A	N/A	Dec 10, 2025	PACKETSTORM
NONE	PACKETSTORM:212663	📄 Chromodo Browser 45.8.12.391 Same Origin Policy Weakness_PACKETSTORM:212663 This proof of concept demonstrates message passing between two browser windows when opened under the same logical context same origin. It affect Ch...	N/A	N/A	Dec 10, 2025	PACKETSTORM
HIGH 7.8	PACKETSTORM:212601	📄 Android 7 / 8 / 8.1 Pointer Disclosure_PACKETSTORM:212601 A flaw in Android's Binder IPC allowed applications to craft Parcels where binder-object metadata overlapped with string data. When unmarshalling, ...	N/A	N/A	Dec 9, 2025	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:212598	📄 Pluck 4.7.7-dev2 Remote Code Execution_PACKETSTORM:212598 Pluck version 4.7.7-dev2 suffers from a remote code execution vulnerability...	N/A	N/A	Dec 9, 2025	PACKETSTORM