LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.7	CVE-2025-67806	CVE-2025-67806_CVE-2025-67806 The login mechanism of Sage DPW 2021_06_004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts ...	n/a	n/a n/a	Apr 1, 2026	CVE
LOW 2	CVE-2026-5310	Enter Software Iperius Backup IperiusAccounts.ini hard-coded key_CVE-2026-5310 A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. This impacts an unknown function of the file IperiusAccounts.ini. Such...	Enter Software	Iperius Backup 8.7.0	Apr 1, 2026	CVE
LOW 2.3	CVE-2026-5199	Cross Namespace Access via Batch Operation_CVE-2026-5199 A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cl...	Temporal Technologies, Inc.	temporal 1.29.0	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34518	AIOHTTP: Cookie and Proxy-Authorization headers leaked on cross-origin redirect_CVE-2026-34518 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different or...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34517	AIOHTTP: Late size enforcement for non-file multipart fields causes memory DoS_CVE-2026-34517 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp re...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34514	AIOHTTP: CRLF injection in multipart part content type header construction_CVE-2026-34514 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type ...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34513	AIOHTTP: Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector_CVE-2026-34513 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in exc...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34520	AIOHTTP: C parser (llhttp) accepts null bytes and control characters in response header values – header injection / security bypass_CVE-2026-34520 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most install...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34519	AIOHTTP: HTTP response splitting via \r in reason phrase_CVE-2026-34519 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parame...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE
LOW 3.1	CVE-2026-2475	Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access_CVE-2026-2475 IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Acc...	IBM	Verify Identity Access Container 11.0	Apr 1, 2026	CVE