LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 1.8	CVE-2025-54080	Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file_CVE-2025-54080 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read w...	Exiv2	exiv2 < 0.28.6	Aug 29, 2025	CVE
LOW 1.8	CVE-2025-55304	Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata_CVE-2025-55304 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was...	Exiv2	exiv2 < 0.28.6	Aug 29, 2025	CVE
LOW 2.3	CVE-2025-9071	Insecure RSA-OAEP implementation with all-zero seed for padding in Oberon PSA Crypto_CVE-2025-9071 Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto librar...	Oberon microsystems AG	Oberon PSA Crypto 1.0.0	Aug 29, 2025	CVE
LOW 2.4	CVE-2025-51643	CVE-2025-51643_CVE-2025-51643 Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is accessible without authentication or tamper protection....	n/a	n/a n/a	Aug 28, 2025	CVE
LOW 2	CVE-2025-9589	Cudy WR1200EA shadow default password_CVE-2025-9589 A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulat...	Cudy	WR1200EA 2.3.7-20250113-121810	Aug 28, 2025	CVE
LOW 2	CVE-2025-9577	TOTOLINK X2000R Administrative shadow.sample default credentials_CVE-2025-9577 A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of t...	TOTOLINK	X2000R 2.0	Aug 28, 2025	CVE
LOW 2	CVE-2025-9576	seeedstudio ReSpeaker Administrative shadow default credentials_CVE-2025-9576 A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Admini...	seeedstudio	ReSpeaker LinkIt7688	Aug 28, 2025	CVE
LOW 3.7	CVE-2025-55212	ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry “:” leads to crash_CVE-2025-55212 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a g...	ImageMagick	ImageMagick < 7.1.2-2	Aug 26, 2025	CVE
LOW 2	CVE-2025-9474	Mihomo Party Socket sysproxy.ts enableSysProxy temp file_CVE-2025-9474 A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of ...	Mihomo	Party 1.8.0	Aug 26, 2025	CVE
LOW 3.8	CVE-2025-3456	On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-c_CVE-2025-3456 On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting...	Arista Networks	EOS 4.34.0F	Aug 25, 2025	CVE