Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-11344	code-projects Vehicle Management System New Driver Registration Form newdriver.php unrestricted upload_CVE-2026-11344 A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the compone...	code-projects	Vehicle Management System 1.0	Jun 5, 2026	CVE
MEDIUM 6.9	CVE-2026-11342	code-projects Hotel and Tourism Reservation System details.php sql injection_CVE-2026-11342 A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php...	code-projects	Hotel and Tourism Reservation System 1.0	Jun 5, 2026	CVE
MEDIUM 5.3	CVE-2026-11341	D-Link DWR-M920 formIMEISetup sub_412DA0 os command injection_CVE-2026-11341 A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_412DA0 of the file /boafrm/formIMEISetup. This mani...	D-Link	DWR-M920 1.1.0	Jun 5, 2026	CVE
HIGH 8.6	CVE-2026-50733	Markdown Preview Enhanced Arbitrary Code Execution via WaveDrom eval()_CVE-2026-50733 Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowing arbitrary JavaScrip...	shd101wyy	Markdown Preview Enhanced	Jun 5, 2026	CVE
HIGH 8.6	CVE-2026-49493	Markdown Preview Enhanced Arbitrary Code Execution via Bitfield interpretJS()_CVE-2026-49493 Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS(), which evaluates the block content as code via vm.run...	shd101wyy	Markdown Preview Enhanced	Jun 5, 2026	CVE
HIGH 8.6	CVE-2026-49492	Markdown Preview Enhanced OS Command Injection in External File and Link Opening_CVE-2026-49492 Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs take...	shd101wyy	Markdown Preview Enhanced	Jun 5, 2026	CVE
CRITICAL 9	CVE-2026-45750	Termix Vulnerable to Arbitrary Command Execution in File Manager_CVE-2026-45750 Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/...	Termix-SSH	Termix < 2.3.2	Jun 5, 2026	CVE
HIGH 8.1	CVE-2026-45749	Termix’s TOTP two-factor authentication can be disabled or bypassed using only the account password_CVE-2026-45749 Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The `POST /users/totp/disable` and `P...	Termix-SSH	Termix < 2.3.2	Jun 5, 2026	CVE
CRITICAL 9.8	CVE-2026-45748	Termix Vulnerable to Remote Code Execution via SSH Tunnel Forward Command Injection_CVE-2026-45748 Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The `POST /ssh/tunnel/connect` endpoi...	Termix-SSH	Termix < 2.3.2	Jun 5, 2026	CVE
CRITICAL 9	CVE-2026-45746	Termix Vulnerable to Arbitrary Command Execution via Session Hijacking_CVE-2026-45746 Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the File Mana...	Termix-SSH	Termix < 2.3.2	Jun 5, 2026	CVE