LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.4	CVE-2025-30750	CVE-2025-30750_CVE-2025-30750 {“lastseen”:””,”description”:””,”published”:”2025-07-15T19:27:29.147Z”,&#82...	Oracle Corporation	Oracle Database Server 19.3	Jul 15, 2025	CVE
LOW 2.4	CVE-2025-52687	JavaScript Injection Vulnerability in the OmniAccess Stellar Web Management Interface_CVE-2025-52687 Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaSc...	Alcatel-Lucent	OmniAccess Stellar AP1100 AWOS versions 5.0.2 GA and earlier	Jul 16, 2025	CVE
LOW 2.4	CVE-2025-53840	Icinga DB Web Exposure of Sensitive Information to an Unauthorized Actor vulnerability_CVE-2025-53840 Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icin...	Icinga	icingadb-web >= 1.2.0, < 1.2.2	Jul 16, 2025	CVE
LOW 1.3	CVE-2025-53904	The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability_CVE-2025-53904 The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/admin.js` contains code that could make ...	The-Scratch-Channel	the-scratch-channel.github.io <= b66a1cae45e05ad8971aecd96c3322520f8a5725	Jul 16, 2025	CVE
LOW 3.4	CVE-2025-7339	on-headers vulnerable to http response header manipulation_CVE-2025-7339 on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `	jshttp	on-headers	Jul 17, 2025	CVE
LOW 2.2	CVE-2025-6227	Invite token is used as part of the secure communication_CVE-2025-6227 Mattermost versions 10.5.x	Mattermost	Mattermost 10.5.0	Jul 18, 2025	CVE
LOW 3.5	CVE-2025-53901	Wasmtime has host panic with `fd_renumber` WASIp1 function_CVE-2025-53901 Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import...	bytecodealliance	wasmtime < 24.0.4	Jul 18, 2025	CVE
LOW 2.3	CVE-2025-7882	Mercusys MW301R Login excessive authentication_CVE-2025-7882 A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been rated as problematic. This issue affects some unknown proce...	Mercusys	MW301R 1.0.2 Build 190726 Rel.59423n	Jul 20, 2025	CVE
LOW 3.1	CVE-2025-8713	PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table_CVE-2025-8713 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user t...	n/a	PostgreSQL 17	Aug 14, 2025	CVE
LOW 3.7	CVE-2025-54352	CVE-2025-54352_CVE-2025-54352 WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Suppli...	WordPress	WordPress 3.5	Jul 21, 2025	CVE