LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.9	CVE-2025-68932	FreshRSS has weak cryptographic randomness in remember-me token and nonce generation_CVE-2025-68932 FreshRSS is a free, self-hostable RSS aggregator. Prior to version 1.28.0, FreshRSS uses cryptographically weak random number generators (mt_rand()...	FreshRSS	FreshRSS < 1.28.0	Dec 26, 2025	CVE
LOW 3.1	CVE-2025-36229	Exposure of Sensitive System Information to an Unauthorized Control Sphere in IBM Aspera Faspex_CVE-2025-36229 IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive information of data due by enumerating package id...	IBM	Aspera Faspex 5 5.0.0	Dec 26, 2025	CVE
LOW 3.8	CVE-2025-36228	Incorrect Execution-Assigned Permissions in IBM Aspera Faspex_CVE-2025-36228 IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access fe...	IBM	Aspera Faspex 5 5.0.0	Dec 26, 2025	CVE
LOW 3.1	CVE-2025-68940	CVE-2025-68940_CVE-2025-68940 In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request.	Gitea	Gitea	Dec 26, 2025	CVE
LOW 1	CVE-2025-15083	TOZED ZLT M30s UART on-chip debug and test interface with improper access control_CVE-2025-15083 A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing...	TOZED	ZLT M30s 1.0	Dec 25, 2025	CVE
LOW 2.3	CVE-2025-15084	youlaitech youlai-mall Order Payment OrderController.java orderService.payOrder access control_CVE-2025-15084 A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-o...	youlaitech	youlai-mall 1.0.0	Dec 25, 2025	CVE
LOW 2.2	CVE-2025-57840	Privilege Bypass in ADB_CVE-2025-57840 ADB(Android Debug Bridge) is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability.	Honor	Magic OS Magic OS	Dec 24, 2025	CVE
LOW 3.3	CVE-2025-14421	pdfforge PDF Architect PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability_CVE-2025-14421 pdfforge PDF Architect PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disc...	pdfforge	PDF Architect 9.1.74.23030	Dec 23, 2025	CVE
LOW 3.3	CVE-2025-14411	Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability_CVE-2025-14411 Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose s...	Soda PDF	Desktop 14.0.509.23030	Dec 23, 2025	CVE
LOW 3.3	CVE-2025-14410	Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability_CVE-2025-14410 Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose s...	Soda PDF	Desktop 14.0.506.23016	Dec 23, 2025	CVE