HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.4	CVE-2025-7032	Rockwell Automation Stack-based Buffer Overflow In Arena® Simulation_CVE-2025-7032 A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end o...	Rockwell Automation	Arena® Simulation 16.20.09 and prior	Aug 5, 2025	CVE
HIGH 8.4	CVE-2025-7025	Rockwell Automation Heap-based Buffer Overflow In Arena® Simulation_CVE-2025-7025 A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end o...	Rockwell Automation	Arena® Simulation 16.20.09 and prior	Aug 5, 2025	CVE
HIGH 7.5	CVE-2025-29745	CVE-2025-29745_CVE-2025-29745 A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 ha...	n/a	n/a n/a	Aug 5, 2025	CVE
HIGH 7.4	CVE-2025-43979	CVE-2025-43979_CVE-2025-43979 An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN that allows authenticated attackers to execute arbitrary OS system commands ...	n/a	n/a n/a	Aug 5, 2025	CVE
HIGH 7.1	CVE-2025-7674	navify Monitoring API input validation_CVE-2025-7674 Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker to manipulate input data, which may lead to a den...	Roche Diagnostics	navify Monitoring	Aug 5, 2025	CVE
HIGH 8.6	CVE-2025-54254	Adobe Experience Manager \| Improper Restriction of XML External Entity Reference (‘XXE’) (CWE-611)_CVE-2025-54254 Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability...	Adobe	Adobe Experience Manager	Aug 5, 2025	CVE
HIGH 7.4	CVE-2025-43978	CVE-2025-43978_CVE-2025-43978 Jointelli 5G CPE 21H01 firmware JY_21H01_A3_v1.36 devices allow (blind) OS command injection. Multiple endpoints are vulnerable, including /ubus/?f...	n/a	n/a n/a	Aug 5, 2025	CVE
HIGH 7.7	CVE-2025-53534	RatPanel can perform remote command execution without authorization_CVE-2025-53534 RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path ...	tnb-labs	panel >= 2.3.19, < 2.5.6	Aug 5, 2025	CVE
HIGH 8.7	CVE-2025-54125	XWiki Platform: Password and email exposure in xml.vm fields_CVE-2025-54125 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki P...	xwiki	xwiki-platform >= 1.1, < 16.4.7	Aug 5, 2025	CVE
HIGH 7.1	CVE-2025-54124	XWiki Platform: Any user with editing rights can access password properties through Database List Properties_CVE-2025-54124 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki P...	xwiki	xwiki-platform >= 9.8-rc-1, < 16.4.7	Aug 5, 2025	CVE