HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2025-54441	CVE-2025-54441_CVE-2025-54441 Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects Ma...	Samsung Electronics	MagicINFO 9 Server 21.1080.0	Jul 23, 2025	CVE
HIGH 8.8	CVE-2025-54439	CVE-2025-54439_CVE-2025-54439 Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects Ma...	Samsung Electronics	MagicINFO 9 Server 21.1080.0	Jul 23, 2025	CVE
HIGH 8.1	CVE-2025-31701	CVE-2025-31701_CVE-2025-31701 A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious p...	Dahua	IPC Affected products include certain models from the IPC-1XXX, IPC-2XXX, IPC-WX, and IPC-ECXX series, and limited to versions which build time before April 16, 2025.	Jul 23, 2025	CVE
HIGH 8.1	CVE-2025-31700	CVE-2025-31700_CVE-2025-31700 A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious p...	Dahua	IPC Affected products include certain models from the IPC-1XXX, IPC-2XXX, IPC-WX, and IPC-ECXX series, and limited to versions which build time before April 16, 2025.	Jul 23, 2025	CVE
HIGH 8.8	CVE-2025-41684	Weidmueller: Root Command Injection via Unsanitized Input in tls_iotgen_setting Endpoint_CVE-2025-41684 An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user...	Weidmueller	IE-SR-2TX-WL V0.0	Jul 23, 2025	CVE
HIGH 8.8	CVE-2025-41683	Weidmueller: Root Command Injection via Unsanitized Input in event_mail_test Endpoint_CVE-2025-41683 An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user...	Weidmueller	IE-SR-2TX-WL V0.0	Jul 23, 2025	CVE
HIGH 7	CVE-2025-54297	Extension – compojoom.com – Stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla_CVE-2025-54297 A stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla was discovered.	compojoom.com	CComment component for Joomla 5.0.0-6.1.14	Jul 23, 2025	CVE
HIGH 7	CVE-2025-54296	Extension – mooj.org – Stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla_CVE-2025-54296 A stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla was discovered.	mooj.org	ProFiles component for Joomla 1.0-1.5.0	Jul 23, 2025	CVE
HIGH 8.5	CVE-2025-50127	Extension – dj-extensions.com – SQLi vulnerability in DJ-Flyer component 1.0-3.2 for Joomla_CVE-2025-50127 A SQLi vulnerability in DJ-Flyer component 1.0-3.2 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands.	dj-extensions.com	DJ-Flyer component for Joomla 1.0-3.2	Jul 23, 2025	CVE
HIGH 7.3	CVE-2025-40596	CVE-2025-40596_CVE-2025-40596 A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (...	SonicWall	SMA 100 Series 10.2.1.15-81sv and earlier versions	Jul 23, 2025	CVE