packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	PACKETSTORM:222183	📄 strongSwan 5.9.13 Buffer Overflow_PACKETSTORM:222183 strongSwan version 5.9.13 suffers from a pre-authentication heap buffer overflow vulnerability...	N/A	N/A	May 29, 2026	PACKETSTORM
HIGH 7.6	PACKETSTORM:222199	📄 MikroORM 7.0.13 SQL Injection_PACKETSTORM:222199 MikroORM version 7.0.13 suffers from a remote SQL injection vulnerability...	N/A	N/A	May 29, 2026	PACKETSTORM
NONE	PACKETSTORM:222182	📄 strongSwan 5.9.13 Denial of Service_PACKETSTORM:222182 strongSwan version 5.9.13 suffers from a denial of service vulnerability...	N/A	N/A	May 29, 2026	PACKETSTORM
MEDIUM 6.1	PACKETSTORM:222116	📄 WebFileSys 2.31.1 Cross Site Scripting_PACKETSTORM:222116 WebFileSys version 2.31.1 suffers from multiple cross site scripting vulnerabilities...	N/A	N/A	May 28, 2026	PACKETSTORM
CRITICAL 9.1	PACKETSTORM:222045	📄 Windows Shell LNK Spoofing / NTLMv2 Hash Capture_PACKETSTORM:222045 A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv2 hashes without user interaction. By crafting a malicio...	N/A	N/A	May 27, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:221985	📄 WordPress Supsystic Contact Form 1.7.36 Server-Side Template Injection_PACKETSTORM:221985 This Metasploit module is for WordPress Supsystic Contact Form plugin versions 1.7.36 and below. The plugin suffers from a server-side template inj...	N/A	N/A	May 26, 2026	PACKETSTORM
HIGH 7.1	PACKETSTORM:221996	📄 ZTE ZXHN H188A V6 Authentication Bypass_PACKETSTORM:221996 Unauthenticated requests to the root path of ZTE ZXHN H188A V6 firmware can reach pre-login wizard handlers and disclose WLAN PSKs, SSIDs, and PPPo...	N/A	N/A	May 26, 2026	PACKETSTORM
MEDIUM 6.5	PACKETSTORM:221998	📄 ZTE ZXHN H168N 3.5 Credential Disclosure_PACKETSTORM:221998 The ZTE ZXHN H168N V3.5 firmware exposes quick-setup wizard endpoints that return PPPoE credentials ADUsername, VDUsername and the WLAN KeyPassphra...	N/A	N/A	May 26, 2026	PACKETSTORM
HIGH 7.5	PACKETSTORM:221997	📄 ZTE ZXHN H298A / H108N Credential Disclosure_PACKETSTORM:221997 A single unauthenticated HTTP GET to /getpage.lua?pid=1000&ETHCheat=1 on ZTE H298A or H108N routers returns the live administrator password OBJUSER...	N/A	N/A	May 26, 2026	PACKETSTORM
CRITICAL 9.3	PACKETSTORM:221993	📄 Sparx Pro Cloud Server 6.1 / Sparx Enterprise Architect 17.1 SQL Injection_PACKETSTORM:221993 Multiple vulnerabilities in Sparx Pro Cloud Server PCS versions 6.1 and below and Sparx Enterprise Architect versions 17.1 and below allow a remote...	N/A	N/A	May 26, 2026	PACKETSTORM