LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2025-69270	Spectrum session token in URL_CVE-2025-69270 Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.T...	Broadcom	DX NetOps Spectrum 24.3.8 and earlier	Jan 12, 2026	CVE
LOW 2.3	CVE-2025-69276	Spectrum insecure deserialiation_CVE-2025-69276 Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetO...	Broadcom	DX NetOps Spectrum 24.3.13 and earlier	Jan 12, 2026	CVE
LOW 2.3	CVE-2025-69274	Spectrum broken authorization scheme_CVE-2025-69274 Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This is...	Broadcom	DX NetOps Spectrum 24.3.10 and earlier	Jan 12, 2026	CVE
LOW 3.7	CVE-2026-22611	AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value_CVE-2026-22611 AWS SDK for .NET works with Amazon Web Services to help build scalable solutions with Amazon S3, Amazon DynamoDB, Amazon Glacier, and more. From ve...	aws	aws-sdk-net >= 4.0.0, < 4.0.3.3	Jan 10, 2026	CVE
LOW 2.7	CVE-2026-22691	pypdf has possible long runtimes for malformed startxref_CVE-2026-22691 pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for malformed startxref. An attac...	py-pdf	pypdf < 6.6.0	Jan 10, 2026	CVE
LOW 2.7	CVE-2026-22690	pypdf has possible long runtimes for missing /Root object with large /Size values_CVE-2026-22690 pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with lar...	py-pdf	pypdf < 6.6.0	Jan 10, 2026	CVE
LOW 3.5	CVE-2026-22602	OpenProject is Vulnerable to User Enumeration via User ID_CVE-2026-22602 OpenProject is an open-source, web-based project management software. Prior to version 16.6.2, a low‑privileged logged-in user can view the full na...	opf	openproject < 16.6.2	Jan 10, 2026	CVE
LOW 3.5	CVE-2025-62487	Under certain configurations, file artifacts uploaded to the Dossier and Slides apps did not inherit security markings of their parent artifact. This lack of security markings could lead to unintended access to the uploaded files._CVE-2025-62487 ### Details On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the...	Palantir	com.palantir.acme:gotham-default-apps-bundle 100.30251002.0	Jan 9, 2026	CVE
LOW 2.7	CVE-2025-46676	CVE-2025-46676_CVE-2025-46676 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release versio...	Dell	PowerProtect Data Domain with Data Domain Operating System (DD OS) Feature Release 7.7.1.0	Jan 9, 2026	CVE
LOW 2.3	CVE-2025-46643	CVE-2025-46643_CVE-2025-46643 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release versio...	Dell	PowerProtect Data Domain with Data Domain Operating System (DD OS) Feature Release 7.7.1.0	Jan 9, 2026	CVE