LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.9	CVE-2025-67899	CVE-2025-67899_CVE-2025-67899 uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing man...	uriparser project	uriparser	Dec 14, 2025	CVE
LOW 2.4	CVE-2025-43410	CVE-2025-43410_CVE-2025-43410 The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2. An attacker with physic...	Apple	macOS unspecified	Dec 12, 2025	CVE
LOW 2.3	CVE-2025-14606	tiny-rdm Tiny RDM Pickle Decoding pickle_convert.go pickle.loads deserialization_CVE-2025-14606 A security vulnerability has been detected in tiny-rdm Tiny RDM up to 1.2.5. Affected by this vulnerability is the function pickle.loads of the fil...	tiny-rdm	Tiny RDM 1.2.0	Dec 13, 2025	CVE
LOW 3.7	CVE-2025-9218	rtMedia for WordPress, BuddyPress and bbPress 4.7.0 – 4.7.3 – Missing Authorization to Unauthenticated Information Disclosure via handle_rest_pre_dispatch Function_CVE-2025-9218 The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to to Information Disclosure due to missing authorization in t...	rtcamp	rtMedia for WordPress, BuddyPress and bbPress 4.7.0	Dec 13, 2025	CVE
LOW 2.4	CVE-2025-36755	CleverDisplay BlueOne unauthorized BIOS access through physical USB keyboard_CVE-2025-36755 The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating condition...	CleverDisplay B.V.	BlueOne (CleverDisplay Hardware Player) 12.11.1	Dec 12, 2025	CVE
LOW 2.4	CVE-2025-36744	SolarEdge SE3680H – Information Exposure during Bootloader Loop_CVE-2025-36744 SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and w...	SolarEdge	SE3680H 4.0	Dec 12, 2025	CVE
LOW 3.1	CVE-2025-67737	AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE_CVE-2025-67737 AzuraCast is a self-hosted, all-in-one web radio management suite. Versions 0.23.1 mistakenly include an API endpoint that is intended for internal...	AzuraCast	AzuraCast < 0.23.2	Dec 12, 2025	CVE
LOW 3.5	CVE-2025-10583	WP Fastest Cache Premium <= 1.7.4 - Missing Authorization to Authenticated (Subscriber+) Blind Server-Side Request Forgery_CVE-2025-10583 The WP Fastest Cache plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.7.4 via the 'get_ser...	emrevona	WP Fastest Cache *	Dec 12, 2025	CVE
LOW 3.8	TALOSBLOG:8C532...	One newsletter to rule them all_TALOSBLOG:8C53275514D317A5AF6D467F6EE32FA8 ![One newsletter to rule them all](https://blog.talosintelligence.com/content/images/2025/12/threat-source-newsletter-1.jpg) Welcome to this week'...	N/A	N/A	Dec 11, 2025	TALOSBLOG
LOW 3.3	CVE-2025-55307	CVE-2025-55307_CVE-2025-55307 An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaSc...	n/a	n/a n/a	Dec 11, 2025	CVE