LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.3	CVE-2025-25212	pasteboard has an improper input vulnerability_CVE-2025-25212 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input.	OpenHarmony	OpenHarmony v5.0.3	Aug 11, 2025	CVE
LOW 3.3	CVE-2025-27562	communication_dsoftbus has a missing release of memory vulnerability_CVE-2025-27562 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.	OpenHarmony	OpenHarmony v5.0.3	Aug 11, 2025	CVE
LOW 3.5	THN:8E6882EAF31...	Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation_THN:8E6882EAF31BB9C5BE174E1FE1B38EA7 ![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) Cybersecurity researchers ...	N/A	N/A	Aug 10, 2025	THN
LOW 3	CVE-2025-52136	CVE-2025-52136_CVE-2025-52136 In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that thi...	EMQX	EMQX	Aug 10, 2025	CVE
LOW 2	CVE-2025-8774	riscv-boom SonicBOOM L1 Data Cache timing discrepancy_CVE-2025-8774 A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown func...	riscv-boom	SonicBOOM 2.2.0	Aug 9, 2025	CVE
LOW 2.3	CVE-2025-8751	Protected Total WebShield Extension Block Page cross site scripting_CVE-2025-8751 A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. It has been classified as problematic. This affects an unkn...	Protected	Total WebShield Extension 3.0	Aug 9, 2025	CVE
LOW 3.7	CVE-2025-54999	OpenBao: Timing Side-Channel in Userpass Auth Method_CVE-2025-54999 OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In version...	openbao	openbao >= 0.1.0, < 2.3.2	Aug 9, 2025	CVE
LOW 2.7	CVE-2025-55188	CVE-2025-55188_CVE-2025-55188 7-Zip before 25.01 does not always properly handle symbolic links during extraction.	7-Zip	7-Zip	Aug 8, 2025	CVE
LOW 2.3	CVE-2025-8708	Antabot White-Jotter com.gm.wj.config.ShiroConfiguration ShiroConfiguration.java CookieRememberMeManager deserialization_CVE-2025-8708 A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeM...	Antabot	White-Jotter 0.22	Aug 8, 2025	CVE
LOW 3.5	CVE-2025-38746	CVE-2025-38746_CVE-2025-38746 Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A...	Dell	SupportAssist OS Recovery N/A	Aug 6, 2025	CVE