LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.5	CVE-2025-67639	CVE-2025-67639_CVE-2025-67639 A cross-site request forgery (CSRF) vulnerability in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers to trick users into loggin...	Jenkins Project	Jenkins 2.541	Dec 10, 2025	CVE
LOW 1.9	CVE-2025-5467	Ubuntu Apport Insecure File Permissions Vulnerability_CVE-2025-5467 It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group owners...	Canonical	apport 2.20.11-0ubuntu82	Dec 10, 2025	CVE
LOW 3.5	CVE-2025-13127	XSS in TACAS Consulting’s GoldenHorn_CVE-2025-13127 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TAC Information Services Internal and ...	TAC Information Services Internal and External Trade Inc.	GoldenHorn	Dec 10, 2025	CVE
LOW 2.7	CVE-2025-14082	Keycloak-services: keycloak admin rest api: improper access control leads to sensitive role metadata information disclosure_CVE-2025-14082 A flaw was found in Keycloak Admin REST (Representational State Transfer) API. This vulnerability allows information disclosure of sensitive role m...	Red Hat	Red Hat Build of Keycloak	Dec 10, 2025	CVE
LOW 2.1	669316AC-3FCD-	Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Apple Mac_Os_X_669316AC-3FCD-51BA-AFA7-A33BEAE0CBCC CVE-1999-0524 A Bash script to check if systems are vulnerable to ICMP Timestamp Request Remote Date Disclosure CVE-1999-0524. How to use 1. Make s...	N/A	N/A	Dec 10, 2025	GITHUBEXPLOIT
LOW 3.7	CVE-2025-67500	Mastodon Error Handling Discrepancy Enables Private Status Existence Enumeration_CVE-2025-67500 Mastodon is a free, open-source social network server based on ActivityPub. Versions 4.2.27 and prior, 4.3.0-beta.1 through 4.3.14, 4.4.0-beta.1 th...	mastodon	mastodon < 4.2.28	Dec 9, 2025	CVE
LOW 3.3	CVE-2025-64787	Acrobat Reader \| Improper Verification of Cryptographic Signature (CWE-347)_CVE-2025-64787 Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification o...	Adobe	Acrobat Reader	Dec 9, 2025	CVE
LOW 3.3	CVE-2025-64786	Acrobat Reader \| Improper Verification of Cryptographic Signature (CWE-347)_CVE-2025-64786 Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification o...	Adobe	Acrobat Reader	Dec 9, 2025	CVE
LOW 2.4	CVE-2025-13743	Expired Personal Access Tokens (PATs) are recorded in Docker Desktop diagnostic logs_CVE-2025-13743 Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of lea...	Docker	Docker Desktop 4.51.0	Dec 9, 2025	CVE
LOW 3.5	CVE-2025-55123	CVE-2025-55123_CVE-2025-55123 Improper neutralization of input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes manager accounts to be able to craft XSS attacks to...	Revive	Revive Adserver 6	Nov 20, 2025	CVE