LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.3	CVE-2025-5496	Arbitrary File Deletion_CVE-2025-5496 ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletio...	Zohocorp	Endpoint Central	Oct 21, 2025	CVE
LOW 1	CVE-2025-8053	Insufficient access control vulnerability has been discovered in Opentext Flipper._CVE-2025-8053 Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Level...	opentext	Flipper 3.1.2	Oct 20, 2025	CVE
LOW 2.3	CVE-2025-8049	Insufficient Access Control vulnerability has been discovered in OpenText Flipper._CVE-2025-8049 Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Level...	opentext	Flipper 3.1.2	Oct 20, 2025	CVE
LOW 1	CVE-2025-8052	HQL Injection vulnerability has been discovered in Opentext Flipper._CVE-2025-8052 SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the dat...	opentext	Flipper 3.1.2	Oct 20, 2025	CVE
LOW 2.9	CVE-2025-57837	CVE-2025-57837_CVE-2025-57837 Tileservice module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.	Honor	FCP-AN10 8.0	Oct 20, 2025	CVE
LOW 2	CVE-2025-11947	bftpd Configuration File options.c expand_groups heap-based overflow_CVE-2025-11947 A weakness has been identified in bftpd up to 6.2. Impacted is the function expand_groups of the file options.c of the component Configuration File...	n/a	bftpd 6.0	Oct 19, 2025	CVE
LOW 2	CVE-2025-62653	Stored XSS through system messages in PollNY_CVE-2025-62653 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki Pol...	The Wikimedia Foundation	MediaWiki PollNY extension 1.39	Oct 17, 2025	CVE
LOW 2	CVE-2025-62654	Stored XSS through system messages in QuizGame_CVE-2025-62654 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki Qui...	The Wikimedia Foundation	MediaWiki QuizGame extension 1.39	Oct 17, 2025	CVE
LOW 2.1	CVE-2025-62655	SQL injection in Cargo via Special:CargoExport_CVE-2025-62655 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation MediaWiki Cargo exte...	The Wikimedia Foundation	MediaWiki Cargo extension 1.39	Oct 17, 2025	CVE
LOW 3.4	CVE-2025-62643	CVE-2025-62643_CVE-2025-62643 The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages.	Restaurant Brands International	assistant platform	Oct 17, 2025	CVE