MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.3	CVE-2026-13748	Snowflake CLI Arbitrary Local File Read and Exfiltration Through Improper File Path Restriction_CVE-2026-13748 Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitte...	Snowflake	Snowflake CLI 0.2.2	Jun 29, 2026	CVE
MEDIUM 5.9	CVE-2026-13742	Lack of signature verification before execution of downloaded content_CVE-2026-13742 Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An atta...	Honeywell Technologies	IQ MultiAccess IQ.v27	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-13587	seladb PcapPlusPlus LightPcapNg light_pcapng.c parse_by_block_type heap-based overflow_CVE-2026-13587 A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the ...	seladb	PcapPlusPlus 25.05	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13581	Edimax EW-7478APC POST Request formStaDrvSetup os command injection_CVE-2026-13581 A vulnerability was detected in Edimax EW-7478APC 1.04. This vulnerability affects the function formStaDrvSetup of the file /goform/formStaDrvSetup...	Edimax	EW-7478APC 1.04	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-13437	CVE-2026-13437_CVE-2026-13437 Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user...	Devolutions	PowerShell Universal 2026.2.0	Jun 29, 2026	CVE
MEDIUM 6	CVE-2026-13752	Snowflake CLI SQL Injection Through Improper Neutralization of Parameters in Secret Creation and SPCS Service Log Commands_CVE-2026-13752 Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit this by s...	Snowflake	Snowflake CLI 1.1.0	Jun 29, 2026	CVE
MEDIUM 4.1	CVE-2026-13751	Snowflake CLI Server-Side Request Forgery via Arbitrary URL Fetch in !source/!load_CVE-2026-13751 Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement rea...	Snowflake	Snowflake CLI 3.6.0	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-13590	seladb PcapPlusPlus Modbus Protocol ModbusLayer.h getLength heap-based overflow_CVE-2026-13590 A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/he...	seladb	PcapPlusPlus 25.05	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-13589	seladb PcapPlusPlus Telnet Subnegotiation Packet TelnetLayer.cpp getSubCommand heap-based overflow_CVE-2026-13589 A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/Te...	seladb	PcapPlusPlus 25.05	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-13588	seladb PcapPlusPlus TLS Hello SSLHandshake.cpp getHandshakeVersion heap-based overflow_CVE-2026-13588 A vulnerability was determined in seladb PcapPlusPlus 25.05. The impacted element is the function pcpp::SSLClientHelloMessage::getHandshakeVersion ...	seladb	PcapPlusPlus 25.05	Jun 29, 2026	CVE