LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2025-58160	Tracing logging user input may result in poisoning logs with ANSI escape sequences_CVE-2025-58160 tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-...	tokio-rs	tracing < 0.3.20	Aug 29, 2025	CVE
LOW 1.9	CVE-2025-58156	Centurion ERP users can view hashed authentication tokens that belong to other users_CVE-2025-58156 Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all ...	nofusscomputing	centurion_erp >= 1.12.0, < 1.21.0	Aug 29, 2025	CVE
LOW 2.3	CVE-2025-30265	QTS, QuTS hero_CVE-2025-30265 A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they...	QNAP Systems Inc.	QTS 5.2.x	Aug 29, 2025	CVE
LOW 2.3	CVE-2025-44015	HybridDesk Station_CVE-2025-44015 A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit ...	QNAP Systems Inc.	HybridDesk Station 4.2.x	Aug 29, 2025	CVE
LOW 2.7	CVE-2025-55202	Opencast has a partial path traversal vulnerability in UI config_CVE-2025-55202 Opencast is a free, open-source platform to support the management of educational audio and video content. In version 18.0 and versions before 17.7...	opencast	opencast < 17.7	Aug 29, 2025	CVE
LOW 1.8	CVE-2025-54080	Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file_CVE-2025-54080 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read w...	Exiv2	exiv2 < 0.28.6	Aug 29, 2025	CVE
LOW 1.8	CVE-2025-55304	Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata_CVE-2025-55304 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was...	Exiv2	exiv2 < 0.28.6	Aug 29, 2025	CVE
LOW 2.3	CVE-2025-9071	Insecure RSA-OAEP implementation with all-zero seed for padding in Oberon PSA Crypto_CVE-2025-9071 Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto librar...	Oberon microsystems AG	Oberon PSA Crypto 1.0.0	Aug 29, 2025	CVE
LOW 2.4	CVE-2025-51643	CVE-2025-51643_CVE-2025-51643 Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is accessible without authentication or tamper protection....	n/a	n/a n/a	Aug 28, 2025	CVE
LOW 2	CVE-2025-9589	Cudy WR1200EA shadow default password_CVE-2025-9589 A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulat...	Cudy	WR1200EA 2.3.7-20250113-121810	Aug 28, 2025	CVE