MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.2	CVE-2026-48104	GHSL-2026-120: 7-Zip SquashFS BlockToNode uninitialized heap read_CVE-2026-48104 7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive hand...	mcmilk	7-Zip >= 9.18, < 26.01	Jun 5, 2026	CVE
MEDIUM 4.3	CVE-2026-48103	GHSL-2026-119 7-Zip WIM SecurityId OOB read_CVE-2026-48103 7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM (Windo...	mcmilk	7-Zip >= 9.34, < 26.01	Jun 5, 2026	CVE
MEDIUM 5.3	CVE-2026-11339	D-Link DWR-M920 formUSSDSetup sub_41CF20 command injection_CVE-2026-11339 A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the file /boafrm/formUSSDSetup. Th...	D-Link	DWR-M920 1.1.0	Jun 5, 2026	CVE
MEDIUM 4.8	CVE-2026-11338	SourceCodester Ship Ferry Ticket Reservation System manage_user cross site scripting_CVE-2026-11338 A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file ...	SourceCodester	Ship Ferry Ticket Reservation System 1.0	Jun 5, 2026	CVE
MEDIUM 5.3	CVE-2026-11337	tittuvarghese CollegeManagementSystem fetch.php cross site scripting_CVE-2026-11337 A vulnerability was found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe0...	tittuvarghese	CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3	Jun 5, 2026	CVE
MEDIUM 6.5	CVE-2025-5090	Arista CloudVision Exchange Cluster Instability via Unexpected Switch Messages_CVE-2025-5090 CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An ...	Arista Networks	EOS / CloudVision eXchange (CVX) 4.34.0F	Jun 5, 2026	CVE
MEDIUM 6.5	CVE-2025-5089	Arista EOS SysDB Agent Denial of Service via Malformed CVX Client/Server Messages_CVE-2025-5089 In a CVX cluster, an EOS switch connected to a CVX server is not resilient to certain malformed messages received from the connected CVX server. Si...	Arista Networks	EOS / CloudVision eXchange (CVX) 4.34.0F	Jun 5, 2026	CVE
MEDIUM 4.3	2103D4EA-06CF-	Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft_2103D4EA-06CF-5F3F-9CD8-441F190D6D3F CVE-2026-33829 Este repositorio contiene una herramienta automatizada en Bash diseñada para auditar y verificar de manera pasiva y controlada si lo...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT
MEDIUM 4.3	CVE-2026-11234	CVE-2026-11234_CVE-2026-11234 Inappropriate implementation in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer pro...	Google	Chrome 149.0.7827.53	Jun 4, 2026	CVE
MEDIUM 4.7	CVE-2026-11233	CVE-2026-11233_CVE-2026-11233 Insufficient policy enforcement in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer ...	Google	Chrome 149.0.7827.53	Jun 4, 2026	CVE