MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-13541	itsourcecode Hospital Management System doctorchangepassword.php sql injection_CVE-2026-13541 A weakness has been identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /doctorchangepassword.p...	itsourcecode	Hospital Management System 1.0	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13540	GitBucket RepositoryCreationService.scala Git.cloneRepository.setURI server-side request forgery_CVE-2026-13540 A security flaw has been discovered in GitBucket up to 4.46.1. This affects the function Git.cloneRepository.setURI of the file src/main/scala/gitb...	n/a	GitBucket 4.46.0	Jun 29, 2026	CVE
MEDIUM 6.8	CVE-2025-7386	Information exposure vulnerability in Hitachi Storage Navigator_CVE-2025-7386 Information exposure vulnerability in Hitachi Storage Navigator. This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H...	Hitachi	Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-9267	CVE-2026-9267_CVE-2026-9267 Eclipse tinydtls before commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221 contains an out-of-bounds read vulnerability in the check_server_certificat...	Eclipse Foundation	Eclipse tinydtls	Jun 29, 2026	CVE
MEDIUM 4.4	CVE-2026-57966	Spice-vdagent: path traversal in file transfer via unsanitized filename_CVE-2026-57966 A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any l...	Red Hat	Red Hat Enterprise Linux 10	Jun 29, 2026	CVE
MEDIUM 5.1	CVE-2026-57965	Spice-vdagent: integer overflow in udscs_write() leading to heap buffer overflow_CVE-2026-57965 A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. Th...	Red Hat	Red Hat Enterprise Linux 10	Jun 29, 2026	CVE
MEDIUM 4.3	CVE-2026-57676	WordPress Simple User Avatar plugin <= 4.9 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-57676 Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access C...	Matteo Manna	Simple User Avatar n/a	Jun 29, 2026	CVE
MEDIUM 6.8	CVE-2026-13595	Util-linux: util-linux: heap use-after-free in libblkid nested partition probing_CVE-2026-13595 A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition prober...	Red Hat	Red Hat Enterprise Linux 10	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-13551	itsourcecode Baptism Information Management System editBaptism.php sql injection_CVE-2026-13551 A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file ...	itsourcecode	Baptism Information Management System 1.0	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-13550	itsourcecode Baptism Information Management System delbaptism.php sql injection_CVE-2026-13550 A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /...	itsourcecode	Baptism Information Management System 1.0	Jun 29, 2026	CVE