HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2025-48862	CVE-2025-48862_CVE-2025-48862 Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a pass...	Bosch Rexroth AG	ctrlX OS - Setup 1.20.0	Aug 14, 2025	CVE
HIGH 8.3	CVE-2025-27388	Arbitrary URL Loading in WebView Leading to Token Leakage Risk_CVE-2025-27388 Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens.	OPPO	OPPO HEALTH APP 4.23.4 and below	Aug 14, 2025	CVE
HIGH 8.6	CVE-2025-8949	D-Link DIR-825 httpd ping_response.cgi get_ping_app_stat stack-based overflow_CVE-2025-8949 A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function get_ping_app_stat of the file ping_response.c...	D-Link	DIR-825 2.10	Aug 14, 2025	CVE
HIGH 8.7	CVE-2025-8939	Tenda AC20 WifiGuestSet buffer overflow_CVE-2025-8939 A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/WifiGuestSet. The manipulation ...	Tenda	AC20 16.03.08.0	Aug 14, 2025	CVE
HIGH 8.7	CVE-2025-8940	Tenda AC20 saveParentControlInfo strcpy buffer overflow_CVE-2025-8940 A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is the function strcpy of the file /goform/saveParen...	Tenda	AC20 16.03.08.0	Aug 14, 2025	CVE
HIGH 9.3	THN:09CCE31718D...	CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog_THN:09CCE31718DDD3BFAE6ABE678535139C ![Known Exploited Vulnerabilities Catalog](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASU...	N/A	N/A	Aug 14, 2025	THN
HIGH 7.5	CVE-2025-50615	CVE-2025-50615_CVE-2025-50615 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. Attackers can ...	n/a	n/a n/a	Aug 13, 2025	CVE
HIGH 7.5	CVE-2025-50616	CVE-2025-50616_CVE-2025-50616 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the cgitest.cgi file. Attackers can ...	n/a	n/a n/a	Aug 13, 2025	CVE
HIGH 7.5	CVE-2025-50617	CVE-2025-50617_CVE-2025-50617 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can ...	n/a	n/a n/a	Aug 13, 2025	CVE
HIGH 7.1	CVE-2025-55196	External Secrets Operator Missing Namespace Restriction in PushSecret and SecretStore List() Calls Allows Unauthorized Secret Access_CVE-2025-55196 External Secrets Operator is a Kubernetes operator that integrates external secret management systems. From version 0.15.0 to before 0.19.2, a vuln...	external-secrets	external-secrets >= 0.15.0, < 0.19.2	Aug 13, 2025	CVE