HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.4	CVE-2025-40769	CVE-2025-40769_CVE-2025-40769 A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content S...	Siemens	SINEC Traffic Analyzer	Aug 12, 2025	CVE
HIGH 7.4	CVE-2025-40770	CVE-2025-40770_CVE-2025-40770 A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring inter...	Siemens	SINEC Traffic Analyzer	Aug 12, 2025	CVE
HIGH 7.5	CVE-2025-47444	WordPress GiveWP Plugin < 4.6.1 is vulnerable to Sensitive Data (PII) Exposure_CVE-2025-47444 Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows Retrieve Embedded Sensitive Data.This issue affects Giv...	Liquid Web	GiveWP n/a	Aug 12, 2025	CVE
HIGH 8.8	CVE-2025-8418	B Slider- Gutenberg Slider Block for WP <= 1.1.30 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Plugin Installation_CVE-2025-8418 The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Arbitrary Plugin Installation in all versions up to, and includin...	bplugins	B Slider- Gutenberg Slider Block for WP *	Aug 12, 2025	CVE
HIGH 7.5	CVE-2025-6253	UiCore Elements <= 1.3.0 - Missing Authorization to Unauthenticated Arbitrary File Read_CVE-2025-6253 The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and inc...	uicore	UiCore Elements – Free Elementor widgets and templates *	Aug 12, 2025	CVE
HIGH 8.7	CVE-2025-8833	Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 langSwitchBack stack-based overflow_CVE-2025-8833 A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function langSwi...	Linksys	RE6250 20250801	Aug 11, 2025	CVE
HIGH 8.8	CVE-2025-42951	Broken Authorization in SAP Business One (SLD)_CVE-2025-42951 Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain administrator privileges of a database by invoking the...	SAP_SE	SAP Business One (SLD) B1_ON_HANA 10.0	Aug 12, 2025	CVE
HIGH 8.1	CVE-2025-5391	WooCommerce Purchase Orders <= 1.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion_CVE-2025-5391 The WooCommerce Purchase Orders plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delet...	bbioon	WooCommerce Purchase Orders *	Aug 12, 2025	CVE
HIGH 8.1	CVE-2025-42976	Multiple vulnerabilities in SAP NetWeaver Application Server ABAP (BIC Document)_CVE-2025-42976 SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document app...	SAP_SE	SAP NetWeaver Application Server ABAP (BIC Document) S4COREOP 104	Aug 12, 2025	CVE
HIGH 7.8	CVE-2025-55156	PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter_CVE-2025-55156 pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter add_links in API /json/ad...	pyload	pyload < 0.5.0b3.dev91	Aug 11, 2025	CVE