packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	PACKETSTORM:212821	📄 flatCore 1.5 Shell Upload_PACKETSTORM:212821 flatCore version 1.5 proof of concept remote shell upload exploit...	N/A	N/A	Dec 15, 2025	PACKETSTORM
HIGH 8.4	PACKETSTORM:212818	📄 Figma Desktop Application 125.6.5 Remote Code Execution_PACKETSTORM:212818 Figma Desktop Application version 125.6.5 proof of concept remote code execution exploit that leverages the plugin manifest...	N/A	N/A	Dec 15, 2025	PACKETSTORM
NONE	PACKETSTORM:212769	📄 Desktop XDG 1.0 Code Execution_PACKETSTORM:212769 This proof of concept generates a malicious file that allows for arbitrary code execution in Desktop XDG version 1.0...	N/A	N/A	Dec 12, 2025	PACKETSTORM
HIGH 8.8	PACKETSTORM:212768	📄 Azuriom CMS 1.2.6 Client-Side Template Injection_PACKETSTORM:212768 A client-side template injection vulnerability affects the Azuriom CMS Admin Dashboard in version 1.2.6. Several dashboard components widgets, plug...	N/A	N/A	Dec 12, 2025	PACKETSTORM
NONE	PACKETSTORM:212770	📄 dotCMS 24.04.24 Vulnerability Scanner_PACKETSTORM:212770 dotCMS version 24.04.24 advanced exploitation python scanning script that looks for local file inclusion, data exposure, SQL injection, and more...	N/A	N/A	Dec 12, 2025	PACKETSTORM
HIGH 8.8	PACKETSTORM:212774	📄 Eramba GRC 3.19.1 Command Injection_PACKETSTORM:212774 Eramba GRC platform version 3.19.1 proof of concept command injection exploit...	N/A	N/A	Dec 12, 2025	PACKETSTORM
MEDIUM 6.5	PACKETSTORM:212772	📄 EduplusCampus Student Portal 3.0.1 Insecure Direct Object Reference_PACKETSTORM:212772 EduplusCampus Student Portal version 3.0.1 suffers from an insecure direct object reference vulnerability...	N/A	N/A	Dec 12, 2025	PACKETSTORM
MEDIUM 5.3	PACKETSTORM:212771	📄 Drupal 11.x-dev Information Disclosure_PACKETSTORM:212771 Proof of concept script demonstrating a full path disclosure issue in Drupal version 11.x-dev...	N/A	N/A	Dec 12, 2025	PACKETSTORM
CRITICAL 9.6	PACKETSTORM:212777	📄 Grav CMS Twig SSTI Authenticated Sandbox Bypass Remote Code Execution_PACKETSTORM:212777 This Metasploit module exploits a Server-Side Template Injection SSTI vulnerability CVE-2025-66294 in Grav CMS that allows bypassing the Twig sandb...	N/A	N/A	Dec 12, 2025	PACKETSTORM
NONE	PACKETSTORM:212775	📄 FlatPress 1.3 Shell Upload_PACKETSTORM:212775 FlatPress version 1.3 remote shell upload proof of concept exploit that leverages a cross site request forgery vulnerability...	N/A	N/A	Dec 12, 2025	PACKETSTORM