CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2025-50165	Windows Graphics Component Remote Code Execution Vulnerability_CVE-2025-50165 {“lastseen”:””,”description”:””,”published”:”2025-08-12T17:10:03.929Z”,&#82...	Microsoft	Windows Server 2025 (Server Core installation) 10.0.26100.0	Aug 12, 2025	CVE
CRITICAL 9.8	CVE-2025-25256	CVE-2025-25256_CVE-2025-25256 An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version ...	Fortinet	FortiSIEM 7.3.0	Aug 12, 2025	CVE
CRITICAL 9.6	CVE-2025-49457	Zoom Clients for Windows – Untrusted Search Path_CVE-2025-49457 Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access	Zoom Communications Inc	Zoom Clients for Windows see references	Aug 12, 2025	CVE
CRITICAL 9.8	CVE-2025-6715	Latepoint < 5.1.94 - Unauthenticated LFI_CVE-2025-6715 The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers ...	Unknown	LatePoint	Aug 13, 2025	CVE
CRITICAL 9.1	CVE-2025-50251	CVE-2025-50251_CVE-2025-50251 Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password recovery.	n/a	n/a n/a	Aug 13, 2025	CVE
CRITICAL 9.3	CVE-2025-54707	WordPress MDTF Plugin <= 1.3.3.7 - SQL Injection Vulnerability_CVE-2025-54707 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 MDTF allows SQL Injection. This is...	RealMag777	MDTF n/a	Aug 14, 2025	CVE
CRITICAL 9	CVE-2025-54693	WordPress Form Block Plugin <= 1.5.5 - Arbitrary File Upload Vulnerability_CVE-2025-54693 Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block allows Upload a Web Shell to a Web Server. This issue affects F...	epiphyt	Form Block n/a	Aug 14, 2025	CVE
CRITICAL 9.8	CVE-2025-54686	WordPress Exertio Theme <= 1.3.2 - PHP Object Injection Vulnerability_CVE-2025-54686 Deserialization of Untrusted Data vulnerability in scriptsbundle Exertio allows Object Injection. This issue affects Exertio: from n/a through 1.3.2.	scriptsbundle	Exertio n/a	Aug 14, 2025	CVE
CRITICAL 9.3	CVE-2025-54678	WordPress Easy Form Builder Plugin <= 3.8.15 - SQL Injection Vulnerability_CVE-2025-54678 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder allows Blind...	hassantafreshi	Easy Form Builder n/a	Aug 14, 2025	CVE
CRITICAL 9.3	CVE-2025-54669	WordPress MapSVG Plugin < 8.7.4 - SQL Injection Vulnerability_CVE-2025-54669 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RomanCode MapSVG allows SQL Injection. This i...	RomanCode	MapSVG n/a	Aug 14, 2025	CVE