CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	CVE-2025-34153	Hyland OnBase .NET Remoting TCP Channel Unauthenticated RCE_CVE-2025-34153 Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to unauthenticated remote code execution via insecure des...	Hyland Software	OnBase *	Aug 13, 2025	CVE
CRITICAL 9.8	THN:131B2CD2567...	Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws_THN:131B2CD256749DF271772E46F9669123 ![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) Zoom and Xerox have addres...	N/A	N/A	Aug 13, 2025	THN
CRITICAL 9.8	MALWAREBYTES:39...	Microsoft patches some very important vulnerabilities in August’s patch Tuesday_MALWAREBYTES:39A20F18B874CA3E305C434ACBABF352 In the August 2025 patch Tuesday round Microsoft fixed a total of 111 Microsoft vulnerabilities. A few of them are very important for people to app...	N/A	N/A	Aug 13, 2025	MALWAREBYTES
CRITICAL 9.4	CVE-2025-55168	WeGIA SQL Injection via id_fichamedica at endpoint `GET /html/saude/aplicar_medicamento.php`_CVE-2025-55168 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vu...	LabRedesCefetRJ	WeGIA < 3.4.8	Aug 12, 2025	CVE
CRITICAL 10	CVE-2025-55169	WeGIA Path Traversal at endpoint ‘html/socio/sistema/download_remessa.php’ via parameter ‘file’_CVE-2025-55169 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a path traversal v...	LabRedesCefetRJ	WeGIA < 3.4.8	Aug 12, 2025	CVE
CRITICAL 9.7	CVE-2025-54382	Cherry Studio RCE Vulnerability Disclosure_CVE-2025-54382 Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution (RCE) vulnerability exists in...	CherryHQ	cherry-studio = 1.5.1	Aug 13, 2025	CVE
CRITICAL 9.8	THN:6424C9AEB80...	Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code_THN:6424C9AEB80EB4FC9DACB5F58A480B35 ![FortiSIEM Vulnerability \(CVE-2025-25256\)](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAA...	N/A	N/A	Aug 13, 2025	THN
CRITICAL 9.3	CVE-2025-8913	WellChoose｜Organization Portal System – Local File Inclusion_CVE-2025-8913 Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute a...	WellChoose	Organization Portal System	Aug 13, 2025	CVE
CRITICAL 10	THN:7B84183CA8F...	Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws_THN:7B84183CA8FDD4C95B491A65BC16DE76 ![August 2025 Patch Tuesday](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) M...	N/A	N/A	Aug 13, 2025	THN
CRITICAL 9.8	3FC9E9A2-42CE-	Exploit for Code Injection in Xwiki_3FC9E9A2-42CE-552A-A046-E205E2471000 # CVE-2025-24893 – Unauthenticated Remote Code Execution in XWiki ## 0 Table of Contents 1. [Summary](#1-summary) 2. [Vulnerability Details](#2...	N/A	N/A	Aug 7, 2025	GITHUBEXPLOIT