packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	PACKETSTORM:219685	📄 Keras 3.13.0 HDF5 Shape Bomb Denial of Service_PACKETSTORM:219685 This script is a security research tool demonstrating a denial of service vulnerability in Keras model loading through malicious HDF5 shape bombs. ...	N/A	N/A	Apr 23, 2026	PACKETSTORM
NONE	PACKETSTORM:219679	📄 Grav CMS 1.7.49.5 Shell Upload_PACKETSTORM:219679 This script targets a Grav CMS administrative panel by first authenticating, then checking version information to estimate vulnerability exposure. ...	N/A	N/A	Apr 23, 2026	PACKETSTORM
CRITICAL 9.4	PACKETSTORM:219677	📄 Ghost CMS 6.19.0 SQL Injection_PACKETSTORM:219677 This is a Metasploit auxiliary module targeting a blind, unauthenticated SQL injection vulnerability in the Ghost CMS Content API that affects vers...	N/A	N/A	Apr 23, 2026	PACKETSTORM
NONE	PACKETSTORM:219682	📄 Hoverfly 1.11.3 Remote Command Execution_PACKETSTORM:219682 This Python script is an exploitation tool targeting a vulnerable Hoverfly API endpoint, specifically the /api/v2/hoverfly/middleware functionality...	N/A	N/A	Apr 23, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:219673	📄 FortiWeb 8.0.1 Authentication Bypass / Code Execution_PACKETSTORM:219673 This Metasploit module targets a critical remote code execution vulnerability in FortiWeb's management interface by chaining multiple weaknesses. I...	N/A	N/A	Apr 23, 2026	PACKETSTORM
NONE	PACKETSTORM:219672	📄 Forcepoint One Endpoint macOS 25.08.5008 Forcepoint DLP Endpoint Process Suspension Bypass_PACKETSTORM:219672 This Metasploit auxiliary module targets Forcepoint Data Loss Prevention DLP Endpoint on macOS and attempts to manipulate or suspend related securi...	N/A	N/A	Apr 23, 2026	PACKETSTORM
CRITICAL 9	PACKETSTORM:219562	📄 Eclipse Che WebSocket Machine-Exec Remote Code Execution_PACKETSTORM:219562 This Python script is a WebSocket-based client designed to interact with an Eclipse Che / DevSpaces machine-exec service and test for an unauthenti...	N/A	N/A	Apr 22, 2026	PACKETSTORM
NONE	PACKETSTORM:219565	📄 esiclivre 0.2.2 SQL Injection_PACKETSTORM:219565 The password reset functionality in esiclivre is affected by multiple vulnerabilities. The cpfcnpj parameter is vulnerable to Blind SQL injection d...	N/A	N/A	Apr 22, 2026	PACKETSTORM
MEDIUM 5.3	PACKETSTORM:219552	📄 WordPress Highlight and Share 5.2.0 Missing Authentication_PACKETSTORM:219552 WordPress Highlight and Share plugin versions 5.2.0 and below suffers from a missing authentication vulnerability...	N/A	N/A	Apr 22, 2026	PACKETSTORM
MEDIUM 4.3	PACKETSTORM:219556	📄 Dovecot IMAP NOOP Command Memory Exhaustion Denial of Service_PACKETSTORM:219556 This Metasploit auxiliary module targets a memory exhaustion vulnerability in the Dovecot IMAP service. It opens multiple concurrent TCP connection...	N/A	N/A	Apr 22, 2026	PACKETSTORM