CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2025-7955	RingCentral Communications 1.5 – 1.6.8 – Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function_CVE-2025-7955 The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentral_admin_...	pbmacintyre	RingCentral Communications Plugin – FREE 1.5	Aug 28, 2025	CVE
CRITICAL 9.8	CVE-2025-50972	CVE-2025-50972_CVE-2025-50972 SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute arbitrary SQL commands via the tmpl_id parameter to in...	n/a	n/a n/a	Aug 27, 2025	CVE
CRITICAL 9.1	CVE-2025-55526	CVE-2025-55526_CVE-2025-55526 n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py	n/a	n/a n/a	Aug 26, 2025	CVE
CRITICAL 9.8	CVE-2025-25734	CVE-2025-25734_CVE-2025-25734 Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthen...	n/a	n/a n/a	Aug 26, 2025	CVE
CRITICAL 9.8	CVE-2025-25737	CVE-2025-25737_CVE-2025-25737 Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure passwo...	n/a	n/a n/a	Aug 26, 2025	CVE
CRITICAL 9.3	IMPERVABLOG:2ED...	Critical Flaws in Base44 Exposed Sensitive Data and Allowed Account Takeovers_IMPERVABLOG:2ED0CCC46B389C7D1BF4F3CCDCB72648 Our research uncovered multiple critical vulnerabilities in Base44, an AI-powered platform that lets you turn any idea into a fully functional cust...	N/A	N/A	Aug 27, 2025	IMPERVABLOG
CRITICAL 9.8	TALOSBLOG:C6335...	Libbiosig, Tenda, SAIL, PDF XChange, Foxit vulnerabilities_TALOSBLOG:C63352AC2EC600715F3E855F6125D64E ![Libbiosig, Tenda, SAIL, PDF XChange, Foxit vulnerabilities](https://blog.talosintelligence.com/content/images/2025/08/vuln-roundup.webp) Cisco T...	N/A	N/A	Aug 27, 2025	TALOSBLOG
CRITICAL 9.2	CVE-2025-34523	Arcserve UDP < 10.2 Pre-Authentication Heap Overflow_CVE-2025-34523 A heap-based buffer overflow vulnerability exists in the exists in the network-facing input handling routines of Arcserve Unified Data Protection (...	Arcserve	Unified Data Protection (UDP) 10.2	Aug 27, 2025	CVE
CRITICAL 9.2	CVE-2025-34522	Arcserve UDP < 10.2 Pre-Authentication Heap Overflow_CVE-2025-34522 A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection (UDP). This flaw can be triggered ...	Arcserve	Unified Data Protection (UDP) 10.2	Aug 27, 2025	CVE
CRITICAL 10	CVE-2025-34160	AnyShare ServiceAgent API Unauthenticated RCE_CVE-2025-34160 AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/S...	Shanghai Aishu Information Technology Co., Ltd.	AnyShare *	Aug 27, 2025	CVE