CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	MS:CVE-2025-53795	Microsoft PC Manager Elevation of Privilege Vulnerability_MS:CVE-2025-53795 Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network.	N/A	N/A	Aug 21, 2025	MSCVE
CRITICAL 9.8	CVE-2025-53763	Azure Databricks Elevation of Privilege Vulnerability_CVE-2025-53763 {“lastseen”:””,”description”:””,”published”:”2025-08-21T19:49:42.709Z”,&#82...	Microsoft	Microsoft Purview Data Governance N/A	Aug 21, 2025	CVE
CRITICAL 9.1	CVE-2025-53795	Microsoft PC Manager Elevation of Privilege Vulnerability_CVE-2025-53795 {“lastseen”:””,”description”:””,”published”:”2025-08-21T19:49:43.302Z”,&#82...	Microsoft	Microsoft PC Manager N/A	Aug 21, 2025	CVE
CRITICAL 9.8	CVE-2025-52352	CVE-2025-52352_CVE-2025-52352 Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hiding the si...	n/a	n/a n/a	Aug 21, 2025	CVE
CRITICAL 10	THN:62E19AD6E6D...	Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks_THN:62E19AD6E6DCCB4AC2343AC29C3D205C ![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) Commvault has released upd...	N/A	N/A	Aug 21, 2025	THN
CRITICAL 9.8	CVE-2025-57754	eslint-ban-moment exposed a sensitive Supabase URI in .env (Credential leak)_CVE-2025-57754 eslint-ban-moment is an Eslint plugin for final assignment in VIHU. In 3.0.0 and earlier, a sensitive Supabase URI is exposed in .env. A valid Supa...	kristoferfannar	eslint-ban-moment <= 3.0.0	Aug 21, 2025	CVE
CRITICAL 9.8	CVE-2025-52395	CVE-2025-52395_CVE-2025-52395 An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the application exposing a password reset API endpoint that fai...	n/a	n/a n/a	Aug 21, 2025	CVE
CRITICAL 9.8	CVE-2025-50901	CVE-2025-50901_CVE-2025-50901 JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication bypass vulnerability, which can lead to arbitrary fi...	n/a	n/a n/a	Aug 20, 2025	CVE
CRITICAL 9.9	CVE-2025-53251	WordPress Pin WP theme <= 6.9 - Arbitrary File Upload Vulnerability_CVE-2025-53251 Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP allows Upload a Web Shell to a Web Server.This issue affects Pin ...	An-Themes	Pin WP n/a	Aug 21, 2025	CVE
CRITICAL 9.8	CVE-2025-27214	CVE-2025-27214_CVE-2025-27214 A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjac...	Ubiquiti Inc	UniFi Connect EV Station Pro 1.5.27	Aug 21, 2025	CVE