CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2025-27845	CVE-2025-27845_CVE-2025-27845 In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This ...	n/a	n/a n/a	Aug 14, 2025	CVE
CRITICAL 9.8	CVE-2025-50518	CVE-2025-50518_CVE-2025-50518 A use-after-free vulnerability exists in the coap_delete_pdu_lkd function within coap_pdu.c of the libcoap library. This issue occurs due to improp...	n/a	n/a n/a	Aug 14, 2025	CVE
CRITICAL 9.1	CVE-2025-9060	MFlash Remote Code Execution (RCE) after authentication of a user with the “administrator” role_CVE-2025-9060 A vulnerability has been found in the MSoft MFlash application that allows execution of arbitrary code on the server. The issue occurs in the ...	MSoft	MFlash 8.0	Aug 15, 2025	CVE
CRITICAL 9.8	CVE-2025-8995	Authenticator Login – Highly critical – Access bypass – SA-CONTRIB-2025-096_CVE-2025-8995 Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affect...	Drupal	Authenticator Login 0.0.0	Aug 15, 2025	CVE
CRITICAL 9.8	CVE-2025-43984	CVE-2025-43984_CVE-2025-43984 An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software Version: GC111-GL-LM321_V3.0_20191211). They are vulnera...	n/a	n/a n/a	Aug 14, 2025	CVE
CRITICAL 9.2	CVE-2025-54473	Extension – phoca.cz – Authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla_CVE-2025-54473 An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execut...	phoca.cz	phoca.cz - Phoca Commander for Joomla 5.0.0-5.0.1	Aug 15, 2025	CVE
CRITICAL 9.8	CVE-2025-7778	Icons Factory <= 1.6.12 - Missing Authorization to Unauthenticated Arbitrary File Deletion via delete_files() Function_CVE-2025-7778 The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation with...	artkrylov	Icons Factory *	Aug 15, 2025	CVE
CRITICAL 10	THN:0A1BBE33E80...	Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution_THN:0A1BBE33E809E0FF0ABAE5D110986874 ![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=) Cisco has released securit...	N/A	N/A	Aug 15, 2025	THN
CRITICAL 9.8	CVE-2025-6679	Contact Form by Bit Form – Bit Form <= 2.20.3 - Unauthenticated Arbitrary File Upload_CVE-2025-6679 The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and in...	bitpressadmin	Bit Form – Custom Contact Form, Multi Step, Conversational, Payment & Quiz Form builder *	Aug 15, 2025	CVE
CRITICAL 9.8	F88F0C98-2FD9-	Exploit for CVE-2024-47533_F88F0C98-2FD9-50F5-AA41-8A5C21BF5BB5 CVE-2024-47533 – Cobbler XML-RPC Authentication Bypass Exploit 📜 Description CVE-2024-47533...	N/A	N/A	Aug 14, 2025	GITHUBEXPLOIT