CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2025-52376	CVE-2025-52376_CVE-2025-52376 An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below,...	n/a	n/a n/a	Jul 15, 2025	CVE
CRITICAL 9.3	CVE-2025-41238	PVSCSI heap-overflow vulnerability_CVE-2025-41238 VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-...	VMware	ESXi 8.0	Jul 15, 2025	CVE
CRITICAL 9.3	CVE-2025-41237	VMCI integer-underflow vulnerability_CVE-2025-41237 VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds ...	VMware	Cloud Foundation 9.0.0.0, 5.x, 4.5.x	Jul 15, 2025	CVE
CRITICAL 9.3	CVE-2025-41236	VMXNET3 integer-overflow vulnerability_CVE-2025-41236 VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local...	VMware	ESXi 8.0	Jul 15, 2025	CVE
CRITICAL 9	CVE-2025-50067	CVE-2025-50067_CVE-2025-50067 {“lastseen”:””,”description”:””,”published”:”2025-07-15T19:27:36.887Z”,&#82...	Oracle Corporation	Oracle Application Express 24.2.4	Jul 15, 2025	CVE
CRITICAL 9.1	CVE-2025-49827	Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) Vulnerable to Bypass of IAM Authenticator_CVE-2025-49827 Conjur provides secrets management and application identity for infrastructure. Conjur OSS versions 1.19.5 through 1.22.0 and Secrets Manager, Self...	cyberark	conjur Conjur OSS >= 1.19.5, < 1.22.1	Jul 15, 2025	CVE
CRITICAL 9.1	CVE-2025-49831	Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to IAM Authenticator Bypass via Mis-configured Network Device_CVE-2025-49831 An attacker of Secrets Manager, Self-Hosted installations that route traffic from Secrets Manager to AWS through a misconfigured network device can...	cyberark	conjur Conjur OSS < 1.22.1	Jul 15, 2025	CVE
CRITICAL 9.8	CVE-2025-52688	Command Injection Vulnerability in the OmniAccess Stellar Web Management Interface_CVE-2025-52688 Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leadi...	Alcatel-Lucent	OmniAccess Stellar Products AP1100 AWOS versions 5.0.2 GA and earlier	Jul 16, 2025	CVE
CRITICAL 9.8	CVE-2025-52689	Weak Session ID Check in the OmniAccess Stellar Web Management Interface_CVE-2025-52689 Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a valid session ID with administrator privileges by ...	Alcatel-Lucent	OmniAccess Stellar Products AP1100 AWOS versions 5.0.2 GA and earlier	Jul 16, 2025	CVE
CRITICAL 9.6	CVE-2025-54010	WordPress FluentSnippets plugin <= 10.50 - Cross Site Request Forgery (CSRF) Vulnerability_CVE-2025-54010 Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel FluentSnippets allows Cross Site Request Forgery. This issue affects FluentSnipp...	Shahjahan Jewel	FluentSnippets n/a	Jul 16, 2025	CVE