CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2025-55010	Kanboard Authenticated Admin Remote Code Execution via Unsafe Deserialization of Events_CVE-2025-55010 Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in...	kanboard	kanboard < 1.2.47	Aug 12, 2025	CVE
CRITICAL 9.4	CVE-2025-55167	WeGIA SQL Injection via id_fichamedica at endpoint `GET/html/funcionario/dependente_remover.php`_CVE-2025-55167 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vu...	LabRedesCefetRJ	WeGIA < 3.4.8	Aug 12, 2025	CVE
CRITICAL 9.8	CVE-2025-53766	GDI+ Remote Code Execution Vulnerability_CVE-2025-53766 {“lastseen”:””,”description”:””,”published”:”2025-08-12T17:10:37.678Z”,&#82...	Microsoft	Windows 10 Version 1809 10.0.17763.0	Aug 12, 2025	CVE
CRITICAL 9.1	CVE-2025-50171	Remote Desktop Spoofing Vulnerability_CVE-2025-50171 {“lastseen”:””,”description”:””,”published”:”2025-08-12T17:10:07.727Z”,&#82...	Microsoft	Windows Server 2022 10.0.20348.0	Aug 12, 2025	CVE
CRITICAL 9.8	CVE-2025-50165	Windows Graphics Component Remote Code Execution Vulnerability_CVE-2025-50165 {“lastseen”:””,”description”:””,”published”:”2025-08-12T17:10:03.929Z”,&#82...	Microsoft	Windows Server 2025 (Server Core installation) 10.0.26100.0	Aug 12, 2025	CVE
CRITICAL 9.8	CVE-2025-25256	CVE-2025-25256_CVE-2025-25256 An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version ...	Fortinet	FortiSIEM 7.3.0	Aug 12, 2025	CVE
CRITICAL 9.6	CVE-2025-49457	Zoom Clients for Windows – Untrusted Search Path_CVE-2025-49457 Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access	Zoom Communications Inc	Zoom Clients for Windows see references	Aug 12, 2025	CVE
CRITICAL 9.8	CVE-2025-6715	Latepoint < 5.1.94 - Unauthenticated LFI_CVE-2025-6715 The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers ...	Unknown	LatePoint	Aug 13, 2025	CVE
CRITICAL 9.1	CVE-2025-50251	CVE-2025-50251_CVE-2025-50251 Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password recovery.	n/a	n/a n/a	Aug 13, 2025	CVE
CRITICAL 9.3	CVE-2025-54707	WordPress MDTF Plugin <= 1.3.3.7 - SQL Injection Vulnerability_CVE-2025-54707 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 MDTF allows SQL Injection. This is...	RealMag777	MDTF n/a	Aug 14, 2025	CVE