CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5	CVE-2026-55655	Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions_CVE-2026-55655 A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possib...	Red Hat	Red Hat Enterprise Linux 10	Jun 23, 2026	CVE
LOW 3.7	CVE-2026-55654	Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination_CVE-2026-55654 A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Applicati...	Red Hat	Red Hat Enterprise Linux 10	Jun 23, 2026	CVE
MEDIUM 4.3	CVE-2026-55653	Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of service_CVE-2026-55653 A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client pa...	Red Hat	Red Hat Enterprise Linux 10	Jun 23, 2026	CVE
NONE	8BAB742C-5C9E-	sharepoint-sqli-research_8BAB742C-5C9E-5401-B964-9E8F5ACD280A SharePoint SQL Injection Research Analysis of SQL injection vulnerabilities affecting Microsoft SharePoint Server on-premises deployments — coverin...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
HIGH 7.8	DF5C4368-B596-	Exploit for Untrusted Pointer Dereference in Microsoft_DF5C4368-B596-5A56-B3D2-A29063405520 Note The NTOKernelBase in exp.cpp needs to be set by yourself...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
HIGH 8.8	MS:CVE-2026-12447	Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC_MS:CVE-2026-12447 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
LOW 3.1	MS:CVE-2026-12458	Chromium: CVE-2026-12458 Incorrect security UI in Passwords_MS:CVE-2026-12458 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 7.1	CVE-2026-10658	Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS_CVE-2026-10658 A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In bt_iso_recv() (subsys/blue...	zephyrproject-rtos	Zephyr *	Jun 22, 2026	CVE
HIGH 7.1	CVE-2026-10651	Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read_CVE-2026-10651 A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, bt_sd...	zephyrproject-rtos	Zephyr *	Jun 22, 2026	CVE
MEDIUM 4.9	CVE-2026-10645	fs: ext2: Missing structural validation of directory entries can cause out-of-bounds read and zero-progress directory traversal_CVE-2026-10645 Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversa...	zephyrproject-rtos	Zephyr *	Jun 22, 2026	CVE