exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	DCB07824-2947-	Exploit for Improper Authentication in Oracle E-Business_Suite_DCB07824-2947-51F9-8738-1630098A0772 CVE-2026-46817 Proof of Concept Oracle E-Business Suite File Transmission Path Traversal --- ⚠️ LEGAL DISCLAIMER THIS SOFTWARE IS PROVIDED FOR EDUC...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
NONE	H1:3833577	curl: heap-use-after-free in curl_easy_cleanup() called from callback_H1:3833577 ## Summary: `Curl_close()` (`lib/url.c:214`) calls `curl_multi_remove_handle(data->multi, data)` and ignores the return value. When `curl_easy_cle...	N/A	N/A	Jun 30, 2026	HACKERONE
MEDIUM 6.5	CVE-2026-51219	CVE-2026-51219_CVE-2026-51219 A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denia...	n/a	n/a n/a	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-49434	Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker_CVE-2026-49434 Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or...	Apache Software Foundation	Apache ActiveMQ Broker	Jun 30, 2026	CVE
CRITICAL 9.8	CVE-2026-8402	SQLi in Exagate’s SYSGUARD 6001_CVE-2026-8402 Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Eksagate Electronic Engineering and Computer ...	Eksagate Electronic Engineering and Computer Industry Trade Inc.	SYSGUARD 6001 2.0.2	Jun 30, 2026	CVE
MEDIUM 5.9	CVE-2026-53692	Weak hahshing algorithm in Redeight CMS_CVE-2026-53692 Redeight CMS version 1.0 uses the MD5 algorithm without a salt to store user passwords. Because MD5 is a cryptographically broken algorithm and lac...	Redeight	Redeight CMS 1.0	Jun 30, 2026	CVE
HIGH 8.6	CVE-2026-53691	Remote Code Execution in Redeight CMS_CVE-2026-53691 An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST ...	Redeight	Redeight CMS 1.0	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-53690	SQL Injection in Redeight CMS_CVE-2026-53690 An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The ...	Redeight	Redeight CMS 1.0	Jun 30, 2026	CVE
HIGH 8.8	CVE-2026-41053	Over-inclusive team membership expansion in GitHub App authentication provider for Rancher_CVE-2026-41053 Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal acces...	SUSE	Rancher 2.14.0	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-14162	Advantech｜Hospital Quering Management – Missing Authentication_CVE-2026-14162 Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access...	Advantech	Hospital Quering Management	Jun 30, 2026	CVE