CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	FAF4A621-EF5C-	Exploit for CVE-2026-37066_FAF4A621-EF5C-5980-AED9-2374875BEFF0 CVE-2026-37066 Path traversal leading to Arbitrary File Read in /vfm-admin/index.php and /vfm-admin/ajax/streamvid.php in Veno File Manager Project...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
NONE	D88591AC-1A96-	Cyber-Arena_D88591AC-1A96-51A6-B286-E77A29ADF076 CyberArena - Cybersecurity Challenge Platform CyberArena is an immersive, interactive cybersecurity training platform designed for students, profes...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
NONE	B8B07DAE-91EC-	Exploit for CVE-2026-37071_B8B07DAE-91EC-5A54-AEB8-A14E5FEC47EF CVE-2026-37071 Arbitrary File Rename Leading to Privilege Escalation in Actions::renameFile function in Veno File Manager Project 4.4.9 allows an a...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
NONE	E546C8C0-498D-	Exploit for CVE-2026-37072_E546C8C0-498D-59B6-84C9-0388422D0261 CVE-2026-37072 Veno File Manager Project Veno File Manager Project 4.4.9 is vulnerable to Incorrect Access Control in admin-head-updates.php An una...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
HIGH 7.8	CVE-2026-50100	CVE-2026-50100_CVE-2026-50100 Multiple printer drivers provided by Ricoh Company, Ltd. and KONICA MINOLTA JAPAN, INC. contain a privilege escalation vulnerability. If this vulne...	Ricoh Company, Ltd.	Multiple printer drivers see the information provided by the vendor	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-44188	Ansible-lightspeed: ansible lightspeed: session hijacking and unauthorized data access due to insufficient session expiration_CVE-2026-44188 A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persis...	Red Hat	Red Hat Ansible Automation Platform 2.7 1781025813	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-11860	Insecure Deserialisation via Plaintext HTTP leading to Remote Code Execution in Quick.CMS_CVE-2026-11860 Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tampe...	OpenSolution	Quick.CMS	Jun 15, 2026	CVE
NONE	24D4A1C9-6687-	sql_injection_exploit.sh_24D4A1C9-6687-59B5-944C-CBC0F8CD1746 sqlinjectionexploit.sh SQL Injection attack on DVWA Low Security - Cybersecurity Internship Task 3...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
NONE	MALWAREBYTES:A1...	A week in security (June 8 – June 14)_MALWAREBYTES:A1CEB0E4C217C2EBFF41B26DA0B035F9 Last week on Malwarebytes Labs: * Stolen iPhones could soon be worth a lot less to thieves * Fake verification pages are stealing Steam accoun...	N/A	N/A	Jun 15, 2026	MALWAREBYTES
MEDIUM 4.4	E2CF04E5-7B2B-	Exploit for CVE-2026-48849_E2CF04E5-7B2B-56AE-BB11-79D1448AB6ED CVE-2026-48849 - Stored XSS, HTML Injection & CSS Injection in Roundcube Webmail Overview This repository contains a Proof-of-Concept PoC for CVE-2...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT