CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.6	CVE-2026-12620	Access Token Exposure in URL Parameters in GridTime™ 3000 GNSS Time Server_CVE-2026-12620 The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03...	Microchip	GridTime 3000 1.0r0.03	Jun 19, 2026	CVE
MEDIUM 5.1	CVE-2026-12619	GridTime™ 3000 GNSS Time Server CSRF to XSS_CVE-2026-12619 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip GridTime 3000 allows Cross-S...	Microchip	GridTime 3000 1.0r0.03	Jun 19, 2026	CVE
HIGH 8.1	CVE-2026-56211	Libaom: libaom: remote code execution via svc layer context handling with attacker-controlled frames_CVE-2026-56211 A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encode...	Red Hat	Red Hat Enterprise Linux 10	Jun 19, 2026	CVE
HIGH 8.2	CVE-2026-56210	Libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id_CVE-2026-56210 A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable ...	Red Hat	Red Hat Enterprise Linux 10	Jun 19, 2026	CVE
CRITICAL 9.1	CVE-2026-56209	Libaom: libaom: arbitrary address write via svc layer context oob and cyclic refresh map pointer hijack_CVE-2026-56209 An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable V...	Red Hat	Red Hat Enterprise Linux 10	Jun 19, 2026	CVE
HIGH 8.6	CVE-2026-56208	Libaom: libaom: heap buffer overflow in av1 encoder first-pass stats buffer via lap mode_CVE-2026-56208 A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing...	Red Hat	Red Hat Enterprise Linux 10	Jun 19, 2026	CVE
HIGH 8.2	CVE-2026-49260	PhpWeasyPrint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc)_CVE-2026-49260 PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, `pontedilana/php-weasyprint` builds the ...	pontedilana	php-weasyprint < 2.5.1	Jun 19, 2026	CVE
MEDIUM 5.5	CVE-2026-3196	Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation_CVE-2026-3196 An integer overflow vulnerability was found in the virtio-snd device via PCM_INFO requests from the guest. A malicious guest can provide out-of-bou...	N/A	N/A 8.2.0	Jun 19, 2026	CVE
HIGH 7.4	CVE-2026-3195	Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)_CVE-2026-3195 A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the `virtio_snd_pcm_in_cb` function did not check wheth...	N/A	N/A 8.2.0	Jun 19, 2026	CVE
NONE	5BEBD996-40A7-	AINEE_5BEBD996-40A7-5820-A505-F8584E84A3BB Autonomous Internal Network Exploitation Engine The Autonomous Internal Network Exploitation Engine AINE is a cybersecurity research project design...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT