HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	CVE-2025-7769	Improper Neutralization of Special Elements used in a Command (‘Command Injection’) in Tigo Energy Cloud Connect Advanced_CVE-2025-7769 Tigo Energy's CCA is vulnerable to a command injection vulnerability in the /cgi-bin/mobile_api endpoint when the DEVICE_PING command is called, al...	Tigo Energy	Cloud Connect Advanced	Aug 6, 2025	CVE
HIGH 8.7	CVE-2025-7770	Predictable Seed in Pseudo-Random Number Generator (PRNG) in Tigo Energy Cloud Connect Advanced_CVE-2025-7770 Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable met...	Tigo Energy	Cloud Connect Advanced	Aug 6, 2025	CVE
HIGH 7.5	CVE-2025-21452	Reachable Assertion in Modem_CVE-2025-21452 Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.	Qualcomm, Inc.	Snapdragon 315 5G IoT Modem	Aug 6, 2025	CVE
HIGH 7.8	CVE-2025-21458	Use After Free in NPU_CVE-2025-21458 Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.	Qualcomm, Inc.	Snapdragon FastConnect 6900	Aug 6, 2025	CVE
HIGH 7.8	CVE-2025-21461	Out-of-bounds Write in Camera_Linux_CVE-2025-21461 Memory corruption when programming registers through virtual CDM.	Qualcomm, Inc.	Snapdragon FastConnect 6900	Aug 6, 2025	CVE
HIGH 7.8	CVE-2025-21473	Time-of-check Time-of-use (TOCTOU) Race Condition in Camera_Linux_CVE-2025-21473 Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.	Qualcomm, Inc.	Snapdragon FastConnect 6900	Aug 6, 2025	CVE
HIGH 7.8	CVE-2025-21474	Use After Free in BTHOST_CVE-2025-21474 Memory corruption while processing commands from A2dp sink command queue.	Qualcomm, Inc.	Snapdragon FastConnect 6800	Aug 6, 2025	CVE
HIGH 8.8	CVE-2025-54788	SuiteCRM: Authenticated Blind SQL Injection in InboundEmail module SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions and below, the InboundEmail m...	SuiteCRM	SuiteCRM < 7.14.7	Aug 6, 2025	CVE
HIGH 8.8	CVE-2025-54785	SuiteCRM is Vulnerable to PHP Object Injection in Reports SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, user-suppli...	SuiteCRM	SuiteCRM >= 7.14.6, < 7.14.7	Aug 6, 2025	CVE
HIGH 8.8	THN:DA3AF2B3E32...	Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft ...	N/A	N/A	Aug 6, 2025	THN