CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2025-34132	LILIN DVR Command Injection via NTPUpdate in dvr_box_CVE-2025-34132 A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server fie...	Merit LILIN	DVR Firmware *	Jul 16, 2025	CVE
CRITICAL 9.8	CVE-2025-5396	Bears Backup <= 2.0.0 - Unauthenticated Remote Code Execution_CVE-2025-5396 The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbacku...	Bearsthemes	Bears Backup *	Jul 17, 2025	CVE
CRITICAL 9.1	CVE-2025-53909	mailcow: dockerized vulnerable to SSTI in Quota and Quarantine Notification Template_CVE-2025-53909 mailcow: dockerized is an open source groupware/email suite based on docker. A Server-Side Template Injection (SSTI) vulnerability exists in versio...	mailcow	mailcow-dockerized < 2025-07	Jul 17, 2025	CVE
CRITICAL 9.8	CVE-2025-51630	CVE-2025-51630_CVE-2025-51630 TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort parameter in the function setIpPortFilterRules.	n/a	n/a n/a	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-53946	WeGIA vulnerable to SQL Injection in endpoint profile_paciente.php parameter id_fichamedica_CVE-2025-53946 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.5	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-54060	WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarInfoPessoal.php Endpoint_CVE-2025-54060 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.6	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-54058	WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarEndereco.php Endpoint_CVE-2025-54058 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.6	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-54061	WeGIASQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarDoc.php Endpoint_CVE-2025-54061 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.6	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-54062	WeGIA SQL Injection (Blind Time-Based) Vulnerability in id_dependente Parameter on profile_dependente.php Endpoint_CVE-2025-54062 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.6	Jul 17, 2025	CVE
CRITICAL 9.6	CVE-2025-25257	CVE-2025-25257_CVE-2025-25257 An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 t...	Fortinet	FortiWeb 7.6.0	Jul 17, 2025	CVE