LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2025-10250	DJI Mavic Spark/Mavic Air/Mavic Mini Telemetry Channel hard-coded key_CVE-2025-10250 A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected is an unknown function of the component Telemetry ...	DJI	Mavic Spark 01.00.0500	Sep 11, 2025	CVE
LOW 2.1	CVE-2025-10216	GrandNode Voucher ConfirmOrder race condition_CVE-2025-10216 A vulnerability was detected in GrandNode up to 2.3.0. The impacted element is an unknown function of the file /checkout/ConfirmOrder/ of the compo...	n/a	GrandNode 2.0	Sep 10, 2025	CVE
LOW 3.3	CVE-2025-10222	Sensitive Information Disclosure in Diagnostic Dumps in AxxonSoft Axxon One VMS_CVE-2025-10222 Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump component in AxxonSoft Axxon One VMS 2.0.0 through 2.0....	AxxonSoft	AxxonOne 2.0.0	Sep 10, 2025	CVE
LOW 3.1	CVE-2025-8277	Libssh: memory exhaustion via repeated key exchange in libssh_CVE-2025-8277 A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to fr...	Red Hat	Red Hat Enterprise Linux 10	Sep 9, 2025	CVE
LOW 3.1	CVE-2025-40802	CVE-2025-40802_CVE-2025-40802 A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device may be susceptible to resource exhaus...	Siemens	RUGGEDCOM RST2428P	Sep 9, 2025	CVE
LOW 3.1	CVE-2025-40803	CVE-2025-40803_CVE-2025-40803 A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device exposes certain non-critical informat...	Siemens	RUGGEDCOM RST2428P	Sep 9, 2025	CVE
LOW 3.1	CVE-2025-42914	Missing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)_CVE-2025-42914 Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to ...	SAP_SE	SAP HCM (My Timesheet Fiori 2.0 application) GBX01HR5 605	Sep 9, 2025	CVE
LOW 3.1	CVE-2025-42913	Missing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)_CVE-2025-42913 Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to ...	SAP_SE	SAP HCM (My Timesheet Fiori 2.0 application) GBX01HR5 605	Sep 9, 2025	CVE
LOW 3.4	CVE-2025-42927	Information Disclosure due to Outdated OpenSSL Version in SAP NetWeaver AS Java (Adobe Document Service)_CVE-2025-42927 SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable version of OpenSSL.Successful exploitation of known vuln...	SAP_SE	SAP NetWeaver AS Java (Adobe Document Service) ADSSAP 7.50	Sep 9, 2025	CVE
LOW 2.1	CVE-2025-43774	CVE-2025-43774_CVE-2025-43774 A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.17 allows a remote ...	Liferay	Portal 7.4.3.132	Sep 9, 2025	CVE