packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	PACKETSTORM:212602	📄 Beego 1.12.3 Directory Traversal / Local File Disclosure_PACKETSTORM:212602 Beego version 1.12.3 suffers from a directory traversal vulnerability that allows for local file disclosure...	N/A	N/A	Dec 9, 2025	PACKETSTORM
NONE	PACKETSTORM:212603	📄 Cloudbleed Scanner_PACKETSTORM:212603 Cloudbleed Scanner is a comprehensive security tool designed to detect memory leak patterns similar to the 2017 Cloudbleed incident, where Cloudfla...	N/A	N/A	Dec 9, 2025	PACKETSTORM
CRITICAL 9.4	PACKETSTORM:212607	📄 dotCMS 25.07.02-1 SQL Injection_PACKETSTORM:212607 This PHP script represents a sophisticated dual-method SQL Injection exploit targeting dotCMS version 25.07.02-1. The exploit combines time-based b...	N/A	N/A	Dec 9, 2025	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:212605	📄 Exim 4.98 SQL Injection_PACKETSTORM:212605 A vulnerability exists in Exim version 4.98 when ETRN input is serialized and passed to a SQLite backend. Time‑based SQL injection allows attackers...	N/A	N/A	Dec 9, 2025	PACKETSTORM
CRITICAL 9.1	PACKETSTORM:212537	📄 Django 5.1.13 SQL Injection_PACKETSTORM:212537 Django version 5.1.13 remote SQL injection vulnerability scanning script...	N/A	N/A	Dec 8, 2025	PACKETSTORM
CRITICAL 10	PACKETSTORM:212538	📄 Craft CMS 5.0 Logic Flaw_PACKETSTORM:212538 A flaw in the Craft CMS image transform endpoint allows an unauthenticated attacker to trigger backend processing without prior authentication. Whi...	N/A	N/A	Dec 8, 2025	PACKETSTORM
HIGH 7.8	PACKETSTORM:212542	📄 Microsoft Windows LNK File UI Misrepresentation Remote Code Execution_PACKETSTORM:212542 A critical vulnerability exists in Microsoft Windows LNK file handling that allows attackers to create malicious shortcut files that appear legitim...	N/A	N/A	Dec 8, 2025	PACKETSTORM
CRITICAL 10	PACKETSTORM:212536	📄 DNN Platform Pre‑10.1.1 Arbitrary File Upload_PACKETSTORM:212536 DNN Platform version Pre‑10.1.1 suffers from an unauthenticated arbitrary file upload vulnerability. This software was formerly known as DotNetNuke...	N/A	N/A	Dec 8, 2025	PACKETSTORM
NONE	PACKETSTORM:212541	📄 Zimbra Collaboration Suite Postjournal 9.0.0 Remote Command Execution_PACKETSTORM:212541 A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system command...	N/A	N/A	Dec 8, 2025	PACKETSTORM
MEDIUM 6.5	PACKETSTORM:212539	📄 ClipBucket 5.5.2 Build 90 Practical Exploitation Tool_PACKETSTORM:212539 An enhanced Python penetration testing tool designed specifically for ClipBucket video sharing platform vulnerability assessment and exploitation. ...	N/A	N/A	Dec 8, 2025	PACKETSTORM