LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.4	CVE-2025-55097	Potential out-of-bounds read in _ux_host_class_audio_streaming_sampling_get()_CVE-2025-55097 In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_...	Eclipse Foundation	USBX	Oct 17, 2025	CVE
LOW 1	CVE-2025-55098	Potential out-of-bounds read in _ux_host_class_audio_device_type_get()_CVE-2025-55098 In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_...	Eclipse Foundation	USBX	Oct 17, 2025	CVE
LOW 2.4	CVE-2025-55099	Potential out-of-bounds read in _ux_host_class_audio_alternate_setting_locate()_CVE-2025-55099 In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_...	Eclipse Foundation	USBX	Oct 17, 2025	CVE
LOW 2.4	CVE-2025-55100	Potential out-of-bounds read in _ux_host_class_audio10_sam_parse_func()_CVE-2025-55100 In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio1...	Eclipse Foundation	USBX	Oct 17, 2025	CVE
LOW 2.1	CVE-2025-11896	Stack overflow in Xpdf 4.05 due to object loop in PDF CMap_CVE-2025-11896 In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow.	Xpdf	Xpdf	Oct 16, 2025	CVE
LOW 3.8	CVE-2025-61924	PrestaShop Checkout Target PayPal merchant account hijacking from backoffice_CVE-2025-61924 PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versions prior to 4.4.1 and 5.0.5, the Target PayPal m...	PrestaShopCorp	ps_checkout < 4.4.1	Oct 16, 2025	CVE
LOW 3.8	CVE-2025-62412	LibreNMS alert-rules Cross-Site Scripting Vulnerability_CVE-2025-62412 LibreNMS is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts > Alert Rules page is not properly sanitiz...	librenms	librenms < 25.10.0	Oct 16, 2025	CVE
LOW 3.1	CVE-2025-54499	Insecure string comparison enables timing attacks_CVE-2025-54499 Mattermost versions 10.5.x	Mattermost	Mattermost 10.5.0	Oct 16, 2025	CVE
LOW 3.1	CVE-2025-10545	Guest user can add unauthorized team users to private channels_CVE-2025-10545 Mattermost versions 10.5.x	Mattermost	Mattermost 10.5.0	Oct 16, 2025	CVE
LOW 2.2	CVE-2025-56746	CVE-2025-56746_CVE-2025-56746 Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful authentication, enabling session fixation attacks...	n/a	n/a n/a	Oct 15, 2025	CVE