LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.5	CVE-2025-12734	Improper Encoding or Escaping of Output in GitLab_CVE-2025-12734 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that coul...	GitLab	GitLab 15.6	Dec 11, 2025	CVE
LOW 2.3	CVE-2025-14485	EFM ipTIME A3004T Administrator Password timepro.cgi show_debug_screen command injection_CVE-2025-14485 A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function show_debug_screen of the file /sess-bin/timepr...	EFM	ipTIME A3004T 14.19.0	Dec 11, 2025	CVE
LOW 3.5	CVE-2025-67646	TableProgressTracking’s missing CSRF protection allows unauthorized state changes_CVE-2025-67646 TableProgressTracking is a MediaWiki extension to track progress against specific criterion. Versions 1.2.0 and below do not enforce CSRF token val...	Telepedia	TableProgressTracking < 1.2.1	Dec 10, 2025	CVE
LOW 3.5	CVE-2025-67639	CVE-2025-67639_CVE-2025-67639 A cross-site request forgery (CSRF) vulnerability in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers to trick users into loggin...	Jenkins Project	Jenkins 2.541	Dec 10, 2025	CVE
LOW 1.9	CVE-2025-5467	Ubuntu Apport Insecure File Permissions Vulnerability_CVE-2025-5467 It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group owners...	Canonical	apport 2.20.11-0ubuntu82	Dec 10, 2025	CVE
LOW 3.5	CVE-2025-13127	XSS in TACAS Consulting’s GoldenHorn_CVE-2025-13127 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TAC Information Services Internal and ...	TAC Information Services Internal and External Trade Inc.	GoldenHorn	Dec 10, 2025	CVE
LOW 2.7	CVE-2025-14082	Keycloak-services: keycloak admin rest api: improper access control leads to sensitive role metadata information disclosure_CVE-2025-14082 A flaw was found in Keycloak Admin REST (Representational State Transfer) API. This vulnerability allows information disclosure of sensitive role m...	Red Hat	Red Hat Build of Keycloak	Dec 10, 2025	CVE
LOW 2.1	669316AC-3FCD-	Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Apple Mac_Os_X_669316AC-3FCD-51BA-AFA7-A33BEAE0CBCC CVE-1999-0524 A Bash script to check if systems are vulnerable to ICMP Timestamp Request Remote Date Disclosure CVE-1999-0524. How to use 1. Make s...	N/A	N/A	Dec 10, 2025	GITHUBEXPLOIT
LOW 3.7	CVE-2025-67500	Mastodon Error Handling Discrepancy Enables Private Status Existence Enumeration_CVE-2025-67500 Mastodon is a free, open-source social network server based on ActivityPub. Versions 4.2.27 and prior, 4.3.0-beta.1 through 4.3.14, 4.4.0-beta.1 th...	mastodon	mastodon < 4.2.28	Dec 9, 2025	CVE
LOW 3.3	CVE-2025-64787	Acrobat Reader \| Improper Verification of Cryptographic Signature (CWE-347)_CVE-2025-64787 Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification o...	Adobe	Acrobat Reader	Dec 9, 2025	CVE