LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2	CVE-2025-13611	Insertion of Sensitive Information into Log File in GitLab_CVE-2025-13611 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that coul...	GitLab	GitLab 13.2	Nov 26, 2025	CVE
LOW 3.6	CVE-2025-66040	Spotipy has a XSS vulnerability in OAuth callback server_CVE-2025-66040 Spotipy is a Python library for the Spotify Web API. Prior to version 2.25.2, there is a cross-site scripting (XSS) vulnerability in the OAuth call...	spotipy-dev	spotipy < 2.25.2	Nov 26, 2025	CVE
LOW 3.2	CVE-2025-55174	CVE-2025-55174_CVE-2025-55174 In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial co...	KDE	Skanpage	Nov 26, 2025	CVE
LOW 2.3	CVE-2025-33200	CVE-2025-33200_CVE-2025-33200 NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of th...	NVIDIA	DGX Spark All versions prior to OTA0	Nov 25, 2025	CVE
LOW 3.2	CVE-2025-33199	CVE-2025-33199_CVE-2025-33199 NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful explo...	NVIDIA	DGX Spark All versions prior to OTA0	Nov 25, 2025	CVE
LOW 3.3	CVE-2025-33198	CVE-2025-33198_CVE-2025-33198 NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of th...	NVIDIA	DGX Spark All versions prior to OTA0	Nov 25, 2025	CVE
LOW 3.3	CVE-2025-65961	Contao is vulnerable to cross-site scripting in templates_CVE-2025-65961 Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, it is possible to inject code into the templat...	contao	contao >= 4.0.0, < 4.13.57	Nov 25, 2025	CVE
LOW 2.7	CVE-2025-65942	VictoriaMetrics Snappy Decoder DoS Vulnerability is Causing OOM_CVE-2025-65942 VictoriaMetrics is a scalable solution for monitoring and managing time series data. In versions from 1.0.0 to before 1.110.23, from 1.111.0 to bef...	VictoriaMetrics	VictoriaMetrics >= 1.0.0, < 1.110.23	Nov 25, 2025	CVE
LOW 1	MS:CVE-2025-12888	Constant Time Issue with Xtensa-based ESP32 and X22519_MS:CVE-2025-12888 {“lastseen”:”2025-11-26T01:37:34″,”description”:””,”published”:”2025-11-25T01:01:...	N/A	N/A	Nov 25, 2025	MSCVE
LOW 2.1	MS:CVE-2025-11931	Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt_MS:CVE-2025-11931 {“lastseen”:”2025-11-26T01:37:33″,”description”:””,”published”:”2025-11-25T01:02:...	N/A	N/A	Nov 25, 2025	MSCVE