LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.1	CVE-2025-62655	SQL injection in Cargo via Special:CargoExport_CVE-2025-62655 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation MediaWiki Cargo exte...	The Wikimedia Foundation	MediaWiki Cargo extension 1.39	Oct 17, 2025	CVE
LOW 3.4	CVE-2025-62643	CVE-2025-62643_CVE-2025-62643 The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages.	Restaurant Brands International	assistant platform	Oct 17, 2025	CVE
LOW 3	CVE-2025-62505	SSRF in lobehub/lobe-chat with native web fetch module_CVE-2025-62505 LobeChat is an open source chat application platform. The web-crawler package in LobeChat version 1.136.1 allows server-side request forgery (SSRF)...	lobehub	lobe-chat < 1.136.2	Oct 17, 2025	CVE
LOW 2	CVE-2025-58747	Dify MCP OAuth Flow Vulnerable to XSS_CVE-2025-58747 Dify is an LLM application development platform. In Dify versions through 1.9.1, the MCP OAuth component is vulnerable to cross-site scripting when...	langgenius	dify <= 1.9.1	Oct 17, 2025	CVE
LOW 2.8	CVE-2025-60361	CVE-2025-60361_CVE-2025-60361 radare2 v5.9.8 and before contains a memory leak in the function bochs_open.	n/a	n/a n/a	Oct 17, 2025	CVE
LOW 3.3	CVE-2025-60360	CVE-2025-60360_CVE-2025-60360 radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.	n/a	n/a n/a	Oct 17, 2025	CVE
LOW 2.1	CVE-2025-55096	Inadequate bounds check and potential underflow in _ux_host_class_hid_report_descriptor_get()_CVE-2025-55096 In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_hid_re...	Eclipse Foundation	NetX Duo	Oct 17, 2025	CVE
LOW 2.4	CVE-2025-55097	Potential out-of-bounds read in _ux_host_class_audio_streaming_sampling_get()_CVE-2025-55097 In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_...	Eclipse Foundation	USBX	Oct 17, 2025	CVE
LOW 1	CVE-2025-55098	Potential out-of-bounds read in _ux_host_class_audio_device_type_get()_CVE-2025-55098 In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_...	Eclipse Foundation	USBX	Oct 17, 2025	CVE
LOW 2.4	CVE-2025-55099	Potential out-of-bounds read in _ux_host_class_audio_alternate_setting_locate()_CVE-2025-55099 In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_...	Eclipse Foundation	USBX	Oct 17, 2025	CVE