LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.3	CVE-2025-23346	CVE-2025-23346_CVE-2025-23346 NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit o...	NVIDIA	NVIDIA CUDA Toolkit All versions prior to CUDA Toolkit 13.0	Sep 24, 2025	CVE
LOW 3.6	C878ACF6-87A4-	Exploit for Link Following in 7-Zip_C878ACF6-87A4-5B6A-80A8-39531DF137C6 🛠️ CVE-2025-55188-7z-exploit - A Simple Proof of Concept Tool 🚀 Getting Started...	N/A	N/A	Sep 24, 2025	GITHUBEXPLOIT
LOW 3.3	CVE-2025-0672	Authentication Bypass in Multiple WSO2 Products via Stale FIDO Credential Association_CVE-2025-0672 An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the sy...	WSO2	WSO2 Identity Server as Key Manager	Sep 23, 2025	CVE
LOW 2.4	CVE-2025-59546	DNN Vulnerable to Stored XSS Using Backend Admin Credentials_CVE-2025-59546 DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 10.1.0, administrato...	dnnsoftware	Dnn.Platform < 10.1.0	Sep 23, 2025	CVE
LOW 3.8	CVE-2025-58012	WordPress Content Mask Plugin <= 1.8.5.2 - Insecure Direct Object References (IDOR) Vulnerability_CVE-2025-58012 Authorization Bypass Through User-Controlled Key vulnerability in Alex Content Mask allows Exploiting Incorrectly Configured Access Control Securit...	Alex	Content Mask n/a	Sep 22, 2025	CVE
LOW 3.8	CVE-2025-58009	WordPress CP Multi View Event Calendar Plugin <= 1.4.32 - Broken Access Control Vulnerability_CVE-2025-58009 Missing Authorization vulnerability in codepeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Le...	codepeople	CP Multi View Event Calendar n/a	Sep 22, 2025	CVE
LOW 2.7	CVE-2025-59526	Mailgen: HTML injection vulnerability in plaintext e-mails_CVE-2025-59526 mailgen is a Node.js package that generates responsive HTML e-mails for sending transactional mail. Prior to version 2.0.30, there is an HTML injec...	eladnava	mailgen < 2.0.30	Sep 22, 2025	CVE
LOW 2.3	CVE-2025-10778	Smartstore Gift Voucher confirm race condition_CVE-2025-10778 A vulnerability has been found in Smartstore up to 6.2.0. The affected element is an unknown function of the file /checkout/confirm/ of the compone...	n/a	Smartstore 6.0	Sep 22, 2025	CVE
LOW 2	CVE-2025-10767	CosmodiumCS OnlyRAT Configuration File main.py remote_download os command injection_CVE-2025-10767 A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. The affected element is the function connect/remote_upload/remote_download of the fi...	CosmodiumCS	OnlyRAT 3.0	Sep 21, 2025	CVE
LOW 3.1	CVE-2025-9081	IDOR in board file download allows any user to download any file by UUID_CVE-2025-9081 Mattermost versions 10.5.x	Mattermost	Mattermost 10.5.0	Sep 19, 2025	CVE