LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2	CVE-2025-9725	Cudy LT500E Web shadow hard-coded password_CVE-2025-9725 A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of the file /squashfs-root/etc/shadow of the component ...	Cudy	LT500E 2.3.0	Aug 31, 2025	CVE
LOW 2.3	CVE-2025-9688	Mupen64Plus is_viewer.c write_is_viewer integer overflow_CVE-2025-9688 A security vulnerability has been detected in Mupen64Plus up to 2.6.0. The affected element is the function write_is_viewer of the file src/device/...	n/a	Mupen64Plus 2.0	Aug 30, 2025	CVE
LOW 3.4	CVE-2025-48979	CVE-2025-48979_CVE-2025-48979 An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.	Ubiquiti Inc	UISP Application 2.4.220	Aug 28, 2025	CVE
LOW 3.3	CVE-2025-43255	CVE-2025-43255_CVE-2025-43255 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, macOS Ventura 13...	Apple	macOS unspecified	Aug 29, 2025	CVE
LOW 2.3	CVE-2025-58160	Tracing logging user input may result in poisoning logs with ANSI escape sequences_CVE-2025-58160 tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-...	tokio-rs	tracing < 0.3.20	Aug 29, 2025	CVE
LOW 1.9	CVE-2025-58156	Centurion ERP users can view hashed authentication tokens that belong to other users_CVE-2025-58156 Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all ...	nofusscomputing	centurion_erp >= 1.12.0, < 1.21.0	Aug 29, 2025	CVE
LOW 2.3	CVE-2025-30265	QTS, QuTS hero_CVE-2025-30265 A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they...	QNAP Systems Inc.	QTS 5.2.x	Aug 29, 2025	CVE
LOW 2.3	CVE-2025-44015	HybridDesk Station_CVE-2025-44015 A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit ...	QNAP Systems Inc.	HybridDesk Station 4.2.x	Aug 29, 2025	CVE
LOW 2.7	CVE-2025-55202	Opencast has a partial path traversal vulnerability in UI config_CVE-2025-55202 Opencast is a free, open-source platform to support the management of educational audio and video content. In version 18.0 and versions before 17.7...	opencast	opencast < 17.7	Aug 29, 2025	CVE
LOW 1.8	CVE-2025-54080	Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file_CVE-2025-54080 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read w...	Exiv2	exiv2 < 0.28.6	Aug 29, 2025	CVE