LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2	CVE-2025-9383	FNKvision Y215 CCTV Camera passwd crypt weak hash_CVE-2025-9383 A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This issue affects the function crypt of the file /etc/pass...	FNKvision	Y215 CCTV Camera 10.194.120.40	Aug 24, 2025	CVE
LOW 1	CVE-2025-9381	FNKvision Y215 CCTV Camera wpa_supplicant.conf information disclosure_CVE-2025-9381 A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpa_supplicant.conf....	FNKvision	Y215 CCTV Camera 10.194.120.40	Aug 24, 2025	CVE
LOW 2.1	CVE-2025-54812	Apache Log4cxx: Improper HTML escaping in HTMLLayout_CVE-2025-54812 Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writin...	Apache Software Foundation	Apache Log4cxx	Aug 22, 2025	CVE
LOW 2.5	CVE-2025-55745	UnoPim Quick Export feature is vulnerable to CSV injection_CVE-2025-55745 UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Versions 0.3.0 and prior are vulnerable to CSV...	unopim	unopim < 0.3.1	Aug 22, 2025	CVE
LOW 2.1	CVE-2025-43753	CVE-2025-43753_CVE-2025-43753 A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7,...	Liferay	Portal 7.4.3.32	Aug 21, 2025	CVE
LOW 3.5	CVE-2025-55523	CVE-2025-55523_CVE-2025-55523 An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to execute a directory traversal.	n/a	n/a n/a	Aug 21, 2025	CVE
LOW 2	CVE-2025-9309	Tenda AC10 MD5 Hash shadow hard-coded credentials_CVE-2025-9309 A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etc_ro/shadow of the component MD5 Hash Handler. ...	Tenda	AC10 16.03.10.13	Aug 21, 2025	CVE
LOW 3.5	CVE-2025-47700	AI plugin APIs can be triggered using post actions_CVE-2025-47700 Mattermost Server versions 10.5.x	Mattermost	Mattermost 10.10.0	Aug 21, 2025	CVE
LOW 3.8	CVE-2025-53971	Channel and Team Membership APIs inadvertently allow loss of Member privileges._CVE-2025-53971 Mattermost versions 10.5.x	Mattermost	Mattermost 10.5.0	Aug 21, 2025	CVE
LOW 3.5	CVE-2025-49810	Thread summarization allows persistent access to channel_CVE-2025-49810 Mattermost versions 10.5.x	Mattermost	Mattermost 10.5.0	Aug 21, 2025	CVE