LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.8	CVE-2025-32739	CVE-2025-32739_CVE-2025-32739 Improper conditions check in some firmware for some Intel(R) Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denia...	n/a	Intel(R) Graphics Drivers and Intel LTS kernels See references	Feb 10, 2026	CVE
LOW 3.9	CVE-2025-31648	CVE-2025-31648_CVE-2025-31648 Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adv...	n/a	Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (low), integrity (low) and availability (none) impacts. See references	Feb 10, 2026	CVE
LOW 3.3	CVE-2025-25058	CVE-2025-25058_CVE-2025-25058 Improper initialization for some ESXi kernel mode driver for the Intel(R) Ethernet 800-Series before version 2.2.2.0 (esxi 8.0) & 2.2.3.0 (esxi...	n/a	Intel(R) Ethernet 800-Series before version 2.2.2.0 (esxi 8.0) & 2.2.3.0 (esxi 9.0)	Feb 10, 2026	CVE
LOW 1	CVE-2026-23901	Apache Shiro: Brute force attack possible to determine valid user names_CVE-2026-23901 Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1., 2. before 2.0.7. Users are recommended t...	Apache Software Foundation	Apache Shiro	Feb 10, 2026	CVE
LOW 3.1	CVE-2026-24320	Memory Corruption vulnerability in SAP NetWeaver and ABAP Platform (Application Server ABAP)_CVE-2026-24320 Due to improper memory management in SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker could exploit logical err...	SAP_SE	SAP NetWeaver and ABAP Platform (Application Server ABAP) KRNL64NUC 7.22	Feb 10, 2026	CVE
LOW 3.4	CVE-2026-23686	CRLF Injection vulnerability in SAP NetWeaver Application Server Java_CVE-2026-23686 Due to a CRLF Injection vulnerability in SAP NetWeaver Application Server Java, an authenticated attacker with administrative access could submit s...	SAP_SE	SAP NetWeaver Application Server Java LMNWABASICAPPS 7.50	Feb 10, 2026	CVE
LOW 1.9	CVE-2026-25491	Craft has a Stored XSS in Entry Types Name_CVE-2026-25491 Craft is a platform for creating digital experiences. From 5.0.0-RC1 to 5.8.21, Craft has a stored XSS via Entry Type names. The name is not saniti...	craftcms	cms >= 5.0.0-RC1, < 5.8.22	Feb 9, 2026	CVE
LOW 1	CVE-2025-7432	DPA countermeasures not reseeded under certain conditions_CVE-2025-7432 DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. This may allow an attacker to eventually extract...	silabs.com	Simplicity SDK	Feb 9, 2026	CVE
LOW 2.1	CVE-2025-66606	CVE-2025-66606_CVE-2025-66606 A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker ...	Yokogawa Electric Corporation	FAST/TOOLS R9.01	Feb 9, 2026	CVE
LOW 2.1	CVE-2025-66605	CVE-2025-66605_CVE-2025-66605 A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on this webpage with the au...	Yokogawa Electric Corporation	FAST/TOOLS R9.01	Feb 9, 2026	CVE