| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-10559 | Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x | Dassault Systèmes | DELMIA Factory Resource Manager | High | 7.1 | 2026-03-31 08:41:43 | Deep Dive |
| CVE-2025-10553 | Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x | Dassault Systèmes | DELMIA Factory Resource Manager | High | 8.7 | 2026-03-31 08:41:36 | Deep Dive |
| CVE-2026-23659 | Azure Data Factory Information Disclosure Vulnerability | Microsoft | Azure Data Factory | High | 8.6 | 2026-03-19 21:06:24 | Deep Dive |
| CVE-2026-3675 | Freedom Factory dGEN1 org.ethosmobile.ethoslauncher FakeAppReceiver improper authorization | Freedom Factory | dGEN1 | Medium | 5.3 | 2026-03-07 22:02:07 | Deep Dive |
| CVE-2026-3674 | Freedom Factory dGEN1 org.ethosmobile.ethoslauncher FakeAppProvider improper authorization | Freedom Factory | dGEN1 | Medium | 5.3 | 2026-03-07 21:32:15 | Deep Dive |
| CVE-2026-3671 | Freedom Factory dGEN1 org.ethereumphone.walletmanager.testing123 TokenBalanceContentProvider improper authorization | Freedom Factory | dGEN1 | Low | 3.3 | 2026-03-07 21:32:09 | Deep Dive |
| CVE-2026-3670 | Freedom Factory dGEN1 com.dgen.alarm improper authorization | Freedom Factory | dGEN1 | Medium | 5.3 | 2026-03-07 18:32:10 | Deep Dive |
| CVE-2026-3669 | Freedom Factory dGEN1 com.dgen.alarm AlarmService improper authorization | Freedom Factory | dGEN1 | Medium | 5.3 | 2026-03-07 18:32:08 | Deep Dive |
| CVE-2026-3668 | Freedom Factory dGEN1 org.ethosmobile.webpwaemul AndroidEthereum access control | Freedom Factory | dGEN1 | Low | 3.1 | 2026-03-07 16:02:08 | Deep Dive |
| CVE-2026-3667 | Freedom Factory dGEN1 org.ethosmobile.ethoslauncher FakeAppService improper authorization | Freedom Factory | dGEN1 | Medium | 5.3 | 2026-03-07 15:32:11 | Deep Dive |
| CVE-2025-67632 | WordPress Google AdSense for Responsive Design – GARD plugin <= 2.23 - Cross Site Scripting (XSS) vulnerability | The Plugin Factory | Google AdSense for Responsive Design – GARD | Medium | 5.9 | 2025-12-24 13:10:24 | Deep Dive |
| CVE-2025-61784 | LLaMA Factory's Chat API has Critical SSRF and LFI Vulnerabilities | hiyouga | LLaMA-Factory | High | 7.6 | 2025-10-07 19:01:40 | Deep Dive |
| CVE-2025-7778 | Icons Factory <= 1.6.12 - Missing Authorization to Unauthenticated Arbitrary File Deletion via delete_files() Function | artkrylov | Icons Factory | Critical | 9.8 | 2025-08-15 08:25:39 | Deep Dive |
| CVE-2025-54415 | dag-factory's CI/CD Workflow Allows for Repository Takeover and Secret Exfiltration | astronomer | dag-factory | 超危 | - | 2025-07-26 03:33:40 | Deep Dive |
| CVE-2025-53002 | LLaMA-Factory Remote Code Execution (RCE) Vulnerability | hiyouga | LLaMA-Factory | High | 8.3 | 2025-06-26 14:40:53 | Deep Dive |
| CVE-2025-46567 | LLaMA-Factory Allows Arbitrary Code Execution via Unsafe Deserialization in Ilamafy_baichuan2.py | hiyouga | LLaMA-Factory | Medium | 6.1 | 2025-05-01 17:20:41 | Deep Dive |
| CVE-2024-10083 | Schneider Electric EcoStruxure Control Expert、EcoStruxure Process Expert和OPC Factory Server 输入验证错误漏洞 | Schneider Electric | Uni-Telway driver | Medium | 5.5 | 2025-02-13 05:40:14 | Deep Dive |
| CVE-2024-22038 | DoS attacks, information leaks etc. with crafted Git repositories in obs-scm-bridge | SUSE | openSUSE Factory | High | 7.3 | 2024-11-28 09:38:03 | Deep Dive |
| CVE-2024-52803 | LLama Factory Remote OS Command Injection Vulnerability | hiyouga | LLaMA-Factory | High | 7.5 | 2024-11-21 16:53:18 | Deep Dive |
| CVE-2024-9925 | SQL injection in QPLANT by TAI Smart Factory | TAI Smart Factory | QPLANT SF | Critical | 9.8 | 2024-10-15 08:41:00 | Deep Dive |