| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-58873 | WordPress Pushe Web Push Notification Plugin <= 0.5.0 - Cross Site Scripting (XSS) Vulnerability | pusheco | Pushe Web Push Notification | Medium | 5.9 | 2025-09-05 13:45:48 | Deep Dive |
| CVE-2025-3701 | WordPress Malcure Malware Scanner plugin <= 16.8 - Broken Access Control vulnerability | Malcure Web Security | Malcure Malware Scanner | Medium | 4.3 | 2025-09-03 12:50:28 | Deep Dive |
| CVE-2025-58272 | NTT EAST Web Caster V130 跨站请求伪造漏洞 | NTT EAST, Inc. | Web Caster V130 | - | - | 2025-09-03 05:28:01 | Deep Dive |
| CVE-2024-28988 | SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability | SolarWinds | Web Help Desk | Critical | 9.8 | 2025-09-01 21:18:59 | Deep Dive |
| CVE-2025-9749 | HKritesh009 Grocery List Management Web App update.php sql injection | HKritesh009 | Grocery List Management Web App | High | 7.3 | 2025-08-31 22:32:06 | Deep Dive |
| CVE-2009-20011 | ContentKeeper Web Appliance < 125.10 RCE via mimencode | ContentKeeper Technologies | ContentKeeper Web Appliance | 中危 | - | 2025-08-30 13:46:01 | Deep Dive |
| CVE-2025-48309 | WordPress BetPress plugin <= 1.0.1 Lite - CSRF to Stored XSS vulnerability | web-able | BetPress | High | 7.1 | 2025-08-28 12:36:51 | Deep Dive |
| CVE-2025-57846 | Digital Arts i-FILTER 安全漏洞 | Digital Arts Inc. | i-フィルター 6.0 | 高危 | - | 2025-08-27 05:28:43 | Deep Dive |
| CVE-2025-57805 | The Scratch Channel's Publish Articles POST Request Can Upload Articles Without Validation | The-Scratch-Channel | tsc-web-client | - | - | 2025-08-25 21:15:51 | Deep Dive |
| CVE-2025-6791 | Second order SQL injection available to user with low privilege | Centreon | web | High | 8.8 | 2025-08-22 18:56:28 | Deep Dive |
| CVE-2025-4650 | User with high privileges is able to introduce a SQLi using the Meta Service indicator page | Centreon | web | High | 7.2 | 2025-08-22 18:50:42 | Deep Dive |
| CVE-2010-20109 | Barracuda Spam & Virus Firewall "locale" Path Traversal | Barracuda Networks | Spam & Virus Firewall | - | - | 2025-08-21 20:09:04 | Deep Dive |
| CVE-2009-10005 | ContentKeeper Web Appliance < 125.10 Arbitrary File Access via mimencode | ContentKeeper Technologies | Web Appliance | - | - | 2025-08-20 15:31:58 | Deep Dive |
| CVE-2025-8066 | Bunker Web 1.6.2 - Uncontrolled external site redirect | Bunkerity | Bunker Web | - | - | 2025-08-15 16:10:42 | Deep Dive |
| CVE-2025-7650 | BizCalendar Web <= 1.1.0.53 - Authenticated (Contributor+) Local File Inclusion | setriosoft | BizCalendar Web | High | 7.5 | 2025-08-15 08:25:38 | Deep Dive |
| CVE-2025-8013 | Quttera Web Malware Scanner <= 3.5.1.41 - Authenticated (Administrator+) Server-Side Request Forgery | quttera | Quttera ThreatSign – Web Malware Scanner for WordPress | Low | 3.8 | 2025-08-15 06:40:41 | Deep Dive |
| CVE-2025-54054 | WordPress 12 Step Meeting List Plugin <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability | AA Web Servant | 12 Step Meeting List | Medium | 6.5 | 2025-08-14 18:21:49 | Deep Dive |
| CVE-2025-8941 | Linux-pam: incomplete fix for cve-2025-6020 | - | - | High | 7.8 | 2025-08-13 14:42:38 | Deep Dive |
| CVE-2025-54791 | OMERO.web displays unecessary user information when requesting to reset the password | ome | omero-web | Medium | 5.3 | 2025-08-13 14:08:20 | Deep Dive |
| CVE-2025-53772 | Web Deploy Remote Code Execution Vulnerability | Microsoft | Web Deploy 4.0 | High | 8.8 | 2025-08-12 17:09:51 | Deep Dive |