| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-20388 | Blind Server Side Request Forgery (SSRF) through Distributed Search Peers in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 2.7 | 2025-12-03 17:00:59 | Deep Dive |
| CVE-2025-20389 | Improper Input Validation in "label" column field in Splunk Secure Gateway App | Splunk | Splunk Enterprise | Medium | 4.3 | 2025-12-03 17:00:55 | Deep Dive |
| CVE-2025-20383 | Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app | Splunk | Splunk Enterprise | Medium | 4.3 | 2025-12-03 17:00:36 | Deep Dive |
| CVE-2025-20384 | Unauthenticated Log Injection in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 5.3 | 2025-12-03 17:00:34 | Deep Dive |
| CVE-2025-20385 | Stored Cross-Site scripting (XSS) through Anchor Tag "href" in Navigation Bar Collections in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 2.4 | 2025-12-03 17:00:30 | Deep Dive |
| CVE-2025-20382 | URL validation bypass through Views Dashboard in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 3.5 | 2025-12-03 17:00:22 | Deep Dive |
| CVE-2025-53841 | Akamai Guardicore Platform Agent 安全漏洞 | Akamai | Guardicore Platform Agent | High | 7.8 | 2025-12-03 00:00:00 | Deep Dive |
| CVE-2025-55749 | The XWiki Jetty package (XJetty) allows accessing any application file through URL | xwiki | xwiki-platform | - | - | 2025-12-01 20:09:46 | Deep Dive |
| CVE-2021-4472 | Python-mistralclient: mistral-dashboard: local file inclusion through the 'create workbook' feature | Red Hat | Red Hat OpenStack Platform 13 (Queens) | Medium | 6.5 | 2025-11-26 18:31:10 | Deep Dive |
| CVE-2025-13601 | Glib: integer overflow in in g_escape_uri_string() | - | - | High | 7.7 | 2025-11-26 14:44:23 | Deep Dive |
| CVE-2025-13206 | GiveWP - Donation Plugin and Fundraising Platform <= 4.13.0 - Unauthenticated Stored Cross-Site Scripting via 'name' | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | High | 7.2 | 2025-11-19 07:46:08 | Deep Dive |
| CVE-2025-54770 | Grub2: use-after-free in net_set_vlan | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:30:10 | Deep Dive |
| CVE-2025-61664 | Grub2: missing unregister call for normal_exit command may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:55 | Deep Dive |
| CVE-2025-61663 | Grub2: missing unregister call for normal commands may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:53 | Deep Dive |
| CVE-2025-61662 | Grub2: missing unregister call for gettext command may lead to use-after-free | GNU | grub2 | High | 7.8 | 2025-11-18 18:20:48 | Deep Dive |
| CVE-2025-61661 | Grub2: grub2: out-of-bounds write via malicious usb device | GNU | grub2 | Medium | 4.8 | 2025-11-18 18:20:42 | Deep Dive |
| CVE-2025-54771 | Grub2: use-after-free in grub_file_close() | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:40 | Deep Dive |
| CVE-2025-13265 | lsfusion platform ZipUtils.java unpackFile path traversal | lsfusion | platform | Medium | 6.3 | 2025-11-17 05:32:06 | Deep Dive |
| CVE-2025-13262 | lsfusion platform UploadFileRequestHandler.java UploadFileRequestHandler path traversal | lsfusion | platform | High | 7.3 | 2025-11-17 04:02:05 | Deep Dive |
| CVE-2025-13261 | lsfusion platform DownloadFileRequestHandler.java DownloadFileRequestHandler path traversal | lsfusion | platform | Medium | 5.3 | 2025-11-17 03:32:05 | Deep Dive |