| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-61664 | Grub2: missing unregister call for normal_exit command may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:55 | Deep Dive |
| CVE-2025-61663 | Grub2: missing unregister call for normal commands may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:53 | Deep Dive |
| CVE-2025-61662 | Grub2: missing unregister call for gettext command may lead to use-after-free | GNU | grub2 | High | 7.8 | 2025-11-18 18:20:48 | Deep Dive |
| CVE-2025-61661 | Grub2: grub2: out-of-bounds write via malicious usb device | GNU | grub2 | Medium | 4.8 | 2025-11-18 18:20:42 | Deep Dive |
| CVE-2025-54771 | Grub2: use-after-free in grub_file_close() | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:40 | Deep Dive |
| CVE-2025-13193 | Libvirt: information disclosure via world-readable vm snapshots | - | - | Medium | 5.5 | 2025-11-17 17:03:48 | Deep Dive |
| CVE-2025-13033 | Nodemailer: nodemailer: email to an unintended domain can occur due to interpretation conflict | nodemailer | nodemailer | High | 7.5 | 2025-11-14 19:37:08 | Deep Dive |
| CVE-2025-11538 | Keycloak-server: debug default bind address | Keycloak | keycloak | Medium | 6.8 | 2025-11-13 16:47:54 | Deep Dive |
| CVE-2025-59089 | Python-kdcproxy: remote dos via unbounded tcp upstream buffering | latchset | kdcproxy | Medium | 5.9 | 2025-11-12 16:40:51 | Deep Dive |
| CVE-2025-2843 | Observability-operator: observability operator privilege escalation | rhobs | observability-operator | High | 8.8 | 2025-11-12 16:36:05 | Deep Dive |
| CVE-2025-59088 | Python-kdcproxy: unauthenticated ssrf via realm‑controlled dns srv | latchset | kdcproxy | High | 8.6 | 2025-11-12 16:35:28 | Deep Dive |
| CVE-2025-12748 | Libvirt: denial of service in xml parsing | - | - | Medium | 5.5 | 2025-11-11 19:49:32 | Deep Dive |
| CVE-2025-10230 | Samba: command injection in wins server hook script | - | - | Critical | 10.0 | 2025-11-07 19:42:07 | Deep Dive |
| CVE-2025-12789 | Rhsso: open redirect | Red Hat | Red Hat Single Sign-On 7 | Medium | 6.1 | 2025-11-06 23:20:50 | Deep Dive |
| CVE-2024-12125 | 3scale-porta: readonly fields not validated server-side | 3scale | porta | High | 7.5 | 2025-11-06 21:50:41 | Deep Dive |
| CVE-2025-12790 | Rubygem-mqtt: rubygem-mqtt hostname validation | Nicholas J Humfrey | ruby-mqtt | High | 7.4 | 2025-11-06 21:07:35 | Deep Dive |
| CVE-2025-10622 | Foreman: os command injection via ct_location and fcct_location parameters | The Foreman | Foreman | High | 8.0 | 2025-11-05 07:32:14 | Deep Dive |
| CVE-2025-12464 | Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode | - | - | Medium | 6.2 | 2025-10-31 21:15:49 | Deep Dive |
| CVE-2025-62229 | Xorg: xmayland: use-after-free in xpresentnotify structure creation | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:28:48 | Deep Dive |
| CVE-2025-62230 | Xorg: xwayland: use-after-free in xkb client resource removal | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:19:40 | Deep Dive |