| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-20379 | Risky command safeguards bypass using the “/services/streams/search“ REST endpoint through “q“ parameter in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 3.5 | 2025-11-12 17:23:01 | Deep Dive |
| CVE-2025-20378 | Open Redirect on Web Login endpoint in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 3.1 | 2025-11-12 17:22:57 | Deep Dive |
| CVE-2025-10230 | Samba: command injection in wins server hook script | - | - | Critical | 10.0 | 2025-11-07 19:42:07 | Deep Dive |
| CVE-2025-12862 | projectworlds Online Notes Sharing Platform userprofile.php unrestricted upload | projectworlds | Online Notes Sharing Platform | Medium | 6.3 | 2025-11-07 16:32:06 | Deep Dive |
| CVE-2024-12125 | 3scale-porta: readonly fields not validated server-side | 3scale | porta | High | 7.5 | 2025-11-06 21:50:41 | Deep Dive |
| CVE-2025-22288 | WordPress Smush Image Compression and Optimization plugin <= 3.17.0 - Directory Traversal vulnerability | WPMU DEV - Your All-in-One WordPress Platform | Smush Image Compression and Optimization | 中危 | - | 2025-11-06 15:53:18 | Deep Dive |
| CVE-2025-12464 | Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode | - | - | Medium | 6.2 | 2025-10-31 21:15:49 | Deep Dive |
| CVE-2025-64095 | DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite | dnnsoftware | Dnn.Platform | Critical | 10.0 | 2025-10-28 21:46:11 | Deep Dive |
| CVE-2025-64094 | DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload | dnnsoftware | Dnn.Platform | Medium | 6.4 | 2025-10-28 21:44:31 | Deep Dive |
| CVE-2025-62802 | DNN CKEditor Provider allows unauthenticated upload out-of-the-box | dnnsoftware | Dnn.Platform | Medium | 4.3 | 2025-10-28 21:42:08 | Deep Dive |
| CVE-2025-41009 | SQL injection on the virtual campus platform of Diseño de Recursos Educativos | Disenno de Recursos Educativos S.L | virtual campus platform | - | - | 2025-10-27 11:35:35 | Deep Dive |
| CVE-2025-11682 | Stored Cross-Site Scripting in Perx Customer Engagement & Loyalty Platform | Perx Technologies | Customer Engagement & Loyalty Platform | - | - | 2025-10-27 07:39:54 | Deep Dive |
| CVE-2025-62048 | WordPress SmartCrawl plugin <= 3.14.3 - Broken Access Control vulnerability | WPMU DEV - Your All-in-One WordPress Platform | SmartCrawl | Medium | 5.4 | 2025-10-22 14:32:52 | Deep Dive |
| CVE-2025-62646 | Restaurant Brands International assistant platform 安全漏洞 | Restaurant Brands International | assistant platform | Medium | 5.0 | 2025-10-17 00:00:00 | Deep Dive |
| CVE-2025-62650 | Restaurant Brands International assistant platform 安全漏洞 | Restaurant Brands International | assistant platform | High | 8.3 | 2025-10-17 00:00:00 | Deep Dive |
| CVE-2025-62649 | Restaurant Brands International assistant platform 安全漏洞 | Restaurant Brands International | assistant platform | Medium | 5.8 | 2025-10-17 00:00:00 | Deep Dive |
| CVE-2025-62651 | Restaurant Brands International assistant platform 安全漏洞 | Restaurant Brands International | assistant platform | Medium | 6.5 | 2025-10-17 00:00:00 | Deep Dive |
| CVE-2025-62648 | Restaurant Brands International assistant platform 安全漏洞 | Restaurant Brands International | assistant platform | Medium | 6.4 | 2025-10-17 00:00:00 | Deep Dive |
| CVE-2025-62647 | Restaurant Brands International assistant platform 安全漏洞 | Restaurant Brands International | assistant platform | Medium | 5.0 | 2025-10-17 00:00:00 | Deep Dive |
| CVE-2025-62645 | Restaurant Brands International assistant platform 安全漏洞 | Restaurant Brands International | assistant platform | Critical | 9.9 | 2025-10-17 00:00:00 | Deep Dive |