| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2020-36879 | Flexsense DiskBoss Service Unquoted Service Path Vulnerability | Flexsense | DiskBoss | 中危 | - | 2025-12-05 17:18:10 | Deep Dive |
| CVE-2020-36877 | ReQuest Serious Play F3 Media Server <= 7.0.3 code execution | ReQuest Serious Play LLC | ReQuest Serious Play Pro | 中危 | - | 2025-12-05 17:16:50 | Deep Dive |
| CVE-2020-36876 | ReQuest Serious Play F3 Media Server <= 7.0.3 Debug Log Disclosure2020 | ReQuest Serious Play LLC | ReQuest Serious Play Pro | 中危 | - | 2025-12-05 17:13:39 | Deep Dive |
| CVE-2025-65036 | XWiki Remote Macros vulnerable to remote code execution using the confluence details summary macro | xwikisas | xwiki-pro-macros | High | 8.3 | 2025-12-05 16:10:09 | Deep Dive |
| CVE-2025-13685 | Photo Gallery by Ays <= 6.4.8 - Cross-Site Request Forgery to Bulk Actions | ays-pro | Photo Gallery by Ays – Responsive Image Gallery | Medium | 4.3 | 2025-12-02 06:40:25 | Deep Dive |
| CVE-2025-13381 | AI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.0 - Missing Authorization to Unauthenticated Media File Uploads | ays-pro | AI ChatBot with ChatGPT and Content Generator by AYS | Medium | 5.3 | 2025-11-27 09:27:50 | Deep Dive |
| CVE-2025-13378 | AI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.0 - Unauthenticated Server-Side Request Forgery via 'pinecone_url' Parameter | ays-pro | AI ChatBot with ChatGPT and Content Generator by AYS | Medium | 6.5 | 2025-11-27 09:27:48 | Deep Dive |
| CVE-2025-13559 | EduKart Pro <= 1.0.3 - Unauthenticated Privilege Escalation | venusweb | EduKart Pro | Critical | 9.8 | 2025-11-25 04:38:01 | Deep Dive |
| CVE-2025-7402 | Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.95 - Unauthenticated SQL Injection via site_id | scripteo | Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager | High | 7.5 | 2025-11-24 04:36:41 | Deep Dive |
| CVE-2025-65089 | XWiki view file macro: User can view content of office file without view rights on the attachment | xwikisas | xwiki-pro-macros | Medium | 6.8 | 2025-11-19 17:41:32 | Deep Dive |
| CVE-2025-11243 | Allocation of Resources Without Limits or Throttling in Shelly Pro 4PM | Shelly | Pro 4PM | - | - | 2025-11-19 06:50:09 | Deep Dive |
| CVE-2025-12056 | Out-of-bounds Read in Shelly Pro 3EM | Shelly | Pro 3EM | - | - | 2025-11-19 06:46:10 | Deep Dive |
| CVE-2025-12426 | Quiz Maker <= 6.7.0.80 - Unauthenticated Sensitive Information Exposure | ays-pro | Quiz Maker | Medium | 5.3 | 2025-11-19 04:28:19 | Deep Dive |
| CVE-2021-4465 | ReQuest Serious Play F3 Media Server <= 7.0.3 Remote DoS | ReQuest Serious Play LLC | ReQuest Serious Play Pro | 中危 | - | 2025-11-14 22:51:28 | Deep Dive |
| CVE-2025-12785 | Certain HP LaserJet Pro Printers – Potential Information Disclosure | HP Inc | HP Color LaserJet MFP M478-M479 series | 中危 | - | 2025-11-13 17:38:09 | Deep Dive |
| CVE-2025-12784 | Certain HP LaserJet Pro Printers – Potential Information Disclosure | HP Inc | HP Color LaserJet MFP M478-M479 series | 中危 | - | 2025-11-13 17:35:09 | Deep Dive |
| CVE-2025-64276 | WordPress Survey Maker plugin <= 5.1.9.4 - Broken Access Control vulnerability | Ays Pro | Survey Maker | 中危 | - | 2025-11-13 09:24:32 | Deep Dive |
| CVE-2025-12620 | Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 6.0.7 - Authenticated (Administrator+) SQL Injection via `filterbyauthor` Parameter | ays-pro | Poll Maker – Versus Polls, Anonymous Polls, Image Polls | Medium | 4.9 | 2025-11-13 05:30:40 | Deep Dive |
| CVE-2025-12891 | Survey Maker <= 5.1.9.4 - Missing Authorization to Unauthenticated Information Exposure | ays-pro | Survey Maker | Medium | 5.3 | 2025-11-13 04:28:01 | Deep Dive |
| CVE-2025-12892 | Survey Maker <= 5.1.9.4 - Missing Authorization to Unauthenticated Limited Option Update | ays-pro | Survey Maker | Medium | 5.3 | 2025-11-13 03:27:38 | Deep Dive |