| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-60019 | Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based() | - | - | Low | 3.7 | 2025-09-25 15:53:03 | Deep Dive |
| CVE-2025-60018 | Glib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()" | - | - | Medium | 4.8 | 2025-09-25 15:52:58 | Deep Dive |
| CVE-2025-10911 | Libxslt: use-after-free with key data stored cross-rvt | - | - | Medium | 5.5 | 2025-09-25 15:13:14 | Deep Dive |
| CVE-2025-10894 | Nx: nx/devkit: malicious versions of nx and plugins published to npm | - | - | Critical | 9.6 | 2025-09-24 21:20:31 | Deep Dive |
| CVE-2025-9900 | Libtiff: libtiff write-what-where | - | - | High | 8.8 | 2025-09-23 16:26:23 | Deep Dive |
| CVE-2025-5962 | Rhel-lightspeed: improper access control in lightspeed history management allows local privilege manipulation | Red Hat | Red Hat Enterprise Linux 10 | High | 7.7 | 2025-09-22 08:04:40 | Deep Dive |
| CVE-2025-4953 | Podman: build context bind mount | - | - | High | 7.4 | 2025-09-16 14:54:50 | Deep Dive |
| CVE-2025-8277 | Libssh: memory exhaustion via repeated key exchange in libssh | - | - | Low | 3.1 | 2025-09-09 11:55:39 | Deep Dive |
| CVE-2025-10044 | Keycloak: keycloak error_description injection on error pages | Keycloak | keycloak | Medium | 4.3 | 2025-09-05 19:59:04 | Deep Dive |
| CVE-2025-9566 | Podman: podman kube play command may overwrite host files | - | - | High | 8.1 | 2025-09-05 19:54:31 | Deep Dive |
| CVE-2025-9901 | Libsoup: improper handling of http vary header in libsoup caching | Red Hat | Red Hat Enterprise Linux 10 | Medium | 5.9 | 2025-09-03 12:32:27 | Deep Dive |
| CVE-2025-7039 | Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file() | Red Hat | Red Hat Enterprise Linux 10 | Low | 3.7 | 2025-09-03 01:52:03 | Deep Dive |
| CVE-2025-9784 | Undertow: undertow madeyoureset http/2 ddos vulnerability | - | - | High | 7.5 | 2025-09-02 13:38:00 | Deep Dive |
| CVE-2025-8067 | Udisks: out-of-bounds read in udisks daemon | storaged-project | udisks | High | 8.5 | 2025-08-28 14:47:09 | Deep Dive |
| CVE-2025-57753 | vite-plugin-static-copy files not included in `src` are accessible with a crafted request | sapphi-red | vite-plugin-static-copy | 中危 | - | 2025-08-21 16:03:05 | Deep Dive |
| CVE-2025-9162 | Org.keycloak/keycloak-model-storage-service: variable injection into environment variables | Keycloak | keycloak | Medium | 4.9 | 2025-08-21 15:40:25 | Deep Dive |
| CVE-2025-8415 | Cryostat: authentication bypass if network policies are disabled | Cryostat | Cryostat | Medium | 5.9 | 2025-08-20 16:14:34 | Deep Dive |
| CVE-2025-4877 | Libssh: write beyond bounds in binary to base64 conversion functions | - | - | Medium | 4.5 | 2025-08-20 12:19:19 | Deep Dive |
| CVE-2025-4437 | Cri-o: large /etc/passwd file may lead to denial of service | Red Hat | Red Hat OpenShift Container Platform 4 | Medium | 5.7 | 2025-08-20 12:19:18 | Deep Dive |
| CVE-2025-7777 | Mirror-registry: host header injection in mirror-registry | Red Hat | mirror registry for Red Hat OpenShift | Medium | 6.5 | 2025-08-20 11:38:59 | Deep Dive |