Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 2113 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-11337 Four-Faith Water Conservancy Informatization Platform download.do;othersusrlogout.do path traversal Four-FaithWater Conservancy Informatization Platform Medium 5.3 2025-10-06 13:32:06 Deep Dive
CVE-2025-11336 Four-Faith Water Conservancy Informatization Platform download.do;otherlogout.do path traversal Four-FaithWater Conservancy Informatization Platform Medium 5.3 2025-10-06 13:02:06 Deep Dive
CVE-2025-11228 GiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms-Campaign Association stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 5.3 2025-10-04 02:24:38 Deep Dive
CVE-2025-11227 GiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms and Campaigns Disclosure stellarwpGiveWP – Donation Plugin and Fundraising Platform Medium 6.5 2025-10-04 02:24:35 Deep Dive
CVE-2025-11234 Qemu-kvm: vnc websocket handshake use-after-free -- High 7.5 2025-10-03 10:30:34 Deep Dive
CVE-2025-20368 Stored Cross-Site Scripting (XSS) through missing field warning messages in Saved Search and Job Inspector on Splunk Enterprise SplunkSplunk Enterprise Medium 5.7 2025-10-01 16:08:04 Deep Dive
CVE-2025-20371 Unauthenticated Blind Server Side Request Forgery (SSRF) in Splunk Enterprise SplunkSplunk Enterprise High 7.5 2025-10-01 16:08:03 Deep Dive
CVE-2025-20367 Reflected Cross-site Scripting (XSS) in '/app/search/table' endpoint through the 'dataset.command' parameter on Splunk Enterprise SplunkSplunk Enterprise Medium 5.7 2025-10-01 16:08:01 Deep Dive
CVE-2025-20366 Improper Access Control in Background Job Submission in Splunk Enterprise SplunkSplunk Enterprise Medium 6.5 2025-10-01 16:07:56 Deep Dive
CVE-2025-20369 Extensible Markup Language (XML) External Entity Injection (XXE) through Dashboard label field on Splunk Enterprise SplunkSplunk Enterprise Medium 4.6 2025-10-01 16:07:52 Deep Dive
CVE-2025-41250 Header injection vulnerability VMwarevCenter High 8.5 2025-09-29 17:44:28 Deep Dive
CVE-2025-41245 VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246) VMwareVMware Aria Operations Medium 4.9 2025-09-29 16:19:16 Deep Dive
CVE-2025-41244 VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246) VMwareVCF operations High 7.8 2025-09-29 16:09:52 Deep Dive
CVE-2025-11018 Four-Faith Water Conservancy Informatization Platform download.do;usrlogout.do.do path traversal Four-FaithWater Conservancy Informatization Platform Medium 5.3 2025-09-26 14:02:09 Deep Dive
CVE-2025-11025 Information Disclosure in Vimeosoft Information Technologies' Vimesoft Corporate Messaging Platform Vimesoft Information Technologies and Software Inc.Vimesoft Corporate Messaging Platform Medium 5.3 2025-09-26 12:40:31 Deep Dive
CVE-2025-10911 Libxslt: use-after-free with key data stored cross-rvt -- Medium 5.5 2025-09-25 15:13:14 Deep Dive
CVE-2025-10894 Nx: nx/devkit: malicious versions of nx and plugins published to npm -- Critical 9.6 2025-09-24 21:20:31 Deep Dive
CVE-2025-59548 DNN Vulnerable to Reflected Cross-Site Scripting (XSS) in CKEditor File Browser dnnsoftwareDnn.Platform--2025-09-23 17:58:55 Deep Dive
CVE-2025-59547 DNN's CKEditor File Uploader functionality vulnerable through Unicode obfuscation dnnsoftwareDnn.Platform Medium 5.3 2025-09-23 17:56:47 Deep Dive
CVE-2025-59821 DNN vulnerable to Reflected Cross-Site Scripting (XSS) using url to profile dnnsoftwareDnn.Platform Medium 6.5 2025-09-23 17:42:17 Deep Dive