| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-4874 | PHPGurukul News Portal Project contactus.php sql injection | PHPGurukul | News Portal Project | High | 7.3 | 2025-05-18 12:00:10 | Deep Dive |
| CVE-2025-4873 | PHPGurukul News Portal Login index.php sql injection | PHPGurukul | News Portal | High | 7.3 | 2025-05-18 11:31:06 | Deep Dive |
| CVE-2025-4863 | Advaya Softech GEMS ERP Portal studentLogin.action sql injection | Advaya Softech | GEMS ERP Portal | Medium | 6.3 | 2025-05-18 06:31:04 | Deep Dive |
| CVE-2025-4728 | SourceCodester Best Online News Portal search.php sql injection | SourceCodester | Best Online News Portal | High | 7.3 | 2025-05-15 23:00:11 | Deep Dive |
| CVE-2025-30176 | Siemens多款产品 缓冲区错误漏洞 | Siemens | SIMATIC PCS neo V4.1 | High | 7.5 | 2025-05-13 09:38:40 | Deep Dive |
| CVE-2025-30175 | Siemens多款产品 缓冲区错误漏洞 | Siemens | SIMATIC PCS neo V4.1 | High | 7.5 | 2025-05-13 09:38:38 | Deep Dive |
| CVE-2025-30174 | Siemens多款产品 缓冲区错误漏洞 | Siemens | SIMATIC PCS neo V4.1 | High | 7.5 | 2025-05-13 09:38:37 | Deep Dive |
| CVE-2024-12378 | On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear. | Arista Networks | CloudVision Portal | Critical | 9.1 | 2025-05-08 19:05:22 | Deep Dive |
| CVE-2024-11186 | On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem | Arista Networks | CloudVision Portal | Critical | 10.0 | 2025-05-08 18:47:53 | Deep Dive |
| CVE-2025-0505 | On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state | Arista Networks | CloudVision Portal | Critical | 10.0 | 2025-05-08 18:37:14 | Deep Dive |
| CVE-2025-4388 | Liferay Portal和Liferay DXP 跨站脚本漏洞 | Liferay | Portal | - | - | 2025-05-06 18:01:19 | Deep Dive |
| CVE-2025-4265 | PHPGurukul Emergency Ambulance Hiring Portal contact-us.php sql injection | PHPGurukul | Emergency Ambulance Hiring Portal | High | 7.3 | 2025-05-05 05:00:09 | Deep Dive |
| CVE-2025-4264 | PHPGurukul Emergency Ambulance Hiring Portal edit-ambulance.php sql injection | PHPGurukul | Emergency Ambulance Hiring Portal | High | 7.3 | 2025-05-05 04:31:06 | Deep Dive |
| CVE-2025-47201 | Intrexx Portal Server 安全漏洞 | Intrexx | Portal Server | Medium | 4.4 | 2025-05-02 00:00:00 | Deep Dive |
| CVE-2025-32615 | WordPress Clinked Client Portal Plugin <= 1.10 - Reflected Cross Site Scripting (XSS) vulnerability | Clinked | Clinked Client Portal | High | 7.1 | 2025-04-17 15:47:15 | Deep Dive |
| CVE-2025-3760 | Liferay Portal 跨站脚本漏洞 | Liferay | Portal | - | - | 2025-04-17 12:53:20 | Deep Dive |
| CVE-2025-27929 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:59:31 | Deep Dive |
| CVE-2025-24315 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:57:28 | Deep Dive |
| CVE-2025-27561 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:55:20 | Deep Dive |
| CVE-2025-30257 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key | Growatt | Cloud portal | Medium | 5.3 | 2025-04-15 21:53:14 | Deep Dive |