| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-7519 | Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write | - | - | Medium | 6.7 | 2025-07-14 13:35:21 | Deep Dive |
| CVE-2025-53861 | Aap: sensitive cookie(s) set without security flags | Red Hat | Red Hat Ansible Automation Platform 2 | Low | 3.1 | 2025-07-11 12:44:18 | Deep Dive |
| CVE-2025-53862 | Aap: aap-gateway: automation-hub: sensitive information disclosure | Red Hat | Red Hat Ansible Automation Platform 2 | Low | 3.5 | 2025-07-11 12:34:24 | Deep Dive |
| CVE-2025-6395 | Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite() | - | - | Medium | 6.5 | 2025-07-10 15:20:46 | Deep Dive |
| CVE-2025-7365 | Keycloak: phishing attack via email verification step in first login flow | - | - | High | 7.1 | 2025-07-10 14:20:46 | Deep Dive |
| CVE-2025-7424 | Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes | GNOME | libxslt | High | 7.5 | 2025-07-10 14:05:42 | Deep Dive |
| CVE-2025-7425 | Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr | GNOME | libxml2 | High | 7.8 | 2025-07-10 13:53:37 | Deep Dive |
| CVE-2025-32990 | Gnutls: vulnerability in gnutls certtool template parsing | - | - | Medium | 6.5 | 2025-07-10 09:41:46 | Deep Dive |
| CVE-2025-32989 | Gnutls: vulnerability in gnutls sct extension parsing | - | - | Medium | 5.3 | 2025-07-10 08:05:26 | Deep Dive |
| CVE-2025-32988 | Gnutls: vulnerability in gnutls othername san export | - | - | Medium | 6.5 | 2025-07-10 08:04:58 | Deep Dive |
| CVE-2025-7345 | Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf | - | - | High | 7.5 | 2025-07-08 13:39:08 | Deep Dive |
| CVE-2025-5987 | Libssh: invalid return code for chacha20 poly1305 with openssl backend | - | - | High | 8.1 | 2025-07-07 14:24:13 | Deep Dive |
| CVE-2025-52828 | WordPress Red Art theme <= 3.8 - PHP Object Injection Vulnerability | designthemes | Red Art | High | 8.8 | 2025-07-04 11:17:53 | Deep Dive |
| CVE-2024-9453 | Jenkins-image: sensitive data disclosure when using openshift jenkins image | Jenkins | openshift-sync-plugin | Medium | 6.5 | 2025-07-04 08:36:35 | Deep Dive |
| CVE-2025-5351 | Libssh: double free vulnerability in libssh key export functions | libssh | libssh | Medium | 6.5 | 2025-07-04 08:16:47 | Deep Dive |
| CVE-2025-5372 | Libssh: incorrect return code handling in ssh_kdf() in libssh | libssh | libssh | Medium | 5.0 | 2025-07-04 06:01:28 | Deep Dive |
| CVE-2025-6017 | Rhacm: users with clusterreader role can see credentials from managed-clusters | - | - | Medium | 5.5 | 2025-07-02 06:36:47 | Deep Dive |
| CVE-2025-6920 | Ai-inference-server: authentication bypass via unprotected inference endpoint in api | Red Hat | Red Hat AI Inference Server | Medium | 5.3 | 2025-07-01 13:16:17 | Deep Dive |
| CVE-2025-49520 | Event-driven-ansible: authenticated argument injection in git url in eda project creation | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | High | 8.8 | 2025-06-30 20:45:29 | Deep Dive |
| CVE-2025-49521 | Event-driven-ansible: template injection via git branch and refspec in eda projects | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | High | 8.8 | 2025-06-30 20:45:13 | Deep Dive |