| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-66516 | Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected | Apache Software Foundation | Apache Tika core | High | 8.4 | 2025-12-04 16:17:25 | Deep Dive |
| CVE-2025-12084 | Quadratic complexity in node ID cache clearing | Python Software Foundation | CPython | - | - | 2025-12-03 18:55:32 | Deep Dive |
| CVE-2025-13946 | Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.5 | 2025-12-03 08:04:54 | Deep Dive |
| CVE-2025-13945 | Improperly Controlled Sequential Memory Allocation in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.5 | 2025-12-03 08:04:49 | Deep Dive |
| CVE-2025-10543 | Eclipse Paho Go MQTT v3.1 library 安全漏洞 | Eclipse Foundation | paho.mqtt.golang (Go MQTT v3.1 library) | - | - | 2025-12-02 08:18:17 | Deep Dive |
| CVE-2025-13837 | Out-of-memory when loading Plist | Python Software Foundation | CPython | - | - | 2025-12-01 18:13:33 | Deep Dive |
| CVE-2025-13836 | Excessive read buffering DoS in http.client | Python Software Foundation | CPython | - | - | 2025-12-01 18:02:38 | Deep Dive |
| CVE-2025-64775 | Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) | Apache Software Foundation | Apache Struts | 中危 | - | 2025-12-01 16:07:37 | Deep Dive |
| CVE-2025-59789 | Apache bRPC: Stack Exhaustion via Unbounded Recursion in JSON Parser | Apache Software Foundation | Apache bRPC | - | - | 2025-12-01 10:22:42 | Deep Dive |
| CVE-2025-59792 | Apache Kvrocks: MONITOR command reveals plaintext credentials to non-admins | Apache Software Foundation | Apache Kvrocks | 高危 | - | 2025-11-28 14:21:23 | Deep Dive |
| CVE-2025-59790 | Apache Kvrocks: RESET command grants admin privileges | Apache Software Foundation | Apache Kvrocks | 超危 | - | 2025-11-28 14:20:32 | Deep Dive |
| CVE-2025-54057 | Apache SkyWalking: Stored XSS vulnerability | Apache Software Foundation | Apache SkyWalking | 中危 | - | 2025-11-27 11:47:33 | Deep Dive |
| CVE-2025-59302 | Apache CloudStack: Potential remote code execution on Javascript engine defined rules | Apache Software Foundation | Apache CloudStack | 高危 | - | 2025-11-27 11:46:26 | Deep Dive |
| CVE-2025-59454 | Apache CloudStack: Lack of user permission validation leading to data leak for few APIs | Apache Software Foundation | Apache CloudStack | 中危 | - | 2025-11-27 11:40:40 | Deep Dive |
| CVE-2025-13674 | Access of Uninitialized Pointer in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.5 | 2025-11-26 11:33:40 | Deep Dive |
| CVE-2025-59390 | Apache Druid: Kerberos authenticaton chooses a cryptographically unsecure secret if not configured explicitly. | Apache Software Foundation | Apache Druid | - | - | 2025-11-26 08:50:07 | Deep Dive |
| CVE-2025-62728 | Apache Hive: SQL injection vulnerability when processing delete column statistics requests via the HMS Thrift APIs | Apache Software Foundation | Apache Hive | - | - | 2025-11-26 08:45:37 | Deep Dive |
| CVE-2025-65998 | Apache Syncope: Default AES key used for internal password encryption | Apache Software Foundation | Apache Syncope | - | - | 2025-11-24 13:47:04 | Deep Dive |
| CVE-2025-13499 | Access of Uninitialized Pointer in Wireshark | Wireshark Foundation | Wireshark | High | 7.8 | 2025-11-21 06:03:52 | Deep Dive |
| CVE-2025-64408 | Apache Causeway: Java deserialization vulnerability to authenticated attackers | Apache Software Foundation | Apache Causeway | - | - | 2025-11-19 10:32:06 | Deep Dive |