| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-4437 | Cri-o: large /etc/passwd file may lead to denial of service | Red Hat | Red Hat OpenShift Container Platform 4 | Medium | 5.7 | 2025-08-20 12:19:18 | Deep Dive |
| CVE-2025-9099 | Acrel Environmental Monitoring Cloud Platform UploadNewsImg unrestricted upload | Acrel | Environmental Monitoring Cloud Platform | Medium | 6.3 | 2025-08-18 01:02:07 | Deep Dive |
| CVE-2025-8946 | projectworlds Online Notes Sharing Platform login.php sql injection | projectworlds | Online Notes Sharing Platform | High | 7.3 | 2025-08-14 06:02:05 | Deep Dive |
| CVE-2025-3089 | Broken Access Control in ServiceNow AI Platform | ServiceNow | ServiceNow AI Platform | - | - | 2025-08-12 16:06:40 | Deep Dive |
| CVE-2025-30033 | Siemens多款产品 代码问题漏洞 | Siemens | Automation License Manager V6.0 | High | 7.8 | 2025-08-12 11:16:57 | Deep Dive |
| CVE-2025-42950 | Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform) | SAP_SE | SAP Landscape Transformation (Analysis Platform) | Critical | 9.9 | 2025-08-12 02:08:36 | Deep Dive |
| CVE-2025-42949 | Missing Authorization check in ABAP Platform | SAP_SE | ABAP Platform | Medium | 4.9 | 2025-08-12 02:08:28 | Deep Dive |
| CVE-2025-42948 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform | SAP_SE | SAP NetWeaver ABAP Platform | Medium | 6.1 | 2025-08-12 02:08:18 | Deep Dive |
| CVE-2025-42935 | Information Disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform(Internet Communication Manager) | SAP_SE | SAP NetWeaver AS for ABAP and ABAP Platform(Internet Communication Manager) | Medium | 4.1 | 2025-08-12 02:05:10 | Deep Dive |
| CVE-2025-8841 | zlt2000 microservices-platform FileController.java upload unrestricted upload | zlt2000 | microservices-platform | Medium | 6.3 | 2025-08-11 10:02:06 | Deep Dive |
| CVE-2025-8806 | zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 treeData sql injection | zhilink 智互联(深圳)科技有限公司 | ADP Application Developer Platform 应用开发者平台 | Medium | 6.3 | 2025-08-10 11:02:06 | Deep Dive |
| CVE-2025-8775 | Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload | Qiyuesuo | Eelectronic Signature Platform | Medium | 6.3 | 2025-08-09 21:02:07 | Deep Dive |
| CVE-2025-8773 | Dinstar Monitoring Platform 甘肃省危险品库监控平台 login_getPasswordErrorNum.action sql injection | Dinstar | Monitoring Platform 甘肃省危险品库监控平台 | High | 7.3 | 2025-08-09 20:02:06 | Deep Dive |
| CVE-2025-8756 | TDuckCloud tduck-platform manage preHandle improper authorization | TDuckCloud | tduck-platform | Medium | 6.3 | 2025-08-09 14:32:06 | Deep Dive |
| CVE-2025-8738 | zlt2000 microservices-platform Spring Actuator Interface actuator information disclosure | zlt2000 | microservices-platform | Medium | 5.3 | 2025-08-08 20:02:05 | Deep Dive |
| CVE-2025-8737 | zlt2000 microservices-platform OauthLogoutSuccessHandler.java onLogoutSuccess redirect | zlt2000 | microservices-platform | Low | 3.5 | 2025-08-08 19:32:05 | Deep Dive |
| CVE-2025-7195 | Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd | operator-framework | operator-sdk | Medium | 6.4 | 2025-08-07 19:05:09 | Deep Dive |
| CVE-2025-8620 | GiveWP – Donation Plugin and Fundraising Platform <= 4.6.0 - Unauthenticated Donor Data Exposure | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 5.3 | 2025-08-06 09:22:33 | Deep Dive |
| CVE-2025-8556 | Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results | - | - | Low | 3.7 | 2025-08-06 08:48:18 | Deep Dive |
| CVE-2025-54125 | XWiki Platform: Password and email exposure in xml.vm fields | xwiki | xwiki-platform | - | - | 2025-08-05 23:30:39 | Deep Dive |