| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-34242 | Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction() | Advantech | WebAccess/VPN | 高危 | - | 2025-11-06 19:46:20 | Deep Dive |
| CVE-2025-34241 | Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction() | Advantech | WebAccess/VPN | 中危 | - | 2025-11-06 19:45:40 | Deep Dive |
| CVE-2025-34240 | Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction() | Advantech | WebAccess/VPN | 高危 | - | 2025-11-06 19:45:03 | Deep Dive |
| CVE-2025-34239 | Advantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction() | Advantech | WebAccess/VPN | 高危 | - | 2025-11-06 19:44:19 | Deep Dive |
| CVE-2025-34238 | Advantech WebAccess/VPN < 1.1.5 Path Traversal via AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction() | Advantech | WebAccess/VPN | 中危 | - | 2025-11-06 19:43:35 | Deep Dive |
| CVE-2025-34237 | Advantech WebAccess/VPN < 1.1.5 Stored XSS via StandaloneVpnClientsController.addStandaloneVpnClientAction() | Advantech | WebAccess/VPN | 高危 | - | 2025-11-06 19:40:50 | Deep Dive |
| CVE-2025-34236 | Advantech WebAccess/VPN < 1.1.5 Stored XSS via NetworksController.addNetworkAction() | Advantech | WebAccess/VPN | 中危 | - | 2025-11-06 19:39:40 | Deep Dive |
| CVE-2025-1549 | WatchGuard Mobile VPN with SSL Local Privilege Escallation | WatchGuard | Mobile VPN with SSL Client | - | - | 2025-10-29 16:50:39 | Deep Dive |
| CVE-2025-11955 | Incorrect validation of OCSP certificates in TheGreenBow VPN Client Windows Enterprise | TheGreenBow | TheGreenBow VPN Client Windows Enterprise | - | - | 2025-10-27 11:30:24 | Deep Dive |
| CVE-2025-9133 | Zyxel ATP series firmware和Zyxel USG FLEX series firmware 安全漏洞 | Zyxel | ATP series firmware | High | 8.1 | 2025-10-21 01:57:20 | Deep Dive |
| CVE-2025-8078 | Zyxel ATP series firmware和Zyxel USG FLEX series firmware 操作系统命令注入漏洞 | Zyxel | ATP series firmware | High | 7.2 | 2025-10-21 01:49:29 | Deep Dive |
| CVE-2025-10678 | Admin with default credentials in NetBird VPN | NetBird VPN | NetBird | - | - | 2025-10-20 15:41:31 | Deep Dive |
| CVE-2025-11462 | Local Privilege Escalation Vulnerability in AWS Client VPN macOS Client | AWS | Client VPN | High | 7.8 | 2025-10-07 19:44:26 | Deep Dive |
| CVE-2025-11130 | iHongRen pptp-vpn XPC Service HelperTool.m shouldAcceptNewConnection missing authentication | iHongRen | pptp-vpn | High | 8.4 | 2025-09-29 00:32:06 | Deep Dive |
| CVE-2010-20109 | Barracuda Spam & Virus Firewall "locale" Path Traversal | Barracuda Networks | Spam & Virus Firewall | - | - | 2025-08-21 20:09:04 | Deep Dive |
| CVE-2025-8069 | Local Privilege Escalation Vulnerability in AWS Client VPN Windows Client | AWS | Client VPN | High | 7.8 | 2025-07-23 15:41:40 | Deep Dive |
| CVE-2025-40710 | Host Header Injection (HHI) in the Hotspot Shield VPN client | Hotspot Shield | Hotspot Shield VPN client | - | - | 2025-06-30 10:37:05 | Deep Dive |
| CVE-2025-34047 | Leadsec VPN Path Traversal Arbitrary File Read | Beijing NetGuard Nebula Information Technology Co., Ltd. | Leadsec SSL VPN | - | - | 2025-06-26 16:10:38 | Deep Dive |
| CVE-2025-5687 | Local privilege escalation vulnerability in Mozilla VPN clients for macOS v2.27.0 and below. | Mozilla | Mozilla VPN 2.28.0 | - | - | 2025-06-11 12:07:50 | Deep Dive |
| CVE-2025-26168 | IXON VPN Client 安全漏洞 | IXON | VPN Client | High | 8.1 | 2025-05-07 00:00:00 | Deep Dive |