| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1531 | Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification | Red Hat | Red Hat Satellite 6.16 for RHEL 8 | High | 8.1 | 2026-02-02 05:47:10 | Deep Dive |
| CVE-2026-1530 | Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation | Red Hat | Red Hat Satellite 6.16 for RHEL 8 | High | 8.1 | 2026-02-02 05:47:10 | Deep Dive |
| CVE-2026-0603 | Org.hibernate/hibernate-core: hibernate: information disclosure and data deletion via second-order sql injection | - | - | High | 8.3 | 2026-01-23 06:31:39 | Deep Dive |
| CVE-2025-12790 | Rubygem-mqtt: rubygem-mqtt hostname validation | Nicholas J Humfrey | ruby-mqtt | High | 7.4 | 2025-11-06 21:07:35 | Deep Dive |
| CVE-2025-10622 | Foreman: os command injection via ct_location and fcct_location parameters | The Foreman | Foreman | High | 8.0 | 2025-11-05 07:32:14 | Deep Dive |
| CVE-2025-3931 | Yggdrasil: local privilege escalation in yggdrasil | - | - | High | 7.8 | 2025-05-14 11:54:50 | Deep Dive |
| CVE-2025-4574 | Crossbeam-channel: crossbeam-channel vulnerable to double free on drop | - | - | Medium | 6.5 | 2025-05-13 21:47:25 | Deep Dive |
| CVE-2025-4432 | Ring: some aes functions may panic when overflow checking is enabled in ring | - | - | Medium | 5.3 | 2025-05-09 16:06:34 | Deep Dive |
| CVE-2025-2157 | Foreman: disclosure of executed commands and outputs in foreman / red hat satellite | Red Hat | Satellite Server | Low | 3.3 | 2025-03-15 06:35:52 | Deep Dive |
| CVE-2024-11831 | Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript | - | - | Medium | 5.4 | 2025-02-10 15:27:47 | Deep Dive |
| CVE-2025-1077 | Remote Code Execution vulnerability in IBL Software Engineering Visual Weather and derived products (NAMIS, Aero Weather, Satellite Weather) | IBL Software Engineering | Visual Weather | 高危 | - | 2025-02-07 08:32:02 | Deep Dive |
| CVE-2025-0675 | Elber Communications Equipment Hidden Functionality | Elber | Signum DVB-S/S2 IRD | High | 7.5 | 2025-02-06 23:43:57 | Deep Dive |
| CVE-2025-0674 | Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel | Elber | Signum DVB-S/S2 IRD | Critical | 9.8 | 2025-02-06 23:42:34 | Deep Dive |
| CVE-2023-1932 | Hibernate-validator: rendering of invalid html with safehtml leads to html injection and xss | Red Hat | A-MQ Clients 2 | Medium | 6.1 | 2024-11-07 10:00:52 | Deep Dive |
| CVE-2024-6861 | Foreman: foreman: oauth secret exposure via unauthenticated access to the graphql api | - | - | High | 7.5 | 2024-11-06 14:54:51 | Deep Dive |
| CVE-2024-8553 | Foreman: read-only access to entire db from templates | - | - | Medium | 6.3 | 2024-10-31 15:01:16 | Deep Dive |
| CVE-2024-9355 | Golang-fips: golang fips zeroed buffer | - | - | Medium | 6.5 | 2024-10-01 18:17:29 | Deep Dive |
| CVE-2024-9166 | OS Command Injection in Atelmo Atemio AM 520 HD Full HD Satellite Receiver | Atelmo | Atemio AM 520 HD Full HD Satellite Receiver | - | - | 2024-09-26 16:55:51 | Deep Dive |
| CVE-2024-7923 | Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore | - | - | - | - | 2024-09-04 13:41:49 | Deep Dive |
| CVE-2024-7012 | Puppet-foreman: an authentication bypass vulnerability exists in foreman | - | - | Critical | 9.8 | 2024-09-04 13:41:18 | Deep Dive |