| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-64138 | Jenkins Start Windocks Containers Plugin 安全漏洞 | Jenkins Project | Jenkins Start Windocks Containers Plugin | - | - | 2025-10-29 13:29:44 | Deep Dive |
| CVE-2025-58712 | Amq: privilege escalation via excessive /etc/passwd permissions | apache | activemq-artemis | Medium | 6.4 | 2025-10-22 18:19:07 | Deep Dive |
| CVE-2025-61779 | Trustee's attestation-policy endpoint is not protected by admin autentication | confidential-containers | trustee | - | - | 2025-10-09 20:53:34 | Deep Dive |
| CVE-2025-58354 | Kata Containers coco-tdx malicious host can circumvent initdata verification | kata-containers | kata-containers | - | - | 2025-09-23 21:08:47 | Deep Dive |
| CVE-2025-8941 | Linux-pam: incomplete fix for cve-2025-6020 | - | - | High | 7.8 | 2025-08-13 14:42:38 | Deep Dive |
| CVE-2025-8556 | Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results | - | - | Low | 3.7 | 2025-08-06 08:48:18 | Deep Dive |
| CVE-2025-6020 | Linux-pam: linux-pam directory traversal | - | - | High | 7.8 | 2025-06-17 12:44:09 | Deep Dive |
| CVE-2025-5914 | Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c | - | - | High | 7.8 | 2025-06-09 19:53:49 | Deep Dive |
| CVE-2025-5791 | Users: `root` appended to group listings | - | - | High | 7.1 | 2025-06-06 13:10:07 | Deep Dive |
| CVE-2025-4057 | Activemq-artemis-operator: amq broker operator starting credentials reuse | - | - | Medium | 5.5 | 2025-05-26 08:53:04 | Deep Dive |
| CVE-2025-24965 | .krun_config.json symlink attack creates or overwrites file on the host in crun | containers | crun | 高危 | - | 2025-02-19 16:46:32 | Deep Dive |
| CVE-2024-51997 | The Attestation Results Token can be arbitrarily modified without being detected in Trustee | confidential-containers | trustee | High | 8.1 | 2024-11-08 18:40:32 | Deep Dive |
| CVE-2024-10234 | Wildfly: wildfly vulnerable to cross-site scripting (xss) | - | - | Medium | 6.1 | 2024-10-22 13:17:58 | Deep Dive |
| CVE-2024-9858 | Insecure user permissions in Google Cloud Migrate to Containers for Windows | Google Cloud | Migrate to Containers | 高危 | - | 2024-10-16 08:43:51 | Deep Dive |
| CVE-2024-8883 | Keycloak: vulnerable redirect uri validation results in open redirec | - | - | Medium | 6.1 | 2024-09-19 15:48:28 | Deep Dive |
| CVE-2024-8698 | Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak | - | - | High | 7.7 | 2024-09-19 15:48:18 | Deep Dive |
| CVE-2024-7341 | Wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters | - | - | High | 7.1 | 2024-09-09 18:51:14 | Deep Dive |
| CVE-2024-4629 | Keycloak: potential bypass of brute force protection | - | - | Medium | 6.5 | 2024-09-03 19:42:01 | Deep Dive |
| CVE-2024-5967 | Keycloak: leak of configured ldap bind credentials through the keycloak admin console | - | - | Low | 2.7 | 2024-06-18 12:05:39 | Deep Dive |
| CVE-2024-4540 | Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie | - | - | High | 7.5 | 2024-06-03 15:33:18 | Deep Dive |