| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-7888 | TDuckCloud tduck-platform UserFormDataMapper.java UserFormDataMapper sql injection | TDuckCloud | tduck-platform | Medium | 6.3 | 2025-07-20 12:02:05 | Deep Dive |
| CVE-2025-46732 | OpenCTI's GraphQL IDOR enables authenticated users to modify or delete notifications of other users | OpenCTI-Platform | opencti | Medium | 5.4 | 2025-07-18 15:05:11 | Deep Dive |
| CVE-2025-7784 | Org.keycloak/keycloak-services: privilege escalation in keycloak admin console (fgapv2 enabled) | - | - | Medium | 6.5 | 2025-07-18 13:48:46 | Deep Dive |
| CVE-2025-41239 | vSockets information-disclosure vulnerability | VMware | ESXi | High | 7.1 | 2025-07-15 18:35:04 | Deep Dive |
| CVE-2025-41238 | PVSCSI heap-overflow vulnerability | VMware | ESXi | Critical | 9.3 | 2025-07-15 18:34:49 | Deep Dive |
| CVE-2025-41237 | VMCI integer-underflow vulnerability | VMware | Cloud Foundation | Critical | 9.3 | 2025-07-15 18:34:21 | Deep Dive |
| CVE-2025-41236 | VMXNET3 integer-overflow vulnerability | VMware | ESXi | Critical | 9.3 | 2025-07-15 18:34:13 | Deep Dive |
| CVE-2025-34104 | Piwik Authenticated RCE via Custom Plugin Upload | Piwik (now Matomo) | Web Analytics Platform | - | - | 2025-07-15 13:06:51 | Deep Dive |
| CVE-2025-7519 | Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write | - | - | Medium | 6.7 | 2025-07-14 13:35:21 | Deep Dive |
| CVE-2025-53861 | Aap: sensitive cookie(s) set without security flags | Red Hat | Red Hat Ansible Automation Platform 2 | Low | 3.1 | 2025-07-11 12:44:18 | Deep Dive |
| CVE-2025-53862 | Aap: aap-gateway: automation-hub: sensitive information disclosure | Red Hat | Red Hat Ansible Automation Platform 2 | Low | 3.5 | 2025-07-11 12:34:24 | Deep Dive |
| CVE-2025-6395 | Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite() | - | - | Medium | 6.5 | 2025-07-10 15:20:46 | Deep Dive |
| CVE-2025-7424 | Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes | GNOME | libxslt | High | 7.5 | 2025-07-10 14:05:42 | Deep Dive |
| CVE-2025-7425 | Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr | GNOME | libxml2 | High | 7.8 | 2025-07-10 13:53:37 | Deep Dive |
| CVE-2025-32990 | Gnutls: vulnerability in gnutls certtool template parsing | - | - | Medium | 6.5 | 2025-07-10 09:41:46 | Deep Dive |
| CVE-2025-32989 | Gnutls: vulnerability in gnutls sct extension parsing | - | - | Medium | 5.3 | 2025-07-10 08:05:26 | Deep Dive |
| CVE-2025-32988 | Gnutls: vulnerability in gnutls othername san export | - | - | Medium | 6.5 | 2025-07-10 08:04:58 | Deep Dive |
| CVE-2025-53674 | Jenkins plugin Sensedia Api Platform tools 安全漏洞 | Jenkins Project | Jenkins Sensedia Api Platform tools Plugin | - | - | 2025-07-09 15:39:41 | Deep Dive |
| CVE-2025-53673 | Jenkins plugin Sensedia Api Platform tools 安全漏洞 | Jenkins Project | Jenkins Sensedia Api Platform tools Plugin | - | - | 2025-07-09 15:39:40 | Deep Dive |
| CVE-2025-3648 | Data Inference in Now Platform via Conditional ACLs | ServiceNow | Now Platform | - | - | 2025-07-08 16:07:12 | Deep Dive |