| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-37159 | Authenticated Session Hijacking Allows Unauthorized Access in Network Switching Software | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | Medium | 5.8 | 2025-11-18 18:52:47 | Deep Dive |
| CVE-2025-37158 | Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | Medium | 6.7 | 2025-11-18 18:51:29 | Deep Dive |
| CVE-2025-37157 | Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX | Hewlett Packard Enterprise (HPE) | HPE Aruba Networkign AOS-CX | Medium | 6.7 | 2025-11-18 18:48:58 | Deep Dive |
| CVE-2025-37156 | ArubaOS-CX Platform-Level Denial-of-Service Vulnerability | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | Medium | 6.8 | 2025-11-18 18:46:11 | Deep Dive |
| CVE-2025-37155 | Authenticated Privilege Escalation Allows Unauthorized Access in Network Management Interface | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | High | 7.8 | 2025-11-18 18:40:41 | Deep Dive |
| CVE-2025-54770 | Grub2: use-after-free in net_set_vlan | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:30:10 | Deep Dive |
| CVE-2025-61664 | Grub2: missing unregister call for normal_exit command may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:55 | Deep Dive |
| CVE-2025-61663 | Grub2: missing unregister call for normal commands may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:53 | Deep Dive |
| CVE-2025-61662 | Grub2: missing unregister call for gettext command may lead to use-after-free | GNU | grub2 | High | 7.8 | 2025-11-18 18:20:48 | Deep Dive |
| CVE-2025-61661 | Grub2: grub2: out-of-bounds write via malicious usb device | GNU | grub2 | Medium | 4.8 | 2025-11-18 18:20:42 | Deep Dive |
| CVE-2025-54771 | Grub2: use-after-free in grub_file_close() | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:40 | Deep Dive |
| CVE-2025-6670 | Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services | WSO2 | WSO2 Open Banking AM | High | 8.8 | 2025-11-18 11:28:37 | Deep Dive |
| CVE-2025-13193 | Libvirt: information disclosure via world-readable vm snapshots | - | - | Medium | 5.5 | 2025-11-17 17:03:48 | Deep Dive |
| CVE-2017-20211 | UCanCode E-XD++ Visualization Enterprise Suite Untrusted Pointer Dereference RCE | UCanCode.Net Software | E-XD++ Visualization Enterprise Suite | 中危 | - | 2025-11-12 22:05:58 | Deep Dive |
| CVE-2025-20379 | Risky command safeguards bypass using the “/services/streams/search“ REST endpoint through “q“ parameter in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 3.5 | 2025-11-12 17:23:01 | Deep Dive |
| CVE-2025-20378 | Open Redirect on Web Login endpoint in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 3.1 | 2025-11-12 17:22:57 | Deep Dive |
| CVE-2025-59089 | Python-kdcproxy: remote dos via unbounded tcp upstream buffering | latchset | kdcproxy | Medium | 5.9 | 2025-11-12 16:40:51 | Deep Dive |
| CVE-2025-59088 | Python-kdcproxy: unauthenticated ssrf via realm‑controlled dns srv | latchset | kdcproxy | High | 8.6 | 2025-11-12 16:35:28 | Deep Dive |
| CVE-2025-12748 | Libvirt: denial of service in xml parsing | - | - | Medium | 5.5 | 2025-11-11 19:49:32 | Deep Dive |
| CVE-2025-62205 | Microsoft Office Remote Code Execution Vulnerability | Microsoft | Microsoft 365 Apps for Enterprise | High | 7.8 | 2025-11-11 17:59:45 | Deep Dive |