| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-36600 | Dell Client Platform BIOS 安全漏洞 | Dell | Client Platform BIOS | High | 8.2 | 2025-07-08 14:17:24 | Deep Dive |
| CVE-2025-42986 | Missing Authorization check in SAP NetWeaver and ABAP Platform | SAP_SE | SAP NetWeaver and ABAP Platform | Medium | 4.3 | 2025-07-08 00:38:33 | Deep Dive |
| CVE-2025-42974 | Missing Authorization Check in SAP NetWeaver and ABAP Platform (SDCCN) | SAP_SE | SAP NetWeaver and ABAP Platform (SDCCN) | Medium | 4.3 | 2025-07-08 00:37:33 | Deep Dive |
| CVE-2025-42969 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server ABAP and ABAP Platform | Medium | 6.1 | 2025-07-08 00:36:42 | Deep Dive |
| CVE-2025-42965 | Server Side Request Forgery(SSRF) vulnerability in SAP BusinessObjects BI Platform Central Management Console Promotion Management Application | SAP_SE | SAP BusinessObjects BI Platform Central Management Console Promotion Management Application | Medium | 4.1 | 2025-07-08 00:36:03 | Deep Dive |
| CVE-2025-42959 | Missing Authentication check after implementation of SAP Security Note 3007182 and 3537476 | SAP_SE | SAP NetWeaver ABAP Server and ABAP Platform | High | 8.1 | 2025-07-08 00:35:03 | Deep Dive |
| CVE-2025-31326 | HTML Injection vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | SAP_SE | SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | Medium | 4.1 | 2025-07-08 00:34:22 | Deep Dive |
| CVE-2025-20325 | Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 3.1 | 2025-07-07 17:48:02 | Deep Dive |
| CVE-2025-20300 | Improper Access Control Lets Low-Privilege Users Suppress Read-Only Alerts in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 4.3 | 2025-07-07 17:47:58 | Deep Dive |
| CVE-2025-5987 | Libssh: invalid return code for chacha20 poly1305 with openssl backend | - | - | High | 8.1 | 2025-07-07 14:24:13 | Deep Dive |
| CVE-2025-50032 | WordPress Paytiko for WooCommerce plugin <= 1.4.6 - Broken Access Control vulnerability | Paytiko - Payment Orchestration Platform | Paytiko for WooCommerce | Medium | 6.5 | 2025-07-04 11:17:58 | Deep Dive |
| CVE-2025-5351 | Libssh: double free vulnerability in libssh key export functions | libssh | libssh | Medium | 6.5 | 2025-07-04 08:16:47 | Deep Dive |
| CVE-2025-5372 | Libssh: incorrect return code handling in ssh_kdf() in libssh | libssh | libssh | Medium | 5.0 | 2025-07-04 06:01:28 | Deep Dive |
| CVE-2025-34067 | Hikvision Integrated Security Management Platform Remote Command Execution via applyCT Fastjson | Hikvision | Integrated Security Management Platform | - | - | 2025-07-02 13:44:22 | Deep Dive |
| CVE-2025-34059 | Dahua Smart Cloud Gateway Registration Management Platform SQL Injection | Zhejiang Dahua Technology Co., Ltd. | Smart Cloud Gateway Registration Management Platform | - | - | 2025-07-01 14:48:52 | Deep Dive |
| CVE-2025-49520 | Event-driven-ansible: authenticated argument injection in git url in eda project creation | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | High | 8.8 | 2025-06-30 20:45:29 | Deep Dive |
| CVE-2025-49521 | Event-driven-ansible: template injection via git branch and refspec in eda projects | Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 | High | 8.8 | 2025-06-30 20:45:13 | Deep Dive |
| CVE-2025-5731 | Infinispan: credential leakage in infinispan cli | Red Hat | infinispan | Medium | 5.5 | 2025-06-26 21:29:00 | Deep Dive |
| CVE-2025-5318 | Libssh: out-of-bounds read in sftp_handle() | - | - | High | 8.1 | 2025-06-24 14:10:07 | Deep Dive |
| CVE-2025-6032 | Podman: podman missing tls verification | - | - | High | 8.3 | 2025-06-24 13:50:48 | Deep Dive |