| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-20377 | Cisco Unified Intelligence Center API Information Disclosure Vulnerability | Cisco | Cisco Packaged Contact Center Enterprise | Medium | 4.3 | 2025-11-05 16:31:53 | Deep Dive |
| CVE-2025-3125 | Authenticated Arbitrary File Upload in Multiple WSO2 Products via CarbonAppUploader Admin Service Leading to Remote Code Execution | WSO2 | WSO2 Identity Server | Medium | 6.7 | 2025-11-05 14:49:45 | Deep Dive |
| CVE-2025-12464 | Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode | - | - | Medium | 6.2 | 2025-10-31 21:15:49 | Deep Dive |
| CVE-2025-11602 | Untargeted information leak in Bolt protocol handshake | neo4j | Enterprise Edition | 中危 | - | 2025-10-31 10:20:17 | Deep Dive |
| CVE-2025-62229 | Xorg: xmayland: use-after-free in xpresentnotify structure creation | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:28:48 | Deep Dive |
| CVE-2025-62230 | Xorg: xwayland: use-after-free in xkb client resource removal | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:19:40 | Deep Dive |
| CVE-2025-62231 | Xorg: xmayland: value overflow in xkbsetcompatmap() | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:08:32 | Deep Dive |
| CVE-2025-11374 | Consul's KV endpoint is vulnerable to denial of service | HashiCorp | Consul | Medium | 6.5 | 2025-10-28 20:19:05 | Deep Dive |
| CVE-2025-11375 | Consul's event endpoint is vulnerable to denial of service | HashiCorp | Consul | Medium | 6.5 | 2025-10-28 20:12:14 | Deep Dive |
| CVE-2025-12290 | Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System 359 cross site scripting | Sui Shang Information Technology | Suishang Enterprise-Level B2B2C Multi-User Mall System | Medium | 4.3 | 2025-10-27 15:02:09 | Deep Dive |
| CVE-2025-12289 | Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System 1001 cross site scripting | Sui Shang Information Technology | Suishang Enterprise-Level B2B2C Multi-User Mall System | Medium | 4.3 | 2025-10-27 15:02:06 | Deep Dive |
| CVE-2025-11955 | Incorrect validation of OCSP certificates in TheGreenBow VPN Client Windows Enterprise | TheGreenBow | TheGreenBow VPN Client Windows Enterprise | - | - | 2025-10-27 11:30:24 | Deep Dive |
| CVE-2025-5605 | Authentication Bypass via URI Manipulation in Multiple WSO2 Products' Management Console Leading to Partial Information Disclosure | WSO2 | WSO2 Identity Server | Medium | 4.3 | 2025-10-24 10:10:00 | Deep Dive |
| CVE-2025-5350 | SSRF and Reflected XSS Vulnerability in Deprecated Try-It Feature of Multiple WSO2 Products | WSO2 | WSO2 Identity Server | Medium | 5.9 | 2025-10-24 10:08:08 | Deep Dive |
| CVE-2025-36361 | IBM App Connect Enterprise runtime is vulnerable to a lack of authorization on windows environments using IWA | IBM | App Connect Enterprise | Medium | 6.3 | 2025-10-24 09:35:21 | Deep Dive |
| CVE-2025-12044 | Vault Vulnerable to Denial of Service Due to Rate Limit Regression | HashiCorp | Vault | High | 7.5 | 2025-10-23 19:15:17 | Deep Dive |
| CVE-2025-11621 | Vault AWS auth method bypass due to AWS client cache | HashiCorp | Vault | High | 8.1 | 2025-10-23 19:08:55 | Deep Dive |
| CVE-2025-12105 | Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion | GNOME | libsoup | High | 7.5 | 2025-10-23 09:14:14 | Deep Dive |
| CVE-2025-61761 | Oracle PeopleSoft 安全漏洞 | Oracle Corporation | PeopleSoft Enterprise FIN Maintenance Management | Medium | 5.4 | 2025-10-21 20:03:13 | Deep Dive |
| CVE-2025-61762 | Oracle PeopleSoft 安全漏洞 | Oracle Corporation | PeopleSoft Enterprise FIN Payables | Medium | 6.3 | 2025-10-21 20:03:13 | Deep Dive |