| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-48989 | Apache Tomcat: h2 DoS - Made You Reset | Apache Software Foundation | Apache Tomcat | - | - | 2025-08-13 12:11:26 | Deep Dive |
| CVE-2012-10049 | WebPageTest Arbitrary PHP File Upload RCE | WPO Foundation | WebPageTest | 中危 | - | 2025-08-08 18:13:47 | Deep Dive |
| CVE-2025-53606 | Apache Seata (incubating): Deserialization of untrusted Data in Apache Seata Server | Apache Software Foundation | Apache Seata (incubating) | 超危 | - | 2025-08-08 09:22:55 | Deep Dive |
| CVE-2025-48913 | Apache CXF: Untrusted JMS configuration can lead to RCE | Apache Software Foundation | Apache CXF | 高危 | - | 2025-08-08 09:21:22 | Deep Dive |
| CVE-2025-7195 | Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd | operator-framework | operator-sdk | Medium | 6.4 | 2025-08-07 19:05:09 | Deep Dive |
| CVE-2025-55133 | agora 跨站脚本漏洞 | Agora Foundation | Agora | Medium | 6.4 | 2025-08-07 00:00:00 | Deep Dive |
| CVE-2025-55135 | agora 代码问题漏洞 | Agora Foundation | Agora | Medium | 6.4 | 2025-08-07 00:00:00 | Deep Dive |
| CVE-2025-55134 | agora 跨站脚本漏洞 | Agora Foundation | Agora | Medium | 6.4 | 2025-08-07 00:00:00 | Deep Dive |
| CVE-2024-51775 | Apache Zeppelin: Command Injection via CSWSH | Apache Software Foundation | Apache Zeppelin | 中危 | - | 2025-08-03 10:13:17 | Deep Dive |
| CVE-2024-41177 | Apache Zeppelin: XSS in the Helium module | Apache Software Foundation | Apache Zeppelin | 中危 | - | 2025-08-03 10:09:43 | Deep Dive |
| CVE-2024-52279 | Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string | Apache Software Foundation | Apache Zeppelin | 中危 | - | 2025-08-03 10:02:05 | Deep Dive |
| CVE-2013-10044 | OpenEMR ≤ 4.1.1 SQL Injection Privilege Escalation and RCE | OpenEMR Foundation | OpenEMR | 中危 | - | 2025-08-01 20:46:46 | Deep Dive |
| CVE-2025-24854 | Apache JSPWiki: Cross-Site Scripting (XSS) in JSPWiki Image plugin | Apache Software Foundation | Apache JSPWiki | - | - | 2025-07-31 08:43:19 | Deep Dive |
| CVE-2025-24853 | Apache JSPWiki: Cross-Site Scripting (XSS) in JSPWiki Header Link processing | Apache Software Foundation | Apache JSPWiki | - | - | 2025-07-31 08:42:06 | Deep Dive |
| CVE-2025-54656 | Apache Struts Extras: Improper Output Neutralization for Logs | Apache Software Foundation | Apache Struts Extras | - | - | 2025-07-30 15:58:02 | Deep Dive |
| CVE-2025-41241 | Denial-of-service vulnerability | VMware | vCenter | Medium | 4.4 | 2025-07-29 12:25:56 | Deep Dive |
| CVE-2025-8194 | Tarfile infinite loop during parsing with negative member offset | Python Software Foundation | CPython | High | 7.5 | 2025-07-28 18:42:45 | Deep Dive |
| CVE-2025-54090 | Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64 | Apache Software Foundation | Apache HTTP Server | 中危 | - | 2025-07-23 13:19:25 | Deep Dive |
| CVE-2025-7962 | Eclipse Jakarta Mail 安全漏洞 | Eclipse Foundation | Jakarta Mail | 中危 | - | 2025-07-21 17:22:13 | Deep Dive |
| CVE-2025-50151 | Apache Jena: Configuration files uploaded by administrative users are not check properly | Apache Software Foundation | Apache Jena | 中危 | - | 2025-07-21 09:32:30 | Deep Dive |