| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-21619 | GLPI allows SQL injection through the rules configuration | glpi-project | glpi | 中危 | - | 2025-03-18 18:25:13 | Deep Dive |
| CVE-2025-26626 | GLPI Inventory Plugin vulnerable to reflective Cross-site Scripting | glpi-project | glpi-inventory-plugin | Medium | 6.5 | 2025-03-14 12:47:14 | Deep Dive |
| CVE-2025-22213 | [20250301] - Core - Malicious file uploads via Media Manager | Joomla! Project | Joomla! CMS | 中危 | - | 2025-03-11 16:07:29 | Deep Dive |
| CVE-2025-27403 | Ratify Azure authentication providers can leak authentication tokens to non-Azure container registries | ratify-project | ratify | 中危 | - | 2025-03-11 14:16:10 | Deep Dive |
| CVE-2025-27625 | Jenkins 输入验证错误漏洞 | Jenkins Project | Jenkins | 中危 | - | 2025-03-05 22:33:37 | Deep Dive |
| CVE-2025-27624 | Jenkins 跨站请求伪造漏洞 | Jenkins Project | Jenkins | 中危 | - | 2025-03-05 22:33:36 | Deep Dive |
| CVE-2025-27622 | Jenkins 安全漏洞 | Jenkins Project | Jenkins | 中危 | - | 2025-03-05 22:33:35 | Deep Dive |
| CVE-2025-27623 | Jenkins 安全漏洞 | Jenkins Project | Jenkins | 中危 | - | 2025-03-05 22:33:35 | Deep Dive |
| CVE-2025-27590 | Oxidized Web 路径遍历漏洞 | Oxidized Web project | Oxidized Web | Critical | 9.0 | 2025-03-03 00:00:00 | Deep Dive |
| CVE-2025-25192 | GLPI allows unauthorized access to debug mode | glpi-project | glpi | Medium | 6.5 | 2025-02-25 17:58:20 | Deep Dive |
| CVE-2025-23046 | GLPI vulnerable to unauthorized authentication by email using the OAuthIMAP plugin | glpi-project | glpi | 中危 | - | 2025-02-25 17:48:18 | Deep Dive |
| CVE-2025-23024 | GLPI: Plugins are disabled accessing one page | glpi-project | glpi | 中危 | - | 2025-02-25 15:47:33 | Deep Dive |
| CVE-2025-21627 | GLPI Cross-site Scripting vulnerability | glpi-project | glpi | Medium | 6.5 | 2025-02-25 15:43:35 | Deep Dive |
| CVE-2025-21626 | GLPI vulnerable to exposure of sensitive information in the `status.php` endpoint | glpi-project | glpi | Medium | 5.8 | 2025-02-25 15:37:28 | Deep Dive |
| CVE-2025-26533 | SQL injection risk in course search module list filter | Moodle Project | moodle | High | 8.1 | 2025-02-24 20:07:45 | Deep Dive |
| CVE-2025-26532 | Teachers can evade trusttext config when restoring glossary entries | Moodle Project | moodle | Low | 3.1 | 2025-02-24 20:05:21 | Deep Dive |
| CVE-2025-26531 | IDOR in badges allows disabling of arbitrary badges | Moodle Project | moodle | Low | 3.1 | 2025-02-24 20:02:58 | Deep Dive |
| CVE-2025-26530 | Reflected XSS via question bank filter | Moodle Project | moodle | High | 8.3 | 2025-02-24 19:56:15 | Deep Dive |
| CVE-2025-26529 | Stored XSS risk in admin live log | Moodle Project | moodle | High | 8.3 | 2025-02-24 19:52:49 | Deep Dive |
| CVE-2025-26528 | Stored XSS in ddimageortext question type | Moodle Project | moodle | Low | 3.4 | 2025-02-24 19:50:12 | Deep Dive |