| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-26465 | Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled | - | - | Medium | 6.8 | 2025-02-18 18:27:17 | Deep Dive |
| CVE-2024-45774 | Grub2: reader/jpeg: heap oob write during jpeg parsing | - | - | Medium | 6.7 | 2025-02-18 18:25:10 | Deep Dive |
| CVE-2024-4028 | Keycloak-core: stored xss in keycloak when creating a items in admin console | - | - | Low | 3.8 | 2025-02-18 17:54:09 | Deep Dive |
| CVE-2025-1391 | Keycloak-services: improper authorization in keycloak organization mapper allows unauthorized organization claims | - | - | Medium | 5.4 | 2025-02-17 14:01:35 | Deep Dive |
| CVE-2025-1247 | Io.quarkus:quarkus-rest: quarkus rest endpoint request parameter leakage due to shared instance | - | - | High | 8.3 | 2025-02-13 13:26:27 | Deep Dive |
| CVE-2025-1244 | Emacs: shell injection vulnerability in gnu emacs via custom "man" uri scheme | - | - | High | 8.8 | 2025-02-12 14:27:46 | Deep Dive |
| CVE-2024-12243 | Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos | - | - | Medium | 5.3 | 2025-02-10 15:28:10 | Deep Dive |
| CVE-2024-12133 | Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos | - | - | Medium | 5.3 | 2025-02-10 15:28:03 | Deep Dive |
| CVE-2024-11831 | Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript | - | - | Medium | 5.4 | 2025-02-10 15:27:47 | Deep Dive |
| CVE-2025-23114 | Veeam Updater component 安全漏洞 | Veeam | Backup for AWS | 超危 | - | 2025-02-05 01:45:03 | Deep Dive |
| CVE-2025-23367 | Org.wildfly.core:wildfly-server: wildfly improper rbac permission | - | - | Medium | 6.5 | 2025-01-30 14:30:04 | Deep Dive |
| CVE-2024-13484 | Openshift-gitops-operator-container: namespace isolation break | - | - | High | 8.2 | 2025-01-28 17:54:29 | Deep Dive |
| CVE-2025-0754 | Envoyproxy: openshift service mesh 2.6.3 and 2.5.6 envoy header handling allows log injection and potential spoofing | - | - | Medium | 4.3 | 2025-01-28 09:37:12 | Deep Dive |
| CVE-2025-0752 | Envoyproxy: openshift service mesh envoy http header sanitization bypass leading to dos and unauthorized access | - | - | High | 7.1 | 2025-01-28 09:29:33 | Deep Dive |
| CVE-2025-0750 | Cri-o: cri-o path traversal in log handling functions allows arbitrary unmounting | - | - | Medium | 6.6 | 2025-01-28 09:29:31 | Deep Dive |
| CVE-2025-0736 | Org.infinispan-infinispan-parent: exposure of sensitive information in application logs | - | - | Medium | 5.5 | 2025-01-28 09:12:38 | Deep Dive |
| CVE-2022-4975 | Rhacs: cross-site scripting in portal | Red Hat | Red Hat Advanced Cluster Security 3 | High | 8.9 | 2025-01-27 13:47:56 | Deep Dive |
| CVE-2025-0650 | Ovn: egress acls may be bypassed via specially crafted udp packet | - | - | High | 8.1 | 2025-01-23 16:34:31 | Deep Dive |
| CVE-2025-0604 | Keycloak-ldap-federation: authentication bypass due to missing ldap bind after password reset in keycloak | - | - | Medium | 5.4 | 2025-01-22 14:34:46 | Deep Dive |
| CVE-2024-11218 | Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile | - | - | High | 8.6 | 2025-01-22 04:55:31 | Deep Dive |