| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-48924 | Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass(...) can throw a StackOverflowError on very long inputs | Apache Software Foundation | Apache Commons Lang | - | - | 2025-07-11 14:56:58 | Deep Dive |
| CVE-2025-53506 | Apache Tomcat: DoS via excessive h2 streams at connection start | Apache Software Foundation | Apache Tomcat | 高危 | - | 2025-07-10 19:14:23 | Deep Dive |
| CVE-2025-52520 | Apache Tomcat: DoS via integer overflow in multipart file upload | Apache Software Foundation | Apache Tomcat | 高危 | - | 2025-07-10 19:05:42 | Deep Dive |
| CVE-2025-52434 | Apache Tomcat: APR/Native Connector crash leading to DoS | Apache Software Foundation | Apache Tomcat | 高危 | - | 2025-07-10 19:03:47 | Deep Dive |
| CVE-2025-53020 | Apache HTTP Server: HTTP/2 DoS by Memory Increase | Apache Software Foundation | Apache HTTP Server | 中危 | - | 2025-07-10 16:59:06 | Deep Dive |
| CVE-2025-49812 | Apache HTTP Server: mod_ssl TLS upgrade attack | Apache Software Foundation | Apache HTTP Server | - | - | 2025-07-10 16:58:24 | Deep Dive |
| CVE-2025-49630 | Apache HTTP Server: mod_proxy_http2 denial of service | Apache Software Foundation | Apache HTTP Server | - | - | 2025-07-10 16:57:40 | Deep Dive |
| CVE-2025-23048 | Apache HTTP Server: mod_ssl access control bypass with session resumption | Apache Software Foundation | Apache HTTP Server | - | - | 2025-07-10 16:56:54 | Deep Dive |
| CVE-2024-43394 | Apache HTTP Server: SSRF on Windows due to UNC paths | Apache Software Foundation | Apache HTTP Server | 中危 | - | 2025-07-10 16:56:08 | Deep Dive |
| CVE-2024-47252 | Apache HTTP Server: mod_ssl error log variable escaping | Apache Software Foundation | Apache HTTP Server | - | - | 2025-07-10 16:55:20 | Deep Dive |
| CVE-2024-43204 | Apache HTTP Server: SSRF with mod_headers setting Content-Type header | Apache Software Foundation | Apache HTTP Server | - | - | 2025-07-10 16:54:16 | Deep Dive |
| CVE-2024-42516 | Apache HTTP Server: HTTP response splitting | Apache Software Foundation | Apache HTTP Server | - | - | 2025-07-10 16:53:13 | Deep Dive |
| CVE-2025-7363 | TitleIcon: Stored Cross-Site Scripting (XSS) via #titleicon_unicode parser function | Wikimedia Foundation | Mediawiki - TitleIcon extension | - | - | 2025-07-08 17:27:18 | Deep Dive |
| CVE-2025-7362 | MsUpload: Stored Cross-Site Scripting (XSS) via unsanitized msu-continue system message | Wikimedia Foundation | Mediawiki - MsUpload extension | - | - | 2025-07-08 17:22:35 | Deep Dive |
| CVE-2025-53479 | CheckUser: Reflected Cross-Site Scripting (XSS) in Special:CheckUser via unsanitized internationalized message | Wikimedia Foundation | Mediawiki - CheckUser extension | - | - | 2025-07-08 17:16:36 | Deep Dive |
| CVE-2025-53480 | CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate (Account information tab) via unsanitized i18n messages | Wikimedia Foundation | Mediawiki - CheckUser extension | - | - | 2025-07-08 14:58:38 | Deep Dive |
| CVE-2025-53496 | Stored XSS in MediaSearch | Wikimedia Foundation | Mediawiki - MediaSearch Extension | - | - | 2025-07-07 19:12:47 | Deep Dive |
| CVE-2025-53488 | Stored XSS in WikiHiero | Wikimedia Foundation | Mediawiki - WikiHiero Extension | - | - | 2025-07-07 18:44:40 | Deep Dive |
| CVE-2025-53498 | Lack of Audit Logging in AbuseFilter | Wikimedia Foundation | Mediawiki - AbuseFilter Extension | - | - | 2025-07-07 18:35:49 | Deep Dive |
| CVE-2025-53499 | Unauthorized Inspection of Protected Variables in AbuseFilter | Wikimedia Foundation | Mediawiki - AbuseFilter Extension | - | - | 2025-07-07 18:33:12 | Deep Dive |