| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-58579 | Username Disclosure Through Missing Authentication | SICK AG | Baggage Analytics | Medium | 5.3 | 2025-10-06 07:09:09 | Deep Dive |
| CVE-2025-58587 | Improper Restriction of Excessive Authentication Attempts | SICK AG | Baggage Analytics | Medium | 6.5 | 2025-10-06 07:03:16 | Deep Dive |
| CVE-2025-58586 | User Enumeration by excessive error output | SICK AG | Baggage Analytics | Medium | 5.3 | 2025-10-06 07:02:47 | Deep Dive |
| CVE-2025-58584 | Plain Text Transmission of Username and Password in the URL | SICK AG | Baggage Analytics | Medium | 5.3 | 2025-10-06 07:01:05 | Deep Dive |
| CVE-2025-58583 | User Enumeration | SICK AG | Enterprise Analytics | Medium | 5.3 | 2025-10-06 06:52:04 | Deep Dive |
| CVE-2025-58582 | Uncontrolled Resource Consumption via log file | SICK AG | Enterprise Analytics | Medium | 5.3 | 2025-10-06 06:50:57 | Deep Dive |
| CVE-2025-58581 | Information Disclosure Through Stacktrace-/MQTT/Config/changeAll | SICK AG | Enterprise Analytics | Medium | 4.3 | 2025-10-06 06:50:12 | Deep Dive |
| CVE-2025-58580 | Injection via log file | SICK AG | Enterprise Analytics | Medium | 6.5 | 2025-10-06 06:49:28 | Deep Dive |
| CVE-2025-58578 | Unlimited user creation by authorized users | SICK AG | Enterprise Analytics | Low | 3.8 | 2025-10-06 06:47:31 | Deep Dive |
| CVE-2025-11234 | Qemu-kvm: vnc websocket handshake use-after-free | - | - | High | 7.5 | 2025-10-03 10:30:34 | Deep Dive |
| CVE-2025-11020 | Remote Code Execution in MarkAny SafePC Enterprise | MarkAny | SafePC Enterprise | High | 8.8 | 2025-10-02 05:15:51 | Deep Dive |
| CVE-2025-20368 | Stored Cross-Site Scripting (XSS) through missing field warning messages in Saved Search and Job Inspector on Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 5.7 | 2025-10-01 16:08:04 | Deep Dive |
| CVE-2025-20371 | Unauthenticated Blind Server Side Request Forgery (SSRF) in Splunk Enterprise | Splunk | Splunk Enterprise | High | 7.5 | 2025-10-01 16:08:03 | Deep Dive |
| CVE-2025-20367 | Reflected Cross-site Scripting (XSS) in '/app/search/table' endpoint through the 'dataset.command' parameter on Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 5.7 | 2025-10-01 16:08:01 | Deep Dive |
| CVE-2025-20370 | Denial of Service (DoS) through Multiple LDAP Bind Requests in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 4.9 | 2025-10-01 16:07:58 | Deep Dive |
| CVE-2025-20366 | Improper Access Control in Background Job Submission in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 6.5 | 2025-10-01 16:07:56 | Deep Dive |
| CVE-2025-20369 | Extensible Markup Language (XML) External Entity Injection (XXE) through Dashboard label field on Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 4.6 | 2025-10-01 16:07:52 | Deep Dive |
| CVE-2025-7493 | Freeipa: idm: privilege escalation from host to domain admin in freeipa | Red Hat | Red Hat Enterprise Linux 10 | Critical | 9.1 | 2025-09-30 15:06:47 | Deep Dive |
| CVE-2025-35034 | Medical Informatics Engineering Enterprise Health reflected cross site scripting via portlet_user_id | Medical Informatics Engineering | Enterprise Health | Medium | 4.3 | 2025-09-29 20:01:58 | Deep Dive |
| CVE-2025-35033 | Medical Informatics Engineering Enterprise Health CSV injection | Medical Informatics Engineering | Enterprise Health | Medium | 4.1 | 2025-09-29 20:01:38 | Deep Dive |