| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-32372 | Server-Side Request Forgery (SSRF) in DotNetNuke.Core | dnnsoftware | Dnn.Platform | Medium | 6.5 | 2025-04-09 15:14:35 | Deep Dive |
| CVE-2025-32371 | Unexpected external content may be displayed in DNN ImageHandler | dnnsoftware | Dnn.Platform | Medium | 4.3 | 2025-04-09 15:14:29 | Deep Dive |
| CVE-2025-29988 | Dell Client Platform BIOS 安全漏洞 | Dell | Dell Client Platform BIOS | Medium | 6.9 | 2025-04-09 02:25:07 | Deep Dive |
| CVE-2025-3416 | Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch` | - | - | Low | 3.7 | 2025-04-08 18:24:22 | Deep Dive |
| CVE-2025-32036 | DNN allows the possibility of bypassing Captcha | dnnsoftware | Dnn.Platform | Medium | 4.2 | 2025-04-08 18:06:50 | Deep Dive |
| CVE-2025-32035 | DNN does not check the contents of a file when uploading files | dnnsoftware | Dnn.Platform | Low | 2.6 | 2025-04-08 18:00:41 | Deep Dive |
| CVE-2025-31332 | Insecure File permissions vulnerability in SAP BusinessObjects Business Intelligence Platform | SAP_SE | SAP BusinessObjects Business Intelligence Platform | Medium | 6.6 | 2025-04-08 07:15:37 | Deep Dive |
| CVE-2025-31330 | Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform) | SAP_SE | SAP Landscape Transformation (Analysis Platform) | Critical | 9.9 | 2025-04-08 07:15:14 | Deep Dive |
| CVE-2025-30015 | Memory Corruption vulnerability in SAP NetWeaver and ABAP Platform (Application Server ABAP) | SAP_SE | SAP NetWeaver and ABAP Platform (Application Server ABAP) | Medium | 4.1 | 2025-04-08 07:14:37 | Deep Dive |
| CVE-2025-27428 | Directory Traversal vulnerability in SAP NetWeaver and ABAP Platform (Service Data Collection) | SAP_SE | SAP NetWeaver and ABAP Platform (Service Data Collection) | High | 7.7 | 2025-04-08 07:13:27 | Deep Dive |
| CVE-2025-3402 | Seeyon Zhiyuan Interconnect FE Collaborative Office Platform check.js%70 sql injection | Seeyon | Zhiyuan Interconnect FE Collaborative Office Platform | Medium | 6.3 | 2025-04-08 02:31:06 | Deep Dive |
| CVE-2025-2251 | Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution | - | - | Medium | 6.2 | 2025-04-07 14:06:47 | Deep Dive |
| CVE-2025-31485 | GraphQL grant on a property might be cached with different objects | api-platform | core | High | 7.5 | 2025-04-03 19:31:46 | Deep Dive |
| CVE-2025-31481 | GraphQL query operations security can be bypassed | api-platform | core | High | 7.5 | 2025-04-03 19:20:23 | Deep Dive |
| CVE-2023-47639 | API Platform Core can leak exceptions message that may contain sensitive information | api-platform | core | Medium | 5.3 | 2025-04-03 16:46:14 | Deep Dive |
| CVE-2025-1534 | Cross-site Scripting (Stored) | Payara Platform | Payara Server | - | - | 2025-04-01 03:25:30 | Deep Dive |
| CVE-2025-3014 | Insecure direct object references (IDOR) in NightWolf Penetration Platform | FPT Software | NightWolf Penetration Platform | 中危 | - | 2025-03-31 03:48:13 | Deep Dive |
| CVE-2025-3013 | Insecure direct object references (IDOR) in NightWolf Penetration Platform | FPT Software | NightWolf Penetration Platform | 中危 | - | 2025-03-31 03:40:05 | Deep Dive |
| CVE-2025-2877 | Event-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activation with verbosity set to debug in eda | - | - | Medium | 6.5 | 2025-03-28 14:05:18 | Deep Dive |
| CVE-2025-31165 | Cross Site Scripting in NightWolf Penetration Platform | FPT Software | NightWolf Penetration Platform | - | - | 2025-03-27 04:00:55 | Deep Dive |