| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-23385 | JetBrains多款产品 安全漏洞 | JetBrains | ReSharper | High | 7.8 | 2025-01-28 16:01:55 | Deep Dive |
| CVE-2025-0754 | Envoyproxy: openshift service mesh 2.6.3 and 2.5.6 envoy header handling allows log injection and potential spoofing | - | - | Medium | 4.3 | 2025-01-28 09:37:12 | Deep Dive |
| CVE-2025-0752 | Envoyproxy: openshift service mesh envoy http header sanitization bypass leading to dos and unauthorized access | - | - | High | 7.1 | 2025-01-28 09:29:33 | Deep Dive |
| CVE-2024-38325 | IBM Storage Defender information disclosure | IBM | Storage Defender - Resiliency Service | Medium | 5.9 | 2025-01-27 15:27:19 | Deep Dive |
| CVE-2024-52327 | ECOVACS lawnmower and vacuum cloud service live video PIN bypass | ECOVACS | ECOVACS HOME | Medium | 6.5 | 2025-01-23 16:39:28 | Deep Dive |
| CVE-2025-24402 | Jenkins plugin Azure Service Fabric 跨站请求伪造漏洞 | Jenkins Project | Jenkins Azure Service Fabric Plugin | 中危 | - | 2025-01-22 17:02:55 | Deep Dive |
| CVE-2025-24403 | Jenkins plugin Azure Service Fabric 安全漏洞 | Jenkins Project | Jenkins Azure Service Fabric Plugin | 中危 | - | 2025-01-22 17:02:55 | Deep Dive |
| CVE-2024-11218 | Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile | - | - | High | 8.6 | 2025-01-22 04:55:31 | Deep Dive |
| CVE-2025-21554 | Oracle Communications Order and Service Management 安全漏洞 | Oracle Corporation | Oracle Communications Order and Service Management | Medium | 5.3 | 2025-01-21 20:53:18 | Deep Dive |
| CVE-2025-21544 | Oracle Communications Applications 安全漏洞 | Oracle Corporation | Oracle Communications Order and Service Management | Medium | 5.4 | 2025-01-21 20:53:14 | Deep Dive |
| CVE-2025-21542 | Oracle Communications Order and Service Management 访问控制错误漏洞 | Oracle Corporation | Oracle Communications Order and Service Management | Medium | 6.3 | 2025-01-21 20:53:13 | Deep Dive |
| CVE-2024-47106 | IBM Jazz for Service Management information disclosure | IBM | Jazz for Service Management | Medium | 5.3 | 2025-01-18 16:09:47 | Deep Dive |
| CVE-2025-23804 | WordPress WP Service Payment Form With Authorize.net Plugin <= 2.6.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability | Shiv Prakash Tiwari | WP Service Payment Form With Authorize.net | High | 7.1 | 2025-01-16 20:07:06 | Deep Dive |
| CVE-2025-23510 | WordPress WordPress Logging Service plugin <= 1.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability | Jan Štětina | WordPress Logging Service | High | 7.1 | 2025-01-16 20:06:13 | Deep Dive |
| CVE-2025-21245 | Windows Telephony Service Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | High | 8.8 | 2025-01-14 18:04:56 | Deep Dive |
| CVE-2025-21409 | Windows Telephony Service Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | High | 8.8 | 2025-01-14 18:04:56 | Deep Dive |
| CVE-2025-21223 | Windows Telephony Service Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | High | 8.8 | 2025-01-14 18:04:55 | Deep Dive |
| CVE-2025-21240 | Windows Telephony Service Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | High | 8.8 | 2025-01-14 18:04:54 | Deep Dive |
| CVE-2025-21238 | Windows Telephony Service Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | High | 8.8 | 2025-01-14 18:04:54 | Deep Dive |
| CVE-2025-21250 | Windows Telephony Service Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1507 | High | 8.8 | 2025-01-14 18:04:53 | Deep Dive |