| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-0726 | Eclipse ThreadX NetX Duo HTTP server denial of service | Eclipse Foundation | ThreadX | 中危 | - | 2025-02-21 08:12:12 | Deep Dive |
| CVE-2025-1492 | Uncontrolled Recursion in Wireshark | Wireshark Foundation | Wireshark | High | 7.8 | 2025-02-20 01:30:46 | Deep Dive |
| CVE-2025-1007 | Improper Authorization in /user/namespace/{namespace}/details | Eclipse Foundation | OpenVSX | 中危 | - | 2025-02-19 08:40:58 | Deep Dive |
| CVE-2024-3220 | Default mimetype known files writeable on Windows | Python Software Foundation | CPython | 中危 | - | 2025-02-14 16:18:01 | Deep Dive |
| CVE-2024-56180 | Apache EventMesh: raft Hessian Deserialization Vulnerability allowing remote code execution | Apache Software Foundation | Apache EventMesh | 中危 | - | 2025-02-14 13:34:27 | Deep Dive |
| CVE-2024-52577 | Apache Ignite: Possible RCE when deserializing incoming messages by the server node | Apache Software Foundation | Apache Ignite | 中危 | - | 2025-02-14 09:55:41 | Deep Dive |
| CVE-2024-46910 | Apache Atlas: An authenticated user can perform XSS and potentially impersonate another user | Apache Software Foundation | Apache Atlas | 中危 | - | 2025-02-13 08:52:57 | Deep Dive |
| CVE-2024-32838 | Apache Fineract: SQL injection vulnerabilities in offices API endpoint | Apache Software Foundation | Apache Fineract | 高危 | - | 2025-02-12 09:44:16 | Deep Dive |
| CVE-2025-25247 | Apache Felix Webconsole: XSS in services console | Apache Software Foundation | Apache Felix Webconsole | 中危 | - | 2025-02-10 11:17:00 | Deep Dive |
| CVE-2025-25069 | Apache Kvrocks: Cross-Protocol Scripting Vulnerability | Apache Software Foundation | Apache Kvrocks | 中危 | - | 2025-02-07 12:46:11 | Deep Dive |
| CVE-2022-31764 | Apache ShardingSphere ElasticJob-UI allows RCE via event trace data source JDBC | Apache Software Foundation | Apache ShardingSphere ElasticJob-UI | 高危 | - | 2025-02-06 14:23:03 | Deep Dive |
| CVE-2024-37358 | Apache James: denial of service through the use of IMAP literals | Apache Software Foundation | Apache James server | High | 8.6 | 2025-02-06 11:22:38 | Deep Dive |
| CVE-2024-45626 | Apache James: denial of service through JMAP HTML to text conversion | Apache Software Foundation | Apache James server | Medium | 6.5 | 2025-02-06 11:21:12 | Deep Dive |
| CVE-2024-48019 | Apache Doris: allows admin users to read arbitrary files through the REST API | Apache Software Foundation | Apache Doris | 中危 | - | 2025-02-04 18:19:52 | Deep Dive |
| CVE-2024-27137 | Apache Cassandra: unrestricted deserialization of JMX authentication credentials | Apache Software Foundation | Apache Cassandra | 高危 | - | 2025-02-04 10:19:44 | Deep Dive |
| CVE-2025-24860 | Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions | Apache Software Foundation | Apache Cassandra | 高危 | - | 2025-02-04 10:17:55 | Deep Dive |
| CVE-2025-23015 | Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions | Apache Software Foundation | Apache Cassandra | 高危 | - | 2025-02-04 09:37:19 | Deep Dive |
| CVE-2025-0938 | URL parser allowed square brackets in domain names | Python Software Foundation | CPython | 低危 | - | 2025-01-31 17:51:36 | Deep Dive |
| CVE-2024-29869 | Apache Hive: Credentials file created with non restrictive permissions | Apache Software Foundation | Apache Hive | 中危 | - | 2025-01-28 21:31:43 | Deep Dive |
| CVE-2024-23953 | Apache Hive: Timing Attack Against Signature in LLAP util | Apache Software Foundation | Apache Hive | 中危 | - | 2025-01-28 09:07:22 | Deep Dive |