| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-20321 | Membership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 6.5 | 2025-07-07 17:48:03 | Deep Dive |
| CVE-2025-20325 | Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise | Splunk | Splunk Enterprise | Low | 3.1 | 2025-07-07 17:48:02 | Deep Dive |
| CVE-2025-20319 | Remote Command Execution through Scripted Input Files in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 6.8 | 2025-07-07 17:48:01 | Deep Dive |
| CVE-2025-20324 | Improper Access Control in System Source Types Configuration in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 5.4 | 2025-07-07 17:48:00 | Deep Dive |
| CVE-2025-20320 | Denial of Service (DoS) through “User Interface - Views“ configuration page in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 6.3 | 2025-07-07 17:48:00 | Deep Dive |
| CVE-2025-20300 | Improper Access Control Lets Low-Privilege Users Suppress Read-Only Alerts in Splunk Enterprise | Splunk | Splunk Enterprise | Medium | 4.3 | 2025-07-07 17:47:58 | Deep Dive |
| CVE-2025-5987 | Libssh: invalid return code for chacha20 poly1305 with openssl backend | - | - | High | 8.1 | 2025-07-07 14:24:13 | Deep Dive |
| CVE-2025-5351 | Libssh: double free vulnerability in libssh key export functions | libssh | libssh | Medium | 6.5 | 2025-07-04 08:16:47 | Deep Dive |
| CVE-2025-5372 | Libssh: incorrect return code handling in ssh_kdf() in libssh | libssh | libssh | Medium | 5.0 | 2025-07-04 06:01:28 | Deep Dive |
| CVE-2025-20310 | Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability | Cisco | Cisco Enterprise Chat and Email | Medium | 6.1 | 2025-07-02 16:05:44 | Deep Dive |
| CVE-2025-6600 | GitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Search API | GitHub | GitHub Enterprise Server | - | - | 2025-07-01 18:56:46 | Deep Dive |
| CVE-2025-37099 | HPE Insight Remote Support 安全漏洞 | Hewlett Packard Enterprise | Insight Remote Support | - | - | 2025-07-01 17:30:25 | Deep Dive |
| CVE-2025-37098 | HPE Insight Remote Support 安全漏洞 | Hewlett Packard Enterprise | Insight Remote Support | - | - | 2025-07-01 14:39:12 | Deep Dive |
| CVE-2025-37097 | HPE Insight Remote Support 安全漏洞 | Hewlett Packard Enterprise | Insight Remote Support | - | - | 2025-07-01 14:06:43 | Deep Dive |
| CVE-2025-6761 | Kingdee Cloud-Starry-Sky Enterprise Edition Freemarker Engine DynamicForm 4 Action.class plugin.buildMobilePopHtml special elements used in a template engine | Kingdee | Cloud-Starry-Sky Enterprise Edition | High | 7.3 | 2025-06-27 10:31:09 | Deep Dive |
| CVE-2025-5731 | Infinispan: credential leakage in infinispan cli | Red Hat | infinispan | Medium | 5.5 | 2025-06-26 21:29:00 | Deep Dive |
| CVE-2025-6675 | Enterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-082 | Drupal | Enterprise MFA - TFA for Drupal | - | - | 2025-06-26 13:33:35 | Deep Dive |
| CVE-2025-5459 | OS Command Injection | Perforce | Puppet Enterprise | - | - | 2025-06-26 06:30:57 | Deep Dive |
| CVE-2025-37101 | HPE OneView for VMware vCenter (OV4VC), Local Elevation of Privilege | Hewlett Packard Enterprise | HPE OneView for VMware vCenter | High | 8.7 | 2025-06-26 05:19:02 | Deep Dive |
| CVE-2025-5015 | Parsons AccuWeather Widget Cross-site Scripting | Parsons | Parsons Utility Enterprise Data Management | High | 8.8 | 2025-06-25 16:23:54 | Deep Dive |