| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-2522 | Lack of buffer clearing before reuse may result in incorrect system behavior. | Honeywell | C300 PCNT02 | Medium | 6.5 | 2025-07-10 20:11:44 | Deep Dive |
| CVE-2025-2521 | Lack of indexes’ validation against buffer borders leads to remote code execution. | Honeywell | C300 PCNT02 | High | 8.6 | 2025-07-10 20:08:04 | Deep Dive |
| CVE-2025-53634 | Chall-Manager's HTTP Gateway have no header check timeout leading to potential slow loris attacks | ctfer-io | chall-manager | - | - | 2025-07-10 19:39:58 | Deep Dive |
| CVE-2025-53633 | Chall-Manager's scenario decoding process does not check for zip bombs | ctfer-io | chall-manager | - | - | 2025-07-10 19:38:20 | Deep Dive |
| CVE-2025-53632 | Chall-Manager's scenario decoding process does not check for zip slips | ctfer-io | chall-manager | - | - | 2025-07-10 19:36:47 | Deep Dive |
| CVE-2025-52837 | Trend Micro Password Manager 安全漏洞 | Trend Micro, Inc. | Trend Micro Password Manager | High | 7.8 | 2025-07-10 18:57:51 | Deep Dive |
| CVE-2025-7425 | Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr | GNOME | libxml2 | High | 7.8 | 2025-07-10 13:53:37 | Deep Dive |
| CVE-2025-7387 | Lana Downloads Manager <= 1.10.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | lanacodes | Lana Downloads Manager | Medium | 5.5 | 2025-07-10 05:24:12 | Deep Dive |
| CVE-2025-0139 | Autonomous Digital Experience Manager: Privilege Escalation (PE) Vulnerability | Palo Alto Networks | Autonomous Digital Experience Manager | - | - | 2025-07-09 22:57:57 | Deep Dive |
| CVE-2025-6976 | Events Manager <= 7.0.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Plugin Shortcodes | netweblogic | Events Manager – Calendar, Bookings, Tickets, and more! | Medium | 6.4 | 2025-07-09 22:22:48 | Deep Dive |
| CVE-2025-6970 | Events Manager <= 7.0.3 - Unauthenticated SQL Injection via `orderby` Parameter | netweblogic | Events Manager – Calendar, Bookings, Tickets, and more! | High | 7.5 | 2025-07-09 22:22:47 | Deep Dive |
| CVE-2025-6975 | Event Manager <= 7.0.3 - Reflected Cross-Site Scripting via `calendar_header` Parameter | netweblogic | Events Manager – Calendar, Bookings, Tickets, and more! | Medium | 6.1 | 2025-07-09 22:22:47 | Deep Dive |
| CVE-2025-36599 | Dell PowerFlex Manager VM 日志信息泄露漏洞 | Dell | PowerFlex Manager VM | Medium | 4.3 | 2025-07-09 18:30:32 | Deep Dive |
| CVE-2025-3780 | WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible <= 6.7.16 - Missing Authorization to Unauthenticated Plugin Settings Modification | wclovers | WCFM – Frontend Manager for WooCommerce | Medium | 6.5 | 2025-07-08 23:22:49 | Deep Dive |
| CVE-2025-49534 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Experience Manager | Medium | 5.4 | 2025-07-08 21:40:36 | Deep Dive |
| CVE-2025-49547 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Experience Manager | Medium | 5.4 | 2025-07-08 21:40:36 | Deep Dive |
| CVE-2025-49533 | Adobe Experience Manager (MS) | Deserialization of Untrusted Data (CWE-502) | Adobe | Adobe Experience Manager (MS) | Critical | 9.8 | 2025-07-08 21:32:13 | Deep Dive |
| CVE-2025-49738 | Microsoft PC Manager Elevation of Privilege Vulnerability | Microsoft | Microsoft PC Manager | High | 7.8 | 2025-07-08 16:58:15 | Deep Dive |
| CVE-2025-47178 | Microsoft Configuration Manager Remote Code Execution Vulnerability | Microsoft | Microsoft Configuration Manager | High | 8.0 | 2025-07-08 16:57:26 | Deep Dive |
| CVE-2025-6771 | OS command injection in Ivanti Endpoint Manager | Ivanti | Endpoint Manager Mobile | High | 7.2 | 2025-07-08 15:38:49 | Deep Dive |