Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 265 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-64145 Jenkins ByteGuard Build Actions Plugin 安全漏洞 Jenkins ProjectJenkins ByteGuard Build Actions Plugin--2025-10-29 13:29:49 Deep Dive
CVE-2025-64144 Jenkins plugin ByteGuard Build Actions 安全漏洞 Jenkins ProjectJenkins ByteGuard Build Actions Plugin--2025-10-29 13:29:48 Deep Dive
CVE-2025-12390 Org.keycloak.protocol.oidc.endpoints.logoutendpoint: offline session takeover due to reused authentication session id Keycloakkeycloak Medium 6.0 2025-10-28 13:23:35 Deep Dive
CVE-2025-10939 Org.keycloak/keycloak-quarkus-server: unable to restrict access to the admin console Keycloakkeycloak Low 3.7 2025-10-28 03:08:30 Deep Dive
CVE-2025-12110 Keycloak: org.keycloak:keycloak-services: user can refresh offline session even after client's offline_access scope was removed Keycloakkeycloak Medium 5.4 2025-10-23 14:19:25 Deep Dive
CVE-2025-11429 Keycloak-server: too long and not settings compliant session Keycloakkeycloak Medium 5.4 2025-10-23 14:09:32 Deep Dive
CVE-2025-10044 Keycloak: keycloak error_description injection on error pages Keycloakkeycloak Medium 4.3 2025-09-05 19:59:04 Deep Dive
CVE-2025-58459 Jenkins plugin global-build-stats 安全漏洞 Jenkins ProjectJenkins global-build-stats Plugin--2025-09-03 15:02:27 Deep Dive
CVE-2025-9784 Undertow: undertow madeyoureset http/2 ddos vulnerability -- High 7.5 2025-09-02 13:38:00 Deep Dive
CVE-2025-9162 Org.keycloak/keycloak-model-storage-service: variable injection into environment variables Keycloakkeycloak Medium 4.9 2025-08-21 15:40:25 Deep Dive
CVE-2025-53249 WordPress Build App Online Plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) Vulnerability hakeemnalaBuild App Online Medium 6.5 2025-08-14 18:22:00 Deep Dive
CVE-2025-7195 Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd operator-frameworkoperator-sdk Medium 6.4 2025-08-07 19:05:09 Deep Dive
CVE-2025-8419 Org.keycloak/keycloak-services: keycloak smtp inject vulnerability Keycloakkeycloak Medium 5.3 2025-08-06 17:10:03 Deep Dive
CVE-2025-7784 Org.keycloak/keycloak-services: privilege escalation in keycloak admin console (fgapv2 enabled) -- Medium 6.5 2025-07-18 13:48:46 Deep Dive
CVE-2025-7365 Keycloak: phishing attack via email verification step in first login flow -- High 7.1 2025-07-10 14:20:46 Deep Dive
CVE-2025-53662 Jenkins plugin IFTTT Build Notifier 安全漏洞 Jenkins ProjectJenkins IFTTT Build Notifier Plugin--2025-07-09 15:39:34 Deep Dive
CVE-2025-5416 Keycloak-core: keycloak environment information Red HatRed Hat Build of Keycloak Low 2.7 2025-06-20 16:04:06 Deep Dive
CVE-2025-32800 Conda-build vulnerable to supply chain attack vector due to pyproject.toml referring to dependencies not present in PyPI condaconda-build--2025-06-16 20:38:53 Deep Dive
CVE-2025-32799 Conda-build Vulnerable to Path Traversal via Malicious Tar File condaconda-build--2025-06-16 20:23:03 Deep Dive
CVE-2025-32798 Conda-build Allows Arbitrary Code Execution via Malicious Recipe Selectors condaconda-build--2025-06-16 20:10:07 Deep Dive