| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-62457 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1809 | High | 7.8 | 2025-12-09 17:55:34 | Deep Dive |
| CVE-2025-62456 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Microsoft | Windows 11 version 22H3 | High | 8.8 | 2025-12-09 17:55:33 | Deep Dive |
| CVE-2025-62454 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1809 | High | 7.8 | 2025-12-09 17:55:32 | Deep Dive |
| CVE-2025-14345 | Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server | MongoDB Inc. | MongoDB Server | Medium | 4.2 | 2025-12-09 15:00:39 | Deep Dive |
| CVE-2025-40819 | Siemens SINEMA Remote Connect Server 安全漏洞 | Siemens | SINEMA Remote Connect Server | Medium | 4.3 | 2025-12-09 10:44:29 | Deep Dive |
| CVE-2025-40818 | Siemens SINEMA Remote Connect Server 安全漏洞 | Siemens | SINEMA Remote Connect Server | Low | 3.3 | 2025-12-09 10:44:28 | Deep Dive |
| CVE-2025-67487 | Static Web Server is vulnerable to symbolic link Path Traversal | static-web-server | static-web-server | - | - | 2025-12-09 03:35:58 | Deep Dive |
| CVE-2025-42904 | Information Disclosure vulnerability in Application Server ABAP | SAP_SE | Application Server ABAP | Medium | 6.5 | 2025-12-09 02:15:37 | Deep Dive |
| CVE-2025-42877 | Memory Corruption vulnerability in SAP Web Dispatcher, Internet Communication Manager and SAP Content Server | SAP_SE | SAP Web Dispatcher, Internet Communication Manager and SAP Content Server | High | 7.5 | 2025-12-09 02:14:51 | Deep Dive |
| CVE-2025-12635 | IBM WebSphere Application Server and WebSphere Application Server Liberty Cross-Site Scripting | IBM | WebSphere Application Server | Medium | 5.4 | 2025-12-08 21:58:14 | Deep Dive |
| CVE-2025-12832 | IBM InfoSphere Information Server Server-Side Request Forgery | IBM | InfoSphere Information Server | Medium | 4.6 | 2025-12-08 21:46:56 | Deep Dive |
| CVE-2025-14276 | Ilevia EVE X1 Server leaf_search.php command injection | Ilevia | EVE X1 Server | Medium | 5.6 | 2025-12-08 21:32:08 | Deep Dive |
| CVE-2025-34256 | Advantech WISE-DeviceOn Server < 5.4 Hard-coded JWT Key Authentication Bypass | Advantech Co., Ltd. | WISE-DeviceOn Server | 中危 | - | 2025-12-05 17:18:32 | Deep Dive |
| CVE-2025-34265 | Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via rule-engines | Advantech Co., Ltd. | WISE-DeviceOn Server | 中危 | - | 2025-12-05 17:18:11 | Deep Dive |
| CVE-2020-36879 | Flexsense DiskBoss Service Unquoted Service Path Vulnerability | Flexsense | DiskBoss | 中危 | - | 2025-12-05 17:18:10 | Deep Dive |
| CVE-2025-34263 | Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via plugin-config/dashboards/menus | Advantech Co., Ltd. | WISE-DeviceOn Server | 中危 | - | 2025-12-05 17:17:52 | Deep Dive |
| CVE-2025-34266 | Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via plugin-config/addins/menus | Advantech Co., Ltd. | WISE-DeviceOn Server | 中危 | - | 2025-12-05 17:17:36 | Deep Dive |
| CVE-2025-34264 | Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via dog/{agentId} | Advantech Co., Ltd. | WISE-DeviceOn Server | 中危 | - | 2025-12-05 17:17:17 | Deep Dive |
| CVE-2025-34262 | Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via devices/name/{agent_id} | Advantech Co., Ltd. | WISE-DeviceOn Server | 中危 | - | 2025-12-05 17:16:55 | Deep Dive |
| CVE-2025-34258 | Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via devicemap/plan | Advantech Co., Ltd. | WISE-DeviceOn Server | 中危 | - | 2025-12-05 17:16:37 | Deep Dive |