| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-3879 | Vault’s Azure Authentication Method bound_location Restriction Could be Bypassed on Login | HashiCorp | Vault | Medium | 6.6 | 2025-05-02 16:15:11 | Deep Dive |
| CVE-2025-4166 | Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin | HashiCorp | Vault | Medium | 4.5 | 2025-05-02 14:57:59 | Deep Dive |
| CVE-2025-4035 | Libsoup: cookie domain validation bypass via uppercase characters in libsoup | Red Hat | Red Hat Enterprise Linux 10 | Medium | 4.3 | 2025-04-29 12:56:23 | Deep Dive |
| CVE-2025-3891 | Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled | - | - | High | 7.5 | 2025-04-29 11:56:51 | Deep Dive |
| CVE-2024-10635 | Enterprise Protection S/MIME Opaque Signature Attachment Scanning Bypass | Proofpoint | Enterprise Protection | Medium | 6.1 | 2025-04-28 20:36:43 | Deep Dive |
| CVE-2025-46421 | Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server | - | - | Medium | 6.8 | 2025-04-24 13:01:25 | Deep Dive |
| CVE-2025-46420 | Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c | - | - | Medium | 6.5 | 2025-04-24 12:58:01 | Deep Dive |
| CVE-2025-46400 | Xfig: fig2dev segmentation fault in read_arcobject | - | - | Medium | 5.5 | 2025-04-23 20:55:17 | Deep Dive |
| CVE-2025-46399 | Xfig: transfig: fig2dev segmentation fault vulnerability | - | - | Medium | 5.5 | 2025-04-23 20:55:15 | Deep Dive |
| CVE-2025-46398 | Xfig: fig2dev stack-overflow via read_objects | - | - | Medium | 5.5 | 2025-04-23 20:55:13 | Deep Dive |
| CVE-2025-46397 | Xfig: xfig: stack-overflow allows possible code execution via local input manipulation | - | - | High | 7.8 | 2025-04-23 20:55:10 | Deep Dive |
| CVE-2025-2703 | Grafana 安全漏洞 | Grafana | Grafana | Medium | 6.8 | 2025-04-23 11:36:03 | Deep Dive |
| CVE-2024-10306 | Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests | - | - | Medium | 5.4 | 2025-04-23 09:59:49 | Deep Dive |
| CVE-2025-37088 | Hewlett Packard Enterprise Cray Data Virtualization Service 安全漏洞 | Hewlett Packard Enterprise (HPE) | HPE Cray Data Virtualization Service (DVS) | 高危 | - | 2025-04-22 21:55:33 | Deep Dive |
| CVE-2025-27087 | Hewlett Packard Enterprise Cray Operating System 安全漏洞 | Hewlett Packard Enterprise (HPE) | HPE Cray Operating System (COS) | 中危 | - | 2025-04-22 21:38:21 | Deep Dive |
| CVE-2025-37087 | Hewlett Packard Enterprise Performance Cluster Manager 安全漏洞 | Hewlett Packard Enterprise (HPE) | HPE Performance Cluster Manager (HPCM) | 超危 | - | 2025-04-22 20:58:59 | Deep Dive |
| CVE-2025-27086 | Hewlett Packard Enterprise Performance Cluster Manager 安全漏洞 | Hewlett Packard Enterprise | HPE Performance Cluster Manager (HPCM) | 中危 | - | 2025-04-21 18:07:11 | Deep Dive |
| CVE-2025-2517 | Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager | OpenText | ArcSight Enterprise Security Manager | 高危 | - | 2025-04-21 14:26:05 | Deep Dive |
| CVE-2025-3246 | Markdown math block sanitization bypass allows privilege escalation and unauthorized workflow triggers | GitHub | GitHub Enterprise Server | - | - | 2025-04-17 22:50:22 | Deep Dive |
| CVE-2025-3509 | Pre-Receive Hook Remote Code Execution vulnerability was identified in GitHub Enterprise Server that allowing Privilege Escalation | GitHub | Enterprise Server | - | - | 2025-04-17 22:50:18 | Deep Dive |