| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-59507 | Windows Speech Runtime Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.0 | 2025-11-11 17:59:16 | Deep Dive |
| CVE-2025-59508 | Windows Speech Recognition Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.0 | 2025-11-11 17:59:16 | Deep Dive |
| CVE-2025-59506 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.0 | 2025-11-11 17:59:15 | Deep Dive |
| CVE-2025-59505 | Windows Smart Card Reader Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.8 | 2025-11-11 17:59:13 | Deep Dive |
| CVE-2025-24918 | Intel Server Configuration Utility和Intel Server Firmware Update Utility 后置链接漏洞 | - | Intel(R) Server Configuration Utility software and Intel(R) Server Firmware Update Utility software | Medium | 6.7 | 2025-11-11 16:50:08 | Deep Dive |
| CVE-2025-33202 | NVIDIA Triton Inference Server 安全漏洞 | NVIDIA | Triton Inference Server | Medium | 6.5 | 2025-11-11 16:19:14 | Deep Dive |
| CVE-2025-42919 | Information Disclosure vulnerability in SAP NetWeaver Application Server Java | SAP_SE | SAP NetWeaver Application Server Java | Medium | 5.3 | 2025-11-11 00:20:18 | Deep Dive |
| CVE-2025-42883 | Insecure File Operations vulnerability in SAP NetWeaver Application Server for ABAP (Migration Workbench) | SAP_SE | SAP NetWeaver Application Server for ABAP (Migration Workbench) | Low | 2.7 | 2025-11-11 00:13:48 | Deep Dive |
| CVE-2025-42882 | Missing Authorization check in SAP NetWeaver Application Server for ABAP | SAP_SE | SAP NetWeaver Application Server for ABAP | Medium | 4.3 | 2025-11-11 00:13:33 | Deep Dive |
| CVE-2025-11578 | Pre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege Escalation | GitHub | Enterprise Server | 中危 | - | 2025-11-10 22:44:33 | Deep Dive |
| CVE-2025-11892 | DOM-based Cross-Site Scripting was identified in GitHub Enterprise Server Issues search allows privilege escalation and unauthorized workflow triggers | GitHub | Enterprise Server | 高危 | - | 2025-11-10 22:43:42 | Deep Dive |
| CVE-2018-25124 | PacsOne Server 6.6.2 DICOM Web Viewer Directory Traversal LFI | RainbowFish Software | PacsOne Server | 中危 | - | 2025-11-10 22:32:03 | Deep Dive |
| CVE-2025-64502 | Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details | parse-community | parse-server | 中危 | - | 2025-11-10 21:40:34 | Deep Dive |
| CVE-2025-12868 | CyberTutor|New Site Server - Use of Client-Side Authentication | CyberTutor | New Site Server | Critical | 9.8 | 2025-11-10 03:14:29 | Deep Dive |
| CVE-2025-64430 | Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format | parse-community | parse-server | High | 7.5 | 2025-11-07 17:55:28 | Deep Dive |
| CVE-2025-12489 | evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability | evernote-mcp-server | evernote-mcp-server | 高危 | - | 2025-11-06 20:11:33 | Deep Dive |
| CVE-2025-12485 | Devolutions Server 安全漏洞 | Devolutions | Server | 中危 | - | 2025-11-06 16:37:15 | Deep Dive |
| CVE-2025-12808 | Devolutions Server 安全漏洞 | Devolutions | Server | 高危 | - | 2025-11-06 16:36:15 | Deep Dive |
| CVE-2025-36054 | Cross-site scripting vulnerability affect IBM Business Automation Workflow Process Federation Server - | IBM | Business Automation Workflow containers | Medium | 6.1 | 2025-11-06 14:11:49 | Deep Dive |
| CVE-2025-10853 | Reflected Cross-Site Scripting (XSS) in Management Console of Multiple WSO2 Products Due to Improper Output Encoding | WSO2 | WSO2 Open Banking IAM | Medium | 5.2 | 2025-11-05 19:21:33 | Deep Dive |