| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12284 | Lack of Input Validation | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-26 16:21:56 | Deep Dive |
| CVE-2025-12275 | Mail Configuration File Manipulation + Command Execution | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-26 16:15:34 | Deep Dive |
| CVE-2025-12278 | Logout Functionality not Working | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-26 16:14:33 | Deep Dive |
| CVE-2025-12221 | CSRF Token not Properly Implemented | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-25 15:57:46 | Deep Dive |
| CVE-2025-12220 | Busybox 1.31.1 - Multiple Known Vulnerabilities | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-25 15:53:04 | Deep Dive |
| CVE-2025-12219 | Vulnerable Components in Azure Access OS | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-25 15:51:58 | Deep Dive |
| CVE-2025-12218 | Weak Default Credentials | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-25 15:47:37 | Deep Dive |
| CVE-2025-12217 | SNMP Default Community String (public) | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-25 15:39:53 | Deep Dive |
| CVE-2025-12216 | Malicious / Malformed App can be Installed but not Uninstalled | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-25 15:33:18 | Deep Dive |
| CVE-2025-12176 | Undocumented Administrative Accounts | Azure Access Technology | BLU-IC2 | 中危 | - | 2025-10-24 15:56:08 | Deep Dive |
| CVE-2025-10749 | Microsoft Azure Storage for WordPress <= 4.5.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Media Deletion | 10up | Microsoft Azure Storage for WordPress | Medium | 5.4 | 2025-10-24 08:24:05 | Deep Dive |
| CVE-2025-59503 | Azure Compute Resource Provider Elevation of Privilege Vulnerability | Microsoft | Azure Compute Resource Provider | Critical | 10.0 | 2025-10-23 21:18:06 | Deep Dive |
| CVE-2025-59273 | Azure Event Grid System Elevation of Privilege Vulnerability | Microsoft | Azure Event Grid System | High | 7.3 | 2025-10-23 21:17:49 | Deep Dive |
| CVE-2025-59500 | Azure Notification Service Elevation of Privilege Vulnerability | Microsoft | Azure Notification Service | High | 7.7 | 2025-10-23 21:07:30 | Deep Dive |
| CVE-2025-12114 | Serial Console Enabled | Azure Access Technology | BLU-IC2 | - | - | 2025-10-23 15:29:13 | Deep Dive |
| CVE-2025-12104 | Incorrect Content-Type Header | Azure Access Technology | BLU-IC2 | - | - | 2025-10-23 03:56:27 | Deep Dive |
| CVE-2025-12031 | HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute | Azure Access Technology | BLU-IC2 | - | - | 2025-10-21 17:22:36 | Deep Dive |
| CVE-2025-12001 | Incorrect Content-Type Header | Azure Access Technology | BLU-IC2 | - | - | 2025-10-20 21:53:27 | Deep Dive |
| CVE-2025-11925 | Incorrect Content-Type Header | Azure Access Technology | BLU-IC2 | - | - | 2025-10-17 19:56:14 | Deep Dive |
| CVE-2025-11832 | APIs Lack Rate Limiting | Azure Access Technology | BLU-IC2 | - | - | 2025-10-15 19:10:34 | Deep Dive |