| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-53880 | susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal | SUSE | Container suse/manager/4.3/proxy-httpd:latest | - | - | 2025-10-30 10:31:16 | Deep Dive |
| CVE-2025-11568 | Luksmeta: data corruption when handling luks1 partitions with luksmeta | Latchset | luksmeta | Medium | 4.4 | 2025-10-15 19:37:12 | Deep Dive |
| CVE-2025-9640 | Samba: vfs_streams_xattr uninitialized memory write possible | - | - | Medium | 4.3 | 2025-10-15 12:47:30 | Deep Dive |
| CVE-2025-11731 | Libxslt: type confusion in exsltfuncresultcompfunction of libxslt | - | - | Low | 3.1 | 2025-10-14 06:02:36 | Deep Dive |
| CVE-2025-36087 | IBM Security Verify Access hard coded credentials | IBM | Security Verify Access | High | 8.1 | 2025-10-13 00:38:14 | Deep Dive |
| CVE-2025-11561 | Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems | - | - | High | 8.8 | 2025-10-09 13:37:53 | Deep Dive |
| CVE-2025-11234 | Qemu-kvm: vnc websocket handshake use-after-free | - | - | High | 7.5 | 2025-10-03 10:30:34 | Deep Dive |
| CVE-2025-10911 | Libxslt: use-after-free with key data stored cross-rvt | - | - | Medium | 5.5 | 2025-09-25 15:13:14 | Deep Dive |
| CVE-2025-4953 | Podman: build context bind mount | - | - | High | 7.4 | 2025-09-16 14:54:50 | Deep Dive |
| CVE-2025-8277 | Libssh: memory exhaustion via repeated key exchange in libssh | - | - | Low | 3.1 | 2025-09-09 11:55:39 | Deep Dive |
| CVE-2025-9566 | Podman: podman kube play command may overwrite host files | - | - | High | 8.1 | 2025-09-05 19:54:31 | Deep Dive |
| CVE-2025-36133 | IBM App Connect Enterprise information disclosure | IBM | App Connect Enterprise Certified Container | Medium | 5.9 | 2025-09-01 11:56:20 | Deep Dive |
| CVE-2025-4877 | Libssh: write beyond bounds in binary to base64 conversion functions | - | - | Medium | 4.5 | 2025-08-20 12:19:19 | Deep Dive |
| CVE-2025-4437 | Cri-o: large /etc/passwd file may lead to denial of service | Red Hat | Red Hat OpenShift Container Platform 4 | Medium | 5.7 | 2025-08-20 12:19:18 | Deep Dive |
| CVE-2025-7195 | Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd | operator-framework | operator-sdk | Medium | 6.4 | 2025-08-07 19:05:09 | Deep Dive |
| CVE-2025-8556 | Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results | - | - | Low | 3.7 | 2025-08-06 08:48:18 | Deep Dive |
| CVE-2025-46809 | Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs | SUSE | Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1 | Medium | 5.7 | 2025-07-31 15:24:42 | Deep Dive |
| CVE-2025-46811 | SUSE Multi Linux Manager allows code execution via unprotected websocket endpoint | SUSE | Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1 | Critical | 9.8 | 2025-07-30 14:20:54 | Deep Dive |
| CVE-2025-8283 | Netavark: podman: netavark may resolve hostnames to unexpected hosts | - | - | Low | 3.7 | 2025-07-28 18:16:08 | Deep Dive |
| CVE-2025-5449 | Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service | - | - | Medium | 6.5 | 2025-07-25 17:19:39 | Deep Dive |