| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-58027 | WordPress NGG Smart Image Search Plugin <= 3.4.3 - Cross Site Scripting (XSS) Vulnerability | wpo-HR | NGG Smart Image Search | Medium | 6.5 | 2025-09-22 18:23:56 | Deep Dive |
| CVE-2025-8079 | Reflected XSS in Akıllı Ticaret Software Technologies' Smart Trade E-Commerce | Akıllı Ticaret Software Technologies Ltd. Co. | Smart Trade E-Commerce | Medium | 4.6 | 2025-09-22 08:45:20 | Deep Dive |
| CVE-2025-10204 | Unauth Admin Reset Password on AC Smart II | LG Electronics | AC Smart II | 中危 | - | 2025-09-14 12:43:30 | Deep Dive |
| CVE-2025-10398 | fcba_zzm ics-park Smart Park Management System FileUploadUtils.java unrestricted upload | fcba_zzm | ics-park Smart Park Management System | Medium | 6.3 | 2025-09-14 12:02:07 | Deep Dive |
| CVE-2025-10394 | fcba_zzm ics-park Smart Park Management System Scheduled Task JobController.java code injection | fcba_zzm | ics-park Smart Park Management System | Medium | 4.7 | 2025-09-14 06:32:06 | Deep Dive |
| CVE-2025-9126 | Smart Table Builder <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter | designful | Smart Table Builder | Medium | 6.4 | 2025-09-06 03:22:35 | Deep Dive |
| CVE-2025-49401 | WordPress smart SEO Plugin <= 4.0 - Privilege Escalation Vulnerability | axiomthemes | smart SEO | Critical | 9.8 | 2025-09-05 16:15:41 | Deep Dive |
| CVE-2025-48354 | WordPress Better Post & Filter Widgets for Elementor plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability | WP Smart Widgets | Better Post & Filter Widgets for Elementor | Medium | 6.5 | 2025-08-28 12:37:06 | Deep Dive |
| CVE-2023-7309 | Dahua Smart Park Integrated Management Platform Front-End Arbitrary File Upload | Zhejiang Dahua Technology Co., Ltd. | Smart Park Integrated Management Platform | - | - | 2025-08-27 21:24:00 | Deep Dive |
| CVE-2025-8618 | WPC Smart Quick View for WooCommerce <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via woosq_btn Shortcode | wpclever | WPC Smart Quick View for WooCommerce | Medium | 6.4 | 2025-08-20 04:26:20 | Deep Dive |
| CVE-2025-7496 | WPC Smart Compare for WooCommerce <= 6.4.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | wpclever | WPC Smart Compare for WooCommerce | Medium | 6.4 | 2025-08-19 03:39:04 | Deep Dive |
| CVE-2025-21024 | SAMSUNG Smart View 安全漏洞 | Samsung Mobile | Smart View | Low | 3.3 | 2025-08-06 04:23:42 | Deep Dive |
| CVE-2025-6348 | Smart Slider 3 <= 3.5.1.28 - Authenticated (Administrator+) SQL Injection via `sliderid` Parameter | nextendweb | Smart Slider 3 | Medium | 4.9 | 2025-07-30 08:23:02 | Deep Dive |
| CVE-2016-15046 | Hanwha Techwin SSM 1.32 & 1.4 ActiveMQ File Upload RCE | Hanwha | Smart Security Manager (SSM) | 中危 | - | 2025-07-25 15:53:44 | Deep Dive |
| CVE-2025-2425 | TOCTOU race condition vulnerability in ESET products on Windows | ESET, spol. s.r.o | ESET NOD32 Antivirus | 中危 | - | 2025-07-18 09:20:52 | Deep Dive |
| CVE-2025-2818 | Motorola Smart Connect Android Application 安全漏洞 | Motorola | Smart Connect Android Application | Low | 3.5 | 2025-07-17 19:17:51 | Deep Dive |
| CVE-2025-5530 | WPC Smart Compare for WooCommerce <= 6.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpclever | WPC Smart Compare for WooCommerce | Medium | 6.4 | 2025-07-11 07:23:00 | Deep Dive |
| CVE-2025-5028 | Arbitrary file deletion vulnerability in ESET product installers | ESET, spol. s.r.o | ESET NOD32 Antivirus | - | - | 2025-07-11 06:40:29 | Deep Dive |
| CVE-2025-3499 | Unauthenticated execution of arbitrary commands in Radiflow iSAP Smart Collector | Radiflow | iSAP Smart Collector | Critical | 10.0 | 2025-07-09 08:57:27 | Deep Dive |
| CVE-2025-3498 | Unauthenticated modification of Radiflow iSAP Smart Collector configuration | Radiflow | iSAP Smart Collector | Critical | 9.9 | 2025-07-09 08:53:33 | Deep Dive |