| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-42901 | Code Injection vulnerability in SAP Application Server for ABAP (BAPI Browser) | SAP_SE | SAP Application Server for ABAP (BAPI Browser) | Medium | 5.4 | 2025-10-14 00:17:23 | Deep Dive |
| CVE-2025-53967 | Framelink Figma MCP Server 安全漏洞 | Framelink | Figma MCP Server | High | 8.0 | 2025-10-08 00:00:00 | Deep Dive |
| CVE-2025-6242 | Vllm: server side request forgery (ssrf) in mediaconnector | Red Hat | Red Hat AI Inference Server | High | 7.1 | 2025-10-07 19:45:18 | Deep Dive |
| CVE-2025-44823 | Nagios Log Server 安全漏洞 | Nagios | Log Server | Critical | 9.9 | 2025-10-07 00:00:00 | Deep Dive |
| CVE-2025-44824 | Nagios Log Server 安全漏洞 | Nagios | Log Server | High | 8.5 | 2025-10-07 00:00:00 | Deep Dive |
| CVE-2025-32942 | SSH Communications Security SSH Tectia Server 安全漏洞 | SSH | Tectia Server | High | 7.2 | 2025-10-02 00:00:00 | Deep Dive |
| CVE-2025-59954 | Knowage Contains a Remote Code Execution Vulnerability | KnowageLabs | Knowage-Server | 超危 | - | 2025-09-29 23:48:05 | Deep Dive |
| CVE-2025-36245 | IBM InfoSphere Information Server command execution | IBM | InfoSphere Information Server | High | 8.8 | 2025-09-29 22:29:33 | Deep Dive |
| CVE-2025-36099 | IBM WebSphere Application Server denial of service | IBM | WebSphere Application Server | Medium | 4.9 | 2025-09-29 18:20:10 | Deep Dive |
| CVE-2025-1862 | Authenticated Arbitrary File Upload in Multiple WSO2 Products via BPEL Uploader SOAP Service Leading to Remote Code Execution | WSO2 | WSO2 Enterprise Integrator | Medium | 6.7 | 2025-09-26 08:18:22 | Deep Dive |
| CVE-2025-1396 | Username Enumeration in Multiple WSO2 Products with Multi-Attribute Login Enabled | WSO2 | WSO2 Identity Server | Low | 3.7 | 2025-09-26 07:52:52 | Deep Dive |
| CVE-2025-0672 | Authentication Bypass in Multiple WSO2 Products via Stale FIDO Credential Association | WSO2 | WSO2 Identity Server as Key Manager | Low | 3.3 | 2025-09-23 17:30:43 | Deep Dive |
| CVE-2025-0209 | Reflected Cross-Site Scripting (XSS) in WSO2 Identity Server Account Registration Flow | WSO2 | WSO2 Identity Server | Medium | 6.1 | 2025-09-23 17:13:11 | Deep Dive |
| CVE-2025-0663 | Potential cross-tenant account takeover vulnerability in Multiple WSO2 Products via Adaptive Authentication and Auto-Login | WSO2 | WSO2 Open Banking IAM | Medium | 6.8 | 2025-09-23 16:58:07 | Deep Dive |
| CVE-2024-6429 | Content Spoofing in Multiple WSO2 Products via Error Message Injection | WSO2 | WSO2 Identity Server as Key Manager | Medium | 4.3 | 2025-09-23 16:37:58 | Deep Dive |
| CVE-2025-9900 | Libtiff: libtiff write-what-where | - | - | High | 8.8 | 2025-09-23 16:26:23 | Deep Dive |
| CVE-2025-10777 | JSC R7 R7-Office Document Server downloadas path traversal | JSC R7 | R7-Office Document Server | Medium | 6.3 | 2025-09-22 02:02:06 | Deep Dive |
| CVE-2022-4980 | General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page | General Bytes | Crypto Application Server (CAS) | 中危 | - | 2025-09-19 18:55:03 | Deep Dive |
| CVE-2025-59220 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 21H2 | High | 7.0 | 2025-09-18 21:28:26 | Deep Dive |
| CVE-2025-59216 | Windows Graphics Component Elevation of Privilege Vulnerability | Microsoft | Windows 11 Version 24H2 | High | 7.0 | 2025-09-18 21:28:25 | Deep Dive |