| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-66287 | Webkitgtk: processing maliciously crafted web content may lead to an unexpected process crash | The WebKitGTK Team | WebKitGTK | High | 8.8 | 2025-12-04 16:48:31 | Deep Dive |
| CVE-2025-13947 | Webkit: webkitgtk: remote user-assisted information disclosure via file drag-and-drop | The WebKitGTK Team | webkitgtk | High | 7.4 | 2025-12-03 09:46:00 | Deep Dive |
| CVE-2025-12744 | Abrt: command-injection in abrt leading to local privilege escalation | - | - | High | 8.8 | 2025-12-03 08:33:07 | Deep Dive |
| CVE-2025-13601 | Glib: integer overflow in in g_escape_uri_string() | - | - | High | 7.7 | 2025-11-26 14:44:23 | Deep Dive |
| CVE-2025-13502 | Webkit: webkitgtk / wpe webkit: out-of-bounds read and integer underflow vulnerability leading to dos | The WebKitGTK Team | webkitgtk | High | 7.5 | 2025-11-25 08:02:26 | Deep Dive |
| CVE-2025-13609 | Keylime: keylime: registrar allows identity takeover via duplicate uuid registration | Keylime Project | keylime | High | 8.2 | 2025-11-24 18:08:56 | Deep Dive |
| CVE-2025-54770 | Grub2: use-after-free in net_set_vlan | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:30:10 | Deep Dive |
| CVE-2025-61664 | Grub2: missing unregister call for normal_exit command may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:55 | Deep Dive |
| CVE-2025-61663 | Grub2: missing unregister call for normal commands may lead to use-after-free | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:53 | Deep Dive |
| CVE-2025-61662 | Grub2: missing unregister call for gettext command may lead to use-after-free | GNU | grub2 | High | 7.8 | 2025-11-18 18:20:48 | Deep Dive |
| CVE-2025-61661 | Grub2: grub2: out-of-bounds write via malicious usb device | GNU | grub2 | Medium | 4.8 | 2025-11-18 18:20:42 | Deep Dive |
| CVE-2025-54771 | Grub2: use-after-free in grub_file_close() | GNU | grub2 | Medium | 4.9 | 2025-11-18 18:20:40 | Deep Dive |
| CVE-2025-13193 | Libvirt: information disclosure via world-readable vm snapshots | - | - | Medium | 5.5 | 2025-11-17 17:03:48 | Deep Dive |
| CVE-2025-59089 | Python-kdcproxy: remote dos via unbounded tcp upstream buffering | latchset | kdcproxy | Medium | 5.9 | 2025-11-12 16:40:51 | Deep Dive |
| CVE-2025-59088 | Python-kdcproxy: unauthenticated ssrf via realm‑controlled dns srv | latchset | kdcproxy | High | 8.6 | 2025-11-12 16:35:28 | Deep Dive |
| CVE-2025-12748 | Libvirt: denial of service in xml parsing | - | - | Medium | 5.5 | 2025-11-11 19:49:32 | Deep Dive |
| CVE-2025-10230 | Samba: command injection in wins server hook script | - | - | Critical | 10.0 | 2025-11-07 19:42:07 | Deep Dive |
| CVE-2025-12464 | Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode | - | - | Medium | 6.2 | 2025-10-31 21:15:49 | Deep Dive |
| CVE-2025-62229 | Xorg: xmayland: use-after-free in xpresentnotify structure creation | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:28:48 | Deep Dive |
| CVE-2025-62230 | Xorg: xwayland: use-after-free in xkb client resource removal | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:19:40 | Deep Dive |