| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-7073 | Local Privilege Escalation via Arbitrary File Operation in Bitdefender Total Security | Bitdefender | Total Security | - | - | 2025-12-10 09:46:40 | Deep Dive |
| CVE-2025-64113 | Emby Server allows attackers to gain administrative server access without preconditions | EmbySupport | security | - | - | 2025-12-09 19:21:12 | Deep Dive |
| CVE-2025-40831 | Siemens SINEC Security Monitor 输入验证错误漏洞 | Siemens | SINEC Security Monitor | Medium | 6.5 | 2025-12-09 10:44:33 | Deep Dive |
| CVE-2025-40830 | Siemens SINEC Security Monitor 授权问题漏洞 | Siemens | SINEC Security Monitor | Medium | 6.7 | 2025-12-09 10:44:32 | Deep Dive |
| CVE-2025-13604 | Login Security, FireWall, Malware removal by CleanTalk <= 2.168 - Unauthenticated Stored Cross-Site Scripting via Page URL | cleantalk | Login Security, FireWall, Malware removal by CleanTalk | High | 7.2 | 2025-12-09 04:36:25 | Deep Dive |
| CVE-2025-66558 | Nextcloud Twofactor WebAuthn app was updated based on public key | nextcloud | security-advisories | Low | 3.1 | 2025-12-05 18:00:50 | Deep Dive |
| CVE-2025-66556 | Nextcloud talk allows participants to blindly delete poll drafts of other users by ID | nextcloud | security-advisories | Low | 3.5 | 2025-12-05 17:56:44 | Deep Dive |
| CVE-2025-66554 | Nextcloud Contacts vulnerable to Stored XSS in contacts app via organisation and title field | nextcloud | security-advisories | Low | 3.5 | 2025-12-05 17:51:00 | Deep Dive |
| CVE-2025-66549 | Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory | nextcloud | security-advisories | Low | 2.4 | 2025-12-05 17:47:01 | Deep Dive |
| CVE-2025-66545 | Nextcloud Groupfolders users with read-only permissions for team folder can restore deleted files from trash bin | nextcloud | security-advisories | Low | 3.5 | 2025-12-05 17:44:13 | Deep Dive |
| CVE-2025-66515 | Nextcloud Approval app allows users to request approval for other users file | nextcloud | security-advisories | Low | 2.7 | 2025-12-05 17:37:07 | Deep Dive |
| CVE-2025-66514 | Nextcloud Mail stored HTML injection in subject text | nextcloud | security-advisories | Low | 3.5 | 2025-12-05 17:32:26 | Deep Dive |
| CVE-2025-66557 | Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners | nextcloud | security-advisories | Medium | 5.4 | 2025-12-05 17:28:49 | Deep Dive |
| CVE-2025-66548 | Nextcloud Deck app allows to spoof file extensions by using RTLO characters | nextcloud | security-advisories | Low | 3.3 | 2025-12-05 17:26:11 | Deep Dive |
| CVE-2025-66553 | Nextcloud Tables app allowed users to view columns metadata information of any table | nextcloud | security-advisories | Medium | 4.3 | 2025-12-05 17:18:10 | Deep Dive |
| CVE-2025-66551 | Nextcloud Tables is missing an ownership check which allows moving columns into tables of other users | nextcloud | security-advisories | Medium | 6.3 | 2025-12-05 17:15:17 | Deep Dive |
| CVE-2025-66513 | Nextcloud Tables app share information not limited to relevant users | nextcloud | security-advisories | Medium | 4.3 | 2025-12-05 17:11:20 | Deep Dive |
| CVE-2025-66550 | Nextcloud Calendar attachments of local files are offered to downloaded | nextcloud | security-advisories | Medium | 5.7 | 2025-12-05 16:56:45 | Deep Dive |
| CVE-2025-66546 | Nextcloud Calendar app allowed booking appointments without the generated token | nextcloud | security-advisories | Low | 3.3 | 2025-12-05 16:49:47 | Deep Dive |
| CVE-2025-66511 | Nextcloud Calendar app used predictable proposal participant tokens | nextcloud | security-advisories | Medium | 4.8 | 2025-12-05 16:42:30 | Deep Dive |