| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-11757 | Improper Neutralization of Wildcards or Matching Symbols in CloudEdge Online Cameras and App | CloudEdge | CloudEdge App | - | - | 2025-10-21 17:24:54 | Deep Dive |
| CVE-2025-62428 | Drawing-Captcha APP Host Header Injection in `/register` and `/confirm-email` Endpoints | Drawing-Captcha | Drawing-Captcha-APP | - | - | 2025-10-16 18:57:14 | Deep Dive |
| CVE-2025-58474 | BIG-IP Advanced WAF and ASM and NGINX App Protect DNS lookup vulnerability | F5 | BIG-IP | Medium | 5.3 | 2025-10-15 13:55:43 | Deep Dive |
| CVE-2025-58718 | Remote Desktop Client Remote Code Execution Vulnerability | Microsoft | Remote Desktop client for Windows Desktop | High | 8.8 | 2025-10-14 17:01:16 | Deep Dive |
| CVE-2025-9976 | OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x | Dassault Systèmes | Station Launcher App in 3DEXPERIENCE platform | Critical | 9.0 | 2025-10-13 07:33:16 | Deep Dive |
| CVE-2025-11645 | Tomofun Furbo Mobile App Authentication Token sensitive information | Tomofun | Furbo Mobile App | Low | 2.4 | 2025-10-12 20:32:06 | Deep Dive |
| CVE-2025-61783 | Python Social Auth - Django has unsafe account association | python-social-auth | social-app-django | - | - | 2025-10-09 20:57:21 | Deep Dive |
| CVE-2025-9200 | Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App <= 0.8.8.8 - Unauthenticated SQL Injection | nebelhorn | Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App | High | 7.5 | 2025-10-03 11:17:17 | Deep Dive |
| CVE-2025-59835 | LangBot has a cross-directory file upload vulnerability, which could lead to system takeover | langbot-app | LangBot | - | - | 2025-10-02 18:59:43 | Deep Dive |
| CVE-2025-23297 | NVIDIA App 安全漏洞 | NVIDIA | NVIDIA App | High | 7.8 | 2025-10-01 21:19:44 | Deep Dive |
| CVE-2025-10722 | SKTLab Mukbee App com.dw.android.mukbee AndroidManifest.xml improper export of android application components | SKTLab | Mukbee App | Medium | 5.3 | 2025-09-19 17:32:10 | Deep Dive |
| CVE-2025-10721 | Webull Investing & Trading App AndroidManifest.xml improper export of android application components | Webull | Investing & Trading App | Medium | 5.3 | 2025-09-19 17:32:07 | Deep Dive |
| CVE-2025-10718 | Ooma Office Business Phone App com.ooma.office2 improper export of android application components | Ooma | Office Business Phone App | Medium | 5.3 | 2025-09-19 16:02:07 | Deep Dive |
| CVE-2025-10717 | intsig CamScanner App com.intsig.camscanner AndroidManifest.xml improper export of android application components | intsig | CamScanner App | Medium | 5.3 | 2025-09-19 14:32:09 | Deep Dive |
| CVE-2025-10716 | Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components | Creality | Cloud App | Medium | 5.3 | 2025-09-19 14:32:06 | Deep Dive |
| CVE-2025-10715 | APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components | APEUni | PTE Exam Practice App | Medium | 5.3 | 2025-09-19 13:32:08 | Deep Dive |
| CVE-2025-0879 | XSS in Shopside Software's Shopside App | Shopside Software | Shopside App | Medium | 4.7 | 2025-09-17 12:32:43 | Deep Dive |
| CVE-2025-7355 | IDOR in Beefull Energy Technologies' Beefull App | Beefull Energy Technologies | Beefull App | Medium | 6.5 | 2025-09-16 12:49:42 | Deep Dive |
| CVE-2025-10364 | Unauthenticated Arbitrary Command Injection in Evertz SDVN | Evertz | 3080ipx-10G | 中危 | - | 2025-09-12 13:48:19 | Deep Dive |
| CVE-2025-10365 | Authentication Bypass in Evertz SDVN | Evertz | 3080ipx-10G | 中危 | - | 2025-09-12 13:46:12 | Deep Dive |