| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-66635 | SEIKO EPSON Web Config 安全漏洞 | SEIKO EPSON CORPORATION | Web Config | - | - | 2025-12-16 06:59:26 | Deep Dive |
| CVE-2025-13950 | OneSignal – Web Push Notifications <= 3.6.1 - Missing Authorization to Unauthenticated Plugin Settings Update | onesignal | OneSignal – Web Push Notifications | Medium | 5.3 | 2025-12-15 14:25:13 | Deep Dive |
| CVE-2024-58298 | Compuware iStrobe Web 20.13 Pre-Auth Remote Code Execution via File Upload | BMC Software | Compuware iStrobe Web | - | - | 2025-12-11 21:39:08 | Deep Dive |
| CVE-2020-36899 | QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Disclosure | Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. | QiHang Media Web Digital Signage | - | - | 2025-12-10 21:03:57 | Deep Dive |
| CVE-2020-36898 | QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Deletion | Shenzhen Xingmeng Qihang Media Co., Ltd.Guangzhou Hefeng Automation Technology Co., Ltd. | QiHang Media Web Digital Signage | - | - | 2025-12-10 21:03:26 | Deep Dive |
| CVE-2020-36897 | QiHang Media Web Digital Signage 3.0.9 Unauthenticated Remote Code Execution | Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. | QiHang Media Web Digital Signage | - | - | 2025-12-10 21:02:56 | Deep Dive |
| CVE-2020-36896 | QiHang Media Web Digital Signage 3.0.9 Cleartext Credentials Disclosure | Shenzhen Xingmeng Qihang Media Co., Ltd.Guangzhou Hefeng Automation Technology Co., Ltd. | QiHang Media Web Digital Signage | - | - | 2025-12-10 20:55:03 | Deep Dive |
| CVE-2020-36884 | BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF | BrightSign, LLC | BrightSign Digital Signage Diagnostic Web Server | - | - | 2025-12-10 20:47:43 | Deep Dive |
| CVE-2025-62869 | WordPress Gravitec.net – Web Push Notifications plugin <= 2.9.17 - Broken Access Control vulnerability | Gravitec.net - Web Push Notifications | Gravitec.net – Web Push Notifications | - | - | 2025-12-09 14:52:24 | Deep Dive |
| CVE-2025-67487 | Static Web Server is vulnerable to symbolic link Path Traversal | static-web-server | static-web-server | - | - | 2025-12-09 03:35:58 | Deep Dive |
| CVE-2025-42878 | Sensitive Data Exposure in SAP Web Dispatcher and Internet Communication Manager (ICM) | SAP_SE | SAP Web Dispatcher and Internet Communication Manager (ICM) | High | 8.2 | 2025-12-09 02:15:00 | Deep Dive |
| CVE-2025-42877 | Memory Corruption vulnerability in SAP Web Dispatcher, Internet Communication Manager and SAP Content Server | SAP_SE | SAP Web Dispatcher, Internet Communication Manager and SAP Content Server | High | 7.5 | 2025-12-09 02:14:51 | Deep Dive |
| CVE-2025-13762 | Client-Side Denial of Service Condition in SWS Extension prior to version 2.2.30305 | CyberArk | CyberArk Secure Web Sessions Extension | 中危 | - | 2025-11-27 02:50:04 | Deep Dive |
| CVE-2025-41087 | Cross-Site Scripting (XSS) stored in Taclia's web application | Taclia | Taclia's web application | - | - | 2025-11-24 11:28:00 | Deep Dive |
| CVE-2025-66108 | WordPress TNC Toolbox: Web Performance plugin <= 2.0.4 - Broken Access Control vulnerability | Merlot Digital (by TNC) | TNC Toolbox: Web Performance | Medium | 4.3 | 2025-11-21 12:30:05 | Deep Dive |
| CVE-2025-64310 | SEIKO EPSON Web Config和SEIKO EPSON Web Control 安全漏洞 | SEIKO EPSON CORPORATION | EPSON WebConfig for SEIKO EPSON Projector Products | Critical | 9.8 | 2025-11-21 02:36:35 | Deep Dive |
| CVE-2025-9625 | Coil Web Monetization <= 2.0.2 - Cross-Site Request Forgery | interledger | Coil Web Monetization | Medium | 4.3 | 2025-11-18 08:27:32 | Deep Dive |
| CVE-2025-13301 | itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection | itsourcecode | Web-Based Internet Laboratory Management System | High | 7.3 | 2025-11-17 21:02:07 | Deep Dive |
| CVE-2025-13300 | itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection | itsourcecode | Web-Based Internet Laboratory Management System | High | 7.3 | 2025-11-17 20:32:06 | Deep Dive |
| CVE-2025-13299 | itsourcecode Web-Based Internet Laboratory Management System controller.php sql injection | itsourcecode | Web-Based Internet Laboratory Management System | High | 7.3 | 2025-11-17 20:02:07 | Deep Dive |