| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-5949 | Service Finder Bookings <= 6.0 - Authenticated (Subscriber+) Privilege Escalation via change_candidate_password | aonetheme | Service Finder Bookings | High | 8.8 | 2025-11-01 04:27:42 | Deep Dive |
| CVE-2025-36249 | IBM Jazz for Service Management is vulnerable to "filter" cookie not sent over SSL | IBM | Jazz for Service Management | Low | 3.7 | 2025-10-31 13:05:33 | Deep Dive |
| CVE-2025-62229 | Xorg: xmayland: use-after-free in xpresentnotify structure creation | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:28:48 | Deep Dive |
| CVE-2025-62230 | Xorg: xwayland: use-after-free in xkb client resource removal | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:19:40 | Deep Dive |
| CVE-2025-62231 | Xorg: xmayland: value overflow in xkbsetcompatmap() | X.Org | Xwayland | High | 7.3 | 2025-10-30 05:08:32 | Deep Dive |
| CVE-2025-12266 | Zytec Dalian Zhuoyun Technology Central Authentication Service widget _empty code injection | Zytec Dalian Zhuoyun Technology | Central Authentication Service | Medium | 6.3 | 2025-10-27 11:02:11 | Deep Dive |
| CVE-2025-62913 | WordPress Opal Service plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability | wpopal | Opal Service | Medium | 6.5 | 2025-10-27 01:33:55 | Deep Dive |
| CVE-2025-59500 | Azure Notification Service Elevation of Privilege Vulnerability | Microsoft | Azure Notification Service | High | 7.7 | 2025-10-23 21:07:30 | Deep Dive |
| CVE-2025-62425 | Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password | element-hq | matrix-authentication-service | High | 8.3 | 2025-10-16 18:44:03 | Deep Dive |
| CVE-2025-9804 | Improper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIs | WSO2 | WSO2 Identity Server as Key Manager | High | 8.9 | 2025-10-16 12:33:45 | Deep Dive |
| CVE-2025-9955 | Improper Access Control in WSO2 Enterprise Integrator Product via SOAP Admin Services for Logs and User-Store Configuration | WSO2 | WSO2 Enterprise Integrator | Medium | 5.7 | 2025-10-16 12:14:56 | Deep Dive |
| CVE-2025-10611 | Potential Broken Access Control in Multiple WSO2 Products via System REST APIs | WSO2 | WSO2 API Manager | Critical | 9.8 | 2025-10-16 12:09:32 | Deep Dive |
| CVE-2025-59278 | Windows Authentication Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.8 | 2025-10-14 17:01:46 | Deep Dive |
| CVE-2025-59275 | Windows Authentication Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.8 | 2025-10-14 17:01:46 | Deep Dive |
| CVE-2025-59230 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.8 | 2025-10-14 17:01:43 | Deep Dive |
| CVE-2025-59214 | Microsoft Windows File Explorer Spoofing Vulnerability | Microsoft | Windows 10 Version 1507 | Medium | 6.5 | 2025-10-14 17:01:36 | Deep Dive |
| CVE-2025-59208 | Windows MapUrlToZone Information Disclosure Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.1 | 2025-10-14 17:01:33 | Deep Dive |
| CVE-2025-59205 | Windows Graphics Component Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.0 | 2025-10-14 17:01:33 | Deep Dive |
| CVE-2025-59198 | Windows Search Service Denial of Service Vulnerability | Microsoft | Windows 10 Version 1507 | Medium | 5.0 | 2025-10-14 17:01:32 | Deep Dive |
| CVE-2025-59190 | Windows Search Service Denial of Service Vulnerability | Microsoft | Windows 10 Version 1507 | Medium | 5.5 | 2025-10-14 17:01:28 | Deep Dive |