| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-31168 | Out-of-bounds Read in libfluid_msg library | Open Networking Foundation (ONF) | libfluid | Medium | 6.5 | 2024-09-18 13:55:29 | Deep Dive |
| CVE-2024-31167 | NULL Pointer Dereference in libfluid_msg library | Open Networking Foundation (ONF) | libfluid | Medium | 5.3 | 2024-09-18 13:55:09 | Deep Dive |
| CVE-2024-31166 | Out-of-bounds Read in libfluid_msg library | Open Networking Foundation (ONF) | libfluid | Medium | 6.5 | 2024-09-18 13:54:59 | Deep Dive |
| CVE-2024-31165 | NULL Pointer Dereference in libfluid_msg library | Open Networking Foundation (ONF) | libfluid | Medium | 5.3 | 2024-09-18 13:54:50 | Deep Dive |
| CVE-2024-31164 | NULL Pointer Dereference in libfluid_msg library | Open Networking Foundation (ONF) | libfluid | Medium | 5.3 | 2024-09-18 13:54:42 | Deep Dive |
| CVE-2024-23916 | NULL Pointer Dereference in libfluid_msg library | Open Networking Foundation (ONF) | libfluid | Medium | 5.3 | 2024-09-18 13:53:35 | Deep Dive |
| CVE-2024-23915 | NULL Pointer Dereference in libfluid_msg library | Open Networking Foundation (ONF) | libfluid | Medium | 5.3 | 2024-09-18 13:53:04 | Deep Dive |
| CVE-2024-45537 | Apache Druid: Users can provide MySQL JDBC properties not on allow list | Apache Software Foundation | Apache Druid | 中危 | - | 2024-09-17 18:37:50 | Deep Dive |
| CVE-2024-45384 | Apache Druid: Padding oracle in druid-pac4j extension that allows an attacker to manipulate a pac4j session cookie via Padding Oracle Attack | Apache Software Foundation | Apache Druid | 中危 | - | 2024-09-17 18:36:00 | Deep Dive |
| CVE-2024-38813KEV | Privilege escalation vulnerability EPSS 0.30 | - | VMware vCenter Server | High | 7.5 | 2024-09-17 17:13:14 | Deep Dive |
| CVE-2024-38812KEV📌 | Heap-overflow vulnerability EPSS 0.78 | - | VMware vCenter Server | Critical | 9.8 | 2024-09-17 17:13:10 | Deep Dive |
| CVE-2024-7788 | Signatures in "repair mode" should not be trusted | The Document Foundation | LibreOffice | High | 7.8 | 2024-09-17 14:28:36 | Deep Dive |
| CVE-2024-22399 | Apache Seata: Remote Code Execution vulnerability via Hessian Deserialization in Apache Seata Server EPSS 0.78 | Apache Software Foundation | Apache Seata | 超危 | - | 2024-09-16 11:42:05 | Deep Dive |
| CVE-2024-8642 | Eclipse EDC: Consumer pull transfer token validation checks not applied | Eclipse Foundation | Eclipse EDC Connector | - | - | 2024-09-11 13:34:28 | Deep Dive |
| CVE-2024-8646 | Eclipse Glassfish: URL redirection vulnerability to untrusted sites | Eclipse Foundation | Eclipse Glassfish | Medium | 6.1 | 2024-09-11 13:26:47 | Deep Dive |
| CVE-2024-8645 | Access of Uninitialized Pointer in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.5 | 2024-09-10 10:02:17 | Deep Dive |
| CVE-2024-45034 | Apache Airflow: Authenticated DAG authors could execute code on scheduler nodes | Apache Software Foundation | Apache Airflow | 高危 | - | 2024-09-07 07:45:28 | Deep Dive |
| CVE-2024-45498 | Apache Airflow: Command Injection in an example DAG | Apache Software Foundation | Apache Airflow | 高危 | - | 2024-09-07 07:43:44 | Deep Dive |
| CVE-2024-8391 | Eclipse Vert.x gRPC server does not limit the maximum message size | Eclipse Foundation | Eclipse Vert.x | - | - | 2024-09-04 15:27:58 | Deep Dive |
| CVE-2024-45195KEV📌💣 | Apache OFBiz: Confused controller-view authorization logic (forced browsing) EPSS 0.94 | Apache Software Foundation | Apache OFBiz | - | - | 2024-09-04 08:08:59 | Deep Dive |