| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-45507📌💣 | Apache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE EPSS 0.90 | Apache Software Foundation | Apache OFBiz | - | - | 2024-09-04 08:08:34 | Deep Dive |
| CVE-2024-6232📌 | Regular-expression DoS when parsing TarFile headers | Python Software Foundation | CPython | 中危 | - | 2024-09-03 12:29:00 | Deep Dive |
| CVE-2024-8250 | Expired Pointer Dereference in Wireshark | Wireshark Foundation | Wireshark | High | 7.8 | 2024-08-28 23:30:37 | Deep Dive |
| CVE-2023-49582 | Apache Portable Runtime (APR): Unexpected lax shared memory permissions | Apache Software Foundation | Apache Portable Runtime (APR) | - | - | 2024-08-26 14:03:45 | Deep Dive |
| CVE-2024-8088 | Infinite loop when iterating over zip archive entry names from zipfile.Path | Python Software Foundation | CPython | 中危 | - | 2024-08-22 18:45:32 | Deep Dive |
| CVE-2024-41937 | Apache Airflow: Stored XSS Vulnerability on provider link | Apache Software Foundation | Apache Airflow | - | - | 2024-08-21 15:31:14 | Deep Dive |
| CVE-2023-49198 | Apache SeaTunnel Web: Arbitrary file read vulnerability | Apache Software Foundation | Apache SeaTunnel Web | - | - | 2024-08-21 09:37:57 | Deep Dive |
| CVE-2024-22281 | Apache Helix Front (UI): Helix front hard-coded secret in the express-session | Apache Software Foundation | Apache Helix Front (UI) | - | - | 2024-08-20 22:11:39 | Deep Dive |
| CVE-2024-43202📌 | Apache DolphinScheduler: Remote Code Execution Vulnerability | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-08-20 07:29:43 | Deep Dive |
| CVE-2024-7592 | Quadratic complexity parsing cookies with backslashes | Python Software Foundation | CPython | 中危 | - | 2024-08-19 19:06:45 | Deep Dive |
| CVE-2024-41909 | Apache MINA SSHD: integrity check bypass | Apache Software Foundation | Apache MINA SSHD | - | - | 2024-08-12 16:00:30 | Deep Dive |
| CVE-2024-41888 | Apache Answer: The link for resetting user password is not Single-Use | Apache Software Foundation | Apache Answer | - | - | 2024-08-09 14:55:14 | Deep Dive |
| CVE-2024-41890 | Apache Answer: The link to reset the user's password will remain valid after sending a new link | Apache Software Foundation | Apache Answer | - | - | 2024-08-09 14:53:29 | Deep Dive |
| CVE-2024-30188📌💣 | Apache DolphinScheduler: Resource File Read And Write Vulnerability EPSS 0.89 | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-08-09 14:23:28 | Deep Dive |
| CVE-2024-29831 | Apache DolphinScheduler: RCE by arbitrary js execution | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-08-09 14:21:48 | Deep Dive |
| CVE-2024-42062 | Apache CloudStack: User Key Exposure to Domain Admins | Apache Software Foundation | Apache CloudStack | - | - | 2024-08-07 07:17:09 | Deep Dive |
| CVE-2024-42222 | Apache CloudStack: Unauthorised Network List Access | Apache Software Foundation | Apache CloudStack | - | - | 2024-08-07 07:16:14 | Deep Dive |
| CVE-2024-6472 | Ability to trust not validated macro signatures removed in high security mode | The Document Foundation | LibreOffice | High | 7.8 | 2024-08-05 12:55:39 | Deep Dive |
| CVE-2024-36448 | Apache IoTDB Workbench: SSRF Vulnerability (EOL) | Apache Software Foundation | Apache IoTDB Workbench | - | - | 2024-08-05 09:53:38 | Deep Dive |
| CVE-2024-38856KEV📌💣 | Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code EPSS 0.94 | Apache Software Foundation | Apache OFBiz | - | - | 2024-08-05 08:20:18 | Deep Dive |