| CVE-2024-42447 | Apache Airflow Providers FAB: FAB provider 1.2.1 and 1.2.0 did not let user to logout for Airflow | Apache Software Foundation | Apache Airflow Providers FAB | - | - | 2024-08-05 08:02:32 | Deep Dive |
| CVE-2024-36268 | Apache InLong TubeMQ Client: Remote Code Execution vulnerability | Apache Software Foundation | Apache InLong TubeMQ Client | - | - | 2024-08-02 09:44:26 | Deep Dive |
| CVE-2024-27182 | Apache Linkis Basic management services: Engine material management Arbitrary file deletion vulnerability | Apache Software Foundation | Apache Linkis Basic management services | - | - | 2024-08-02 09:29:33 | Deep Dive |
| CVE-2024-27181 | Apache Linkis Basic management services: Privilege Escalation Attack vulnerability | Apache Software Foundation | Apache Linkis Basic management services | - | - | 2024-08-02 09:27:49 | Deep Dive |
| CVE-2024-6923 | Email header injection due to unquoted newlines | Python Software Foundation | CPython | 中危 | - | 2024-08-01 13:40:11 | Deep Dive |
| CVE-2023-48396 | Apache SeaTunnel Web: Authentication bypass | Apache Software Foundation | Apache SeaTunnel Web | - | - | 2024-07-30 08:15:34 | Deep Dive |
| CVE-2024-3219 | Pure-Python fallback of socket.socketpair() doesn’t authenticate peer connection | Python Software Foundation | CPython | - | - | 2024-07-29 21:54:06 | Deep Dive |
| CVE-2023-38522 | Apache Traffic Server: Incomplete field name check allows request smuggling | Apache Software Foundation | Apache Traffic Server | 中危 | - | 2024-07-26 09:11:20 | Deep Dive |
| CVE-2024-35296 | Apache Traffic Server: Invalid Accept-Encoding can force forwarding requests | Apache Software Foundation | Apache Traffic Server | 中危 | - | 2024-07-26 09:11:11 | Deep Dive |
| CVE-2024-35161 | Apache Traffic Server: Incomplete check for chunked trailer section allows request smuggling | Apache Software Foundation | Apache Traffic Server | 中危 | - | 2024-07-26 09:10:56 | Deep Dive |
| CVE-2024-25090 | Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode | Apache Software Foundation | Apache Roller | 中危 | - | 2024-07-26 08:36:47 | Deep Dive |
| CVE-2023-48362 | Apache Drill: XXE Vulnerability in XML Format Reader | Apache Software Foundation | Apache Drill | - | - | 2024-07-24 07:45:44 | Deep Dive |
| CVE-2024-39676 | Apache Pinot: Unauthorized endpoint exposed sensitive information | Apache Software Foundation | Apache Pinot | - | - | 2024-07-24 07:41:10 | Deep Dive |
| CVE-2024-41178 | Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files | Apache Software Foundation | Apache Arrow Rust Object Store | - | - | 2024-07-23 16:50:10 | Deep Dive |
| CVE-2024-29070 | Apache StreamPark: session not invalidated after logout | Apache Software Foundation | Apache StreamPark | - | - | 2024-07-23 08:13:41 | Deep Dive |
| CVE-2024-34457 | Apache StreamPark IDOR Vulnerability | Apache Software Foundation | Apache StreamPark | - | - | 2024-07-22 09:48:23 | Deep Dive |
| CVE-2024-38503 | Apache Syncope: HTML tags can be injected into Console or Enduser text fields | Apache Software Foundation | Apache Syncope | - | - | 2024-07-22 09:46:39 | Deep Dive |
| CVE-2024-23321 | Apache RocketMQ: Unauthorized Exposure of Sensitive Data | Apache Software Foundation | Apache RocketMQ | - | - | 2024-07-22 09:24:16 | Deep Dive |
| CVE-2024-41107📌💣 | Apache CloudStack: SAML Signature Exclusion EPSS 0.92 | Apache Software Foundation | Apache CloudStack | 中危 | - | 2024-07-19 10:19:54 | Deep Dive |
| CVE-2024-41172 | Apache CXF: Unrestricted memory consumption in CXF HTTP clients | Apache Software Foundation | Apache CXF | 高危 | - | 2024-07-19 08:50:44 | Deep Dive |