| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-32007 | Apache CXF Denial of Service vulnerability in JOSE | Apache Software Foundation | Apache CXF | 高危 | - | 2024-07-19 08:50:32 | Deep Dive |
| CVE-2024-29736 | Apache CXF: SSRF vulnerability via WADL stylesheet parameter | Apache Software Foundation | Apache CXF | 中危 | - | 2024-07-19 08:50:08 | Deep Dive |
| CVE-2024-29178 | Apache StreamPark: FreeMarker SSTI RCE Vulnerability | Apache Software Foundation | Apache StreamPark | - | - | 2024-07-18 11:15:57 | Deep Dive |
| CVE-2024-40725📌 | Apache HTTP Server: source code disclosure with handlers configured via AddType EPSS 0.25 | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2024-07-18 09:32:44 | Deep Dive |
| CVE-2024-40898📌 | Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-18 09:32:07 | Deep Dive |
| CVE-2023-7272 | Eclipse Parsson stack overflow with deeply nested objects | Eclipse Foundation | Parsson | High | 8.6 | 2024-07-17 15:00:20 | Deep Dive |
| CVE-2024-29120 | Apache StreamPark: Information leakage vulnerability | Apache Software Foundation | Apache StreamPark | - | - | 2024-07-17 14:59:05 | Deep Dive |
| CVE-2024-31411 | Apache StreamPipes: Potential remote code execution (RCE) via file upload | Apache Software Foundation | Apache StreamPipes | - | - | 2024-07-17 09:22:09 | Deep Dive |
| CVE-2024-31979 | Apache StreamPipes: Possibility of SSRF in pipeline element installation process | Apache Software Foundation | Apache StreamPipes | - | - | 2024-07-17 09:04:48 | Deep Dive |
| CVE-2024-30471 | Apache StreamPipes: Potential creation of multiple identical accounts | Apache Software Foundation | Apache StreamPipes | - | - | 2024-07-17 09:01:52 | Deep Dive |
| CVE-2024-29737 | Apache StreamPark (incubating): maven build params could trigger remote command execution | Apache Software Foundation | Apache StreamPark (incubating) | - | - | 2024-07-17 08:21:12 | Deep Dive |
| CVE-2023-52291 | Apache StreamPark (incubating): Unchecked maven build params could trigger remote command execution | Apache Software Foundation | Apache StreamPark (incubating) | - | - | 2024-07-17 08:16:13 | Deep Dive |
| CVE-2024-39877 | Apache Airflow: DAG Author Code Execution possibility in airflow-scheduler | Apache Software Foundation | Apache Airflow | - | - | 2024-07-17 07:54:24 | Deep Dive |
| CVE-2024-39863 | Apache Airflow: Potential XSS Vulnerability | Apache Software Foundation | Apache Airflow | - | - | 2024-07-17 07:53:32 | Deep Dive |
| CVE-2024-39887📌💣 | Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions EPSS 0.56 | Apache Software Foundation | Apache Superset | Medium | 4.3 | 2024-07-16 09:20:11 | Deep Dive |
| CVE-2023-52290 | Apache StreamPark (incubating): Unchecked SQL query fields trigger SQL injection vulnerability | Apache Software Foundation | Apache StreamPark (incubating) | - | - | 2024-07-16 07:37:39 | Deep Dive |
| CVE-2023-49566 | Apache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability | Apache Software Foundation | Apache Linkis DataSource | 高危 | - | 2024-07-15 07:56:52 | Deep Dive |
| CVE-2023-46801 | Apache Linkis DataSource: DataSource Remote code execution vulnerability | Apache Software Foundation | Apache Linkis DataSource | 高危 | - | 2024-07-15 07:55:30 | Deep Dive |
| CVE-2023-41916 | Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading | Apache Software Foundation | Apache Linkis DataSource | 高危 | - | 2024-07-15 07:53:58 | Deep Dive |
| CVE-2024-36522 | Apache Wicket: Remote code execution via XSLT injection | Apache Software Foundation | Apache Wicket | - | - | 2024-07-12 12:13:52 | Deep Dive |