| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-37389 | Apache NiFi: Improper Neutralization of Input in Parameter Context Description | Apache Software Foundation | Apache NiFi | Medium | 4.6 | 2024-07-08 07:29:00 | Deep Dive |
| CVE-2024-38346 | Apache CloudStack: Unauthenticated cluster service port leads to remote execution | Apache Software Foundation | Apache CloudStack | 超危 | - | 2024-07-05 13:40:57 | Deep Dive |
| CVE-2024-39864 | Apache CloudStack: Integration API service uses dynamic port when disabled | Apache Software Foundation | Apache CloudStack | 超危 | - | 2024-07-05 13:40:38 | Deep Dive |
| CVE-2024-39884 | Apache HTTP Server: source code disclosure with handlers configured via AddType | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2024-07-04 08:36:50 | Deep Dive |
| CVE-2024-34750 | Apache Tomcat: HTTP/2 excess header handling DoS EPSS 0.22 | Apache Software Foundation | Apache Tomcat | - | - | 2024-07-03 19:32:35 | Deep Dive |
| CVE-2024-39573 | Apache HTTP Server: mod_rewrite proxy handler substitution | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:16:44 | Deep Dive |
| CVE-2024-38477 | Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2024-07-01 18:16:12 | Deep Dive |
| CVE-2024-38476📌 | Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:15:40 | Deep Dive |
| CVE-2024-38475KEV📌💣 | Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. EPSS 0.94 | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:15:12 | Deep Dive |
| CVE-2024-38474 | Apache HTTP Server weakness with encoded question marks in backreferences | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:14:47 | Deep Dive |
| CVE-2024-38473📌💣 | Apache HTTP Server proxy encoding problem EPSS 0.88 | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:14:22 | Deep Dive |
| CVE-2024-38472📌💣 | Apache HTTP Server on WIndows UNC SSRF EPSS 0.91 | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:12:28 | Deep Dive |
| CVE-2024-36387 | Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:10:26 | Deep Dive |
| CVE-2024-5642 | Buffer overread when using an empty list with SSLContext.set_npn_protocols() | Python Software Foundation | CPython | - | - | 2024-06-27 21:05:31 | Deep Dive |
| CVE-2024-37087 | VMware vCenter Server 安全漏洞 | - | vCenter Server | Medium | 5.3 | 2024-06-25 14:16:13 | Deep Dive |
| CVE-2024-37086 | VMware ESXi 安全漏洞 | - | ESXi | Medium | 6.8 | 2024-06-25 14:16:08 | Deep Dive |
| CVE-2024-37085KEV📌 | VMware ESXi 安全漏洞 EPSS 0.77 | - | VMware ESXi | Medium | 6.8 | 2024-06-25 14:16:01 | Deep Dive |
| CVE-2024-5261 | TLS certificate are not properly verified when utilizing LibreOfficeKit | The Document Foundation | LibreOffice | - | - | 2024-06-25 12:44:24 | Deep Dive |
| CVE-2024-6307 | WordPress Core < 6.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML API | WordPress Foundation | WordPress | Medium | 6.4 | 2024-06-25 11:09:23 | Deep Dive |
| CVE-2024-29868📌💣 | Apache StreamPipes, Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation EPSS 0.78 | Apache Software Foundation | Apache StreamPipes | - | - | 2024-06-24 09:59:40 | Deep Dive |