| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-29133 | Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree | Apache Software Foundation | Apache Commons Configuration | - | - | 2024-03-21 09:05:48 | Deep Dive |
| CVE-2023-6597 | Python 安全漏洞 | Python Software Foundation | CPython | High | 7.8 | 2024-03-19 15:44:29 | Deep Dive |
| CVE-2024-0450 | Quoted zip-bomb protection for zipfile | Python Software Foundation | CPython | Medium | 6.2 | 2024-03-19 15:12:08 | Deep Dive |
| CVE-2024-27439 | Apache Wicket: Possible bypass of CSRF protection | Apache Software Foundation | Apache Wicket | 高危 | - | 2024-03-19 11:07:48 | Deep Dive |
| CVE-2024-24683 | Apache Hop Engine: ID isn't escaped when generating HTML | Apache Software Foundation | Apache Hop Engine | - | - | 2024-03-19 08:20:19 | Deep Dive |
| CVE-2024-28752📌💣 | Apache CXF SSRF Vulnerability using the Aegis databinding EPSS 0.51 | Apache Software Foundation | Apache CXF | 中危 | - | 2024-03-15 10:27:30 | Deep Dive |
| CVE-2024-23944 | Apache ZooKeeper: Information disclosure in persistent watcher handling | Apache Software Foundation | Apache ZooKeeper | 中危 | - | 2024-03-15 10:26:13 | Deep Dive |
| CVE-2024-28746 | Apache Airflow: Ignored Airflow Permissions | Apache Software Foundation | Apache Airflow | - | - | 2024-03-14 08:41:04 | Deep Dive |
| CVE-2024-23672 | Apache Tomcat: WebSocket DoS with incomplete closing handshake | Apache Software Foundation | Apache Tomcat | - | - | 2024-03-13 15:48:43 | Deep Dive |
| CVE-2024-24549📌 | Apache Tomcat: HTTP/2 header handling DoS EPSS 0.64 | Apache Software Foundation | Apache Tomcat | - | - | 2024-03-13 15:46:53 | Deep Dive |
| CVE-2024-27894 | Apache Pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying | Apache Software Foundation | Apache Pulsar | High | 8.5 | 2024-03-12 18:19:41 | Deep Dive |
| CVE-2024-27317 | Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification | Apache Software Foundation | Apache Pulsar | High | 8.4 | 2024-03-12 18:18:53 | Deep Dive |
| CVE-2024-27135 | Apache Pulsar: Improper Input Validation in Pulsar Function Worker allows Remote Code Execution | Apache Software Foundation | Apache Pulsar | High | 8.5 | 2024-03-12 18:18:07 | Deep Dive |
| CVE-2022-34321 | Apache Pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint | Apache Software Foundation | Apache Pulsar | High | 8.2 | 2024-03-12 18:17:06 | Deep Dive |
| CVE-2024-28098 | Apache Pulsar: Improper Authorization For Topic-Level Policy Management | Apache Software Foundation | Apache Pulsar | Medium | 6.4 | 2024-03-12 18:15:40 | Deep Dive |
| CVE-2023-41313 | Apache Doris: Timing Attack weakness | Apache Software Foundation | Apache Doris | - | - | 2024-03-12 10:16:24 | Deep Dive |
| CVE-2023-50740 | Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged | Apache Software Foundation | Apache Linkis DataSource | - | - | 2024-03-06 13:44:54 | Deep Dive |
| CVE-2024-26580 | Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability | Apache Software Foundation | Apache InLong | - | - | 2024-03-06 12:07:28 | Deep Dive |
| CVE-2024-22255 | Information disclosure vulnerability | - | VMware ESXi | High | 7.1 | 2024-03-05 17:58:36 | Deep Dive |
| CVE-2024-22254 | Out-of-bounds write vulnerability | - | VMware ESXi | High | 7.9 | 2024-03-05 17:58:24 | Deep Dive |