| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-22253 | Use-after-free vulnerability | - | VMware ESXi | Critical | 9.3 | 2024-03-05 17:57:27 | Deep Dive |
| CVE-2024-22252 | Use-after-free vulnerability | - | VMware ESXi | Critical | 9.3 | 2024-03-05 17:57:22 | Deep Dive |
| CVE-2024-27138 | Apache Archiva: disabling user registration is not effective | Apache Software Foundation | Apache Archiva | 中危 | - | 2024-03-01 15:41:13 | Deep Dive |
| CVE-2024-27139 | Apache Archiva: incorrect authentication potentially leading to account takeover | Apache Software Foundation | Apache Archiva | 中危 | - | 2024-03-01 15:40:50 | Deep Dive |
| CVE-2024-27140 | Apache Archiva: reflected XSS | Apache Software Foundation | Apache Archiva | 中危 | - | 2024-03-01 15:40:08 | Deep Dive |
| CVE-2023-50378 | Apache Ambari: Various XSS problems | Apache Software Foundation | Apache Ambari | 中危 | - | 2024-03-01 14:38:30 | Deep Dive |
| CVE-2024-26280 | Apache Airflow: Overly broad default permissions for Viewer/Ops (audit logs) | Apache Software Foundation | Apache Airflow | 中危 | - | 2024-03-01 11:05:54 | Deep Dive |
| CVE-2024-27906 | Apache Airflow: Dag Code and Import Error Permissions Ignored | Apache Software Foundation | Apache Airflow | 中危 | - | 2024-02-29 11:02:19 | Deep Dive |
| CVE-2024-23946 | Apache OFBiz: Path traversal or file inclusion | Apache Software Foundation | Apache OFBiz | 中危 | - | 2024-02-28 15:44:42 | Deep Dive |
| CVE-2024-25065 | Apache OFBiz: Path traversal allowing authentication bypass. | Apache Software Foundation | Apache OFBiz | 高危 | - | 2024-02-28 15:42:50 | Deep Dive |
| CVE-2024-23807 | Apache Xerces C++: Use-after-free on external DTD scan | Apache Software Foundation | Apache Xerces C++ | 高危 | - | 2024-02-28 13:50:40 | Deep Dive |
| CVE-2024-26016 | Apache Superset: Improper authorization validation on dashboards and charts import | Apache Software Foundation | Apache Superset | Medium | 4.3 | 2024-02-28 11:28:38 | Deep Dive |
| CVE-2024-24779 | Apache Superset: Improper data authorization when creating a new dataset | Apache Software Foundation | Apache Superset | Medium | 5.0 | 2024-02-28 11:28:02 | Deep Dive |
| CVE-2024-24772 | Apache Superset: Improper Neutralisation of custom SQL on embedded context | Apache Software Foundation | Apache Superset | Medium | 4.3 | 2024-02-28 11:26:46 | Deep Dive |
| CVE-2024-24773 | Apache Superset: Improper validation of SQL statements allows for unauthorized access to data | Apache Software Foundation | Apache Superset | Medium | 4.9 | 2024-02-28 11:24:58 | Deep Dive |
| CVE-2024-27315 | Apache Superset: Improper error handling on alerts | Apache Software Foundation | Apache Superset | Medium | 4.3 | 2024-02-28 10:06:49 | Deep Dive |
| CVE-2023-50380 | Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server | Apache Software Foundation | Apache Ambari | 中危 | - | 2024-02-27 16:51:34 | Deep Dive |
| CVE-2024-21742 | Apache James Mime4J: Mime4J DOM header injection | Apache Software Foundation | Apache James Mime4J | 中危 | - | 2024-02-27 16:21:16 | Deep Dive |
| CVE-2024-27905 | Apache Aurora: padding oracle can allow construction an authentication cookie | Apache Software Foundation | Apache Aurora | 高危 | - | 2024-02-27 14:29:22 | Deep Dive |
| CVE-2023-51747 | SMTP smuggling in Apache James | Apache Software Foundation | Apache James server | 中危 | - | 2024-02-27 13:08:02 | Deep Dive |