| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-6174 | Out-of-bounds Read in Wireshark | Wireshark Foundation | Wireshark | Medium | 6.3 | 2023-11-16 11:30:41 | Deep Dive |
| CVE-2023-26031 | Privilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems | Apache Software Foundation | Apache Hadoop | 高危 | - | 2023-11-16 08:15:51 | Deep Dive |
| CVE-2023-5676 | Eclipse OpenJ9 possible infinite busy hang | Eclipse Foundation | OpenJ9 | Medium | 4.1 | 2023-11-15 14:02:01 | Deep Dive |
| CVE-2023-42781 | Apache Airflow: Permission verification bypass allows viewing dagruns of other dags | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-11-12 13:14:10 | Deep Dive |
| CVE-2023-47037 | Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access) | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-11-12 13:12:23 | Deep Dive |
| CVE-2023-4949 | Memory Corruption Vulnerability in Grub-Legacy's XFS Implementation | Free Software Foundation | Grub-Legacy | High | 8.1 | 2023-11-10 16:57:03 | Deep Dive |
| CVE-2023-4612 | MFA bypass in Apereo CAS | Apereo Foundation | CAS | 超危 | - | 2023-11-09 13:41:38 | Deep Dive |
| CVE-2023-4218 | XXE in eclipse.platform / Eclipse IDE | Eclipse Foundation | Eclipse IDE | Medium | 5.0 | 2023-11-09 08:26:52 | Deep Dive |
| CVE-2023-47248📌💣 | PyArrow, PyArrow: Arbitrary code execution when loading a malicious data file EPSS 0.87 | Apache Software Foundation | PyArrow | 超危 | - | 2023-11-09 08:17:08 | Deep Dive |
| CVE-2023-39913 | Apache UIMA Java SDK Core, Apache UIMA Java SDK CPE, Apache UIMA Java SDK Vinci adapter, Apache UIMA Java SDK tools: Potential untrusted code execution when deserializing certain binary CAS formats | Apache Software Foundation | Apache UIMA Java SDK Core | 高危 | - | 2023-11-08 08:04:24 | Deep Dive |
| CVE-2023-46819 | Apache OFBiz: Execution of Solr plugin queries without authentication | Apache Software Foundation | Apache OFBiz | 中危 | - | 2023-11-07 11:02:03 | Deep Dive |
| CVE-2023-46851 | Apache Allura: sensitive information exposure via import | Apache Software Foundation | Apache Allura | 中危 | - | 2023-11-07 08:56:35 | Deep Dive |
| CVE-2023-4043 | Parsson DoS when parsing numbers from untrusted sources | Eclipse Foundation | Parsson | Medium | 5.9 | 2023-11-03 08:11:40 | Deep Dive |
| CVE-2023-5763 | Glassfish remote code execution | Eclipse Foundation | Glassfish | Medium | 6.8 | 2023-11-03 06:40:43 | Deep Dive |
| CVE-2023-46215 | Apache Airflow Celery provider, Apache Airflow: Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend | Apache Software Foundation | Apache Airflow Celery provider | 高危 | - | 2023-10-28 07:10:58 | Deep Dive |
| CVE-2023-46604KEV📌💣 | Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack EPSS 0.94 | Apache Software Foundation | Apache ActiveMQ | Critical | 10.0 | 2023-10-27 14:59:31 | Deep Dive |
| CVE-2023-34056 | VMware vCenter Server Partial Information Disclosure Vulnerability | VMware | VMware vCenter Server | Medium | 4.3 | 2023-10-25 04:24:48 | Deep Dive |
| CVE-2023-34048KEV📌💣 | VMware vCenter Server Out-of-Bounds Write Vulnerability EPSS 0.93 | VMware | VMware vCenter Server | Critical | 9.8 | 2023-10-25 04:21:42 | Deep Dive |
| CVE-2023-46288 | Apache Airflow: Sensitive parameters exposed in API when "non-sensitive-only" configuration is set | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-10-23 18:13:04 | Deep Dive |
| CVE-2023-31122 | Apache HTTP Server: mod_macro buffer over-read | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2023-10-23 06:52:00 | Deep Dive |