| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-38647 | Apache Helix: Deserialization vulnerability in Helix workflow and REST | Apache Software Foundation | Apache Helix | 超危 | - | 2023-07-26 07:52:30 | Deep Dive |
| CVE-2023-38435 | Apache Felix Healthcheck Webconsole Plugin: XSS in healthcheck webconsole plugin | Apache Software Foundation | Apache Felix Healthcheck Webconsole Plugin | 中危 | - | 2023-07-25 15:40:05 | Deep Dive |
| CVE-2023-37895 | Apache Jackrabbit RMI access can lead to RCE | Apache Software Foundation | Apache Jackrabbit Webapp (jackrabbit-webapp) | 超危 | - | 2023-07-25 14:02:10 | Deep Dive |
| CVE-2023-35088 | Apache InLong: SQL injection in audit endpoint | Apache Software Foundation | Apache InLong | 超危 | - | 2023-07-25 07:10:19 | Deep Dive |
| CVE-2023-34434 | Apache InLong: JDBC URL bypassing by allowLoadLocalInfileInPath param | Apache Software Foundation | Apache InLong | 高危 | - | 2023-07-25 07:09:59 | Deep Dive |
| CVE-2023-34189 | Apache InLong: General user can delete and update process | Apache Software Foundation | Apache InLong | 中危 | - | 2023-07-25 07:08:54 | Deep Dive |
| CVE-2023-34478📌 | Apache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests. | Apache Software Foundation | Apache Shiro | 超危 | - | 2023-07-24 18:24:46 | Deep Dive |
| CVE-2023-28754 | ShardingSphere-Agent: Deserialization vulnerability in ShardingSphere Agent | Apache Software Foundation | ShardingSphere-Agent | 高危 | - | 2023-07-19 07:15:31 | Deep Dive |
| CVE-2023-26512 | Apache EventMesh RabbitMQ-Connector plugin allows RCE through deserialization of untrusted data | Apache Software Foundation | Apache EventMesh (incubating) RabbitMQ connector | 超危 | - | 2023-07-17 07:16:12 | Deep Dive |
| CVE-2023-3649 | Buffer Over-read in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.3 | 2023-07-14 06:16:46 | Deep Dive |
| CVE-2023-3648 | Mismatched Memory Management Routines in Wireshark | Wireshark Foundation | Wireshark | Medium | 5.3 | 2023-07-14 06:16:34 | Deep Dive |
| CVE-2023-37415 | Apache Airflow Apache Hive Provider: Improper Input Validation in Hive Provider with proxy_user | Apache Software Foundation | Apache Airflow Apache Hive Provider | 高危 | - | 2023-07-13 07:35:33 | Deep Dive |
| CVE-2022-45855 | Apache Ambari: Allows authenticated metrics consumers to perform RCE | Apache Software Foundation | Apache Ambari | High | 8.0 | 2023-07-12 09:59:44 | Deep Dive |
| CVE-2022-42009 | Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. | Apache Software Foundation | Apache Ambari | High | 8.0 | 2023-07-12 09:58:20 | Deep Dive |
| CVE-2023-37582📌 | Apache RocketMQ: Possible remote code execution when using the update configuration function EPSS 0.94 | Apache Software Foundation | Apache RocketMQ | 超危 | - | 2023-07-12 09:26:19 | Deep Dive |
| CVE-2023-22888 | Apache Airflow: Scheduler remote DoS | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-07-12 09:17:55 | Deep Dive |
| CVE-2023-36543 | Apache Airflow: ReDoS via dags function | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-07-12 09:17:34 | Deep Dive |
| CVE-2022-46651 | Apache Airflow: Security vulnerability on AirFlow Connections | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-07-12 09:17:07 | Deep Dive |
| CVE-2023-22887 | Apache Airflow path traversal by authenticated user | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-07-12 09:14:26 | Deep Dive |
| CVE-2023-35908 | Apache Airflow: Access to DAGs without relevant permission | Apache Software Foundation | Apache Airflow | 中危 | - | 2023-07-12 09:14:10 | Deep Dive |