| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-30776 | Apache Superset: Database connection password leak | Apache Software Foundation | Apache Superset | Medium | 4.9 | 2023-04-24 15:29:53 | Deep Dive |
| CVE-2023-27524KEV📌💣 | Apache Superset: Session validation vulnerability when using provided default SECRET_KEY EPSS 0.84 | Apache Software Foundation | Apache Superset | High | 8.9 | 2023-04-24 15:28:17 | Deep Dive |
| CVE-2023-25601 | Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication | Apache Software Foundation | Apache DolphinScheduler | 中危 | - | 2023-04-20 15:07:00 | Deep Dive |
| CVE-2023-25504 | Apache Superset: Possible SSRF on import datasets | Apache Software Foundation | Apache Superset | Medium | 4.9 | 2023-04-17 16:29:44 | Deep Dive |
| CVE-2023-27525 | Apache Superset: Incorrect default permissions for Gamma role | Apache Software Foundation | Apache Superset | Low | 3.1 | 2023-04-17 16:28:00 | Deep Dive |
| CVE-2023-22946 | Apache Spark proxy-user privilege escalation from malicious configuration class | Apache Software Foundation | Apache Spark | Medium | 6.4 | 2023-04-17 07:30:20 | Deep Dive |
| CVE-2023-30771 | Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench | Apache Software Foundation | Apache IoTDB Workbench | 超危 | - | 2023-04-17 07:26:13 | Deep Dive |
| CVE-2023-24831 | Apache IoTDB grafana-connector Login Bypass Vulnerability | Apache Software Foundation | Apache IoTDB | 超危 | - | 2023-04-17 06:42:06 | Deep Dive |
| CVE-2022-47501📌💣 | Apache OFBiz: Arbitrary file reading vulnerability EPSS 0.86 | Apache Software Foundation | Apache OFBiz | 高危 | - | 2023-04-14 15:01:32 | Deep Dive |
| CVE-2022-45064 | Apache Sling Engine: Include-based XSS | Apache Software Foundation | Apache Sling Engine | High | 8.0 | 2023-04-13 10:01:15 | Deep Dive |
| CVE-2023-1992 | Wireshark 资源管理错误漏洞 | Wireshark Foundation | Wireshark | Medium | 6.3 | 2023-04-12 00:00:00 | Deep Dive |
| CVE-2023-1993 | Wireshark 安全漏洞 | Wireshark Foundation | Wireshark | Medium | 6.3 | 2023-04-12 00:00:00 | Deep Dive |
| CVE-2023-1994 | Wireshark 资源管理错误漏洞 | Wireshark Foundation | Wireshark | Medium | 6.3 | 2023-04-12 00:00:00 | Deep Dive |
| CVE-2023-28288💣 | Microsoft SharePoint Server Spoofing Vulnerability | Microsoft | Microsoft SharePoint Enterprise Server 2016 | High | 8.1 | 2023-04-11 19:13:18 | Deep Dive |
| CVE-2023-30465 | Apache InLong: SQL injection in apache inLong 1.5.0 | Apache Software Foundation | Apache InLong | 中危 | - | 2023-04-11 14:35:11 | Deep Dive |
| CVE-2023-29216 | Apache Linkis DatasourceManager module has a deserialization command execution | Apache Software Foundation | Apache Linkis | 超危 | - | 2023-04-10 07:37:29 | Deep Dive |
| CVE-2023-27987 | Apache Linkis gateway module token authentication bypass | Apache Software Foundation | Apache Linkis | 超危 | - | 2023-04-10 07:37:08 | Deep Dive |
| CVE-2023-27603 | Apache Linkis Mangaer module engineConn material upload exists Zip Slip issue | Apache Software Foundation | Apache Linkis | 超危 | - | 2023-04-10 07:36:50 | Deep Dive |
| CVE-2023-27602 | Apache Linkis publicsercice module unrestricted upload of file | Apache Software Foundation | Apache Linkis | 超危 | - | 2023-04-10 07:36:28 | Deep Dive |
| CVE-2023-29215 | Apache Linkis JDBC EngineCon has a deserialization command execution | Apache Software Foundation | Apache Linkis | 超危 | - | 2023-04-10 07:35:24 | Deep Dive |