| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-9675 | Buildah: buildah allows arbitrary directory mount | - | - | High | 7.8 | 2024-10-09 14:32:12 | Deep Dive |
| CVE-2024-27458 | HP Hotkey Support – Escalation of Privilege | HP, Inc. | HP Hotkey Support | High | 8.8 | 2024-10-07 16:51:18 | Deep Dive |
| CVE-2024-44011 | WordPress WP Ticket Ultra plugin <= 1.0.5 - Local File Inclusion vulnerability | ExpressTech Systems | WP Ticket Ultra Help Desk & Support Plugin | High | 7.5 | 2024-10-05 10:33:04 | Deep Dive |
| CVE-2024-9410 | Ada.cx SSRF via Sentry Misconfiguration | Ada Support | Ada.cx Sentry Component | Medium | 5.3 | 2024-10-04 13:23:19 | Deep Dive |
| CVE-2024-9407 | Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction | - | - | Medium | 4.7 | 2024-10-01 20:13:30 | Deep Dive |
| CVE-2024-9355 | Golang-fips: golang fips zeroed buffer | - | - | Medium | 6.5 | 2024-10-01 18:17:29 | Deep Dive |
| CVE-2024-8548 | KB Support – WordPress Help Desk and Knowledge Base <= 1.6.6 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions | logoninc | KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin | High | 8.1 | 2024-10-01 07:30:13 | Deep Dive |
| CVE-2024-8632 | KB Support – WordPress Help Desk and Knowledge Base <= 1.6.6 - Missing Authorization to Unauthenticated Ticket Reply Exposure | logoninc | KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin | Medium | 6.5 | 2024-10-01 07:30:13 | Deep Dive |
| CVE-2024-42496 | Smart-tab 安全漏洞 | TECHNO SUPPORT COMPANY | Smart-tab Android app | 低危 | - | 2024-09-30 07:51:06 | Deep Dive |
| CVE-2024-41999 | Smart-tab 安全漏洞 | TECHNO SUPPORT COMPANY | Smart-tab Android app | 中危 | - | 2024-09-30 07:50:35 | Deep Dive |
| CVE-2024-45770 | Pcp: pmpost symlink attack allows escalating pcp to root user | - | - | Medium | 4.4 | 2024-09-19 08:45:37 | Deep Dive |
| CVE-2024-45769 | Pcp: pmcd heap corruption through metric pmstore operations | - | - | Medium | 5.5 | 2024-09-19 08:45:06 | Deep Dive |
| CVE-2023-6841 | Keycloak: amount of attributes per object is not limited and it may lead to dos | - | - | High | 7.5 | 2024-09-10 16:15:33 | Deep Dive |
| CVE-2024-8445 | 389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199) | - | - | Medium | 5.7 | 2024-09-05 14:24:01 | Deep Dive |
| CVE-2024-6722 | Chatbot Support AI <= 1.0.2 - Admin+ Stored XSS | Unknown | Chatbot Support AI: Free ChatGPT Chatbot, Woocommerce Chatbot | - | - | 2024-09-04 06:00:03 | Deep Dive |
| CVE-2024-7094 | JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.6 - Unauthenticated PHP Code Injection to Remote Code Execution | rabilal | JS Help Desk – AI-Powered Support & Ticketing System | Critical | 9.8 | 2024-08-13 02:31:39 | Deep Dive |
| CVE-2024-7006 | Libtiff: null pointer dereference in tif_dirinfo.c | - | - | High | 7.5 | 2024-08-08 20:49:45 | Deep Dive |
| CVE-2024-7409 | Qemu: denial of service via improper synchronization in qemu nbd server during socket closure | - | - | - | - | 2024-08-05 13:19:27 | Deep Dive |
| CVE-2023-6708 | SVG Support <= 2.5.7 - Authenticated (Author+) Cross-Site Scripting via SVG | benbodhi | SVG Support | Medium | 5.4 | 2024-07-18 02:38:34 | Deep Dive |
| CVE-2024-4272 | Support SVG < 1.1.0 - Stored XSS via SVG Upload | Unknown | Support SVG | - | - | 2024-07-13 06:00:06 | Deep Dive |