| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-2249 | LA-Studio Element Kit for Elementor <= 1.3.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | choijun | LA-Studio Element Kit for Elementor | Medium | 6.4 | 2024-03-14 21:33:39 | Deep Dive |
| CVE-2024-26165 | Visual Studio Code Elevation of Privilege Vulnerability | Microsoft | Visual Studio Code | High | 8.8 | 2024-03-12 16:58:15 | Deep Dive |
| CVE-2024-26203 | Azure Data Studio Elevation of Privilege Vulnerability | Microsoft | Azure Data Studio | High | 7.3 | 2024-03-12 16:57:55 | Deep Dive |
| CVE-2024-26190 | Microsoft QUIC Denial of Service Vulnerability | Microsoft | Microsoft Visual Studio 2022 version 17.9 | High | 7.5 | 2024-03-12 16:57:53 | Deep Dive |
| CVE-2024-21392 | .NET and Visual Studio Denial of Service Vulnerability | Microsoft | Microsoft Visual Studio 2022 version 17.9 | High | 7.5 | 2024-03-12 16:57:42 | Deep Dive |
| CVE-2024-26152 | Label Studio vulnerable to Cross-site Scripting if `<Choices>` or `<Labels>` are used in labeling config | HumanSignal | label-studio | Medium | 4.7 | 2024-02-22 21:52:26 | Deep Dive |
| CVE-2024-0220 | B&R products use insufficient communication encryption | B&R Industrial Automation | Automation Studio | High | 8.3 | 2024-02-22 10:15:45 | Deep Dive |
| CVE-2024-21404 | .NET Denial of Service Vulnerability | Microsoft | .NET 6.0 | High | 7.5 | 2024-02-13 18:02:24 | Deep Dive |
| CVE-2024-21386 | .NET Denial of Service Vulnerability | Microsoft | ASP.NET Core 6.0 | High | 7.5 | 2024-02-13 18:02:20 | Deep Dive |
| CVE-2021-22281 | Zip Slip Vulnerability in B&R Automation Studio Project Import | B&R Industrial Automation | Automation Studio | Medium | 6.3 | 2024-02-02 07:24:30 | Deep Dive |
| CVE-2020-24682 | Automation Studio and PVI Multiple unquoted service path vulnerabilities | B&R Industrial Automation | Automation Studio | High | 7.2 | 2024-02-02 07:11:44 | Deep Dive |
| CVE-2020-24681 | Automation Studio and PVI Multiple incorrect permission assignments for services | B&R Industrial Automation | Automation Studio | High | 8.2 | 2024-02-02 06:58:24 | Deep Dive |
| CVE-2021-22282 | RCE in B&R Automation Studio with crafted project files | B&R Industrial Automation | Automation Studio | High | 8.3 | 2024-02-02 06:38:32 | Deep Dive |
| CVE-2023-6078 | OS Command Injection vulnerability affecting BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023 | Dassault Systèmes | BIOVIA Materials Studio products | High | 8.8 | 2024-02-01 13:33:49 | Deep Dive |
| CVE-2023-47116 | Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections | HumanSignal | label-studio | Medium | 5.3 | 2024-01-31 16:21:51 | Deep Dive |
| CVE-2024-0833 | Privilege Elevation via Telerik Test Studio | Progress Software | Telerik Test Studio | High | 7.8 | 2024-01-31 15:15:15 | Deep Dive |
| CVE-2024-23633 | Label Studio XSS Vulnerability on Data Import | HumanSignal | label-studio | Medium | 4.7 | 2024-01-23 23:15:09 | Deep Dive |
| CVE-2023-47115 | Label Studio XSS Vulnerability on Avatar Upload | HumanSignal | label-studio | High | 7.1 | 2024-01-23 22:49:04 | Deep Dive |
| CVE-2022-45792 | Directory Traversal in Project File Format allows overwrite (Zip Slip) | Omron | Sysmac Studio | High | 7.8 | 2024-01-22 17:46:37 | Deep Dive |
| CVE-2022-40700 | Server Side Request Forgery (SSRF) vulnerability affecting multiple WordPress plugins | Montonio | Montonio for WooCommerce | High | 8.2 | 2024-01-19 14:30:11 | Deep Dive |