| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-4690 | Insecure usage for DocumentBuilderFactory and TransformerFactory in OpenText Application Automation Tools | OpenText | OpenText Application Automation Tools | - | - | 2024-10-16 16:41:22 | Deep Dive |
| CVE-2024-4211 | Multiple missing permission checks | OpenText | OpenText Application Automation Tools | - | - | 2024-10-16 16:41:21 | Deep Dive |
| CVE-2024-4189 | Multiple XXE sinks in Run LoadRunner script step in OpenText Application Automation Tools | OpenText | OpenText Application Automation Tools | - | - | 2024-10-16 16:41:20 | Deep Dive |
| CVE-2024-4184 | Multiple XXE sinks in ALM archive post-build step in OpenText Application Automation Tools | OpenText | OpenText Application Automation Tools | - | - | 2024-10-16 16:41:02 | Deep Dive |
| CVE-2023-32266 | Code injection vulnerability found in OpenText Application Lifecycle Management (ALM),Quality Center. | OpenText™ | Application Lifecycle Management (ALM),Quality Center | - | - | 2024-10-16 16:28:39 | Deep Dive |
| CVE-2024-45071 | IBM WebSphere Application Server cross-site scripting | IBM | WebSphere Application Server | Medium | 5.5 | 2024-10-16 16:20:40 | Deep Dive |
| CVE-2024-45072 | IBM WebSphere Application Server XML external entity injection | IBM | WebSphere Application Server | Medium | 5.5 | 2024-10-16 16:12:14 | Deep Dive |
| CVE-2024-45085 | IBM WebSphere Application Server denial of service | IBM | WebSphere Application Server | Medium | 5.9 | 2024-10-15 21:12:37 | Deep Dive |
| CVE-2024-21264 | Oracle PeopleSoft Enterprise CC Common Application Objects 安全漏洞 | Oracle Corporation | PeopleSoft Enterprise CC Common Application Objects | Medium | 5.4 | 2024-10-15 19:52:56 | Deep Dive |
| CVE-2024-21261 | Oracle Application Express 安全漏洞 | Oracle Corporation | Oracle Application Express | Medium | 4.9 | 2024-10-15 19:52:55 | Deep Dive |
| CVE-2024-3656 | Keycloak: unguarded admin rest api endpoints allows low privilege users to use administrative functionalities | - | - | High | 8.1 | 2024-10-09 18:59:11 | Deep Dive |
| CVE-2024-9622 | Resteasy-netty4-cdi: resteasy-netty4: resteasy-reactor-netty: http request smuggling leading to client timeouts in resteasy-netty4 | - | - | Medium | 5.3 | 2024-10-08 16:26:13 | Deep Dive |
| CVE-2024-8884 | Schneider Electric System Monitor application 信息泄露漏洞 | Schneider Electric | System Monitor application in Harmony Industrial PC HMIBMO/HMIBMI/HMIPSO/HMIBMP/HMIBMU/HMIPSP/HMIPEP series | Critical | 9.8 | 2024-10-08 10:32:25 | Deep Dive |
| CVE-2024-45073 | IBM WebSphere Application Server cross-site scripting | IBM | WebSphere Application Server | Medium | 4.8 | 2024-09-30 22:00:53 | Deep Dive |
| CVE-2024-8883 | Keycloak: vulnerable redirect uri validation results in open redirec | - | - | Medium | 6.1 | 2024-09-19 15:48:28 | Deep Dive |
| CVE-2024-8698 | Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak | - | - | High | 7.7 | 2024-09-19 15:48:18 | Deep Dive |
| CVE-2024-6406 | Sensetive Data Exposure in Yordam Information Technology's Mobile Library Application | Yordam Information Technology | Mobile Library Application | - | - | 2024-09-18 11:44:18 | Deep Dive |
| CVE-2024-42025 | Ubiquiti UniFi Network 安全漏洞 | Ubiquiti Inc | UniFi Network Application | - | - | 2024-09-13 15:47:20 | Deep Dive |
| CVE-2023-6841 | Keycloak: amount of attributes per object is not limited and it may lead to dos | - | - | High | 7.5 | 2024-09-10 16:15:33 | Deep Dive |
| CVE-2024-45285 | Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server for ABAP and ABAP Platform | Medium | 5.4 | 2024-09-10 04:59:02 | Deep Dive |