| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-5756 | Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.23 - Unauthenticated SQL Injection via optin | icegram | Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress | Critical | 9.8 | 2024-06-21 04:34:11 | Deep Dive |
| CVE-2024-6162 | Undertow: url-encoded request path information can be broken on ajp-listener | - | - | High | 7.5 | 2024-06-20 14:33:10 | Deep Dive |
| CVE-2024-6188 | Parsec Automation TrackSYS pagedefinition direct request | Parsec Automation | TrackSYS | Medium | 5.3 | 2024-06-20 13:31:05 | Deep Dive |
| CVE-2024-37369 | Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions | Rockwell Automation | FactoryTalk® View SE | - | - | 2024-06-14 16:50:20 | Deep Dive |
| CVE-2024-5659 | Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers | Rockwell Automation | ControlLogix® 5580 | - | - | 2024-06-14 16:42:21 | Deep Dive |
| CVE-2024-37368 | Rockwell Automation FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction | Rockwell Automation | FactoryTalk® View SE | - | - | 2024-06-14 14:30:53 | Deep Dive |
| CVE-2024-37367 | Rockwell Automation FactoryTalk® View SE v12 Information Leakage Vulnerability via Authentication Restriction | Rockwell Automation | FactoryTalk® View SE | - | - | 2024-06-14 14:17:55 | Deep Dive |
| CVE-2024-4845 | Icegram Express <= 5.7.22 - Authenticated (Subscriber+) SQL Injection Vulnerability via options[list_id] | icegram | Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress | High | 8.8 | 2024-06-12 09:33:12 | Deep Dive |
| CVE-2024-4295 | Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash | icegram | Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress | Critical | 9.8 | 2024-06-05 05:33:06 | Deep Dive |
| CVE-2024-3626 | Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.17 - Missing Authorization | icegram | Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress | Medium | 4.3 | 2024-05-23 05:32:15 | Deep Dive |
| CVE-2024-4563 | The Progress MOVEit Automation Configuration Export Function Uses a Cryptographic Method with Insufficient Bit Length | Progress Software Corporation | MOVEit Automation | Medium | 6.1 | 2024-05-22 17:01:01 | Deep Dive |
| CVE-2024-3640 | Rockwell Automation FactoryTalk® Remote Access™ has Unquoted Executables | Rockwell Automation | FactoryTalk® Remote Access™ | - | - | 2024-05-16 15:25:29 | Deep Dive |
| CVE-2024-4609 | Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability | Rockwell Automation | FactoryTalk® View SE | - | - | 2024-05-16 15:13:45 | Deep Dive |
| CVE-2024-4010 | Email Subscribers by Icegram Express <= 5.7.19 - Missing Authorization in handle_ajax_request | icegram | Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress | High | 8.8 | 2024-05-15 08:34:13 | Deep Dive |
| CVE-2021-22280 | DLL Hijacking Vulnerability in Automation Studio | B&R Industrial Automation | Automation Studio | High | 7.2 | 2024-05-14 19:36:52 | Deep Dive |
| CVE-2024-2637 | Insecure Loading of Code in B&R Products | B&R Industrial Automation | Scene Viewer | High | 7.2 | 2024-05-14 18:49:29 | Deep Dive |
| CVE-2023-46280 | Siemens 多款产品 缓冲区错误漏洞 | Siemens | Security Configuration Tool (SCT) | Medium | 6.5 | 2024-05-14 10:01:52 | Deep Dive |
| CVE-2024-3727 | Containers/image: digest type does not guarantee valid type | - | - | High | 8.3 | 2024-05-09 14:57:21 | Deep Dive |
| CVE-2024-4511 | Shanghai Sunfull Automation BACnet Server HMI1002-ARM Message buffer overflow | Shanghai Sunfull Automation | BACnet Server HMI1002-ARM | Medium | 6.3 | 2024-05-06 01:00:05 | Deep Dive |
| CVE-2023-50233 | Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability | Inductive Automation | Ignition | 中危 | - | 2024-05-03 02:14:50 | Deep Dive |