| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-6717 | Keycloak: xss via assertion consumer service url in saml post-binding flow | - | - | Medium | 6.0 | 2024-04-25 16:02:03 | Deep Dive |
| CVE-2023-5675 | Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used. | - | - | Medium | 6.5 | 2024-04-25 15:44:56 | Deep Dive |
| CVE-2024-1249 | Keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkloginiframe leads to ddos | - | - | High | 7.4 | 2024-04-17 13:22:48 | Deep Dive |
| CVE-2024-1132 | Keycloak: path transversal in redirection validation | - | - | High | 8.1 | 2024-04-17 13:21:19 | Deep Dive |
| CVE-2024-2424 | Rockwell Automation Input/Output Device Vulnerable to Major Nonrecoverable Fault | Rockwell Automation | 5015-AENFTXT | High | 7.5 | 2024-04-15 21:26:20 | Deep Dive |
| CVE-2024-3493 | Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value | Rockwell Automation | ControlLogix 5580 | High | 8.6 | 2024-04-15 21:17:36 | Deep Dive |
| CVE-2024-2656 | Icegram Express <= 5.7.14 - Authenticated (Administrator+) Cross-Site Scripting via CSV import | icegram | Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress | Medium | 4.4 | 2024-04-06 03:24:43 | Deep Dive |
| CVE-2024-24976 | Open Automation Software OAS Platform 安全漏洞 | Open Automation Software | OAS Platform | Medium | 4.9 | 2024-04-03 13:55:04 | Deep Dive |
| CVE-2024-21870 | Open Automation Software OAS Platform 安全漏洞 | Open Automation Software | OAS Platform | Medium | 4.9 | 2024-04-03 13:55:03 | Deep Dive |
| CVE-2024-27201 | Open Automation Software OAS Platform 安全漏洞 | Open Automation Software | OAS Platform | Medium | 4.9 | 2024-04-03 13:55:03 | Deep Dive |
| CVE-2024-22178 | Open Automation Software OAS Platform 安全漏洞 | Open Automation Software | OAS Platform | Medium | 4.9 | 2024-04-03 13:55:02 | Deep Dive |
| CVE-2024-1300 | Io.vertx:vertx-core: memory leak when a tcp server is configured with tls and sni support | - | - | Medium | 5.4 | 2024-04-02 07:33:05 | Deep Dive |
| CVE-2023-50959 | IBM Cloud Pak for Business Automation information disclosure | IBM | Cloud Pak for Business Automation | Medium | 5.3 | 2024-03-31 11:56:26 | Deep Dive |
| CVE-2024-1023 | Io.vertx/vertx-core: memory leak due to the use of netty fastthreadlocal data structures in vertx | - | - | Medium | 6.5 | 2024-03-27 07:51:16 | Deep Dive |
| CVE-2024-2929 | Rockwell Automation Arena Simulation Vulnerable To Memory Corruption | Rockwell Automation | Arena Simulation | High | 7.8 | 2024-03-26 15:56:32 | Deep Dive |
| CVE-2024-21920 | Rockwell Automation Arena Simulation Vulnerable To Buffer Overflow | Rockwell Automation | Arena Simulation | Medium | 4.4 | 2024-03-26 15:49:00 | Deep Dive |
| CVE-2024-21919 | Rockwell Automation Arena Simulation Vulnerable To Uninitialized Pointer | Rockwell Automation | Arena Simulation | High | 7.8 | 2024-03-26 15:46:38 | Deep Dive |
| CVE-2024-21918 | Rockwell Automation Arena Simulation Vulnerable To Memory Corruption | Rockwell Automation | Arena Simulation | High | 7.8 | 2024-03-26 15:44:34 | Deep Dive |
| CVE-2024-21913 | Rockwell Automation Arena Simulation Vulnerable To Memory Corruption | Rockwell Automation | Arena Simulation | High | 7.8 | 2024-03-26 15:38:24 | Deep Dive |
| CVE-2024-21912 | Rockwell Automation Arena Simulation vulnerable to out of bounds write | Rockwell Automation | Arena Simulation | High | 7.8 | 2024-03-26 15:34:36 | Deep Dive |