| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-39746 | IBM Sterling Connect:Direct Web Services information disclosure | IBM | Sterling Connect:Direct Web Services | Medium | 5.9 | 2024-08-22 10:29:54 | Deep Dive |
| CVE-2024-28987 | SolarWinds Web Help Desk Hardcoded Credential Vulnerability | SolarWinds | Web Help Desk | Critical | 9.1 | 2024-08-21 21:17:23 | Deep Dive |
| CVE-2023-49198 | Apache SeaTunnel Web: Arbitrary file read vulnerability | Apache Software Foundation | Apache SeaTunnel Web | - | - | 2024-08-21 09:37:57 | Deep Dive |
| CVE-2024-41700 | Barix – CWE-200 Exposure of Sensitive Information to an Unauthorized Actor | Barix | Barix SIP Client Web Management Interface UI | High | 7.5 | 2024-08-20 12:05:10 | Deep Dive |
| CVE-2024-37099 | WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability | Liquid Web | GiveWP | Critical | 10.0 | 2024-08-19 16:51:49 | Deep Dive |
| CVE-2024-6456 | SQL Injection vulnerability in AVEVA Historian Server | AVEVA | Historian Web Server | - | - | 2024-08-15 20:10:59 | Deep Dive |
| CVE-2024-28986 | SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability | SolarWinds | Web Help Desk | Critical | 9.8 | 2024-08-13 22:06:45 | Deep Dive |
| CVE-2024-33005 | Missing Authorization check in SAP NetWeaver Application Server (ABAP and Java),SAP Web Dispatcher and SAP Content Server | SAP_SE | SAP NetWeaver Application Server (ABAP and Java),SAP Web Dispatcher and SAP Content Server | Medium | 6.3 | 2024-08-13 03:47:45 | Deep Dive |
| CVE-2024-42374 | XML injection in SAP BEx Web Java Runtime Export Web Service | SAP_SE | SAP BEx Web Java Runtime Export Web Service | High | 8.2 | 2024-08-13 03:34:11 | Deep Dive |
| CVE-2024-38166 | Microsoft Dynamics 365 Cross-site Scripting Vulnerability | Microsoft | Dynamics CRM Service Portal Web Resource | High | 8.2 | 2024-08-06 21:38:19 | Deep Dive |
| CVE-2024-41811 | ipl/web susceptible to Cross-Site Request Forgery (CSRF) | Icinga | ipl-web | Low | 3.9 | 2024-08-05 20:17:31 | Deep Dive |
| CVE-2024-38746 | WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vulnerability | MakeStories Team | MakeStories (for Google Web Stories) | High | 7.1 | 2024-08-01 21:02:30 | Deep Dive |
| CVE-2024-41696 | Priority PRI WEB Portal Add-On for Priority ERP on prem – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor | Priority | PRI WEB Portal Add-On for Priority ERP on prem | High | 7.5 | 2024-07-30 09:09:11 | Deep Dive |
| CVE-2024-41141 | EC-CUBE Web API Plugin 安全漏洞 | EC-CUBE CO.,LTD. | EC-CUBE Web API Plugin | - | - | 2024-07-30 08:45:41 | Deep Dive |
| CVE-2023-48396 | Apache SeaTunnel Web: Authentication bypass | Apache Software Foundation | Apache SeaTunnel Web | - | - | 2024-07-30 08:15:34 | Deep Dive |
| CVE-2024-3669 | Web Directory Free < 1.7.2 - Reflected XSS | Unknown | Web Directory Free | - | - | 2024-07-30 06:00:07 | Deep Dive |
| CVE-2024-38773 | WordPress formlift plugin <= 7.5.17 - Unauthenticated Blind SQL Injection vulnerability | Adrian Tobey | FormLift for Infusionsoft Web Forms | Critical | 9.3 | 2024-07-22 10:07:54 | Deep Dive |
| CVE-2024-38781 | WordPress CopySafe Web Protection plugin <= 3.15 - Reflected Cross Site Scripting (XSS) vulnerability | ArtistScope | CopySafe Web Protection | High | 7.1 | 2024-07-21 21:15:36 | Deep Dive |
| CVE-2024-37514 | WordPress CopySafe Web Protection plugin <= 3.14 - Cross Site Scripting (XSS) vulnerability | ArtistScope | CopySafe Web Protection | Medium | 6.5 | 2024-07-21 07:16:35 | Deep Dive |
| CVE-2024-37557 | WordPress WP Cookie Law Info plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability | Soham Web Solution | WP Cookie Law Info | Medium | 5.9 | 2024-07-21 06:52:18 | Deep Dive |