| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-27182 | Apache Linkis Basic management services: Engine material management Arbitrary file deletion vulnerability | Apache Software Foundation | Apache Linkis Basic management services | - | - | 2024-08-02 09:29:33 | Deep Dive |
| CVE-2024-27181 | Apache Linkis Basic management services: Privilege Escalation Attack vulnerability | Apache Software Foundation | Apache Linkis Basic management services | - | - | 2024-08-02 09:27:49 | Deep Dive |
| CVE-2023-48396 | Apache SeaTunnel Web: Authentication bypass | Apache Software Foundation | Apache SeaTunnel Web | - | - | 2024-07-30 08:15:34 | Deep Dive |
| CVE-2023-38522 | Apache Traffic Server: Incomplete field name check allows request smuggling | Apache Software Foundation | Apache Traffic Server | 中危 | - | 2024-07-26 09:11:20 | Deep Dive |
| CVE-2024-35296 | Apache Traffic Server: Invalid Accept-Encoding can force forwarding requests | Apache Software Foundation | Apache Traffic Server | 中危 | - | 2024-07-26 09:11:11 | Deep Dive |
| CVE-2024-35161 | Apache Traffic Server: Incomplete check for chunked trailer section allows request smuggling | Apache Software Foundation | Apache Traffic Server | 中危 | - | 2024-07-26 09:10:56 | Deep Dive |
| CVE-2024-25090 | Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode | Apache Software Foundation | Apache Roller | 中危 | - | 2024-07-26 08:36:47 | Deep Dive |
| CVE-2023-48362 | Apache Drill: XXE Vulnerability in XML Format Reader | Apache Software Foundation | Apache Drill | - | - | 2024-07-24 07:45:44 | Deep Dive |
| CVE-2024-39676 | Apache Pinot: Unauthorized endpoint exposed sensitive information | Apache Software Foundation | Apache Pinot | - | - | 2024-07-24 07:41:10 | Deep Dive |
| CVE-2024-41178 | Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files | Apache Software Foundation | Apache Arrow Rust Object Store | - | - | 2024-07-23 16:50:10 | Deep Dive |
| CVE-2024-29070 | Apache StreamPark: session not invalidated after logout | Apache Software Foundation | Apache StreamPark | - | - | 2024-07-23 08:13:41 | Deep Dive |
| CVE-2024-34457 | Apache StreamPark IDOR Vulnerability | Apache Software Foundation | Apache StreamPark | - | - | 2024-07-22 09:48:23 | Deep Dive |
| CVE-2024-38503 | Apache Syncope: HTML tags can be injected into Console or Enduser text fields | Apache Software Foundation | Apache Syncope | - | - | 2024-07-22 09:46:39 | Deep Dive |
| CVE-2024-23321 | Apache RocketMQ: Unauthorized Exposure of Sensitive Data | Apache Software Foundation | Apache RocketMQ | - | - | 2024-07-22 09:24:16 | Deep Dive |
| CVE-2024-41107 | Apache CloudStack: SAML Signature Exclusion | Apache Software Foundation | Apache CloudStack | 中危 | - | 2024-07-19 10:19:54 | Deep Dive |
| CVE-2024-41172 | Apache CXF: Unrestricted memory consumption in CXF HTTP clients | Apache Software Foundation | Apache CXF | 高危 | - | 2024-07-19 08:50:44 | Deep Dive |
| CVE-2024-32007 | Apache CXF Denial of Service vulnerability in JOSE | Apache Software Foundation | Apache CXF | 高危 | - | 2024-07-19 08:50:32 | Deep Dive |
| CVE-2024-29736 | Apache CXF: SSRF vulnerability via WADL stylesheet parameter | Apache Software Foundation | Apache CXF | 中危 | - | 2024-07-19 08:50:08 | Deep Dive |
| CVE-2024-29178 | Apache StreamPark: FreeMarker SSTI RCE Vulnerability | Apache Software Foundation | Apache StreamPark | - | - | 2024-07-18 11:15:57 | Deep Dive |
| CVE-2024-40725 | Apache HTTP Server: source code disclosure with handlers configured via AddType | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2024-07-18 09:32:44 | Deep Dive |