| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-5379 | Undertow: ajp request closes connection exceeding maxrequestsize | Red Hat | Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | High | 7.5 | 2023-12-12 21:54:53 | Deep Dive |
| CVE-2023-49581 | SQL Injection vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server ABAP and ABAP Platform | Medium | 4.1 | 2023-12-12 01:10:15 | Deep Dive |
| CVE-2023-49280 | Data leak of password hash through xwiki change request | xwiki-contrib | application-changerequest | High | 7.7 | 2023-12-04 22:33:59 | Deep Dive |
| CVE-2023-48322 | WordPress eDoc Employee Job Application Plugin <= 1.13 is vulnerable to Cross Site Scripting (XSS) | eDoc Intelligence | eDoc Employee Job Application – Best WordPress Job Manager for Employees | High | 7.1 | 2023-11-30 11:18:06 | Deep Dive |
| CVE-2023-5607 | Trellix Application and Change Control 路径遍历漏洞 | Trellix | Trellix Application and Change Control (TACC) | High | 8.4 | 2023-11-27 10:36:52 | Deep Dive |
| CVE-2023-48293 | XWiki Admin Tools Application CSRF with QueryOnXWiki allows arbitrary database queries | xwiki-contrib | application-admintools | High | 8.8 | 2023-11-20 18:14:09 | Deep Dive |
| CVE-2023-48292 | XWiki Admin Tools Application Run Shell Command allows CSRF RCE attacks | xwiki-contrib | application-admintools | Critical | 9.6 | 2023-11-20 18:02:43 | Deep Dive |
| CVE-2023-30954 | Gotham Video Broken Authentication | Palantir | com.palantir.video:video-application-server | Low | 2.7 | 2023-11-15 19:43:36 | Deep Dive |
| CVE-2023-34982 | AVEVA Operations Control Logger External Control of File Name or Path | AVEVA | SystemPlatform | Medium | 5.5 | 2023-11-15 16:28:35 | Deep Dive |
| CVE-2023-33873 | AVEVA Operations Control Logger Execution with Unnecessary Privileges | AVEVA | SystemPlatform | High | 7.8 | 2023-11-15 16:22:32 | Deep Dive |
| CVE-2023-38411 | Intel Smart Campus Android application 安全漏洞 | - | Intel Smart Campus android application | Low | 3.9 | 2023-11-14 19:05:02 | Deep Dive |
| CVE-2023-33872 | Intel Support 安全漏洞 | - | Intel Support android application | Medium | 5.5 | 2023-11-14 19:04:58 | Deep Dive |
| CVE-2023-41366 | Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server ABAP and ABAP Platform | Medium | 5.3 | 2023-11-14 01:01:08 | Deep Dive |
| CVE-2023-46743 | The same file cannot be opened with different rights | xwikisas | application-collabora | High | 7.3 | 2023-11-09 15:32:22 | Deep Dive |
| CVE-2023-5079 | Lenovo LeCloud 输入验证错误漏洞 | Lenovo | LeCloud Application | High | 7.5 | 2023-11-08 22:03:44 | Deep Dive |
| CVE-2023-4061 | Wildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor | Red Hat | Red Hat JBoss Enterprise Application Platform 7 | Medium | 6.5 | 2023-11-08 00:56:05 | Deep Dive |
| CVE-2022-45357 | WordPress 1003 Mortgage Application plugin <= 1.75 - CSV Injection | 8blocks | 1003 Mortgage Application | Medium | 6.1 | 2023-11-07 15:45:28 | Deep Dive |
| CVE-2023-5826 | Netentsec NS-ASG Application Security Gateway list_onlineuser.php sql injection | Netentsec | NS-ASG Application Security Gateway | Medium | 5.5 | 2023-10-27 17:31:05 | Deep Dive |
| CVE-2023-5785 | Netentsec NS-ASG Application Security Gateway addaddress_interpret.php sql injection | Netentsec | NS-ASG Application Security Gateway | Medium | 5.5 | 2023-10-26 15:00:06 | Deep Dive |
| CVE-2023-5784 | Netentsec NS-ASG Application Security Gateway uploadfirewall.php sql injection | Netentsec | NS-ASG Application Security Gateway | Medium | 5.5 | 2023-10-26 14:31:05 | Deep Dive |