| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-12401 | Cert-manager: potential dos when parsing specially crafted pem inputs | - | - | Medium | 4.4 | 2024-12-12 09:06:04 | Deep Dive |
| CVE-2024-12397 | Io.quarkus.http/quarkus-http-core: quarkus http cookie smuggling | - | - | High | 7.4 | 2024-12-12 09:05:28 | Deep Dive |
| CVE-2024-12369 | Elytron-oidc-client: oidc authorization code injection | - | - | Medium | 4.2 | 2024-12-09 20:53:09 | Deep Dive |
| CVE-2024-11738 | Rustls: rustls network-reachable panic in `acceptor::accept` | - | - | Medium | 5.3 | 2024-12-06 14:54:11 | Deep Dive |
| CVE-2024-8676 | Cri-o: checkpoint restore can be triggered from different namespaces | - | - | High | 7.4 | 2024-11-26 19:15:48 | Deep Dive |
| CVE-2024-52337 | Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method | - | - | Medium | 5.5 | 2024-11-26 15:21:18 | Deep Dive |
| CVE-2024-52336 | Tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root | - | - | High | 7.8 | 2024-11-26 15:21:14 | Deep Dive |
| CVE-2024-10492 | Keycloak-quarkus-server: keycloak path trasversal | - | - | 低危 | - | 2024-11-25 07:37:31 | Deep Dive |
| CVE-2024-10270 | Org.keycloak:keycloak-services: keycloak denial of service | - | - | Medium | 6.5 | 2024-11-25 07:37:05 | Deep Dive |
| CVE-2024-10451 | Org.keycloak:keycloak-quarkus-server: sensitive data exposure in keycloak build process | Red Hat | Red Hat build of Keycloak 24 | Medium | 5.9 | 2024-11-25 07:37:05 | Deep Dive |
| CVE-2024-9666 | Org.keycloak/keycloak-quarkus-server: keycloak proxy header handling denial-of-service (dos) vulnerability | - | - | Medium | 4.7 | 2024-11-25 07:29:52 | Deep Dive |
| CVE-2024-6538 | Openshift-console: openshift console: server-side request forgery | - | - | Medium | 5.3 | 2024-11-25 06:15:13 | Deep Dive |
| CVE-2024-11483 | Automation-gateway: aap-gateway: improper scope handling in oauth2 tokens for aap 2.5 | - | - | Medium | 5.0 | 2024-11-25 03:54:34 | Deep Dive |
| CVE-2024-52616 | Avahi: avahi wide-area dns predictable transaction ids | - | - | Medium | 5.3 | 2024-11-21 20:41:12 | Deep Dive |
| CVE-2024-52615 | Avahi: avahi wide-area dns uses constant source port | - | - | Medium | 5.3 | 2024-11-21 20:34:01 | Deep Dive |
| CVE-2023-39180 | Kernel: ksmbd: read request memory leak denial-of-service vulnerability | - | - | Medium | 4.0 | 2024-11-18 09:53:20 | Deep Dive |
| CVE-2023-39179 | Kernel: ksmbd: read request out-of-bounds read information disclosure vulnerability | - | - | High | 7.5 | 2024-11-18 09:51:10 | Deep Dive |
| CVE-2023-39176 | Kernel: ksmbd: transform header out-of-bounds read information disclosure vulnerability | - | - | Medium | 5.8 | 2024-11-18 09:50:46 | Deep Dive |
| CVE-2024-0793 | Kube-controller-manager: malformed hpa v1 manifest causes crash | - | - | High | 7.7 | 2024-11-17 10:45:50 | Deep Dive |
| CVE-2023-6110 | Openstack: deleting a non existing access rule deletes another existing access rule in it's scope | Red Hat | Red Hat OpenStack Platform 17.1 for RHEL 8 | Medium | 5.5 | 2024-11-17 10:22:35 | Deep Dive |