| CVE-2024-40898 | Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-18 09:32:07 | Deep Dive |
| CVE-2024-29120 | Apache StreamPark: Information leakage vulnerability | Apache Software Foundation | Apache StreamPark | - | - | 2024-07-17 14:59:05 | Deep Dive |
| CVE-2024-31411 | Apache StreamPipes: Potential remote code execution (RCE) via file upload | Apache Software Foundation | Apache StreamPipes | - | - | 2024-07-17 09:22:09 | Deep Dive |
| CVE-2024-31979 | Apache StreamPipes: Possibility of SSRF in pipeline element installation process | Apache Software Foundation | Apache StreamPipes | - | - | 2024-07-17 09:04:48 | Deep Dive |
| CVE-2024-30471 | Apache StreamPipes: Potential creation of multiple identical accounts | Apache Software Foundation | Apache StreamPipes | - | - | 2024-07-17 09:01:52 | Deep Dive |
| CVE-2024-29737 | Apache StreamPark (incubating): maven build params could trigger remote command execution | Apache Software Foundation | Apache StreamPark (incubating) | - | - | 2024-07-17 08:21:12 | Deep Dive |
| CVE-2023-52291 | Apache StreamPark (incubating): Unchecked maven build params could trigger remote command execution | Apache Software Foundation | Apache StreamPark (incubating) | - | - | 2024-07-17 08:16:13 | Deep Dive |
| CVE-2024-39877 | Apache Airflow: DAG Author Code Execution possibility in airflow-scheduler | Apache Software Foundation | Apache Airflow | - | - | 2024-07-17 07:54:24 | Deep Dive |
| CVE-2024-39863 | Apache Airflow: Potential XSS Vulnerability | Apache Software Foundation | Apache Airflow | - | - | 2024-07-17 07:53:32 | Deep Dive |
| CVE-2024-39887 | Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions | Apache Software Foundation | Apache Superset | Medium | 4.3 | 2024-07-16 09:20:11 | Deep Dive |
| CVE-2023-52290 | Apache StreamPark (incubating): Unchecked SQL query fields trigger SQL injection vulnerability | Apache Software Foundation | Apache StreamPark (incubating) | - | - | 2024-07-16 07:37:39 | Deep Dive |
| CVE-2023-49566 | Apache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability | Apache Software Foundation | Apache Linkis DataSource | 高危 | - | 2024-07-15 07:56:52 | Deep Dive |
| CVE-2023-46801 | Apache Linkis DataSource: DataSource Remote code execution vulnerability | Apache Software Foundation | Apache Linkis DataSource | 高危 | - | 2024-07-15 07:55:30 | Deep Dive |
| CVE-2023-41916 | Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading | Apache Software Foundation | Apache Linkis DataSource | 高危 | - | 2024-07-15 07:53:58 | Deep Dive |
| CVE-2024-36522 | Apache Wicket: Remote code execution via XSLT injection | Apache Software Foundation | Apache Wicket | - | - | 2024-07-12 12:13:52 | Deep Dive |
| CVE-2024-3653 | Undertow: learningpushhandler can lead to remote memory dos attacks | - | - | Medium | 5.3 | 2024-07-08 21:21:21 | Deep Dive |
| CVE-2024-5971 | Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket | - | - | High | 7.5 | 2024-07-08 20:51:29 | Deep Dive |
| CVE-2024-37389 | Apache NiFi: Improper Neutralization of Input in Parameter Context Description | Apache Software Foundation | Apache NiFi | Medium | 4.6 | 2024-07-08 07:29:00 | Deep Dive |
| CVE-2024-38346 | Apache CloudStack: Unauthenticated cluster service port leads to remote execution | Apache Software Foundation | Apache CloudStack | 超危 | - | 2024-07-05 13:40:57 | Deep Dive |
| CVE-2024-39864 | Apache CloudStack: Integration API service uses dynamic port when disabled | Apache Software Foundation | Apache CloudStack | 超危 | - | 2024-07-05 13:40:38 | Deep Dive |