| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-39884 | Apache HTTP Server: source code disclosure with handlers configured via AddType | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2024-07-04 08:36:50 | Deep Dive |
| CVE-2024-34750 | Apache Tomcat: HTTP/2 excess header handling DoS | Apache Software Foundation | Apache Tomcat | - | - | 2024-07-03 19:32:35 | Deep Dive |
| CVE-2024-39573 | Apache HTTP Server: mod_rewrite proxy handler substitution | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:16:44 | Deep Dive |
| CVE-2024-38477 | Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2024-07-01 18:16:12 | Deep Dive |
| CVE-2024-38476 | Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:15:40 | Deep Dive |
| CVE-2024-38475 | Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:15:12 | Deep Dive |
| CVE-2024-38474 | Apache HTTP Server weakness with encoded question marks in backreferences | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:14:47 | Deep Dive |
| CVE-2024-38473 | Apache HTTP Server proxy encoding problem | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:14:22 | Deep Dive |
| CVE-2024-38472 | Apache HTTP Server on WIndows UNC SSRF | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:12:28 | Deep Dive |
| CVE-2024-36387 | Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 | Apache Software Foundation | Apache HTTP Server | - | - | 2024-07-01 18:10:26 | Deep Dive |
| CVE-2024-29868 | Apache StreamPipes, Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation | Apache Software Foundation | Apache StreamPipes | - | - | 2024-06-24 09:59:40 | Deep Dive |
| CVE-2024-27136 | Apache JSPWiki: Cross-site scripting vulnerability on upload page | Apache Software Foundation | Apache JSPWiki | - | - | 2024-06-24 07:44:31 | Deep Dive |
| CVE-2024-38379 | Apache Allura: Stored authenticated XSS | Apache Software Foundation | Apache Allura | 中危 | - | 2024-06-22 09:09:32 | Deep Dive |
| CVE-2024-6162 | Undertow: url-encoded request path information can be broken on ajp-listener | - | - | High | 7.5 | 2024-06-20 14:33:10 | Deep Dive |
| CVE-2024-34693 | Apache Superset: Server arbitrary file read | Apache Software Foundation | Apache Superset | Medium | 6.8 | 2024-06-20 08:51:55 | Deep Dive |
| CVE-2024-25142 | Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache | Apache Software Foundation | Apache Airflow | - | - | 2024-06-14 08:25:36 | Deep Dive |
| CVE-2024-36265 | Apache Submarine Server Core: authorization bypass | Apache Software Foundation | Apache Submarine Server Core | - | - | 2024-06-12 14:12:11 | Deep Dive |
| CVE-2024-36264 | Apache Submarine Commons Utils: default secret | Apache Software Foundation | Apache Submarine Commons Utils | - | - | 2024-06-12 14:06:32 | Deep Dive |
| CVE-2024-36263 | Apache Submarine Server Core: SQL injection | Apache Software Foundation | Apache Submarine Server Core | - | - | 2024-06-12 14:05:00 | Deep Dive |
| CVE-2024-36471 | Apache Allura: sensitive information exposure via DNS rebinding | Apache Software Foundation | Apache Allura | 中危 | - | 2024-06-10 21:55:06 | Deep Dive |