| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-50312 | Graphql: information disclosure via graphql introspection in openshift | Red Hat | Red Hat OpenShift Container Platform 4.16 | Medium | 5.3 | 2024-10-22 13:24:12 | Deep Dive |
| CVE-2024-50311 | Graphql: denial of service (dos) vulnerability via graphql batching | Red Hat | Red Hat OpenShift Container Platform 4.18 | Medium | 6.5 | 2024-10-22 13:24:04 | Deep Dive |
| CVE-2024-10234 | Wildfly: wildfly vulnerable to cross-site scripting (xss) | - | - | Medium | 6.1 | 2024-10-22 13:17:58 | Deep Dive |
| CVE-2024-9050 | Networkmanager-libreswan: local privilege escalation via leftupdown | - | - | High | 7.8 | 2024-10-22 12:14:32 | Deep Dive |
| CVE-2024-6519 | Qemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerability | - | - | High | 8.2 | 2024-10-21 14:36:40 | Deep Dive |
| CVE-2024-9683 | Quay: quay allows successful authentication with trucated version of the password | - | - | Medium | 4.8 | 2024-10-17 14:08:57 | Deep Dive |
| CVE-2024-10033 | Aap-gateway: xss on aap-gateway | - | - | Medium | 6.1 | 2024-10-16 16:59:44 | Deep Dive |
| CVE-2024-9676 | Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos) | - | - | Medium | 6.5 | 2024-10-15 15:27:34 | Deep Dive |
| CVE-2024-9979 | Pyo3: risk of use-after-free in `borrowed` reads from python weak references | - | - | Medium | 5.3 | 2024-10-15 14:01:54 | Deep Dive |
| CVE-2024-3656 | Keycloak: unguarded admin rest api endpoints allows low privilege users to use administrative functionalities | - | - | High | 8.1 | 2024-10-09 18:59:11 | Deep Dive |
| CVE-2024-9675 | Buildah: buildah allows arbitrary directory mount | - | - | High | 7.8 | 2024-10-09 14:32:12 | Deep Dive |
| CVE-2024-9671 | System: pdf invoices of the developer users can be seen if the url is known | - | - | Medium | 5.3 | 2024-10-09 14:32:11 | Deep Dive |
| CVE-2024-9622 | Resteasy-netty4-cdi: resteasy-netty4: resteasy-reactor-netty: http request smuggling leading to client timeouts in resteasy-netty4 | - | - | Medium | 5.3 | 2024-10-08 16:26:13 | Deep Dive |
| CVE-2024-9621 | Io.quarkiverse.cxf:quarkus-cxf: quarkus cxf may log user password and secret to application log | - | - | Medium | 5.3 | 2024-10-08 16:26:09 | Deep Dive |
| CVE-2024-9620 | Event-driven automation in ansible automation platform (aap): ansible event-driven automation (eda) lacks encryption | - | - | Medium | 5.3 | 2024-10-08 16:25:40 | Deep Dive |
| CVE-2024-9407 | Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction | - | - | Medium | 4.7 | 2024-10-01 20:13:30 | Deep Dive |
| CVE-2024-9341 | Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library | - | - | Medium | 5.4 | 2024-10-01 18:52:01 | Deep Dive |
| CVE-2024-9355 | Golang-fips: golang fips zeroed buffer | - | - | Medium | 6.5 | 2024-10-01 18:17:29 | Deep Dive |
| CVE-2024-7259 | Ovirt-engine: potential exposure of cleartext provider passwords via web ui | - | - | Medium | 4.9 | 2024-09-26 15:15:57 | Deep Dive |
| CVE-2024-8612 | Qemu-kvm: information leak in virtio devices | - | - | Low | 3.8 | 2024-09-20 17:50:22 | Deep Dive |