| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-8553 | Foreman: read-only access to entire db from templates | - | - | Medium | 6.3 | 2024-10-31 15:01:16 | Deep Dive |
| CVE-2024-9632 | Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability | - | - | High | 7.8 | 2024-10-30 07:42:35 | Deep Dive |
| CVE-2024-10295 | Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request | - | - | High | 7.5 | 2024-10-24 17:55:10 | Deep Dive |
| CVE-2024-10041 | Pam: libpam: libpam vulnerable to read hashed password | - | - | Medium | 4.7 | 2024-10-23 13:46:28 | Deep Dive |
| CVE-2024-50312 | Graphql: information disclosure via graphql introspection in openshift | Red Hat | Red Hat OpenShift Container Platform 4.16 | Medium | 5.3 | 2024-10-22 13:24:12 | Deep Dive |
| CVE-2024-50311 | Graphql: denial of service (dos) vulnerability via graphql batching | Red Hat | Red Hat OpenShift Container Platform 4.18 | Medium | 6.5 | 2024-10-22 13:24:04 | Deep Dive |
| CVE-2024-10234 | Wildfly: wildfly vulnerable to cross-site scripting (xss) | - | - | Medium | 6.1 | 2024-10-22 13:17:58 | Deep Dive |
| CVE-2024-9050 | Networkmanager-libreswan: local privilege escalation via leftupdown | - | - | High | 7.8 | 2024-10-22 12:14:32 | Deep Dive |
| CVE-2024-6519 | Qemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerability | - | - | High | 8.2 | 2024-10-21 14:36:40 | Deep Dive |
| CVE-2024-9683 | Quay: quay allows successful authentication with trucated version of the password | - | - | Medium | 4.8 | 2024-10-17 14:08:57 | Deep Dive |
| CVE-2024-10033 | Aap-gateway: xss on aap-gateway | - | - | Medium | 6.1 | 2024-10-16 16:59:44 | Deep Dive |
| CVE-2024-9676 | Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos) | - | - | Medium | 6.5 | 2024-10-15 15:27:34 | Deep Dive |
| CVE-2024-9979 | Pyo3: risk of use-after-free in `borrowed` reads from python weak references | - | - | Medium | 5.3 | 2024-10-15 14:01:54 | Deep Dive |
| CVE-2024-3656 | Keycloak: unguarded admin rest api endpoints allows low privilege users to use administrative functionalities | - | - | High | 8.1 | 2024-10-09 18:59:11 | Deep Dive |
| CVE-2024-9675 | Buildah: buildah allows arbitrary directory mount | - | - | High | 7.8 | 2024-10-09 14:32:12 | Deep Dive |
| CVE-2024-9671 | System: pdf invoices of the developer users can be seen if the url is known | - | - | Medium | 5.3 | 2024-10-09 14:32:11 | Deep Dive |
| CVE-2024-9622 | Resteasy-netty4-cdi: resteasy-netty4: resteasy-reactor-netty: http request smuggling leading to client timeouts in resteasy-netty4 | - | - | Medium | 5.3 | 2024-10-08 16:26:13 | Deep Dive |
| CVE-2024-9621 | Io.quarkiverse.cxf:quarkus-cxf: quarkus cxf may log user password and secret to application log | - | - | Medium | 5.3 | 2024-10-08 16:26:09 | Deep Dive |
| CVE-2024-9620 | Event-driven automation in ansible automation platform (aap): ansible event-driven automation (eda) lacks encryption | - | - | Medium | 5.3 | 2024-10-08 16:25:40 | Deep Dive |
| CVE-2024-9407 | Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction | - | - | Medium | 4.7 | 2024-10-01 20:13:30 | Deep Dive |