| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-8883 | Keycloak: vulnerable redirect uri validation results in open redirec | - | - | Medium | 6.1 | 2024-09-19 15:48:28 | Deep Dive |
| CVE-2024-8698 | Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak | - | - | High | 7.7 | 2024-09-19 15:48:18 | Deep Dive |
| CVE-2024-8354 | Qemu-kvm: usb: assertion failure in usb_ep_get() | - | - | Medium | 5.5 | 2024-09-19 10:45:06 | Deep Dive |
| CVE-2024-45770 | Pcp: pmpost symlink attack allows escalating pcp to root user | - | - | Medium | 4.4 | 2024-09-19 08:45:37 | Deep Dive |
| CVE-2024-45769 | Pcp: pmcd heap corruption through metric pmstore operations | - | - | Medium | 5.5 | 2024-09-19 08:45:06 | Deep Dive |
| CVE-2024-8939 | Vllm: denials of service in vllm json web api | - | - | Medium | 6.2 | 2024-09-17 16:21:15 | Deep Dive |
| CVE-2024-8768 | Vllm: a completions api request with an empty prompt will crash the vllm api server. | - | - | High | 7.5 | 2024-09-17 16:20:42 | Deep Dive |
| CVE-2024-45496 | Openshift-controller-manager: elevated build pods can lead to node compromise in openshift | - | - | Critical | 9.9 | 2024-09-16 23:58:59 | Deep Dive |
| CVE-2024-7387 | Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy | - | - | Critical | 9.1 | 2024-09-16 23:58:35 | Deep Dive |
| CVE-2024-8775 | Ansible-core: exposure of sensitive information in ansible vault files due to improper logging | - | - | Medium | 5.5 | 2024-09-14 02:15:15 | Deep Dive |
| CVE-2024-6840 | Automation-controller: gain access to the k8s api server via job execution with container group | - | - | Medium | 6.6 | 2024-09-12 16:35:09 | Deep Dive |
| CVE-2023-6841 | Keycloak: amount of attributes per object is not limited and it may lead to dos | - | - | High | 7.5 | 2024-09-10 16:15:33 | Deep Dive |
| CVE-2024-8443 | Libopensc: heap buffer overflow in openpgp driver when generating key | - | - | Low | 2.9 | 2024-09-10 13:16:51 | Deep Dive |
| CVE-2024-7341 | Wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters | - | - | High | 7.1 | 2024-09-09 18:51:14 | Deep Dive |
| CVE-2024-7318 | Keycloak-core: one time passcode (otp) is valid longer than expiration timeseverity | - | - | Medium | 4.8 | 2024-09-09 18:50:37 | Deep Dive |
| CVE-2024-7260 | Keycloak-core: open redirect on account page | - | - | Medium | 6.1 | 2024-09-09 18:49:59 | Deep Dive |
| CVE-2024-8509 | Migration toolkit for virtualization: forklift-controller: empty bearer token may perform authentication | - | - | High | 7.5 | 2024-09-06 15:17:49 | Deep Dive |
| CVE-2024-8445 | 389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199) | - | - | Medium | 5.7 | 2024-09-05 14:24:01 | Deep Dive |
| CVE-2024-8418 | Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service | - | - | High | 7.5 | 2024-09-04 14:24:03 | Deep Dive |
| CVE-2024-7923 | Puppet-pulpcore: an authentication bypass vulnerability exists in pulpcore | - | - | - | - | 2024-09-04 13:41:49 | Deep Dive |