| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-36993 | Persistent Cross-site Scripting (XSS) in Web Bulletin | Splunk | Splunk Enterprise | Medium | 5.4 | 2024-07-01 16:54:35 | Deep Dive |
| CVE-2024-36995 | Low-privileged user could create experimental items | Splunk | Splunk Enterprise | Medium | 5.4 | 2024-07-01 16:52:58 | Deep Dive |
| CVE-2024-36982 | Denial of Service through null pointer reference in “cluster/config” REST endpoint | Splunk | Splunk Enterprise | High | 7.5 | 2024-07-01 16:31:04 | Deep Dive |
| CVE-2024-36990 | Denial of Service (DoS) on the datamodel/web REST endpoint | Splunk | Splunk Enterprise | Medium | 6.5 | 2024-07-01 16:30:58 | Deep Dive |
| CVE-2024-36992 | Persistent Cross-site Scripting (XSS) in Dashboard Elements | Splunk | Splunk Enterprise | Medium | 5.4 | 2024-07-01 16:30:52 | Deep Dive |
| CVE-2024-36986 | Risky command safeguards bypass through Search ID query in Analytics Workspace | Splunk | Splunk Enterprise | Medium | 6.3 | 2024-07-01 16:30:42 | Deep Dive |
| CVE-2024-36983 | Command Injection using External Lookups | Splunk | Splunk Enterprise | High | 8.0 | 2024-07-01 16:30:42 | Deep Dive |
| CVE-2024-36996 | Information Disclosure of user names | Splunk | Splunk Enterprise | Medium | 5.3 | 2024-07-01 16:30:41 | Deep Dive |
| CVE-2024-36994 | Persistent Cross-site Scripting (XSS) in Dashboard Elements | Splunk | Splunk Enterprise | Medium | 5.4 | 2024-07-01 16:30:41 | Deep Dive |
| CVE-2024-36989 | Low-privileged user could create notifications in Splunk Web Bulletin Messages | Splunk | Splunk Enterprise | High | 7.1 | 2024-07-01 16:30:39 | Deep Dive |
| CVE-2024-36987 | Insecure File Upload in the indexing/preview REST endpoint | Splunk | Splunk Enterprise | Medium | 4.3 | 2024-07-01 16:30:36 | Deep Dive |
| CVE-2022-38383 | IBM Cloud Pak for Security information disclosure | IBM | Cloud Pak for Security | Medium | 4.0 | 2024-06-28 19:03:43 | Deep Dive |
| CVE-2024-5662 | Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) <= 3.11.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Count (Static) Widget | bdthemes | Ultimate Post Kit Addons for Elementor | Medium | 6.4 | 2024-06-28 08:33:29 | Deep Dive |
| CVE-2024-37282 | Elastic Cloud Enterprise 安全漏洞 | Elastic | Elastic Cloud Enterprise | High | 8.1 | 2024-06-28 04:58:18 | Deep Dive |
| CVE-2024-22276 | VMware Cloud Director 安全漏洞 | N/A | VMware Cloud Director Object Storage Extension | Medium | 5.3 | 2024-06-27 20:25:08 | Deep Dive |
| CVE-2024-22272 | VMware Cloud Director 安全漏洞 | N/A | VMware Cloud Director | Medium | 4.9 | 2024-06-27 20:22:18 | Deep Dive |
| CVE-2024-37087 | VMware vCenter Server 安全漏洞 | - | vCenter Server | Medium | 5.3 | 2024-06-25 14:16:13 | Deep Dive |
| CVE-2024-37086 | VMware ESXi 安全漏洞 | - | ESXi | Medium | 6.8 | 2024-06-25 14:16:08 | Deep Dive |
| CVE-2024-37085 | VMware ESXi 安全漏洞 | - | VMware ESXi | Medium | 6.8 | 2024-06-25 14:16:01 | Deep Dive |
| CVE-2024-22168 | Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps | Western Digital | My Cloud Home web app | - | - | 2024-06-24 22:54:17 | Deep Dive |