| CVE-2024-23537 | Apache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role. | Apache Software Foundation | Apache Fineract | High | 8.4 | 2024-03-29 14:38:06 | Deep Dive |
| CVE-2024-23538 | Apache Fineract: Under certain system configurations, the sqlSearch parameter was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries. | Apache Software Foundation | Apache Fineract | Critical | 9.9 | 2024-03-29 14:37:40 | Deep Dive |
| CVE-2024-23539 | Apache Fineract: Under certain system configurations, the sqlSearch parameter for specific endpoints was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries. | Apache Software Foundation | Apache Fineract | High | 8.3 | 2024-03-29 14:36:58 | Deep Dive |
| CVE-2024-1023 | Io.vertx/vertx-core: memory leak due to the use of netty fastthreadlocal data structures in vertx | - | - | Medium | 6.5 | 2024-03-27 07:51:16 | Deep Dive |
| CVE-2024-29735 | Apache Airflow: Potentially harmful permission changing by log task handler | Apache Software Foundation | Apache Airflow | - | - | 2024-03-26 16:52:41 | Deep Dive |
| CVE-2023-5685 | Xnio: stackoverflowexception when the chain of notifier states becomes problematically big | Red Hat | Red Hat build of Apache Camel 4.4.0 for Spring Boot | High | 7.5 | 2024-03-22 18:24:43 | Deep Dive |
| CVE-2024-27438 | Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution | Apache Software Foundation | Apache Doris | - | - | 2024-03-21 09:39:22 | Deep Dive |
| CVE-2024-26307 | Apache Doris: Possible race condition | Apache Software Foundation | Apache Doris | - | - | 2024-03-21 09:38:19 | Deep Dive |
| CVE-2024-29131 | Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() | Apache Software Foundation | Apache Commons Configuration | - | - | 2024-03-21 09:07:14 | Deep Dive |
| CVE-2024-29133 | Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree | Apache Software Foundation | Apache Commons Configuration | - | - | 2024-03-21 09:05:48 | Deep Dive |
| CVE-2024-27439 | Apache Wicket: Possible bypass of CSRF protection | Apache Software Foundation | Apache Wicket | 高危 | - | 2024-03-19 11:07:48 | Deep Dive |
| CVE-2024-24683 | Apache Hop Engine: ID isn't escaped when generating HTML | Apache Software Foundation | Apache Hop Engine | - | - | 2024-03-19 08:20:19 | Deep Dive |
| CVE-2024-28752 | Apache CXF SSRF Vulnerability using the Aegis databinding | Apache Software Foundation | Apache CXF | 中危 | - | 2024-03-15 10:27:30 | Deep Dive |
| CVE-2024-23944 | Apache ZooKeeper: Information disclosure in persistent watcher handling | Apache Software Foundation | Apache ZooKeeper | 中危 | - | 2024-03-15 10:26:13 | Deep Dive |
| CVE-2024-28746 | Apache Airflow: Ignored Airflow Permissions | Apache Software Foundation | Apache Airflow | - | - | 2024-03-14 08:41:04 | Deep Dive |
| CVE-2024-23672 | Apache Tomcat: WebSocket DoS with incomplete closing handshake | Apache Software Foundation | Apache Tomcat | - | - | 2024-03-13 15:48:43 | Deep Dive |
| CVE-2024-24549 | Apache Tomcat: HTTP/2 header handling DoS | Apache Software Foundation | Apache Tomcat | - | - | 2024-03-13 15:46:53 | Deep Dive |
| CVE-2024-27894 | Apache Pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying | Apache Software Foundation | Apache Pulsar | High | 8.5 | 2024-03-12 18:19:41 | Deep Dive |
| CVE-2024-27317 | Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification | Apache Software Foundation | Apache Pulsar | High | 8.4 | 2024-03-12 18:18:53 | Deep Dive |
| CVE-2024-27135 | Apache Pulsar: Improper Input Validation in Pulsar Function Worker allows Remote Code Execution | Apache Software Foundation | Apache Pulsar | High | 8.5 | 2024-03-12 18:18:07 | Deep Dive |