| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-43045 | Jenkins 安全漏洞 | Jenkins Project | Jenkins | - | - | 2024-08-07 13:27:12 | Deep Dive |
| CVE-2024-43044 | Jenkins 安全漏洞 | Jenkins Project | Jenkins | - | - | 2024-08-07 13:27:11 | Deep Dive |
| CVE-2024-7356 | Zephyr Project Manager <= 3.3.100 - Authenticated (Subscriber+) Stored Cross-Site Scripting via filename Parameter | dylanjkotze | Zephyr Project Manager | Medium | 6.4 | 2024-08-03 09:37:20 | Deep Dive |
| CVE-2024-38761 | WordPress Zephyr Project Manager plugin <= 3.3.99 - Sensitive Data Exposure via Export File vulnerability | Dylan James | Zephyr Project Manager | High | 7.5 | 2024-08-01 21:26:54 | Deep Dive |
| CVE-2024-6536 | Zephyr Project Manager < 3.3.99 - Editor+ XSS | Unknown | Zephyr Project Manager | - | - | 2024-07-30 06:00:11 | Deep Dive |
| CVE-2024-6916 | Zowe CLI --show-inputs-only displays securely stored properties | Open Mainframe Project | Zowe CLI - Imperative | Medium | 5.9 | 2024-07-19 10:47:08 | Deep Dive |
| CVE-2024-6834 | Imperative Local Command Injection allows Activity Masking | Open Mainframe Project | Zowe | Critical | 9.0 | 2024-07-17 14:44:06 | Deep Dive |
| CVE-2024-6833 | Zowe CLI Auto-Init Leaks Credentials Locally | Open Mainframe Project | Zowe | Medium | 5.9 | 2024-07-17 14:41:38 | Deep Dive |
| CVE-2024-37149 | GLPI allows remote code execution through the plugin loader | glpi-project | glpi | High | 7.2 | 2024-07-10 19:20:36 | Deep Dive |
| CVE-2024-37148 | GLPI allows account takeover via SQL Injection in AJAX scripts | glpi-project | glpi | High | 8.1 | 2024-07-10 19:18:09 | Deep Dive |
| CVE-2024-37147 | GLPI allows Authenticated File Upload to Restricted Tickets | glpi-project | glpi | Medium | 4.3 | 2024-07-10 18:38:38 | Deep Dive |
| CVE-2024-39900 | OpenSearch Dashboards Reports does not properly restrict access to private tenant resources | opensearch-project | reporting | Medium | 5.4 | 2024-07-09 21:17:22 | Deep Dive |
| CVE-2024-39901 | OpenSearch Observability does not properly restrict access to private tenant resources | opensearch-project | observability | Medium | 4.2 | 2024-07-09 21:14:29 | Deep Dive |
| CVE-2024-39897 | Cache driver GetBlob() allows read access to any blob without access control check | project-zot | zot | Medium | 4.3 | 2024-07-09 18:48:24 | Deep Dive |
| CVE-2024-21729 | [20240701] - Core - XSS in accessible media selection field | Joomla! Project | Joomla! CMS | - | - | 2024-07-09 16:15:51 | Deep Dive |
| CVE-2024-21730 | [20240702] - Core - Self-XSS in fancyselect list field layout | Joomla! Project | Joomla! CMS | - | - | 2024-07-09 16:15:50 | Deep Dive |
| CVE-2024-26279 | [20240704] - Core - XSS in Wrapper extensions | Joomla! Project | Joomla! CMS | - | - | 2024-07-09 16:15:48 | Deep Dive |
| CVE-2024-26278 | [20240705] - Core - XSS in com_fields default field value | Joomla! Project | Joomla! CMS | - | - | 2024-07-09 16:15:45 | Deep Dive |
| CVE-2024-21731 | [20240703] - Core - XSS in StringHelper::truncate method | Joomla! Project | Joomla! CMS | - | - | 2024-07-09 16:15:43 | Deep Dive |
| CVE-2024-37484 | WordPress Zephyr Project Manager plugin <= 3.3.97 - Privilege Escalation vulnerability | Dylan James | Zephyr Project Manager | High | 8.8 | 2024-07-09 11:47:08 | Deep Dive |