| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-34321 | Apache Pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint | Apache Software Foundation | Apache Pulsar | High | 8.2 | 2024-03-12 18:17:06 | Deep Dive |
| CVE-2024-28098 | Apache Pulsar: Improper Authorization For Topic-Level Policy Management | Apache Software Foundation | Apache Pulsar | Medium | 6.4 | 2024-03-12 18:15:40 | Deep Dive |
| CVE-2023-41313 | Apache Doris: Timing Attack weakness | Apache Software Foundation | Apache Doris | - | - | 2024-03-12 10:16:24 | Deep Dive |
| CVE-2023-50740 | Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged | Apache Software Foundation | Apache Linkis DataSource | - | - | 2024-03-06 13:44:54 | Deep Dive |
| CVE-2024-26580 | Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability | Apache Software Foundation | Apache InLong | - | - | 2024-03-06 12:07:28 | Deep Dive |
| CVE-2024-27138 | Apache Archiva: disabling user registration is not effective | Apache Software Foundation | Apache Archiva | 中危 | - | 2024-03-01 15:41:13 | Deep Dive |
| CVE-2024-27139 | Apache Archiva: incorrect authentication potentially leading to account takeover | Apache Software Foundation | Apache Archiva | 中危 | - | 2024-03-01 15:40:50 | Deep Dive |
| CVE-2024-27140 | Apache Archiva: reflected XSS | Apache Software Foundation | Apache Archiva | 中危 | - | 2024-03-01 15:40:08 | Deep Dive |
| CVE-2023-50378 | Apache Ambari: Various XSS problems | Apache Software Foundation | Apache Ambari | 中危 | - | 2024-03-01 14:38:30 | Deep Dive |
| CVE-2024-26280 | Apache Airflow: Overly broad default permissions for Viewer/Ops (audit logs) | Apache Software Foundation | Apache Airflow | 中危 | - | 2024-03-01 11:05:54 | Deep Dive |
| CVE-2024-27906 | Apache Airflow: Dag Code and Import Error Permissions Ignored | Apache Software Foundation | Apache Airflow | 中危 | - | 2024-02-29 11:02:19 | Deep Dive |
| CVE-2024-23946 | Apache OFBiz: Path traversal or file inclusion | Apache Software Foundation | Apache OFBiz | 中危 | - | 2024-02-28 15:44:42 | Deep Dive |
| CVE-2024-25065 | Apache OFBiz: Path traversal allowing authentication bypass. | Apache Software Foundation | Apache OFBiz | 高危 | - | 2024-02-28 15:42:50 | Deep Dive |
| CVE-2024-23807 | Apache Xerces C++: Use-after-free on external DTD scan | Apache Software Foundation | Apache Xerces C++ | 高危 | - | 2024-02-28 13:50:40 | Deep Dive |
| CVE-2024-26016 | Apache Superset: Improper authorization validation on dashboards and charts import | Apache Software Foundation | Apache Superset | Medium | 4.3 | 2024-02-28 11:28:38 | Deep Dive |
| CVE-2024-24779 | Apache Superset: Improper data authorization when creating a new dataset | Apache Software Foundation | Apache Superset | Medium | 5.0 | 2024-02-28 11:28:02 | Deep Dive |
| CVE-2024-24772 | Apache Superset: Improper Neutralisation of custom SQL on embedded context | Apache Software Foundation | Apache Superset | Medium | 4.3 | 2024-02-28 11:26:46 | Deep Dive |
| CVE-2024-24773 | Apache Superset: Improper validation of SQL statements allows for unauthorized access to data | Apache Software Foundation | Apache Superset | Medium | 4.9 | 2024-02-28 11:24:58 | Deep Dive |
| CVE-2024-27315 | Apache Superset: Improper error handling on alerts | Apache Software Foundation | Apache Superset | Medium | 4.3 | 2024-02-28 10:06:49 | Deep Dive |
| CVE-2023-50380 | Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server | Apache Software Foundation | Apache Ambari | 中危 | - | 2024-02-27 16:51:34 | Deep Dive |