| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-6387 | Openssh: regresshion - race condition in ssh allows rce/dos | - | - | High | 8.1 | 2024-07-01 12:37:25 | Deep Dive |
| CVE-2024-6239 | Poppler: pdfinfo: crash in broken documents when using -dests parameter | - | - | High | 7.5 | 2024-06-21 13:28:24 | Deep Dive |
| CVE-2024-6162 | Undertow: url-encoded request path information can be broken on ajp-listener | - | - | High | 7.5 | 2024-06-20 14:33:10 | Deep Dive |
| CVE-2024-5967 | Keycloak: leak of configured ldap bind credentials through the keycloak admin console | - | - | Low | 2.7 | 2024-06-18 12:05:39 | Deep Dive |
| CVE-2024-5953 | 389-ds-base: malformed userpassword hash may cause denial of service | - | - | Medium | 5.7 | 2024-06-18 10:01:57 | Deep Dive |
| CVE-2024-5891 | Quay: unauthorized user may authenticate via oauth application token | Red Hat | Red Hat Quay 3 | Medium | 4.2 | 2024-06-12 13:16:54 | Deep Dive |
| CVE-2024-5742 | Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file | - | - | Medium | 6.7 | 2024-06-12 08:53:02 | Deep Dive |
| CVE-2024-5154 | Cri-o: malicious container can create symlink on host | - | - | High | 8.1 | 2024-06-12 08:51:44 | Deep Dive |
| CVE-2024-3183 | Freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force | - | - | High | 8.1 | 2024-06-12 08:18:52 | Deep Dive |
| CVE-2024-2698 | Freeipa: delegation rules allow a proxy service to impersonate any user to access another target service | - | - | High | 8.8 | 2024-06-12 08:03:49 | Deep Dive |
| CVE-2023-4727 | Ca: token authentication bypass vulnerability | - | - | High | 7.5 | 2024-06-11 19:30:26 | Deep Dive |
| CVE-2024-3049 | Booth: specially crafted hash can lead to invalid hmac being accepted by booth server | - | - | Medium | 5.9 | 2024-06-06 05:30:04 | Deep Dive |
| CVE-2024-5037 | Openshift/telemeter: iss check during jwt authentication can be bypassed | - | - | High | 7.5 | 2024-06-05 18:03:23 | Deep Dive |
| CVE-2024-4812 | Katello: potential cross-site scripting exploit in ui | - | - | Medium | 4.8 | 2024-06-05 15:06:14 | Deep Dive |
| CVE-2024-3716 | Foreman-installer: candlepin database password being leaked to local users via the process list | - | - | Medium | 6.2 | 2024-06-05 15:05:38 | Deep Dive |
| CVE-2024-4540 | Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie | - | - | High | 7.5 | 2024-06-03 15:33:18 | Deep Dive |
| CVE-2024-5564 | Libndp: buffer overflow in route information length field | - | - | High | 8.1 | 2024-05-31 18:31:47 | Deep Dive |
| CVE-2024-3657 | 389-ds-base: potential denial of service via specially crafted kerberos as-req request | Red Hat | Red Hat Directory Server 11.5 E4S for RHEL 8 | High | 7.5 | 2024-05-28 12:53:03 | Deep Dive |
| CVE-2024-2199 | 389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.c | - | - | Medium | 5.7 | 2024-05-28 12:04:07 | Deep Dive |
| CVE-2024-5042 | Submariner-operator: rbac permissions can allow for the spread of node compromises | - | - | Medium | 6.6 | 2024-05-17 13:12:01 | Deep Dive |