| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-5971 | Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket | - | - | High | 7.5 | 2024-07-08 20:51:29 | Deep Dive |
| CVE-2024-6409 | Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9 | - | - | High | 7.0 | 2024-07-08 17:57:11 | Deep Dive |
| CVE-2024-6505 | Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss | - | - | Medium | 6.8 | 2024-07-05 13:51:38 | Deep Dive |
| CVE-2024-6126 | Cockpit: authenticated user can kill any process when enabling pam_env's user_readenv option | - | - | Low | 3.2 | 2024-07-03 14:51:18 | Deep Dive |
| CVE-2024-5672 | Red Lion Europe: mbNET.mini vulnerable to OS command injection | Red Lion Europe | mbNET.mini | High | 7.2 | 2024-07-03 12:26:45 | Deep Dive |
| CVE-2024-4467 | Qemu-kvm: 'qemu-img info' leads to host file read/write | - | - | High | 7.8 | 2024-07-02 15:57:24 | Deep Dive |
| CVE-2024-6387 | Openssh: regresshion - race condition in ssh allows rce/dos | - | - | High | 8.1 | 2024-07-01 12:37:25 | Deep Dive |
| CVE-2024-6239 | Poppler: pdfinfo: crash in broken documents when using -dests parameter | - | - | High | 7.5 | 2024-06-21 13:28:24 | Deep Dive |
| CVE-2024-6162 | Undertow: url-encoded request path information can be broken on ajp-listener | - | - | High | 7.5 | 2024-06-20 14:33:10 | Deep Dive |
| CVE-2024-5967 | Keycloak: leak of configured ldap bind credentials through the keycloak admin console | - | - | Low | 2.7 | 2024-06-18 12:05:39 | Deep Dive |
| CVE-2024-5953 | 389-ds-base: malformed userpassword hash may cause denial of service | - | - | Medium | 5.7 | 2024-06-18 10:01:57 | Deep Dive |
| CVE-2024-5891 | Quay: unauthorized user may authenticate via oauth application token | Red Hat | Red Hat Quay 3 | Medium | 4.2 | 2024-06-12 13:16:54 | Deep Dive |
| CVE-2024-5742 | Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file | - | - | Medium | 6.7 | 2024-06-12 08:53:02 | Deep Dive |
| CVE-2024-5154 | Cri-o: malicious container can create symlink on host | - | - | High | 8.1 | 2024-06-12 08:51:44 | Deep Dive |
| CVE-2024-3183 | Freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force | - | - | High | 8.1 | 2024-06-12 08:18:52 | Deep Dive |
| CVE-2024-2698 | Freeipa: delegation rules allow a proxy service to impersonate any user to access another target service | - | - | High | 8.8 | 2024-06-12 08:03:49 | Deep Dive |
| CVE-2023-4727 | Ca: token authentication bypass vulnerability | - | - | High | 7.5 | 2024-06-11 19:30:26 | Deep Dive |
| CVE-2024-3049 | Booth: specially crafted hash can lead to invalid hmac being accepted by booth server | - | - | Medium | 5.9 | 2024-06-06 05:30:04 | Deep Dive |
| CVE-2024-5037 | Openshift/telemeter: iss check during jwt authentication can be bypassed | - | - | High | 7.5 | 2024-06-05 18:03:23 | Deep Dive |
| CVE-2024-4812 | Katello: potential cross-site scripting exploit in ui | - | - | Medium | 4.8 | 2024-06-05 15:06:14 | Deep Dive |