| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-21742 | Apache James Mime4J: Mime4J DOM header injection | Apache Software Foundation | Apache James Mime4J | 中危 | - | 2024-02-27 16:21:16 | Deep Dive |
| CVE-2024-27905 | Apache Aurora: padding oracle can allow construction an authentication cookie | Apache Software Foundation | Apache Aurora | 高危 | - | 2024-02-27 14:29:22 | Deep Dive |
| CVE-2023-51747 | SMTP smuggling in Apache James | Apache Software Foundation | Apache James server | 中危 | - | 2024-02-27 13:08:02 | Deep Dive |
| CVE-2023-51518 | Apache James server: Privilege escalation via JMX pre-authentication deserialisation | Apache Software Foundation | Apache James server | 中危 | - | 2024-02-27 09:09:32 | Deep Dive |
| CVE-2023-50379 | Apache Ambari: authenticated users could perform command injection to perform RCE | Apache Software Foundation | Apache Ambari | 高危 | - | 2024-02-27 08:27:03 | Deep Dive |
| CVE-2024-22371 | Apache Camel issue on ExchangeCreatedEvent | Apache Software Foundation | Apache Camel | Low | 2.9 | 2024-02-26 09:22:38 | Deep Dive |
| CVE-2024-23320 | Apache DolphinScheduler: Arbitrary js execution as root for authenticated users | Apache Software Foundation | Apache DolphinScheduler | 高危 | - | 2024-02-23 16:57:10 | Deep Dive |
| CVE-2024-22393 | Apache Answer: Pixel Flood Attack by uploading the large pixel file | Apache Software Foundation | Apache Answer | 中危 | - | 2024-02-22 09:51:43 | Deep Dive |
| CVE-2024-23349 | Apache Answer: XSS vulnerability when submitting summary | Apache Software Foundation | Apache Answer | 中危 | - | 2024-02-22 09:48:21 | Deep Dive |
| CVE-2024-26578 | Apache Answer: Repeated submission at registration created duplicate users with the same name | Apache Software Foundation | Apache Answer | 中危 | - | 2024-02-22 09:28:15 | Deep Dive |
| CVE-2024-25141 | Apache Airflow Mongo Provider: Certificate validation isn't respected even if SSL is enabled for apache-airflow-providers-mongo | Apache Software Foundation | Apache Airflow Mongo Provider | - | - | 2024-02-20 20:30:29 | Deep Dive |
| CVE-2024-23114 | Apache Camel: Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository | Apache Software Foundation | Apache Camel | 高危 | - | 2024-02-20 14:59:38 | Deep Dive |
| CVE-2024-22369 | Apache Camel: Camel-SQL: Unsafe Deserialization from JDBCAggregationRepository | Apache Software Foundation | Apache Camel | 高危 | - | 2024-02-20 14:58:36 | Deep Dive |
| CVE-2023-51770 | Apache DolphinScheduler: Arbitrary File Read Vulnerability | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-02-20 10:02:13 | Deep Dive |
| CVE-2023-50270 | Apache DolphinScheduler: Session do not expire after password change | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-02-20 10:01:32 | Deep Dive |
| CVE-2023-49250 | Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-02-20 10:00:07 | Deep Dive |
| CVE-2023-49109 | Remote Code Execution in Apache Dolphinscheduler | Apache Software Foundation | Apache DolphinScheduler | - | - | 2024-02-20 09:58:57 | Deep Dive |
| CVE-2024-1635 | Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol | - | - | High | 7.5 | 2024-02-19 21:23:14 | Deep Dive |
| CVE-2024-25710 | Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file | Apache Software Foundation | Apache Commons Compress | High | 8.1 | 2024-02-19 08:33:41 | Deep Dive |
| CVE-2024-26308 | Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file | Apache Software Foundation | Apache Commons Compress | 中危 | - | 2024-02-19 08:31:50 | Deep Dive |