| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-4812 | Katello: potential cross-site scripting exploit in ui | - | - | Medium | 4.8 | 2024-06-05 15:06:14 | Deep Dive |
| CVE-2024-3716 | Foreman-installer: candlepin database password being leaked to local users via the process list | - | - | Medium | 6.2 | 2024-06-05 15:05:38 | Deep Dive |
| CVE-2024-4540 | Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie | - | - | High | 7.5 | 2024-06-03 15:33:18 | Deep Dive |
| CVE-2024-5564 | Libndp: buffer overflow in route information length field | - | - | High | 8.1 | 2024-05-31 18:31:47 | Deep Dive |
| CVE-2024-3657 | 389-ds-base: potential denial of service via specially crafted kerberos as-req request | Red Hat | Red Hat Directory Server 11.5 E4S for RHEL 8 | High | 7.5 | 2024-05-28 12:53:03 | Deep Dive |
| CVE-2024-2199 | 389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.c | - | - | Medium | 5.7 | 2024-05-28 12:04:07 | Deep Dive |
| CVE-2024-5042 | Submariner-operator: rbac permissions can allow for the spread of node compromises | - | - | Medium | 6.6 | 2024-05-17 13:12:01 | Deep Dive |
| CVE-2024-4871 | Foreman: host ssh key not being checked in remote execution | - | - | Medium | 6.8 | 2024-05-14 14:27:41 | Deep Dive |
| CVE-2024-4840 | Rhosp-director: cleartext passwords exposed in logs | - | - | Medium | 5.5 | 2024-05-13 22:16:40 | Deep Dive |
| CVE-2024-4693 | Qemu-kvm: virtio-pci: improper release of configure vector leads to guest triggerable crash | - | - | Medium | 5.5 | 2024-05-10 12:57:41 | Deep Dive |
| CVE-2024-3727 | Containers/image: digest type does not guarantee valid type | - | - | High | 8.3 | 2024-05-09 14:57:21 | Deep Dive |
| CVE-2024-4438 | Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:59:42 | Deep Dive |
| CVE-2024-4437 | Etcd: incomplete fix for cve-2021-44716 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:57:40 | Deep Dive |
| CVE-2024-4436 | Etcd: incomplete fix for cve-2022-41723 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:57:12 | Deep Dive |
| CVE-2024-4418 | Libvirt: stack use-after-free in virnetclientioeventloop() | - | - | Medium | 6.2 | 2024-05-08 03:03:05 | Deep Dive |
| CVE-2024-4029 | Wildfly: no timeout for eap management interface may lead to denial of service (dos) | - | - | Medium | 4.1 | 2024-05-02 14:55:27 | Deep Dive |
| CVE-2024-4369 | Cluster-image-registry-operator: exposes a secret via env variable in pod definition on azure | - | - | Medium | 6.8 | 2024-04-30 23:49:02 | Deep Dive |
| CVE-2024-3154 | Cri-o: arbitrary command injection via pod annotation | - | - | High | 7.2 | 2024-04-26 03:12:38 | Deep Dive |
| CVE-2024-3625 | Mirror-registry: redis password stored in plain-text | - | - | High | 7.3 | 2024-04-25 17:46:52 | Deep Dive |
| CVE-2024-3624 | Mirror-registry: database user and password stored in plain-text | - | - | High | 7.3 | 2024-04-25 17:46:52 | Deep Dive |