| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-49619 | Apache Answer: Repeated submissions using scripts resulted in an abnormal number of collections for questions. | Apache Software Foundation | Apache Answer | - | - | 2024-01-10 08:25:02 | Deep Dive |
| CVE-2023-51441 | Apache Axis 1.x (EOL) may allow SSRF when untrusted input is passed to the service admin HTTP API | Apache Software Foundation | Apache Axis | 高危 | - | 2024-01-06 11:59:38 | Deep Dive |
| CVE-2023-51784 | Apache InLong: Remote Code Execution vulnerability in Apache InLong Manager | Apache Software Foundation | Apache InLong | - | - | 2024-01-03 09:39:23 | Deep Dive |
| CVE-2023-51785 | Apache InLong: Arbitrary File Read Vulnerability in Apache InLong Manager | Apache Software Foundation | Apache InLong | - | - | 2024-01-03 09:36:24 | Deep Dive |
| CVE-2023-49299 | Apache DolphinScheduler: Arbitrary js execute as root for authenticated users | Apache Software Foundation | Apache DolphinScheduler | 中危 | - | 2023-12-30 16:27:12 | Deep Dive |
| CVE-2023-47804 | Apache OpenOffice: Macro URL arbitrary script execution | Apache Software Foundation | Apache OpenOffice | 高危 | - | 2023-12-29 14:31:28 | Deep Dive |
| CVE-2023-51467 | Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability | Apache Software Foundation | Apache OFBiz | - | - | 2023-12-26 14:47:00 | Deep Dive |
| CVE-2023-50968 | Apache OFBiz: Arbitrary file properties reading and SSRF attack | Apache Software Foundation | Apache OFBiz | - | - | 2023-12-26 11:45:55 | Deep Dive |
| CVE-2023-51656 | Apache IoTDB: Unsafe deserialize map in Sync Tool | Apache Software Foundation | Apache IoTDB | - | - | 2023-12-21 11:47:58 | Deep Dive |
| CVE-2023-48291 | Apache Airflow: Improper access control to DAG resources | Apache Software Foundation | Apache Airflow | - | - | 2023-12-21 09:30:47 | Deep Dive |
| CVE-2023-50783 | Apache Airflow: Improper access control vulnerability on the "varimport" endpoint | Apache Software Foundation | Apache Airflow | - | - | 2023-12-21 09:28:48 | Deep Dive |
| CVE-2023-47265 | Apache Airflow: DAG Params alllow to embed unchecked Javascript | Apache Software Foundation | Apache Airflow | - | - | 2023-12-21 09:28:10 | Deep Dive |
| CVE-2023-49920 | Apache Airflow: Missing CSRF protection on DAG/trigger | Apache Software Foundation | Apache Airflow | - | - | 2023-12-21 09:27:10 | Deep Dive |
| CVE-2023-37544 | Apache Pulsar WebSocket Proxy: Improper Authentication for WebSocket Proxy Endpoint Allows DoS | Apache Software Foundation | Apache Pulsar WebSocket Proxy | High | 7.5 | 2023-12-20 08:34:02 | Deep Dive |
| CVE-2023-43826 | Apache Guacamole: Integer overflow in handling of VNC image buffers | Apache Software Foundation | Apache Guacamole | None | 0.0 | 2023-12-19 19:50:15 | Deep Dive |
| CVE-2023-49734 | Apache Superset: Privilege Escalation Vulnerability | Apache Software Foundation | Apache Superset | High | 7.7 | 2023-12-19 09:52:13 | Deep Dive |
| CVE-2023-49736 | Apache Superset: SQL Injection on where_in JINJA macro | Apache Software Foundation | Apache Superset | Medium | 6.5 | 2023-12-19 09:33:10 | Deep Dive |
| CVE-2023-46104 | Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb | Apache Software Foundation | Apache Superset | Medium | 6.5 | 2023-12-19 09:30:54 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-41314 | Apache Doris: Missing API authentication allowed DoS | Apache Software Foundation | Apache Doris | - | - | 2023-12-18 08:27:52 | Deep Dive |