| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-12652 | Intumit SmartRobot′s Conversational AI Platform - Improper Control of Generation of Code ('Code Injection') | Intumit | SmartRobot′s Conversational AI Platform | 高危 | - | 2024-12-26 04:05:16 | Deep Dive |
| CVE-2024-11614 | Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library | - | - | 高危 | - | 2024-12-18 08:30:50 | Deep Dive |
| CVE-2024-12698 | Ose-olm-catalogd-container: incomplete fix for rapid reset (cve-2023-39325/cve-2023-44487) | - | - | Medium | 6.5 | 2024-12-18 05:07:21 | Deep Dive |
| CVE-2024-10973 | Keycloak: cli option for encrypted jgroups ignored | - | - | Medium | 5.7 | 2024-12-17 22:59:39 | Deep Dive |
| CVE-2024-55879 | XWiki allows RCE from script right in configurable sections | xwiki | xwiki-platform | Critical | 9.1 | 2024-12-12 19:17:38 | Deep Dive |
| CVE-2024-55877 | XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList | xwiki | xwiki-platform | Critical | 9.9 | 2024-12-12 19:13:43 | Deep Dive |
| CVE-2024-55876 | XWiki's scheduler in subwiki allows scheduling operations for any main wiki user | xwiki | xwiki-platform | 中危 | - | 2024-12-12 18:59:50 | Deep Dive |
| CVE-2024-55663 | XWiki Platform has an SQL injection in getdocuments.vm with sort parameter | xwiki | xwiki-platform | 中危 | - | 2024-12-12 18:53:49 | Deep Dive |
| CVE-2024-47238 | Dell Client Platform BIOS 输入验证错误漏洞 | Dell | Dell Client Platform BIOS | High | 7.5 | 2024-12-12 17:38:19 | Deep Dive |
| CVE-2024-55662 | XWiki allows remote code execution through the extension sheet | xwiki | xwiki-platform | Critical | 9.9 | 2024-12-12 17:25:26 | Deep Dive |
| CVE-2024-12401 | Cert-manager: potential dos when parsing specially crafted pem inputs | - | - | Medium | 4.4 | 2024-12-12 09:06:04 | Deep Dive |
| CVE-2024-12397 | Io.quarkus.http/quarkus-http-core: quarkus http cookie smuggling | - | - | High | 7.4 | 2024-12-12 09:05:28 | Deep Dive |
| CVE-2024-45404 | OpenCTI's lack of Rate Limit lead to OTP brute forcing | OpenCTI-Platform | opencti | High | 8.1 | 2024-12-11 22:01:47 | Deep Dive |
| CVE-2024-11401 | Rapid7 Insight Platform Privilege Escalation Vulnerability | Rapid7 | Insight Platform | 中危 | - | 2024-12-11 09:46:29 | Deep Dive |
| CVE-2024-52537 | Dell Client Platform 安全漏洞 | Dell | Dell Client Platform BIOS | Medium | 6.3 | 2024-12-11 07:26:36 | Deep Dive |
| CVE-2024-10256 | Ivanti Patch SDK 安全漏洞 | Ivanti | Patch SDK | High | 7.1 | 2024-12-10 18:46:02 | Deep Dive |
| CVE-2024-54008 | Authenticated Remote Code Execution (RCE) in HPE Aruba Networking AirWave Management Platform | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AirWave Management Platform | High | 7.2 | 2024-12-10 18:23:20 | Deep Dive |
| CVE-2024-53244 | Risky command safeguards bypass in “/en-US/app/search/report“ endpoint through “s“ parameter | Splunk | Splunk Enterprise | Medium | 5.7 | 2024-12-10 18:01:25 | Deep Dive |
| CVE-2024-53246 | Sensitive Information Disclosure through SPL commands | Splunk | Splunk Enterprise | Medium | 5.3 | 2024-12-10 18:01:17 | Deep Dive |
| CVE-2024-53245 | Information Disclosure due to Username Collision with a Role that has the same Name as the User | Splunk | Splunk Enterprise | Low | 3.1 | 2024-12-10 18:00:33 | Deep Dive |