| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-12401 | Cert-manager: potential dos when parsing specially crafted pem inputs | - | - | Medium | 4.4 | 2024-12-12 09:06:04 | Deep Dive |
| CVE-2024-53677 | Apache Struts: Mixing setters for uploaded files and normal fields can allow bypass file upload checks | Apache Software Foundation | Apache Struts | 超危 | - | 2024-12-11 15:35:43 | Deep Dive |
| CVE-2024-53949 | Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled | Apache Software Foundation | Apache Superset | 高危 | - | 2024-12-09 13:35:42 | Deep Dive |
| CVE-2024-53948 | Apache Superset: Error verbosity exposes metadata in analytics databases | Apache Software Foundation | Apache Superset | 中危 | - | 2024-12-09 13:35:31 | Deep Dive |
| CVE-2024-53947 | Apache Superset: Improper SQL authorisation, parse not checking for specific postgres functions | Apache Software Foundation | Apache Superset | 中危 | - | 2024-12-09 13:35:10 | Deep Dive |
| CVE-2024-46901 | Apache Subversion: mod_dav_svn denial-of-service via control characters in paths | Apache Software Foundation | Apache Subversion | Low | 3.1 | 2024-12-09 09:36:52 | Deep Dive |
| CVE-2024-12254 | Unbounded memory buffering in SelectorSocketTransport.writelines() | Python Software Foundation | CPython | 高危 | - | 2024-12-06 15:19:42 | Deep Dive |
| CVE-2022-41137 | Apache Hive: Deserialization of untrusted data when fetching partitions from the Metastore | Apache Software Foundation | Apache Hive | 高危 | - | 2024-12-05 10:01:42 | Deep Dive |
| CVE-2024-45106 | Apache Ozone: Improper authentication when generating S3 secrets | Apache Software Foundation | Apache Ozone | 高危 | - | 2024-12-03 09:06:23 | Deep Dive |
| CVE-2024-52338 | Apache Arrow R package: Arbitrary code execution when loading a malicious data file | Apache Software Foundation | Apache Arrow R package | - | - | 2024-11-28 16:31:44 | Deep Dive |
| CVE-2024-51569 | Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler | Apache Software Foundation | Apache NimBLE | - | - | 2024-11-26 11:17:56 | Deep Dive |
| CVE-2024-47250 | Apache NimBLE: Lack of input validation in HCI advertising report could lead to potential out-of-bound access | Apache Software Foundation | Apache NimBLE | - | - | 2024-11-26 11:17:20 | Deep Dive |
| CVE-2024-47249 | Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in multiple advertisement handler | Apache Software Foundation | Apache NimBLE | - | - | 2024-11-26 11:16:36 | Deep Dive |
| CVE-2024-47248 | Apache NimBLE: Buffer overflow in NimBLE MESH Bluetooth stack | Apache Software Foundation | Apache NimBLE | - | - | 2024-11-26 11:15:46 | Deep Dive |
| CVE-2023-26280 | IBM Jazz Foundation improper access control | IBM | Jazz Foundation | Medium | 5.3 | 2024-11-25 15:51:46 | Deep Dive |
| CVE-2023-45181 | IBM Jazz Foundation cross-site scripting | IBM | Jazz Foundation | Medium | 6.1 | 2024-11-25 15:48:47 | Deep Dive |
| CVE-2024-45719 | Apache Answer: Predictable Authorization Token Using UUIDv1 | Apache Software Foundation | Apache Answer | 中危 | - | 2024-11-22 14:36:45 | Deep Dive |
| CVE-2024-11596 | Buffer Over-read in Wireshark | Wireshark Foundation | Wireshark | High | 7.8 | 2024-11-21 09:31:00 | Deep Dive |
| CVE-2024-11595 | Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark | Wireshark Foundation | Wireshark | High | 7.8 | 2024-11-21 09:30:55 | Deep Dive |
| CVE-2024-52067 | Apache NiFi: Potential Insertion of Sensitive Parameter Values in Debug Log | Apache Software Foundation | Apache NiFi | - | - | 2024-11-21 09:28:44 | Deep Dive |