| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-11079 | Ansible-core: unsafe tagging bypass via hostvars object in ansible-core | - | - | Medium | 5.5 | 2024-11-11 23:32:56 | Deep Dive |
| CVE-2024-51992 | Method Exposure Vulnerability in Modals in orchid/platform | orchidsoftware | platform | Medium | 4.1 | 2024-11-11 19:17:56 | Deep Dive |
| CVE-2024-11060 | Jinher Network Collaborative Management Platform 金和数字化智能办公平台 AcceptShow.aspx sql injection | Jinher Network | Collaborative Management Platform 金和数字化智能办公平台 | Medium | 6.3 | 2024-11-11 00:00:15 | Deep Dive |
| CVE-2024-9841 | OpenText ArcSight Management Center and ArcSight Platform Stored XSS | OpenText | ArcSight Management Center | 中危 | - | 2024-11-08 17:58:54 | Deep Dive |
| CVE-2024-10963 | Pam: improper hostname interpretation in pam_access leads to access control bypass | - | - | High | 7.4 | 2024-11-07 16:02:35 | Deep Dive |
| CVE-2023-1973 | Undertow: unrestricted request storage leads to memory exhaustion | Red Hat | Red Hat JBoss Enterprise Application Platform 7 | High | 7.5 | 2024-11-07 10:01:58 | Deep Dive |
| CVE-2023-1932 | Hibernate-validator: rendering of invalid html with safehtml leads to html injection and xss | Red Hat | A-MQ Clients 2 | Medium | 6.1 | 2024-11-07 10:00:52 | Deep Dive |
| CVE-2024-9902 | Ansible-core: ansible-core user may read/write unauthorized content | - | - | Medium | 6.3 | 2024-11-06 09:56:55 | Deep Dive |
| CVE-2024-37444 | WordPress Defender plugin <= 4.7.1 - Broken Access Control vulnerability | WPMU DEV - Your All-in-One WordPress Platform | Defender Security | Medium | 5.3 | 2024-11-01 14:18:21 | Deep Dive |
| CVE-2024-43118 | WordPress Hummingbird plugin <= 3.9.1 - Broken Access Control vulnerability | WPMU DEV - Your All-in-One WordPress Platform | Hummingbird | Medium | 4.3 | 2024-11-01 14:17:50 | Deep Dive |
| CVE-2024-8924 | Unauthenticated Blind SQL Injection in Core Platform | ServiceNow | Now Platform | High | 7.5 | 2024-10-29 16:14:39 | Deep Dive |
| CVE-2024-8923 | Sandbox Escape in Now Platform | ServiceNow | Now Platform | Critical | 9.8 | 2024-10-29 16:07:07 | Deep Dive |
| CVE-2024-49645 | WordPress Affiliate Platform plugin <= 1.4.8 - Reflected Cross Site Scripting (XSS) vulnerability | Ilias Gomatos | Affiliate Platform | High | 7.1 | 2024-10-29 12:14:57 | Deep Dive |
| CVE-2024-50497 | WordPress Advanced Online Ordering and Delivery Platform plugin <= 2.0.0 - Local File Inclusion vulnerability | wdesco | Advanced Online Ordering and Delivery Platform | High | 8.1 | 2024-10-28 12:35:15 | Deep Dive |
| CVE-2024-10295 | Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request | - | - | High | 7.5 | 2024-10-24 17:55:10 | Deep Dive |
| CVE-2024-50312 | Graphql: information disclosure via graphql introspection in openshift | Red Hat | Red Hat OpenShift Container Platform 4.16 | Medium | 5.3 | 2024-10-22 13:24:12 | Deep Dive |
| CVE-2024-50311 | Graphql: denial of service (dos) vulnerability via graphql batching | Red Hat | Red Hat OpenShift Container Platform 4.18 | Medium | 6.5 | 2024-10-22 13:24:04 | Deep Dive |
| CVE-2024-10234 | Wildfly: wildfly vulnerable to cross-site scripting (xss) | - | - | Medium | 6.1 | 2024-10-22 13:17:58 | Deep Dive |
| CVE-2024-10033 | Aap-gateway: xss on aap-gateway | - | - | Medium | 6.1 | 2024-10-16 16:59:44 | Deep Dive |
| CVE-2024-45715 | SolarWinds Platform Edit Function Cross-Site Scripting Vulnerability | SolarWinds | SolarWinds Platform | High | 7.1 | 2024-10-16 07:18:00 | Deep Dive |