| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-51504 | Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server | Apache Software Foundation | Apache ZooKeeper | - | - | 2024-11-07 09:52:04 | Deep Dive |
| CVE-2024-38286 | Apache Tomcat: Denial of Service | Apache Software Foundation | Apache Tomcat | High | 8.6 | 2024-11-07 07:37:32 | Deep Dive |
| CVE-2024-23590 | Apache Kylin: Session fixation in web interface | Apache Software Foundation | Apache Kylin | - | - | 2024-11-04 09:27:06 | Deep Dive |
| CVE-2024-43383 | Apache Lucene.Net.Replicator: Remote Code Execution in Lucene.Net.Replicator | Apache Software Foundation | Apache Lucene.Net.Replicator | High | 8.0 | 2024-10-31 09:57:29 | Deep Dive |
| CVE-2024-3935 | Eclipse Mosquito: Double free vulnerability | Eclipse Foundation | mosquitto | - | - | 2024-10-30 11:45:24 | Deep Dive |
| CVE-2024-10525 | Eclipse Mosquito: Heap Buffer Overflow in my_subscribe_callback | Eclipse Foundation | mosquitto | 高危 | - | 2024-10-30 11:41:09 | Deep Dive |
| CVE-2024-45477 | Apache NiFi: Improper Neutralization of Input in Parameter Description | Apache Software Foundation | Apache NiFi | Medium | 4.6 | 2024-10-29 09:00:08 | Deep Dive |
| CVE-2020-26304 | GHSL-2020-290: Regular Expression Denial of Service (ReDoS) in foundation-sites | foundation | foundation-sites | 中危 | - | 2024-10-26 20:26:13 | Deep Dive |
| CVE-2024-45031 | Apache Syncope: Stored XSS in Console and Enduser | Apache Software Foundation | Apache Syncope | - | - | 2024-10-24 14:21:35 | Deep Dive |
| CVE-2024-9287 | Virtual environment (venv) activation scripts don't quote paths | Python Software Foundation | CPython | - | - | 2024-10-22 16:34:39 | Deep Dive |
| CVE-2024-45219 | Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure | Apache Software Foundation | Apache CloudStack | High | 8.5 | 2024-10-16 07:55:03 | Deep Dive |
| CVE-2024-45461 | Apache CloudStack Quota plugin: Access checks not enforced in Quota | Apache Software Foundation | Apache CloudStack Quota plugin | Medium | 5.7 | 2024-10-16 07:54:15 | Deep Dive |
| CVE-2024-45462 | Apache CloudStack: Incomplete session invalidation on web interface logout | Apache Software Foundation | Apache CloudStack | Medium | 6.3 | 2024-10-16 07:53:40 | Deep Dive |
| CVE-2024-45693 | Apache CloudStack: Request origin validation bypass makes account takeover possible | Apache Software Foundation | Apache CloudStack | High | 8.0 | 2024-10-16 07:52:26 | Deep Dive |
| CVE-2024-45217 | Apache Solr: ConfigSets created during a backup restore command are trusted implicitly | Apache Software Foundation | Apache Solr | 高危 | - | 2024-10-16 07:51:17 | Deep Dive |
| CVE-2024-45216 | Apache Solr: Authentication bypass possible using a fake URL Path ending | Apache Software Foundation | Apache Solr | 超危 | - | 2024-10-16 07:50:26 | Deep Dive |
| CVE-2022-4973 | WordPress Core < 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via use of the_meta(); function | WordPress Foundation | WordPress | Medium | 4.9 | 2024-10-16 06:43:42 | Deep Dive |
| CVE-2023-50780 | Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans | Apache Software Foundation | Apache ActiveMQ Artemis | - | - | 2024-10-14 16:03:38 | Deep Dive |
| CVE-2024-8184 | Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks | Eclipse Foundation | Jetty | Medium | 5.9 | 2024-10-14 15:09:38 | Deep Dive |
| CVE-2024-6762 | Jetty PushSessionCacheFilter can cause remote DoS attacks | Eclipse Foundation | Jetty | Low | 3.1 | 2024-10-14 15:07:11 | Deep Dive |