| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-37179 | Insecure File Operations vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | SAP_SE | SAP BusinessObjects Business Intelligence Platform (Web Intelligence) | High | 7.7 | 2024-10-08 03:21:03 | Deep Dive |
| CVE-2024-9407 | Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction | - | - | Medium | 4.7 | 2024-10-01 20:13:30 | Deep Dive |
| CVE-2024-9341 | Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library | - | - | Medium | 5.4 | 2024-10-01 18:52:01 | Deep Dive |
| CVE-2024-9355 | Golang-fips: golang fips zeroed buffer | - | - | Medium | 6.5 | 2024-10-01 18:17:29 | Deep Dive |
| CVE-2024-8353 | GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Critical | 9.8 | 2024-09-28 02:04:28 | Deep Dive |
| CVE-2024-9130 | GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Authenticated (GiveWP Manager+) SQL Injection via order Parameter | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | High | 7.2 | 2024-09-27 05:31:03 | Deep Dive |
| CVE-2024-47083 | Power Platform Terraform Provider has Improper Masking of Secrets in Logs | microsoft | terraform-provider-power-platform | - | - | 2024-09-25 21:21:29 | Deep Dive |
| CVE-2024-8883 | Keycloak: vulnerable redirect uri validation results in open redirec | - | - | Medium | 6.1 | 2024-09-19 15:48:28 | Deep Dive |
| CVE-2024-8698 | Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak | - | - | High | 7.7 | 2024-09-19 15:48:18 | Deep Dive |
| CVE-2024-46978 | Missing checks for notification filter preferences editions in XWiki Platform | xwiki | xwiki-platform | Medium | 6.5 | 2024-09-18 17:25:16 | Deep Dive |
| CVE-2024-46979 | Data leak of notification filters of users in XWiki Platform | xwiki | xwiki-platform | Medium | 5.3 | 2024-09-18 17:23:35 | Deep Dive |
| CVE-2024-8110 | Yokogawa Dual-redundant Platform for Computer 安全漏洞 | Yokogawa Electric Corporation | Dual-redundant Platform for Computer (PC2CKM) | High | 7.5 | 2024-09-17 02:04:54 | Deep Dive |
| CVE-2024-45496 | Openshift-controller-manager: elevated build pods can lead to node compromise in openshift | - | - | Critical | 9.9 | 2024-09-16 23:58:59 | Deep Dive |
| CVE-2024-7387 | Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy | - | - | Critical | 9.1 | 2024-09-16 23:58:35 | Deep Dive |
| CVE-2024-8775 | Ansible-core: exposure of sensitive information in ansible vault files due to improper logging | - | - | Medium | 5.5 | 2024-09-14 02:15:15 | Deep Dive |
| CVE-2024-6840 | Automation-controller: gain access to the k8s api server via job execution with container group | - | - | Medium | 6.6 | 2024-09-12 16:35:09 | Deep Dive |
| CVE-2024-8097 | Sensitive information exposure when the org.glassfish.admingui LOGGER is set to FINEST level | Payara Platform | Payara Server | - | - | 2024-09-11 16:32:10 | Deep Dive |
| CVE-2024-7312 | REST Interface Link Redirection via Host parameter | Payara Platform | Payara Server | - | - | 2024-09-11 15:28:43 | Deep Dive |
| CVE-2023-6841 | Keycloak: amount of attributes per object is not limited and it may lead to dos | - | - | High | 7.5 | 2024-09-10 16:15:33 | Deep Dive |
| CVE-2024-45591 | XWiki Platform document history including authors of any page exposed to unauthorized actors | xwiki | xwiki-platform | Medium | 5.3 | 2024-09-10 15:56:53 | Deep Dive |