| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-43400 | XWiki Platform allows XSS through XClass name in string properties | xwiki | xwiki-platform | Critical | 9.0 | 2024-08-19 16:24:41 | Deep Dive |
| CVE-2024-43401 | In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them | xwiki | xwiki-platform | Critical | 9.0 | 2024-08-19 16:24:30 | Deep Dive |
| CVE-2024-38483 | Dell BIOS 输入验证错误漏洞 | Dell | Dell Client Platform BIOS | Medium | 5.8 | 2024-08-14 09:24:11 | Deep Dive |
| CVE-2024-41734 | Missing Authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server ABAP and ABAP Platform | Medium | 4.3 | 2024-08-13 04:18:04 | Deep Dive |
| CVE-2024-41731 | Multiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence Platform | SAP_SE | SAP BusinessObjects Business Intelligence Platform | Low | 3.1 | 2024-08-13 04:07:28 | Deep Dive |
| CVE-2024-28166 | Multiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence Platform | SAP_SE | SAP BusinessObjects Business Intelligence Platform | Low | 3.7 | 2024-08-13 04:05:24 | Deep Dive |
| CVE-2024-42375 | Multiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence Platform | SAP_SE | SAP BusinessObjects Business Intelligence Platform | Medium | 4.3 | 2024-08-13 04:03:26 | Deep Dive |
| CVE-2024-41730 | Missing Authentication check in SAP BusinessObjects Business Intelligence Platform | SAP_SE | SAP BusinessObjects Business Intelligence Platform | Critical | 9.8 | 2024-08-13 03:31:37 | Deep Dive |
| CVE-2024-43168 | Unbound: heap-buffer-overflow in unbound | Red Hat | Red Hat Enterprise Linux 6 | Medium | 4.8 | 2024-08-08 20:25:25 | Deep Dive |
| CVE-2024-43167 | Unbound: null pointer dereference in unbound | Red Hat | Red Hat Enterprise Linux 6 | Low | 2.8 | 2024-08-08 20:24:50 | Deep Dive |
| CVE-2024-7143 | Pulpcore: rbac permissions incorrectly assigned in tasks that create objects | - | - | 中危 | - | 2024-08-07 16:49:30 | Deep Dive |
| CVE-2024-7564 | Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability | Logsign | Unified SecOps Platform | - | - | 2024-08-06 15:47:49 | Deep Dive |
| CVE-2024-41995 | Ricoh JavaTM Platform 安全漏洞 | Ricoh Company, Ltd. | JavaTM Platform | - | - | 2024-08-06 06:51:51 | Deep Dive |
| CVE-2024-7409 | Qemu: denial of service via improper synchronization in qemu nbd server during socket closure | - | - | - | - | 2024-08-05 13:19:27 | Deep Dive |
| CVE-2024-3056 | Podman: kernel: containers in shared ipc namespace are vulnerable to denial of service attack | - | - | High | 7.7 | 2024-08-02 20:37:59 | Deep Dive |
| CVE-2024-7319 | Openstack-heat: incomplete fix for cve-2023-1625 | - | - | Medium | 5.0 | 2024-08-02 20:36:24 | Deep Dive |
| CVE-2024-7211 | The Duende Identity Server based component in 1E Platform may allow URL redirections to untrusted websites. | 1E | 1E Platform | Medium | 4.7 | 2024-08-01 16:49:48 | Deep Dive |
| CVE-2024-6698 | FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation | roxnor | FundEngine – Donation and Crowdfunding Platform | High | 8.8 | 2024-08-01 03:29:59 | Deep Dive |
| CVE-2024-41947 | XWiki Platform XSS through conflict resolution | xwiki | xwiki-platform | Critical | 9.0 | 2024-07-31 15:24:20 | Deep Dive |
| CVE-2024-37901 | XWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet | xwiki | xwiki-platform | Critical | 9.9 | 2024-07-31 15:19:37 | Deep Dive |