| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-5178 | Incomplete Input Validation in SecurelyAccess API | ServiceNow | Now Platform | Medium | 4.9 | 2024-07-10 16:23:39 | Deep Dive |
| CVE-2024-4879 | Jelly Template Injection Vulnerability in ServiceNow UI Macros | ServiceNow | Now Platform | Critical | 9.8 | 2024-07-10 16:16:40 | Deep Dive |
| CVE-2024-6501 | Networkmanager: denial of service | - | - | Low | 3.1 | 2024-07-09 19:27:11 | Deep Dive |
| CVE-2024-37180 | [CVE-2024-37180] Information Disclosure vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server for ABAP and ABAP Platform | Medium | 4.1 | 2024-07-09 04:41:32 | Deep Dive |
| CVE-2024-39599 | [CVE-2024-39599] Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server for ABAP and ABAP Platform | Medium | 4.7 | 2024-07-09 04:24:31 | Deep Dive |
| CVE-2024-3653 | Undertow: learningpushhandler can lead to remote memory dos attacks | - | - | Medium | 5.3 | 2024-07-08 21:21:21 | Deep Dive |
| CVE-2024-5971 | Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket | - | - | High | 7.5 | 2024-07-08 20:51:29 | Deep Dive |
| CVE-2024-6409 | Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9 | - | - | High | 7.0 | 2024-07-08 17:57:11 | Deep Dive |
| CVE-2024-3826 | Broken SAML Validation | Akana | Akana API Platform | - | - | 2024-07-02 15:49:09 | Deep Dive |
| CVE-2024-36997 | Persistent Cross-site Scripting (XSS) in conf-web/settings REST endpoint | Splunk | Splunk Enterprise | High | 8.1 | 2024-07-01 16:57:48 | Deep Dive |
| CVE-2024-36993 | Persistent Cross-site Scripting (XSS) in Web Bulletin | Splunk | Splunk Enterprise | Medium | 5.4 | 2024-07-01 16:54:35 | Deep Dive |
| CVE-2024-36995 | Low-privileged user could create experimental items | Splunk | Splunk Enterprise | Medium | 5.4 | 2024-07-01 16:52:58 | Deep Dive |
| CVE-2024-36982 | Denial of Service through null pointer reference in “cluster/config” REST endpoint | Splunk | Splunk Enterprise | High | 7.5 | 2024-07-01 16:31:04 | Deep Dive |
| CVE-2024-36990 | Denial of Service (DoS) on the datamodel/web REST endpoint | Splunk | Splunk Enterprise | Medium | 6.5 | 2024-07-01 16:30:58 | Deep Dive |
| CVE-2024-36992 | Persistent Cross-site Scripting (XSS) in Dashboard Elements | Splunk | Splunk Enterprise | Medium | 5.4 | 2024-07-01 16:30:52 | Deep Dive |
| CVE-2024-36983 | Command Injection using External Lookups | Splunk | Splunk Enterprise | High | 8.0 | 2024-07-01 16:30:42 | Deep Dive |
| CVE-2024-36986 | Risky command safeguards bypass through Search ID query in Analytics Workspace | Splunk | Splunk Enterprise | Medium | 6.3 | 2024-07-01 16:30:42 | Deep Dive |
| CVE-2024-36994 | Persistent Cross-site Scripting (XSS) in Dashboard Elements | Splunk | Splunk Enterprise | Medium | 5.4 | 2024-07-01 16:30:41 | Deep Dive |
| CVE-2024-36996 | Information Disclosure of user names | Splunk | Splunk Enterprise | Medium | 5.3 | 2024-07-01 16:30:41 | Deep Dive |
| CVE-2024-36989 | Low-privileged user could create notifications in Splunk Web Bulletin Messages | Splunk | Splunk Enterprise | High | 7.1 | 2024-07-01 16:30:39 | Deep Dive |