| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-36987 | Insecure File Upload in the indexing/preview REST endpoint | Splunk | Splunk Enterprise | Medium | 4.3 | 2024-07-01 16:30:36 | Deep Dive |
| CVE-2024-6387 | Openssh: regresshion - race condition in ssh allows rce/dos | - | - | High | 8.1 | 2024-07-01 12:37:25 | Deep Dive |
| CVE-2024-35260 | Microsoft Dataverse Remote Code Execution Vulnerability | Microsoft | Microsoft Power Platform | High | 8.0 | 2024-06-27 17:32:28 | Deep Dive |
| CVE-2024-0171 | Dell PowerEdge Server BIOS 安全漏洞 | Dell | PowerEdge Platform | Medium | 5.3 | 2024-06-25 15:30:43 | Deep Dive |
| CVE-2024-38369 | XWiki programming rights may be inherited by inclusion | xwiki | xwiki-platform | Critical | 9.9 | 2024-06-24 16:39:38 | Deep Dive |
| CVE-2024-37899 | Disabling a user account changes its author, allowing RCE from user account in XWiki | xwiki | xwiki-platform | Critical | 9.0 | 2024-06-20 22:13:59 | Deep Dive |
| CVE-2024-6162 | Undertow: url-encoded request path information can be broken on ajp-listener | - | - | High | 7.5 | 2024-06-20 14:33:10 | Deep Dive |
| CVE-2024-6003 | Guangdong Baolun Electronics IP Network Broadcasting Service Platform maps sql injection | Guangdong Baolun Electronics | IP Network Broadcasting Service Platform | High | 7.3 | 2024-06-14 21:31:04 | Deep Dive |
| CVE-2024-5154 | Cri-o: malicious container can create symlink on host | - | - | High | 8.1 | 2024-06-12 08:51:44 | Deep Dive |
| CVE-2024-35213 | Vulnerability in SGI Image Codec Impacts BlackBerry QNX Software Development Platform (SDP) | BlackBerry | QNX Software Development Platform (SDP) | Critical | 9.0 | 2024-06-11 18:37:04 | Deep Dive |
| CVE-2024-34758 | WordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerability | Wpmet | WP Fundraising Donation and Crowdfunding Platform | Medium | 5.3 | 2024-06-11 16:13:06 | Deep Dive |
| CVE-2024-34684 | Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Scheduling) | SAP_SE | SAP BusinessObjects Business Intelligence Platform | Low | 3.7 | 2024-06-11 02:20:31 | Deep Dive |
| CVE-2024-33001 | Denial of service (DOS) in SAP NetWeaver and ABAP platform | SAP_SE | SAP NetWeaver and ABAP platform | Medium | 6.5 | 2024-06-11 02:05:00 | Deep Dive |
| CVE-2024-32792 | WordPress Hummingbird plugin <= 3.7.3 - Broken Access Control vulnerability | WPMU DEV - Your All-in-One WordPress Platform | Hummingbird | Medium | 4.3 | 2024-06-09 12:57:46 | Deep Dive |
| CVE-2024-5037 | Openshift/telemeter: iss check during jwt authentication can be bypassed | - | - | High | 7.5 | 2024-06-05 18:03:23 | Deep Dive |
| CVE-2024-4886 | BuddyBoss Platform < 2.6.0 - Subscriber+ Comment on Private Post via IDOR | Unknown | buddyboss-platform | - | - | 2024-06-05 06:00:03 | Deep Dive |
| CVE-2024-29004 | SolarWinds Platform Stored XSS Vulnerability | SolarWinds | SolarWinds Platform | High | 7.1 | 2024-06-04 14:53:26 | Deep Dive |
| CVE-2024-28999 | SolarWinds Platform Race Condition Vulnerability | SolarWinds | SolarWinds Platform | Medium | 6.4 | 2024-06-04 14:51:57 | Deep Dive |
| CVE-2024-28996 | SolarWinds Platform SWQL Injection Vulnerability | SolarWinds | SolarWinds Platform | High | 7.5 | 2024-06-04 14:49:53 | Deep Dive |
| CVE-2024-4750 | BuddyBoss Platform < 2.6.0 - Insecure Direct Object Reference on Like Comment | Unknown | buddyboss-platform | - | - | 2024-06-04 06:00:03 | Deep Dive |