| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-26139 | OpenCTI Authenticated Privilege Escalation | OpenCTI-Platform | opencti | High | 8.3 | 2024-05-23 11:47:44 | Deep Dive |
| CVE-2024-29000 | SolarWinds Platform Reflected XSS Vulnerability | SolarWinds | SolarWinds Platform | High | 7.9 | 2024-05-20 18:26:19 | Deep Dive |
| CVE-2024-2835 | OpenText ArcSight Enterprise Security Manager and ArcSight Platform Stored XSS | OpenText | ArcSight Enterprise Security Manager | High | 8.7 | 2024-05-20 13:10:09 | Deep Dive |
| CVE-2024-3482 | OpenText ArcSight Enterprise Security Manager and ArcSight Platform Stored XSS | OpenText | ArcSight Enterprise Security Manager | High | 8.7 | 2024-05-20 13:09:55 | Deep Dive |
| CVE-2024-3714 | GiveWP – Donation Plugin and Fundraising Platform <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | stellarwp | GiveWP – Donation Plugin and Fundraising Platform | Medium | 6.4 | 2024-05-18 04:30:53 | Deep Dive |
| CVE-2024-23556 | HCL BigFix Platform is impacted by a failure to restrict SSL/TLS renegotiation | HCL Software | BigFix Platform | Medium | 5.9 | 2024-05-17 23:40:50 | Deep Dive |
| CVE-2024-23554 | HCL BigFix Platform is susceptible to Cross-Site Request Forgery | HCL Software | BigFix Platform | Medium | 5.7 | 2024-05-17 23:31:40 | Deep Dive |
| CVE-2024-23583 | HCL BigFix Platform is susceptible to insufficiently protected credentials | HCL Software | BigFix Platform | Medium | 6.7 | 2024-05-17 23:06:36 | Deep Dive |
| CVE-2024-4904 | Byzoro Smart S200 Management Platform userattestation.php unrestricted upload | Byzoro | Smart S200 Management Platform | Medium | 6.3 | 2024-05-15 19:31:04 | Deep Dive |
| CVE-2024-33006 | File upload vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server ABAP and ABAP Platform | Critical | 9.6 | 2024-05-14 04:16:07 | Deep Dive |
| CVE-2024-33004 | Insecure Storage vulnerability in SAP BusinessObjects Business Intelligence Platform (Webservices) | SAP_SE | SAP BusinessObjects Business Intelligence Platform (Webservices) | Medium | 4.3 | 2024-05-14 04:00:25 | Deep Dive |
| CVE-2024-34687 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application server for ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application server for ABAP and ABAP Platform | Medium | 6.5 | 2024-05-14 03:56:24 | Deep Dive |
| CVE-2024-28165 | Cross site scripting vulnerability in SAP BusinessObjects Business Intelligence Platform | SAP_SE | SAP BusinessObjects Business Intelligence Platform | High | 8.1 | 2024-05-14 03:51:20 | Deep Dive |
| CVE-2024-32733 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform | SAP_SE | SAP NetWeaver Application Server ABAP and ABAP Platform | Medium | 6.1 | 2024-05-14 03:38:19 | Deep Dive |
| CVE-2024-4840 | Rhosp-director: cleartext passwords exposed in logs | - | - | Medium | 5.5 | 2024-05-13 22:16:40 | Deep Dive |
| CVE-2024-34706 | @valtimo/components exposes access token to form.io | valtimo-platform | valtimo-frontend-libraries | Critical | 9.8 | 2024-05-13 16:02:29 | Deep Dive |
| CVE-2024-3727 | Containers/image: digest type does not guarantee valid type | - | - | High | 8.3 | 2024-05-09 14:57:21 | Deep Dive |
| CVE-2024-4438 | Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:59:42 | Deep Dive |
| CVE-2024-4437 | Etcd: incomplete fix for cve-2021-44716 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:57:40 | Deep Dive |
| CVE-2024-4436 | Etcd: incomplete fix for cve-2022-41723 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:57:12 | Deep Dive |