| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-21738 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform | SAP_SE | SAP NetWeaver ABAP Application Server and ABAP Platform | Medium | 4.1 | 2024-01-09 01:19:29 | Deep Dive |
| CVE-2024-21648 | XWiki has no right protection on rollback action | xwiki | xwiki-platform | High | 8.0 | 2024-01-08 23:31:50 | Deep Dive |
| CVE-2024-21651 | XWiki Denial of Service attack through attachments | xwiki | xwiki-platform | High | 7.5 | 2024-01-08 23:30:04 | Deep Dive |
| CVE-2024-21650 | XWiki Remote Code Execution vulnerability via user registration | xwiki | xwiki-platform | Critical | 10.0 | 2024-01-08 15:18:13 | Deep Dive |
| CVE-2024-0300 | Byzoro Smart S150 Management Platform HTTP POST Request userattestation.php unrestricted upload | Byzoro | Smart S150 Management Platform | Medium | 6.3 | 2024-01-08 06:00:04 | Deep Dive |
| CVE-2023-32513 | WordPress GiveWP Plugin <= 2.25.3 is vulnerable to PHP Object Injection | GiveWP | GiveWP – Donation Plugin and Fundraising Platform | High | 7.5 | 2023-12-28 10:46:27 | Deep Dive |
| CVE-2023-3171 | Eap-7: heap exhaustion via deserialization | Red Hat | EAP 7.4.13 | High | 7.5 | 2023-12-27 15:45:33 | Deep Dive |
| CVE-2023-37520 | HCL BigFix Platform is affected by Unathenticated Stored Cross-Site Scripting (XSS) | HCL Software | HCL BigFix Platform | High | 7.7 | 2023-12-21 22:13:47 | Deep Dive |
| CVE-2023-37519 | HCL BigFix Platform is affected by Unathenticated Stored Cross-Site Scripting (XSS) | HCL Software | HCL BigFix Platform | High | 7.7 | 2023-12-21 21:44:20 | Deep Dive |
| CVE-2023-50732 | Velocity execution without script right through tree macro | xwiki | xwiki-platform | High | 8.3 | 2023-12-21 19:42:01 | Deep Dive |
| CVE-2022-40312 | WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Server Side Request Forgery (SSRF) | GiveWP | GiveWP – Donation Plugin and Fundraising Platform | Medium | 5.5 | 2023-12-18 15:08:55 | Deep Dive |
| CVE-2023-3628 | Infispan: rest bulk ops don't check permissions | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 6.5 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-3629 | Infinispan: non-admins should not be able to get cache config via rest api | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5115 | Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files | Red Hat | Red Hat Ansible Automation Platform 2.3 for RHEL 8 | Medium | 6.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-50723 | XWiki Platform remote code execution/programming rights with configuration section from any user account | xwiki | xwiki-platform | Critical | 9.9 | 2023-12-15 19:02:58 | Deep Dive |
| CVE-2023-50722 | XWiki Platform XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass | xwiki | xwiki-platform | Critical | 9.6 | 2023-12-15 19:02:52 | Deep Dive |
| CVE-2023-50721 | XWiki Platform RCE from account through SearchAdmin | xwiki | xwiki-platform | Critical | 9.9 | 2023-12-15 19:02:46 | Deep Dive |
| CVE-2023-50719 | XWiki Platform Solr search discloses password hashes of all users | xwiki | xwiki-platform | High | 7.5 | 2023-12-15 19:02:41 | Deep Dive |
| CVE-2023-50720 | XWiki Platform Solr search discloses email addresses of users | xwiki | xwiki-platform | Medium | 5.3 | 2023-12-15 19:02:35 | Deep Dive |