| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-45161 | 1E-Exchange-URLResponseTime instruction before v20.1 allows arbitrary code execution | 1E | Platform | Critical | 9.9 | 2023-11-06 12:13:09 | Deep Dive |
| CVE-2022-47426 | WordPress Neshan Maps Plugin <= 1.1.4 is vulnerable to SQL Injection | Neshan Maps Platform | Neshan Maps | Medium | 6.0 | 2023-11-03 12:47:23 | Deep Dive |
| CVE-2023-5408 | Openshift: modification of node role labels | Red Hat | Red Hat OpenShift Container Platform 4.11 | High | 7.2 | 2023-11-02 02:55:58 | Deep Dive |
| CVE-2023-40061 | Insecure Job Execution Mechanism Vulnerability | SolarWinds | SolarWinds Platform | High | 8.8 | 2023-11-01 15:30:30 | Deep Dive |
| CVE-2023-40062 | Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability | SolarWinds | SolarWinds Platform | High | 8.0 | 2023-11-01 15:29:57 | Deep Dive |
| CVE-2023-5625 | Python-eventlet: patch regression for cve-2021-21419 in some red hat builds | Red Hat | Ironic content for Red Hat OpenShift Container Platform 4.12 | Medium | 5.3 | 2023-11-01 13:28:10 | Deep Dive |
| CVE-2023-5349 | Draw while calling getdrawinfo() | - | rmagick | Medium | 5.3 | 2023-10-30 20:28:00 | Deep Dive |
| CVE-2023-46290 | Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability | Rockwell Automation | FactoryTalk® Services Platform | High | 8.1 | 2023-10-27 18:10:51 | Deep Dive |
| CVE-2023-45137 | XWiki Platform XSS with edit right in the create document form for existing pages | xwiki | xwiki-platform | Critical | 9.0 | 2023-10-25 20:13:23 | Deep Dive |
| CVE-2023-45136 | XWiki Platform web templates vulnerable to reflected XSS in the create document form if name validation is enabled | xwiki | xwiki-platform | Critical | 9.6 | 2023-10-25 19:36:27 | Deep Dive |
| CVE-2023-45135 | XWiki users can be tricked to execute scripts as the create page action doesn't display the page's title | xwiki | xwiki-platform | Critical | 9.0 | 2023-10-25 19:29:05 | Deep Dive |
| CVE-2023-45134 | XWiki Platform XSS vulnerability from account in the create page form via template provider | xwiki | xwiki-platform | Critical | 9.0 | 2023-10-25 19:08:33 | Deep Dive |
| CVE-2023-37913 | org.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter | xwiki | xwiki-platform | Critical | 9.9 | 2023-10-25 17:59:46 | Deep Dive |
| CVE-2023-37911 | org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents | xwiki | xwiki-platform | Medium | 6.5 | 2023-10-25 17:19:46 | Deep Dive |
| CVE-2023-37910 | org.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move | xwiki | xwiki-platform | High | 8.1 | 2023-10-25 17:17:24 | Deep Dive |
| CVE-2023-37909 | Privilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheet | xwiki | xwiki-platform | Critical | 9.9 | 2023-10-25 17:09:59 | Deep Dive |
| CVE-2023-5684 | Byzoro Smart S85F Management Platform importexport.php os command injection | Byzoro | Smart S85F Management Platform | Medium | 4.7 | 2023-10-21 07:00:07 | Deep Dive |
| CVE-2023-5683 | Byzoro Smart S85F Management Platform importconf.php os command injection | Byzoro | Smart S85F Management Platform | Medium | 6.3 | 2023-10-21 05:00:06 | Deep Dive |
| CVE-2023-45825 | Token in custom credentials object can leak through logs in ydb-go-sdk | ydb-platform | ydb-go-sdk | Medium | 5.5 | 2023-10-19 18:22:31 | Deep Dive |
| CVE-2023-32089 | Pegasystem PEGA Platform 跨站脚本漏洞 | Pegasystems | Pega Platform | Medium | 4.6 | 2023-10-18 11:45:16 | Deep Dive |