| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-35150 | XWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation application | xwiki | xwiki-platform | Critical | 9.9 | 2023-06-23 16:26:55 | Deep Dive |
| CVE-2023-34467 | XWiki Platform may retrieve email addresses of all users | xwiki | xwiki-platform | High | 7.5 | 2023-06-23 16:20:51 | Deep Dive |
| CVE-2023-34466 | XWiki Platform's tags on non-viewable pages can be revealed to users | xwiki | xwiki-platform | Medium | 4.3 | 2023-06-23 15:26:11 | Deep Dive |
| CVE-2023-34465 | XWiki Platform's Mail.MailConfig can be edited by any user with edit rights | xwiki | xwiki-platform | Critical | 9.9 | 2023-06-23 15:08:00 | Deep Dive |
| CVE-2023-34464 | XWiki vulnerable to stored cross-site scripting via any wiki document and the displaycontent/rendercontent template | xwiki | xwiki-platform | Critical | 9.0 | 2023-06-23 14:44:47 | Deep Dive |
| CVE-2023-28094 | Pegasystem PEGA Platform 安全漏洞 | Pegasystems | Pega Platform | High | 8.1 | 2023-06-22 00:00:00 | Deep Dive |
| CVE-2023-35166 | Privilege escalation (PR) from account through TipsPanel | xwiki | xwiki-platform | Critical | 9.9 | 2023-06-20 19:29:52 | Deep Dive |
| CVE-2023-2686 | Silicon Labs Gecko SDK 安全漏洞 | silabs.com | Gecko Platform | Critical | 9.8 | 2023-06-15 19:00:05 | Deep Dive |
| CVE-2023-25450 | WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Request Forgery (CSRF) | GiveWP | GiveWP – Donation Plugin and Fundraising Platform | Medium | 5.4 | 2023-06-15 12:21:36 | Deep Dive |
| CVE-2022-43684 | ACL bypass in Reporting functionality | ServiceNow | Now Platform | Critical | 9.9 | 2023-06-13 18:51:40 | Deep Dive |
| CVE-2023-32707 | ‘edit_user’ Capability Privilege Escalation | Splunk | Splunk Enterprise | High | 8.8 | 2023-06-01 16:34:31 | Deep Dive |
| CVE-2023-32709 | Low-privileged User can View Hashed Default Splunk Password | Splunk | Splunk Enterprise | Medium | 4.3 | 2023-06-01 16:34:31 | Deep Dive |
| CVE-2023-32710 | Information Disclosure via the ‘copyresults’ SPL Command | Splunk | Splunk Enterprise | Medium | 4.8 | 2023-06-01 16:34:29 | Deep Dive |
| CVE-2023-32716 | Denial of Service via the 'dump' SPL command | Splunk | Splunk Enterprise | Medium | 6.5 | 2023-06-01 16:34:29 | Deep Dive |
| CVE-2023-32706 | Denial Of Service due to Untrusted XML Tag in XML Parser within SAML Authentication | Splunk | Splunk Enterprise | High | 7.7 | 2023-06-01 16:34:28 | Deep Dive |
| CVE-2023-32717 | Role-based Access Control (RBAC) Bypass on '/services/indexing/preview' REST Endpoint Can Overwrite Search Results | Splunk | Splunk Enterprise | Medium | 4.3 | 2023-06-01 16:34:28 | Deep Dive |
| CVE-2023-32708 | HTTP Response Splitting via the ‘rest’ SPL Command | Splunk | Splunk Enterprise | High | 7.2 | 2023-06-01 16:34:27 | Deep Dive |
| CVE-2023-2903 | NFine Rapid Development Platform access control | NFine | Rapid Development Platform | Medium | 4.3 | 2023-05-25 22:31:04 | Deep Dive |
| CVE-2023-2902 | NFine Rapid Development Platform access control | NFine | Rapid Development Platform | Medium | 4.3 | 2023-05-25 22:00:05 | Deep Dive |
| CVE-2023-2901 | NFine Rapid Development Platform access control | NFine | Rapid Development Platform | Medium | 4.3 | 2023-05-25 21:31:04 | Deep Dive |