| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-28978 | Dell OpenManage Enterprise 访问控制错误漏洞 | Dell | Dell OpenManage Enterprise | Medium | 5.2 | 2024-05-01 03:51:57 | Deep Dive |
| CVE-2024-2877 | Vault Enterprise Leaks Sensitive HTTP Request Headers in the Audit Log When Deployed With a Performance Standby Node | HashiCorp | Vault Enterprise | Medium | 5.5 | 2024-04-30 14:58:10 | Deep Dive |
| CVE-2024-33522 | Privilege escalation in Calico CNI install binary | Tigera | Calico | Medium | 6.7 | 2024-04-29 22:19:07 | Deep Dive |
| CVE-2024-28961 | Dell OpenManage Enterprise 安全漏洞 | Dell | Dell OpenManage Enterprise | Medium | 6.3 | 2024-04-29 08:25:28 | Deep Dive |
| CVE-2024-2905 | Rpm-ostree: world-readable /etc/shadow file | - | - | Medium | 6.2 | 2024-04-25 17:44:16 | Deep Dive |
| CVE-2024-2467 | Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack) | - | - | Medium | 5.9 | 2024-04-25 16:45:03 | Deep Dive |
| CVE-2024-1102 | Jberet: jberet-core logging database credentials | - | - | Medium | 6.5 | 2024-04-25 16:24:30 | Deep Dive |
| CVE-2023-6717 | Keycloak: xss via assertion consumer service url in saml post-binding flow | - | - | Medium | 6.0 | 2024-04-25 16:02:03 | Deep Dive |
| CVE-2023-5675 | Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used. | - | - | Medium | 6.5 | 2024-04-25 15:44:56 | Deep Dive |
| CVE-2024-2440 | Race Condition was identified in GitHub Enterprise Server that allowed maintaining admin permissions | GitHub | Enterprise Server | Medium | 5.5 | 2024-04-19 17:02:29 | Deep Dive |
| CVE-2024-3684 | Improper Privilege Management was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console | GitHub | Enterprise Server | High | 8.0 | 2024-04-19 14:25:25 | Deep Dive |
| CVE-2024-3646 | Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console | GitHub | Enterprise Server | High | 8.0 | 2024-04-19 14:21:48 | Deep Dive |
| CVE-2024-3470 | Repository administrator can bypass organization's ruleset using deploy keys | GitHub | Enterprise Server | Medium | 5.9 | 2024-04-19 14:17:47 | Deep Dive |
| CVE-2023-3758 | Sssd: race condition during authorization leads to gpo policies functioning inconsistently | - | - | High | 7.1 | 2024-04-18 19:06:44 | Deep Dive |
| CVE-2024-1249 | Keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkloginiframe leads to ddos | - | - | High | 7.4 | 2024-04-17 13:22:48 | Deep Dive |
| CVE-2024-1132 | Keycloak: path transversal in redirection validation | - | - | High | 8.1 | 2024-04-17 13:21:19 | Deep Dive |
| CVE-2024-22440 | HPE Compute Scale-up Server 3200 Server, Disclosure of Sensitive Information | Hewlett Packard Enterprise | HPE Compute Scale-up Server 3200 Server | Medium | 6.8 | 2024-04-17 06:56:26 | Deep Dive |
| CVE-2024-21099 | Oracle Business Intelligence Enterprise Edition 安全漏洞 | Oracle Corporation | Business Intelligence Enterprise Edition | Medium | 4.3 | 2024-04-16 21:26:32 | Deep Dive |
| CVE-2024-21097 | Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 | Oracle Corporation | PeopleSoft Enterprise PT PeopleTools | Medium | 4.9 | 2024-04-16 21:26:31 | Deep Dive |
| CVE-2024-21095 | Oracle Construction and Engineering Suite 安全漏洞 | Oracle Corporation | Primavera P6 Enterprise Project Portfolio Management | High | 8.2 | 2024-04-16 21:26:31 | Deep Dive |