| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-37709 | Insecure direct object reference of log files of the Import/Export feature | shopware | platform | Medium | 6.5 | 2021-08-16 22:05:12 | Deep Dive |
| CVE-2021-37708 | Command injection in mail agent settings | shopware | platform | High | 8.8 | 2021-08-16 19:15:13 | Deep Dive |
| CVE-2021-37707 | Manipulation of product reviews via API | shopware | platform | Medium | 6.5 | 2021-08-16 18:55:10 | Deep Dive |
| CVE-2021-32631 | JSON Web Tokens not properly verified | nimble-platform | common | Medium | 6.5 | 2021-07-26 15:20:11 | Deep Dive |
| CVE-2021-2463 | Oracle Commerce 输入验证错误漏洞 | Oracle Corporation | Commerce Platform | Critical | 9.8 | 2021-07-20 22:45:09 | Deep Dive |
| CVE-2021-33684 | SAP NetWeaver AS ABAP 缓冲区错误漏洞 | SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | 中危 | - | 2021-07-14 11:04:32 | Deep Dive |
| CVE-2021-33677 | SAP NetWeaver AS ABAP 安全漏洞 | SAP SE | SAP NetWeaver AS ABAP and ABAP Platform | 高危 | - | 2021-07-14 11:03:57 | Deep Dive |
| CVE-2021-32731 | The reset password form reveal users email address | xwiki | xwiki-platform | Medium | 5.3 | 2021-07-01 19:05:14 | Deep Dive |
| CVE-2021-32730 | No CSRF protection on the password change form | xwiki | xwiki-platform | Medium | 5.7 | 2021-07-01 17:30:13 | Deep Dive |
| CVE-2021-32729 | A user without PR can reset user authentication failures information | xwiki | xwiki-platform | Low | 2.0 | 2021-07-01 16:45:11 | Deep Dive |
| CVE-2021-28830 | TIBCO Spotfire Windows Platform Artifact Search vulnerability | TIBCO Software Inc. | TIBCO Enterprise Runtime for R - Server Edition | High | 8.8 | 2021-06-29 17:15:12 | Deep Dive |
| CVE-2021-23275 | TIBCO Spotfire Windows Platform Installation vulnerability | TIBCO Software Inc. | TIBCO Enterprise Runtime for R - Server Edition | High | 8.8 | 2021-06-29 17:15:11 | Deep Dive |
| CVE-2021-20740 | Hitachi Virtual File Platform 操作系统命令注入漏洞 | Hitachi and NEC Corporation | Hitachi Virtual File Platform and NEC Storage M Series NAS Gateway which uses Hitachi Virtual File Platform | 高危 | - | 2021-06-28 00:50:31 | Deep Dive |
| CVE-2021-32717 | Private files publicly accessible with Cloud Storage providers | shopware | platform | High | 7.5 | 2021-06-24 21:10:12 | Deep Dive |
| CVE-2021-32716 | Internal hidden fields are visible on to many associations in admin api | shopware | platform | Medium | 4.4 | 2021-06-24 21:05:12 | Deep Dive |
| CVE-2021-32711 | Leak of information via Store-API | shopware | platform | Critical | 9.1 | 2021-06-24 20:05:13 | Deep Dive |
| CVE-2021-32710 | Potential Session Hijacking in Shopware | shopware | platform | Medium | 5.9 | 2021-06-24 19:45:17 | Deep Dive |
| CVE-2021-32709 | Creation of order credits was not validated by acl in admin orders | shopware | platform | Medium | 4.9 | 2021-06-24 18:50:11 | Deep Dive |
| CVE-2021-25653 | Avaya Aura Appliance Virtualization Platform Utilities Privilege Escalation Vulnerability | Avaya | Avaya Aura Appliance Virtualization Platform Utilities | High | 8.0 | 2021-06-24 08:55:29 | Deep Dive |
| CVE-2021-25652 | Avaya Aura Appliance Virtualization Platform Utilities Sensitive Information Disclosure Vulnerability | Avaya | Avaya Aura Appliance Virtualization Platform Utilities | Medium | 4.9 | 2021-06-24 08:55:28 | Deep Dive |