| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-2216 | Jenkins docker-build-step Plugin 安全漏洞 | Jenkins Project | Jenkins docker-build-step Plugin | - | - | 2024-03-06 17:01:53 | Deep Dive |
| CVE-2024-2215 | Jenkins docker-build-step Plugin 安全漏洞 | Jenkins Project | Jenkins docker-build-step Plugin | - | - | 2024-03-06 17:01:52 | Deep Dive |
| CVE-2024-1095 | Build & Control Block Patterns – Boost up Gutenberg Editor <= 1.3.5.4 - Missing Authorization | razib_ | Build & Control Block Patterns – Boost up Gutenberg Editor | Medium | 5.3 | 2024-03-05 01:55:59 | Deep Dive |
| CVE-2024-1722 | Keycloak-core: dos via account lockout | - | - | Low | 3.7 | 2024-02-27 17:39:13 | Deep Dive |
| CVE-2024-1635 | Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol | - | - | High | 7.5 | 2024-02-19 21:23:14 | Deep Dive |
| CVE-2024-1459 | Undertow: directory traversal vulnerability | - | - | Medium | 5.3 | 2024-02-12 20:30:04 | Deep Dive |
| CVE-2023-51695 | WordPress Everest Forms Plugin <= 2.0.4.1 is vulnerable to Cross Site Scripting (XSS) | WPEverest | Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! | Medium | 5.9 | 2024-02-01 11:07:21 | Deep Dive |
| CVE-2023-6291 | Keycloak: redirect_uri validation bypass | Red Hat | Red Hat build of Keycloak 22 | High | 7.1 | 2024-01-26 14:23:43 | Deep Dive |
| CVE-2023-6267 | Quarkus: json payload getting processed prior to security checks when rest resources are used with annotations. | Red Hat | Red Hat build of Quarkus 2.13.9.Final | High | 8.6 | 2024-01-25 18:12:45 | Deep Dive |
| CVE-2023-26525 | WordPress Dokan Plugin <= 3.7.12 is vulnerable to SQL Injection | weDevs | Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy | High | 7.1 | 2023-12-20 17:27:23 | Deep Dive |
| CVE-2023-34382 | WordPress Dokan Plugin <= 3.7.19 is vulnerable to PHP Object Injection | weDevs | Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy | Medium | 4.4 | 2023-12-19 19:40:58 | Deep Dive |
| CVE-2023-6927 | Keycloak: open redirect via "form_post.jwt" jarm response mode | Red Hat | Red Hat build of Keycloak 22 | Medium | 4.6 | 2023-12-18 22:59:07 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-6134 | Keycloak: reflected xss via wildcard in oidc redirect_uri | Red Hat | Red Hat build of Keycloak 22 | Medium | 4.6 | 2023-12-14 21:42:12 | Deep Dive |
| CVE-2023-6563 | Keycloak: offline session token dos | Red Hat | Red Hat Single Sign-On 7.6 for RHEL 7 | High | 7.7 | 2023-12-14 18:01:26 | Deep Dive |
| CVE-2023-5379 | Undertow: ajp request closes connection exceeding maxrequestsize | Red Hat | Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | High | 7.5 | 2023-12-12 21:54:53 | Deep Dive |
| CVE-2023-6394 | Quarkus: graphql operations over websockets bypass | Red Hat | Red Hat build of Quarkus 2.13.9.Final | High | 7.4 | 2023-12-09 01:26:53 | Deep Dive |
| CVE-2023-6393 | Quarkus: potential invalid reuse of context when @cacheresult on a uni is used | Red Hat | Red Hat build of Quarkus 2.13.9.Final | Medium | 5.3 | 2023-12-06 16:58:54 | Deep Dive |
| CVE-2023-1584 | Quarkus-oidc: id and access tokens leak via the authorization code flow | - | - | High | 7.5 | 2023-10-04 10:47:38 | Deep Dive |
| CVE-2023-3223 | Undertow: outofmemoryerror due to @multipartconfig handling | Red Hat | Red Hat Fuse 7.12.1 | High | 7.5 | 2023-09-27 13:54:45 | Deep Dive |