| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-6717 | Keycloak: xss via assertion consumer service url in saml post-binding flow | - | - | Medium | 6.0 | 2024-04-25 16:02:03 | Deep Dive |
| CVE-2024-32432 | WordPress Ovic Addon Toolkit plugin <= 2.6.1 - Broken Access Control vulnerability | Ovic Team | Ovic Addon Toolkit | Medium | 4.3 | 2024-04-24 15:38:09 | Deep Dive |
| CVE-2024-32586 | WordPress Gutenberg Block Editor Toolkit plugin <= 1.40.4 - Cross Site Scripting (XSS) vulnerability | Munir Kamal | Gutenberg Block Editor Toolkit | Medium | 6.5 | 2024-04-18 09:11:04 | Deep Dive |
| CVE-2024-1249 | Keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkloginiframe leads to ddos | - | - | High | 7.4 | 2024-04-17 13:22:48 | Deep Dive |
| CVE-2024-1132 | Keycloak: path transversal in redirection validation | - | - | High | 8.1 | 2024-04-17 13:21:19 | Deep Dive |
| CVE-2024-0076 | NVIDIA CUDA toolkit 安全漏洞 | NVIDIA | NVIDIA CUDA Toolkit | Low | 3.3 | 2024-04-05 17:50:06 | Deep Dive |
| CVE-2024-0072 | NVIDIA CUDA toolkit 安全漏洞 | NVIDIA | NVIDIA CUDA Toolkit | Low | 3.3 | 2024-04-05 17:48:13 | Deep Dive |
| CVE-2024-1300 | Io.vertx:vertx-core: memory leak when a tcp server is configured with tls and sni support | - | - | Medium | 5.4 | 2024-04-02 07:33:05 | Deep Dive |
| CVE-2024-2794 | Gutenberg Block Editor Toolkit – EditorsKit <= 1.40.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | munirkamal | Gutenberg Block Editor Toolkit – EditorsKit | Medium | 6.4 | 2024-03-30 04:31:09 | Deep Dive |
| CVE-2023-34020 | WordPress Uncanny Toolkit for LearnDash plugin <= 3.6.4.3 - Open Redirection vulnerability | Uncanny Owl | Uncanny Toolkit for LearnDash | Medium | 4.7 | 2024-03-27 13:24:44 | Deep Dive |
| CVE-2024-29791 | WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 2.01 - Reflected Cross Site Scripting (XSS) vulnerability | Mad Fish Digital | Bulk NoIndex & NoFollow Toolkit | High | 7.1 | 2024-03-27 12:43:22 | Deep Dive |
| CVE-2024-29817 | WordPress affiliate-toolkit – WordPress Affiliate Plugin plugin <= 3.4.5 - Cross Site Scripting (XSS) vulnerability | SERVIT Software Solutions | affiliate-toolkit | Medium | 6.5 | 2024-03-27 11:56:37 | Deep Dive |
| CVE-2024-1023 | Io.vertx/vertx-core: memory leak due to the use of netty fastthreadlocal data structures in vertx | - | - | Medium | 6.5 | 2024-03-27 07:51:16 | Deep Dive |
| CVE-2024-1851 | affiliate-toolkit – WordPress Affiliate Plugin <= 3.5.4 - Missing Authorization via atkp_create_list | cservit | affiliate-toolkit – Multi-Network Affiliate & Amazon Product Display | Medium | 6.3 | 2024-03-08 06:58:07 | Deep Dive |
| CVE-2024-2298 | affiliate-toolkit – WordPress Affiliate Plugin <= 3.5.4 - Missing Authorization via atkp_import_product | cservit | affiliate-toolkit – Multi-Network Affiliate & Amazon Product Display | Medium | 4.3 | 2024-03-08 06:58:06 | Deep Dive |
| CVE-2023-28715 | Intel oneAPI Toolkit and component software installers 安全漏洞 | - | Intel(R) oneAPI Toolkit and component software installers | Medium | 5.0 | 2024-02-14 13:38:07 | Deep Dive |
| CVE-2023-32618 | Intel oneAPI Toolkit and component software installers 安全漏洞 | - | Intel(R) oneAPI Toolkit and component software installers | Medium | 6.7 | 2024-02-14 13:38:06 | Deep Dive |
| CVE-2023-6635 | EditorsKit <= 1.40.3 - Authenticated (Administrator+) Arbitrary File Upload | munirkamal | Gutenberg Block Editor Toolkit – EditorsKit | High | 7.2 | 2024-02-05 21:21:43 | Deep Dive |
| CVE-2024-24569 | `ZipSecurity#isBelowCurrentDirectory` is vulnerable to partial-path traversal vulnerability | pixee | java-security-toolkit | Medium | 5.4 | 2024-02-01 19:02:17 | Deep Dive |
| CVE-2023-6291 | Keycloak: redirect_uri validation bypass | Red Hat | Red Hat build of Keycloak 22 | High | 7.1 | 2024-01-26 14:23:43 | Deep Dive |