| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-3628 | Infispan: rest bulk ops don't check permissions | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 6.5 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-3629 | Infinispan: non-admins should not be able to get cache config via rest api | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-47038 | Perl: write past buffer end via illegal user-defined unicode property | - | - | High | 7.0 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-3430 | Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp | - | OpenImageIO | High | 7.5 | 2023-12-18 13:40:05 | Deep Dive |
| CVE-2023-6911 | 部分WSO2产品 跨站脚本漏洞 | WSO2 | WSO2 API Manager | Medium | 4.8 | 2023-12-18 08:32:59 | Deep Dive |
| CVE-2023-6836 | WSO2 API Manager 安全漏洞 | WSO2 | WSO2 API Manager | Medium | 4.6 | 2023-12-15 09:26:01 | Deep Dive |
| CVE-2023-6377 | Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions | Red Hat | Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION | High | 7.8 | 2023-12-13 06:27:41 | Deep Dive |
| CVE-2023-6478 | Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty | Red Hat | Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION | High | 7.6 | 2023-12-13 06:27:41 | Deep Dive |
| CVE-2023-6710 | Mod_cluster/mod_proxy_cluster: stored cross site scripting | Red Hat | JBoss Core Services for RHEL 8 | Medium | 5.4 | 2023-12-12 22:01:34 | Deep Dive |
| CVE-2023-5379 | Undertow: ajp request closes connection exceeding maxrequestsize | Red Hat | Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | High | 7.5 | 2023-12-12 21:54:53 | Deep Dive |
| CVE-2023-35636 | Microsoft Outlook Information Disclosure Vulnerability | Microsoft | Microsoft Office 2019 | Medium | 6.5 | 2023-12-12 18:10:56 | Deep Dive |
| CVE-2023-36009 | Microsoft Word Information Disclosure Vulnerability | Microsoft | Microsoft Office 2019 | Medium | 5.5 | 2023-12-12 18:10:42 | Deep Dive |
| CVE-2023-49923 | Enterprise Search Insertion of Sensitive Information into Log File | Elastic | Enterprise Search | Medium | 6.8 | 2023-12-12 17:53:42 | Deep Dive |
| CVE-2023-6679 | Kernel: null pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c | Red Hat | Red Hat Enterprise Linux 9 | Medium | 5.5 | 2023-12-11 18:31:29 | Deep Dive |
| CVE-2023-5870 | Postgresql: role pg_signal_backend can signal certain superuser processes. | Red Hat | Red Hat Advanced Cluster Security 4.2 | Low | 2.2 | 2023-12-10 17:58:30 | Deep Dive |
| CVE-2023-5868 | Postgresql: memory disclosure in aggregate function calls | Red Hat | Red Hat Advanced Cluster Security 4.2 | Medium | 4.3 | 2023-12-10 17:56:57 | Deep Dive |
| CVE-2023-5869 | Postgresql: buffer overrun from integer overflow in array modification | Red Hat | Red Hat Advanced Cluster Security 4.2 | High | 8.8 | 2023-12-10 17:56:57 | Deep Dive |
| CVE-2023-6560 | Kernel: io_uring out of boundary memory access in __io_uaddr_map() | - | kernel | Medium | 5.5 | 2023-12-08 23:56:55 | Deep Dive |
| CVE-2023-6337 | Vault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests | HashiCorp | Vault | High | 7.5 | 2023-12-08 21:12:32 | Deep Dive |