CVE Intelligence

AggregatingVulnerability aggregation across services & servers · 4 sources active ·

14 Critical Unpatched
342
CVEs Tracked
all time
14
Critical Unpatched
needs action
6
Services Affected
of 11 monitored
47
Servers Exposed
of 62 fleet-wide
4/5
Sources Active
scraping now
CVE-2024-51023Heap buffer overflow in mp4 streaming module Critical
nginx34 servers exposedCVSS 9.4 · EPSS 55%via OSV6h ago

Patch Priority Matrix — CVSS × Exploit Probability

Patch now
criticalhighmediumlowBubble size = affected servers
SeverityCVEServiceServersSourceCVSS / EPSSStatus
critical
CVE-2024-45123
Race condition leads to unauthenticated RCE
OpenSSH12NVD9.8 · 87% unpatched
critical
CVE-2024-51023
Heap buffer overflow in mp4 streaming module
nginx34OSV9.4 · 55% unpatched
critical
CVE-2024-41720
Container escape via crafted OCI image
Docker Engine19GitHub9.1 · 61% acknowledged
high
CVE-2024-32002
Lua sandbox escape via crafted EVAL script
Redis6NVD8.4 · 34% unpatched
high
CVE-2024-29510
Privilege escalation via trusted extension
PostgreSQL8OSV8.1 · 23% unpatched
high
CVE-2024-49112
Denial of service via malformed packet
OpenSSH12NVD7.2 · 29% unpatched
high
CVE-2024-38999
HTTP request smuggling via chunked encoding
nginx34Vendor7.5 · 42% mitigated
medium
CVE-2024-27980
Command injection in child_process.spawn
Node.js41GitHub6.5 · 12% mitigated
medium
CVE-2024-33234
Authentication bypass in SASL handshake
Apache Kafka4Vendor5.9 · 8% patched
low
CVE-2024-23672
Sensitive field disclosure in search API
Elasticsearch5ExploitDB3.7 · 2% patched

Open Findings by Severity

49open
Critical · 14High · 22Medium · 9Low · 4

Discovery vs Patch — 14 Days

DiscoveredPatched

Live Ingestion Feed

09:51:12NVD

CVE-2024-51023 ingested — nginx, critical

09:44:03GitHub

CVE-2024-41720 ingested — Docker Engine, critical

08:20:41NVD

CVE-2024-49112 ingested — OpenSSH, high

06:02:17OSV

Scan complete — 0 new records

03:00:05Vendor

CVE-2024-38999 re-scored — now mitigated