高危漏洞库
阿里云安全专家专业评估分析,帮助客户精准研判高危风险漏洞。
| AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
|---|---|---|---|---|
| AVD-2022-47986 | Aspera Faspex Yaml 反序列化漏洞(CVE-2022-47986) | 2023-02-03 | ||
| AVD-2023-25135 | vBulletin searchprefs phar反序列化代码执行漏洞(CVE-2023-25135) | 2023-02-03 | ||
| AVD-2023-23924 | Dompdf SVG URI 代码执行漏洞(CVE-2023-23924) | 2023-02-01 | ||
| AVD-2022-47966 | Zoho ManageEngine SAML 任意代码执行漏洞(CVE-2022-47966) | 2023-01-19 | ||
| AVD-2023-21839 | Oracle WebLogic T3/IIOP 反序列化漏洞(CVE-2023-21839) | 2023-01-18 | ||
| AVD-2023-22480 | KubeOperator 前台kubeconfig下载漏洞(CVE-2023-22480) | 2023-01-14 | ||
| AVD-2022-44877 | Control Web Panel login 远程命令执行漏洞(CVE-2022-44877) | 2023-01-06 | ||
| AVD-2023-1651310 | 禅道项⽬管理系统权限绕过与命令执行漏洞 | 2023-01-06 | ||
| AVD-2022-43396 | Apache Kylin 命令注入漏洞(CVE-2022-43396) | 2022-12-30 | ||
| AVD-2022-44621 | Apache Kylin 命令注入漏洞(CVE-2022-44621) | 2022-12-30 | ||
| AVD-2022-45347 | Apache ShardingSphere-Proxy 身份认证绕过漏洞(CVE-2022-45347) | 2022-12-22 | ||
| AVD-2022-27518 | Citrix ADC和Citrix Gateway远程代码执行漏洞(CVE-2022-27518) | 2022-12-14 | ||
| AVD-2022-44713 | Microsoft Outlook for Mac欺骗漏洞(CVE-2022-44713) | 2022-12-13 | ||
| AVD-2022-44676 | Microsoft Windows Secure Socket Tunneling Protocol远程代码执行漏洞(CVE-2022-44676) | 2022-12-13 | ||
| AVD-2022-42475 | Fortinet FortiOS sslvpnd 远程代码执行漏洞(CVE-2022-42475) | 2022-12-13 | ||
| AVD-2022-46166 | Spring Boot Admins integrated notifier support SpEL远程代码执行(CVE-2022-46166) | 2022-12-10 | ||
| AVD-2022-1640138 | ThinkPHP 多语言功能开启下文件包含漏洞 | 2022-12-09 | ||
| AVD-2022-46169 | Cacti remote_agent.php 远程命令执行漏洞(CVE-2022-46169) | 2022-12-06 | ||
| AVD-2022-4223 | pgadmin validate_binary_path 远程命令执行漏洞(CVE-2022-4223) | 2022-12-05 | ||
| AVD-2022-46366 | Apache Tapestry 反序列化远程代码执行漏洞(CVE-2022-46366) | 2022-12-02 | ||
| AVD-2022-44262 | ff4j framework 远程代码执行漏洞(CVE-2022-44262) | 2022-12-01 | ||
| AVD-2022-45932 | OpenDaylight SQL注入漏洞(CVE-2022-45932) | 2022-11-27 | ||
| AVD-2022-44117 | Boa SQL注入漏洞(CVE-2022-44117) | 2022-11-24 | ||
| AVD-2022-45931 | OpenDaylight SQL注入漏洞(CVE-2022-45931) | 2022-11-23 | ||
| AVD-2022-45930 | OpenDaylight SQL注入漏洞(CVE-2022-45930) | 2022-11-22 | ||
| AVD-2022-43782 | Atlassian Crowd and Crowd Data Center 权限绕过漏洞(CVE-2022-43782) | 2022-11-21 | ||
| AVD-2022-43781 | Bitbucket Server and Data Center 远程命令执行漏洞(CVE-2022-43781) | 2022-11-21 | ||
| AVD-2022-45378 | Apache SOAP RPCRouterServlet 反序列化代码执行漏洞(CVE-2022-45378) | 2022-11-16 | ||
| AVD-2022-40127 | Apache Airflow < 2.4.0 example dag 远程代码执行漏洞(CVE-2022-40127) | 2022-11-15 | ||
| AVD-2022-1535216 | Yapi api接口 MongoDB注入致远程命令执行漏洞 | 2022-11-11 |