高危漏洞库
阿里云安全专家专业评估分析,帮助客户精准研判高危风险漏洞。
| AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
|---|---|---|---|---|
| AVD-2022-22975 | Spring Security RegexRequestMatcher 认证绕过漏洞(CVE-2022-22978) | 2022-05-15 | ||
| AVD-2022-1202752 | dotCMS api/content 任意文件上传漏洞(CVE-2022-26352) | 2022-05-05 | ||
| AVD-2022-1388 | F5 BIG-IP iControl REST 远程代码执行漏洞(CVE-2022-1388) | 2022-05-05 | ||
| AVD-2022-24706 | Apache CouchDB epmd 远程代码执行漏洞(CVE-2022-24706) | 2022-04-26 | ||
| AVD-2022-29464 | WSO2 fileupload 任意文件上传漏洞(CVE-2022-29464) | 2022-04-20 | ||
| AVD-2022-22954 | VMware Workspace ONE Access 模板注入漏洞(CVE-2022-22954) | 2022-04-08 | ||
| AVD-2022-1162 | Gitlab OmniAuth 账号劫持漏洞(CVE-2022-1162) | 2022-04-05 | ||
| AVD-2022-29303 | SolarView Compact conf_mail 远程命令执行漏洞(CVE-2022-29303) | 2022-04-01 | ||
| AVD-2022-1124599 | Spring Framework JDK >= 9 远程代码执行漏洞(CVE-2022-22965) | 2022-03-31 | ||
| AVD-2022-1117998 | Spring Cloud Function functionRouter SPEL代码执行漏洞(CVE-2022-22963) | 2022-03-25 | ||
| AVD-2022-25487 | Atom CMS 代码问题漏洞(CVE-2022-25487) | 2022-03-16 | ||
| AVD-2022-0543 | Redis 沙盒逃逸漏洞(CVE-2022-0543) | 2022-03-09 | ||
| AVD-2022-0847 | Dirty Pipe - Linux 内核本地提权漏洞(CVE-2022-0847) | 2022-03-07 | ||
| AVD-2022-22909 | HotelDruid 代码注入漏洞(CVE-2022-22909) | 2022-03-03 | ||
| AVD-2022-1067719 | Spring Cloud Gateway actuator 端点可访问 | 2022-03-02 | ||
| AVD-2022-22947 | Spring Cloud Gateway spel 远程代码执行(CVE-2022-22947) | 2022-03-02 | ||
| AVD-2022-1037286 | 向日葵远程控制软件远程命令执行漏洞(CNVD-2022-10270) | 2022-02-16 | ||
| AVD-2022-20699 | Cisco Small Business RV Series Routers远程代码执行漏洞(CVE-2022-20699) | 2022-02-11 | ||
| AVD-2022-21371 | WebLogic Server 目录遍历漏洞(CVE-2022-21371) | 2022-02-10 | ||
| AVD-2022-22536 | SAP NetWeaver等多组件请求走私漏洞(CVE-2022-22536) | 2022-02-10 | ||
| AVD-2022-21724 | PostgreSQL JDBC 驱动远程代码执行漏洞(CVE-2022-21724) | 2022-02-02 | ||
| AVD-2022-24124 | Casdoor api get-oraganizations SQL注入(CVE-2022-24124) | 2022-01-30 | ||
| AVD-2021-4034 | polkit pkexec 本地提权漏洞(CVE-2021-4034) | 2022-01-26 | ||
| AVD-2022-23944 | Apache ShenYu Admin plugin 未授权访问漏洞(CVE-2022-23944) | 2022-01-26 | ||
| AVD-2021-25076 | WordPress plugin SQL注入漏洞 | 2022-01-24 | ||
| AVD-2022-987436 | Apache APISIX batch-requests SSRF 漏洞 | 2022-01-24 | ||
| AVD-2022-987442 | Apache Solr log4j 远程代码执行漏洞 | 2022-01-24 | ||
| AVD-2022-22733 | Apache ShardingSphere ElasticJob UI 敏感信息泄漏漏洞 | 2022-01-20 | ||
| AVD-2022-23178 | Crestron Hd-Md4X2-4K-E授权错误漏洞(CVE-2022-23178) | 2022-01-15 | ||
| AVD-2022-23134 | Zabbix setup.php 认证绕过(CVE-2022-23134) | 2022-01-14 |