高危漏洞库
阿里云安全专家专业评估分析,帮助客户精准研判高危风险漏洞。
| AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
|---|---|---|---|---|
| AVD-2022-1474319 | WebPageTest runtest.php phar反序列化代码执行漏洞 | 2022-09-23 | ||
| AVD-2022-1474320 | WebPageTest jpeginfo.php SSRF漏洞 | 2022-09-23 | ||
| AVD-2022-39205 | OneDev 认证绕过致远程代码执行漏洞(CVE-2022-39205) | 2022-09-14 | ||
| AVD-2022-36099 | XWiki Platform xwiki-platform-wiki-ui-mainwiki 表达式注入漏洞(CVE-2022-36099) | 2022-09-09 | ||
| AVD-2022-36100 | XWiki Platform xwiki-platform-tag-ui 表达式注入漏洞(CVE-2022-36100) | 2022-09-09 | ||
| AVD-2022-36098 | XWiki Platform xwiki-platform-mentions-ui 表达式注入漏洞(CVE-2022-36098) | 2022-09-09 | ||
| AVD-2022-36092 | XWiki Platform xwiki-platform-oldcore 认证授权绕过漏洞(CVE-2022-36092) | 2022-09-09 | ||
| AVD-2022-37023 | Apache Geode REST APIs 反序列化漏洞(CVE-2022-37023) | 2022-08-31 | ||
| AVD-2022-37022 | Apache Geode JMX over RMI 反序列化漏洞(CVE-2022-37022) | 2022-08-31 | ||
| AVD-2022-37021 | Apache Geode JMX over RMI 反序列化漏洞(CVE-2022-37021) | 2022-08-31 | ||
| AVD-2022-2992 | GitLab CE/EE import api 远程代码执行漏洞(CVE-2022-2992) | 2022-08-30 | ||
| AVD-2022-1443901 | 畅捷通T+ SetupAccount/Upload.aspx 文件上传漏洞(CNVD-2022-60632) | 2022-08-29 | ||
| AVD-2022-36804 | Bitbucket Server and Data Center 远程命令执行漏洞(CVE-2022-36804) | 2022-08-25 | ||
| AVD-2021-25642 | Apache Hadoop Yarn ZKConfigurationStore 反序列化代码执行漏洞(CVE-2021-25642) | 2022-08-25 | ||
| AVD-2021-3759 | linux linux_kernel 未加控制的资源消耗(资源穷尽) | 2022-08-24 | ||
| AVD-2022-2884 | GitLab CE/EE import api 远程代码执行漏洞(CVE-2022-2884) | 2022-08-23 | ||
| AVD-2022-1427737 | Tp4a Teleport 堡垒机前台任意用户登录漏洞 | 2022-08-17 | ||
| AVD-2022-1427629 | Apache Airflow Docker Provider <3.0 example dag 远程代码执行漏洞(CVE-2022-38362) | 2022-08-17 | ||
| AVD-2022-37042 | Zimbra MailboxImportServlet 认证绕过漏洞(CVE-2022-37042) | 2022-08-12 | ||
| AVD-2022-36923 | Zoho ManageEngine OpManager getUserAPIKey 敏感信息泄漏漏洞(CVE-2022-36923) | 2022-08-11 | ||
| AVD-2022-20827 | Cisco Small Business RV Series Routers 操作系统命令注入漏洞(CVE-2022-20827) | 2022-08-10 | ||
| AVD-2022-31656 | VMware Workspace ONE Access 认证漏洞(CVE-2022-31656) | 2022-08-10 | ||
| AVD-2022-1410571 | Tongda OA header.inc.php 登录绕过漏洞 | 2022-08-07 | ||
| AVD-2022-1418795 | ezOFFICE OA attachmentServer.jsp 文件上传漏洞 | 2022-08-05 | ||
| AVD-2022-25168 | Apache Hadoop FileUtil.unTar 命令注入漏洞(CVE-2022-25168) | 2022-08-04 | ||
| AVD-2022-1401848 | Liems downloadFiles 任意文件读取漏洞 | 2022-08-03 | ||
| AVD-2022-1401849 | Liems webUploadServlet 任意文件上传漏洞 | 2022-08-03 | ||
| AVD-2022-1399793 | 红帆OA udfmr.asmx SQL注入漏洞 | 2022-08-02 | ||
| AVD-2022-36799 | Jira Server 和 Data Center Email 模板注入漏洞(CVE-2022-36799) | 2022-08-01 | ||
| AVD-2022-1397742 | Weaver e-Office ajax.php dingtalkImg 任意代码执行漏洞 | 2022-08-01 |