高危漏洞库
阿里云安全专家专业评估分析,帮助客户精准研判高危风险漏洞。
AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
---|---|---|---|---|
AVD-2024-1757649 | CyberPanel upgrademysqlstatus 远程命令执行漏洞 | 2024-10-28 | ||
AVD-2024-47575 | Fortinet FortiManager 身份认证绕过漏洞(CVE-2024-47575) | 2024-10-23 | ||
AVD-2024-38819 | Spring Framework 特定条件下目录遍历漏洞(CVE-2024-38819) | 2024-10-17 | ||
AVD-2024-45216 | Apache Solr 认证绕过漏洞(CVE-2024-45216) | 2024-10-16 | ||
AVD-2024-31449 | Redis Lua Script 溢出漏洞(CVE-2024-31449) | 2024-10-07 | ||
AVD-2024-9014 | pgAdmin4 OAuth2 client ID与secret敏感信息泄漏漏洞(CVE-2024-9014) | 2024-09-24 | ||
AVD-2024-1748969 | Gitlab SAML 身份认证绕过漏洞 | 2024-09-18 | ||
AVD-2024-38816 | Spring Framework 特定条件下目录遍历漏洞(CVE-2024-38816) | 2024-09-13 | ||
AVD-2024-29847 | Ivanti Endpoint Manager Agent Portal 存在反序列化漏洞(CVE-2024-29847) | 2024-09-12 | ||
AVD-2024-37288 | Kibana 8.15.1 Amazon Bedrock YAML 反序列化漏洞(CVE-2024-37288) | 2024-09-09 | ||
AVD-2024-37285 | Kibana YAML 反序列化代码执行漏洞(CVE-2024-37285) | 2024-09-06 | ||
AVD-2024-45195 | Apache OFBiz 远程代码执行漏洞(CVE-2024-45195) | 2024-09-04 | ||
AVD-2024-45507 | Apache OFBiz SSRF致代码执行漏洞(CVE-2024-45507) | 2024-09-04 | ||
AVD-2024-21689 | Atlassian Bamboo 远程代码执行漏洞(CVE-2024-21689) | 2024-08-20 | ||
AVD-2024-1743586 | Nacos Jraft 文件读写漏洞 | 2024-08-15 | ||
AVD-2024-43044 | Jenkins agent connections 文件读取漏洞(CVE-2024-43044) | 2024-08-07 | ||
AVD-2024-37287 | Kibana 原型链代码执行漏洞(CVE-2024-37287) | 2024-08-07 | ||
AVD-2024-38856 | Apache OFBiz 代码执行漏洞(CVE-2024-38856) | 2024-08-05 | ||
AVD-2024-37084 | Spring Cloud Data Flow 远程代码执行漏洞(CVE-2024-37084) | 2024-07-25 | ||
AVD-2024-23321 | Apache RocketMQ 敏感信息泄露漏洞(CVE-2024-23321) | 2024-07-22 | ||
AVD-2024-6730 | SparkShop存在任意文件上传漏洞(CVE-2024-6730) | 2024-07-14 | ||
AVD-2024-38077 | Windows 远程桌面授权服务 远程代码执行漏洞 | 2024-07-09 | ||
AVD-2024-36991 | Splunk Enterprise Windows平台 modules/messaging 目录遍历漏洞(CVE-2024-36991) | 2024-07-02 | ||
AVD-2024-36401 | GeoServer property 表达式注入代码执行漏洞(CVE-2024-36401) | 2024-07-02 | ||
AVD-2024-6387 | OpenSSH Server 远程代码执行漏洞(CVE-2024-6387) | 2024-07-01 | ||
AVD-2024-37032 | Ollama 目录遍历致代码执行漏洞(CVE-2024-37032) | 2024-06-25 | ||
AVD-2024-32030 | UI for Apache Kafka 后台 jmx jndi 代码执行漏洞(CVE-2024-32030) | 2024-06-20 | ||
AVD-2024-22263 | Spring Cloud Data Flow 任意文件写入漏洞(CVE-2024-22263) | 2024-06-19 | ||
AVD-2024-34102 | Magento estimate-shipping-methods XXE漏洞(CVE-2024-34102) | 2024-06-13 | ||
AVD-2024-36412 | SuiteCRM delegate SQL注入漏洞(CVE-2024-36412) | 2024-06-11 |