高危漏洞库
阿里云安全专家专业评估分析,帮助客户精准研判高危风险漏洞。
| AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
|---|---|---|---|---|
| AVD-2023-1669860 | Nacos 内网集群Raft 反序列化漏洞 | 2023-05-25 | ||
| AVD-2023-2825 | Gitlab 16.0.0 任意文件读取漏洞 | 2023-05-23 | ||
| AVD-2023-33246 | Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) | 2023-05-23 | ||
| AVD-2023-32315 | Openfire Administration Console 权限绕过漏洞(CVE-2023-32315) | 2023-05-23 | ||
| AVD-2023-32314 | vm2 <3.9.18 沙箱逃逸漏洞 | 2023-05-16 | ||
| AVD-2023-1667550 | Weaver OA ofsLogin.jsp 信息泄露与前台任意用户登陆漏洞 | 2023-05-15 | ||
| AVD-2023-1668496 | Weaver OA changeuserinfo.jsp 敏感信息泄漏漏洞 | 2023-05-14 | ||
| AVD-2023-1666529 | 宏景HCM codesettree SQL注入漏洞(CNVD-2023-08743) | 2023-05-11 | ||
| AVD-2023-2648 | Weaver E-Office 任意文件上传漏洞(CVE-2023-2648) | 2023-05-11 | ||
| AVD-2023-1667360 | SiteCore IIS权限绕过致远程代码执行漏洞 | 2023-05-10 | ||
| AVD-2023-0386 | Linux Kernel 权限提升漏洞(CVE-2023-0386) | 2023-05-07 | ||
| AVD-2023-2478 | GitLab CE/EE GraphQL 添加恶意Runner漏洞(CVE-2023-2478) | 2023-05-05 | ||
| AVD-2023-25826 | OpenTSDB 命令注入漏洞(CVE-2023-25826) | 2023-05-04 | ||
| AVD-2023-32007 | Apache Spark UI shell 命令注入漏洞(CVE-2023-32007) | 2023-05-02 | ||
| AVD-2023-31415 | Elastic Kibana 任意代码执行漏洞(CVE-2023-31415) | 2023-05-02 | ||
| AVD-2023-31414 | Elastic Kibana 任意代码执行漏洞(CVE-2023-31414) | 2023-05-02 | ||
| AVD-2023-2356 | MLFlow 任意文件读取漏洞(CVE-2023-2356) | 2023-04-28 | ||
| AVD-2023-27524 | Apache Superset 默认SECRET_KEY 漏洞(CVE-2023-27524) | 2023-04-25 | ||
| AVD-2023-20864 | VMware Aria Operations for Logs 反序列化漏洞(CVE-2023-20864) | 2023-04-21 | ||
| AVD-2023-29922 | Powerjob user/create 未授权访问漏洞(CVE-2023-29922) | 2023-04-20 | ||
| AVD-2023-22621 | Strapi <4.5.6 登陆后邮件模版注入远程代码执行漏洞(CVE-2023-22621) | 2023-04-20 | ||
| AVD-2023-29923 | PowerJob <=4.3.2 未授权访问漏洞 | 2023-04-19 | ||
| AVD-2023-22894 | Strapi 信息泄露漏洞(CVE-2023-22894) | 2023-04-19 | ||
| AVD-2023-30547 | vm2 <3.9.17 沙箱逃逸漏洞 | 2023-04-18 | ||
| AVD-2023-1662710 | Apache Solr stream.url SSRF与任意文件读取致RCE漏洞 | 2023-04-14 | ||
| AVD-2023-30601 | Apache Cassandra 存在越权漏洞导致远程命令执行(CVE-2023-30601) | 2023-04-13 | ||
| AVD-2023-29199 | vm2 <3.9.16 沙箱逃逸漏洞 | 2023-04-12 | ||
| AVD-2023-1662056 | 瑞友天翼应用虚拟化系统远程代码执行漏洞 | 2023-04-10 | ||
| AVD-2022-47501 | Apache Ofbiz Solr 插件文件读取漏洞(CVE-2022-47501) | 2023-04-10 | ||
| AVD-2023-29017 | vm2 <3.9.15 沙箱逃逸漏洞 | 2023-04-07 |