高危漏洞库
阿里云安全专家专业评估分析,帮助客户精准研判高危风险漏洞。
AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
---|---|---|---|---|
AVD-2024-32640 | Mura CMS processAsyncObject SQL注入漏洞(CVE-2024-32640) | 2024-05-09 | ||
AVD-2024-26026 | F5 BIG-IP Next Central Manager SQL注入漏洞(CVE-2024-26026) | 2024-05-08 | ||
AVD-2024-32113 | Apache OFBiz 目录遍历致代码执行漏洞(CVE-2024-32113) | 2024-05-08 | ||
AVD-2024-1723189 | 瑞友天翼应用虚拟化系统 appsave SQL注入漏洞 | 2024-05-07 | ||
AVD-2024-1723009 | 瑞友天翼应用虚拟化系统 hmrao.php SQL注入致代码执行漏洞 | 2024-05-06 | ||
AVD-2024-32114 | Apache ActiveMQ Jolokia REST API 未授权访问漏洞(CVE-2024-32114) | 2024-05-02 | ||
AVD-2024-1720490 | ZenTao PMS 项目管理系统身份认证绕过漏洞 | 2024-04-25 | ||
AVD-2024-1720287 | Primeton EOS Platform jmx 远程代码执行漏洞 | 2024-04-24 | ||
AVD-2024-4040 | CrushFTP 认证绕过模板注入漏洞(CVE-2024-4040) | 2024-04-23 | ||
AVD-2024-1719112 | kkFileView 任意文件上传致远程代码执行漏洞 | 2024-04-17 | ||
AVD-2024-1718774 | IP-guard WebServer 权限绕过漏洞 | 2024-04-16 | ||
AVD-2024-3400 | Palo Alto Networks PAN-OS GlobalProtect 命令注入漏洞(CVE-2024-3400) | 2024-04-12 | ||
AVD-2024-31861 | Apache Zeppelin shell 代码注入漏洞(CVE-2024-31861) | 2024-04-11 | ||
AVD-2024-3116 | pgAdmin4 <= 8.4 后台远程命令执行漏洞 (CVE-2024-3116) | 2024-04-04 | ||
AVD-2024-2389 | Progress Flowmon 命令注入漏洞(CVE-2024-2389) | 2024-04-02 | ||
AVD-2024-29202 | Jumpserver 3.0.0~3.10.6 后台Jinja2注入远程代码执行漏洞(CVE-2024-29202) | 2024-03-29 | ||
AVD-2024-29201 | Jumpserver 3.0.0~3.10.6 后台Ansible Playbook 远程代码执行漏洞(CVE-2024-29201) | 2024-03-29 | ||
AVD-2024-3094 | XZ-Utils 5.6.0/5.6.1版本后门风险(CVE-2024-3094) | 2024-03-29 | ||
AVD-2023-51444 | GeoServer REST Coverage Store API 文件上传漏洞(CVE-2023-51444) | 2024-03-20 | ||
AVD-2024-21677 | Atlassian Confluence 路径遍历漏洞(CVE-2024-21677) | 2024-03-20 | ||
AVD-2024-20767 | Adobe Coldfusion 文件读取漏洞(CVE-2024-20767) | 2024-03-18 | ||
AVD-2024-28255 | OpenMetadata 身份验证绕过漏洞(CVE-2024-28255) | 2024-03-16 | ||
AVD-2024-23944 | Apache ZooKeeper watchers 敏感信息泄漏(CVE-2024-23944) | 2024-03-15 | ||
AVD-2024-28752 | Apache CXF Aegis databinding SSRF(CVE-2024-28752) | 2024-03-15 | ||
AVD-2023-49785 | NextChat cors SSRF 漏洞(CVE-2023-49785) | 2024-03-12 | ||
AVD-2024-2044 | pgAdmin4 反序列化代码执行漏洞(CVE-2024-2044) | 2024-03-08 | ||
AVD-2024-27198 | Teamcity 认证绕过致代码执行漏洞(CVE-2024-27198) | 2024-03-05 | ||
AVD-2024-27199 | TeamCity 权限绕过漏洞(CVE-2024-27199) | 2024-03-05 | ||
AVD-2023-50380 | Apache Ambari < 2.7.8 XXE(CVE-2023-50380) | 2024-02-28 | ||
AVD-2023-50379 | Apache Ambari 命令注入漏洞(CVE-2023-50379) | 2024-02-27 |