高危漏洞库
阿里云安全专家专业评估分析,帮助客户精准研判高危风险漏洞。
AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
---|---|---|---|---|
AVD-2023-51444 | GeoServer REST Coverage Store API 文件上传漏洞(CVE-2023-51444) | 2024-03-20 | ||
AVD-2024-21677 | Atlassian Confluence 路径遍历漏洞(CVE-2024-21677) | 2024-03-20 | ||
AVD-2024-20767 | Adobe Coldfusion 文件读取漏洞(CVE-2024-20767) | 2024-03-18 | ||
AVD-2024-23944 | Apache ZooKeeper watchers 敏感信息泄漏(CVE-2024-23944) | 2024-03-15 | ||
AVD-2024-28752 | Apache CXF Aegis databinding SSRF(CVE-2024-28752) | 2024-03-15 | ||
AVD-2023-49785 | NextChat cors SSRF 漏洞(CVE-2023-49785) | 2024-03-12 | ||
AVD-2024-2044 | pgAdmin4 反序列化代码执行漏洞(CVE-2024-2044) | 2024-03-08 | ||
AVD-2024-27198 | Teamcity 认证绕过致代码执行漏洞(CVE-2024-27198) | 2024-03-05 | ||
AVD-2024-27199 | TeamCity 权限绕过漏洞(CVE-2024-27199) | 2024-03-05 | ||
AVD-2023-50380 | Apache Ambari < 2.7.8 XXE(CVE-2023-50380) | 2024-02-28 | ||
AVD-2023-50379 | Apache Ambari 命令注入漏洞(CVE-2023-50379) | 2024-02-27 | ||
AVD-2024-1711503 | ComfyUI follow_symlinks 文件读取漏洞 | 2024-02-27 | ||
AVD-2024-25600 | Wordpress Bricks Builder 主题插件代码执行漏洞(CVE-2024-25600) | 2024-02-21 | ||
AVD-2024-22024 | Ivanti Pulse Connect Secure VPN XXE 漏洞(CVE-2024-22024) | 2024-02-13 | ||
AVD-2023-50292 | Apache Solr Schema Designer 代码执行漏洞 (CVE-2023-50292) | 2024-02-10 | ||
AVD-2023-50386 | Apache Solr Backup/Restore APIs 代码执行漏洞(CVE-2023-50386) | 2024-02-10 | ||
AVD-2024-21762 | Fortinet FortiOS 代码执行漏洞(CVE-2024-21762) | 2024-02-09 | ||
AVD-2024-23917 | TeamCity 权限绕过漏洞(CVE-2024-23917) | 2024-02-06 | ||
AVD-2024-25065 | Apache OFBiz 路径遍历致权限绕过漏洞(CVE-2024-25065) | 2024-02-04 | ||
AVD-2024-21626 | runc 文件描述符泄漏漏洞(CVE-2024-21626) | 2024-02-02 | ||
AVD-2024-24747 | MinIO 权限提升漏洞(CVE-2024-24747) | 2024-02-01 | ||
AVD-2024-21893 | Ivanti Pulse Connect Secure VPN SSRF致远程代码执行漏洞(CVE-2024-21893) | 2024-02-01 | ||
AVD-2023-44313 | Apache ServiceComb Service-Center SSRF漏洞(CVE-2023-44313) | 2024-01-31 | ||
AVD-2024-0402 | GitLab workspace 任意文件写入漏洞(CVE-2024-0402) | 2024-01-26 | ||
AVD-2024-23897 | Jenkins CLI 任意文件读取漏洞(CVE-2024-23897) | 2024-01-25 | ||
AVD-2024-23946 | Apache OFBiz 目录遍历与文件包含漏洞 (CVE-2024-23946) | 2024-01-24 | ||
AVD-2024-1706412 | 亿赛通电子文档安全管理系统 文件上传漏洞 | 2024-01-23 | ||
AVD-2024-0204 | Goanywhere MFT 未授权创建管理员漏洞(CVE-2024-0204) | 2024-01-23 | ||
AVD-2024-22233 | Spring Framework 拒绝服务漏洞 (CVE-2024-22233) | 2024-01-22 | ||
AVD-2023-22527 | Atlassian Confluence 模板注入代码执行漏洞(CVE-2023-22527) | 2024-01-16 |