近日,Oracle官方发布了多个安全漏洞的公告,其中Oracle产品本身漏洞89个,影响到Oracle产品的其他厂商漏洞169个。包括Oracle Financial Services Applications 安全漏洞(CNNVD-202401-1551、CVE-2023-21901)、Oracle Enterprise Manager Base Platform 安全漏洞(CNNVD-202401-1567、CVE-2024-20916)等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据,提升权限等。Oracle多个产品和系统受漏洞影响。目前,Oracle官方已经发布了漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
2024年1月17日,Oracle发布了2024年1月份安全更新,共258个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Oracle Mysql 和 Mysql 组件、Oracle ZFS Storage Appliance、Oracle Business Intelligence Enterprise Edition、Oracle Java SE和Oracle GraalVM、Oracle Audit Vault and Database Firewall等。CNNVD对其危害等级进行了评价,其中超危漏洞30个,高危漏洞94个,中危漏洞116个,低危漏洞18个。Oracle多个产品和系统版本受漏洞影响,具体影响范围可访问Oracle官方网站查询:
序号
| 漏洞名称
| CNNVD编号
| CVE编号
| 危害等级
| 官方链接
|
1
| Oracle部分产品 安全漏洞
| CNNVD-202401-1537
| CVE-2024-20952
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
2
| Oracle部分产品 安全漏洞
| CNNVD-202401-1546
| CVE-2024-20932
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
3
| Oracle Audit Vault and Database Firewall 安全漏洞
| CNNVD-202401-1549
| CVE-2024-20924
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
4
| Oracle Financial Services Applications 安全漏洞
| CNNVD-202401-1551
| CVE-2023-21901
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
5
| Oracle部分产品 安全漏洞
| CNNVD-202401-1563
| CVE-2024-20918
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
6
| Oracle Enterprise Manager Base Platform 安全漏洞
| CNNVD-202401-1567
| CVE-2024-20916
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
7
| Oracle Supply Chain Products Suite 安全漏洞
| CNNVD-202401-1659
| CVE-2024-20956
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
8
| Oracle Supply Chain Products Suite 安全漏洞
| CNNVD-202401-1660
| CVE-2024-20953
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
9
| Oracle WebLogic Server 安全漏洞
| CNNVD-202401-1680
| CVE-2024-20931
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
10
| Oracle Fusion Middleware 安全漏洞
| CNNVD-202401-1681
| CVE-2024-20927
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
11
| Oracle Enterprise Manager Base Platform 安全漏洞
| CNNVD-202401-1682
| CVE-2024-20917
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
12
| Oracle Audit Vault and Database Firewall 安全漏洞
| CNNVD-202401-1696
| CVE-2024-20909
| 高危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
13
| Oracle BI Publisher 安全漏洞
| CNNVD-202401-1517
| CVE-2024-20987
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
14
| Oracle MySQL 安全漏洞
| CNNVD-202401-1518
| CVE-2024-20985
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
15
| Oracle MySQL 安全漏洞
| CNNVD-202401-1520
| CVE-2024-20983
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
16
| Oracle MySQL 安全漏洞
| CNNVD-202401-1521
| CVE-2024-20981
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
17
| Oracle BI Publisher 安全漏洞
| CNNVD-202401-1522
| CVE-2024-20979
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
18
| Oracle MySQL 安全漏洞
| CNNVD-202401-1523
| CVE-2024-20975
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
19
| Oracle MySQL 安全漏洞
| CNNVD-202401-1524
| CVE-2024-20977
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
20
| Oracle MySQL 安全漏洞
| CNNVD-202401-1525
| CVE-2024-20973
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
21
| Oracle MySQL 安全漏洞
| CNNVD-202401-1526
| CVE-2024-20967
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
22
| Oracle MySQL 安全漏洞
| CNNVD-202401-1527
| CVE-2024-20969
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
23
| Oracle MySQL 安全漏洞
| CNNVD-202401-1528
| CVE-2024-20971
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
24
| Oracle MySQL 安全漏洞
| CNNVD-202401-1529
| CVE-2024-20965
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
25
| Oracle MySQL 安全漏洞
| CNNVD-202401-1530
| CVE-2024-20963
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
26
| Oracle MySQL 安全漏洞
| CNNVD-202401-1531
| CVE-2024-20961
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
27
| Oracle ZFS Storage Appliance 安全漏洞
| CNNVD-202401-1532
| CVE-2024-20959
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
28
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1535
| CVE-2024-20950
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
29
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1536
| CVE-2024-20948
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
30
| Oracle Solaris 安全漏洞
| CNNVD-202401-1538
| CVE-2024-20946
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
31
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1539
| CVE-2024-20944
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
32
| Oracle Supply Chain Products Suite 安全漏洞
| CNNVD-202401-1540
| CVE-2024-20942
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
33
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1541
| CVE-2024-20940
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
34
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1542
| CVE-2024-20938
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
35
| Oracle Installed Base 安全漏洞
| CNNVD-202401-1543
| CVE-2024-20934
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
36
| Oracle One-to-One Fulfillment 安全漏洞
| CNNVD-202401-1544
| CVE-2024-20936
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
37
| Oracle Outside In Technology 安全漏洞
| CNNVD-202401-1545
| CVE-2024-20930
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
38
| Oracle Fusion Middleware 安全漏洞
| CNNVD-202401-1547
| CVE-2024-20928
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
39
| Oracle Java SE和Oracle GraalVM 安全漏洞
| CNNVD-202401-1548
| CVE-2024-20926
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
40
| Oracle Integrated Lights Out Manager 安全漏洞
| CNNVD-202401-1564
| CVE-2024-20906
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
41
| Oracle Business Intelligence Enterprise Edition 安全漏洞
| CNNVD-202401-1566
| CVE-2024-20904
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
42
| Oracle Fusion Middleware 安全漏洞
| CNNVD-202401-1568
| CVE-2024-20908
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
43
| Oracle Java SE 安全漏洞
| CNNVD-202401-1582
| CVE-2024-20919
| 中危
| https://www.oracle.com/security-alerts/cpujan2024verbose.html
|
44
| Oracle Java SE 安全漏洞
| CNNVD-202401-1583
| CVE-2024-20921
| 中危
| https://www.oracle.com/security-alerts/cpujan2024verbose.html
|
45
| Oracle Java SE 安全漏洞
| CNNVD-202401-1584
| CVE-2024-20945
| 中危
| https://www.oracle.com/security-alerts/cpujan2024verbose.html
|
46
| Oracle ZFS Storage Appliance 安全漏洞
| CNNVD-202401-1658
| CVE-2023-21833
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
47
| Oracle MySQL 安全漏洞
| CNNVD-202401-1661
| CVE-2024-20984
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
48
| Oracle MySQL 安全漏洞
| CNNVD-202401-1662
| CVE-2024-20982
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
49
| Oracle MySQL 安全漏洞
| CNNVD-202401-1663
| CVE-2024-20968
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
50
| Oracle MySQL 安全漏洞
| CNNVD-202401-1664
| CVE-2024-20978
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
51
| Oracle MySQL 安全漏洞
| CNNVD-202401-1665
| CVE-2024-20976
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
52
| Oracle MySQL 安全漏洞
| CNNVD-202401-1666
| CVE-2024-20974
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
53
| Oracle MySQL 安全漏洞
| CNNVD-202401-1667
| CVE-2024-20972
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
54
| Oracle MySQL 安全漏洞
| CNNVD-202401-1668
| CVE-2024-20970
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
55
| Oracle MySQL 安全漏洞
| CNNVD-202401-1669
| CVE-2024-20966
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
56
| Oracle MySQL 安全漏洞
| CNNVD-202401-1670
| CVE-2024-20960
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
57
| Oracle MySQL 安全漏洞
| CNNVD-202401-1671
| CVE-2024-20962
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
58
| Oracle MySQL 安全漏洞
| CNNVD-202401-1672
| CVE-2024-20964
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
59
| Oracle JD Edwards Products 安全漏洞
| CNNVD-202401-1676
| CVE-2024-20937
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
60
| Oracle Business Intelligence Enterprise Edition 安全漏洞
| CNNVD-202401-1677
| CVE-2024-20913
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
61
| Oracle BI Publisher 安全漏洞
| CNNVD-202401-1678
| CVE-2024-20980
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
62
| Oracle Fusion Middleware 安全漏洞
| CNNVD-202401-1679
| CVE-2024-20986
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
63
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1683
| CVE-2024-20939
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
64
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1684
| CVE-2024-20915
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
65
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1685
| CVE-2024-20943
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
66
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1686
| CVE-2024-20958
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
67
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1687
| CVE-2024-20907
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
68
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1688
| CVE-2024-20947
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
69
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1689
| CVE-2024-20941
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
70
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1690
| CVE-2024-20935
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
71
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1691
| CVE-2024-20933
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
72
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1692
| CVE-2024-20951
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
73
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1693
| CVE-2024-20949
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
74
| Oracle E-Business Suite 安全漏洞
| CNNVD-202401-1694
| CVE-2024-20929
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
75
| Oracle Database Server 安全漏洞
| CNNVD-202401-1697
| CVE-2024-20903
| 中危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
76
| Oracle JD Edwards Products 安全漏洞
| CNNVD-202401-1533
| CVE-2024-20957
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
77
| Oracle部分产品 安全漏洞
| CNNVD-202401-1534
| CVE-2024-20955
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
78
| Oracle部分产品 安全漏洞
| CNNVD-202401-1556
| CVE-2024-20922
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
79
| Oracle Solaris 安全漏洞
| CNNVD-202401-1557
| CVE-2024-20920
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
80
| Oracle ZFS Storage Appliance 安全漏洞
| CNNVD-202401-1569
| CVE-2024-20914
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
81
| Oracle Audit Vault and Database Firewall 安全漏洞
| CNNVD-202401-1571
| CVE-2024-20912
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
82
| Oracle Audit Vault and Database Firewall 安全漏洞
| CNNVD-202401-1575
| CVE-2024-20910
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
83
| Oracle Java SE和Oracle GraalVM 安全漏洞
| CNNVD-202401-1673
| CVE-2024-20925
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
84
| Oracle JD Edwards Products 安全漏洞
| CNNVD-202401-1674
| CVE-2024-20905
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
85
| Oracle部分产品 安全漏洞
| CNNVD-202401-1675
| CVE-2024-20923
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
86
| Oracle Audit Vault and Database Firewall 安全漏洞
| CNNVD-202401-1695
| CVE-2024-20911
| 低危
| https://www.oracle.com/security-alerts/cpujan2024.html
|
序号
| 漏洞名称
| CNNVD编号
| CVE编号
| 危害等级
| 厂商
| 官方链接
|
1
| Dell BSAFE Micro Edition Suite和Dell BSAFE 输入验证错误漏洞
| CNNVD-202207-838
| CVE-2020-29508
| 超危
| Dell
| https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities
|
2
| Dell BSAFE 安全特征问题漏洞
| CNNVD-202207-834
| CVE-2020-35163
| 超危
| Dell
| https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities
|
3
| Dell BSAFE 安全漏洞
| CNNVD-202207-832
| CVE-2020-35166
| 超危
| Dell
| https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities
|
4
| Dell BSAFE 安全漏洞
| CNNVD-202207-831
| CVE-2020-35167
| 超危
| Dell
| https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities
|
5
| Dell BSAFE 安全漏洞
| CNNVD-202207-828
| CVE-2020-35168
| 超危
| Dell
| https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities
|
6
| H2database代码问题漏洞
| CNNVD-202201-572
| CVE-2021-42392
| 超危
| 个人开发者
| https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
|
7
| Sanitize 输入验证错误漏洞
| CNNVD-202110-1259
| CVE-2021-42575
| 超危
| 个人开发者
| https://owasp.org/www-project-java-html-sanitizer/
|
8
| Mozilla Network Security Services 缓冲区错误漏洞
| CNNVD-202112-002
| CVE-2021-43527
| 超危
| Mozilla基金会
| https://packetstormsecurity.com/files/165110/NSS-Signature-Validation-Memory-Corruption.html
|
9
| GNU Libtasn1 缓冲区错误漏洞
| CNNVD-202210-1689
| CVE-2021-46848
| 超危
| GNU基金会
| https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5
|
10
| SnakeYAML 代码问题漏洞
| CNNVD-202212-1820
| CVE-2022-1471
| 超危
| 个人开发者
| https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
|
11
| H2Console 参数注入漏洞
| CNNVD-202201-1749
| CVE-2022-23221
| 超危
| 个人开发者
| https://github.com/h2database/h2database/releases/tag/version-2.1.210
|
12
| OpenLDAP SQL注入漏洞
| CNNVD-202205-2146
| CVE-2022-29155
| 超危
| Openldap基金会
| https://bugs.openldap.org/show_bug.cgi?id=9815
|
13
| VMware Spring Security 安全漏洞
| CNNVD-202210-2599
| CVE-2022-31692
| 超危
| VMware
| https://tanzu.vmware.com/security/cve-2022-31692
|
14
| Scala 代码问题漏洞
| CNNVD-202209-2463
| CVE-2022-36944
| 超危
| Scala
| https://www.scala-lang.org/download/
|
15
| zlib 缓冲区错误漏洞
| CNNVD-202208-2276
| CVE-2022-37434
| 超危
| 个人开发者
| https://github.com/madler/zlib/
|
16
| Apache Commons Text 代码注入漏洞
| CNNVD-202210-790
| CVE-2022-42889
| 超危
| Apache基金会
| https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
|
17
| Apache Commons BCEL 缓冲区错误漏洞
| CNNVD-202211-2199
| CVE-2022-42920
| 超危
| Apache基金会
| https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4
|
18
| Apache Derby 注入漏洞
| CNNVD-202311-1655
| CVE-2022-46337
| 超危
| Apache基金会
| https://lists.apache.org/thread/q23kvvtoohgzwybxpwozmvvk17rp0td3
|
19
| BusyBox 缓冲区错误漏洞
| CNNVD-202208-4625
| CVE-2022-48174
| 超危
| 个人开发者
| https://bugs.busybox.net/show_bug.cgi?id=15216
|
20
| Node.js 安全漏洞
| CNNVD-202308-1703
| CVE-2023-32002
| 超危
| 个人开发者
| https://nodejs.org/en
|
21
| SQLite 代码注入漏洞
| CNNVD-202305-2084
| CVE-2023-32697
| 超危
| SQLite
| https://github.com/xerial/sqlite-jdbc/security/advisories/GHSA-6phf-6h5g-97j2
|
22
| VMware Spring Security 安全漏洞
| CNNVD-202307-1680
| CVE-2023-34034
| 超危
| VMware
| https://spring.io/security/cve-2023-34034
|
23
| PHP 缓冲区错误漏洞
| CNNVD-202308-1102
| CVE-2023-3824
| 超危
| PHP
| https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv
|
24
| curl 缓冲区错误漏洞
| CNNVD-202310-917
| CVE-2023-38545
| 超危
| curl
| https://github.com/curl/curl/commit/fb4415d8aee6c1
|
25
| Google Go 代码注入漏洞
| CNNVD-202309-669
| CVE-2023-39320
| 超危
| Google
| https://github.com/golang/go/issues/62198
|
26
| Apache ZooKeeper 安全漏洞
| CNNVD-202310-856
| CVE-2023-44981
| 超危
| Apache基金会
| https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b
|
27
| Apache ActiveMQ 代码问题漏洞
| CNNVD-202310-2332
| CVE-2023-46604
| 超危
| Apache基金会
| https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
|
28
| Apache Arrow 代码问题漏洞
| CNNVD-202311-735
| CVE-2023-47248
| 超危
| Apache基金会
| https://lists.apache.org/thread/yhy7tdfjf9hrl9vfrtzo8p2cyjq87v7n
|
29
| HtmlUnit 安全漏洞
| CNNVD-202312-267
| CVE-2023-49093
| 超危
| HtmlUnit
| https://www.htmlunit.org/changes-report.html#a3.9
|
30
| Apache Struts 安全漏洞
| CNNVD-202312-546
| CVE-2023-50164
| 超危
| Apache基金会
| https://struts.apache.org/download.cgi#struts-ga
|
31
| Apache Commons Beanutils 代码问题漏洞
| CNNVD-201908-1140
| CVE-2019-10086
| 高危
| debian
| https://issues.apache.org/jira/browse/BEANUTILS-520
|
32
| Dell BSAFE 安全漏洞
| CNNVD-202207-833
| CVE-2020-35164
| 高危
| Dell
| https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities
|
33
| VMware Spring Cloud Config 路径遍历漏洞
| CNNVD-202006-075
| CVE-2020-5410
| 高危
| Vmware
| https://tanzu.vmware.com/security/cve-2020-5410
|
34
| CodeMirror 资源管理错误漏洞
| CNNVD-202010-1679
| CVE-2020-7760
| 高危
| Codemirror
| https://github.com/codemirror/CodeMirror/commit/55d0333907117c9231ffdf555ae8824705993bbb
|
35
| Google Android 信任管理问题漏洞
| CNNVD-202102-128
| CVE-2021-0341
| 高危
| Google
| https://source.android.com/security/bulletin/2021-02-01
|
36
| JDOM 代码问题漏洞
| CNNVD-202106-1323
| CVE-2021-33813
| 高危
| 个人开发者
| https://github.com/hunterhacker/jdom。
|
37
| Apache Commons Compress 安全漏洞
| CNNVD-202107-896
| CVE-2021-35515
| 高危
| Apache基金会
| https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E
|
38
| Apache Commons Compress 安全漏洞
| CNNVD-202107-897
| CVE-2021-35516
| 高危
| Apache基金会
| https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E
|
39
| Apache Commons Compress 安全漏洞
| CNNVD-202107-898
| CVE-2021-35517
| 高危
| Apache基金会
| https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E
|
40
| Apache Commons Compress 安全漏洞
| CNNVD-202107-899
| CVE-2021-36090
| 高危
| Apache基金会
| https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E
|
41
| Apache Log4j 代码问题漏洞
| CNNVD-202112-1011
| CVE-2021-4104
| 高危
| Apache基金会
| https://logging.apache.org/log4j/2.x/security.html
|
42
| npm jquery-validation 安全漏洞
| CNNVD-202206-318
| CVE-2021-43306
| 高危
| 个人开发者
| https://www.npmjs.com/package/jquery-validation
|
43
| Spring Cloud 安全漏洞
| CNNVD-202206-2126
| CVE-2022-22979
| 高危
| Spring
| https://tanzu.vmware.com/security/cve-2022-22979
|
44
| nekohtml资源管理错误漏洞
| CNNVD-202204-2918
| CVE-2022-24839
| 高危
| 个人开发者
| https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d
|
45
| gson 代码问题漏洞
| CNNVD-202205-1791
| CVE-2022-25647
| 高危
| 个人开发者
| https://github.com/google/gson/pull/1991/files
|
46
| jquery-validation 安全漏洞
| CNNVD-202207-1332
| CVE-2022-31147
| 高危
| 个人开发者
| https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-ffmh-x56j-9rc3
|
47
| VMware Spring Security 安全漏洞
| CNNVD-202210-2598
| CVE-2022-31690
| 高危
| VMware
| https://tanzu.vmware.com/security/cve-2022-31690
|
48
| Apache Xalan 输入验证错误漏洞
| CNNVD-202207-1617
| CVE-2022-34169
| 高危
| Apache基金会
| https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw
|
49
| NSS 安全漏洞
| CNNVD-202210-947
| CVE-2022-3479
| 高危
| Mozilla基金会
| https://bugzilla.mozilla.org/show_bug.cgi?id=1774654
|
50
| Google protobuf 安全漏洞
| CNNVD-202212-2865
| CVE-2022-3510
| 高危
| Google
| https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48
|
51
| OpenSSL 缓冲区错误漏洞
| CNNVD-202210-2605
| CVE-2022-3602
| 高危
| OpenSSL团队
| https://www.openssl.org/news/secadv/20221101.txt
|
52
| OpenSSL 安全漏洞
| CNNVD-202210-2604
| CVE-2022-3786
| 高危
| OpenSSL团队
| https://www.openssl.org/news/secadv/20221101.txt
|
53
| XStream 缓冲区错误漏洞
| CNNVD-202209-1230
| CVE-2022-40152
| 高危
| XStream
| https://github.com/x-stream/xstream/issues/304
|
54
| PCRE2 输入验证错误漏洞
| CNNVD-202307-1523
| CVE-2022-41409
| 高危
| PCRE2Project
| https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35
|
55
| Apache XML Graphics Batik 代码问题漏洞
| CNNVD-202210-1712
| CVE-2022-41704
| 高危
| Apache基金会
| https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf
|
56
| FasterXML jackson-databind 代码问题漏洞
| CNNVD-202210-007
| CVE-2022-42003
| 高危
| FasterXML
| https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33
|
57
| FasterXML jackson-databind 代码问题漏洞
| CNNVD-202210-006
| CVE-2022-42004
| 高危
| FasterXML
| https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88
|
58
| Apache XML Graphics Batik 代码问题漏洞
| CNNVD-202210-1707
| CVE-2022-42890
| 高危
| Apache基金会
| https://lists.apache.org/thread/pkvhy0nsj1h1mlon008wtzhosbtxjwly
|
59
| OpenSSL 资源管理错误漏洞
| CNNVD-202302-510
| CVE-2022-4450
| 高危
| OpenSSL
| https://www.openssl.org/news/secadv/20230207.txt
|
60
| Apache XML Graphics Batik 代码问题漏洞
| CNNVD-202308-1802
| CVE-2022-44729
| 高危
| Apache基金会
| https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2
|
61
| H2database 安全漏洞
| CNNVD-202211-3421
| CVE-2022-45868
| 高危
| 个人开发者
| https://github.com/h2database/h2database/
|
62
| Apache Ivy 代码问题漏洞
| CNNVD-202308-1684
| CVE-2022-46751
| 高危
| Apache基金会
| https://lists.apache.org/thread/1dj60hg5nr36kjr4p1100dwjrqookps8
|
63
| SQLite 安全漏洞
| CNNVD-202212-2843
| CVE-2022-46908
| 高危
| 个人开发者
| https://sqlite.org/src/info/cefc032473ac5ad2
|
64
| OpenSSL 信任管理问题漏洞
| CNNVD-202303-1681
| CVE-2023-0464
| 高危
| OpenSSL
| https://www.openssl.org/news/secadv/20230322.txt
|
65
| Red Hat JBoss Enterprise Application Platform 安全漏洞
| CNNVD-202303-798
| CVE-2023-1108
| 高危
| Red Hat
| https://github.com/ICEPAY/REST-API-NET/commit/61f6b8758e5c971abff5f901cfa9f231052b775f
|
66
| netplex json-smart 安全漏洞
| CNNVD-202303-1658
| CVE-2023-1370
| 高危
| netplex
| https://netplex.github.io/json-smart/
|
67
| Jettison 安全漏洞
| CNNVD-202303-1656
| CVE-2023-1436
| 高危
| Jettison
| https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
|
68
| Spring Framework 资源管理错误漏洞
| CNNVD-202305-2284
| CVE-2023-20883
| 高危
| Spring
| https://spring.io/security/cve-2023-20883
|
69
| Apache Commons FileUpload 安全漏洞
| CNNVD-202302-1610
| CVE-2023-24998
| 高危
| Apache基金会
| https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy
|
70
| Apache Kafka 代码问题漏洞
| CNNVD-202302-515
| CVE-2023-25194
| 高危
| Apache基金会
| https://lists.apache.org/thread/vy1c7fqcdqvq5grcqp6q5jyyb302khyz
|
71
| OpenCV 代码问题漏洞
| CNNVD-202305-852
| CVE-2023-2617
| 高危
| OpenCV
| https://github.com/opencv/opencv_contrib/pull/3480
|
72
| OpenCV 安全漏洞
| CNNVD-202305-851
| CVE-2023-2618
| 高危
| OpenCV
| https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6
|
73
| Intel oneAPI Toolkits 代码问题漏洞
| CNNVD-202308-1031
| CVE-2023-28823
| 高危
| Intel
| http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html
|
74
| Google Guava 安全漏洞
| CNNVD-202306-1141
| CVE-2023-2976
| 高危
| Google
| https://github.com/google/guava
|
75
| Flask 安全漏洞
| CNNVD-202305-091
| CVE-2023-30861
| 高危
| Pallets
| https://github.com/pallets/flask/releases/tag/2.3.2
|
76
| Apache HTTP Server 缓冲区错误漏洞
| CNNVD-202310-1640
| CVE-2023-31122
| 高危
| Apache基金会
| https://httpd.apache.org/security/vulnerabilities_24.html
|
77
| Comprehensive Perl Archive Network 信任管理问题漏洞
| CNNVD-202304-2326
| CVE-2023-31484
| 高危
| CPAN
| https://github.com/andk/cpanpm/releases/tag/2.35
|
78
| HTTP::Tiny 信任管理问题漏洞
| CNNVD-202304-2318
| CVE-2023-31486
| 高危
| Perldoc
| https://perldoc.perl.org/HTTP::Tiny
|
79
| jose4j 安全特征问题漏洞
| CNNVD-202310-2110
| CVE-2023-31582
| 高危
| 个人开发者
| https://bitbucket.org/b_c/jose4j/commits/1929fe3
|
80
| Node.js 安全漏洞
| CNNVD-202308-1336
| CVE-2023-32006
| 高危
| Nodejs
| https://nodejs.org/en/blog/vulnerability/august-2023-security-releases
|
81
| Node.js 安全漏洞
| CNNVD-202308-1984
| CVE-2023-32559
| 高危
| 个人开发者
| https://nodejs.org/en/blog/vulnerability/august-2023-security-releases
|
82
| Spring Framework 安全漏洞
| CNNVD-202311-2123
| CVE-2023-34053
| 高危
| Spring团队
| https://github.com/spring-projects/spring-framework/releases/tag/v6.0.
|
83
| snappy-java 输入验证错误漏洞
| CNNVD-202306-1200
| CVE-2023-34453
| 高危
| 个人开发者
| https://github.com/xerial/snappy-java/security/advisories/GHSA-pqr6-cmr2-h8hf
|
84
| snappy-java 输入验证错误漏洞
| CNNVD-202306-1198
| CVE-2023-34454
| 高危
| 个人开发者
| https://github.com/xerial/snappy-java/security/advisories/GHSA-fjpj-2g6w-x25r
|
85
| Snappy 输入验证错误漏洞
| CNNVD-202306-1248
| CVE-2023-34455
| 高危
| 个人开发者
| https://github.com/xerial/snappy-java/security/advisories/GHSA-qcwq-55hx-v3vh
|
86
| htmlcleaner 缓冲区错误漏洞
| CNNVD-202306-1106
| CVE-2023-34624
| 高危
| 个人开发者
| https://github.com/amplafi/htmlcleaner/issues/13
|
87
| Apache Tomcat 安全漏洞
| CNNVD-202306-1525
| CVE-2023-34981
| 高危
| Apache基金会
| https://lists.apache.org/thread/j1ksjh9m9gx1q60rtk1sbzmxhvj5h5qz
|
88
| Jenkins 跨站请求伪造漏洞
| CNNVD-202306-1089
| CVE-2023-35141
| 高危
| Jenkins
| https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3135
|
89
| Okio 安全漏洞
| CNNVD-202307-1161
| CVE-2023-3635
| 高危
| square
| https://github.com/square/okio/commit/81bce1a30af244550b0324597720e4799281da7b
|
90
| Eclipse Jetty 资源管理错误漏洞
| CNNVD-202310-691
| CVE-2023-36478
| 高危
| Eclipse基金会
| https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r
|
91
| Python 安全漏洞
| CNNVD-202306-1804
| CVE-2023-36632
| 高危
| Python基金会
| https://docs.python.org/3/library/email.html
|
92
| HCL BigFix Platform 输入验证错误漏洞
| CNNVD-202310-848
| CVE-2023-37536
| 高危
| HCL Technologies
| https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107791
|
93
| curl 安全漏洞
| CNNVD-202309-1067
| CVE-2023-38039
| 高危
| curl
| https://github.com/curl/curl
|
94
| PHP 代码问题漏洞
| CNNVD-202308-1104
| CVE-2023-3823
| 高危
| PHP
| https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr
|
95
| python-cryptography 信任管理问题漏洞
| CNNVD-202307-1332
| CVE-2023-38325
| 高危
| Cryptographic团队
| https://github.com/pyca/cryptography/issues/9207
|
96
| Google Golang 安全漏洞
| CNNVD-202309-663
| CVE-2023-39321
| 高危
| Google
| https://github.com/golang/go/issues/62266
|
97
| Google Go 安全漏洞
| CNNVD-202309-662
| CVE-2023-39322
| 高危
| Google
| https://github.com/golang/go/issues/62266
|
98
| Apache Avro 代码问题漏洞
| CNNVD-202309-2636
| CVE-2023-39410
| 高危
| Apache基金会
| https://lists.apache.org/thread/q142wj99cwdd0jo5lvdoxzoymlqyjdds
|
99
| MIT Kerberos 资源管理错误漏洞
| CNNVD-202308-1454
| CVE-2023-39975
| 高危
| MIT
| https://github.com/krb5/krb5/commit/88a1701b423c13991a8064feeb26952d3641d840
|
100
| Eclipse Parsson 安全漏洞
| CNNVD-202311-268
| CVE-2023-4043
| 高危
| Eclipse基金会
| https://github.com/eclipse-ee4j/parsson/commit/9dd5ad5f871f7b93654073a3f8ce3e1d9b8d9b31
|
101
| Python 代码问题漏洞
| CNNVD-202308-1930
| CVE-2023-41105
| 高危
| Python基金会
| https://github.com/python/cpython/pull/107982
|
102
| Jenkins 安全漏洞
| CNNVD-202309-1972
| CVE-2023-43496
| 高危
| Jenkins
| https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072
|
103
| Jenkins 代码问题漏洞
| CNNVD-202309-1971
| CVE-2023-43497
| 高危
| Jenkins
| https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3073
|
104
| Jenkins 安全漏洞
| CNNVD-202309-1970
| CVE-2023-43498
| 高危
| Jenkins
| https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3073
|
105
| Apache HTTP Server 资源管理错误漏洞
| CNNVD-202310-1641
| CVE-2023-43622
| 高危
| Apache基金会
| https://httpd.apache.org/security/vulnerabilities_24.html
|
106
| Snappy 安全漏洞
| CNNVD-202309-2204
| CVE-2023-43642
| 高危
| 个人开发者
| https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv
|
107
| Apache HTTP/2 资源管理错误漏洞
| CNNVD-202310-667
| CVE-2023-44487
| 高危
| Apache基金会
| https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
|
108
| Apache Tomcat 环境问题漏洞
| CNNVD-202311-2168
| CVE-2023-46589
| 高危
| Apache基金会
| https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
|
109
| glibc 缓冲区错误漏洞
| CNNVD-202310-197
| CVE-2023-4911
| 高危
| GNU社区
| https://www.gnu.org/software/libc/
|
110
| JSON-Java 安全漏洞
| CNNVD-202310-951
| CVE-2023-5072
| 高危
| 个人开发者
| https://github.com/stleary/JSON-java/
|
111
| OpenSSL 安全漏洞
| CNNVD-202310-1871
| CVE-2023-5363
| 高危
| OpenSSL团队
| https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d
|
112
| Junit 信息泄露漏洞
| CNNVD-202010-445
| CVE-2020-15250
| 中危
| 个人开发者
| https://github.com/junit-team/junit4/blob/7852b90cfe1cea1e0cdaa19d490c83f0d8684b50/doc/ReleaseNotes4.13.1.md
|
113
| DOMPurify 跨站脚本漏洞
| CNNVD-202010-199
| CVE-2020-26870
| 中危
| 个人开发者
| https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d
|
114
| Vmware Spring Framework 安全漏洞
| CNNVD-202009-1050
| CVE-2020-5421
| 中危
| Vmware
| https://tanzu.vmware.com/security/cve-2020-5421
|
115
| Apache Commons IO 路径遍历漏洞
| CNNVD-202104-702
| CVE-2021-29425
| 中危
| Apache基金会
| https://issues.apache.org/jira/browse/IO-556
|
116
| Apache Commons Net 输入验证错误漏洞
| CNNVD-202212-2188
| CVE-2021-37533
| 中危
| Apache基金会
| https://lists.apache.org/thread/o6yn9r9x6s94v97264hmgol1sf48mvx7
|
117
| jQuery 跨站脚本漏洞
| CNNVD-202110-1843
| CVE-2021-41182
| 中危
| 个人开发者
| https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc
|
118
| jQuery 跨站脚本漏洞
| CNNVD-202110-1839
| CVE-2021-41183
| 中危
| 个人开发者
| https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4
|
119
| Openjs Jquery Ui 跨站脚本漏洞
| CNNVD-202110-1845
| CVE-2021-41184
| 中危
| Openjs基金会
| https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327
|
120
| Vmware Spring Framework 安全漏洞
| CNNVD-202203-2333
| CVE-2022-22950
| 中危
| VMware
| https://tanzu.vmware.com/security/cve-2022-22950
|
121
| Pivotal Spring Security OAuth 资源管理错误漏洞
| CNNVD-202204-3951
| CVE-2022-22969
| 中危
| Pivotal
| https://tanzu.vmware.com/security/cve-2022-22969
|
122
| Apache Portable Runtime 输入验证错误漏洞
| CNNVD-202301-2414
| CVE-2022-25147
| 中危
| Apache基金会
| https://lists.apache.org/thread/np5gjqlohc4f62lr09vrn61vl44cylh8
|
123
| jQuery 跨站脚本漏洞
| CNNVD-202207-2121
| CVE-2022-31160
| 中危
| 个人开发者
| https://github.com/jquery/jquery-ui/security/advisories/GHSA-h6gj-6jjq-h8g9
|
124
| jsoup 跨站脚本漏洞
| CNNVD-202208-4329
| CVE-2022-36033
| 中危
| 个人开发者
| https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
|
125
| Matthäus G. Chajdas pygments 代码问题漏洞
| CNNVD-202307-1683
| CVE-2022-40896
| 中危
| Matthäus G. Chajdas
| https://pypi.org/project/Pygments/
|
126
| OpenSSL 安全漏洞
| CNNVD-202302-514
| CVE-2022-4304
| 中危
| OpenSSL
| https://www.openssl.org/news/secadv/20230207.txt
|
127
| Apache XML Graphics Batik 代码问题漏洞
| CNNVD-202308-1801
| CVE-2022-44730
| 中危
| Apache基金会
| https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0
|
128
| OpenSSL 信任管理问题漏洞
| CNNVD-202303-2432
| CVE-2023-0465
| 中危
| OpenSSL
| https://www.openssl.org/news/secadv/20230328.txt
|
129
| OpenSSL 信任管理问题漏洞
| CNNVD-202303-2431
| CVE-2023-0466
| 中危
| OpenSSL
| https://www.openssl.org/news/secadv/20230328.txt
|
130
| Spring Framework 安全漏洞
| CNNVD-202304-1094
| CVE-2023-20863
| 中危
| Spring
| https://spring.io/security/cve-2023-20863
|
131
| libssh 授权问题漏洞
| CNNVD-202305-2087
| CVE-2023-2283
| 中危
| libssh
| https://www.debian.org/security/2023/
|
132
| cryptography 代码问题漏洞
| CNNVD-202302-523
| CVE-2023-23931
| 中危
| Cryptographic
| https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r
|
133
| OpenSSL 安全漏洞
| CNNVD-202305-2503
| CVE-2023-2650
| 中危
| OpenSSL
| https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a
|
134
| Intel oneAPI Toolkits 安全漏洞
| CNNVD-202308-1047
| CVE-2023-27391
| 中危
| Intel
| http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html
|
135
| CKEditor 跨站脚本漏洞
| CNNVD-202303-1790
| CVE-2023-28439
| 中危
| CKEditor
| https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-vh5c-xwqv-cv9g
|
136
| libxml2 代码问题漏洞
| CNNVD-202304-908
| CVE-2023-28484
| 中危
| 个人开发者
| https://gitlab.gnome.org/GNOME/libxml2/-/commit/647e072ea0a2f12687fa05c172f4c4713fdb0c4f
|
137
| Ruby 安全漏洞
| CNNVD-202303-2412
| CVE-2023-28755
| 中危
| 个人开发者
| https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
|
138
| Ruby 安全漏洞
| CNNVD-202303-2720
| CVE-2023-28756
| 中危
| 个人开发者
| https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
|
139
| libxml2 资源管理错误漏洞
| CNNVD-202304-907
| CVE-2023-29469
| 中危
| 个人开发者
| https://gitlab.gnome.org/GNOME/libxml2/-/commit/09a2dd453007f9c7205274623acdd73747c22d64
|
140
| OpenSSL 授权问题漏洞
| CNNVD-202307-1295
| CVE-2023-2975
| 中危
| OpenSSL团队
| https://www.openssl.org/news/secadv/20230714.txt
|
141
| Bouncy Castle 信任管理问题漏洞
| CNNVD-202307-168
| CVE-2023-33201
| 中危
| Bouncy Castle
| https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc
|
142
| Spring Security 安全漏洞
| CNNVD-202307-1539
| CVE-2023-34035
| 中危
| Spring
| https://spring.io/security/cve-2023-34035
|
143
| VMware Spring Boot 安全漏洞
| CNNVD-202311-2124
| CVE-2023-34055
| 中危
| VMware
| https://github.com/spring-projects/spring-boot/releases/tag/v3.0.
|
144
| OpenSSL 安全漏洞
| CNNVD-202307-1681
| CVE-2023-3446
| 中危
| OpenSSL团队
| https://www.openssl.org/news/secadv/20230719.txt
|
145
| Netty 资源管理错误漏洞
| CNNVD-202306-1639
| CVE-2023-34462
| 中危
| Netty
| https://github.com/netty/netty/security/advisories/GHSA-6mjq-h674-j845
|
146
| Apache MINA 路径遍历漏洞
| CNNVD-202307-582
| CVE-2023-35887
| 中危
| Apache基金会
| https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2
|
147
| MIT Kerberos 缓冲区错误漏洞
| CNNVD-202308-488
| CVE-2023-36054
| 中危
| MIT
| https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd
|
148
| Eclipse Jetty 安全漏洞
| CNNVD-202309-1093
| CVE-2023-36479
| 中危
| Eclipse基金会
| https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j
|
149
| OpenSSL 安全漏洞
| CNNVD-202307-2314
| CVE-2023-3817
| 中危
| OpenSSL团队
| https://www.openssl.org/news/secadv/20230731.txt
|
150
| Jenkins 跨站脚本漏洞
| CNNVD-202307-2099
| CVE-2023-39151
| 中危
| Jenkins
| https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-3188
|
151
| Google Golang 跨站脚本漏洞
| CNNVD-202309-671
| CVE-2023-39318
| 中危
| Google
| https://github.com/golang/go/issues/62196
|
152
| Google Golang 跨站脚本漏洞
| CNNVD-202309-667
| CVE-2023-39319
| 中危
| Google
| https://github.com/golang/go/issues/62197
|
153
| Eclipse Jetty 安全漏洞
| CNNVD-202309-1102
| CVE-2023-40167
| 中危
| Eclipse基金会
| https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6
|
154
| Eclipse Jetty 安全漏洞
| CNNVD-202309-1113
| CVE-2023-41900
| 中危
| Eclipse基金会
| https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48
|
155
| Apache Commons Compress 资源管理错误漏洞
| CNNVD-202309-1000
| CVE-2023-42503
| 中危
| Apache基金会
| https://lists.apache.org/thread/5xwcyr600mn074vgxq92tjssrchmc93c
|
156
| Apache Tomcat 安全漏洞
| CNNVD-202310-717
| CVE-2023-42794
| 中危
| Apache基金会
| https://lists.apache.org/thread/vvbr2ms7lockj1hlhz5q3wmxb2mwcw82
|
157
| Apache Tomcat 安全漏洞
| CNNVD-202310-716
| CVE-2023-42795
| 中危
| Apache基金会
| https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw
|
158
| Jenkins 安全漏洞
| CNNVD-202309-1974
| CVE-2023-43494
| 中危
| Jenkins
| https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3261
|
159
| Jenkins 跨站脚本漏洞
| CNNVD-202309-1973
| CVE-2023-43495
| 中危
| Jenkins
| https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3245
|
160
| OWASP AntiSamy 跨站脚本漏洞
| CNNVD-202310-525
| CVE-2023-43643
| 中危
| OWASP基金会
| https://github.com/nahsra/antisamy/security/advisories/GHSA-pcf2-gh6g-h5r2
|
161
| Apache Santuario 日志信息泄露漏洞
| CNNVD-202310-1720
| CVE-2023-44483
| 中危
| Apache基金会
| https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55
|
162
| Apache Tomcat 输入验证错误漏洞
| CNNVD-202310-712
| CVE-2023-45648
| 中危
| Apache基金会
| https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp
|
163
| Apache HTTP Server 资源管理错误漏洞
| CNNVD-202310-1636
| CVE-2023-45802
| 中危
| Apache基金会
| https://httpd.apache.org/security/vulnerabilities_24.html
|
164
| OpenSSH 安全漏洞
| CNNVD-202312-1668
| CVE-2023-48795
| 中危
| OpenBSD
| https://www.openssh.com/openbsd.html
|
165
| Apache Tika 安全漏洞
| CNNVD-202206-2671
| CVE-2022-33879
| 低危
| Apache基金会
| https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh
|
166
| curl 安全漏洞
| CNNVD-202310-916
| CVE-2023-38546
| 低危
| curl
| https://github.com/curl/curl/releases
|
167
| Redis Labs Redis 安全漏洞
| CNNVD-202309-560
| CVE-2023-41053
| 低危
| Redis Labs
| https://github.com/redis/redis/commit/9e505e6cd842338424e05883521ca1fb7d0f47f6
|
168
| undici 信息泄露漏洞
| CNNVD-202310-953
| CVE-2023-45143
| 低危
| nodejs
| https://github.com/nodejs/undici/commit/e041de359221ebeae04c469e8aff4145764e6d76
|
169
| Redis Labs Redis 安全漏洞
| CNNVD-202310-1522
| CVE-2023-45145
| 低危
| Redis Labs
| https://github.com/redis/redis/security/advisories/GHSA-ghmp-889m-7cvx
|
吉公网安备 22017202000203号
