forked from EXP-Tools/threat-broadcast
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.html
2491 lines (2179 loc) · 107 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<!-- RELEASE TIME : 2023-03-02 22:26:40 -->
<html lang="zh-cn">
<head>
<meta charset="UTF-8" />
<meta name="robots" content="noarchive" />
<link rel="shortcut icon" href="https://exp-blog.com/favicon.png"/>
<meta name="author" content="EXP: www.exp-blog.com" />
<link rel="stylesheet" type="text/css" href="./css/page.css" />
<title>Threat-Broadcast</title>
</head>
<body class="html">
<div>
<br />
<h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="https://github.com/lyy289065406/threat-broadcast">威胁情报播报</a></h2>
<br />
<div>
<table id="360 网络安全响应中心" class="dataintable">
<tbody>
<tr>
<th width="22%">360 网络安全响应中心 [TOP 30]</th>
<th width="15%">CVES</th>
<th width="15%">TIME</th>
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>0b4545f346ae941fb86499887e937bfa</td>
<td></td>
<td>2023-02-27 06:56:34</td>
<td>安全事件周报 (02.20-02.26)</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=cac2c0ab8515d9851b511e619dc674e0">详情</a></td>
</tr>
<tr>
<td>24580b4fb69a1db8407211e2cb3464c9</td>
<td></td>
<td>2023-02-24 08:21:55</td>
<td>泛微e-cology9 SQL注入漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=6500aceea512f98f4e6d424bcd27c8e6">详情</a></td>
</tr>
<tr>
<td>4d1dee02cae7d8cde565f47645ac229b</td>
<td>CVE-2023-20858</td>
<td>2023-02-23 07:15:41</td>
<td>CVE-2023-20858:VMware Carbon Black App Control 远程代码执行漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=5d605d0ca5461a96ccfd9507699362a0">详情</a></td>
</tr>
<tr>
<td>bd7e6380055dd5778eb26c10474562a1</td>
<td>CVE-2023-23752</td>
<td>2023-02-21 08:50:11</td>
<td>CVE-2023-23752:Joomla未授权访问漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=d05cbf25a1c7333db7231ff27a06e0da">详情</a></td>
</tr>
<tr>
<td>5209a8ffed474d179b8a882d62ec3a80</td>
<td>CVE-2023-24998</td>
<td>2023-02-21 08:02:29</td>
<td>CVE-2023-24998:Apache Commons FileUpload拒绝服务漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=2a3f0605934ed7d0e81633ffcd691f95">详情</a></td>
</tr>
<tr>
<td>e4126033e6653e8f5d84595554a2ba3a</td>
<td>CVE-2023-23752</td>
<td>2023-02-21 07:01:19</td>
<td>CVE-2023-23752:Joomla未授权访问漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=bffc5b64005074f67bc47f508a2f30d2">详情</a></td>
</tr>
<tr>
<td>90fffab9d66d505311596a71af6abbb9</td>
<td></td>
<td>2023-02-20 09:55:02</td>
<td>安全事件周报 (02.13-02.19)</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=c0f9d88474d93ebf538a7750f64f9a61">详情</a></td>
</tr>
<tr>
<td>920484737cd9fc0121ce5697641c88f8</td>
<td>CVE-2021-42756</td>
<td>2023-02-20 08:20:26</td>
<td>CVE-2021-42756/CVE-2022-39952:Fortinet 多个漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=08705cd4ff6a7933e66543f88e084f0d">详情</a></td>
</tr>
<tr>
<td>ab482fa4d4be6a2f06a3f918ef245b7f</td>
<td>CVE-2023-25725</td>
<td>2023-02-17 07:03:52</td>
<td>HAProxy请求走私漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=0f5188e569fe5a758aa130ad8ec7c5fb">详情</a></td>
</tr>
<tr>
<td>e38bcb9d859fdc4496254a7425d4d8bc</td>
<td></td>
<td>2023-02-15 07:13:41</td>
<td>2023-02 补丁日: 微软多个漏洞安全更新通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=a74b467a75e6f41f8115541ad39c6373">详情</a></td>
</tr>
<tr>
<td>0df664a9520ae1e14777320ae303a2ed</td>
<td>CVE-2023-23529</td>
<td>2023-02-14 07:40:35</td>
<td>CVE-2023-23529:Apple WebKit任意代码执行漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=f454bc1e35a01d3033f375f9672bba89">详情</a></td>
</tr>
<tr>
<td>8b994ad3abb532605881c218362eb876</td>
<td></td>
<td>2023-02-13 07:06:33</td>
<td>安全事件周报 (02.06-02.12)</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=0324eee68ff0eb42d31d06c2ba6376fe">详情</a></td>
</tr>
<tr>
<td>0036b6a88492d925d854a83f63f00b97</td>
<td>CVE-2023-25194</td>
<td>2023-02-09 08:10:41</td>
<td>CVE-2023-25194:Apache Kafka Connect 远程代码执行漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=94ade46132097e89bbab1f4b2789de0c">详情</a></td>
</tr>
<tr>
<td>73006a657cd754e903cda6398499f2c3</td>
<td>CVE-2023-23477</td>
<td>2023-02-09 08:08:29</td>
<td>CVE-2023-23477:IBM WebSphere Application Server远程代码执行漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=f557c1c8c4f4f2d5058720d7fd81fdc0">详情</a></td>
</tr>
<tr>
<td>e6486742b816640aa8af5fa8d5251384</td>
<td>CVE-2023-22501</td>
<td>2023-02-07 02:28:13</td>
<td>CVE-2023-22501:Jira 身份验证漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=c214a8b1304cadf5b0bc47f6a08e51c1">详情</a></td>
</tr>
<tr>
<td>8b8cbc9f09180e14d9beaf40f8a19e6f</td>
<td>CVE-2023-22501</td>
<td>2023-02-06 07:50:10</td>
<td>CVE-2023-22501:Jira Service Management Server/Data Center 身份验证漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=c214a8b1304cadf5b0bc47f6a08e51c1">详情</a></td>
</tr>
<tr>
<td>ffb82e0b05e6be8bd00a0cdf42ba19e2</td>
<td>CVE-2023-22374</td>
<td>2023-02-06 07:17:33</td>
<td>CVE-2023-22374:F5 BIG-IP任意代码执行漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=7b69c6dd67f6cf3315be9a93bcc9b183">详情</a></td>
</tr>
<tr>
<td>c384334adf1f843148bc09930920aa58</td>
<td></td>
<td>2023-02-06 06:56:22</td>
<td>安全事件周报 (01.30-02.05)</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=0421de226241da8d7d532f20f77c27ad">详情</a></td>
</tr>
<tr>
<td>56c9b0569afa478c5be2a04e83904aa8</td>
<td>CVE-2023-21608</td>
<td>2023-02-03 08:44:56</td>
<td>CVE-2023-21608:Adobe Acrobat Reader 任意代码执行漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=859e4f4c4042b744f5228a9f4e282439">详情</a></td>
</tr>
<tr>
<td>150fff028866ba5067dbaf07a084c079</td>
<td>CVE-2023-22482</td>
<td>2023-02-01 10:38:55</td>
<td>CVE-2023-22482/22736:Argo CD 身份验证绕过漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=f03322643c34cdb18ec225fbbf19aef2">详情</a></td>
</tr>
<tr>
<td>1a8d72f5cd0e1a73a61aaebc6814c14f</td>
<td>CVE-2023-22482</td>
<td>2023-02-01 10:26:08</td>
<td>CVE-2023-22482/22736:Argo CD 多个高危漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=f03322643c34cdb18ec225fbbf19aef2">详情</a></td>
</tr>
<tr>
<td>6ed300bb32e9b3dbcd13799721e33f21</td>
<td>CVE-2022-27596</td>
<td>2023-01-31 09:05:23</td>
<td>CVE-2022-27596:QNAP QTS/QuTS hero SQL注入漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=201743c2a8063a1a3bb110e3956ce1f1">详情</a></td>
</tr>
<tr>
<td>b1ba4c50be661b8759cbb4305b315eb0</td>
<td></td>
<td>2023-01-30 08:15:10</td>
<td>VMware vRealize Log Insight多个高危漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=72b434458054fe8f2a45ba4056119b93">详情</a></td>
</tr>
<tr>
<td>14c20963965e361ecb3dd34b1228eb8d</td>
<td>CVE-2023-23560</td>
<td>2023-01-30 08:13:40</td>
<td>CVE-2023-23560:Lexmark打印机服务器端请求伪造漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=7786c3f024ed972624088bcb5834b56b">详情</a></td>
</tr>
<tr>
<td>86918d8f318d68a2079e320a75c0220b</td>
<td></td>
<td>2023-01-19 08:24:18</td>
<td>2023-01 补丁日: Oracle多个产品漏洞安全风险通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=001cb5ec0d56c817ed6202004b6ba384">详情</a></td>
</tr>
<tr>
<td>29b3089137ef79c951aa6f60cb9b7122</td>
<td>CVE-2023-21839</td>
<td>2023-01-19 08:09:30</td>
<td>CVE-2023-21839:Oracle WebLogic Server 远程代码执行漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=8a82885405a8b29597ace7f2f37ec64c">详情</a></td>
</tr>
<tr>
<td>4208fa511ff172ebf734affdd050796e</td>
<td>CVE-2023-22602</td>
<td>2023-01-17 09:31:42</td>
<td>CVE-2023-22602:Apache Shiro身份认证绕过漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=e8afbbf9124804e0c81b82126b0c5c00">详情</a></td>
</tr>
<tr>
<td>62223983c51518a0ca7e9cbe9ea9b834</td>
<td></td>
<td>2023-01-16 09:08:54</td>
<td>安全事件周报 (01.09-01.13)</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=a2886baec64b83b970004869addab1af">详情</a></td>
</tr>
<tr>
<td>720f5cf7b6a29e3f2d483601ba801a5a</td>
<td>CVE-2023-21752</td>
<td>2023-01-12 08:45:47</td>
<td>CVE-2023-21752:Windows Backup Service权限提升漏洞通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=a03d9f175f1fe37ffaf00519e080833c">详情</a></td>
</tr>
<tr>
<td>2e5d630025b06426092cf8d8a1e16c8e</td>
<td></td>
<td>2023-01-11 06:46:24</td>
<td>2023-01 补丁日: 微软多个漏洞安全更新通告</td>
<td><a target="_blank" href="https://cert.360.cn/warning/detail?id=a6068120fd4e90d42cfaaabc397a7cbf">详情</a></td>
</tr>
</tbody>
</table>
</div>
<br />
<div>
<table id="Tenable (Nessus)" class="dataintable">
<tbody>
<tr>
<th width="22%">Tenable (Nessus) [TOP 30]</th>
<th width="15%">CVES</th>
<th width="15%">TIME</th>
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>c3725b1562a7a45e0c36caf5cbbe67a2</td>
<td>CVE-2023-26476</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 3.2-m3, users can deduce the content of the password fields by repeated call to `LiveTableResults` and `WikisLiveTableResultsMacros`. The issue can be fixed by upgrading to versions 14.7-rc-1, 13.4.4, or 13.10.9 and higher, or in version >= 3.2M3 by applying the patch manually on `LiveTableResults` and `WikisLiveTableResultsMacros`.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26476">详情</a></td>
</tr>
<tr>
<td>d149ff10a5e8e3b233ffffcd1a304118</td>
<td>CVE-2023-26475</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 2.3-milestone-1, the annotation displayer does not execute the content in a restricted context. This allows executing anything with the right of the author of any document by annotating the document. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. There is no easy workaround except to upgrade.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26475">详情</a></td>
</tr>
<tr>
<td>0c864335df74cf5ec6e39146f21e1934</td>
<td>CVE-2023-26474</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 13.10, it's possible to use the right of an existing document content author to execute a text area property. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11. There are no known workarounds.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26474">详情</a></td>
</tr>
<tr>
<td>b65a73d36b00ea369ce493d17f27a854</td>
<td>CVE-2023-26473</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 1.3-rc-1, any user with edit right can execute arbitrary database select and access data stored in the database. The problem has been patched in XWiki 13.10.11, 14.4.7, and 14.10. There is no workaround for this vulnerability other than upgrading.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26473">详情</a></td>
</tr>
<tr>
<td>4b158198891da3f983cf5e028346b91a</td>
<td>CVE-2023-26472</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 6.2-milestone-1, one can execute any wiki content with the right of IconThemeSheet author by creating an icon theme with certain content. This can be done by creating a new page or even through the user profile for users not having edit right. The issue has been patched in XWiki 14.9, 14.4.6, and 13.10.10. An available workaround is to fix the bug in the page `IconThemesCode.IconThemeSheet` by applying a modification from commit 48caf7491595238af2b531026a614221d5d61f38.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26472">详情</a></td>
</tr>
<tr>
<td>1bc95c94d2539d09cbbaf97f78396739</td>
<td>CVE-2023-26471</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 11.6-rc-1, comments are supposed to be executed with the right of superadmin but in restricted mode (anything dangerous is disabled), but the async macro does not take into account the restricted mode. This means that any user with comment right can use the async macro to make it execute any wiki content with the right of superadmin. This has been patched in XWiki 14.9, 14.4.6, and 13.10.10. The only known workaround consists of applying a patch and rebuilding and redeploying `org.xwiki.platform:xwiki-platform-rendering-async-macro`.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26471">详情</a></td>
</tr>
<tr>
<td>925e5c26fe98dbdbfbf6657ec2a1b157</td>
<td>CVE-2023-26470</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make the farm unusable by adding an object to a page with a huge number (e.g. 67108863). Most of the time this will fill the memory allocated to XWiki and make it unusable every time this document is manipulated. This issue has been patched in XWiki 14.0-rc-1.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26470">详情</a></td>
</tr>
<tr>
<td>98321e94d3ad8f18e8da8630c1eca54f</td>
<td>CVE-2023-26056</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known workarounds for this issue.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26056">详情</a></td>
</tr>
<tr>
<td>a550d0f2c25d15852fb6237baed6d801</td>
<td>CVE-2023-26055</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in all other places where short text properties are displayed, e.g., in apps created using Apps Within Minutes that use a short text field. The problem has been patched on versions 13.10.9, 14.4.4, 14.7RC1.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26055">详情</a></td>
</tr>
<tr>
<td>f2dbd95e9a77e4283b12e944e7d6dc41</td>
<td>CVE-2023-26052</td>
<td>2023-03-02 19:15:00 <img src="imgs/new.gif" /></td>
<td>Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests. This issue has been patched in versions 3.1.48, 3.7.59, 3.8.0, 3.9.27, 3.10.14 and 3.11.12.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26052">详情</a></td>
</tr>
<tr>
<td>49745e5c7cc0f43adf3e2c34279e1b91</td>
<td>CVE-2023-26480</td>
<td>2023-03-02 18:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 12.10, a user without script rights can introduce a stored cross-site scripting by using the Live Data macro. This has been patched in XWiki 14.9, 14.4.7, and 13.10.10. There are no known workarounds.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26480">详情</a></td>
</tr>
<tr>
<td>6d9bb9373e20259521122ed64972c12a</td>
<td>CVE-2023-26479</td>
<td>2023-03-02 18:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 6.0, users with write rights can insert well-formed content that is not handled well by the parser. As a consequence, some pages becomes unusable, including the user index (if the page containing the faulty content is a user page) and the page index. Note that on the page, the normal UI is completely missing and it is not possible to open the editor directly to revert the change as the stack overflow is already triggered while getting the title of the document. This means that it is quite difficult to remove this content once inserted. This has been patched in XWiki 13.10.10, 14.4.6, and 14.9-rc-1. A temporary workaround to avoid Stack Overflow errors is to increase the memory allocated to the stack by using the `-Xss` JVM parameter (e.g., `-Xss32m`). This should allow the parser to pass and to fix the faulty content. The consequences for other aspects of the system (e.g., performance) are unknown, and this workaround should be only be used as a temporary solution. The workaround does not prevent the issue occurring again with other content. Consequently, it is strongly advised to upgrade to a version where the issue has been patched.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26479">详情</a></td>
</tr>
<tr>
<td>2e88bb23ec2f0146ba6817f4c520e6ce</td>
<td>CVE-2023-26478</td>
<td>2023-03-02 18:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in version 14.3-rc-1, `org.xwiki.store.script.TemporaryAttachmentsScriptService#uploadTemporaryAttachment` returns an instance of `com.xpn.xwiki.doc.XWikiAttachment`. This class is not supported to be exposed to users without the `programing` right. `com.xpn.xwiki.api.Attachment` should be used instead and takes case of checking the user's rights before performing dangerous operations. This has been patched in versions 14.9-rc-1 and 14.4.6. There are no known workarounds for this issue.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26478">详情</a></td>
</tr>
<tr>
<td>eee606f2e2383dc1e4209628cf73b6da</td>
<td>CVE-2023-26477</td>
<td>2023-03-02 18:15:00 <img src="imgs/new.gif" /></td>
<td>XWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script macros via the `newThemeName` request parameter (URL parameter), in combination with additional parameters. This has been patched in the supported versions 13.10.10, 14.9-rc-1, and 14.4.6. As a workaround, it is possible to edit `FlamingoThemesCode.WebHomeSheet` and manually perform the changes from the patch fixing the issue.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26477">详情</a></td>
</tr>
<tr>
<td>9f1f24f76c4cc5789d0f6ed348cb0ae9</td>
<td>CVE-2023-1155</td>
<td>2023-03-02 18:15:00 <img src="imgs/new.gif" /></td>
<td>The Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the nd_cc_meta_box_cc_price_icon parameter in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-1155">详情</a></td>
</tr>
<tr>
<td>a6f4f16b8feed01c730b631cbd9d7b53</td>
<td>CVE-2023-1118</td>
<td>2023-03-02 18:15:00 <img src="imgs/new.gif" /></td>
<td>A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-1118">详情</a></td>
</tr>
<tr>
<td>4b6a7523a9365d2f0fc148ec53c4df4e</td>
<td>CVE-2022-38734</td>
<td>2023-03-02 18:15:00 <img src="imgs/new.gif" /></td>
<td>StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-38734">详情</a></td>
</tr>
<tr>
<td>f6ed31147689348f0c0406260d225265</td>
<td>CVE-2023-0085</td>
<td>2023-03-02 17:15:00 <img src="imgs/new.gif" /></td>
<td>The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass in versions up to, and including, 3.2.1. This is due to insufficient server side checking on the captcha value submitted during a form submission. This makes it possible for unauthenticated attackers to bypass Captcha restrictions and for attackers to utilize bots to submit forms.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-0085">详情</a></td>
</tr>
<tr>
<td>ef5f9d1569ffb8220fd939d5981f4dff</td>
<td>CVE-2023-26780</td>
<td>2023-03-02 16:15:00 <img src="imgs/new.gif" /></td>
<td>CleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-26780">详情</a></td>
</tr>
<tr>
<td>ed813df6d0963ee08782e9eb7cab5657</td>
<td>CVE-2023-25536</td>
<td>2023-03-02 16:15:00 <img src="imgs/new.gif" /></td>
<td>Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-25536">详情</a></td>
</tr>
<tr>
<td>637172daa9615490b1bb5913e5ead06c</td>
<td>CVE-2023-25363</td>
<td>2023-03-02 16:15:00 <img src="imgs/new.gif" /></td>
<td>A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-25363">详情</a></td>
</tr>
<tr>
<td>def9981a24000893eced418800804bb7</td>
<td>CVE-2023-25362</td>
<td>2023-03-02 16:15:00 <img src="imgs/new.gif" /></td>
<td>A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-25362">详情</a></td>
</tr>
<tr>
<td>ee6c49d9e1066f3f12b21c8a21dc445b</td>
<td>CVE-2023-25361</td>
<td>2023-03-02 16:15:00 <img src="imgs/new.gif" /></td>
<td>A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-25361">详情</a></td>
</tr>
<tr>
<td>7de4a66ed253cea7c947b6c7391387d9</td>
<td>CVE-2023-25360</td>
<td>2023-03-02 15:15:00 <img src="imgs/new.gif" /></td>
<td>A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-25360">详情</a></td>
</tr>
<tr>
<td>e69f32dd6ab8eb51a0e19748a3bf1d41</td>
<td>CVE-2023-25358</td>
<td>2023-03-02 15:15:00 <img src="imgs/new.gif" /></td>
<td>A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-25358">详情</a></td>
</tr>
<tr>
<td>fd39d0078102a01556d6db33d57ad2e4</td>
<td>CVE-2021-3854</td>
<td>2023-03-02 12:15:00 <img src="imgs/new.gif" /></td>
<td>Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-3854">详情</a></td>
</tr>
<tr>
<td>20193fe96f9e7c83f3f9c5ba1ec681f2</td>
<td>CVE-2021-45479</td>
<td>2023-03-02 09:15:00 <img src="imgs/new.gif" /></td>
<td>Improper Neutralization of Input During Web Page Generation vulnerability in Yordam Information Technologies Library Automation System allows Stored XSS.This issue affects Library Automation System: before 19.2.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-45479">详情</a></td>
</tr>
<tr>
<td>fce809338cb3766d31246cde48fe3c8b</td>
<td>CVE-2021-45478</td>
<td>2023-03-02 09:15:00 <img src="imgs/new.gif" /></td>
<td>Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-45478">详情</a></td>
</tr>
<tr>
<td>dc7b3f61ef862475133b15346962dd92</td>
<td>CVE-2021-45477</td>
<td>2023-03-02 09:15:00 <img src="imgs/new.gif" /></td>
<td>Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-45477">详情</a></td>
</tr>
<tr>
<td>6f123e9c9ede55e71a0cf0d56a5247b8</td>
<td>CVE-2023-1151</td>
<td>2023-03-02 07:15:00 <img src="imgs/new.gif" /></td>
<td>A vulnerability was found in SourceCodester Electronic Medical Records System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file administrator.php of the component Cookie Handler. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222163.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-1151">详情</a></td>
</tr>
</tbody>
</table>
</div>
<br />
<div>
<table id="国家信息安全漏洞共享平台(CNVD)" class="dataintable">
<tbody>
<tr>
<th width="22%">国家信息安全漏洞共享平台(CNVD) [TOP 30]</th>
<th width="15%">CVES</th>
<th width="15%">TIME</th>
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>8686fda9b2b49e4e1666b54e2248f935</td>
<td>CNVD-2021-74882</td>
<td>2021-11-14 16:43:52</td>
<td>四创科技有限公司建站系统存在SQL注入漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-74882">详情</a></td>
</tr>
<tr>
<td>8f6972d84ad188b05ff9cc14d4334949</td>
<td>CNVD-2021-87021 (CVE-2020-4690)</td>
<td>2021-11-12 12:43:14</td>
<td>IBM Security Guardium硬编码凭证漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87021">详情</a></td>
</tr>
<tr>
<td>3bfe7b053a0c59d8a3d38c18f86aa143</td>
<td>CNVD-2021-87022 (CVE-2021-38870)</td>
<td>2021-11-12 12:43:12</td>
<td>IBM Aspera跨站脚本漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87022">详情</a></td>
</tr>
<tr>
<td>a4649bb17f4db4d1c7f879ebceb46ed0</td>
<td>CNVD-2021-87011 (CVE-2021-29753)</td>
<td>2021-11-12 12:43:11</td>
<td>IBM Business Automation Workflow存在未明漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87011">详情</a></td>
</tr>
<tr>
<td>094c613f9ed4b8b9d887dc912789043c</td>
<td>CNVD-2021-87025 (CVE-2021-20563)</td>
<td>2021-11-12 12:43:10</td>
<td>IBM Sterling File Gateway信息泄露漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87025">详情</a></td>
</tr>
<tr>
<td>41c47f01a4c65dcb6efc9ebf483fe762</td>
<td>CNVD-2021-87010 (CVE-2021-38887)</td>
<td>2021-11-12 12:43:08</td>
<td>IBM InfoSphere Information Server信息泄露漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87010">详情</a></td>
</tr>
<tr>
<td>f51d33e7a09fd61ca90ede453515a830</td>
<td>CNVD-2021-87016 (CVE-2021-29764)</td>
<td>2021-11-12 12:43:07</td>
<td>IBM Sterling B2B Integrator跨站脚本漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87016">详情</a></td>
</tr>
<tr>
<td>33615a5f78df822e82e6d3436045c48c</td>
<td>CNVD-2021-87026 (CVE-2021-38877)</td>
<td>2021-11-12 12:43:06</td>
<td>IBM Jazz for Service Management跨站脚本漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87026">详情</a></td>
</tr>
<tr>
<td>8e729177bcb4105dd831fb1e123ed1bb</td>
<td>CNVD-2021-87014 (CVE-2021-29679)</td>
<td>2021-11-12 12:43:04</td>
<td>IBM Cognos Analytics远程代码执行漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87014">详情</a></td>
</tr>
<tr>
<td>1a3b856f78e9fbdca12aeddc7d665aca</td>
<td>CNVD-2021-87029 (CVE-2021-29752)</td>
<td>2021-11-12 12:43:03</td>
<td>IBM Db2信息泄露漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87029">详情</a></td>
</tr>
<tr>
<td>6f1aa3a0cb819d97519baa47fd0232d5</td>
<td>CNVD-2021-87015 (CVE-2021-29745)</td>
<td>2021-11-12 12:43:02</td>
<td>IBM Cognos Analytics权限提升漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-87015">详情</a></td>
</tr>
<tr>
<td>cbcb12f5f51d6e7d6d8a9fa581aa863a</td>
<td>CNVD-2021-73908</td>
<td>2021-11-11 16:42:44</td>
<td>泛微e-cology存在SQL注入漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-73908">详情</a></td>
</tr>
<tr>
<td>ae6fd467da55de31aa7219187cf5c2d4</td>
<td>CNVD-2021-86904 (CVE-2021-20351)</td>
<td>2021-11-11 08:31:46</td>
<td>IBM Engineering跨站脚本漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-86904">详情</a></td>
</tr>
<tr>
<td>412a15b40959ed9cf9330ee79f99e079</td>
<td>CNVD-2021-86903 (CVE-2021-31173)</td>
<td>2021-11-11 08:31:44</td>
<td>Microsoft SharePoint Server信息泄露漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-86903">详情</a></td>
</tr>
<tr>
<td>1cbc5d5faac431d3e82c9e5ea9588b5f</td>
<td>CNVD-2021-86902 (CVE-2021-31172)</td>
<td>2021-11-11 08:31:43</td>
<td>Microsoft SharePoint欺骗漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-86902">详情</a></td>
</tr>
<tr>
<td>686c7cfb20933b41c3d679cbba79a2ad</td>
<td>CNVD-2021-86901 (CVE-2021-31181)</td>
<td>2021-11-11 08:31:42</td>
<td>Microsoft SharePoint远程代码执行漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-86901">详情</a></td>
</tr>
<tr>
<td>72fdfb2d44c0d41d638e4632bdfc10b8</td>
<td>CNVD-2021-86900 (CVE-2021-3561)</td>
<td>2021-11-11 08:31:41</td>
<td>fig2dev缓冲区溢出漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-86900">详情</a></td>
</tr>
<tr>
<td>3ba6f0e9394f9414e2cadb9495e2d5f5</td>
<td>CNVD-2021-85884 (CVE-2021-41210)</td>
<td>2021-11-10 07:24:57</td>
<td>Google TensorFlow堆分配数组越界读取漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85884">详情</a></td>
</tr>
<tr>
<td>4d8c4744ea972fb2fcb9673fea1fc7b7</td>
<td>CNVD-2021-85883 (CVE-2021-41226)</td>
<td>2021-11-10 07:24:56</td>
<td>Google TensorFlow堆越界访问漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85883">详情</a></td>
</tr>
<tr>
<td>8778f9cd924cae585ca5e2e0b8be3b3f</td>
<td>CNVD-2021-85882 (CVE-2021-41224)</td>
<td>2021-11-10 07:24:54</td>
<td>Google TensorFlow堆越界访问漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85882">详情</a></td>
</tr>
<tr>
<td>e1b2722e6d5c509c680b584416d9cb20</td>
<td>CNVD-2021-85881 (CVE-2021-42770)</td>
<td>2021-11-10 07:24:53</td>
<td>OPNsense跨站脚本漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85881">详情</a></td>
</tr>
<tr>
<td>ed09c9fa5586e2d4d9b4e95fe3b447a0</td>
<td>CNVD-2021-85880 (CVE-2021-28024)</td>
<td>2021-11-10 07:24:52</td>
<td>ServiceTonic访问控制不当漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85880">详情</a></td>
</tr>
<tr>
<td>8a642f0922f7f915e81b2b947276a96c</td>
<td>CNVD-2021-85879 (CVE-2021-28023)</td>
<td>2021-11-10 07:24:50</td>
<td>ServiceTonic任意文件上传漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85879">详情</a></td>
</tr>
<tr>
<td>c00b061c2cfdee4016a869a188135db5</td>
<td>CNVD-2021-85878 (CVE-2021-28022)</td>
<td>2021-11-10 07:24:49</td>
<td>ServiceTonic SQL注入漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85878">详情</a></td>
</tr>
<tr>
<td>9c4b20a28ad2bd4ab916448f0e1272bd</td>
<td>CNVD-2021-85877 (CVE-2021-32483)</td>
<td>2021-11-10 07:24:48</td>
<td>Cloudera Manager不正确访问控制漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85877">详情</a></td>
</tr>
<tr>
<td>4d4423857b7b1f38e49738f00e8949ba</td>
<td>CNVD-2021-85876 (CVE-2021-32481)</td>
<td>2021-11-10 07:24:46</td>
<td>Cloudera Hue跨站脚本漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85876">详情</a></td>
</tr>
<tr>
<td>6b12b7fc216d603e8e07351603851c86</td>
<td>CNVD-2021-85875 (CVE-2021-29994)</td>
<td>2021-11-10 07:24:45</td>
<td>Cloudera Hue跨站脚本漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85875">详情</a></td>
</tr>
<tr>
<td>72894fb3a3538de240d2f6810aae63c9</td>
<td>CNVD-2021-85892 (CVE-2021-42701)</td>
<td>2021-11-10 02:38:27</td>
<td>DAQFactory中间人攻击漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85892">详情</a></td>
</tr>
<tr>
<td>94a1f99a64ba24540cc1594d0a0b3152</td>
<td>CNVD-2021-85893 (CVE-2021-42699)</td>
<td>2021-11-10 02:38:26</td>
<td>DAQFactory明文传输漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85893">详情</a></td>
</tr>
<tr>
<td>5d9bac33be8f2f88391f6de02fb89c73</td>
<td>CNVD-2021-85894 (CVE-2021-42698)</td>
<td>2021-11-10 02:38:24</td>
<td>DAQFactory反序列化漏洞</td>
<td><a target="_blank" href="https://www.cnvd.org.cn/flaw/show/CNVD-2021-85894">详情</a></td>
</tr>
</tbody>
</table>
</div>
<br />
<div>
<table id="国家信息安全漏洞库(CNNVD)" class="dataintable">
<tbody>
<tr>
<th width="22%">国家信息安全漏洞库(CNNVD) [TOP 30]</th>
<th width="15%">CVES</th>
<th width="15%">TIME</th>
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>56358b73280e18ed2eaf62bf4b7fba5f</td>
<td>CNNVD-202210-1696 (CVE-2021-44776)</td>
<td>2022-10-24 13:12:31</td>
<td>Lanner IAC-AST2500A 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1696">详情</a></td>
</tr>
<tr>
<td>07eddc3a7e5e3731956c02a50f538970</td>
<td>CNNVD-202210-1697 (CVE-2021-26732)</td>
<td>2022-10-24 13:12:29</td>
<td>Lanner IAC-AST2500A 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1697">详情</a></td>
</tr>
<tr>
<td>4b051d50f18e2bb4a1f272b12f873223</td>
<td>CNNVD-202210-1698 (CVE-2021-26731)</td>
<td>2022-10-24 13:12:27</td>
<td>Lanner IAC-AST2500A 缓冲区错误漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1698">详情</a></td>
</tr>
<tr>
<td>0d79d7ad89e7b6f52a89de2e3762a492</td>
<td>CNNVD-202210-1699 (CVE-2021-42010)</td>
<td>2022-10-24 13:12:25</td>
<td>Apache Heron 注入漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1699">详情</a></td>
</tr>
<tr>
<td>9596051a8fb75da90bf94bd495b53e94</td>
<td>CNNVD-202210-1700 (CVE-2021-26733)</td>
<td>2022-10-24 13:12:23</td>
<td>Lanner IAC-AST2500A 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1700">详情</a></td>
</tr>
<tr>
<td>883bec62dd4552d68130c0f925873e93</td>
<td>CNNVD-202210-1701 (CVE-2022-42432)</td>
<td>2022-10-24 13:12:22</td>
<td>Linux kernel 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1701">详情</a></td>
</tr>
<tr>
<td>755328fe5484ce3f71a4940d10f50b34</td>
<td>CNNVD-202210-1702 (CVE-2021-44769)</td>
<td>2022-10-24 13:12:20</td>
<td>Lanner IAC-AST2500A 输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1702">详情</a></td>
</tr>
<tr>
<td>9c53a984103cd446d6e447c12c9c66c6</td>
<td>CNNVD-202210-1703 (CVE-2021-44467)</td>
<td>2022-10-24 13:12:18</td>
<td>Lanner IAC-AST2500A 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1703">详情</a></td>
</tr>
<tr>
<td>30dfa903ed49845732fc6cef266206e9</td>
<td>CNNVD-202210-1704 (CVE-2022-41974)</td>
<td>2022-10-24 13:12:16</td>
<td>Red Hat device-mapper-multipath 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1704">详情</a></td>
</tr>
<tr>
<td>9c6324677d17c72db81aec2e1797791f</td>
<td>CNNVD-202210-1705 (CVE-2022-41973)</td>
<td>2022-10-24 13:12:14</td>
<td>Red Hat device-mapper-multipath 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1705">详情</a></td>
</tr>
<tr>
<td>4ec5a4ccefd5879e573cd53c2123dd3a</td>
<td>CNNVD-202210-1612 (CVE-2022-39272)</td>
<td>2022-10-22 13:09:56</td>
<td>Flux2 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1612">详情</a></td>
</tr>
<tr>
<td>c3846b92a4965777ef3e53a1f4618717</td>
<td>CNNVD-202210-1600 (CVE-2022-3646)</td>
<td>2022-10-21 13:10:17</td>
<td>Linux kernel 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1600">详情</a></td>
</tr>
<tr>
<td>9a761144255ce6f90bb54e219ea40282</td>
<td>CNNVD-202210-1601 (CVE-2022-34438)</td>
<td>2022-10-21 13:10:15</td>
<td>Dell PowerScale OneFS 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1601">详情</a></td>
</tr>
<tr>
<td>44290d228b51ffbf0aab6efd4d6e678e</td>
<td>CNNVD-202210-1602 (CVE-2022-31239)</td>
<td>2022-10-21 13:10:12</td>
<td>Dell PowerScale OneFS 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1602">详情</a></td>
</tr>
<tr>
<td>9ca9cbb2a337c33899bcdf19d91d7d78</td>
<td>CNNVD-202210-1603 (CVE-2022-34437)</td>
<td>2022-10-21 13:10:10</td>
<td>Dell PowerScale OneFS 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1603">详情</a></td>
</tr>
<tr>
<td>0a96e1daad10fc7b842abaa350831db2</td>
<td>CNNVD-202210-1605 (CVE-2022-26870)</td>
<td>2022-10-21 13:10:08</td>
<td>Dell EMC PowerStore 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1605">详情</a></td>
</tr>
<tr>
<td>35f41caeb97feaaa8373f4dbbbd7a249</td>
<td>CNNVD-202210-1606 (CVE-2020-5355)</td>
<td>2022-10-21 13:10:06</td>
<td>Dell EMC Isilon OneFS 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1606">详情</a></td>
</tr>
<tr>
<td>d314bbe34de68aa67eddd75a9f4ce40c</td>
<td>CNNVD-202210-1609 (CVE-2022-3649)</td>
<td>2022-10-21 13:10:03</td>
<td>Linux kernel 资源管理错误漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1609">详情</a></td>
</tr>
<tr>
<td>351642a659185d5b0604973397c7fa3b</td>
<td>CNNVD-202210-1610 (CVE-2022-39259)</td>
<td>2022-10-21 13:10:01</td>
<td>Skylot Jadx 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1610">详情</a></td>
</tr>
<tr>
<td>ebbdab47bb0184312da10141d7d010e7</td>
<td>CNNVD-202210-1611 (CVE-2022-23462)</td>
<td>2022-10-21 13:09:59</td>
<td>Softmotions IOWOW 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1611">详情</a></td>
</tr>
<tr>
<td>8c86f10ec92b3124f4395faa27ee8ae3</td>
<td>CNNVD-202210-1517 (CVE-2022-29477)</td>
<td>2022-10-20 13:08:31</td>
<td>Adobe Iota 信任管理问题漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1517">详情</a></td>
</tr>
<tr>
<td>3c33a32472c03f27b2b606714eb74e0a</td>
<td>CNNVD-202210-1518 (CVE-2022-36966)</td>
<td>2022-10-20 13:08:29</td>
<td>SolarWinds Platform 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1518">详情</a></td>
</tr>
<tr>
<td>280b662d6c30e683e90c26748fa86a26</td>
<td>CNNVD-202210-1519 (CVE-2022-36958)</td>
<td>2022-10-20 13:08:27</td>
<td>SolarWinds Platform 代码问题漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1519">详情</a></td>
</tr>
<tr>
<td>1d1787e08b1093c5bd9723a8b9465e0f</td>
<td>CNNVD-202210-1520 (CVE-2022-27805)</td>
<td>2022-10-20 13:08:25</td>
<td>Adobe Iota 访问控制错误漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1520">详情</a></td>
</tr>
<tr>
<td>632da31aee8b02c08d2e63767809782a</td>
<td>CNNVD-202210-1521 (CVE-2022-36957)</td>
<td>2022-10-20 13:08:22</td>
<td>SolarWinds Platform 安全漏洞</td>
<td><a target="_blank" href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202210-1521">详情</a></td>
</tr>
<tr>
<td>28743e448b695bd2eee529e66954d3c4</td>
<td>CNNVD-202210-1522 (CVE-2022-3623)</td>