Threat-Broadcast

返回博客 | 威胁情报播报

360 网络安全响应中心 [TOP 30]	CVES	TIME	TITLE	URL
0dd2b4e54c1e7d58b6a543d5cd6168ce		2022-01-04 09:42:59	安全事件周报 (12.27-01.02)	详情
1f4414b232828031852a1c0ccd0338a8	CVE-2021-45232	2021-12-28 11:53:57	Apache APISIX Dashboard 未授权访问漏洞通告	详情
7e8a20ef23aa18ec6a4d4db37ac4c3b2		2021-12-27 10:23:48	安全事件周报 (12.20-12.26)	详情
d64e8c999202491d43f23dc514036a1f		2021-12-23 03:35:44	Apache HTTP Server多个漏洞风险通告	详情
c2d76ce73a102654b071afa0aa63a3c7	CVE-2021-45105	2021-12-20 08:57:08	CVE-2021-45105：Apache Log4j 拒绝服务漏洞通告	详情
58138920f2aaf7fe331bd6f96f7cd225		2021-12-20 07:38:33	安全事件周报 (12.13-12.19)	详情
03a81fd8fe0e8c0034b92844bfb6dd03	CVE-2021-45046	2021-12-17 09:54:22	Log4j 2 远程代码执行漏洞通告	详情
a50794d51fd89538d0eb021520271919		2021-12-17 08:05:40	360CERT发布基于漏洞攻击荷载的Log4j2对抗型热补修复方案	详情
d4319ee554074475bdc2bc825480754b		2021-12-15 06:37:34	2021-12 补丁日: 微软多个漏洞安全更新通告	详情
7eed3b6eefb34deb5bba75d8e3cd6c8b	CVE-2021-4102	2021-12-14 10:27:36	CVE-2021-4102：Google Chrome 代码执行漏洞	详情
0b2a24c28ee563beb083baa046da930b		2021-12-13 07:09:14	安全事件周报 (12.06-12.12)	详情
ec4c7eb7d0fda599889cdc11440df805		2021-12-13 03:00:28	Microsoft Windows Active Directory 域服务权限提升多个漏洞通告	详情
e0a3b7cab3cc78da77c5fad75a9ba739		2021-12-10 02:25:47	Apache Log4j 2 远程代码执行漏洞通告	详情
9ec8a01a5c4055ebe30833b1e884926e		2021-12-07 09:10:46	Grafana 任意文件读取漏洞通告	详情
c529a8f4ce9149aac86c63b5738017ee		2021-12-06 07:56:06	安全事件周报 (11.29-12.05)	详情
9c24c96b071028e5ab5cb7c57a40aec5	CVE-2021-44077	2021-12-06 02:34:35	Zoho ManageEngine ServiceDesk Plus 认证绕过漏洞通告	详情
27933e8ec7f78be59d256022a1d64b95	CVE-2021-43527	2021-12-02 10:28:33	Mozilla NSS 缓冲区堆溢出漏洞通告	详情
83bac63949a59169c9c7c271d98a152e		2021-11-29 09:38:26	安全事件周报 (11.22-11.28)	详情
15ff7b9007f0c1e45294434b299d4109	CVE-2021-43267	2021-11-29 08:18:18	【更新】Linux Kernel TIPC远程代码执行漏洞通告	详情
bebe746363e69b69622e3fda0f108447	CVE-2021-43267	2021-11-29 07:19:49	【通告更新】Linux Kernel TIPC远程代码执行漏洞通告	详情
4ed0bd21ac467e8cc581c0e81289c523	CVE-2021-21980	2021-11-25 07:07:05	CVE-2021-21980：VMware vCenter Server任意文件读取漏洞	详情
d875d320facf4c43784eb891375cd7b3		2021-11-24 08:57:02	Windows Installer 权限提升漏洞通告	详情
91e360c25b115d69fd9e9e83ec9f3a0e		2021-11-23 03:34:54	【更新】Hadoop Yarn RPC未授权访问漏洞通告	详情
dbdf7a621ffe78f2c309940176c7a72f	CVE-2021-41277	2021-11-22 10:10:03	Metabase 任意文件读取漏洞通告	详情
8721b1795800b3a9515a758cd793c45e	CVE-2021-42321	2021-11-22 09:26:04	微软Exchange Server远程代码执行漏洞通告	详情
b6d6aca9371ebf883fe0c82c70f1d0b2		2021-11-22 03:47:09	安全事件周报 (11.15-11.21)	详情
c3564bfbac4c6c088ea8709c8f22689e		2021-11-17 08:15:46	npm多个高危漏洞通告	详情
849700f1142f235f2f3841fe9a8c143c		2021-11-16 07:56:39	Intel BIOS固件多个权限提升漏洞通告	详情
512590ceca81695993af08257a324b98		2021-11-15 08:35:38	Hadoop Yarn RPC未授权访问漏洞通告	详情
0486042c1420b0617fab550f8142ae35	CVE-2020-27986	2021-11-15 08:09:40	SonarQube 未授权访问漏洞在野利用通告	详情

Tenable (Nessus) [TOP 30]	CVES	TIME	TITLE	URL
de5f3fc118d6a17b99d19a2804172df3	CVE-2021-25743	2022-01-07 00:15:00	kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.	详情
4e85fd4be73d312a7ee00458ba252283	CVE-2022-21664	2022-01-06 23:15:00	WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.	详情
3ead5572706e11b7c8edf378867bc118	CVE-2022-21663	2022-01-06 23:15:00	WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.	详情
dfab22ad43a85a9d514325bb88e46aec	CVE-2022-21662	2022-01-06 23:15:00	WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.	详情
d920b56e7dfe71b24e55ae3264022335	CVE-2022-21661	2022-01-06 23:15:00	WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.	详情
e58e9931c2ed51afeedef37f6eb233f5	CVE-2021-46044	2022-01-06 21:15:00	A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent).	详情
40a290a301b003843efca108c4d7229f	CVE-2021-46043	2022-01-06 21:15:00	A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service.	详情
916eea980b0d92b35003af596f94e65c	CVE-2021-42841	2022-01-06 21:15:00	Insta HMS before 12.4.10 is vulnerable to XSS because of improper validation of user-supplied input by multiple scripts. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.	详情
1aa0f37590f9726c8b9b30d55923d94d	CVE-2021-46042	2022-01-06 20:15:00	A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service.	详情
ea97be08c487e929f0daf1086644e374	CVE-2021-46041	2022-01-06 20:15:00	A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service.	详情
30497a07bfd3cab4ba22fc52165d05d8	CVE-2021-46040	2022-01-06 20:15:00	A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent).	详情
0bf2b2b92a7a4575935a1d8319a8290c	CVE-2021-46039	2022-01-06 20:15:00	A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent).	详情
75702db2105ebee6548b2a4b3327a41c	CVE-2021-43045	2022-01-06 18:15:00	A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue.	详情
9c2761a1c980bee3e0b5567c4b5bc246	CVE-2021-4194	2022-01-06 18:15:00	bookstack is vulnerable to Improper Access Control	详情
6005cb8319d24a8a7a06840d1bb45dad	CVE-2021-28715	2022-01-06 18:15:00	Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714)	详情
13b4a5698607f16110b09b321cb5795e	CVE-2021-28714	2022-01-06 18:15:00	Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714)	详情
e5ab33a25ad8893143843e7b8780fbd0	CVE-2021-43045	2022-01-06 18:15:00	A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue.	详情
1280025a54e90a70e69f73fe0c47519e	CVE-2022-0128	2022-01-06 17:15:00	vim is vulnerable to Out-of-bounds Read	详情
f6778b89faab3d1ab229e6f85bec2aa2	CVE-2021-46079	2022-01-06 16:15:00	An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.	详情
0b30c0fd1a9c08af9c1be4612bc99a7b	CVE-2021-46078	2022-01-06 16:15:00	An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.	详情
c8a3bd43c715cce8f65ce837c1bbcc6a	CVE-2021-46075	2022-01-06 16:15:00	A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.	详情
8673fd2f9067662f3c51b90953bbc325	CVE-2021-46074	2022-01-06 16:15:00	A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.	详情
d81f2142b72d50f63d57d02db98a2232	CVE-2021-46073	2022-01-06 16:15:00	A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.	详情
e64f992b4e7b9d17e90e421da6cdb3d5	CVE-2021-46072	2022-01-06 16:15:00	A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.	详情
f730cf61e81da4bfa7c50a09ca1e1d42	CVE-2021-46071	2022-01-06 16:15:00	A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.	详情
660d28e6300ec782e418165f9fba5ce9	CVE-2021-46070	2022-01-06 16:15:00	A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.	详情
837efa38671c95cf6edd5b4624c9a200	CVE-2021-46069	2022-01-06 16:15:00	A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.	详情
61d2112ce10648f00c69af4a08bd262c	CVE-2021-46068	2022-01-06 16:15:00	A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.	详情
4dcda4b1c5a24f6ed132db01d6aa5f0e	CVE-2021-44591	2022-01-06 14:15:00	In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file.	详情
91ac6c93c6bd8fd7032a0e8815c16cc1	CVE-2021-44590	2022-01-06 14:15:00	In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits this vulnerability.	详情

国家信息安全漏洞共享平台（CNVD） [TOP 30]	CVES	TIME	TITLE	URL
8686fda9b2b49e4e1666b54e2248f935	CNVD-2021-74882	2021-11-14 16:43:52	四创科技有限公司建站系统存在SQL注入漏洞	详情
8f6972d84ad188b05ff9cc14d4334949	CNVD-2021-87021 (CVE-2020-4690)	2021-11-12 12:43:14	IBM Security Guardium硬编码凭证漏洞	详情
3bfe7b053a0c59d8a3d38c18f86aa143	CNVD-2021-87022 (CVE-2021-38870)	2021-11-12 12:43:12	IBM Aspera跨站脚本漏洞	详情
a4649bb17f4db4d1c7f879ebceb46ed0	CNVD-2021-87011 (CVE-2021-29753)	2021-11-12 12:43:11	IBM Business Automation Workflow存在未明漏洞	详情
094c613f9ed4b8b9d887dc912789043c	CNVD-2021-87025 (CVE-2021-20563)	2021-11-12 12:43:10	IBM Sterling File Gateway信息泄露漏洞	详情
41c47f01a4c65dcb6efc9ebf483fe762	CNVD-2021-87010 (CVE-2021-38887)	2021-11-12 12:43:08	IBM InfoSphere Information Server信息泄露漏洞	详情
f51d33e7a09fd61ca90ede453515a830	CNVD-2021-87016 (CVE-2021-29764)	2021-11-12 12:43:07	IBM Sterling B2B Integrator跨站脚本漏洞	详情
33615a5f78df822e82e6d3436045c48c	CNVD-2021-87026 (CVE-2021-38877)	2021-11-12 12:43:06	IBM Jazz for Service Management跨站脚本漏洞	详情
8e729177bcb4105dd831fb1e123ed1bb	CNVD-2021-87014 (CVE-2021-29679)	2021-11-12 12:43:04	IBM Cognos Analytics远程代码执行漏洞	详情
1a3b856f78e9fbdca12aeddc7d665aca	CNVD-2021-87029 (CVE-2021-29752)	2021-11-12 12:43:03	IBM Db2信息泄露漏洞	详情
6f1aa3a0cb819d97519baa47fd0232d5	CNVD-2021-87015 (CVE-2021-29745)	2021-11-12 12:43:02	IBM Cognos Analytics权限提升漏洞	详情
cbcb12f5f51d6e7d6d8a9fa581aa863a	CNVD-2021-73908	2021-11-11 16:42:44	泛微e-cology存在SQL注入漏洞	详情
ae6fd467da55de31aa7219187cf5c2d4	CNVD-2021-86904 (CVE-2021-20351)	2021-11-11 08:31:46	IBM Engineering跨站脚本漏洞	详情
412a15b40959ed9cf9330ee79f99e079	CNVD-2021-86903 (CVE-2021-31173)	2021-11-11 08:31:44	Microsoft SharePoint Server信息泄露漏洞	详情
1cbc5d5faac431d3e82c9e5ea9588b5f	CNVD-2021-86902 (CVE-2021-31172)	2021-11-11 08:31:43	Microsoft SharePoint欺骗漏洞	详情
686c7cfb20933b41c3d679cbba79a2ad	CNVD-2021-86901 (CVE-2021-31181)	2021-11-11 08:31:42	Microsoft SharePoint远程代码执行漏洞	详情
72fdfb2d44c0d41d638e4632bdfc10b8	CNVD-2021-86900 (CVE-2021-3561)	2021-11-11 08:31:41	fig2dev缓冲区溢出漏洞	详情
3ba6f0e9394f9414e2cadb9495e2d5f5	CNVD-2021-85884 (CVE-2021-41210)	2021-11-10 07:24:57	Google TensorFlow堆分配数组越界读取漏洞	详情
4d8c4744ea972fb2fcb9673fea1fc7b7	CNVD-2021-85883 (CVE-2021-41226)	2021-11-10 07:24:56	Google TensorFlow堆越界访问漏洞	详情
8778f9cd924cae585ca5e2e0b8be3b3f	CNVD-2021-85882 (CVE-2021-41224)	2021-11-10 07:24:54	Google TensorFlow堆越界访问漏洞	详情
e1b2722e6d5c509c680b584416d9cb20	CNVD-2021-85881 (CVE-2021-42770)	2021-11-10 07:24:53	OPNsense跨站脚本漏洞	详情
ed09c9fa5586e2d4d9b4e95fe3b447a0	CNVD-2021-85880 (CVE-2021-28024)	2021-11-10 07:24:52	ServiceTonic访问控制不当漏洞	详情
8a642f0922f7f915e81b2b947276a96c	CNVD-2021-85879 (CVE-2021-28023)	2021-11-10 07:24:50	ServiceTonic任意文件上传漏洞	详情
c00b061c2cfdee4016a869a188135db5	CNVD-2021-85878 (CVE-2021-28022)	2021-11-10 07:24:49	ServiceTonic SQL注入漏洞	详情
9c4b20a28ad2bd4ab916448f0e1272bd	CNVD-2021-85877 (CVE-2021-32483)	2021-11-10 07:24:48	Cloudera Manager不正确访问控制漏洞	详情
4d4423857b7b1f38e49738f00e8949ba	CNVD-2021-85876 (CVE-2021-32481)	2021-11-10 07:24:46	Cloudera Hue跨站脚本漏洞	详情
6b12b7fc216d603e8e07351603851c86	CNVD-2021-85875 (CVE-2021-29994)	2021-11-10 07:24:45	Cloudera Hue跨站脚本漏洞	详情
72894fb3a3538de240d2f6810aae63c9	CNVD-2021-85892 (CVE-2021-42701)	2021-11-10 02:38:27	DAQFactory中间人攻击漏洞	详情
94a1f99a64ba24540cc1594d0a0b3152	CNVD-2021-85893 (CVE-2021-42699)	2021-11-10 02:38:26	DAQFactory明文传输漏洞	详情
5d9bac33be8f2f88391f6de02fb89c73	CNVD-2021-85894 (CVE-2021-42698)	2021-11-10 02:38:24	DAQFactory反序列化漏洞	详情

国家信息安全漏洞库（CNNVD） [TOP 30]	CVES	TIME	TITLE	URL
446d67667a5365137907a45b0a644ff1	CNNVD-202201-315 (CVE-2020-23986)	2022-01-06 13:34:32	github-readme-stats 安全漏洞	详情
216fd85a04919bbf0fda6dd93dd1041f	CNNVD-202201-316 (CVE-2020-27428)	2022-01-06 12:50:54	Scratch-Svg-Renderer 安全漏洞	详情
9d9bba1d1f33b6a43e386293bbe6e674	CNNVD-202201-317 (CVE-2021-41842)	2022-01-06 12:50:52	Insyde InsydeH2O 安全漏洞	详情
35f38f38dea0127cbdacbab40742a566	CNNVD-202201-308 (CVE-2021-45969)	2022-01-05 13:34:47	Insyde InsydeH2O 安全漏洞	详情
136d758361c8b2b5bd54239bc6992624	CNNVD-202201-310 (CVE-2021-46038)	2022-01-05 13:34:43	GPAC 安全漏洞	详情
b18ea8bbf9aff06f7fc18ff71ffdc000	CNNVD-202201-311 (CVE-2021-45833)	2022-01-05 13:34:41	HDF5 安全漏洞	详情
0e37469dfece36d4beb921cf83f7234c	CNNVD-202201-312 (CVE-2021-40026)	2022-01-05 13:34:39	Huawei HarmonyOS Wearables 缓冲区错误漏洞	详情
54b2b757c2f47b1bebf2a636266db06d	CNNVD-202201-313 (CVE-2021-45971)	2022-01-05 13:34:37	Insyde InsydeH2O 安全漏洞	详情
983aa1f3d6a66c8f87c59ac4ef7b1638	CNNVD-202201-314 (CVE-2021-40009)	2022-01-05 13:34:35	Huawei HarmonyOS Wearables 安全漏洞	详情
97efcb0864da4e4abfbed0d6db3d3b53	CNNVD-202201-309 (CVE-2021-45970)	2022-01-05 12:51:34	Insyde InsydeH2O 安全漏洞	详情
6a27e9a907937b8687a7f95d49258ec5	CNNVD-202201-184 (CVE-2021-43852)	2022-01-04 12:48:32	OroPlatform 安全漏洞	详情
bb00ea332f735234ebbb80d9e0c00f56	CNNVD-202201-185 (CVE-2021-0934)	2022-01-04 12:48:30	Google Android 安全漏洞	详情
92c877e47ffe5e35a61d6fe524f758e2	CNNVD-202201-186 (CVE-2022-21647)	2022-01-04 12:48:28	CodeIgniter 代码问题漏洞	详情
586694718742613ea884f07ac64ad72b	CNNVD-202201-187 (CVE-2022-21648)	2022-01-04 12:48:26	Latte 安全漏洞	详情
2f616ed31fdaaead3284a29256b65735	CNNVD-202201-188 (CVE-2022-21650)	2022-01-04 12:48:24	Nordaaker Convos 跨站脚本漏洞	详情
4d1dc7b23ebe211eb9ef53b470a46c02	CNNVD-202201-189 (CVE-2022-21644)	2022-01-04 12:48:22	USOC SQL注入漏洞	详情
4c49ecf6e588a104e9f30d0ad6976ac1	CNNVD-202201-190 (CVE-2021-41388)	2022-01-04 12:48:20	Netskope 安全漏洞	详情
bde7e5bf549740bc242a7b7010a29c91	CNNVD-202201-191 (CVE-2022-21649)	2022-01-04 12:48:18	Nordaaker Convos 跨站脚本漏洞	详情
e668ca779ae6453feb46c6ee76d4eeb7	CNNVD-202201-192 (CVE-2021-39632)	2022-01-04 12:48:16	Google Android 安全漏洞	详情
c1ce176458566d9c5336e0279ba0766e	CNNVD-202201-193 (CVE-2021-39630)	2022-01-04 12:48:14	Google Android 安全漏洞	详情
01d573d5b89a106c70176bae02bc2c6a	CNNVD-202201-074 (CVE-2021-45428)	2022-01-03 12:47:43	Telesquare TLR-2005KSH 安全漏洞	详情
946910857bc1d5b3ccbeaa4bcc854411	CNNVD-202201-075 (CVE-2021-45817)	2022-01-03 12:47:41	Hanwha DVR 跨站脚本漏洞	详情
01570e18d1a269d56139723a92acf532	CNNVD-202201-076 (CVE-2021-46109)	2022-01-03 12:47:39	ASUS RT-AC52U_B1 跨站脚本漏洞	详情
19c07436410a42035436c6614131a881	CNNVD-202201-077 (CVE-2020-23026)	2022-01-03 12:47:37	dhrystone 缓冲区错误漏洞	详情
fef12f534b814e8a827d33eed0b9d7d5	CNNVD-202201-078 (CVE-2021-20148)	2022-01-03 12:47:35	ZOHO ManageEngine ADSelfService Plus 安全漏洞	详情
8f3af5e048b0871ba0250f4ae8ac59e3	CNNVD-202201-079 (CVE-2021-20147)	2022-01-03 12:47:33	ZOHO ManageEngine ADSelfService Plus 安全漏洞	详情
2d8f3b1c35371aef0faccd4470183683	CNNVD-202201-080 (CVE-2021-37120)	2022-01-03 12:47:31	Huawei Smartphone 缓冲区错误漏洞	详情
7463328da80781459cc4a6d33cc652bc	CNNVD-202201-081 (CVE-2021-37121)	2022-01-03 12:47:29	HuaWei Smartphone 安全漏洞	详情
da569fe20ce015decf152a2cc4efdcf4	CNNVD-202201-082 (CVE-2021-38576)	2022-01-03 12:47:27	Tianocore EDK II 安全漏洞	详情
9cf36b476eb765ba3b73e01d80b58bd4	CNNVD-202201-083 (CVE-2021-45829)	2022-01-03 12:47:25	HDF5 安全漏洞	详情

奇安信 [TOP 30]	CVES	TIME	TITLE	URL
6bd01daffa85191c80698354fc8e252f		wt	QianxinTI-SV-2019-0015 Microsoft Windows RDP远程桌面服务多个远程代码执行漏洞通告	详情
f749eac58b87d0954f0e4a84b5d67057	CVE-2020-1350	2020-07-15 15:57:00	QiAnXinTI-SV-2020-0013 Microsoft DNS Server远程代码执行漏洞（CVE-2020-1350）通告	详情
90b93cb7073fe73b17746ac166a09637	CVE-2020-6819, CVE-2020-6820	2020-04-08 10:34:35	QianxinTI-SV-2020-0012 Firefox在野远程代码执行漏洞（CVE-2020-6819、CVE-2020-6820）通告	详情
e318a5efa4803b50cdef480b90b1784d		2020-03-25 13:58:51	QiAnXinTI-SV-2020-0009 Microsoft Windows Type 1字体处理远程代码执行漏洞（ADV200006）通告	详情
cffc3035f7899495cfeae521451f91b2	CVE-2020-0796	2020-03-12 10:32:09	QiAnXinTI-SV-2020-0008 Microsoft Windows SMBv3.0服务远程代码执行漏洞（CVE-2020-0796）通告	详情
3e6175d47d17c6f94bd9ba10d81c3717	CVE-2020-0674	2020-03-02 14:52:46	QiAnXinTI-SV-2020-0002 Microsoft IE jscript远程命令执行0day漏洞（CVE-2020-0674）通告	详情
d99d073afb7d248a8a62fb068921997f	CVE-2020-0601	2020-01-15 14:11:41	QianxinTI-SV-2020-0001 微软核心加密库漏洞（CVE-2020-0601）通告	详情
b7b45b14a3af1225ef6eec72d74964df	CVE-2019-1367	2019-09-25 17:23:00	QiAnXinTI-SV-2019-0022 微软IE浏览器JScript脚本引擎远程代码执行漏洞通告	详情
504fc79f0123db109a11b149c334b75c	CVE-2019-0708	2019-09-09 10:20:47	QiAnXinTI-SV-2019-0006 微软远程桌面服务远程代码执行漏洞（CVE-2019-0708）预警通告	详情
5b727692d583d4a6e7cdb0f670eac12a	CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, CVE-2019-1226	2019-08-14 11:09:05	QianxinTI-SV-2019-0015 Microsoft Windows RDP远程桌面服务多个远程代码执行漏洞通告	详情
54b48d765fccbc8dcfa3de0920459f8d	CVE-2019-11707	2019-06-19 16:53:47	QiAnXinTI-SV-2019-0013 Firefox远程代码执行漏洞（CVE-2019-11707）预警通告	详情
5b4d5fea09fbc2dca45be53f162d39de	CVE-2019-0708	2019-05-31 17:03:19	QiAnXinTI-SV-2019-0006 微软远程桌面服务远程代码执行漏洞（CVE-2019-0708）预警通告	详情

安全客 [TOP 30]	CVES	TIME	TITLE	URL
03afa8b4eaf4a0160784152fca5465b2	CVE-2021-27308	2021-07-11 14:22:05	4images 跨站脚本漏洞	详情
8b0ace4c54a7fc20a99d21e294152a99	CVE-2020-15261	2021-07-11 14:22:05	Veyon Service 安全漏洞	详情
d4f12de949590ab346b61986a29d8b4d	CVE-2021-35039	2021-07-09 17:30:13	Linux kernel 安全漏洞	详情
f790e7ef3b5de3774d42ee32b9b10c01	CVE-2021-34626	2021-07-09 17:30:13	WordPress 访问控制错误漏洞	详情
71bf261eb2113d5ff870ab9bafd29f55	CVE-2021-25952	2021-07-09 17:30:13	just-safe-set 安全漏洞	详情
152793cbc104933584f5f227606f433d	CVE-2021-0597	2021-07-09 17:30:13	Google Android 信息泄露漏洞	详情
75f153c327984fdfdd2d9c463a91371d	CVE-2021-34430	2021-07-09 17:30:13	Eclipse TinyDTLS 安全特征问题漏洞	详情
9610336f1a41241cc8edea22a2780ec5	CVE-2021-3638	2021-07-09 17:30:13	QEMU 安全漏洞	详情
92fe450ae5c5dfa48072aca79d64ba63	CVE-2021-34614	2021-07-09 14:24:32	Aruba ClearPass Policy Manager 安全漏洞	详情
680a4218fc32922746717210664a3d62	CVE-2021-22144	2021-07-09 13:28:16	Elasticsearch 安全漏洞	详情
373930f669f2c1f7b61101a925304779	CVE-2021-24022	2021-07-09 13:28:16	Fortinet FortiManager 安全漏洞	详情
8556f9cd0699f88c1f6cca9a43463bdd	CVE-2021-33012	2021-07-09 13:28:16	Allen Bradley Micrologix 1100输入验证错误漏洞	详情
480ae713cc88cc0985e1ebc079974d83	CVE-2021-0592	2021-07-09 13:28:16	Google Android 安全漏洞	详情
8ef4dbefa6604ea2312621401c3ec0b9	CVE-2021-1598	2021-07-09 13:28:16	Cisco Video Surveillance 7000 Series IP Cameras 安全漏洞	详情
d6e8714c32df7a0dcc2f3910ec68b42d	CVE-2021-20782	2021-07-09 13:28:16	Software License Manager 跨站请求伪造漏洞	详情
4e60b22611b8bb0fd7e532896498af29	CVE-2021-20781	2021-07-09 13:28:16	WordPress 跨站请求伪造漏洞	详情
5ca48ad58fb499c069ae0800c3b39875	CVE-2021-32961	2021-07-09 13:28:16	MDT AutoSave代码问题漏洞	详情
2ed854890b43f08e52340a1e8fe6d39f	CVE-2021-0577	2021-07-09 13:28:16	Google Android 安全漏洞	详情
8d63110e1475bbd245715b2ee1824d13	CVE-2021-31816	2021-07-09 13:28:16	Octopus Server 安全漏洞	详情
72bef2ae2f5db7dd066e1cdefa618dc5	CVE-2021-31817	2021-07-09 13:28:16	Octopus Server 安全漏洞	详情
1f7369b2609dbd2cd40d091f7de540cd	CVE-2020-20217	2021-07-09 13:28:16	Mikrotik RouterOs 安全漏洞	详情
1793176eecc5813c3348f026dc9909c9	CVE-2020-28598	2021-07-09 13:28:16	PrusaSlicer 安全漏洞	详情
7f4cf34ceb545548dcfcc3c0e7120268	CVE-2021-32945	2021-07-09 13:28:16	MDT AutoSave加密问题漏洞	详情
58553eb00d6e3e83b633f09464c4e98a	CVE-2021-29712	2021-07-09 13:28:16	IBM InfoSphere Information Server 跨站脚本漏洞	详情
d8e27ec42fb0b89998fcc006f49b249b	CVE-2021-25432	2021-07-09 13:28:16	Samsung Members 信息泄露漏洞	详情
8f2adc6c247725bf2eb7f53256c93ea7	CVE-2021-25433	2021-07-09 13:28:16	Samsung Tizen安全漏洞	详情
8f949676124339eb6f64f9c607af5470	CVE-2021-25431	2021-07-09 13:28:16	Samsung Mobile Device Cameralyzer 访问控制错误漏洞	详情
069818a8958f9c158fcb0956ee32fc03	CVE-2021-25434	2021-07-09 13:28:16	Samsung Tizen 代码注入漏洞	详情
55b9126220b9722ff5d730d3996877e9	CVE-2021-32949	2021-07-09 13:28:16	MDT AutoSave 路径遍历漏洞	详情
ebab009fffdee3d360dcdff74b0ed061	CVE-2021-25435	2021-07-09 13:28:16	Samsung Tizen代码注入漏洞	详情

斗象 [TOP 30]	CVES	TIME	TITLE	URL
88a8c676b52a739c0335d7c21ca810a9		2022-01-06 08:19:17	MeterSphere 远程代码执行漏洞	详情
9cd742f4839806e40f42c6e7ea492590		2021-12-28 10:31:16	APISIX Dashboard 未授权访问漏洞风险通告(CVE-2021-45232)	详情
76cad61d2d5a8750a6a714ab2c6dbc97	CVE-2021-45232	2021-12-28 10:31:16	Apache APISIX Dashboard 接口未授权访问漏洞(CVE-2021-45232)	详情
af4f5f63390eb00de8705b5029d8c376	CVE-2021-44228, CVE-2021-45046	2021-12-14 01:56:52	Apache Log4j 远程代码执行漏洞	详情
43456ae172e45c12087c40c03d925e0e	CVE-2021-44228	2021-12-11 03:21:34	Apache Log4j 远程代码执行漏洞	详情
392b133d98d6f61aee36ce6c8784f4df		2021-12-09 15:20:54	Apache Log4j 远程代码执行漏洞	详情
1e193280a8f45427c06cb4945be4f126		2021-12-07 06:48:55	Grafana 任意文件读取漏洞	详情
1911c90c4cf886d9867ff81b4756eb3f		2021-12-02 06:37:58	VMware vCenter 服务端请求伪造漏洞	详情
45a46bc77eb26e67020f43cf08f1fcc6	CVE-2021-21980, CVE-2021-22049	2021-11-26 03:52:06	VMware vCenter Server多个高危漏洞通告	详情
c1d2650c12cb12d9ee21f53d0f087be8	CVE-2021-42321, CVE-2021-42292, CVE-2021-38666	2021-11-10 12:03:45	微软2021年11月补丁日漏洞通告	详情
6b34ab872bd97043b7699554194da23f	CVE-2021-22205	2021-11-02 03:38:34	GitLab CE/EE远程代码执行漏洞(CVE-2021-22205)	详情
a418a10f7f4a1694a2293e895b24de6a	CVE-2021-35617, CVE-2021-35620	2021-10-20 03:07:34	Oracle WebLogic 多个高危漏洞通告	详情
e2d8ba6cd503627461acaa0de23c51b6	CVE-2021-40449, CVE-2021-26427, CVE-2021-40486, CVE-2021-38672, CVE-2021-40461	2021-10-13 05:29:50	微软2021年10月补丁日漏洞通告	详情
68be9e619a7702aa2cb4d58c255d39c8	CVE-2021-41773, CVE-2021-42013	2021-10-09 03:33:50	Apache HTTP Server 路径遍历漏洞	详情
2b425329012f167ceeee133dcab6c49c	CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22005, CVE-2021-22006, CVE-2021-22007, CVE-2021-22008, CVE-2021-22009, CVE-2021-22010, CVE-2021-22011, CVE-2021-22012, CVE-2021-22013, CVE-2021-22014, CVE-2021-22015, CVE-2021-22016, CVE-2021-22017	2021-09-22 05:41:12	VMware多个高危漏洞通告	详情
a0f1f4b9e08c161feea107db8c47d55e	CVE-2021-26084	2021-08-26 12:03:16	Atlassian Confluence远程代码执行漏洞(CVE-2021-26084)	详情
68ee7b98acb8ba2e45c3638a078d9535	CVE-2021-39139, CVE-2021-39140, CVE-2021-39141, CVE-2021-39144, CVE-2021-39145, CVE-2021-39146, CVE-2021-39147, CVE-2021-39148, CVE-2021-39149, CVE-2021-39150, CVE-2021-39151, CVE-2021-39152, CVE-2021-39153, CVE-2021-39154	2021-08-23 06:14:35	XStream 多个反序列化漏洞	详情
e00d270224089dec1dde09bb05ec2678	CVE-2021-34473, CVE-2021-34523, CVE-2021-31207	2021-08-06 08:53:31	Microsoft Exchange 远程代码执行漏洞（PoC已公开）	详情
b36f311a6a1cb8b7c4d2da09512e0fa9	CVE-2021-2394, CVE-2021-2397, CVE-2021-2382	2021-07-21 10:29:24	Oracle WebLogic 多个高危漏洞通告	详情
86cb552f791b9e8159d01a9478a59f9d	CVE-2021-34527, CVE-2021-34448, CVE-2021-33771, CVE-2021-31979, CVE-2021-34473, CVE-2021-34520, CVE-2021-34468, CVE-2021-34467, CVE-2021-34449, CVE-2021-33780	2021-07-14 09:40:04	微软2021年7月补丁日漏洞通告	详情
ed706209d0185b2415915cac4afec37b		2021-07-08 08:43:59	YApi远程代码执行漏洞通告	详情
c5bfeca05acdc931e8686c9e3d4ff937		2021-07-02 11:03:50	Windows Print Spooler 远程代码执行漏洞(CVE-2021-34527)	详情
4184ae9f57a2db9063367e64e6cc2cb7	CVE-2021-1675	2021-06-29 10:15:39	Windows Print Spooler远程代码执行漏洞(CVE-2021-1675)	详情
2131ca2cbd7b631f62f8701a925c2767	CVE-2021-21998	2021-06-23 06:20:30	VMware Carbon Black App Control 身份验证绕过漏洞(CVE-2021-21998)	详情
906de48de24b85a2278ae80a9f4d0aa8		2021-06-03 02:48:56	用友NC BeanShell 远程命令执行漏洞	详情
4d9035105f60b9d56f24c24e87fc6e32	CVE-2021-21985	2021-05-26 03:39:33	VMware vCenter Server 远程代码执行漏洞(CVE-2021-21985)	详情
137a4e2d822964f8f8c93f59d00f2bce		2021-04-18 16:38:14	WebLogic T3反序列化漏洞0day	详情
7cb0c487c17f2247b0b81ef4bc51f47b		2021-04-18 16:38:14	WebLogic T3反序列化漏洞0day通告	详情
49c6f9e6d3305e3f6a1b9e819a546f5e		2021-03-18 07:43:11	GitLab markdown远程代码执行漏洞	详情
d260fd6bfb4e9ac71fb3d9e8ac099e8a	CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351	2021-03-15 12:14:54	XStream 多个反序列化漏洞	详情

红后 [TOP 30]	CVES	TIME	TITLE	URL
d79ebcca362bc03f8b54401b60d1712d	CVE-2020-10188	2022-01-06 13:46:13	netkit telnet 缓冲区错误漏洞	详情
93bb57561723f5c368c804895c348841	CVE-2020-10174	2022-01-05 13:44:15	Timeshift 后置链接漏洞	详情
213309ff8a9e7561a797d09e0b3e47ff	CVE-2020-9545	2022-01-05 13:44:08	Pale Moon 代码问题漏洞	详情
f914771d39c3babf600aeb28b3373fa7	CVE-2020-6799	2022-01-05 13:43:54	Mozilla Firefox ESR 参数注入漏洞	详情
c0c6116387986c1e7f50aa1ff58f528d	CVE-2020-10174	2022-01-04 13:42:18	Timeshift 竞争条件问题漏洞	详情
f01030cc18ee8184b930db91c435618e	CVE-2020-10110	2022-01-04 13:42:05	Citrix Systems Gateway 安全漏洞	详情
7f8a14dfbb462f466f54a22de648409a	CVE-2020-9429	2022-01-04 13:42:01	Wireshark WireGuard 代码问题漏洞	详情
e3f25d0859e20d7edf39caf7d5d65cca	CVE-2020-6793	2022-01-04 13:41:58	Mozilla Thunderbird 缓冲区错误漏洞	详情
1cdffa8b5164fa0405dcefd92e08b391	CVE-2020-6801	2022-01-04 13:41:51	Mozilla Firefox 缓冲区错误漏洞	详情
dcb006783a9e0ef5061187c9ea8036d8	CVE-2020-0502	2022-01-03 13:42:21	Intel Graphics Drivers 安全漏洞	详情
716fedcbf9d61b2d442518f652174202	CVE-2020-0503	2022-01-03 13:42:18	Intel Graphics Drivers 安全漏洞	详情
60d56cb5e20f3ef82a2d76f91ccc661c	CVE-2020-9545	2022-01-03 13:42:15	Pale Moon 输入验证错误漏洞	详情
f275fb74b166ab5cde7487e66cdbec6d	CVE-2020-9531	2022-01-03 13:42:12	Xiaomi MIUI 信息泄露漏洞	详情
b78e504815cc2109a66d61439e9a7532	CVE-2020-7062	2022-01-03 13:42:08	PHP 代码问题漏洞	详情
9e1978b6b40ae4bbf745933541c53c2d	CVE-2020-9372	2022-01-03 13:42:05	WordPress Appointment Booking Calendar 注入漏洞	详情
47683e7cb71a53b84967d82f313ed2a1	CVE-2020-6799	2022-01-03 13:42:02	Mozilla Firefox和Firefox ESR 输入验证错误漏洞	详情
7ee9f6ed5179adc03703b5687d23da65	CVE-2020-6800	2022-01-03 13:41:58	Mozilla Firefox、Firefox ESR和Thunderbird 缓冲区错误漏洞	详情
33443868c6cee2fce93849391aeb462c	CVE-2020-1706	2022-01-03 13:41:55	Red Hat OpenShift Enterprise 安全漏洞	详情
13131d74a3c75afbd96d46d9d9f11c18	CVE-2020-6792	2022-01-03 13:41:52	Mozilla Thunderbird 缓冲区错误漏洞	详情
ed09df96f1edefb3ec93678c65b2880f	CVE-2020-1569	2022-01-02 13:41:40	Microsoft Edge 缓冲区错误漏洞	详情
acdec84997a61988afb095c608f69195	CVE-2020-1570	2022-01-02 13:41:38	Microsoft Internet Explorer 缓冲区错误漏洞	详情
de7881ccab65c5441ac09e0ecdc64be9	CVE-2020-1566	2022-01-02 13:41:34	Microsoft Windows Kernel 缓冲区错误漏洞	详情
6d1b05d440a2e445ec134dcb4250fda0	CVE-2020-1567	2022-01-02 13:41:31	Microsoft Internet Explorer 输入验证错误漏洞	详情
91d56e3919977dab0611eab925add70a	CVE-2020-1563	2022-01-02 13:41:28	Microsoft Office 缓冲区错误漏洞	详情
85a88df55ac880ed0c7ce13afd0e2b74	CVE-2020-1564	2022-01-02 13:41:24	Microsoft Windows Jet Database Engine 缓冲区错误漏洞	详情
902b37d1bc30d0a9380cf07cddbb204b	CVE-2020-1568	2022-01-02 13:41:21	Microsoft Edge 缓冲区错误漏洞	详情
2ec09c80ccfb46fee641fe464610d15f	CVE-2020-1561	2022-01-02 13:41:17	Microsoft Windows Graphics Components 缓冲区错误漏洞	详情
4b857c311ad1e4771194c79c90328c00	CVE-2020-1565	2022-01-02 13:41:14	Microsoft Windows和Windows Server 安全漏洞	详情
50701d7681b2223ecc3c8aee46bde5ae	CVE-2020-1557	2022-01-02 13:41:10	Microsoft Windows Jet Database Engine 缓冲区错误漏洞	详情
ea67ddbcd3c65beea6141e9e2449885c	CVE-2020-1530	2022-01-01 13:42:19	Microsoft Windows Remote Access 缓冲区错误漏洞	详情

绿盟 [TOP 30]	CVES	TIME	TITLE	URL
e038246365bb2d83883e19bf8be57764	CVE-2021-45831	2022-01-06 03:32:03	GPAC空指针解引用漏洞	详情
ce427b38ff5ebfe62614d5189b5a87a3	CVE-2022-22107	2022-01-06 03:32:03	DayByDay CRM授权错误漏洞	详情
752366d89431c37d9d5aeb8bdc46076e	CVE-2022-22108	2022-01-06 03:32:03	DayByDay CRM授权错误漏洞	详情
ba5abcdb7d23ab3375004176544c1476	CVE-2022-22109	2022-01-06 03:32:03	DayByDay CRM跨站脚本漏洞	详情
04f96adf60015903041ae02865859f86	CVE-2022-22110	2022-01-06 03:32:03	DayByDay CRM信息泄露漏洞	详情
c1dae94279beba26a28c1b1694349e02	CVE-2022-22111	2022-01-06 03:32:03	DayByDay CRM授权错误漏洞	详情
4ee15a1a04146461689885789285b2ae	CVE-2021-33269	2022-01-06 03:32:03	D-Link DIR-809堆栈缓冲区溢出漏洞	详情
bb48da92553b20ff8a03ab6380ea1487	CVE-2021-33270	2022-01-06 03:32:03	D-Link DIR-809堆栈缓冲区溢出漏洞	详情
7aff1dbe13a0d1b88fa34172891b69a1	CVE-2021-33268	2022-01-06 03:32:03	D-Link DIR-809堆栈缓冲区溢出漏洞	详情
07a072d6ed82629af98e9d097e8f4266	CVE-2021-33271	2022-01-06 03:32:03	D-Link DIR-809堆栈缓冲区溢出漏洞	详情
3ad370a33c36231466ea8832ebfb3bb9	CVE-2021-33274	2022-01-06 03:32:03	D-Link DIR-809堆栈缓冲区溢出漏洞	详情
f274514e7199c350b2d645ad8e5c62ca	CVE-2021-45830	2022-01-06 03:32:03	HDF5堆缓冲区溢出漏洞	详情
3176bf3e05820db353127b0c1beffebc	CVE-2021-45832	2022-01-06 03:32:03	HDF5堆栈缓冲区溢出漏洞	详情
c200bb5bb9dd7020c1f2ad7781c17c18	CVE-2021-45833	2022-01-06 03:32:03	HDF5堆栈缓冲区溢出漏洞	详情
56e373f2335191ea89336c59d6363149	CVE-2021-4161	2022-01-05 09:29:59	Moxa MGate MB3180/MB3280/MB3480信息泄露漏洞	详情
5ca0228e5169ceb38b568beaf991f94d	CVE-2021-42833	2022-01-05 09:29:59	Xylem AquaView硬编码凭证漏洞	详情
419f5cd1196eccf965ab5455b0f2bc2d	CVE-2021-44768	2022-01-05 09:29:59	Delta Electronics CNCSoft越界读取漏洞	详情
1c5343e4c9e9cf11a67a262e29a81b34	CVE-2021-35414	2022-01-05 09:29:59	Chamilo LMS SQL注入漏洞	详情
7795fa7fe200e4c2b765308a5c76b611	CVE-2021-41496	2022-01-05 09:29:59	NumPy缓冲区溢出漏洞	详情
ba5df119d2bf417a3b245d125fe0a0ec	CVE-2021-43065	2022-01-05 09:29:59	Fortinet FortiNAC权限提升漏洞	详情
c16266185f25a4e755041700dc80156a	CVE-2021-27983	2022-01-05 09:29:59	MaxSite CMS远程代码执行漏洞	详情
6d6e4532e697476a5fc5a1fe72e6af2f	CVE-2021-37934	2022-01-05 09:29:59	Huntflow Enterprise信息泄露漏洞	详情
eb49a4b7eba4f251662697d4755b9a26	CVE-2021-37935	2022-01-05 09:29:59	Huntflow Enterprise信息泄露漏洞	详情
2e03843b3780ada7cd9bdddc812f26b2	CVE-2021-23157	2022-01-05 09:29:59	Wecon Technologies LeviStudioU堆缓冲区溢出漏洞	详情
89f83826fd3cb919cd51f38bf88a8ad9	CVE-2021-23138	2022-01-05 09:29:59	Wecon Technologies LeviStudioU堆栈缓冲区溢出漏洞	详情
c1c3be6f7340ce6184f6671f833b8f19	CVE-2021-22956	2022-01-05 09:29:59	Citrix Systems Application Delivery Management不受控制的资源消耗漏洞	详情
03a12c075eee2e0aa4f654ee98450b14	CVE-2021-22955	2022-01-05 09:29:59	Citrix Systems Application Delivery Management拒绝服务漏洞	详情
669fab3d32c03071a55403dfe54b39ce	CVE-2021-20867	2022-01-05 09:29:59	Delicious Brains Advanced Custom Fields授权错误漏洞	详情
9ccb886e7977210cbafd1d8c5dcf5882	CVE-2021-20865	2022-01-05 09:29:59	Delicious Brains Advanced Custom Fields授权错误漏洞	详情
3846f35f12b8db36b81ffb109b768ed7	CVE-2021-20166	2021-12-31 09:29:12	Netgear RAX43缓冲区溢出漏洞	详情

美国国家漏洞数据库（NVD） [TOP 30]	CVES	TIME	TITLE	URL
a687f03d33498f7588c06a99366adbb6	CVE-2021-45906	2021-12-27 23:15:08	OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen.	详情
fb385f3f855f07bfd1fce4fbfcb68aa5	CVE-2021-45905	2021-12-27 23:15:08	OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen.	详情
e088e87bf4f4e5c77a36208462090137	CVE-2021-45904	2021-12-27 23:15:08	OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen.	详情
fbd014d70777592a6584ccfade3fcc9b	CVE-2021-45720	2021-12-26 22:15:09	An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation.	详情
cb2c2dcc8bb312a4605ed41e3730af84	CVE-2021-45719	2021-12-26 22:15:09	An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. update_hook has a use-after-free.	详情
e4bc3029e79b3da0a13be272ed83dff5	CVE-2021-45718	2021-12-26 22:15:09	An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. rollback_hook has a use-after-free.	详情
855a5b3ff11feb8c645966ad36418761	CVE-2021-45717	2021-12-26 22:15:09	An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. commit_hook has a use-after-free.	详情
f02287500d30e1eadc21c559d524ca0a	CVE-2021-45678	2021-12-26 01:15:21	NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code.	详情
02d85bdde5cf910f4791f88a71502282	CVE-2021-45677	2021-12-26 01:15:21	Certain NETGEAR devices are affected by stored XSS. This affects GS108Tv2 before 5.4.2.36 and GS110TPv2 before 5.4.2.36.	详情
b7038d575e81da4fbe44a3ff93667744	CVE-2021-45676	2021-12-26 01:15:21	Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.5.126, RAX20 before 1.0.2.82, RAX80 before 1.0.5.126, RAX15 before 1.0.2.82, and RAX75 before 1.0.5.126.	详情
e42e2626a6bfe53575bacdabf645263c	CVE-2021-45674	2021-12-26 01:15:21	Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.	详情
77ae0d780edda047e3bec0fc21128478	CVE-2021-45679	2021-12-26 01:15:21	Certain NETGEAR devices are affected by privilege escalation. This affects R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, and RS400 before 1.5.1.80.	详情
61fabba9a03b8b2d288f6005d4875c4d	CVE-2021-45675	2021-12-26 01:15:21	Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6700v2 before 1.2.0.76, R6900v2 before 1.2.0.76, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, and AC2600 before 1.2.0.76.	详情
e309d1db4d48da429e4d52dba3d80ea3	CVE-2021-45673	2021-12-26 01:15:21	Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106.	详情
ce3d0b58894b99489d41fe3594d2cd78	CVE-2021-45672	2021-12-26 01:15:21	Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R6850 before 1.1.0.78, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, and RAX40 before 1.0.3.62.	详情
ce9ef1810fb674181e9ca0d9383d34ae	CVE-2021-45671	2021-12-26 01:15:21	Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.	详情
3bd91a6f2dc844f743a33251e83fd9c9	CVE-2021-45662	2021-12-26 01:15:20	NETGEAR R7000 devices before 1.0.9.88 are affected by stored XSS.	详情
56e6d184aeaef761f464be57325baa36	CVE-2021-45663	2021-12-26 01:15:20	NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS.	详情
e2dfe7f716ad32cec9e968f417865244	CVE-2021-45654	2021-12-26 01:15:20	NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information.	详情
cae01506c57f30af97272b456828c698	CVE-2021-45653	2021-12-26 01:15:20	Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.	详情
8457397d485c5d9f5a7972779d313139	CVE-2021-45652	2021-12-26 01:15:20	Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.	详情
f071ad7095318ad9f7a2a5e0eb7a3f5f	CVE-2021-45651	2021-12-26 01:15:20	Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK50 before 2.7.3.22, RBR50 before 2.7.3.22, and RBS50 before 2.7.3.22.	详情
f552bb4a6ea6026270bd63fed5921f10	CVE-2021-45664	2021-12-26 01:15:20	NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS.	详情
566669c3928eec5c7cc862ec9b93139f	CVE-2021-45666	2021-12-26 01:15:20	Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.	详情
1de9bd128aab46c8ef529ce8f7910bf4	CVE-2021-45665	2021-12-26 01:15:20	Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.	详情
3c6192180b147b853ea84e1df1aafed7	CVE-2021-45649	2021-12-26 01:15:20	Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R7000 before 1.0.11.126, R6900P before 1.3.2.126, and R7000P before 1.3.2.126.	详情
f6a8afe0baf4526f615617c19b569c21	CVE-2021-45627	2021-12-26 01:15:19	Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.	详情
2f5a0037d2ca0c305d8dc54461565b2c	CVE-2021-45646	2021-12-26 01:15:19	NETGEAR R7000 devices before 1.0.11.116 are affected by disclosure of sensitive information.	详情
8a9d326470416aaede581d598de29579	CVE-2021-45643	2021-12-26 01:15:19	Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, and XR1000 before 1.0.0.58.	详情
330f56d1660c55439406cbb6dc069e07	CVE-2021-45639	2021-12-26 01:15:19	Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.	详情