返回博客 | 威胁情报播报


360 网络安全响应中心 [TOP 30] CVES TIME TITLE URL
0dd2b4e54c1e7d58b6a543d5cd6168ce 2022-01-04 09:42:59 安全事件周报 (12.27-01.02) 详情
1f4414b232828031852a1c0ccd0338a8 CVE-2021-45232 2021-12-28 11:53:57 Apache APISIX Dashboard 未授权访问漏洞通告 详情
7e8a20ef23aa18ec6a4d4db37ac4c3b2 2021-12-27 10:23:48 安全事件周报 (12.20-12.26) 详情
d64e8c999202491d43f23dc514036a1f 2021-12-23 03:35:44 Apache HTTP Server多个漏洞风险通告 详情
c2d76ce73a102654b071afa0aa63a3c7 CVE-2021-45105 2021-12-20 08:57:08 CVE-2021-45105:Apache Log4j 拒绝服务漏洞通告 详情
58138920f2aaf7fe331bd6f96f7cd225 2021-12-20 07:38:33 安全事件周报 (12.13-12.19) 详情
03a81fd8fe0e8c0034b92844bfb6dd03 CVE-2021-45046 2021-12-17 09:54:22 Log4j 2 远程代码执行漏洞通告 详情
a50794d51fd89538d0eb021520271919 2021-12-17 08:05:40 360CERT发布基于漏洞攻击荷载的Log4j2对抗型热补修复方案 详情
d4319ee554074475bdc2bc825480754b 2021-12-15 06:37:34 2021-12 补丁日: 微软多个漏洞安全更新通告 详情
7eed3b6eefb34deb5bba75d8e3cd6c8b CVE-2021-4102 2021-12-14 10:27:36 CVE-2021-4102:Google Chrome 代码执行漏洞 详情
0b2a24c28ee563beb083baa046da930b 2021-12-13 07:09:14 安全事件周报 (12.06-12.12) 详情
ec4c7eb7d0fda599889cdc11440df805 2021-12-13 03:00:28 Microsoft Windows Active Directory 域服务权限提升多个漏洞通告 详情
e0a3b7cab3cc78da77c5fad75a9ba739 2021-12-10 02:25:47 Apache Log4j 2 远程代码执行漏洞通告 详情
9ec8a01a5c4055ebe30833b1e884926e 2021-12-07 09:10:46 Grafana 任意文件读取漏洞通告 详情
c529a8f4ce9149aac86c63b5738017ee 2021-12-06 07:56:06 安全事件周报 (11.29-12.05) 详情
9c24c96b071028e5ab5cb7c57a40aec5 CVE-2021-44077 2021-12-06 02:34:35 Zoho ManageEngine ServiceDesk Plus 认证绕过漏洞通告 详情
27933e8ec7f78be59d256022a1d64b95 CVE-2021-43527 2021-12-02 10:28:33 Mozilla NSS 缓冲区堆溢出漏洞通告 详情
83bac63949a59169c9c7c271d98a152e 2021-11-29 09:38:26 安全事件周报 (11.22-11.28) 详情
15ff7b9007f0c1e45294434b299d4109 CVE-2021-43267 2021-11-29 08:18:18 【更新】Linux Kernel TIPC远程代码执行漏洞通告 详情
bebe746363e69b69622e3fda0f108447 CVE-2021-43267 2021-11-29 07:19:49 【通告更新】Linux Kernel TIPC远程代码执行漏洞通告 详情
4ed0bd21ac467e8cc581c0e81289c523 CVE-2021-21980 2021-11-25 07:07:05 CVE-2021-21980:VMware vCenter Server任意文件读取漏洞 详情
d875d320facf4c43784eb891375cd7b3 2021-11-24 08:57:02 Windows Installer 权限提升漏洞通告 详情
91e360c25b115d69fd9e9e83ec9f3a0e 2021-11-23 03:34:54 【更新】Hadoop Yarn RPC未授权访问漏洞通告 详情
dbdf7a621ffe78f2c309940176c7a72f CVE-2021-41277 2021-11-22 10:10:03 Metabase 任意文件读取漏洞通告 详情
8721b1795800b3a9515a758cd793c45e CVE-2021-42321 2021-11-22 09:26:04 微软Exchange Server远程代码执行漏洞通告 详情
b6d6aca9371ebf883fe0c82c70f1d0b2 2021-11-22 03:47:09 安全事件周报 (11.15-11.21) 详情
c3564bfbac4c6c088ea8709c8f22689e 2021-11-17 08:15:46 npm多个高危漏洞通告 详情
849700f1142f235f2f3841fe9a8c143c 2021-11-16 07:56:39 Intel BIOS固件多个权限提升漏洞通告 详情
512590ceca81695993af08257a324b98 2021-11-15 08:35:38 Hadoop Yarn RPC未授权访问漏洞通告 详情
0486042c1420b0617fab550f8142ae35 CVE-2020-27986 2021-11-15 08:09:40 SonarQube 未授权访问漏洞在野利用通告 详情

Tenable (Nessus) [TOP 30] CVES TIME TITLE URL
de5f3fc118d6a17b99d19a2804172df3 CVE-2021-25743 2022-01-07 00:15:00 kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events. 详情
4e85fd4be73d312a7ee00458ba252283 CVE-2022-21664 2022-01-06 23:15:00 WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue. 详情
3ead5572706e11b7c8edf378867bc118 CVE-2022-21663 2022-01-06 23:15:00 WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue. 详情
dfab22ad43a85a9d514325bb88e46aec CVE-2022-21662 2022-01-06 23:15:00 WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue. 详情
d920b56e7dfe71b24e55ae3264022335 CVE-2022-21661 2022-01-06 23:15:00 WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability. 详情
e58e9931c2ed51afeedef37f6eb233f5 CVE-2021-46044 2022-01-06 21:15:00 A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent). 详情
40a290a301b003843efca108c4d7229f CVE-2021-46043 2022-01-06 21:15:00 A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service. 详情
916eea980b0d92b35003af596f94e65c CVE-2021-42841 2022-01-06 21:15:00 Insta HMS before 12.4.10 is vulnerable to XSS because of improper validation of user-supplied input by multiple scripts. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. 详情
1aa0f37590f9726c8b9b30d55923d94d CVE-2021-46042 2022-01-06 20:15:00 A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service. 详情
ea97be08c487e929f0daf1086644e374 CVE-2021-46041 2022-01-06 20:15:00 A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service. 详情
30497a07bfd3cab4ba22fc52165d05d8 CVE-2021-46040 2022-01-06 20:15:00 A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent). 详情
0bf2b2b92a7a4575935a1d8319a8290c CVE-2021-46039 2022-01-06 20:15:00 A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent). 详情
75702db2105ebee6548b2a4b3327a41c CVE-2021-43045 2022-01-06 18:15:00 A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue. 详情
9c2761a1c980bee3e0b5567c4b5bc246 CVE-2021-4194 2022-01-06 18:15:00 bookstack is vulnerable to Improper Access Control 详情
6005cb8319d24a8a7a06840d1bb45dad CVE-2021-28715 2022-01-06 18:15:00 Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714) 详情
13b4a5698607f16110b09b321cb5795e CVE-2021-28714 2022-01-06 18:15:00 Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714) 详情
e5ab33a25ad8893143843e7b8780fbd0 CVE-2021-43045 2022-01-06 18:15:00 A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue. 详情
1280025a54e90a70e69f73fe0c47519e CVE-2022-0128 2022-01-06 17:15:00 vim is vulnerable to Out-of-bounds Read 详情
f6778b89faab3d1ab229e6f85bec2aa2 CVE-2021-46079 2022-01-06 16:15:00 An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. 详情
0b30c0fd1a9c08af9c1be4612bc99a7b CVE-2021-46078 2022-01-06 16:15:00 An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. 详情
c8a3bd43c715cce8f65ce837c1bbcc6a CVE-2021-46075 2022-01-06 16:15:00 A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. 详情
8673fd2f9067662f3c51b90953bbc325 CVE-2021-46074 2022-01-06 16:15:00 A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. 详情
d81f2142b72d50f63d57d02db98a2232 CVE-2021-46073 2022-01-06 16:15:00 A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. 详情
e64f992b4e7b9d17e90e421da6cdb3d5 CVE-2021-46072 2022-01-06 16:15:00 A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. 详情
f730cf61e81da4bfa7c50a09ca1e1d42 CVE-2021-46071 2022-01-06 16:15:00 A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. 详情
660d28e6300ec782e418165f9fba5ce9 CVE-2021-46070 2022-01-06 16:15:00 A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. 详情
837efa38671c95cf6edd5b4624c9a200 CVE-2021-46069 2022-01-06 16:15:00 A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. 详情
61d2112ce10648f00c69af4a08bd262c CVE-2021-46068 2022-01-06 16:15:00 A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. 详情
4dcda4b1c5a24f6ed132db01d6aa5f0e CVE-2021-44591 2022-01-06 14:15:00 In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file. 详情
91ac6c93c6bd8fd7032a0e8815c16cc1 CVE-2021-44590 2022-01-06 14:15:00 In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits this vulnerability. 详情

国家信息安全漏洞共享平台(CNVD) [TOP 30] CVES TIME TITLE URL
8686fda9b2b49e4e1666b54e2248f935 CNVD-2021-74882 2021-11-14 16:43:52 四创科技有限公司建站系统存在SQL注入漏洞 详情
8f6972d84ad188b05ff9cc14d4334949 CNVD-2021-87021 (CVE-2020-4690) 2021-11-12 12:43:14 IBM Security Guardium硬编码凭证漏洞 详情
3bfe7b053a0c59d8a3d38c18f86aa143 CNVD-2021-87022 (CVE-2021-38870) 2021-11-12 12:43:12 IBM Aspera跨站脚本漏洞 详情
a4649bb17f4db4d1c7f879ebceb46ed0 CNVD-2021-87011 (CVE-2021-29753) 2021-11-12 12:43:11 IBM Business Automation Workflow存在未明漏洞 详情
094c613f9ed4b8b9d887dc912789043c CNVD-2021-87025 (CVE-2021-20563) 2021-11-12 12:43:10 IBM Sterling File Gateway信息泄露漏洞 详情
41c47f01a4c65dcb6efc9ebf483fe762 CNVD-2021-87010 (CVE-2021-38887) 2021-11-12 12:43:08 IBM InfoSphere Information Server信息泄露漏洞 详情
f51d33e7a09fd61ca90ede453515a830 CNVD-2021-87016 (CVE-2021-29764) 2021-11-12 12:43:07 IBM Sterling B2B Integrator跨站脚本漏洞 详情
33615a5f78df822e82e6d3436045c48c CNVD-2021-87026 (CVE-2021-38877) 2021-11-12 12:43:06 IBM Jazz for Service Management跨站脚本漏洞 详情
8e729177bcb4105dd831fb1e123ed1bb CNVD-2021-87014 (CVE-2021-29679) 2021-11-12 12:43:04 IBM Cognos Analytics远程代码执行漏洞 详情
1a3b856f78e9fbdca12aeddc7d665aca CNVD-2021-87029 (CVE-2021-29752) 2021-11-12 12:43:03 IBM Db2信息泄露漏洞 详情
6f1aa3a0cb819d97519baa47fd0232d5 CNVD-2021-87015 (CVE-2021-29745) 2021-11-12 12:43:02 IBM Cognos Analytics权限提升漏洞 详情
cbcb12f5f51d6e7d6d8a9fa581aa863a CNVD-2021-73908 2021-11-11 16:42:44 泛微e-cology存在SQL注入漏洞 详情
ae6fd467da55de31aa7219187cf5c2d4 CNVD-2021-86904 (CVE-2021-20351) 2021-11-11 08:31:46 IBM Engineering跨站脚本漏洞 详情
412a15b40959ed9cf9330ee79f99e079 CNVD-2021-86903 (CVE-2021-31173) 2021-11-11 08:31:44 Microsoft SharePoint Server信息泄露漏洞 详情
1cbc5d5faac431d3e82c9e5ea9588b5f CNVD-2021-86902 (CVE-2021-31172) 2021-11-11 08:31:43 Microsoft SharePoint欺骗漏洞 详情
686c7cfb20933b41c3d679cbba79a2ad CNVD-2021-86901 (CVE-2021-31181) 2021-11-11 08:31:42 Microsoft SharePoint远程代码执行漏洞 详情
72fdfb2d44c0d41d638e4632bdfc10b8 CNVD-2021-86900 (CVE-2021-3561) 2021-11-11 08:31:41 fig2dev缓冲区溢出漏洞 详情
3ba6f0e9394f9414e2cadb9495e2d5f5 CNVD-2021-85884 (CVE-2021-41210) 2021-11-10 07:24:57 Google TensorFlow堆分配数组越界读取漏洞 详情
4d8c4744ea972fb2fcb9673fea1fc7b7 CNVD-2021-85883 (CVE-2021-41226) 2021-11-10 07:24:56 Google TensorFlow堆越界访问漏洞 详情
8778f9cd924cae585ca5e2e0b8be3b3f CNVD-2021-85882 (CVE-2021-41224) 2021-11-10 07:24:54 Google TensorFlow堆越界访问漏洞 详情
e1b2722e6d5c509c680b584416d9cb20 CNVD-2021-85881 (CVE-2021-42770) 2021-11-10 07:24:53 OPNsense跨站脚本漏洞 详情
ed09c9fa5586e2d4d9b4e95fe3b447a0 CNVD-2021-85880 (CVE-2021-28024) 2021-11-10 07:24:52 ServiceTonic访问控制不当漏洞 详情
8a642f0922f7f915e81b2b947276a96c CNVD-2021-85879 (CVE-2021-28023) 2021-11-10 07:24:50 ServiceTonic任意文件上传漏洞 详情
c00b061c2cfdee4016a869a188135db5 CNVD-2021-85878 (CVE-2021-28022) 2021-11-10 07:24:49 ServiceTonic SQL注入漏洞 详情
9c4b20a28ad2bd4ab916448f0e1272bd CNVD-2021-85877 (CVE-2021-32483) 2021-11-10 07:24:48 Cloudera Manager不正确访问控制漏洞 详情
4d4423857b7b1f38e49738f00e8949ba CNVD-2021-85876 (CVE-2021-32481) 2021-11-10 07:24:46 Cloudera Hue跨站脚本漏洞 详情
6b12b7fc216d603e8e07351603851c86 CNVD-2021-85875 (CVE-2021-29994) 2021-11-10 07:24:45 Cloudera Hue跨站脚本漏洞 详情
72894fb3a3538de240d2f6810aae63c9 CNVD-2021-85892 (CVE-2021-42701) 2021-11-10 02:38:27 DAQFactory中间人攻击漏洞 详情
94a1f99a64ba24540cc1594d0a0b3152 CNVD-2021-85893 (CVE-2021-42699) 2021-11-10 02:38:26 DAQFactory明文传输漏洞 详情
5d9bac33be8f2f88391f6de02fb89c73 CNVD-2021-85894 (CVE-2021-42698) 2021-11-10 02:38:24 DAQFactory反序列化漏洞 详情

国家信息安全漏洞库(CNNVD) [TOP 30] CVES TIME TITLE URL
446d67667a5365137907a45b0a644ff1 CNNVD-202201-315 (CVE-2020-23986) 2022-01-06 13:34:32 github-readme-stats 安全漏洞 详情
216fd85a04919bbf0fda6dd93dd1041f CNNVD-202201-316 (CVE-2020-27428) 2022-01-06 12:50:54 Scratch-Svg-Renderer 安全漏洞 详情
9d9bba1d1f33b6a43e386293bbe6e674 CNNVD-202201-317 (CVE-2021-41842) 2022-01-06 12:50:52 Insyde InsydeH2O 安全漏洞 详情
35f38f38dea0127cbdacbab40742a566 CNNVD-202201-308 (CVE-2021-45969) 2022-01-05 13:34:47 Insyde InsydeH2O 安全漏洞 详情
136d758361c8b2b5bd54239bc6992624 CNNVD-202201-310 (CVE-2021-46038) 2022-01-05 13:34:43 GPAC 安全漏洞 详情
b18ea8bbf9aff06f7fc18ff71ffdc000 CNNVD-202201-311 (CVE-2021-45833) 2022-01-05 13:34:41 HDF5 安全漏洞 详情
0e37469dfece36d4beb921cf83f7234c CNNVD-202201-312 (CVE-2021-40026) 2022-01-05 13:34:39 Huawei HarmonyOS Wearables 缓冲区错误漏洞 详情
54b2b757c2f47b1bebf2a636266db06d CNNVD-202201-313 (CVE-2021-45971) 2022-01-05 13:34:37 Insyde InsydeH2O 安全漏洞 详情
983aa1f3d6a66c8f87c59ac4ef7b1638 CNNVD-202201-314 (CVE-2021-40009) 2022-01-05 13:34:35 Huawei HarmonyOS Wearables 安全漏洞 详情
97efcb0864da4e4abfbed0d6db3d3b53 CNNVD-202201-309 (CVE-2021-45970) 2022-01-05 12:51:34 Insyde InsydeH2O 安全漏洞 详情
6a27e9a907937b8687a7f95d49258ec5 CNNVD-202201-184 (CVE-2021-43852) 2022-01-04 12:48:32 OroPlatform 安全漏洞 详情
bb00ea332f735234ebbb80d9e0c00f56 CNNVD-202201-185 (CVE-2021-0934) 2022-01-04 12:48:30 Google Android 安全漏洞 详情
92c877e47ffe5e35a61d6fe524f758e2 CNNVD-202201-186 (CVE-2022-21647) 2022-01-04 12:48:28 CodeIgniter 代码问题漏洞 详情
586694718742613ea884f07ac64ad72b CNNVD-202201-187 (CVE-2022-21648) 2022-01-04 12:48:26 Latte 安全漏洞 详情
2f616ed31fdaaead3284a29256b65735 CNNVD-202201-188 (CVE-2022-21650) 2022-01-04 12:48:24 Nordaaker Convos 跨站脚本漏洞 详情
4d1dc7b23ebe211eb9ef53b470a46c02 CNNVD-202201-189 (CVE-2022-21644) 2022-01-04 12:48:22 USOC SQL注入漏洞 详情
4c49ecf6e588a104e9f30d0ad6976ac1 CNNVD-202201-190 (CVE-2021-41388) 2022-01-04 12:48:20 Netskope 安全漏洞 详情
bde7e5bf549740bc242a7b7010a29c91 CNNVD-202201-191 (CVE-2022-21649) 2022-01-04 12:48:18 Nordaaker Convos 跨站脚本漏洞 详情
e668ca779ae6453feb46c6ee76d4eeb7 CNNVD-202201-192 (CVE-2021-39632) 2022-01-04 12:48:16 Google Android 安全漏洞 详情
c1ce176458566d9c5336e0279ba0766e CNNVD-202201-193 (CVE-2021-39630) 2022-01-04 12:48:14 Google Android 安全漏洞 详情
01d573d5b89a106c70176bae02bc2c6a CNNVD-202201-074 (CVE-2021-45428) 2022-01-03 12:47:43 Telesquare TLR-2005KSH 安全漏洞 详情
946910857bc1d5b3ccbeaa4bcc854411 CNNVD-202201-075 (CVE-2021-45817) 2022-01-03 12:47:41 Hanwha DVR 跨站脚本漏洞 详情
01570e18d1a269d56139723a92acf532 CNNVD-202201-076 (CVE-2021-46109) 2022-01-03 12:47:39 ASUS RT-AC52U_B1 跨站脚本漏洞 详情
19c07436410a42035436c6614131a881 CNNVD-202201-077 (CVE-2020-23026) 2022-01-03 12:47:37 dhrystone 缓冲区错误漏洞 详情
fef12f534b814e8a827d33eed0b9d7d5 CNNVD-202201-078 (CVE-2021-20148) 2022-01-03 12:47:35 ZOHO ManageEngine ADSelfService Plus 安全漏洞 详情
8f3af5e048b0871ba0250f4ae8ac59e3 CNNVD-202201-079 (CVE-2021-20147) 2022-01-03 12:47:33 ZOHO ManageEngine ADSelfService Plus 安全漏洞 详情
2d8f3b1c35371aef0faccd4470183683 CNNVD-202201-080 (CVE-2021-37120) 2022-01-03 12:47:31 Huawei Smartphone 缓冲区错误漏洞 详情
7463328da80781459cc4a6d33cc652bc CNNVD-202201-081 (CVE-2021-37121) 2022-01-03 12:47:29 HuaWei Smartphone 安全漏洞 详情
da569fe20ce015decf152a2cc4efdcf4 CNNVD-202201-082 (CVE-2021-38576) 2022-01-03 12:47:27 Tianocore EDK II 安全漏洞 详情
9cf36b476eb765ba3b73e01d80b58bd4 CNNVD-202201-083 (CVE-2021-45829) 2022-01-03 12:47:25 HDF5 安全漏洞 详情

奇安信 [TOP 30] CVES TIME TITLE URL
6bd01daffa85191c80698354fc8e252f wt QianxinTI-SV-2019-0015 Microsoft Windows RDP远程桌面服务多个远程代码执行漏洞通告 详情
f749eac58b87d0954f0e4a84b5d67057 CVE-2020-1350 2020-07-15 15:57:00 QiAnXinTI-SV-2020-0013 Microsoft DNS Server远程代码执行漏洞(CVE-2020-1350)通告 详情
90b93cb7073fe73b17746ac166a09637 CVE-2020-6819, CVE-2020-6820 2020-04-08 10:34:35 QianxinTI-SV-2020-0012 Firefox在野远程代码执行漏洞(CVE-2020-6819、CVE-2020-6820)通告 详情
e318a5efa4803b50cdef480b90b1784d 2020-03-25 13:58:51 QiAnXinTI-SV-2020-0009 Microsoft Windows Type 1字体处理远程代码执行漏洞(ADV200006)通告 详情
cffc3035f7899495cfeae521451f91b2 CVE-2020-0796 2020-03-12 10:32:09 QiAnXinTI-SV-2020-0008 Microsoft Windows SMBv3.0服务远程代码执行漏洞(CVE-2020-0796)通告 详情
3e6175d47d17c6f94bd9ba10d81c3717 CVE-2020-0674 2020-03-02 14:52:46 QiAnXinTI-SV-2020-0002 Microsoft IE jscript远程命令执行0day漏洞(CVE-2020-0674)通告 详情
d99d073afb7d248a8a62fb068921997f CVE-2020-0601 2020-01-15 14:11:41 QianxinTI-SV-2020-0001 微软核心加密库漏洞(CVE-2020-0601)通告 详情
b7b45b14a3af1225ef6eec72d74964df CVE-2019-1367 2019-09-25 17:23:00 QiAnXinTI-SV-2019-0022 微软IE浏览器JScript脚本引擎远程代码执行漏洞通告 详情
504fc79f0123db109a11b149c334b75c CVE-2019-0708 2019-09-09 10:20:47 QiAnXinTI-SV-2019-0006 微软远程桌面服务远程代码执行漏洞(CVE-2019-0708)预警通告 详情
5b727692d583d4a6e7cdb0f670eac12a CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, CVE-2019-1226 2019-08-14 11:09:05 QianxinTI-SV-2019-0015 Microsoft Windows RDP远程桌面服务多个远程代码执行漏洞通告 详情
54b48d765fccbc8dcfa3de0920459f8d CVE-2019-11707 2019-06-19 16:53:47 QiAnXinTI-SV-2019-0013 Firefox远程代码执行漏洞(CVE-2019-11707)预警通告 详情
5b4d5fea09fbc2dca45be53f162d39de CVE-2019-0708 2019-05-31 17:03:19 QiAnXinTI-SV-2019-0006 微软远程桌面服务远程代码执行漏洞(CVE-2019-0708)预警通告 详情

安全客 [TOP 30] CVES TIME TITLE URL
03afa8b4eaf4a0160784152fca5465b2 CVE-2021-27308 2021-07-11 14:22:05 4images 跨站脚本漏洞 详情
8b0ace4c54a7fc20a99d21e294152a99 CVE-2020-15261 2021-07-11 14:22:05 Veyon Service 安全漏洞 详情
d4f12de949590ab346b61986a29d8b4d CVE-2021-35039 2021-07-09 17:30:13 Linux kernel 安全漏洞 详情
f790e7ef3b5de3774d42ee32b9b10c01 CVE-2021-34626 2021-07-09 17:30:13 WordPress 访问控制错误漏洞 详情
71bf261eb2113d5ff870ab9bafd29f55 CVE-2021-25952 2021-07-09 17:30:13 just-safe-set 安全漏洞 详情
152793cbc104933584f5f227606f433d CVE-2021-0597 2021-07-09 17:30:13 Google Android 信息泄露漏洞 详情
75f153c327984fdfdd2d9c463a91371d CVE-2021-34430 2021-07-09 17:30:13 Eclipse TinyDTLS 安全特征问题漏洞 详情
9610336f1a41241cc8edea22a2780ec5 CVE-2021-3638 2021-07-09 17:30:13 QEMU 安全漏洞 详情
92fe450ae5c5dfa48072aca79d64ba63 CVE-2021-34614 2021-07-09 14:24:32 Aruba ClearPass Policy Manager 安全漏洞 详情
680a4218fc32922746717210664a3d62 CVE-2021-22144 2021-07-09 13:28:16 Elasticsearch 安全漏洞 详情
373930f669f2c1f7b61101a925304779 CVE-2021-24022 2021-07-09 13:28:16 Fortinet FortiManager 安全漏洞 详情
8556f9cd0699f88c1f6cca9a43463bdd CVE-2021-33012 2021-07-09 13:28:16 Allen Bradley Micrologix 1100输入验证错误漏洞 详情
480ae713cc88cc0985e1ebc079974d83 CVE-2021-0592 2021-07-09 13:28:16 Google Android 安全漏洞 详情
8ef4dbefa6604ea2312621401c3ec0b9 CVE-2021-1598 2021-07-09 13:28:16 Cisco Video Surveillance 7000 Series IP Cameras 安全漏洞 详情
d6e8714c32df7a0dcc2f3910ec68b42d CVE-2021-20782 2021-07-09 13:28:16 Software License Manager 跨站请求伪造漏洞 详情
4e60b22611b8bb0fd7e532896498af29 CVE-2021-20781 2021-07-09 13:28:16 WordPress 跨站请求伪造漏洞 详情
5ca48ad58fb499c069ae0800c3b39875 CVE-2021-32961 2021-07-09 13:28:16 MDT AutoSave代码问题漏洞 详情
2ed854890b43f08e52340a1e8fe6d39f CVE-2021-0577 2021-07-09 13:28:16 Google Android 安全漏洞 详情
8d63110e1475bbd245715b2ee1824d13 CVE-2021-31816 2021-07-09 13:28:16 Octopus Server 安全漏洞 详情
72bef2ae2f5db7dd066e1cdefa618dc5 CVE-2021-31817 2021-07-09 13:28:16 Octopus Server 安全漏洞 详情
1f7369b2609dbd2cd40d091f7de540cd CVE-2020-20217 2021-07-09 13:28:16 Mikrotik RouterOs 安全漏洞 详情
1793176eecc5813c3348f026dc9909c9 CVE-2020-28598 2021-07-09 13:28:16 PrusaSlicer 安全漏洞 详情
7f4cf34ceb545548dcfcc3c0e7120268 CVE-2021-32945 2021-07-09 13:28:16 MDT AutoSave加密问题漏洞 详情
58553eb00d6e3e83b633f09464c4e98a CVE-2021-29712 2021-07-09 13:28:16 IBM InfoSphere Information Server 跨站脚本漏洞 详情
d8e27ec42fb0b89998fcc006f49b249b CVE-2021-25432 2021-07-09 13:28:16 Samsung Members 信息泄露漏洞 详情
8f2adc6c247725bf2eb7f53256c93ea7 CVE-2021-25433 2021-07-09 13:28:16 Samsung Tizen安全漏洞 详情
8f949676124339eb6f64f9c607af5470 CVE-2021-25431 2021-07-09 13:28:16 Samsung Mobile Device Cameralyzer 访问控制错误漏洞 详情
069818a8958f9c158fcb0956ee32fc03 CVE-2021-25434 2021-07-09 13:28:16 Samsung Tizen 代码注入漏洞 详情
55b9126220b9722ff5d730d3996877e9 CVE-2021-32949 2021-07-09 13:28:16 MDT AutoSave 路径遍历漏洞 详情
ebab009fffdee3d360dcdff74b0ed061 CVE-2021-25435 2021-07-09 13:28:16 Samsung Tizen代码注入漏洞 详情

斗象 [TOP 30] CVES TIME TITLE URL
88a8c676b52a739c0335d7c21ca810a9 2022-01-06 08:19:17 MeterSphere 远程代码执行漏洞 详情
9cd742f4839806e40f42c6e7ea492590 2021-12-28 10:31:16 APISIX Dashboard 未授权访问漏洞风险通告(CVE-2021-45232) 详情
76cad61d2d5a8750a6a714ab2c6dbc97 CVE-2021-45232 2021-12-28 10:31:16 Apache APISIX Dashboard 接口未授权访问漏洞(CVE-2021-45232) 详情
af4f5f63390eb00de8705b5029d8c376 CVE-2021-44228, CVE-2021-45046 2021-12-14 01:56:52 Apache Log4j 远程代码执行漏洞 详情
43456ae172e45c12087c40c03d925e0e CVE-2021-44228 2021-12-11 03:21:34 Apache Log4j 远程代码执行漏洞 详情
392b133d98d6f61aee36ce6c8784f4df 2021-12-09 15:20:54 Apache Log4j 远程代码执行漏洞 详情
1e193280a8f45427c06cb4945be4f126 2021-12-07 06:48:55 Grafana 任意文件读取漏洞 详情
1911c90c4cf886d9867ff81b4756eb3f 2021-12-02 06:37:58 VMware vCenter 服务端请求伪造漏洞 详情
45a46bc77eb26e67020f43cf08f1fcc6 CVE-2021-21980, CVE-2021-22049 2021-11-26 03:52:06 VMware vCenter Server多个高危漏洞通告 详情
c1d2650c12cb12d9ee21f53d0f087be8 CVE-2021-42321, CVE-2021-42292, CVE-2021-38666 2021-11-10 12:03:45 微软2021年11月补丁日漏洞通告 详情
6b34ab872bd97043b7699554194da23f CVE-2021-22205 2021-11-02 03:38:34 GitLab CE/EE远程代码执行漏洞(CVE-2021-22205) 详情
a418a10f7f4a1694a2293e895b24de6a CVE-2021-35617, CVE-2021-35620 2021-10-20 03:07:34 Oracle WebLogic 多个高危漏洞通告 详情
e2d8ba6cd503627461acaa0de23c51b6 CVE-2021-40449, CVE-2021-26427, CVE-2021-40486, CVE-2021-38672, CVE-2021-40461 2021-10-13 05:29:50 微软2021年10月补丁日漏洞通告 详情
68be9e619a7702aa2cb4d58c255d39c8 CVE-2021-41773, CVE-2021-42013 2021-10-09 03:33:50 Apache HTTP Server 路径遍历漏洞 详情
2b425329012f167ceeee133dcab6c49c CVE-2021-21991, CVE-2021-21992, CVE-2021-21993, CVE-2021-22005, CVE-2021-22006, CVE-2021-22007, CVE-2021-22008, CVE-2021-22009, CVE-2021-22010, CVE-2021-22011, CVE-2021-22012, CVE-2021-22013, CVE-2021-22014, CVE-2021-22015, CVE-2021-22016, CVE-2021-22017 2021-09-22 05:41:12 VMware多个高危漏洞通告 详情
a0f1f4b9e08c161feea107db8c47d55e CVE-2021-26084 2021-08-26 12:03:16 Atlassian Confluence远程代码执行漏洞(CVE-2021-26084) 详情
68ee7b98acb8ba2e45c3638a078d9535 CVE-2021-39139, CVE-2021-39140, CVE-2021-39141, CVE-2021-39144, CVE-2021-39145, CVE-2021-39146, CVE-2021-39147, CVE-2021-39148, CVE-2021-39149, CVE-2021-39150, CVE-2021-39151, CVE-2021-39152, CVE-2021-39153, CVE-2021-39154 2021-08-23 06:14:35 XStream 多个反序列化漏洞 详情
e00d270224089dec1dde09bb05ec2678 CVE-2021-34473, CVE-2021-34523, CVE-2021-31207 2021-08-06 08:53:31 Microsoft Exchange 远程代码执行漏洞(PoC已公开) 详情
b36f311a6a1cb8b7c4d2da09512e0fa9 CVE-2021-2394, CVE-2021-2397, CVE-2021-2382 2021-07-21 10:29:24 Oracle WebLogic 多个高危漏洞通告 详情
86cb552f791b9e8159d01a9478a59f9d CVE-2021-34527, CVE-2021-34448, CVE-2021-33771, CVE-2021-31979, CVE-2021-34473, CVE-2021-34520, CVE-2021-34468, CVE-2021-34467, CVE-2021-34449, CVE-2021-33780 2021-07-14 09:40:04 微软2021年7月补丁日漏洞通告 详情
ed706209d0185b2415915cac4afec37b 2021-07-08 08:43:59 YApi远程代码执行漏洞通告 详情
c5bfeca05acdc931e8686c9e3d4ff937 2021-07-02 11:03:50 Windows Print Spooler 远程代码执行漏洞(CVE-2021-34527) 详情
4184ae9f57a2db9063367e64e6cc2cb7 CVE-2021-1675 2021-06-29 10:15:39 Windows Print Spooler远程代码执行漏洞(CVE-2021-1675) 详情
2131ca2cbd7b631f62f8701a925c2767 CVE-2021-21998 2021-06-23 06:20:30 VMware Carbon Black App Control 身份验证绕过漏洞(CVE-2021-21998) 详情
906de48de24b85a2278ae80a9f4d0aa8 2021-06-03 02:48:56 用友NC BeanShell 远程命令执行漏洞 详情
4d9035105f60b9d56f24c24e87fc6e32 CVE-2021-21985 2021-05-26 03:39:33 VMware vCenter Server 远程代码执行漏洞(CVE-2021-21985) 详情
137a4e2d822964f8f8c93f59d00f2bce 2021-04-18 16:38:14 WebLogic T3反序列化漏洞0day 详情
7cb0c487c17f2247b0b81ef4bc51f47b 2021-04-18 16:38:14 WebLogic T3反序列化漏洞0day通告 详情
49c6f9e6d3305e3f6a1b9e819a546f5e 2021-03-18 07:43:11 GitLab markdown远程代码执行漏洞 详情
d260fd6bfb4e9ac71fb3d9e8ac099e8a CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351 2021-03-15 12:14:54 XStream 多个反序列化漏洞 详情

红后 [TOP 30] CVES TIME TITLE URL
d79ebcca362bc03f8b54401b60d1712d CVE-2020-10188 2022-01-06 13:46:13 netkit telnet 缓冲区错误漏洞 详情
93bb57561723f5c368c804895c348841 CVE-2020-10174 2022-01-05 13:44:15 Timeshift 后置链接漏洞 详情
213309ff8a9e7561a797d09e0b3e47ff CVE-2020-9545 2022-01-05 13:44:08 Pale Moon 代码问题漏洞 详情
f914771d39c3babf600aeb28b3373fa7 CVE-2020-6799 2022-01-05 13:43:54 Mozilla Firefox ESR 参数注入漏洞 详情
c0c6116387986c1e7f50aa1ff58f528d CVE-2020-10174 2022-01-04 13:42:18 Timeshift 竞争条件问题漏洞 详情
f01030cc18ee8184b930db91c435618e CVE-2020-10110 2022-01-04 13:42:05 Citrix Systems Gateway 安全漏洞 详情
7f8a14dfbb462f466f54a22de648409a CVE-2020-9429 2022-01-04 13:42:01 Wireshark WireGuard 代码问题漏洞 详情
e3f25d0859e20d7edf39caf7d5d65cca CVE-2020-6793 2022-01-04 13:41:58 Mozilla Thunderbird 缓冲区错误漏洞 详情
1cdffa8b5164fa0405dcefd92e08b391 CVE-2020-6801 2022-01-04 13:41:51 Mozilla Firefox 缓冲区错误漏洞 详情
dcb006783a9e0ef5061187c9ea8036d8 CVE-2020-0502 2022-01-03 13:42:21 Intel Graphics Drivers 安全漏洞 详情
716fedcbf9d61b2d442518f652174202 CVE-2020-0503 2022-01-03 13:42:18 Intel Graphics Drivers 安全漏洞 详情
60d56cb5e20f3ef82a2d76f91ccc661c CVE-2020-9545 2022-01-03 13:42:15 Pale Moon 输入验证错误漏洞 详情
f275fb74b166ab5cde7487e66cdbec6d CVE-2020-9531 2022-01-03 13:42:12 Xiaomi MIUI 信息泄露漏洞 详情
b78e504815cc2109a66d61439e9a7532 CVE-2020-7062 2022-01-03 13:42:08 PHP 代码问题漏洞 详情
9e1978b6b40ae4bbf745933541c53c2d CVE-2020-9372 2022-01-03 13:42:05 WordPress Appointment Booking Calendar 注入漏洞 详情
47683e7cb71a53b84967d82f313ed2a1 CVE-2020-6799 2022-01-03 13:42:02 Mozilla Firefox和Firefox ESR 输入验证错误漏洞 详情
7ee9f6ed5179adc03703b5687d23da65 CVE-2020-6800 2022-01-03 13:41:58 Mozilla Firefox、Firefox ESR和Thunderbird 缓冲区错误漏洞 详情
33443868c6cee2fce93849391aeb462c CVE-2020-1706 2022-01-03 13:41:55 Red Hat OpenShift Enterprise 安全漏洞 详情
13131d74a3c75afbd96d46d9d9f11c18 CVE-2020-6792 2022-01-03 13:41:52 Mozilla Thunderbird 缓冲区错误漏洞 详情
ed09df96f1edefb3ec93678c65b2880f CVE-2020-1569 2022-01-02 13:41:40 Microsoft Edge 缓冲区错误漏洞 详情
acdec84997a61988afb095c608f69195 CVE-2020-1570 2022-01-02 13:41:38 Microsoft Internet Explorer 缓冲区错误漏洞 详情
de7881ccab65c5441ac09e0ecdc64be9 CVE-2020-1566 2022-01-02 13:41:34 Microsoft Windows Kernel 缓冲区错误漏洞 详情
6d1b05d440a2e445ec134dcb4250fda0 CVE-2020-1567 2022-01-02 13:41:31 Microsoft Internet Explorer 输入验证错误漏洞 详情
91d56e3919977dab0611eab925add70a CVE-2020-1563 2022-01-02 13:41:28 Microsoft Office 缓冲区错误漏洞 详情
85a88df55ac880ed0c7ce13afd0e2b74 CVE-2020-1564 2022-01-02 13:41:24 Microsoft Windows Jet Database Engine 缓冲区错误漏洞 详情
902b37d1bc30d0a9380cf07cddbb204b CVE-2020-1568 2022-01-02 13:41:21 Microsoft Edge 缓冲区错误漏洞 详情
2ec09c80ccfb46fee641fe464610d15f CVE-2020-1561 2022-01-02 13:41:17 Microsoft Windows Graphics Components 缓冲区错误漏洞 详情
4b857c311ad1e4771194c79c90328c00 CVE-2020-1565 2022-01-02 13:41:14 Microsoft Windows和Windows Server 安全漏洞 详情
50701d7681b2223ecc3c8aee46bde5ae CVE-2020-1557 2022-01-02 13:41:10 Microsoft Windows Jet Database Engine 缓冲区错误漏洞 详情
ea67ddbcd3c65beea6141e9e2449885c CVE-2020-1530 2022-01-01 13:42:19 Microsoft Windows Remote Access 缓冲区错误漏洞 详情

绿盟 [TOP 30] CVES TIME TITLE URL
e038246365bb2d83883e19bf8be57764 CVE-2021-45831 2022-01-06 03:32:03 GPAC空指针解引用漏洞 详情
ce427b38ff5ebfe62614d5189b5a87a3 CVE-2022-22107 2022-01-06 03:32:03 DayByDay CRM授权错误漏洞 详情
752366d89431c37d9d5aeb8bdc46076e CVE-2022-22108 2022-01-06 03:32:03 DayByDay CRM授权错误漏洞 详情
ba5abcdb7d23ab3375004176544c1476 CVE-2022-22109 2022-01-06 03:32:03 DayByDay CRM跨站脚本漏洞 详情
04f96adf60015903041ae02865859f86 CVE-2022-22110 2022-01-06 03:32:03 DayByDay CRM信息泄露漏洞 详情
c1dae94279beba26a28c1b1694349e02 CVE-2022-22111 2022-01-06 03:32:03 DayByDay CRM授权错误漏洞 详情
4ee15a1a04146461689885789285b2ae CVE-2021-33269 2022-01-06 03:32:03 D-Link DIR-809堆栈缓冲区溢出漏洞 详情
bb48da92553b20ff8a03ab6380ea1487 CVE-2021-33270 2022-01-06 03:32:03 D-Link DIR-809堆栈缓冲区溢出漏洞 详情
7aff1dbe13a0d1b88fa34172891b69a1 CVE-2021-33268 2022-01-06 03:32:03 D-Link DIR-809堆栈缓冲区溢出漏洞 详情
07a072d6ed82629af98e9d097e8f4266 CVE-2021-33271 2022-01-06 03:32:03 D-Link DIR-809堆栈缓冲区溢出漏洞 详情
3ad370a33c36231466ea8832ebfb3bb9 CVE-2021-33274 2022-01-06 03:32:03 D-Link DIR-809堆栈缓冲区溢出漏洞 详情
f274514e7199c350b2d645ad8e5c62ca CVE-2021-45830 2022-01-06 03:32:03 HDF5堆缓冲区溢出漏洞 详情
3176bf3e05820db353127b0c1beffebc CVE-2021-45832 2022-01-06 03:32:03 HDF5堆栈缓冲区溢出漏洞 详情
c200bb5bb9dd7020c1f2ad7781c17c18 CVE-2021-45833 2022-01-06 03:32:03 HDF5堆栈缓冲区溢出漏洞 详情
56e373f2335191ea89336c59d6363149 CVE-2021-4161 2022-01-05 09:29:59 Moxa MGate MB3180/MB3280/MB3480信息泄露漏洞 详情
5ca0228e5169ceb38b568beaf991f94d CVE-2021-42833 2022-01-05 09:29:59 Xylem AquaView硬编码凭证漏洞 详情
419f5cd1196eccf965ab5455b0f2bc2d CVE-2021-44768 2022-01-05 09:29:59 Delta Electronics CNCSoft越界读取漏洞 详情
1c5343e4c9e9cf11a67a262e29a81b34 CVE-2021-35414 2022-01-05 09:29:59 Chamilo LMS SQL注入漏洞 详情
7795fa7fe200e4c2b765308a5c76b611 CVE-2021-41496 2022-01-05 09:29:59 NumPy缓冲区溢出漏洞 详情
ba5df119d2bf417a3b245d125fe0a0ec CVE-2021-43065 2022-01-05 09:29:59 Fortinet FortiNAC权限提升漏洞 详情
c16266185f25a4e755041700dc80156a CVE-2021-27983 2022-01-05 09:29:59 MaxSite CMS远程代码执行漏洞 详情
6d6e4532e697476a5fc5a1fe72e6af2f CVE-2021-37934 2022-01-05 09:29:59 Huntflow Enterprise信息泄露漏洞 详情
eb49a4b7eba4f251662697d4755b9a26 CVE-2021-37935 2022-01-05 09:29:59 Huntflow Enterprise信息泄露漏洞 详情
2e03843b3780ada7cd9bdddc812f26b2 CVE-2021-23157 2022-01-05 09:29:59 Wecon Technologies LeviStudioU堆缓冲区溢出漏洞 详情
89f83826fd3cb919cd51f38bf88a8ad9 CVE-2021-23138 2022-01-05 09:29:59 Wecon Technologies LeviStudioU堆栈缓冲区溢出漏洞 详情
c1c3be6f7340ce6184f6671f833b8f19 CVE-2021-22956 2022-01-05 09:29:59 Citrix Systems Application Delivery Management不受控制的资源消耗漏洞 详情
03a12c075eee2e0aa4f654ee98450b14 CVE-2021-22955 2022-01-05 09:29:59 Citrix Systems Application Delivery Management拒绝服务漏洞 详情
669fab3d32c03071a55403dfe54b39ce CVE-2021-20867 2022-01-05 09:29:59 Delicious Brains Advanced Custom Fields授权错误漏洞 详情
9ccb886e7977210cbafd1d8c5dcf5882 CVE-2021-20865 2022-01-05 09:29:59 Delicious Brains Advanced Custom Fields授权错误漏洞 详情
3846f35f12b8db36b81ffb109b768ed7 CVE-2021-20166 2021-12-31 09:29:12 Netgear RAX43缓冲区溢出漏洞 详情

美国国家漏洞数据库(NVD) [TOP 30] CVES TIME TITLE URL
a687f03d33498f7588c06a99366adbb6 CVE-2021-45906 2021-12-27 23:15:08 OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen. 详情
fb385f3f855f07bfd1fce4fbfcb68aa5 CVE-2021-45905 2021-12-27 23:15:08 OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen. 详情
e088e87bf4f4e5c77a36208462090137 CVE-2021-45904 2021-12-27 23:15:08 OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen. 详情
fbd014d70777592a6584ccfade3fcc9b CVE-2021-45720 2021-12-26 22:15:09 An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation. 详情
cb2c2dcc8bb312a4605ed41e3730af84 CVE-2021-45719 2021-12-26 22:15:09 An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. update_hook has a use-after-free. 详情
e4bc3029e79b3da0a13be272ed83dff5 CVE-2021-45718 2021-12-26 22:15:09 An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. rollback_hook has a use-after-free. 详情
855a5b3ff11feb8c645966ad36418761 CVE-2021-45717 2021-12-26 22:15:09 An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. commit_hook has a use-after-free. 详情
f02287500d30e1eadc21c559d524ca0a CVE-2021-45678 2021-12-26 01:15:21 NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code. 详情
02d85bdde5cf910f4791f88a71502282 CVE-2021-45677 2021-12-26 01:15:21 Certain NETGEAR devices are affected by stored XSS. This affects GS108Tv2 before 5.4.2.36 and GS110TPv2 before 5.4.2.36. 详情
b7038d575e81da4fbe44a3ff93667744 CVE-2021-45676 2021-12-26 01:15:21 Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.5.126, RAX20 before 1.0.2.82, RAX80 before 1.0.5.126, RAX15 before 1.0.2.82, and RAX75 before 1.0.5.126. 详情
e42e2626a6bfe53575bacdabf645263c CVE-2021-45674 2021-12-26 01:15:21 Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. 详情
77ae0d780edda047e3bec0fc21128478 CVE-2021-45679 2021-12-26 01:15:21 Certain NETGEAR devices are affected by privilege escalation. This affects R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, and RS400 before 1.5.1.80. 详情
61fabba9a03b8b2d288f6005d4875c4d CVE-2021-45675 2021-12-26 01:15:21 Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6700v2 before 1.2.0.76, R6900v2 before 1.2.0.76, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, and AC2600 before 1.2.0.76. 详情
e309d1db4d48da429e4d52dba3d80ea3 CVE-2021-45673 2021-12-26 01:15:21 Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106. 详情
ce3d0b58894b99489d41fe3594d2cd78 CVE-2021-45672 2021-12-26 01:15:21 Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R6850 before 1.1.0.78, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, and RAX40 before 1.0.3.62. 详情
ce9ef1810fb674181e9ca0d9383d34ae CVE-2021-45671 2021-12-26 01:15:21 Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. 详情
3bd91a6f2dc844f743a33251e83fd9c9 CVE-2021-45662 2021-12-26 01:15:20 NETGEAR R7000 devices before 1.0.9.88 are affected by stored XSS. 详情
56e6d184aeaef761f464be57325baa36 CVE-2021-45663 2021-12-26 01:15:20 NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS. 详情
e2dfe7f716ad32cec9e968f417865244 CVE-2021-45654 2021-12-26 01:15:20 NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information. 详情
cae01506c57f30af97272b456828c698 CVE-2021-45653 2021-12-26 01:15:20 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. 详情
8457397d485c5d9f5a7972779d313139 CVE-2021-45652 2021-12-26 01:15:20 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. 详情
f071ad7095318ad9f7a2a5e0eb7a3f5f CVE-2021-45651 2021-12-26 01:15:20 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK50 before 2.7.3.22, RBR50 before 2.7.3.22, and RBS50 before 2.7.3.22. 详情
f552bb4a6ea6026270bd63fed5921f10 CVE-2021-45664 2021-12-26 01:15:20 NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS. 详情
566669c3928eec5c7cc862ec9b93139f CVE-2021-45666 2021-12-26 01:15:20 Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4. 详情
1de9bd128aab46c8ef529ce8f7910bf4 CVE-2021-45665 2021-12-26 01:15:20 Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4. 详情
3c6192180b147b853ea84e1df1aafed7 CVE-2021-45649 2021-12-26 01:15:20 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R7000 before 1.0.11.126, R6900P before 1.3.2.126, and R7000P before 1.3.2.126. 详情
f6a8afe0baf4526f615617c19b569c21 CVE-2021-45627 2021-12-26 01:15:19 Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. 详情
2f5a0037d2ca0c305d8dc54461565b2c CVE-2021-45646 2021-12-26 01:15:19 NETGEAR R7000 devices before 1.0.11.116 are affected by disclosure of sensitive information. 详情
8a9d326470416aaede581d598de29579 CVE-2021-45643 2021-12-26 01:15:19 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, and XR1000 before 1.0.0.58. 详情
330f56d1660c55439406cbb6dc069e07 CVE-2021-45639 2021-12-26 01:15:19 Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. 详情