Nessus 的 CGI abuses 系列

ID名稱嚴重性
161331VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0014)
critical
161273GitLab 8.12 < 14.8.6/8.13 < 14.9.4/8.14 < 14.10.1 不當存取控制
medium
161272GitLab 13.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 資訊洩漏
medium
161271GitLab 12.10 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 DoS
medium
161270GitLab 9.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 錯誤授權
medium
161269GitLab 14.4 < 14.8.6/14.9.x < 14.9.4/14.10.x < 14.10.1 XSS
medium
161268GitLab 11.0 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 資訊洩漏
medium
161267GitLab 8.12 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 資訊洩漏
medium
161266GitLab 13.9 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 DoS
high
161265GitLab 12.6 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 資訊洩漏
low
161210Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.10 / 2.332.2.6 多個弱點 (CloudBees 安全公告 2022-04-12)
high
161190ManageEngine Password Manager Pro REST API 限制繞過弱點 (CVE-2022-29081)
critical
161189Sophos XG Firewall 使用者入口網站和 Webadmin 驗證繞過弱點 (CVE-2022-1040)
critical
160751ManageEngine Access Manager Plus REST API 限制繞過弱點 (CVE-2022-29081)
critical
160671GitLab 1.0.2 < 14.8.6 多個弱點
medium
160670GitLab < 14.8.6/14.9.x < 14.9.4/14.10.x < 14.10.1 多個弱點
medium
160549ManageEngine SharePoint Manager Plus < 4329 Multiple Vulnerabilities
critical
160470Trend Micro Apex One Management Web Console Detection
info
160297Apache APISIX Dashboard < 2.10.1 驗證繞過 (直接檢查)
critical
160235ManageEngine ADAudit Plus < Build 7060 XXE RCE
critical
160208WSO2 多個產品檔案上傳遠端命令執行 (CVE-2022-29464)
critical
160201QNAP QTS / QuTS Hero Default Credentials
critical
160182VMware Workspace One Access/VMware Identity Manager 伺服器端範本注入 RCE (CVE-2022-22954)
critical
160077Atlassian Jira < 8.13.18/8.14.x < 8.20.6/8.21.x Seraph 中的驗證繞過 (JRASERVER-73650)
critical
160024Drupal 9.2.x < 9.2.18 / 9.3.x < 9.3.12 Multiple Vulnerabilities (drupal-2022-04-20)
high
159965GitLab 7.7.x < 14.4.5/14.5.0 < 14.5.3/14.6.0 < 14.6.2 CSRF
high
159964GitLab < 14.4.5/14.5.0 < 14.5.3/14.6.0 < 14.6.1 不當驗證輸入
medium
159963GitLab < 14.4.5/14.5.0 < 14.5.3/14.6.0 < 14.6.1 憑證過期
medium
159962GitLab 13.2 < 14.4.5/14.5.0 < 14.5.3/14.6.0 < 14.6.2 IP 限制繞過
medium
159961GitLab 13.10 < 14.4.5/14.5.0 < 14.5.3/14.6.0 < 14.6.2 未經授權的存取
medium
159960GitLab 12.10 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 DoS
medium
159959GitLab 8.4 < 14.4.5/14.5.0 < 14.5.3/14.6.0 < 14.6.3 不當驗證連接埠
medium
159958GitLab 12.0 < 14.3.6 / 14.4.0 < 14.4.4 / 14.5.0 < 14.5.2 DoS
medium
159957GitLab 14.3 < 14.3.6/14.4 < 14.4.3/14.5 < 14.5.2 XSS
medium
159956GitLab 12.0 < 14.4.5/14.5.0 < 14.5.3/14.6.0 < 14.6.2 不當存取
medium
159955GitLab < 14.4.5/14.5.0 < 14.5.3/14.6.0 < 14.6.21 內容偽造
medium
159928GitLab 13.7.0 < 14.2.6/14.3.0 < 14.3.4/14.4.0 < 14.4.1 拒絕服務
medium
159927GitLab 13.7.0 < 14.2.6/14.3.0 < 14.3.4/14.4.0 < 14.4.1 拒絕服務
medium
159926GitLab 0.8.0 < 14.4.1 程式碼注入
high
159925GitLab 11.9.x < 13.8.8/13.9.0 < 13.9.6/13.10.0 < 13.10.3 遠端程式碼執行
critical
159924GitLab 13.5.0 < 14.2.6/14.3.0 < 14.3.4/14.4.0 < 14.4.1 任意程式碼執行
medium
159923GitLab 0.8.0 < 14.4.1 權限提升
medium
159922GitLab 13.7.0 < 14.2.6 / 13.8.0 < 14.3.4 / 13.9.0 < 14.4.1 資訊洩漏
medium
159921GitLab 11.1.0 < 14.2.6/11.2.0 < 14.3.4/11.3.0 < 14.4.1 核准繞過
medium
159920GitLab 12.10.0 < 14.2.6/13.0.0 < 14.3.4/13.1.0 < 14.4.1 不當存取控制
medium
159919Oracle Primavera Unifier (2022 年 4 月 CPU)
critical
159917Oracle MySQL Enterprise Monitor (2022 年 4 月 CPU)
critical
159893Trend Micro Apex Central Management Web 主控台偵測
info
159830GitLab 14.7.x < 14.7.7/14.8.x < 14.8.5/14.9.x < 14.8.2 預設密碼
critical
159829GitLab 8.3.x < 14.7.7/14.8.x < 14.8.5/14.9.x < 14.8.2 XSS
medium