Nessus 的 CGI abuses 系列

ID名稱嚴重性
170661VMware vRealize Log Insight 8.x < 8.10.2 多個弱點 (VMSA-2023-0001)
critical
170555Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.7 多個弱點 (CloudBees 安全公告 2023-01-24)
high
170195Oracle MySQL Enterprise Monitor (2023 年 1 月 CPU)
critical
170194Oracle Primavera Gateway (2023 年 1 月 CPU)
critical
170193Oracle Primavera Unifier (2023 年 1 月 CPU)
high
170156Drupal 9.4.x < 9.4.10 / 9.5.x < 9.5.2 Drupal 弱點 (SA-CORE-2023-001)
high
170143Atlassian Bitbucket < 7.6.19 / 7.17.12 / 7.21.6 / 8.0.5 / 8.1.5 / 8.2.4 / 8.3.3 / 8.4.2 命令插入
critical
170067GitLab 11.3 < 15.4.6/15.5 < 15.5.5/15.6 < 15.6.1 存取控制
low
170066GitLab 15.6 < 15.6.1 不當授權
medium
170065GitLab 9.3 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 資訊洩漏
medium
170064GitLab 11.3 < 15.3.5 / 15.4 < 15.4.4 / 15.5 < 15.5.2 資訊洩漏
medium
170063GitLab 9.3 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 資訊洩漏
medium
170062GitLab 13.5 < 15.3.5/15.4 < 15.4.4/15.5 < 15.5.2 XSS
medium
170061GitLab 13.7 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 資訊洩漏
medium
170060GitLab < 15.4.6 / 15.5.x < 15.5.5 / 15.6.x < 15.6.1 雜湊覆寫
medium
170059GitLab 12.9 < 15.3.5/15.4 < 15.4.4/15.5 < 15.5.2 存取控制
medium
170058GitLab 12.8 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 DoS
medium
169976PHP 8.2.x < 8.2.1
high
169975GitLab 15.4 < 15.4.4 / 15.5 < 15.5.2 存取控制
medium
169907HTMLawed < 1.2.9 命令插入 (CVE-2022-35914)
critical
169906Zyxel 命令插入 (CVE-2022-30525) (直接檢查)
critical
169673EMC RSA Archer 6.0 < 6.9 SP3 P4 / 6.10 < 6.10 P2 遠端程式碼執行
high
169631PHP 8.1.x < 8.1.14
high
169630PHP 8.0.x < 8.0.27
critical
169605ManageEngine PAM360 < 5.8 Build 5801 SQLi
critical
169582IBM Cognos Analytics 多個弱點 (6841801)
critical
169572ManageEngine Access Manager Plus < 4.3 Build 4309 SQLi
critical
169571ManageEngine Password Manager Pro < 12.2 Build 12210 SQLi
critical
169507Symantec Messaging Gateway 10.7.4 < 10.8 XSS (21115)
medium
169457SolarWinds Web Help Desk <= 12.7.6 任意程式碼執行
medium
169427GitLab < 15.3.5 / 15.4 < 15.4.4 / 15.5 < 15.5.2 XSS
medium
169277SolarWinds Platform 2022.4.1
medium
168915Trend Micro Mobile Security for Enterprise 檔案刪除 (CVE-2022-40980)
critical
168914Trend Micro Mobile Security for Enterprise Web 主控台偵測
info
168876VMware Workspace One Access / VMware Identity Manager 多個弱點 (VMSA-2022-0032)
high
168664TYPO3 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-016)
medium
168663TYPO3 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 (TYPO3-CORE-SA-2022-012)
high
168662TYPO3 8.0.0 < 8.7.49 ELTS / 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-013)
medium
168661TYPO3 8.0.0 < 8.7.49 ELTS / 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 XSS (TYPO3-CORE-SA-2022-017)
medium
168660TYPO3 8.0.0 < 8.7.49 ELTS / 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-015)
high
168659TYPO3 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-014)
medium
168654Citrix ADC 和 Citrix Gateway RCE (CTX474995)
critical
168545WordPress 外掛程式「AdRotate Banner Manager」 < 5.9.1 XSRF
high
168500PHP 8.2.x < 8.2.0 多個弱點
critical
168496Apache Solr 7.4.0 <= 7.7.3 / 8.0.0 <= 8.11.0 RCE
critical
168495Apache Solr < 8.11.1 資訊洩漏弱點
critical
168478PrimeTek PrimeFaces 遠端程式碼執行 (CVE-2017-1000486)
critical
168361ManageEngine ServiceDesk Plus < 14.0 Build 14001 多個弱點
medium
168360ManageEngine AssetExplorer < 6.9 Build 6981 權限提升
medium
168359ManageEngine ServiceDesk Plus < 13.0 Build 13011 RCE
high