偵測

Plugin

Nessus 的 CGI abuses 系列

ID	名稱	嚴重性
215072	GitLab 7.14.1 <17.3.7/17.4 < 17.4.4/17.5 < 17.5.2 (CVE-2025-1072)	medium
215063	Atlassian Confluence 3.x < 7.19.30 / 7.20.x < 8.5.18 / 8.6.x < 9.1.1 / 9.2.0 (CONFSERVER-98842)	high
215061	Atlassian Confluence 3.x < 7.19.29 / 8.0.x < 8.5.17 / 8.6.x < 8.9.8 / 9.0.1 < 9.1.1 (CONFSERVER-98484)	high
215058	Aruba ClearPass Policy Manager 6.11.x < 6.11.10 / 6.12.x < 6.12.4 多個弱點	high
215005	VMware Aria Operations for Logs < 8.18.3 多個弱點 (VMSA-2025-0003)	critical
214948	Atlassian Confluence 6.5.x < 7.19.30 / 7.20.x < 8.5.18 / 8.6.x < 8.9.8 / 9.0.x < 9.1.1 RCE (CONFSERVER-98720)	critical
214850	ServiceNow Platform 的輸入驗證弱點 (CVE-2024-4879) (直接檢查)	critical
214826	GitLab 10.6 <16.9.7/16.10 < 16.10.5/16.11 < 16.11.2 (CVE-2024-1211)	high
214702	GitLab 15.0 <17.6.4/17.7 < 17.7.2/17.8 < 17.8.0 (CVE-2025-0290)	medium
214591	SonicWall SMA 1000 系列 < 12.4.3-02854 預先驗證遠端命令執行 (SNWLID-2025-0002)	critical
214568	GitLab 17.0 <17.6.4/17.7 < 17.7.3/17.8 < 17.8.1 (CVE-2024-11931)	medium
214564	GitLab 17.2 <17.6.4/17.7 < 17.7.3/17.8 < 17.8.1 (CVE-2025-0314)	medium
214537	Jenkins plugin 多個弱點 (2025 年 1 月 22 日)	high
214529	Oracle Primavera Unifier (2025 年 1 月 CPU)	medium
214528	Oracle Primavera P6 Enterprise Project Portfolio Management (2025 年 1 月 CPU)	medium
214349	Mattermost Server 9.11.x < 9.11.6 / 10.0.x < 10.0.4 / 10.1.x < 10.1.4 / 10.2.x < 10.2.1 DoS (MMSA-2025-00425)	medium
214348	Mattermost Server 9.11.x < 9.11.6 (MMSA-2024-00378)	low
214347	Mattermost Server 9.11.x < 9.11.6 / 10.0.x < 10.0.4 / 10.1.x < 10.1.4 / 10.2.x < 10.2.1 DoS (MMSA-2025-00426)	medium
214346	Mattermost Server 9.11.x < 9.11.6 / 10.0.x < 10.0.4 / 10.1.x < 10.1.4 / 10.2.x < 10.2.1 DoS (MMSA-2024-00402)	medium
214345	Mattermost Server 10.0.x < 10.3 (MMSA-2024-00400)	low
214344	Mattermost Server 9.11.x < 9.11.6 / 10.0.x < 10.0.4 / 10.1.x < 10.1.4 / 10.2.0 DoS (MMSA-2024-00396)	medium
214332	SonarSource SonarQube Server < 9.9.4 / 10.x < 10.4 資訊洩漏 (CVE-2024-38460)	medium
214331	SonarSource SonarQube Server < 9.9.5 / 10.x < 10.5 GitHub 整合 JWT 洩漏 (CVE-2024-47910)	high
214217	Atlassian Confluence < 7.19.18 / 8.5.x < 8.5.5 / 8.7.x < 8.7.2 / 8.8.0 (CONFSERVER-98413)	medium
214093	Joomla 3.9.x < 3.10.20 / 4.0.x < 4.4.10 / 5.0.x < 5.2.3 Joomla 5.2.3 安全性和錯誤修正版本 (5919-joomla-5-2-3-security-bugfix-release)	high
214071	Atlassian Confluence 7.14.x < 7.19.25 / 7.20.x < 8.5.12 / 8.6.x < 8.9.4 / 9.2.0 (CONFSERVER-98680)	medium
214057	TYPO3 9.0.0 < 9.5.49 ELTS / 10.0.0 < 10.4.48 ELTS / 11.0.0 < 11.5.42 ELTS / 12.0.0 < 12.4.25 / 13.0.0 < 13.4.3 (TYPO3-CORE-SA-2025-002)	medium
214056	TYPO3 13.4.3 (TYPO3-CORE-SA-2025-001)	low
214004	Atlassian Confluence 7.19.x < 7.19.29 / 7.20.x < 8.5.17 / 8.6.x < 8.9.8 / 9.0.x < 9.1.1 (CONFSERVER-98022)	high
214003	Atlassian Confluence 6.5.x < 7.19.22 / 7.20.x < 8.5.9 / 8.6.x < 8.9.0 (CONFSERVER-98442)	high
214002	Atlassian Confluence 7.19.x < 7.19.23 / 7.20.x < 8.5.11 / 8.6.x < 8.6.2 / 8.7.x < 8.7.2 / 8.8.x < 8.9.3 (CONFSERVER-98231)	high
213705	Atlassian Confluence 7.11.x < 7.19.29 / 7.20.x < 8.5.17 / 8.6.x < 8.9.8 / 9.0.x < 9.1.1 (CONFSERVER-98021)	high
213635	GitLab 16.4 <17.5.5/17.6 < 17.6.3/17.7 < 17.7.1 (CVE-2024-13041)	medium
213595	GitLab 15.7 <17.5.5/17.6 < 17.6.3/17.7 < 17.7.1 (CVE-2024-6324)	medium
213578	GitLab 17.4 <17.5.5/17.6 < 17.6.3/17.7 < 17.7.1 (CVE-2025-0194)	medium
213577	GitLab 15.5 <17.5.5/17.6 < 17.6.3/17.7 < 17.7.1 (CVE-2024-12431)	medium
213474	IBM Cognos Analytics 11.2.x < 11.2.4 FP5 / 12.0.x < 12.0.4 IF1 多個弱點 (7179496)	critical
213465	BeyondTrust Privileged Remote Access (PRA) <= 24.3.1 多個弱點	critical
213464	BeyondTrust Remote Support (RS) <= 24.3.1 多個弱點	critical
213327	Fortra GoAnywhere Managed File Transfer (MFT) < 7.4.2 路徑遊走 (CVE-2024-25156)	medium
213297	Atlassian Confluence 7.19.x < 7.19.29 / 7.20.x < 8.5.17 / 8.6.x < 8.9.8 / 9.0.x < 9.1.0 / 9.2.0 (CONFSERVER-98300)	high
213296	Atlassian Confluence 3.7.x < 7.19.22 / 7.20.x < 8.5.9 / 8.6.x < 8.9.0 / 9.2.0 (CONFSERVER-98713)	high
213295	Cleo Harmony < 5.8.0.21 未受限制的檔案上傳/下載 (CVE-2024-50623)	critical
213294	Cleo VLTrader < 5.8.0.21 未受限制的檔案上傳/下載 (CVE-2024-50623)	critical
213293	Cleo LexiCom < 5.8.0.21 未受限制的檔案上傳/下載 (CVE-2024-50623)	critical
213277	Zabbix 6.0.x < 6.0.32rc1、6.4.x < 6.4.17rc1、7.0.x < 7.0.1rc1 驗證繞過 (ZBX-25635)	high
213276	Mattermost Server 9.5.x < 9.5.13、9.11.x < 9.11.5、10.0.x < 10.0.3、10.1.x < 10.1.3、10.2.0 (MMSA-2024-00388、MMSA-2024-00392)	medium
213274	IBM Cognos Analytics 11.2.x < 11.2.4 FP4 / 12.0.x < 12.0.4 多個弱點 (7173592)	critical
213170	Mattermost Server 9.5.x < 9.5.12、9.11.x < 9.11.4、10.0.x < 10.0.2、10.1.x < 10.1.2、10.2.0 (MMSA-2024-00386)	high
213087	Cleo LexiCom < 5.8.0.24 未經驗證的任意命令執行 (CVE-2024-55956)	critical

偵測

Nessus 的 CGI abuses 系列

medium

high

high

high

critical

critical

critical

high

medium

critical

medium

medium

high

medium

medium

medium

low

medium

medium

low

medium

medium

high

medium

high

medium

medium

low

high

high

high

high

medium

medium

medium

medium

critical

critical

critical

medium

high

high

critical

critical

critical

high

medium

critical

high

critical