偵測

Nessus 的 Web Servers 系列

ID名稱嚴重性
303926IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7267689)
medium
303560IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 權限提升 (7267345)
high
303559IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267351)
high
303510IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267347)
medium
303509IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267362)
critical
303225Pac4J JWT < 4.5.9 / 5.x < 5.7.9 / 6.x < 6.3.3 驗證繞過 (CVE-2026-29000) (直接檢查)
critical
302501OpenSSL 3.6.0 < 3.6.2 弱點
high
302500OpenSSL 3.5.0 < 3.5.6 弱點
high
302165SAP NetWeaver AS ABAP 缺少授權檢查 (3703856)
medium
302164SAP NetWeaver AS ABAP SSRF (3689080)
medium
302163SAP NetWeaver AS ABAP 缺少授權檢查 (3704740)
medium
302162SAP NetWeaver AS ABAP 缺少授權檢查 (3694383)
low
302113SAP NetWeaver AS Java 多個弱點 (3700960)
high
301975SAP Netweaver Visual Composer 不受限制的檔案上傳 (3084487)
high
300293IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.3 (7261761)
critical
300110IBM WebSphere Application Server 8.5.5.3 < 8.5.5.30 / 9.x < 9.0.5.27 / Liberty 21.0.0.3 < 26.0.0.3 DoS (7261794)
high
299410Apache Tomcat 10.1.0.M7 < 10.1.52
high
299403Apache Tomcat 11.0.0.M1 < 11.0.15 多個弱點
critical
299402Apache Tomcat 9.0.83 < 9.0.115
high
299401Apache Tomcat 10.1.0.M1 < 10.1.50 多個弱點
critical
299398Apache Tomcat 11.0.0.M1 < 11.0.18
high
299397Apache Tomcat 9.0.0.M1 < 9.0.113 多個弱點
critical
298967SAP NetWeaver AS 缺少授權檢查 (3674774)
critical
298966SAP NetWeaver AS ABAP XML 簽章包裝 (3697567)
high
298965SAP NetWeaver AS Java CRLF 插入 (3673213)
low
298964SAP NetWeaver AS ABAP 和 S/4HANA 缺少授權檢查 (3672622)
medium
298596IBM WebSphere Application Server 8.5.5.28 < 8.5.5.30 / 9.0.5.24 < 9.0.5.27 (7260217)
medium
297279IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.2 RCE (7258224)
high
297229Oracle APEX Sample Applications (Brookstrut) (CVE-2026-21931)
medium
297228Oracle Application Express (Apex) Web 偵測
info
297198Grafana Labs 3.0.0 < 11.6.9+security-01 / 12.0.0 < 12.0.8+security-01 / 12.1.0 < 12.1.5+security-01 / 12.2.0 < 12.2.3+security-01 / 12.3.0 < 12.3.1+security-01 DoS (CVE-2026-21720)
high
297197Grafana Labs 10.2.0 < 11.6.9+security-01 / 12.0.0 < 12.0.8+security-01 / 12.1.0 < 12.1.5+security-01 / 12.2.0 < 12.2.3+security-01 / 12.3.0 < 12.3.1+security- 01 權限提升 (CVE-2026-21721)
high
296784OpenSSL 3.3.0 < 3.3.6 多個弱點
high
296770OpenSSL 3.6.0 < 3.6.1 多個弱點
high
296769OpenSSL 1.1.1 < 1.1.1ze 多個弱點
high
296768OpenSSL 3.5.0 < 3.5.5 多個弱點
high
296767OpenSSL 1.0.2 < 1.0.2zn 多個弱點
high
296766OpenSSL 3.4.0 < 3.4.4 多個弱點
high
296765OpenSSL 3.0.0 < 3.0.19 多個弱點
high
296604Oracle HTTP Server (2026 年 1 月 CPU)
medium
296603Oracle HTTP Server (2026 年 1 月 CPU)
medium
288282SAP NetWeaver 命令插入 (2026 年 1 月)
high
288281SAP NetWeaver AS ABAP 缺少授權檢查 (3688703)
high
288280SAP NetWeaver AS Java 敏感資訊弱點 (2026 年 1 月)
low
281759Nginx 網站列舉
info
281618IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7256003)
high
278309SAP NetWeaver AS Java DoS (2025 年 12 月)
high
278308SAP NetWeaver AS 缺少驗證 (2025 年 12 月)
medium
277790IBM WebSphere Application Server 8.5.x < 8.5.5.29 / 9.x < 9.0.5.27 / Liberty 17.0.0.3 < 26.0.0.1 XSS (7254078)
medium
276746Grafana Enterprise SCIM 佈建特權提升 (CVE-2025-41115)
critical