| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-31777 | Apache Spark XSS vulnerability in log viewer UI Javascript | Apache Software Foundation | Apache Spark | 中危 | - | 2022-11-01 00:00:00 | Deep Dive |
| CVE-2022-34662📌 | Apache DolphinScheduler prior to 3.0.0 allows path traversal | Apache Software Foundation | Apache DolphinScheduler | 中危 | - | 2022-11-01 00:00:00 | Deep Dive |
| CVE-2022-42252 | Apache Tomcat request smuggling via malformed content-length | Apache Software Foundation | Apache Tomcat | 高危 | - | 2022-11-01 00:00:00 | Deep Dive |
| CVE-2022-26884📌 | Apache DolphinScheduler exposes files without authentication | Apache Software Foundation | Apache DolphinScheduler | 中危 | - | 2022-10-28 00:00:00 | Deep Dive |
| CVE-2022-31678📌💣 | VMware Cloud Foundation 代码问题漏洞 EPSS 0.84 | - | VMware Cloud Foundation (NSX-V) | 超危 | - | 2022-10-28 00:00:00 | Deep Dive |
| CVE-2022-3725 | Wireshark 缓冲区错误漏洞 | Wireshark Foundation | Wireshark | Medium | 6.3 | 2022-10-27 00:00:00 | Deep Dive |
| CVE-2022-39944 | The Apache Linkis JDBC EngineConn module has a RCE Vulnerability | Apache Software Foundation | Apache Linkis | 高危 | - | 2022-10-26 00:00:00 | Deep Dive |
| CVE-2022-42468 | Apache Flume prior to 1.11.0 has an Improper Input Validation (JNDI Injection) in JMSSource | Apache Software Foundation | Apache Flume | 超危 | - | 2022-10-26 00:00:00 | Deep Dive |
| CVE-2022-43766 | Apache IoTDB prior to 0.13.3 allows DoS | Apache Software Foundation | Apache IoTDB | 高危 | - | 2022-10-26 00:00:00 | Deep Dive |
| CVE-2022-34870 | Apache Geode stored Cross-Site Scripting (XSS) via data injection vulnerability in Pulse web application | Apache Software Foundation | Apache Geode | 中危 | - | 2022-10-25 00:00:00 | Deep Dive |
| CVE-2022-41704 | Apache Batik prior to 1.16 allows RCE when loading untrusted SVG input | Apache Software Foundation | Apache XML Graphics | 高危 | - | 2022-10-25 00:00:00 | Deep Dive |
| CVE-2022-42890 | Apache Batik prior to 1.16 allows RCE via scripting | Apache Software Foundation | Apache XML Graphics | 高危 | - | 2022-10-25 00:00:00 | Deep Dive |
| CVE-2021-42010 | CRLF log injection | Apache Software Foundation | Apache Heron (Incubating) | 超危 | - | 2022-10-24 00:00:00 | Deep Dive |
| CVE-2022-3676 | Eclipse Openj9 安全漏洞 | The Eclipse Foundation | Eclipse OpenJ9 | 中危 | - | 2022-10-24 00:00:00 | Deep Dive |
| CVE-2022-42466 | XSS vulnerability, eg for String properties. EPSS 0.22 | Apache Software Foundation | Apache Isis | 中危 | - | 2022-10-19 00:00:00 | Deep Dive |
| CVE-2022-42467 | h2 webconsole (available only in prototype mode) should nevertheless be disabled by default. | Apache Software Foundation | Apache Isis | 中危 | - | 2022-10-19 00:00:00 | Deep Dive |
| CVE-2022-39198 | Apache Dubbo Hession Deserialization Vulnerability Gadgets Bypass EPSS 0.10 | Apache Software Foundation | Apache Dubbo | 超危 | - | 2022-10-18 00:00:00 | Deep Dive |
| CVE-2022-24697 | Apache Kylin prior to 4.0.2 allows command injection when the configuration overwrites function overwrites system parameters EPSS 0.14 | Apache Software Foundation | Apache Kylin | 超危 | - | 2022-10-13 00:00:00 | Deep Dive |
| CVE-2022-42889📌💣 | Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults EPSS 0.94 | Apache Software Foundation | Apache Commons Text | 超危 | - | 2022-10-13 00:00:00 | Deep Dive |
| CVE-2022-40664 | Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher | Apache Software Foundation | Apache Shiro | 超危 | - | 2022-10-12 00:00:00 | Deep Dive |