| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-23437 | Infinite loop within Apache XercesJ xml parser | Apache Software Foundation | Apache Xerces | 中危 | - | 2022-01-24 00:00:00 | Deep Dive |
| CVE-2022-22733📌💣 | Access-Token in ElasticJob UI causes password disclosure EPSS 0.78 | Apache Software Foundation | Apache ShardingSphere ElasticJob-UI | 中危 | - | 2022-01-20 10:25:12 | Deep Dive |
| CVE-2021-45230 | Apache Airflow: Creating DagRuns didn't respect Dag-level permissions in the Webserver | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-01-20 10:25:10 | Deep Dive |
| CVE-2022-23307 | A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution. | Apache Software Foundation | Apache Log4j 1.x | 高危 | - | 2022-01-18 15:25:23 | Deep Dive |
| CVE-2022-23305📌 | SQL injection in JDBC Appender in Apache Log4j V1 | Apache Software Foundation | Apache Log4j 1.x | 超危 | - | 2022-01-18 15:25:22 | Deep Dive |
| CVE-2022-23302 | Deserialization of untrusted data in JMSSink in Apache Log4j 1.x | Apache Software Foundation | Apache Log4j 1.x | 高危 | - | 2022-01-18 15:25:20 | Deep Dive |
| CVE-2021-42357 | DOM based XSS Vulnerability in Apache Knox | Apache Software Foundation | Apache Knox | 中危 | - | 2022-01-17 19:25:09 | Deep Dive |
| CVE-2021-43999 | Improper validation of SAML responses | Apache Software Foundation | Apache Guacamole | 高危 | - | 2022-01-11 22:10:12 | Deep Dive |
| CVE-2021-41767 | Private tunnel identifier may be included in the non-private details of active connections | Apache Software Foundation | Apache Guacamole | 中危 | - | 2022-01-11 22:10:11 | Deep Dive |
| CVE-2022-21840 | Microsoft Office Remote Code Execution Vulnerability | Microsoft | Microsoft SharePoint Enterprise Server 2016 | High | 8.8 | 2022-01-11 20:22:19 | Deep Dive |
| CVE-2022-21837 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft | Microsoft SharePoint Enterprise Server 2016 | High | 8.3 | 2022-01-11 20:22:17 | Deep Dive |
| CVE-2021-43297📌 | Dubbo Hessian cause RCE when parse error EPSS 0.46 | Apache Software Foundation | Apache Dubbo | 超危 | - | 2022-01-10 15:25:48 | Deep Dive |
| CVE-2021-43045 | Possible DOS vulnerabilities in C# Avro SDK | Apache Software Foundation | Apache Avro | 高危 | - | 2022-01-06 18:00:12 | Deep Dive |
| CVE-2021-45458 | Hardcoded credentials | Apache Software Foundation | Apache Kylin | 高危 | - | 2022-01-06 12:35:24 | Deep Dive |
| CVE-2021-45457 | Overly broad CORS configuration | Apache Software Foundation | Apache Kylin | 高危 | - | 2022-01-06 12:35:22 | Deep Dive |
| CVE-2021-45456 | Command injection EPSS 0.38 | Apache Software Foundation | Apache Kylin | 超危 | - | 2022-01-06 12:35:21 | Deep Dive |
| CVE-2021-36774 | Mysql JDBC Connector Deserialize RCE | Apache Software Foundation | Apache Kylin | 中危 | - | 2022-01-06 12:35:20 | Deep Dive |
| CVE-2021-31522 | Apache Kylin unsafe class loading | Apache Software Foundation | Apache Kylin | 超危 | - | 2022-01-06 12:35:18 | Deep Dive |
| CVE-2021-27738 | Improper Access Control to Streaming Coordinator & SSRF | Apache Software Foundation | Apache Kylin | 高危 | - | 2022-01-06 12:35:17 | Deep Dive |
| CVE-2021-36739 | XSS vulnerability in the MVCBean JSP portlet maven archetype | Apache Software Foundation | Apache Portals | 中危 | - | 2022-01-06 08:50:16 | Deep Dive |