| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-43083 | Apache PLC4X 0.9.0 Buffer overflow in PLC4C via crafted server response | Apache Software Foundation | Apache PLC4X | 高危 | - | 2021-12-19 08:25:09 | Deep Dive |
| CVE-2021-45105📌 | Apache Log4j2 does not always protect from infinite recursion in lookup evaluation EPSS 0.75 | Apache Software Foundation | Apache Log4j2 | 中危 | - | 2021-12-18 11:55:08 | Deep Dive |
| CVE-2021-44145 | Apache NiFi information disclosure by XXE | Apache Software Foundation | Apache NiFi | 中危 | - | 2021-12-17 08:50:09 | Deep Dive |
| CVE-2021-43242 | Microsoft SharePoint Server Spoofing Vulnerability | Microsoft | Microsoft SharePoint Enterprise Server 2016 | High | 7.6 | 2021-12-15 14:15:23 | Deep Dive |
| CVE-2021-42309 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft | Microsoft SharePoint Enterprise Server 2016 | High | 8.8 | 2021-12-15 14:14:56 | Deep Dive |
| CVE-2021-42294 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft | Microsoft SharePoint Enterprise Server 2016 | High | 7.2 | 2021-12-15 14:14:54 | Deep Dive |
| CVE-2021-45046KEV📌💣 | Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack EPSS 0.94 | Apache Software Foundation | Apache Log4j | 超危 | - | 2021-12-14 16:55:09 | Deep Dive |
| CVE-2021-44549 | SMTPS server hostname not checked when making TLS connection to SMTPS server | Apache Software Foundation | Apache Sling Commons Messaging Mail | 高危 | - | 2021-12-14 15:15:10 | Deep Dive |
| CVE-2021-4104📌 | Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 EPSS 0.72 | Apache Software Foundation | Apache Log4j 1.x | 高危 | - | 2021-12-14 00:00:00 | Deep Dive |
| CVE-2021-44228KEV📌💣 | Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints EPSS 0.94 | Apache Software Foundation | Apache Log4j2 | 超危 | - | 2021-12-10 00:00:00 | Deep Dive |
| CVE-2021-43410 | airavata-django-portal allows CRLF log injection because of the lack of escaping in the log statements | Apache Software Foundation | Apache Airavata Django Portal | 中危 | - | 2021-12-09 09:00:12 | Deep Dive |
| CVE-2021-41039 | Eclipse Mosquitto 安全漏洞 | The Eclipse Foundation | Eclipse Mosquitto | 高危 | - | 2021-12-01 00:00:00 | Deep Dive |
| CVE-2021-22049 | VMware vCenter Server 代码问题漏洞 | - | VMware vCenter Server and VMware Cloud Foundation | 超危 | - | 2021-11-24 16:32:59 | Deep Dive |
| CVE-2021-21980📌 | VMware vCenter Server 信息泄露漏洞 | - | VMware vCenter Server and VMware Cloud Foundation | 高危 | - | 2021-11-24 16:32:43 | Deep Dive |
| CVE-2021-44140 | Arbitrary file deletion on logout | Apache Software Foundation | Apache JSPWiki | 超危 | - | 2021-11-24 11:15:14 | Deep Dive |
| CVE-2021-40369 | XSS vulnerability on Denounce plugin | Apache Software Foundation | Apache JSPWiki | 中危 | - | 2021-11-24 11:15:13 | Deep Dive |
| CVE-2021-43557📌 | Path traversal in request_uri variable EPSS 0.58 | Apache Software Foundation | Apache APISIX | 高危 | - | 2021-11-22 08:25:09 | Deep Dive |
| CVE-2021-39923 | Wireshark 代码问题漏洞 | Wireshark Foundation | Wireshark | High | 7.5 | 2021-11-19 16:31:03 | Deep Dive |
| CVE-2021-41532 | Unauthenticated access to Ozone Recon HTTP endpoints | Apache Software Foundation | Apache Ozone | 中危 | - | 2021-11-19 09:20:26 | Deep Dive |
| CVE-2021-39236 | Owners of the S3 tokens are not validated | Apache Software Foundation | Apache Ozone | 高危 | - | 2021-11-19 09:20:25 | Deep Dive |