浏览 26+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-59302 | Apache CloudStack: Potential remote code execution on Javascript engine defined rules | Apache Software Foundation | Apache CloudStack | 高危 | - | 2025-11-27 11:46:26 | Deep Dive |
| CVE-2025-59454 | Apache CloudStack: Lack of user permission validation leading to data leak for few APIs | Apache Software Foundation | Apache CloudStack | 中危 | - | 2025-11-27 11:40:40 | Deep Dive |
| CVE-2025-30675 | Apache CloudStack: Unauthorised template/ISO list access to the domain/resource admins | Apache Software Foundation | Apache CloudStack | Medium | 4.7 | 2025-06-10 23:12:24 | Deep Dive |
| CVE-2025-22829 | Apache CloudStack: Unauthorised access to dedicated resources in Quota plugin | Apache Software Foundation | Apache CloudStack | - | - | 2025-06-10 23:11:25 | Deep Dive |
| CVE-2025-26521 | Apache CloudStack: CKS cluster in project exposes user API keys | Apache Software Foundation | Apache CloudStack | - | - | 2025-06-10 23:08:49 | Deep Dive |
| CVE-2025-47849 | Apache CloudStack: Insecure access of user's API/Secret Keys in the same domain | Apache Software Foundation | Apache CloudStack | - | - | 2025-06-10 23:07:55 | Deep Dive |
| CVE-2025-47713 | Apache CloudStack: Domain Admin can reset Admin password in Root Domain | Apache Software Foundation | Apache CloudStack | - | - | 2025-06-10 23:06:46 | Deep Dive |
| CVE-2025-22828 | Apache CloudStack: Unauthorised access to annotations | Apache Software Foundation | Apache CloudStack | 中危 | - | 2025-01-13 12:47:52 | Deep Dive |
| CVE-2024-50386 | Apache CloudStack: Directly downloaded templates can be used to abuse KVM-based infrastructure | Apache Software Foundation | Apache CloudStack | High | 8.5 | 2024-11-12 14:34:09 | Deep Dive |
| CVE-2024-45219 | Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure | Apache Software Foundation | Apache CloudStack | High | 8.5 | 2024-10-16 07:55:03 | Deep Dive |
| CVE-2024-45461 | Apache CloudStack Quota plugin: Access checks not enforced in Quota | Apache Software Foundation | Apache CloudStack Quota plugin | Medium | 5.7 | 2024-10-16 07:54:15 | Deep Dive |
| CVE-2024-45462 | Apache CloudStack: Incomplete session invalidation on web interface logout | Apache Software Foundation | Apache CloudStack | Medium | 6.3 | 2024-10-16 07:53:40 | Deep Dive |
| CVE-2024-45693 | Apache CloudStack: Request origin validation bypass makes account takeover possible | Apache Software Foundation | Apache CloudStack | High | 8.0 | 2024-10-16 07:52:26 | Deep Dive |
| CVE-2024-42062 | Apache CloudStack: User Key Exposure to Domain Admins | Apache Software Foundation | Apache CloudStack | - | - | 2024-08-07 07:17:09 | Deep Dive |
| CVE-2024-42222 | Apache CloudStack: Unauthorised Network List Access | Apache Software Foundation | Apache CloudStack | - | - | 2024-08-07 07:16:14 | Deep Dive |
| CVE-2024-41107 | Apache CloudStack: SAML Signature Exclusion | Apache Software Foundation | Apache CloudStack | 中危 | - | 2024-07-19 10:19:54 | Deep Dive |
| CVE-2024-38346 | Apache CloudStack: Unauthenticated cluster service port leads to remote execution | Apache Software Foundation | Apache CloudStack | 超危 | - | 2024-07-05 13:40:57 | Deep Dive |
| CVE-2024-39864 | Apache CloudStack: Integration API service uses dynamic port when disabled | Apache Software Foundation | Apache CloudStack | 超危 | - | 2024-07-05 13:40:38 | Deep Dive |
| CVE-2024-29008 | Apache CloudStack: The extraconfig feature can be abused to load hypervisor resources on a VM instance | Apache Software Foundation | Apache CloudStack | 中危 | - | 2024-04-04 07:51:05 | Deep Dive |
| CVE-2024-29007 | Apache CloudStack: When downloading templates or ISOs, the management server and SSVM follow HTTP redirects with potentially dangerous consequences | Apache Software Foundation | Apache CloudStack | 中危 | - | 2024-04-04 07:49:58 | Deep Dive |