| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-32531 | Apache BookKeeper: Java Client Uses Connection to Host that Failed Hostname Verification | Apache Software Foundation | Apache BookKeeper | 中危 | - | 2022-12-15 10:17:20 | Deep Dive |
| CVE-2022-34271 | Apache Atlas: zip path traversal in import functionality | Apache Software Foundation | Apache Atlas | 高危 | - | 2022-12-14 08:35:59 | Deep Dive |
| CVE-2022-46364 | Apache CXF SSRF Vulnerability | Apache Software Foundation | Apache CXF | 超危 | - | 2022-12-13 16:20:27 | Deep Dive |
| CVE-2022-46363 | Apache CXF directory listing / code exfiltration | Apache Software Foundation | Apache CXF | 高危 | - | 2022-12-13 14:46:56 | Deep Dive |
| CVE-2022-45910 | Apache ManifoldCF: LDAP Injection Vulnerability - ActiveDirectory Authorities | Apache Software Foundation | Apache ManifoldCF | 中危 | - | 2022-12-07 09:50:53 | Deep Dive |
| CVE-2021-37533 | Apache Commons Net's FTP client trusts the host from PASV response by default | Apache Software Foundation | Apache Commons Net | 中危 | - | 2022-12-03 00:00:00 | Deep Dive |
| CVE-2022-46366 | Apache Tapestry prior to version 4 (EOL) allows RCE though deserialization of untrusted input | Apache Software Foundation | Apache Tapestry | 超危 | - | 2022-12-02 00:00:00 | Deep Dive |
| CVE-2022-44635 | Apache Fineract allowed an authenticated user to perform remote code execution due to path traversal | Apache Software Foundation | Apache Fineract | 高危 | - | 2022-11-29 00:00:00 | Deep Dive |
| CVE-2022-26885 | Apache DolphinScheduler config file read by task risk | Apache Software Foundation | Apache DolphinScheduler | 高危 | - | 2022-11-24 00:00:00 | Deep Dive |
| CVE-2022-45462 | Apache DolphinScheduler prior to 2.0.5 have command execution vulnerability | Apache Software Foundation | Apache DolphinScheduler | 超危 | - | 2022-11-23 00:00:00 | Deep Dive |
| CVE-2022-38649 | Apache Airflow Pinot provider allowed Command Injection | Apache Software Foundation | Apache Airflow Pinot Provider | 超危 | - | 2022-11-22 00:00:00 | Deep Dive |
| CVE-2022-40189 | Apache Airlfow Pig Provider RCE | Apache Software Foundation | Apache Airlfow Pig Provider | 超危 | - | 2022-11-22 00:00:00 | Deep Dive |
| CVE-2022-40954 | Apache Airflow Spark Provider RCE that bypass restrictions to read arbitrary files | Apache Software Foundation | Apache Airflow Spark Provider | 中危 | - | 2022-11-22 00:00:00 | Deep Dive |
| CVE-2022-41131 | Apache Airflow Hive Provider vulnerability (command injection via hive_cli connection) | Apache Software Foundation | Apache Airflow Hive Provider | 高危 | - | 2022-11-22 00:00:00 | Deep Dive |
| CVE-2022-45470 | Apache Hama allows XSS and information disclosure | Apache Software Foundation | Apache Hama | 高危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2022-45047 | Apache MINA SSHD: Java unsafe deserialization vulnerability | Apache Software Foundation | Apache MINA SSHD | 超危 | - | 2022-11-16 00:00:00 | Deep Dive |
| CVE-2022-40308 | Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files | Apache Software Foundation | Apache Archiva | 高危 | - | 2022-11-15 00:00:00 | Deep Dive |
| CVE-2022-40309 | Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories | Apache Software Foundation | Apache Archiva | 中危 | - | 2022-11-15 00:00:00 | Deep Dive |
| CVE-2022-45402 | Apache Airflow: Open redirect during login | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-11-15 00:00:00 | Deep Dive |
| CVE-2022-27949 | Apache Airflow prior to 2.3.1 may include sensitive values in rendered template | Apache Software Foundation | Apache Airflow | 高危 | - | 2022-11-14 00:00:00 | Deep Dive |