| CVE-2023-25194 | Apache Kafka Connect API: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect | Apache Software Foundation | Apache Kafka Connect API | 高危 | - | 2023-02-07 19:11:22 | Deep Dive |
| CVE-2022-45786 | Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection | Apache Software Foundation | Apache AGE | 高危 | - | 2023-02-04 20:40:59 | Deep Dive |
| CVE-2023-22849 | Apache Sling App CMS: XSS in CMS Reference / UI Components | Apache Software Foundation | Apache Sling App CMS | 中危 | - | 2023-02-04 20:37:06 | Deep Dive |
| CVE-2023-24997 | Apache InLong: Jdbc Connection Security Bypass | Apache Software Foundation | Apache InLong | 超危 | - | 2023-02-01 14:49:45 | Deep Dive |
| CVE-2023-24977 | Apache InLong: Jdbc Connection causes arbitrary file reading in InLong | Apache Software Foundation | Apache InLong | 高危 | - | 2023-02-01 09:09:56 | Deep Dive |
| CVE-2022-28331 | Apache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function | Apache Software Foundation | Apache Portable Runtime (APR) | 超危 | - | 2023-01-31 15:55:21 | Deep Dive |
| CVE-2022-25147 | Apache Portable Runtime Utility (APR-util): out-of-bounds writes in the apr_base64 family of functions | Apache Software Foundation | Apache Portable Runtime Utility (APR-util) | 中危 | - | 2023-01-31 15:54:51 | Deep Dive |
| CVE-2022-24963 | Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions | Apache Software Foundation | Apache Portable Runtime (APR) | 超危 | - | 2023-01-31 15:52:10 | Deep Dive |
| CVE-2022-44644 | Apache Linkis (incubating): The DatasourceManager module has a Local File Read Vulnerability | Apache Software Foundation | Apache Linkis (incubating) | 中危 | - | 2023-01-31 09:40:53 | Deep Dive |
| CVE-2022-44645 | Apache Linkis (incubating): The DatasourceManager module has a serialization attack vulnerability | Apache Software Foundation | Apache Linkis (incubating) | 高危 | - | 2023-01-31 09:38:07 | Deep Dive |
| CVE-2023-24829 | Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench | Apache Software Foundation | Apache IoTDB Workbench | 高危 | - | 2023-01-31 09:22:42 | Deep Dive |
| CVE-2023-24830 | Apache IoTDB Workbench: apache/iotdb-web-workbench: create a user without authorization | Apache Software Foundation | Apache IoTDB Workbench | 高危 | - | 2023-01-30 16:25:33 | Deep Dive |
| CVE-2023-22884 | Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow | Apache Software Foundation | Apache Airflow | 超危 | - | 2023-01-21 13:02:49 | Deep Dive |
| CVE-2022-37436 | Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting | Apache Software Foundation | Apache HTTP Server | 中危 | - | 2023-01-17 19:13:00 | Deep Dive |
| CVE-2022-36760 | Apache HTTP Server: mod_proxy_ajp Possible request smuggling | Apache Software Foundation | Apache HTTP Server | 超危 | - | 2023-01-17 19:11:55 | Deep Dive |
| CVE-2006-20001 | Apache HTTP Server: mod_dav out of bounds read, or write of zero byte | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2023-01-17 19:07:27 | Deep Dive |
| CVE-2022-41703 | Apache Superset: SQL injection vulnerability in adhoc clauses | Apache Software Foundation | Apache Superset | 中危 | - | 2023-01-16 10:14:01 | Deep Dive |
| CVE-2022-45438 | Apache Superset: Dashboard metadata information leak | Apache Software Foundation | Apache Superset | 中危 | - | 2023-01-16 10:12:03 | Deep Dive |
| CVE-2022-43721 | Apache Superset: Open Redirect Vulnerability | Apache Software Foundation | Apache Superset | 中危 | - | 2023-01-16 10:10:53 | Deep Dive |
| CVE-2022-43720 | Apache Superset: Improper rendering of user input | Apache Software Foundation | Apache Superset | 中危 | - | 2023-01-16 10:10:42 | Deep Dive |