| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-40604 | Format String Vulnerability | Apache Software Foundation | Apache Airflow | 高危 | - | 2022-09-21 07:25:11 | Deep Dive |
| CVE-2022-40955 | Deserialization attack in Apache InLong prior to version 1.3.0 allows RCE via JDBC | Apache Software Foundation | Apache InLong | 高危 | - | 2022-09-20 13:50:08 | Deep Dive |
| CVE-2022-34917 | Unauthenticated clients may cause OutOfMemoryError on Apache Kafka Brokers | Apache Software Foundation | Apache Kafka | 高危 | - | 2022-09-20 08:35:07 | Deep Dive |
| CVE-2022-39135 | Apache Calcite: potential XEE attacks | Apache Software Foundation | Apache Calcite | 超危 | - | 2022-09-11 00:00:00 | Deep Dive |
| CVE-2022-28220 | STARTTLS command injection in Apache JAMES | Apache Software Foundation | Apache James | 高危 | - | 2022-09-08 07:40:09 | Deep Dive |
| CVE-2022-38370 | No authorization of DatabaseConnectController in grafana-connector. | Apache Software Foundation | Apache IoTDB | 高危 | - | 2022-09-05 09:50:10 | Deep Dive |
| CVE-2022-38369 | Login check vulnerability by session Id | Apache Software Foundation | Apache IoTDB | 高危 | - | 2022-09-05 09:50:09 | Deep Dive |
| CVE-2022-38054 | Session Fixation | Apache Software Foundation | Apache Airflow | 超危 | - | 2022-09-02 07:10:21 | Deep Dive |
| CVE-2022-38170 | Overly permissive umask for daemons | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-09-02 07:10:21 | Deep Dive |
| CVE-2022-29158 | Regular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz | Apache Software Foundation | Apache OFBiz | 高危 | - | 2022-09-02 07:10:20 | Deep Dive |
| CVE-2022-29063 | Java Deserialization via RMI Connection from the Solr plugin of Apache OFBiz | Apache Software Foundation | Apache OFBiz | 超危 | - | 2022-09-02 07:10:19 | Deep Dive |
| CVE-2022-25813 | Server-Side Template Injection affecting the ecommerce plugin of Apache OFBiz | Apache Software Foundation | Apache OFBiz | 高危 | - | 2022-09-02 07:10:18 | Deep Dive |
| CVE-2022-25371 | Unauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz | Apache Software Foundation | Apache OFBiz | 超危 | - | 2022-09-02 07:10:17 | Deep Dive |
| CVE-2022-25370 | Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz | Apache Software Foundation | Apache OFBiz | 中危 | - | 2022-09-02 07:10:16 | Deep Dive |
| CVE-2022-37435 | Apache ShenYu Admin Improper Privilege Management | Apache Software Foundation | Apache ShenYu | 高危 | - | 2022-09-01 14:00:14 | Deep Dive |
| CVE-2022-37023 | Apache Geode deserialization of untrusted data flaw when using REST API on Java 8 or Java 11 | Apache Software Foundation | Apache Geode | 中危 | - | 2022-08-31 07:00:16 | Deep Dive |
| CVE-2022-37022 | Apache Geode deserialization of untrusted data flaw when using JMX over RMI on Java 11 | Apache Software Foundation | Apache Geode | 高危 | - | 2022-08-31 07:00:15 | Deep Dive |
| CVE-2022-37021 | Apache Geode deserialization of untrusted data flaw when using JMX over RMI on Java 8. | Apache Software Foundation | Apache Geode | 超危 | - | 2022-08-31 07:00:14 | Deep Dive |
| CVE-2021-25642 | Apache Hadoop YARN remote code execution in ZKConfigurationStore of capacity scheduler | Apache Software Foundation | Apache Hadoop | 高危 | - | 2022-08-25 00:00:00 | Deep Dive |
| CVE-2022-22728 | libapreq2 multipart form parse memory corruption | Apache Software Foundation | libapreq2 | 高危 | - | 2022-08-25 00:00:00 | Deep Dive |