| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-28890 | Processing external DTDs | Apache Software Foundation | Apache Jena | 超危 | - | 2022-05-05 08:40:09 | Deep Dive |
| CVE-2022-29265 | Improper Restriction of XML External Entity References in Multiple Components | Apache Software Foundation | Apache NiFi | 高危 | - | 2022-04-30 08:05:10 | Deep Dive |
| CVE-2022-23942 | Apache Doris hardcoded cryptography initialization | Apache Software Foundation | Apache Doris(Incubating) | 高危 | - | 2022-04-26 16:05:10 | Deep Dive |
| CVE-2022-24706 | Remote Code Execution Vulnerability in Packaging | Apache Software Foundation | Apache CouchDB | 超危 | - | 2022-04-26 00:00:00 | Deep Dive |
| CVE-2022-29266 | apisix/jwt-auth may leak secrets in error response | Apache Software Foundation | Apache APISIX | 高危 | - | 2022-04-20 07:15:13 | Deep Dive |
| CVE-2022-27479 | SQL injection vulnerability in chart data API | Apache Software Foundation | Apache Superset | 超危 | - | 2022-04-13 19:05:11 | Deep Dive |
| CVE-2022-24070 | Apache Subversion mod_dav_svn is vulnerable to memory corruption | Apache Software Foundation | Apache Subversion | 高危 | - | 2022-04-12 17:50:14 | Deep Dive |
| CVE-2021-28544 | Apache Subversion SVN authz protected copyfrom paths regression | Apache Software Foundation | Apache Subversion | 中危 | - | 2022-04-12 17:50:13 | Deep Dive |
| CVE-2021-31805 | Forced OGNL evaluation, when evaluated on raw not validated user input in tag attributes, may lead to RCE. | Apache Software Foundation | Apache Struts | 超危 | - | 2022-04-12 15:25:11 | Deep Dive |
| CVE-2022-26612 | Arbitrary file write in FileUtil#unpackEntries on Windows | Apache Software Foundation | Apache Hadoop | 超危 | - | 2022-04-07 18:20:12 | Deep Dive |
| CVE-2022-26850 | Insufficiently protected credentials | Apache Software Foundation | Apache NiFi | 中危 | - | 2022-04-06 17:40:09 | Deep Dive |
| CVE-2022-23974 | Pinot segment push endpoint has a vulnerability in unprotected environments | Apache Software Foundation | Apache Pinot | 高危 | - | 2022-04-05 19:55:08 | Deep Dive |
| CVE-2022-25598 | Apache DolphinScheduler user registration is vulnerable to ReDoS attacks | Apache Software Foundation | Apache DolphinScheduler | 高危 | - | 2022-03-30 09:20:12 | Deep Dive |
| CVE-2022-25757 | Apache APISIX: the body_schema check in request-validation plugin can be bypassed | Apache Software Foundation | Apache APISIX | 超危 | - | 2022-03-28 07:00:16 | Deep Dive |
| CVE-2021-44759 | Improper authentication vulnerability in TLS origin verification | Apache Software Foundation | Apache Traffic Server | 高危 | - | 2022-03-23 14:05:20 | Deep Dive |
| CVE-2021-44040 | HTTP request line fuzzing attacks | Apache Software Foundation | Apache Traffic Server | 高危 | - | 2022-03-23 14:05:15 | Deep Dive |
| CVE-2022-26779 | Apache Cloudstack insecure random number generation affects project email invitation | Apache Software Foundation | Apache CloudStack | 高危 | - | 2022-03-15 15:40:11 | Deep Dive |
| CVE-2022-23943 | mod_sed: Read/write beyond bounds | Apache Software Foundation | Apache HTTP Server | 超危 | - | 2022-03-14 10:15:54 | Deep Dive |
| CVE-2022-22721 | core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody | Apache Software Foundation | Apache HTTP Server | 超危 | - | 2022-03-14 10:15:40 | Deep Dive |
| CVE-2022-22720 | HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier | Apache Software Foundation | Apache HTTP Server | 超危 | - | 2022-03-14 10:15:29 | Deep Dive |