| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-22719 | mod_lua Use of uninitialized value of in r:parsebody | Apache Software Foundation | Apache HTTP Server | 高危 | - | 2022-03-14 10:15:16 | Deep Dive |
| CVE-2021-38296 | Apache Spark Key Negotiation Vulnerability | Apache Software Foundation | Apache Spark | 高危 | - | 2022-03-10 08:20:12 | Deep Dive |
| CVE-2022-25312 | An XML external entity (XXE) injection vulnerability exists in the Apache Any23 RDFa XSLTStylesheet extractor | Apache Software Foundation | Apache Any23 | 超危 | - | 2022-03-04 23:25:08 | Deep Dive |
| CVE-2022-26336 | A carefully crafted TNEF file can cause an out of memory exception | Apache Software Foundation | poi-scratchpad | 中危 | - | 2022-03-04 00:00:00 | Deep Dive |
| CVE-2022-24948 | Apache JSPWiki Cross-site scripting vulnerability on User Preferences screen | Apache Software Foundation | Apache JSPWiki | 中危 | - | 2022-02-25 08:30:19 | Deep Dive |
| CVE-2022-24947 | Apache JSPWiki CSRF Account Takeover | Apache Software Foundation | Apache JSPWiki | 高危 | - | 2022-02-25 08:30:18 | Deep Dive |
| CVE-2022-24288 | Apache Airflow: RCE in example DAGs | Apache Software Foundation | Apache Airflow | 高危 | - | 2022-02-25 08:30:16 | Deep Dive |
| CVE-2021-45229 | Apache Airflow: Reflected XSS via Origin Query Argument in URL | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-02-25 08:30:15 | Deep Dive |
| CVE-2022-24289 | Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions | Apache Software Foundation | Apache Cayenne | 高危 | - | 2022-02-11 12:20:15 | Deep Dive |
| CVE-2022-24112 | apisix/batch-requests plugin allows overwriting the X-REAL-IP header | Apache Software Foundation | Apache APISIX | 超危 | - | 2022-02-11 12:20:13 | Deep Dive |
| CVE-2021-44521 | Remote code execution for scripted UDFs | Apache Software Foundation | Apache Cassandra | 超危 | - | 2022-02-11 12:20:12 | Deep Dive |
| CVE-2022-22931 | Path traversal in Apache James 3.6.1 | Apache Software Foundation | Apache James | 中危 | - | 2022-02-07 18:50:10 | Deep Dive |
| CVE-2022-23206 | Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth | Apache Software Foundation | Apache Traffic Control | 高危 | - | 2022-02-06 15:15:10 | Deep Dive |
| CVE-2022-23913 | Apache ActiveMQ Artemis DoS | Apache Software Foundation | Apache ActiveMQ Artemis | 高危 | - | 2022-02-04 22:33:01 | Deep Dive |
| CVE-2021-36152 | Insecure TrustManager used in LDAP connections | Apache Software Foundation | Apache Gobblin | 超危 | - | 2022-02-04 22:32:57 | Deep Dive |
| CVE-2021-36151 | Local Credentials Disclosure Vulnerability | Apache Software Foundation | Apache Gobblin | 中危 | - | 2022-02-04 22:32:56 | Deep Dive |
| CVE-2021-44451 | API sensitive information leak | Apache Software Foundation | Apache Superset | 中危 | - | 2022-02-01 13:16:32 | Deep Dive |
| CVE-2021-41571 | Pulsar Admin API allows access to data from other tenants using getMessageById API | Apache Software Foundation | Apache Pulsar | 中危 | - | 2022-02-01 12:40:53 | Deep Dive |
| CVE-2022-23181 | Local privilege escalation with FileStore | Apache Software Foundation | Apache Tomcat | 高危 | - | 2022-01-27 00:00:00 | Deep Dive |
| CVE-2022-22932 | Path traversal flaws | Apache Software Foundation | Apache Karaf | 中危 | - | 2022-01-26 11:10:12 | Deep Dive |