| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-41766 | Insecure Java Deserialization in Apache Karaf | Apache Software Foundation | Apache Karaf | 高危 | - | 2022-01-26 11:10:11 | Deep Dive |
| CVE-2022-23945 | Apache ShenYu missing authentication allows gateway registration | Apache Software Foundation | Apache ShenYu (incubating) | 高危 | - | 2022-01-25 13:00:25 | Deep Dive |
| CVE-2022-23944 | Apache ShenYu 2.4.1 Improper access control | Apache Software Foundation | Apache ShenYu (incubating) | 超危 | - | 2022-01-25 13:00:24 | Deep Dive |
| CVE-2022-23223 | Apache ShenYu Password leakage | Apache Software Foundation | Apache ShenYu (incubating) | 高危 | - | 2022-01-25 13:00:22 | Deep Dive |
| CVE-2021-45029 | Apache ShenYu 2.4.1 Groovy Code Injection & SpEL Injection | Apache Software Foundation | Apache ShenYu (incubating) | 超危 | - | 2022-01-25 13:00:21 | Deep Dive |
| CVE-2022-23437 | Infinite loop within Apache XercesJ xml parser | Apache Software Foundation | Apache Xerces | 中危 | - | 2022-01-24 00:00:00 | Deep Dive |
| CVE-2022-22733 | Access-Token in ElasticJob UI causes password disclosure | Apache Software Foundation | Apache ShardingSphere ElasticJob-UI | 中危 | - | 2022-01-20 10:25:12 | Deep Dive |
| CVE-2021-45230 | Apache Airflow: Creating DagRuns didn't respect Dag-level permissions in the Webserver | Apache Software Foundation | Apache Airflow | 中危 | - | 2022-01-20 10:25:10 | Deep Dive |
| CVE-2022-23307 | A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution. | Apache Software Foundation | Apache Log4j 1.x | 高危 | - | 2022-01-18 15:25:23 | Deep Dive |
| CVE-2022-23305 | SQL injection in JDBC Appender in Apache Log4j V1 | Apache Software Foundation | Apache Log4j 1.x | 超危 | - | 2022-01-18 15:25:22 | Deep Dive |
| CVE-2022-23302 | Deserialization of untrusted data in JMSSink in Apache Log4j 1.x | Apache Software Foundation | Apache Log4j 1.x | 高危 | - | 2022-01-18 15:25:20 | Deep Dive |
| CVE-2021-42357 | DOM based XSS Vulnerability in Apache Knox | Apache Software Foundation | Apache Knox | 中危 | - | 2022-01-17 19:25:09 | Deep Dive |
| CVE-2021-43999 | Improper validation of SAML responses | Apache Software Foundation | Apache Guacamole | 高危 | - | 2022-01-11 22:10:12 | Deep Dive |
| CVE-2021-41767 | Private tunnel identifier may be included in the non-private details of active connections | Apache Software Foundation | Apache Guacamole | 中危 | - | 2022-01-11 22:10:11 | Deep Dive |
| CVE-2021-43297 | Dubbo Hessian cause RCE when parse error | Apache Software Foundation | Apache Dubbo | 超危 | - | 2022-01-10 15:25:48 | Deep Dive |
| CVE-2021-43045 | Possible DOS vulnerabilities in C# Avro SDK | Apache Software Foundation | Apache Avro | 高危 | - | 2022-01-06 18:00:12 | Deep Dive |
| CVE-2021-45458 | Hardcoded credentials | Apache Software Foundation | Apache Kylin | 高危 | - | 2022-01-06 12:35:24 | Deep Dive |
| CVE-2021-45457 | Overly broad CORS configuration | Apache Software Foundation | Apache Kylin | 高危 | - | 2022-01-06 12:35:22 | Deep Dive |
| CVE-2021-45456 | Command injection | Apache Software Foundation | Apache Kylin | 超危 | - | 2022-01-06 12:35:21 | Deep Dive |
| CVE-2021-36774 | Mysql JDBC Connector Deserialize RCE | Apache Software Foundation | Apache Kylin | 中危 | - | 2022-01-06 12:35:20 | Deep Dive |