Nessus 的 CGI abuses 系列

ID名称严重性
163839GitLab 13.10 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 不安全的直接对象引用
low
163838GitLab < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 信息泄露
medium
163836GitLab 12.5 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 不当验证
medium
163835GitLab 12.10 < 15.0.5/15.1 < 15.1.4/15.2 < 15.2.1 不当访问
medium
163834GitLab 14.6 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 不当验证
medium
163833GitLab 12.8 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 管道所有权
medium
163832GitLab 12.10 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 验证不充分
medium
163831GitLab < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 不当访问
medium
163830GitLab 15.0 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 信息泄露
medium
163790GitLab < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 安全绕过
low
163789GitLab 9.3 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 信息泄露
low
163760GitLab < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 存储型 XSS
medium
163657Atlassian Jira < 8.13.20 / 8.20.x < 8.20.8 / 8.22.x < 8.22.2 / 9.0.x < 9.0.0 (JRASERVER-73739)
high
163605GitLab < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 信息泄露
medium
163599JQuery UI < 1.13.2 XSS
medium
163514Citrix ADC and Citrix Gateway 12.1.x < 12.1-65.15 / 13.0.x < 13.0-86.17 / 13.1.x < 13.1-24.38 未经验证的重定向 (CTX457836)
medium
163486VMware Workspace One Access / VMware Identity Manager 多个漏洞 (VMSA-2022-0014)
critical
163453Apache Apereo CAS Log4Shell 直接检查 (CVE-2021-44228)
critical
163434Splunk Enterprise 8.1.x < 8.1.5、8.2.x < 8.2.1 验证绕过
high
163328Oracle Primavera Gateway(2022 年 7 月 CPU)
critical
163327Atlassian Confluence < 7.4.17 / 7.13.x < 7.13.6 / < 7.14.3 / 7.15.x < 7.15.2 / 7.16.x < 7.16.4 / 7.17.x < 7.17.2 (CONFSERVER-79483)
critical
163318Drupal 7.x < 7.91 / 9.3.x < 9.3.19 / 9.4.x < 9.4.3 多个漏洞 (drupal-2022-07-20)
critical
163293Oracle MySQL Enterprise Monitor DOS(2022 年 7 月 CPU)
high
163292Oracle MySQL Enterprise Monitor DOS(2022 年 7 月 CPU)
critical
163289Oracle Primavera Unifier(2022 年 7 月 CPU)
high
163259Jenkins 插件 多个漏洞(2022 年 6 月 22 日)
critical
163258Jenkins LTS < 2.332.4 / Jenkins weekly < 2.356 多个漏洞
critical
163257Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 23 / 9.0.0 < 9.0.0 Patch 16 多个漏洞
critical
163255Fortinet FortiAnalyzer 缓冲区溢出漏洞 (FG-IR-21-206)
high
163099VMware vRealize Log Insight 8.x < 8.8.2 XSS 漏洞 (VMSA-2022-0019)
medium
163086GitLab 12.4 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 信息泄露
medium
163085GitLab 8.13 < 14.10.5/15.0 < 15.0.4/15.1 < 15.1.1 访问不正确
medium
163084GitLab 12.5 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 信息泄露
medium
163075GitLab 11.1 < 14.10.5/15.0 < 15.0.4/15.1 < 15.1.1 XSS
medium
163074GitLab 14.5 < 14.10.5/15.0 < 15.0.4/15.1 < 15.1.1 XSS
medium
163072Zimbra Collaboration Server 8.8.x < 8.8.15 补丁 31 / 9.0.0 < 9.0.0 补丁 24 多个漏洞
critical
162985GitLab 14.8 < 14.10.5/15.0 < 15.0.4/15.1 < 15.1.1 访问控制漏洞
medium
162977GitLab 14.4 < 14.10.5/15.0 < 15.0.4/15.1 < 15.1.1 XSS
medium
162976GitLab 12.2 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 电子邮件域绕过
low
162975GitLab 1.0.2 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 DOS
medium
162974GitLab 13.7 < 14.10.5/15.0 < 15.0.4/15.1 < 15.1.1 不当授权
high
162973GitLab 13.4 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 信息泄露
medium
162972GitLab 10.7 < 14.10.5 或 15.0 < 15.0.4 或 15.1 < 15.1.1 错误授权漏洞
medium
162844PHP 8.1.x < 8.1.8
critical
162823Atlassian Jira 8.5.x < 8.19.1 (JRASERVER-72801)
high
162780GitLab 14.0 < 14.10.5/15.0 < 15.0.4/15.1 < 15.1.1 RCE
critical
162761Atlassian Jira < 8.5.14 / 8.6.x < 8.13.6 / 8.14.x < 8.16.1 / 8.17.0 (JRASERVER-72695)
medium
162760Atlassian Jira 8.5.x < 8.18.0 (JRASERVER-72575)
high
162759Atlassian Jira 8.13.x < 8.14.0 SQLI (JRASERVER-71833)
high
162758Atlassian Jira < 8.13.15 / 8.14.x < 8.20.3 / 8.21.0 (JRASERVER-73072)
high