公开报告 - 墨云安全研究院

墨云科技安全研究院多次发现Google、Apple、Oracle、VMware、Apache等厂商漏洞,部分漏洞列表如下:

标题	厂商	漏洞编号	漏洞介绍
Aria Operations 权限提升漏洞	VMware	CVE-2024-22235	https://www.vmware.com/security/advisories/VMSA-2024-0004.html
Apache Axis SSRF漏洞	Apache	CVE-2023-51441	https://lists.apache.org/thread/8nrm5thop8f82pglx4o0jg8wmvy6d9yd
OpenJDK 信息泄露漏洞	Oracle	CVE-2023-22067	https://www.oracle.com/security-alerts/cpuoct2023.html
Aria Operations 权限提升漏洞	VMware	CVE-2023-34043	https://www.vmware.com/security/advisories/VMSA-2023-0020.html
Aria Operations 权限提升漏洞	VMware	CVE-2023-20880	https://www.vmware.com/security/advisories/VMSA-2023-0009.html
Aria Operations 权限提升漏洞	VMware	CVE-2023-20879	https://www.vmware.com/security/advisories/VMSA-2023-0009.html
vRealize 权限绕过漏洞	VMware	CVE-2023-20856	https://www.vmware.com/security/advisories/VMSA-2023-0002.html
OpenJDK 信息泄露漏洞	OpenJDK	CVE-2023-21830	https://openjdk.org/groups/vulnerability/advisories/2023-01-17
WebLogic 远程代码执行漏洞	Oracle	CVE-2023-21837	https://www.oracle.com/security-alerts/cpujan2023.html
WebLogic 远程代码执行漏洞	Oracle	CVE-2023-21839	https://www.oracle.com/security-alerts/cpujan2023.html
RV340 内存破坏漏洞	Cisco	CVE-2023-20007	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-rcedos-7HjP74jD
vRealize 权限提升漏洞	VMware	CVE-2022-31707	https://www.vmware.com/security/advisories/VMSA-2022-0034.html
vRealize 权限提升漏洞	VMware	CVE-2022-31708	https://www.vmware.com/security/advisories/VMSA-2022-0034.html
WebSphere SSRF漏洞	IBM	CVE-2022-35282	https://www.ibm.com/support/pages/node/6824179
Chrome 内存破坏漏洞	Google	CVE-2022-1135	https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html
WebLogic 信息泄露漏洞	Oracle	CVE-2022-21570	https://www.oracle.com/security-alerts/cpujul2022.html
WebLogic 信息泄露漏洞	Oracle	CVE-2022-21361	https://www.oracle.com/security-alerts/cpujan2022.html
WebLogic 远程代码执行漏洞	Oracle	CVE-2022-21350	https://www.oracle.com/security-alerts/cpujan2022.html
WebLogic 信息泄露漏洞	Oracle	CVE-2022-21292	https://www.oracle.com/security-alerts/cpujan2022.html
vRealize Operations SSRF漏洞	VMware	CVE-2021-22027	https://www.vmware.com/security/advisories/VMSA-2021-0018.html
vRealize Operations SSRF漏洞	VMware	CVE-2021-22026	https://www.vmware.com/security/advisories/VMSA-2021-0018.html
vRealize Operations 访问控制漏洞	VMware	CVE-2021-22025	https://www.vmware.com/security/advisories/VMSA-2021-0018.html
vRealize Operations 任意日志文件读取漏洞	VMware	CVE-2021-22024	https://www.vmware.com/security/advisories/VMSA-2021-0018.html
Chrome 内存破坏漏洞	Google	CVE-2021-37997	https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
Chrome 内存破坏漏洞	Google	CVE-2021-4052	https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html
WebLogic 远程代码执行漏洞	Oracle	CVE-2021-2382	https://www.oracle.com/security-alerts/cpujul2021.html
WebLogic 远程代码执行漏洞	Oracle	CVE-2021-2394	https://www.oracle.com/security-alerts/cpujul2021.html
Chrome 内存破坏漏洞	Google	CVE-2021-30624	https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop_31.html
OFBiz 远程代码执行漏洞	Apache	CVE-2021-29200	https://lists.apache.org/thread/hq5p8hl6w38sxvq9cw18s6gx95t3j4tr
WebLogic XXE漏洞	Oracle	CVE-2021-2211	https://www.oracle.com/security-alerts/cpuapr2021.html
WebLogic Jdbc SSRF 漏洞	Oracle	CVE-2021-2294	https://www.oracle.com/security-alerts/cpuapr2021.html
WebLogic XXE 漏洞	Oracle	CVE-2021-2277	https://www.oracle.com/security-alerts/cpuapr2021.html