检测

插件

Nessus 的 CGI abuses 系列

ID	名称	严重性
295029	Oracle Primavera Unifier2026 年 1 月 CPU	critical
294995	Oracle Primavera P6 Enterprise Project Portfolio Management2026 年 1 月 CPU	medium
292785	Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101575)	high
292784	Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101573)	high
286274	Kibana 7.x / 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_08)	medium
286273	Kibana 7.10.x < 7.17.30 / 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_04)	medium
286272	Kibana 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_05)	high
286271	Kibana 7.10.x < 7.17.30 / 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_03)	medium
286265	ServiceNow Platform Jelly 模板注入 (CVE-2024-4879)	critical
283727	Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.1 < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101574)	critical
282639	Atlassian Confluence 7.19.0 < 8.5.10 / 8.6.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101478)	high
282638	Atlassian Confluence 7.19.0 < 8.5.20 / 8.6.x < 9.2.6 / 9.3.x < 9.3.1 / 9.4.0 ] / 9.5.x < 9.5.2 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101489)	high
282478	MongoDB 未经认证未初始化的堆内存泄漏 (MongoBleed)CVE-2025-14847直接检查	high
282475	Libraesva ESG 4.5 < 5.0.31 / 5.1.20 / 5.2.31 / 5.3.16 / 5.4.8 / 5.5.7 命令注入 (CVE-2025-59689)	medium
282455	Smartbedded Meteobridge < 6.2 RCE (CVE-2025-4008)	high
282328	Atlassian Confluence < 8.5.31 / 8.6.x < 9.2.13 / 9.3.x < 10.2.2 (CONFSERVER-101788)	critical
282325	Atlassian Confluence < 8.5.10 / 9.2.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 (CONFSERVER-101477)	high
282324	Atlassian Confluence < 8.5.17 / 8.6.x < 9.2.6 / 9.3.1 < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 (CONFSERVER-101480)	high
282323	Atlassian Confluence < 8.5.10 / 8.6.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 (CONFSERVER-101479)	high
282322	Atlassian Confluence 10.1.x< 10.1.1 (CONFSERVER-101485)	high
282321	Atlassian Confluence < 9.2.6 / 9.3.x < 9.4.0 / < 9.4.0 / 9.5.x < 9.5.2 / 10.0.x < 10.0.2 / 10.1.0 (CONFSERVER-101488)	critical
282316	HPE OneView RCE (CVE-2025-37164)	critical
281853	Joomla 3.9.x < 5.4.2 / 6.0.x < 6.0.2 Joomla 6.0.2 & 5.4.2 安全和缺陷补丁版本 (5942-joomla-6-0-2-and-5-4-2-security-bugfix-release)	high
281846	Atlassian Confluence < 8.5.18 / 8.6.x < 9.2.1 / 9.3.x < 9.3.1 / 9.4.x < 9.5.4 / 10.0.x < 10.0.2 / 10.1.0 (CONFSERVER-101486)	high
280123	Mattermost Server 10.11.x < 10.11.8 / 10.12.x < 10.12.4 / 11.0.x <= 11.0.6 / 11.1.x <= 11.1.1 身份验证不当 (MMSA-2025-00555)	high
279436	WatchGuard Firebox OS 11.x / 12.x < 12.3.1_Update4 12.4.x < 12.5.15 / 12.6.x < 12.11.6 / 2025.x < 2025.1.4 越界写入 (CVE-2025-14733)	critical
279415	PHP 8.1.x < 8.1.34 多个漏洞	high
279274	PHP 8.2.x < 8.2.30 多个漏洞	high
279270	PHP 8.4.x < 8.4.16 多个漏洞	high
279128	PHP 8.5.x < 8.5.1 多个漏洞	high
279127	PHP 8.3.x < 8.3.29 多个漏洞	high
279000	SonicWall SMA 1000 系列 <= 12.4.3-03093 / 12.5.x <= 12.5.0-02283 本地权限升级 (SNWLID-2025-0019)	medium
278978	Kibana 7.0.x < 8.19.8 / 9.0.x < 9.1.8 / 9.2.x < 9.2.2 XSS (ESA-2025-28)	medium
278526	Unraid < 6.8.1 多个漏洞	critical
278130	Jenkins 插件多个漏洞 (2025-12-10)	medium
278129	Jenkins LTS < 2.528.3 / Jenkins weekly < 2.541 多个漏洞	medium
278112	WordPress Plugin 'Sneeit Framework' < 8.4 代码执行	critical
278111	Mattermost Server 10.5.x <= 10.5.12 / 10.11.x <= 10.11.4 访问控制不当 (MMSA-2025-00517)	low
278110	Mattermost Server 10.5.x <= 10.5.12 / 10.11.x <= 10.11.4 / 10.12.x <= 10.12.1 / 11.0.x <= 11.0.3 不当身份验证 (MMSA-2025-00547)	critical
278109	Mattermost Server 10.5.x <= 10.5.12 / 10.11.x <= 10.11.4 / 10.12.x <= 10.12.1 / 11.0.x <= 11.0.2 多个漏洞 (CVE-2025-12421、MMSA-2025-00526、CVE-2025-12756)	critical
277601	rConfig RCE (CVE-2020-10221)	high
277585	React Server Components 19.0 / 19.1.0 / 19.1.1 / 19.2.0 远程代码执行 (React2Shell)	critical
277584	WatchGuard Firebox OS 2025.1 / 12.x < 12.11.4 / 12.5.x < 12.5.13 / 11.x 越界写入漏洞	critical
277116	Splunk Enterprise 9.2.0 < 9.2.10、9.3.0 < 9.3.8、9.4.0 < 9.4.6、10.0 < 10.0.2 (SVD-2025-1204)	medium
277115	Splunk Enterprise 9.2.0 < 9.2.10、9.3.0 < 9.3.8、9.4.0 < 9.4.6、10.0 < 10.0.1 (SVD-2025-1203)	medium
277114	Splunk Enterprise 9.2 < 9.2.10、9.3 < 9.3.8、9.4 < 9.4.6、10.0 < 10.0.2 (SVD-2025-1202)	medium
277113	Splunk Enterprise 9.2 < 9.2.10、9.3 < 9.3.8、9.4 < 9.4.6、10.0 < 10.0.2 (SVD-2025-1208)	medium
277112	Splunk Enterprise 9.2.0 < 9.2.10、9.3.0 < 9.3.8、9.4.0 < 9.4.6、10.0 < 10.0.2 (SVD-2025-1201)	low
277111	Splunk Enterprise 9.2.0 < 9.2.10、9.3.0 < 9.3.8、9.4.0 < 9.4.6、10.0 < 10.0.2 (SVD-2025-1206)	high
277110	Splunk Enterprise 9.2.0 < 9.2.10、9.3.0 < 9.3.8、9.4.0 < 9.4.6、10.0 < 10.0.2 (SVD-2025-1209)	high

检测

Nessus 的 CGI abuses 系列

critical

medium

high

high

medium

medium

high

medium

critical

critical

high

high

high

medium

high

critical

high

high

high

high

critical

critical

high

high

high

critical

high

high

high

high

high

medium

medium

critical

medium

medium

critical

low

critical

critical

high

critical

critical

medium

medium

medium

medium

low

high

high