检测

Nessus 的 Web Servers 系列

ID名称严重性
315541IBM WebSphere Application Server Liberty 22.0.0.11 < 26.0.0.6 (7273425)
medium
315540IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.28 / Liberty 19.0.0.7 < 26.0.0.6 DoS (7273424)
medium
314954SAP NetWeaver AS ABAP 代码注入 (3735359)
medium
314953SAP NetWeaver AS ABAP OS 命令注入 (3730019)
medium
314952SAP NetWeaver AS ABAP SQL 注入 (3724838)
critical
314951SAP NetWeaver AS ABAP 反射型 XSS (3728690)
medium
314911Open WebUI Web 检测
info
314335Apache Tomcat 10.1.0.M1 < 10.1.55 多个漏洞
critical
314334Apache Tomcat 9.0.0.M1 < 9.0.118 多个漏洞
critical
311940Apache 2.4.x < 2.4.67 多个漏洞
critical
309969Oracle HTTP Server2026 年 4 月 CPU
high
309968Oracle HTTP Server2026 年 4 月 CPU
high
309854IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.5 身份欺骗 (7270437)
medium
307013Apache Tomcat 10.1.22 < 10.1.54 多个漏洞
high
307004Apache Tomcat 9.0.113 < 9.0.116 多个漏洞
high
307003Apache Tomcat 9.0.92 < 9.0.117 多个漏洞
high
307002Apache Tomcat 11.0.0、M14 < 11.0.21 多个漏洞
high
307001Apache Tomcat 10.1.50 < 10.1.53 多个漏洞
high
306755Apache Tomcat 11.0.15 < 11.0.20 多个漏洞
critical
306733SAP NetWeaver AS Java 代码注入 (3719397)
medium
306732SAP NetWeaver AS ABAP 开放重定向 (3692004)
medium
306675nginx 1.1.19 < 1.28.3 / 1.29.x < 1.29.7 ngx_http_mp4_module 中的多种漏洞
high
306674nginx 0.5.13 < 1.28.3 / 1.29.x < 1.29.7 ngx_http_dav_module 中的缓冲区溢出
high
306673nginx 0.5.15 < 1.28.3 / 1.29.x < 1.29.7 空指针取消引用
high
306672nginx 1.27.2 < 1.28.3 / 1.29.x < 1.29.7 OCSP 结果绕过
medium
306671nginx 0.6.27 < 1.28.3 / 1.29.x < 1.29.7 SMTP 上游注入
low
305204OpenSSL 1.1.1 < 1.1.1zg 多个漏洞
high
305203OpenSSL 1.0.2 < 1.0.2zp 多个漏洞
high
305202OpenSSL 3.0.0 < 3.0.20 多个漏洞
critical
305201OpenSSL 3.4.0 < 3.4.5 多个漏洞
critical
305200OpenSSL 3.3.0 < 3.3.7 多个漏洞
critical
304689Grafana 8.1.0 < 11.6.14 / 12.0.012.1.10 < 12.2.0 ] / [ 12.2.8 < [] / 12.3.0 < 12.3.6 / 12.4.0 < 12.4.2 DoS (CVE-2026-28375)
medium
304688Grafana 8.0.0 < 11.6.14 / 12.0.012.1.10 < 12.2.0 ] / [ 12.2.8 < [] / 12.3.0 < 12.3.6 / 12.4.0 < 12.4.2 DoS (CVE-2026-27879)
medium
304687Grafana 9.3.0 < 11.6.14 / 12.0.0 < 12.1.10 / [ 12.2.0 < 12.3.0 [] / 12.2.8 < 12.3.6 / 12.4.0 < 12.4.2 信息泄露 (CVE-2026-27877)
high
304686Grafana 12.1.0 < 12.1.10 / 12.2.0 < 12.2.8 / 12.3.0 < 12.3.6 / 12.4.0 < 12.4.2 DoS (CVE-2026-27880)
high
304671nginx 1.3.0 < 1.28.2 / 1.29.x < 1.29.5 SSL 上游注入
high
303926IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7267689)
medium
303560IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 权限升级 (7267345)
high
303559IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267351)
high
303510IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267347)
medium
303509IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267362)
critical
303225Pac4J JWT < 4.5.9 / 5.x < 5.7.9 / 6.x < 6.3.3 认证绕过 (CVE-2026-29000)直接检查
critical
302501OpenSSL 3.6.0 < 3.6.2 多个漏洞
critical
302500OpenSSL 3.5.0 < 3.5.6 多种漏洞
high
302165SAP NetWeaver AS ABAP 缺少授权检查 (3703856)
medium
302164SAP NetWeaver AS ABAP SSRF (3689080)
medium
302163SAP NetWeaver AS ABAP 缺少授权检查 (3704740)
medium
302162SAP NetWeaver AS ABAP 缺少授权检查 (3694383)
low
302113SAP NetWeaver AS Java 多个漏洞 (3700960)
high
301975SAP Netweaver Visual Composer 不受限制的文件上传 (3084487)
high