Low Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Apache 2.x version older than 2.2.10	CVE-2008-2939 CVE-2010-2791 CWE-79	CWE-79	Low
Apache Axis2 web services enumeration	CWE-200	CWE-200	Low
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-4415)	CVE-2011-4415 CWE-20	CWE-20	Low
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2012-0021)	CVE-2012-0021 CWE-20	CWE-20	Low
Apache HTTP Server Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2001-0131)	CVE-2001-0131 CWE-59	CWE-59	Low
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2003-1581)	CVE-2003-1581 CWE-707	CWE-707	Low
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6421)	CVE-2007-6421 CWE-707	CWE-707	Low
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2687)	CVE-2012-2687 CWE-707	CWE-707	Low
Apache HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2008-0456)	CVE-2008-0456 CWE-138	CWE-138	Low
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2009-3094)	CVE-2009-3094 CWE-476	CWE-476	Low
Apache HTTP Server Other Vulnerability (CVE-2002-1233)	CVE-2002-1233		Low
Apache HTTP Server Other Vulnerability (CVE-2004-1387)	CVE-2004-1387		Low
Apache HTTP Server Other Vulnerability (CVE-2004-1834)	CVE-2004-1834		Low
Apache HTTP Server Other Vulnerability (CVE-2007-1742)	CVE-2007-1742		Low
Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)	CVE-2001-1534 CWE-384	CWE-384	Low
Apache mod_negotiation filename bruteforcing	CWE-538	CWE-538	Low
Apache Solr endpoint	CWE-200	CWE-200	Low
Apache stronghold-info enabled	CWE-200	CWE-200	Low
Apache stronghold-status enabled	CWE-200	CWE-200	Low
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-43980)	CVE-2021-43980 CWE-362	CWE-362	Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-3164)	CVE-2005-3164 CWE-200	CWE-200	Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4308)	CVE-2008-4308 CWE-200	CWE-200	Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-5519)	CVE-2008-5519 CWE-200	CWE-200	Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1157)	CVE-2010-1157 CWE-200	CWE-200	Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2204)	CVE-2011-2204 CWE-200	CWE-200	Low
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2071)	CVE-2013-2071 CWE-200	CWE-200	Low
Apache Tomcat hello.jsp XSS	CVE-2007-1355 CWE-79	CWE-79	Low
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-5461)	CVE-2007-5461 CWE-22	CWE-22	Low
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-1358)	CVE-2007-1358 CWE-707	CWE-707	Low
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-2450)	CVE-2007-2450 CWE-707	CWE-707	Low
Apache Tomcat Other Vulnerability (CVE-2007-1858)	CVE-2007-1858		Low
Apache Tomcat Other Vulnerability (CVE-2010-3718)	CVE-2010-3718		Low
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0346)	CVE-2013-0346 CWE-264	CWE-264	Low
Apache Tomcat Resource Management Errors Vulnerability (CVE-2012-4534)	CVE-2012-4534		Low
Apache Tomcat version older than 6.0.6	CVE-2007-1358 CWE-79	CWE-79	Low
Apache version up to 1.3.33 htpasswd local overflow	CVE-2006-1078 CWE-119	CWE-119	Low
Arbitrary File Read on Nuxt.js Development Server	CWE-200	CWE-200	Low
Artifactory Incorrect Default Permissions Vulnerability (CVE-2021-46270)	CVE-2021-46270 CWE-276	CWE-276	Low
ASP.NET debugging enabled	CWE-11	CWE-11	Low
ASP.NET path disclosure	CWE-200	CWE-200	Low
ASP.NET ViewStateUserKey Is Not Set	CWE-642	CWE-642	Low
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26071)	CVE-2021-26071 CWE-352	CWE-352	Low
Atlassian Jira CVE-2021-26076 Vulnerability (CVE-2021-26076)	CVE-2021-26076		Low
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8481)	CVE-2015-8481 CWE-200	CWE-200	Low
Atlassian Jira Manage Filters information disclosure	CWE-200	CWE-200	Low
Atlassian Jira Other Vulnerability (CVE-2006-3338)	CVE-2006-3338		Low
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0971)	CVE-2010-0971 CWE-707	CWE-707	Low
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2091)	CVE-2014-2091 CWE-707	CWE-707	Low
Broken Link Hijacking	CWE-610	CWE-610	Low
Caddy Web Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19148)	CVE-2018-19148 CWE-200	CWE-200	Low
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-39061)	CVE-2023-39061 CWE-352	CWE-352	Low
Cherokee Cryptographic Issues Vulnerability (CVE-2011-2190)	CVE-2011-2190		Low
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4753)	CVE-2013-4753 CWE-707	CWE-707	Low
Clickjacking: CSP frame-ancestors missing	CWE-1021	CWE-1021	Low
Clickjacking: X-Frame-Options header	CWE-1021	CWE-1021	Low
ColdFusion administrator login page publicly available	CWE-200	CWE-200	Low
ColdFusion path disclosures	CWE-200	CWE-200	Low
ColdFusion RDS Service enabled	CWE-200	CWE-200	Low
Composer installed.json publicly accessible	CWE-200	CWE-200	Low
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3111)	CVE-2021-3111 CWE-707	CWE-707	Low
Cookies Not Marked as HttpOnly	CWE-1004	CWE-1004	Low
Cookies Not Marked as Secure	CWE-614	CWE-614	Low
Cookies with missing, inconsistent or contradictory properties	CWE-284	CWE-284	Low
Coppermine Cross-site Scripting (XSS) Vulnerability (CVE-2015-3921)	CVE-2015-3921		Low
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1613)	CVE-2012-1613 CWE-707	CWE-707	Low
Cross site scripting (requiring unencoded quote)	CWE-79	CWE-79	Low
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2513)	CVE-2016-2513 CWE-200	CWE-200	Low
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0483)	CVE-2014-0483 CWE-264	CWE-264	Low
Documentation files	CWE-538	CWE-538	Low
Dotclear Other Vulnerability (CVE-2007-3688)	CVE-2007-3688		Low
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7903)	CVE-2016-7903 CWE-264	CWE-264	Low
Drupal Core Open Redirect	CWE-601	CWE-601	Low
Drupal Improper Access Control Vulnerability (CVE-2015-2559)	CVE-2015-2559 CWE-284	CWE-284	Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5621)	CVE-2007-5621 CWE-707	CWE-707	Low
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0274)	CVE-2008-0274 CWE-707	CWE-707	Low

Apache 2.x version older than 2.2.10

CVE-2008-2939 CVE-2010-2791

CWE-79

Low