Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Path Traversal in Next.js up to 9.3.1 CVE-2020-5284 CWE-22 CWE-22 Medium Path Traversal in Oracle GlassFish server open source edition CWE-22 CWE-22 High Path traversal via misconfigured NGINX alias CWE-22 CWE-22 High Payara Files or Directories Accessible to External Parties Vulnerability (CVE-2022-45129) CVE-2022-45129 CWE-552 CWE-552 High Payara Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-37422) CVE-2022-37422 CWE-22 CWE-22 High Payara Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-8215) CVE-2024-8215 CWE-707 CWE-707 High Payara Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1534) CVE-2025-1534 CWE-707 CWE-707 Medium Payara Micro File Read (CVE-2021-41381) CVE-2021-41381 CWE-22 CWE-22 Medium Payara URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41699) CVE-2023-41699 CWE-601 CWE-601 Medium Payara URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-7312) CVE-2024-7312 CWE-601 CWE-601 Medium Pega Infinity Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-9559) CVE-2025-9559 CWE-639 CWE-639 Medium Pega Infinity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-35656) CVE-2022-35656 CWE-352 CWE-352 Medium Pega Infinity CVE-2021-27653 Vulnerability (CVE-2021-27653) CVE-2021-27653 Medium Pega Infinity Deserialization of Untrusted Data Vulnerability (CVE-2022-24082) CVE-2022-24082 CWE-502 CWE-502 Critical Pega Infinity Direct Request ('Forced Browsing') Vulnerability (CVE-2019-16386) CVE-2019-16386 CWE-425 CWE-425 Medium Pega Infinity Direct Request ('Forced Browsing') Vulnerability (CVE-2019-16388) CVE-2019-16388 CWE-425 CWE-425 Medium Pega Infinity Exposure of Resource to Wrong Sphere Vulnerability (CVE-2019-16387) CVE-2019-16387 CWE-668 CWE-668 High Pega Infinity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-11356) CVE-2017-11356 CWE-200 CWE-200 Medium Pega Infinity Improper Authentication Vulnerability (CVE-2021-27651) CVE-2021-27651 CWE-287 CWE-287 Critical Pega Infinity Improper Authentication Vulnerability (CVE-2023-32090) CVE-2023-32090 CWE-287 CWE-287 Critical Pega Infinity Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-10094) CVE-2024-10094 CWE-94 CWE-94 Critical Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-11355) CVE-2017-11355 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17478) CVE-2017-17478 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8774) CVE-2020-8774 CWE-707 CWE-707 High Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23957) CVE-2020-23957 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24353) CVE-2020-24353 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35654) CVE-2022-35654 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35655) CVE-2022-35655 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-4843) CVE-2023-4843 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-26465) CVE-2023-26465 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-50167) CVE-2023-50167 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6700) CVE-2024-6700 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6701) CVE-2024-6701 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6702) CVE-2024-6702 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-10716) CVE-2024-10716 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-62184) CVE-2025-62184 CWE-707 CWE-707 Low Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-1711) CVE-2026-1711 CWE-707 CWE-707 Medium Pega Infinity Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2026-1564) CVE-2026-1564 CWE-707 CWE-707 Medium Pega Infinity Improper Privilege Management Vulnerability (CVE-2020-15390) CVE-2020-15390 CWE-269 CWE-269 Critical Pega Infinity Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-50168) CVE-2023-50168 CWE-611 CWE-611 High Pega Infinity Other Vulnerability (CVE-2022-24083) CVE-2022-24083 Critical Pega Infinity Other Vulnerability (CVE-2023-28094) CVE-2023-28094 Critical Pega Infinity Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-27654) CVE-2021-27654 CWE-640 CWE-640 High Pentaho API Auth bypass (CVE-2021-31602) CVE-2021-31602 CWE-863 CWE-863 High Perl Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-12723) CVE-2020-12723 CWE-120 CWE-120 High Perl CVE-2016-6185 Vulnerability (CVE-2016-6185) CVE-2016-6185 High Perl Improper Certificate Validation Vulnerability (CVE-2023-31484) CVE-2023-31484 CWE-295 CWE-295 High Perl Improper Certificate Validation Vulnerability (CVE-2023-31486) CVE-2023-31486 CWE-295 CWE-295 High Perl Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-6329) CVE-2012-6329 CWE-94 CWE-94 High Perl Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-47100) CVE-2023-47100 CWE-755 CWE-755 Critical Perl Improper Input Validation Vulnerability (CVE-2010-4777) CVE-2010-4777 CWE-20 CWE-20 Medium Perl Improper Input Validation Vulnerability (CVE-2015-8853) CVE-2015-8853 CWE-20 CWE-20 High Perl Improper Input Validation Vulnerability (CVE-2016-2381) CVE-2016-2381 CWE-20 CWE-20 High Perl Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-1999-1386) CVE-1999-1386 CWE-59 CWE-59 Medium Perl Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-12015) CVE-2018-12015 CWE-59 CWE-59 High Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-5195) CVE-2012-5195 CWE-119 CWE-119 High Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-4330) CVE-2014-4330 CWE-119 CWE-119 Low Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12814) CVE-2017-12814 CWE-119 CWE-119 Critical Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12837) CVE-2017-12837 CWE-119 CWE-119 High Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12883) CVE-2017-12883 CWE-119 CWE-119 Critical Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-18312) CVE-2018-18312 CWE-119 CWE-119 Critical Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-18314) CVE-2018-18314 CWE-119 CWE-119 Critical Perl Integer Overflow or Wraparound Vulnerability (CVE-2020-10878) CVE-2020-10878 CWE-190 CWE-190 High Perl Integer Overflow to Buffer Overflow Vulnerability (CVE-2026-8376) CVE-2026-8376 CWE-680 CWE-680 Critical Perl Numeric Errors Vulnerability (CVE-2005-3962) CVE-2005-3962 Medium Perl Numeric Errors Vulnerability (CVE-2010-1158) CVE-2010-1158 Medium Perl Numeric Errors Vulnerability (CVE-2011-2939) CVE-2011-2939 Medium Perl Numeric Errors Vulnerability (CVE-2013-7422) CVE-2013-7422 High Perl Other Vulnerability (CVE-2009-3626) CVE-2009-3626 Medium Perl Other Vulnerability (CVE-2011-0761) CVE-2011-0761 Medium Perl Other Vulnerability (CVE-2011-2728) CVE-2011-2728 Medium Perl Other Vulnerability (CVE-2026-4176) CVE-2026-4176 Critical Perl Out-of-bounds Read Vulnerability (CVE-2015-8608) CVE-2015-8608 CWE-125 CWE-125 Critical Perl Out-of-bounds Read Vulnerability (CVE-2018-6798) CVE-2018-6798 CWE-125 CWE-125 High Perl Out-of-bounds Read Vulnerability (CVE-2018-18313) CVE-2018-18313 CWE-125 CWE-125 Critical 1...145146147148...327 146 / 327
