Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity qdPM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8390) CVE-2019-8390 CWE-707 CWE-707 Medium qdPM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8391) CVE-2019-8391 CWE-707 CWE-707 Medium qdPM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18468) CVE-2020-18468 CWE-707 CWE-707 Medium qdPM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-19515) CVE-2020-19515 CWE-707 CWE-707 Medium qdPM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26166) CVE-2020-26166 CWE-707 CWE-707 Medium qdPM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-11814) CVE-2020-11814 CWE-138 CWE-138 Medium qdPM Information Disclosure CWE-260 CWE-260 High qdPM Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-3883) CVE-2015-3883 Medium qdPM Sensitive Information Disclosure Vulnerability (CVE-2015-3881) CVE-2015-3881 High qdPM Sensitive Information Disclosure Vulnerability (CVE-2015-3882) CVE-2015-3882 Medium qdPM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11811) CVE-2020-11811 CWE-434 CWE-434 Critical qdPM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-45856) CVE-2023-45856 CWE-434 CWE-434 Critical Qlik Sense Enterprise Auth Bypass (CVE-2023-41266) CVE-2023-41266 CWE-20 CWE-20 High Question2Answer Improper Input Validation Vulnerability (CVE-2017-12775) CVE-2017-12775 CWE-20 CWE-20 High rack-mini-profiler environment variables disclosure CWE-287 CWE-287 Medium Railo administration panel cross-site scripting CWE-80 CWE-80 High Rails application running in development mode CWE-200 CWE-200 Medium Rails Asset Pipeline Directory Traversal Vulnerability CVE-2018-3760 CWE-22 CWE-22 High Rails controller possible sensitive information disclosure CWE-200 CWE-200 Medium Rails Devise authentication password reset CVE-2013-0233 CWE-287 CWE-287 High Rails mass assignment CWE-915 CWE-915 High Rails remote code execution using render :inline CVE-2016-2098 CWE-94 CWE-94 High Ramda Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-42581) CVE-2021-42581 CWE-1321 CWE-1321 Critical RCE in Ivanti Connect Secure and Policy Secure (CVE-2024-21887) CVE-2024-21887 CWE-77 CWE-77 Critical RCE in SQL Server Reporting Services (SSRS) CVE-2020-0618 CWE-78 CWE-78 High RCE with Spring Data Commons CVE-2018-1273 CWE-94 CWE-94 High Reachable SharePoint interface CWE-200 CWE-200 High React Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6341) CVE-2018-6341 CWE-707 CWE-707 Medium Redis Unauthorized Access Vulnerability CWE-200 CWE-200 Medium Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface CVE-2020-2036 CWE-79 CWE-79 High Rejetto HTTP File Server SSTI RCE (CVE-2024-23692) CVE-2024-23692 CWE-1336 CWE-1336 Critical Remote Code Execution (RCE) in Spring Security OAuth CVE-2016-4977 CWE-94 CWE-94 High Remote Code Execution (Spring4Shell) CVE-2022-22965 CWE-94 CWE-94 Critical Remote code execution in bootstrap-sass 3.2.0.3 CVE-2019-10842 CWE-95 CWE-95 High Remote code execution of user-provided local names in Rails CVE-2020-8163 CWE-94 CWE-94 High Remote code execution vulnerability in WordPress Duplicator CWE-98 CWE-98 High Remote File Inclusion CWE-98 CWE-98 Critical Remote File Inclusion (admin/lang.php) (CMS Made Simple) CVE-2005-2846 High Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387) CVE-2024-6387 CWE-362 CWE-362 High Request Smuggling CWE-444 CWE-444 High Resin Application Server Improper Input Validation Vulnerability (CVE-2012-2965) CVE-2012-2965 CWE-20 CWE-20 High Resin Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2012-2968) CVE-2012-2968 CWE-22 CWE-22 Medium Resin Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-44138) CVE-2021-44138 CWE-22 CWE-22 High Resin Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2462) CVE-2008-2462 CWE-707 CWE-707 Medium Resin Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2032) CVE-2010-2032 CWE-707 CWE-707 Medium Resin Application Server Other Vulnerability (CVE-2004-0281) CVE-2004-0281 Medium Resin Application Server Other Vulnerability (CVE-2012-2966) CVE-2012-2966 High Resin Application Server Other Vulnerability (CVE-2012-2967) CVE-2012-2967 High Resin Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2969) CVE-2012-2969 CWE-264 CWE-264 Medium Resin Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2966) CVE-2014-2966 CWE-264 CWE-264 Medium Resource Accessible Without Required Authentication CWE-287 CWE-287 Medium Restlet Framework Deserialization of Untrusted Data Vulnerability (CVE-2013-4271) CVE-2013-4271 CWE-502 CWE-502 High Restlet Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-14868) CVE-2017-14868 CWE-611 CWE-611 High Restlet Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-14949) CVE-2017-14949 CWE-611 CWE-611 High Restlet Framework XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2013-4221) CVE-2013-4221 CWE-91 CWE-91 High RethinkDB administrative interface publicly exposed CWE-200 CWE-200 High Retired hash function in SAML Response CWE-16 CWE-16 Informational reveal.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8127) CVE-2020-8127 CWE-707 CWE-707 Medium reveal.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-0776) CVE-2022-0776 CWE-707 CWE-707 Medium Reverse proxy bypass CVE-2011-3368 CWE-20 CWE-20 Medium Reverse Proxy Detected CWE-16 CWE-16 Informational Reverse proxy misrouting CWE-918 CWE-918 High Reverse proxy misrouting through HTTP/2 pseudo-headers (SSRF) CWE-918 CWE-918 Medium ReviveAdserver 7PK - Security Features Vulnerability (CVE-2016-9470) CVE-2016-9470 Critical ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-5954) CVE-2013-5954 CWE-352 CWE-352 Medium ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9407) CVE-2014-9407 CWE-352 CWE-352 Medium ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7364) CVE-2015-7364 CWE-352 CWE-352 Medium ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7366) CVE-2015-7366 CWE-352 CWE-352 Medium ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9127) CVE-2016-9127 CWE-352 CWE-352 High ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455) CVE-2016-9455 CWE-352 CWE-352 High ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9456) CVE-2016-9456 CWE-352 CWE-352 High ReviveAdserver Deserialization of Untrusted Data Vulnerability (CVE-2017-5830) CVE-2017-5830 CWE-502 CWE-502 Critical ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7368) CVE-2015-7368 CWE-200 CWE-200 Low ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9129) CVE-2016-9129 CWE-200 CWE-200 Medium ReviveAdserver Improper Access Control Vulnerability (CVE-2015-7367) CVE-2015-7367 CWE-284 CWE-284 High 1...157158159160...308 158 / 308
