Vulnerability Name CVE Severity
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8743) CVE-2017-8743
SharePoint Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-42309) CVE-2021-42309
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2008-4019) CVE-2008-4019
SharePoint Interpretation Conflict Vulnerability (CVE-2021-28474) CVE-2021-28474
SharePoint NULL Pointer Dereference Vulnerability (CVE-2020-1069) CVE-2020-1069
SharePoint Origin Validation Error Vulnerability (CVE-2019-1442) CVE-2019-1442
SharePoint Origin Validation Error Vulnerability (CVE-2020-16951) CVE-2020-16951
SharePoint Origin Validation Error Vulnerability (CVE-2020-16952) CVE-2020-16952
SharePoint Other Vulnerability (CVE-2014-6357) CVE-2014-6357
SharePoint Other Vulnerability (CVE-2015-0085) CVE-2015-0085
SharePoint Other Vulnerability (CVE-2020-1147) CVE-2020-1147
SharePoint Out-of-bounds Read Vulnerability (CVE-2020-1342) CVE-2020-1342
SharePoint Out-of-bounds Write Vulnerability (CVE-2012-2539) CVE-2012-2539
SharePoint Out-of-bounds Write Vulnerability (CVE-2014-1761) CVE-2014-1761
SharePoint Out-of-bounds Write Vulnerability (CVE-2018-0792) CVE-2018-0792
SharePoint Out-of-bounds Write Vulnerability (CVE-2021-1715) CVE-2021-1715
SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1860) CVE-2012-1860
SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1290) CVE-2013-1290
SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3895) CVE-2013-3895
SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2816) CVE-2014-2816
SharePoint Reflected Cross-Site Scripting (CVE-2017-8514) CVE-2017-8514
SharePoint Resource Management Errors Vulnerability (CVE-2008-3006) CVE-2008-3006
SharePoint Resource Management Errors Vulnerability (CVE-2015-0064) CVE-2015-0064
SharePoint Resource Management Errors Vulnerability (CVE-2015-0086) CVE-2015-0086
SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-31950) CVE-2021-31950
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-1443) CVE-2019-1443
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0920) CVE-2020-0920
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0929) CVE-2020-0929
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0931) CVE-2020-0931
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0932) CVE-2020-0932
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0971) CVE-2020-0971
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0974) CVE-2020-0974
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1023) CVE-2020-1023
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1024) CVE-2020-1024
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1102) CVE-2020-1102
SharePoint URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1323) CVE-2020-1323
SharePoint user enumeration
SimpleHelp Path Traversal (CVE-2024-57727) CVE-2024-57727 CVE-2024-57726 CVE-2024-57728
Sitecore Arbitrary File Read (CVE-2024-46938) CVE-2024-46938
Sitecore XM/XP Insecure Deserialization (CVE-2025-27218) CVE-2025-27218
Sitecore XP Deserialization RCE (CVE-2021-42237) CVE-2021-42237
Sitecore XP TemplateParser RCE (CVE-2023-35813) CVE-2023-35813
Skipper Incorrect Authorization Vulnerability (CVE-2022-34296) CVE-2022-34296
Skipper Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-38580) CVE-2022-38580
Skype for Business SSRF (CVE-2023-41763) CVE-2023-41763
Snoop Servlet information disclosure
SOAP WS-Addressing SSRF
SolarWinds Orion API Auth bypass (CVE-2020-10148) CVE-2020-10148
SolarWinds Serv-U Directory Traversal (CVE-2024-28995) CVE-2024-28995
SolarWinds Web Help Desk Hardcoded Credential (CVE-2024-28987) CVE-2024-28987
SolarWinds Web Help Desk RCE (CVE-2024-28986) CVE-2024-28986
SonarQube default credentials
Sonicwall SMA 100 Unintended proxy (CVE-2021-20042) CVE-2021-20042
SonicWall SSL-VPN 8.0.0.0 RCE via ShellShock exploit
Source Code Disclosure
Source Code Disclosure (Node.js)
Source Code Disclosure (Python)
spring-boot-actuator-logview Path Traversal CVE-2021-21234
Spring Boot Actuator
Spring Boot Actuator v2
Spring Boot Misconfiguration: Actuator endpoint security disabled
Spring Boot Misconfiguration: Admin MBean enabled
Spring Boot Misconfiguration: All Spring Boot Actuator endpoints are web exposed
Spring Boot Misconfiguration: Datasource credentials stored in the properties file
Spring Boot Misconfiguration: Developer tools enabled on production
Spring Boot Misconfiguration: H2 console enabled
Spring Boot Misconfiguration: MongoDB credentials stored in the properties file
Spring Boot Misconfiguration: Overly long session timeout
Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed
Spring Boot Misconfiguration: Unsafe value for session tracking
Spring Boot Whitelabel Error Page SpEL
Spring Cloud Gateway Improper Certificate Validation Vulnerability (CVE-2022-22946) CVE-2022-22946
Spring Cloud Gateway Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-22947) CVE-2022-22947
Spring Cloud Gateway Incorrect Authorization Vulnerability (CVE-2021-22051) CVE-2021-22051
Spring Data REST RCE via PATCH requests CVE-2017-8046