Vulnerability Name CVE Severity
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-27152) CVE-2025-27152
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-42038) CVE-2026-42038
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-44492) CVE-2026-44492
axios Uncontrolled Recursion Vulnerability (CVE-2026-42039) CVE-2026-42039
axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749) CVE-2021-3749
axios Uncontrolled Resource Consumption Vulnerability (CVE-2026-39865) CVE-2026-39865
axios Uncontrolled Resource Consumption Vulnerability (CVE-2026-44496) CVE-2026-44496
axios Unintended Proxy or Intermediary ('Confused Deputy') Vulnerability (CVE-2025-62718) CVE-2025-62718
axios Unintended Proxy or Intermediary ('Confused Deputy') Vulnerability (CVE-2026-44494) CVE-2026-44494
Axis development mode enabled in WEB-INF/server-config.wsdd
Axis system configuration listing enabled in WEB-INF/server-config.wsdd
Axway Secure Transport Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-14277) CVE-2019-14277
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479) CVE-2016-9479
b2evolution Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-7352) CVE-2013-7352
b2evolution Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3709) CVE-2011-3709
b2evolution Improper Input Validation Vulnerability (CVE-2017-1000423) CVE-2017-1000423
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480) CVE-2017-5480
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5539) CVE-2017-5539
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0175) CVE-2007-0175
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5911) CVE-2012-5911
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9599) CVE-2014-9599
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7149) CVE-2016-7149
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7150) CVE-2016-7150
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5494) CVE-2017-5494
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5553) CVE-2017-5553
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22841) CVE-2020-22841
b2evolution Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-8901) CVE-2016-8901
b2evolution Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-28242) CVE-2021-28242
b2evolution Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5910) CVE-2012-5910
b2evolution Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-2945) CVE-2013-2945
b2evolution Other Vulnerability (CVE-2006-6197) CVE-2006-6197
b2evolution Other Vulnerability (CVE-2006-6417) CVE-2006-6417
b2evolution Other Vulnerability (CVE-2007-2358) CVE-2007-2358
b2evolution Other Vulnerability (CVE-2007-2681) CVE-2007-2681
b2evolution URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-22840) CVE-2020-22840
b2evolution Use of Insufficiently Random Values Vulnerability (CVE-2022-30935) CVE-2022-30935
Backbone.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10537) CVE-2016-10537
Barracuda networks products multiple directory traversal vulnerabilities
Bash code injection vulnerability CVE-2014-6271
Basic authentication over HTTP
Bazaar repository found
Beego Framework CVE-2021-30080 Vulnerability (CVE-2021-30080) CVE-2021-30080
Beego Framework CVE-2022-31259 Vulnerability (CVE-2022-31259) CVE-2022-31259
Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464) CVE-2024-40464
Beego Framework Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-31836) CVE-2022-31836
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116) CVE-2021-27116
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117) CVE-2021-27117
Beego Framework Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39391) CVE-2021-39391
Beego Framework Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-30223) CVE-2025-30223
Beego Framework Incorrect Default Permissions Vulnerability (CVE-2019-16355) CVE-2019-16355
Beego Framework Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-16354) CVE-2019-16354
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465) CVE-2024-40465
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-55885) CVE-2024-55885
BeyondTrust Secure Remote Access Base XSS (CVE-2021-31589) CVE-2021-31589
BigIP iRule Tcl code injection
BillQuick Web Suite SQL injection (CVE-2021-42258) CVE-2021-42258
Bitrix galleries_recalc.php XSS
Bitrix open redirect
Bitrix server test script publicly accessible
Blind XSS
Bonita Authorization Bypass (CVE-2022-25237) CVE-2022-25237
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10735) CVE-2016-10735
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14040) CVE-2018-14040
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14041) CVE-2018-14041
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14042) CVE-2018-14042
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20676) CVE-2018-20676
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20677) CVE-2018-20677
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8331) CVE-2019-8331
Bootstrap Select Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20921) CVE-2019-20921
Bootstrap Table Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2021-23472) CVE-2021-23472
Bootstrap Table Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1726) CVE-2022-1726
BottlePy weak secret key
Broken access control in Confluence Server and Data Center (CVE-2023-22515) CVE-2023-22515
Broken Link Hijacking
Broken Object Property Level Authorization (Mass Assignment)