Vulnerability Name CVE Severity
Undertow CVE-2022-2764 Vulnerability (CVE-2022-2764) CVE-2022-2764
Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492) CVE-2022-4492
Undertow CVE-2023-3223 Vulnerability (CVE-2023-3223) CVE-2023-3223
Undertow Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859) CVE-2021-3859
Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745) CVE-2020-1745
Undertow Improper Input Validation Vulnerability (CVE-2020-1757) CVE-2020-1757
Undertow Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7816) CVE-2014-7816
Undertow Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067) CVE-2018-1067
Undertow Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-10705) CVE-2020-10705
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559) CVE-2017-7559
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165) CVE-2017-12165
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687) CVE-2020-10687
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719) CVE-2020-10719
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-20220) CVE-2021-20220
Undertow Incorrect Authorization Vulnerability (CVE-2017-12196) CVE-2017-12196
Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-3888) CVE-2019-3888
Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212) CVE-2019-10212
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670) CVE-2017-2670
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108) CVE-2023-1108
Undertow Missing Authorization Vulnerability (CVE-2019-10184) CVE-2019-10184
Undertow Unchecked Return Value Vulnerability (CVE-2022-1319) CVE-2022-1319
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888) CVE-2019-14888
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343) CVE-2019-19343
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629) CVE-2021-3629
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690) CVE-2021-3690
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053) CVE-2022-2053
Unfiltered header injection in Apache 1.3.34/2.0.57/2.2.1 CVE-2006-3918
Unicode Transformation (Best-Fit Mapping)
Unprotected Apache NiFi API interface
Unprotected JSON file leaking secrets
Unprotected Kong Gateway Admin API interface
Unprotected phpMyAdmin interface
Unrestricted access to a monitoring system
Unrestricted access to AnythingLLM API CVE-2024-6842
Unrestricted access to Apache HugeGraph
Unrestricted access to Caddy API interface
Unrestricted access to Haproxy Data Plane API
Unrestricted access to ImageResizer Diagnotics plugin
Unrestricted access to Kong Gateway API
Unrestricted access to MLflow
Unrestricted access to NGINX+ API interface (read only)
Unrestricted access to NGINX+ API interface (read write)
Unrestricted access to NGINX+ Dashboard
Unrestricted access to NGINX+ Status module
Unrestricted access to NGINX+ Upstream HTTP interface
Unrestricted access to Odoo DB manager
Unrestricted access to Prometheus
Unrestricted access to Prometheus Metrics
Unrestricted File Upload
Unrestricted file upload vulnerability in ofc_upload_image.php CVE-2009-4140
Unsafe use of Reflection
Unsafe value for session tracking in WEB-INF/web.xml
Unsupported Hash Detected in Content Security Policy (CSP)
Uploadify arbitrary file upload
URL rewrite vulnerability CVE-2018-14773
User-controlled form action
User controllable charset
User controllable script source
User controllable tag parameter
uWSGI Path Traversal vulnerability CVE-2018-7490
uWSGI Unauthorized Access Vulnerability
Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2018-15833) CVE-2018-15833
Vanilla Forums Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000432) CVE-2017-1000432
Vanilla Forums CVE-2013-3528 Vulnerability (CVE-2013-3528) CVE-2013-3528
Vanilla Forums Deserialization of Untrusted Data Vulnerability (CVE-2018-19499) CVE-2018-19499
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3613) CVE-2011-3613
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3812) CVE-2011-3812
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10073) CVE-2016-10073
Vanilla Forums Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18903) CVE-2018-18903
Vanilla Forums Improper Input Validation Vulnerability (CVE-2011-0908) CVE-2011-0908
Vanilla Forums Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9889) CVE-2019-9889
Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0526) CVE-2011-0526
Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0909) CVE-2011-0909
Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1009) CVE-2011-1009
Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9685) CVE-2014-9685