Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-20220) CVE-2021-20220 CWE-444 CWE-444 Medium Undertow Incorrect Authorization Vulnerability (CVE-2017-12196) CVE-2017-12196 CWE-863 CWE-863 Medium Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-3888) CVE-2019-3888 CWE-532 CWE-532 Critical Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212) CVE-2019-10212 CWE-532 CWE-532 Critical Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670) CVE-2017-2670 CWE-835 CWE-835 High Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108) CVE-2023-1108 CWE-835 CWE-835 High Undertow Missing Authorization Vulnerability (CVE-2019-10184) CVE-2019-10184 CWE-862 CWE-862 High Undertow Unchecked Return Value Vulnerability (CVE-2022-1319) CVE-2022-1319 CWE-252 CWE-252 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888) CVE-2019-14888 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343) CVE-2019-19343 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629) CVE-2021-3629 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690) CVE-2021-3690 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053) CVE-2022-2053 CWE-400 CWE-400 High Unfiltered header injection in Apache 1.3.34/2.0.57/2.2.1 CVE-2006-3918 CWE-79 CWE-79 Low Unicode Transformation (Best-Fit Mapping) CWE-176 CWE-176 Medium Unprotected Apache NiFi API interface CWE-287 CWE-287 Medium Unprotected JSON file leaking secrets CWE-200 CWE-200 Medium Unprotected Kong Gateway Admin API interface CWE-287 CWE-287 Medium Unprotected phpMyAdmin interface CWE-205 CWE-205 High Unrestricted access to a monitoring system CWE-200 CWE-200 Low Unrestricted access to AnythingLLM API CVE-2024-6842 CWE-200 CWE-200 Medium Unrestricted access to Apache HugeGraph CWE-200 CWE-200 Critical Unrestricted access to Caddy API interface CWE-200 CWE-200 High Unrestricted access to Haproxy Data Plane API CWE-200 CWE-200 High Unrestricted access to ImageResizer Diagnotics plugin CWE-200 CWE-200 Low Unrestricted access to Kong Gateway API CWE-200 CWE-200 High Unrestricted access to MLflow CWE-200 CWE-200 Medium Unrestricted access to NGINX+ API interface (read only) CWE-200 CWE-200 Medium Unrestricted access to NGINX+ API interface (read write) CWE-200 CWE-200 High Unrestricted access to NGINX+ Dashboard CWE-200 CWE-200 Medium Unrestricted access to NGINX+ Status module CWE-200 CWE-200 Low Unrestricted access to NGINX+ Upstream HTTP interface CWE-200 CWE-200 Medium Unrestricted access to Odoo DB manager CWE-200 CWE-200 High Unrestricted access to Prometheus CWE-200 CWE-200 Low Unrestricted access to Prometheus Metrics CWE-200 CWE-200 Low Unrestricted File Upload CWE-434 CWE-434 High Unrestricted file upload vulnerability in ofc_upload_image.php CVE-2009-4140 CWE-434 CWE-434 High Unsafe use of Reflection CWE-470 CWE-470 High Unsafe value for session tracking in WEB-INF/web.xml CWE-16 CWE-16 Medium Unsupported Hash Detected in Content Security Policy (CSP) CWE-16 CWE-16 Informational Unvalidated JWT jku parameter CWE-287 CWE-287 High Unvalidated JWT x5u parameter CWE-287 CWE-287 High Uploadify arbitrary file upload CWE-434 CWE-434 High URL rewrite vulnerability CVE-2018-14773 CWE-436 CWE-436 Medium User-controlled form action CWE-20 CWE-20 Medium User controllable charset CWE-20 CWE-20 Medium User controllable script source CWE-79 CWE-79 High User controllable tag parameter CWE-79 CWE-79 Medium uWSGI Path Traversal vulnerability CVE-2018-7490 CWE-22 CWE-22 High uWSGI Unauthorized Access Vulnerability CWE-78 CWE-78 High Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2018-15833) CVE-2018-15833 CWE-639 CWE-639 Medium Vanilla Forums Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000432) CVE-2017-1000432 CWE-352 CWE-352 High Vanilla Forums CVE-2013-3528 Vulnerability (CVE-2013-3528) CVE-2013-3528 High Vanilla Forums Deserialization of Untrusted Data Vulnerability (CVE-2018-19499) CVE-2018-19499 CWE-502 CWE-502 High Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3613) CVE-2011-3613 CWE-200 CWE-200 High Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3812) CVE-2011-3812 CWE-200 CWE-200 Medium Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10073) CVE-2016-10073 CWE-200 CWE-200 High Vanilla Forums Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18903) CVE-2018-18903 CWE-94 CWE-94 Critical Vanilla Forums Improper Input Validation Vulnerability (CVE-2011-0908) CVE-2011-0908 CWE-20 CWE-20 Medium Vanilla Forums Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9889) CVE-2019-9889 CWE-22 CWE-22 Low Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0526) CVE-2011-0526 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0909) CVE-2011-0909 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1009) CVE-2011-1009 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9685) CVE-2014-9685 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17571) CVE-2018-17571 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8279) CVE-2019-8279 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8825) CVE-2020-8825 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3527) CVE-2013-3527 CWE-138 CWE-138 High Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16410) CVE-2018-16410 CWE-138 CWE-138 Medium Vanilla Forums Other Vulnerability (CVE-2011-0910) CVE-2011-0910 Medium Vanilla Forums Other Vulnerability (CVE-2011-3614) CVE-2011-3614 Critical Vanilla Forums Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4954) CVE-2012-4954 CWE-264 CWE-264 Low Varnish Cache Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4484) CVE-2013-4484 CWE-119 CWE-119 Medium Varnish Cache Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8807) CVE-2017-8807 CWE-119 CWE-119 Critical Varnish Cache Integer Overflow or Wraparound Vulnerability (CVE-2017-12425) CVE-2017-12425 CWE-190 CWE-190 High 1...177178179180...307 178 / 307
