Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Handlebars CVE-2021-23369 Vulnerability (CVE-2021-23369) CVE-2021-23369 Critical Handlebars Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2026-33939) CVE-2026-33939 CWE-754 CWE-754 High Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-20920) CVE-2019-20920 CWE-94 CWE-94 High Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-33937) CVE-2026-33937 CWE-94 CWE-94 Critical Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-33938) CVE-2026-33938 CWE-94 CWE-94 High Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-33940) CVE-2026-33940 CWE-94 CWE-94 High Handlebars Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8861) CVE-2015-8861 CWE-707 CWE-707 Medium Handlebars Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-33916) CVE-2026-33916 CWE-707 CWE-707 Medium Handlebars Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-33941) CVE-2026-33941 CWE-707 CWE-707 High Handlebars Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-19919) CVE-2019-19919 CWE-138 CWE-138 Critical Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922) CVE-2019-20922 CWE-835 CWE-835 High Handlebars Other Vulnerability (CVE-2021-23383) CVE-2021-23383 Critical Harbor Unauthorized Access Vulnerability CVE-2022-46463 CWE-200 CWE-200 High Hashicorp Consul API is accessible without authentication CWE-200 CWE-200 Medium Hasura GraphQL API without authentication CWE-200 CWE-200 Medium Hesk Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3743) CVE-2011-3743 CWE-200 CWE-200 Medium Hesk Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5287) CVE-2011-5287 CWE-707 CWE-707 Medium Hesk Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13897) CVE-2020-13897 CWE-707 CWE-707 Medium Hiawatha CVE-2025-57783 Vulnerability (CVE-2025-57783) CVE-2025-57783 Medium Hiawatha CVE-2025-57784 Vulnerability (CVE-2025-57784) CVE-2025-57784 Low Hiawatha Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8358) CVE-2019-8358 CWE-22 CWE-22 High Hibernate Query Language (HQL) Injection CWE-564 CWE-564 High Highcharts JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29489) CVE-2021-29489 CWE-707 CWE-707 Medium Highcharts JS Incorrect Regular Expression Vulnerability (CVE-2018-20801) CVE-2018-20801 CWE-185 CWE-185 High HipChat for JIRA plugin - Velocity template injection CVE-2015-5603 CWE-94 CWE-94 High Horde/IMP Plesk webmail exploit CWE-20 CWE-20 High Horde Imp Unauthenticated Remote Command Execution CVE-2018-19518 CWE-94 CWE-94 High Horde remote code execution CVE-2014-1691 CWE-94 CWE-94 High Horizontal Broken Function Level Authorization (BFLA) CWE-639 CWE-639 High Horizontal IDOR/BOLA (Broken Object Level Authorization) CWE-639 CWE-639 High Host header attack CWE-20 CWE-20 Medium Hostile subdomain takeover CWE-346 CWE-346 Medium HSQLDB CVE-2022-41853 Vulnerability (CVE-2022-41853) CVE-2022-41853 Critical HTML Attribute Injection CWE-80 CWE-80 Low HTML Form found in redirect page CWE-287 CWE-287 Low HTML Injection CWE-80 CWE-80 Medium HTML Injection (requiring unencoded tag delimiter) CWE-80 CWE-80 Informational HTTP.sys remote code execution vulnerability CVE-2015-1635 CWE-119 CWE-119 High HTTP/2 pseudo-header server side request forgery CWE-918 CWE-918 High HTTP Header Injection CWE-113 CWE-113 Medium HTTP header reflected in cached response CWE-200 CWE-79 CWE-200 CWE-79 Medium Httpoxy vulnerability CWE-918 CWE-918 Medium HTTP parameter pollution CWE-88 CWE-88 Medium Http redirect security bypass CWE-20 CWE-20 High HTTP response splitting with cloud storage CWE-113 CWE-113 Medium HTTPS connection uses outdated TLS version CWE-327 CWE-327 Medium HTTPS connection with weak key length CWE-326 CWE-326 Medium HTTP Strict Transport Security (HSTS) Errors and Warnings CWE-1428 CWE-319 CWE-1428 CWE-319 Informational HTTP Strict Transport Security (HSTS) Policy Not Enabled CWE-319 CWE-1428 CWE-319 CWE-1428 Medium HTTP verb tampering via POST CWE-285 CWE-285 High IBM Aspera Faspex RCE (CVE-2022-47986) CVE-2022-47986 CWE-502 CWE-502 Critical IBMHttpServer CVE-2010-0425 Vulnerability (CVE-2010-0425) CVE-2010-0425 Critical IBMHttpServer CVE-2012-5955 Vulnerability (CVE-2012-5955) CVE-2012-5955 Critical IBMHttpServer Expired Pointer Dereference Vulnerability (CVE-2026-8854) CVE-2026-8854 CWE-825 CWE-825 High IBMHttpServer Heap-based Buffer Overflow Vulnerability (CVE-2026-8834) CVE-2026-8834 CWE-122 CWE-122 High IBMHttpServer Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-8855) CVE-2026-8855 CWE-94 CWE-94 Critical IBMHttpServer Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-9170) CVE-2026-9170 CWE-94 CWE-94 High IBMHttpServer Improper Input Validation Vulnerability (CVE-2023-26281) CVE-2023-26281 CWE-20 CWE-20 High IBMHttpServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1360) CVE-2011-1360 CWE-707 CWE-707 Medium IBMHttpServer Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-4947) CVE-2015-4947 CWE-119 CWE-119 Critical IBMHttpServer NULL Pointer Dereference Vulnerability (CVE-2026-8850) CVE-2026-8850 CWE-476 CWE-476 High IBMHttpServer Observable Discrepancy Vulnerability (CVE-2023-32342) CVE-2023-32342 CWE-203 CWE-203 High IBMHttpServer Other Vulnerability (CVE-2000-0505) CVE-2000-0505 Medium IBMHttpServer Other Vulnerability (CVE-2000-1168) CVE-2000-1168 High IBMHttpServer Other Vulnerability (CVE-2001-0122) CVE-2001-0122 Medium IBMHttpServer Other Vulnerability (CVE-2002-1822) CVE-2002-1822 Medium IBMHttpServer Other Vulnerability (CVE-2004-0263) CVE-2004-0263 Medium IBMHttpServer Other Vulnerability (CVE-2004-0492) CVE-2004-0492 Critical IBMHttpServer Other Vulnerability (CVE-2004-0493) CVE-2004-0493 Medium IBMHttpServer Other Vulnerability (CVE-2004-1082) CVE-2004-1082 High IBMHttpServer Other Vulnerability (CVE-2006-3918) CVE-2006-3918 Medium IBMHttpServer Reachable Assertion Vulnerability (CVE-2026-8852) CVE-2026-8852 CWE-617 CWE-617 High IBMHttpServer Uncontrolled Resource Consumption Vulnerability (CVE-2026-8856) CVE-2026-8856 CWE-400 CWE-400 Critical IBMHttpServer Untrusted Pointer Dereference Vulnerability (CVE-2026-8835) CVE-2026-8835 CWE-822 CWE-822 High IBM Lotus Domino web server Cross-Site Scripting vulnerabilities CVE-2012-3301 CVE-2012-3302 CWE-79 CWE-79 High 1...45464748...327 46 / 327
