Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153) CVE-2020-15153 CWE-138 CWE-138 Critical Apache HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-11984) CVE-2020-11984 CWE-120 CWE-120 Critical Apache HTTP Server CVE-2003-0789 Vulnerability (CVE-2003-0789) CVE-2003-0789 Critical Apache HTTP Server CVE-2005-2700 Vulnerability (CVE-2005-2700) CVE-2005-2700 Critical Apache HTTP Server CVE-2010-0425 Vulnerability (CVE-2010-0425) CVE-2010-0425 Critical Apache HTTP Server Improper Authentication Vulnerability (CVE-2017-3167) CVE-2017-3167 CWE-287 CWE-287 Critical Apache HTTP Server Improper Authentication Vulnerability (CVE-2018-1312) CVE-2018-1312 CWE-287 CWE-287 Critical Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-9788) CVE-2017-9788 CWE-20 CWE-20 Critical Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-41773) CVE-2021-41773 CWE-22 CWE-22 Critical Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-42013) CVE-2021-42013 CWE-22 CWE-22 Critical Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-7679) CVE-2017-7679 CWE-119 CWE-119 Critical Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-36760) CVE-2022-36760 Critical Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-25690) CVE-2023-25690 Critical Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2022-31813) CVE-2022-31813 CWE-345 CWE-345 Critical Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721) CVE-2022-22721 CWE-190 CWE-190 Critical Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-28615) CVE-2022-28615 CWE-190 CWE-190 Critical Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169) CVE-2017-3169 CWE-476 CWE-476 Critical Apache HTTP Server Other Vulnerability (CVE-1999-0067) CVE-1999-0067 Critical Apache HTTP Server Other Vulnerability (CVE-1999-0926) CVE-1999-0926 Critical Apache HTTP Server Other Vulnerability (CVE-1999-1199) CVE-1999-1199 Critical Apache HTTP Server Other Vulnerability (CVE-1999-1293) CVE-1999-1293 Critical Apache HTTP Server Other Vulnerability (CVE-2004-0492) CVE-2004-0492 Critical Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-26691) CVE-2021-26691 CWE-787 CWE-787 Critical Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-39275) CVE-2021-39275 CWE-787 CWE-787 Critical Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-44790) CVE-2021-44790 CWE-787 CWE-787 Critical Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943) CVE-2022-23943 CWE-787 CWE-787 Critical Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438) CVE-2021-40438 CWE-918 CWE-918 Critical Apache HTTP Server Use After Free Vulnerability (CVE-2019-10082) CVE-2019-10082 CWE-416 CWE-416 Critical Apache Log4j2 JNDI Remote Code Execution CVE-2021-44228 CWE-78 CWE-78 Critical Apache Log4j2 JNDI Remote Code Execution (404 page handler) CVE-2021-44228 CWE-78 CWE-78 Critical Apache Log4j2 JNDI Remote Code Execution (delayed) CVE-2021-44228 CWE-78 CWE-78 Critical Apache Log4j2 JNDI Remote Code Execution (per folder) CVE-2021-44228 CWE-78 CWE-78 Critical Apache Log4j socket receiver deserialization vulnerability CVE-2017-5645 CWE-502 CWE-502 Critical Apache Struts2 remote code execution vulnerability CVE-2016-0785 CWE-78 CWE-78 Critical Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611 CWE-94 CWE-94 Critical Apache Tomcat CVE-2016-5018 Vulnerability (CVE-2016-5018) CVE-2016-5018 Critical Apache Tomcat CVE-2017-5651 Vulnerability (CVE-2017-5651) CVE-2017-5651 Critical Apache Tomcat Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-5648) CVE-2017-5648 CWE-668 CWE-668 Critical Apache Tomcat Improper Access Control Vulnerability (CVE-2016-8735) CVE-2016-8735 CWE-284 CWE-284 Critical Apache Tomcat Improper Privilege Management Vulnerability (CVE-2020-1938) CVE-2020-1938 CWE-269 CWE-269 Critical Apache Tomcat Insecure Default Initialization of Resource Vulnerability (CVE-2018-8014) CVE-2018-8014 CWE-1188 CWE-1188 Critical Apache Traffic Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-43082) CVE-2021-43082 CWE-120 CWE-120 Critical Apache Traffic Server CVE-2014-3525 Vulnerability (CVE-2014-3525) CVE-2014-3525 Critical Apache Traffic Server CVE-2015-5168 Vulnerability (CVE-2015-5168) CVE-2015-5168 Critical Apache Traffic Server CVE-2015-5206 Vulnerability (CVE-2015-5206) CVE-2015-5206 Critical Apache Traffic Server Improper Access Control Vulnerability (CVE-2014-3624) CVE-2014-3624 CWE-284 CWE-284 Critical Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3249) CVE-2015-3249 CWE-119 CWE-119 Critical Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-33934) CVE-2023-33934 Critical Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17559) CVE-2019-17559 CWE-444 CWE-444 Critical Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17565) CVE-2019-17565 CWE-444 CWE-444 Critical Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-1944) CVE-2020-1944 CWE-444 CWE-444 Critical Apache Traffic Server Out-of-bounds Write Vulnerability (CVE-2021-35474) CVE-2021-35474 CWE-787 CWE-787 Critical Artifactory CVE-2019-9733 Vulnerability (CVE-2019-9733) CVE-2019-9733 Critical Artifactory Improper Input Validation Vulnerability (CVE-2016-6501) CVE-2016-6501 CWE-20 CWE-20 Critical Artifactory Improper Privilege Management Vulnerability (CVE-2022-0668) CVE-2022-0668 CWE-269 CWE-269 Critical Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971) CVE-2018-19971 CWE-345 CWE-345 Critical Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036) CVE-2016-10036 CWE-434 CWE-434 Critical Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444) CVE-2019-17444 CWE-521 CWE-521 Critical Atlassian Confluence CVE-2012-2926 Vulnerability (CVE-2012-2926) CVE-2012-2926 Critical Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3396) CVE-2019-3396 CWE-22 CWE-22 Critical Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-26084) CVE-2021-26084 CWE-138 CWE-138 Critical Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136) CVE-2022-26136 CWE-180 CWE-180 Critical Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137) CVE-2022-26137 CWE-180 CWE-180 Critical Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-3395) CVE-2019-3395 CWE-918 CWE-918 Critical Atlassian Confluence Unauthenticated Remote Code Execution Vulnerability (CVE-2022-26134) CVE-2022-26134 Critical Atlassian Jira CVE-2012-2926 Vulnerability (CVE-2012-2926) CVE-2012-2926 Critical Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2017-5983) CVE-2017-5983 CWE-502 CWE-502 Critical Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2020-14172) CVE-2020-14172 CWE-502 CWE-502 Critical Atlassian Jira Improper Authentication Vulnerability (CVE-2022-0540) CVE-2022-0540 CWE-287 CWE-287 Critical Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1165) CVE-2010-1165 CWE-94 CWE-94 Critical Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-11581) CVE-2019-11581 CWE-138 CWE-138 Critical Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-20409) CVE-2019-20409 CWE-138 CWE-138 Critical Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136) CVE-2022-26136 CWE-180 CWE-180 Critical Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137) CVE-2022-26137 CWE-180 CWE-180 Critical ATutor Improper Authentication Vulnerability (CVE-2014-9753) CVE-2014-9753 CWE-287 CWE-287 Critical 12345...17 1 / 17
