Vulnerability Name CVE Severity
.NET HTTP Remoting publicly exposed
.NET JSON.NET Deserialization RCE
ACME mini_httpd arbitrary file read CVE-2018-18778
Adminer 4.6.2 file disclosure vulnerability
Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872
Adobe ColdFusion 9 administrative login bypass CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632
Adobe ColdFusion directory traversal CVE-2013-3336
Adobe Experience Manager Misconfiguration CVE-2016-0957
Adobe Flex 3 DOM-based XSS vulnerability CVE-2008-2640
Agentejo Cockpit CMS resetpassword NoSQLi (CVE-2020-35847) CVE-2020-35847
AjaxControlToolkit directory traversal CVE-2015-4670
AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758)
Akeeba backup access control bypass
Alibaba Nacos Authentication Bypass (CVE-2021-29441)
Amazon S3 publicly writable bucket
AngularJS client-side template injection
Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425
Apache ActiveMQ default administrative credentials
Apache Airflow default credentials
Apache Airflow Experimental API Auth Bypass CVE-2020-13927 CVE-2020-13927
Apache Airflow Unauthorized Access Vulnerability
Apache Axis2 administration console weak password
Apache Axis2 xsd local file inclusion
Apache CouchDB JSON Remote Privilege Escalation Vulnerability CVE-2017-12635
Apache Flink jobmanager/logs Path Traversal CVE-2020-17519
Apache Geronimo default administrative credentials
Apache HTTP Server Insecure Path Normalization (CVE-2021-41773, CVE-2021-42013) CVE-2021-42013
Apache HTTP Server mod_proxy SSRF (CVE-2021-40438) CVE-2021-40438
Apache Log4j2 JNDI Remote Code Execution CVE-2021-44228
Apache Log4j2 JNDI Remote Code Execution (404 page handler) CVE-2021-44228
Apache Log4j2 JNDI Remote Code Execution (delayed) CVE-2021-44228
Apache Log4j2 JNDI Remote Code Execution (per folder) CVE-2021-44228
Apache Log4j socket receiver deserialization vulnerability CVE-2017-5645
Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747
Apache OFBiz Log4Shell RCE CVE-2021-44228
Apache OFBiz SOAPService Deserialization RCE CVE-2021-26295
Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496) CVE-2020-9496
Apache REST RCE CVE-2018-11770
Apache Roller OGNL injection CVE-2013-4212
Apache Shiro authentication bypass CVE-2020-17523
Apache Shiro Deserialization RCE CVE-2016-4437
Apache Solr Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192
Apache Solr Log4Shell RCE CVE-2021-44228
Apache solr service exposed
Apache Spark Master Unauthorized Access Vulnerability
Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution CVE-2013-2251
Apache Struts2 remote code execution vulnerability CVE-2016-0785
Apache Struts2 remote command execution (S2-045) CVE-2017-5638
Apache Struts2 Remote Command Execution (S2-048) CVE-2017-9791
Apache Struts2 Remote Command Execution (S2-052) CVE-2017-9805
Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611
Apache Struts Remote Code Execution (S2-057) CVE-2018-11776
Apache Tapestry Unauthenticated RCE (CVE-2019-0195, CVE-2021-27850) CVE-2021-27850
Apache Tapestry weak secret key
Apache Tomcat Information Disclosure CVE-2017-7674 CVE-2017-12616
Apache Tomcat insecure default administrative password
Apache Tomcat JK connector security bypass CVE-2007-1860
Apache Tomcat Remote Code Execution Vulnerability CVE-2017-12615
Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022
Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534
Apache Tomcat version older than 7.0.21 CVE-2011-3190
Apache Tomcat version older than 7.0.23 CVE-2012-0022
Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534
Apache Tomcat version older than 7.0.30 CVE-2012-3439 CVE-2012-3544 CVE-2012-3546
Apache Unomi MVEL RCE (CVE-2020-13942) CVE-2020-13942
AppWeb Authentication Bypass (CVE-2018-8715)
Arbitrary EL Evaluation in RichFaces
Arbitrary file creation
Arbitrary file deletion
Arbitrary File Read in Next.js
Arbitrary local file read via file upload
Argument Injection
ASP.NET connection strings stored in plaintext