Severity High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity .NET HTTP Remoting publicly exposed CWE-502 CWE-502 High .NET JSON.NET Deserialization RCE CWE-502 CWE-502 High ACME mini_httpd arbitrary file read CVE-2018-18778 CWE-23 CWE-23 High Adminer 4.6.2 file disclosure vulnerability CWE-22 CWE-22 High Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872 CWE-79 CWE-79 High Adobe ColdFusion 9 administrative login bypass CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632 CWE-287 CWE-287 High Adobe ColdFusion directory traversal CVE-2013-3336 CWE-22 CWE-22 High Adobe Experience Manager Misconfiguration CVE-2016-0957 CWE-693 CWE-693 High Adobe Flex 3 DOM-based XSS vulnerability CVE-2008-2640 CWE-79 CWE-79 High Agentejo Cockpit CMS resetpassword NoSQLi (CVE-2020-35847) CVE-2020-35847 CWE-89 CWE-89 High AjaxControlToolkit directory traversal CVE-2015-4670 CWE-434 CWE-434 High Akeeba backup access control bypass CWE-287 CWE-287 High Alibaba Nacos Authentication Bypass (CVE-2021-29441) CWE-287 CWE-287 High Amazon S3 publicly writable bucket CWE-264 CWE-264 High AngularJS client-side template injection CWE-79 CWE-79 High Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425 CWE-20 CWE-20 High Apache ActiveMQ default administrative credentials High Apache Airflow default credentials CWE-798 CWE-798 High Apache Airflow Experimental API Auth Bypass CVE-2020-13927 CVE-2020-13927 CWE-200 CWE-200 High Apache Airflow Unauthorized Access Vulnerability CWE-200 CWE-200 High Apache Axis2 administration console weak password CWE-200 CWE-200 High Apache Axis2 xsd local file inclusion CWE-22 CWE-22 High Apache CouchDB JSON Remote Privilege Escalation Vulnerability CVE-2017-12635 CWE-285 CWE-285 High Apache Flink jobmanager/logs Path Traversal CVE-2020-17519 CWE-22 CWE-22 High Apache Geronimo default administrative credentials CWE-693 CWE-693 High Apache HTTP Server Insecure Path Normalization (CVE-2021-41773, CVE-2021-42013) CVE-2021-42013 CWE-22 CWE-22 High Apache HTTP Server mod_proxy SSRF (CVE-2021-40438) CVE-2021-40438 CWE-918 CWE-918 High Apache Log4j2 JNDI Remote Code Execution CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (404 page handler) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (delayed) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (per folder) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j socket receiver deserialization vulnerability CVE-2017-5645 CWE-502 CWE-502 High Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747 CWE-189 CWE-189 High Apache OFBiz Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High Apache OFBiz SOAPService Deserialization RCE CVE-2021-26295 CWE-502 CWE-502 High Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496) CVE-2020-9496 CWE-502 CWE-502 High Apache REST RCE CVE-2018-11770 CWE-94 CWE-94 High Apache Roller OGNL injection CVE-2013-4212 CWE-20 CWE-20 High Apache Shiro authentication bypass CVE-2020-17523 CWE-287 CWE-287 High Apache Shiro Deserialization RCE CVE-2016-4437 CWE-78 CWE-78 High Apache Solr Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192 High Apache Solr Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High Apache solr service exposed CWE-200 CWE-200 High Apache Spark Master Unauthorized Access Vulnerability CWE-200 CWE-200 High Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701 CWE-701 High Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050 CWE-701 CWE-701 High Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution CVE-2013-2251 CWE-20 CWE-20 High Apache Struts2 remote code execution vulnerability CVE-2016-0785 CWE-78 CWE-78 High Apache Struts2 remote command execution (S2-045) CVE-2017-5638 CWE-94 CWE-94 High Apache Struts2 Remote Command Execution (S2-048) CVE-2017-9791 CWE-94 CWE-94 High Apache Struts2 Remote Command Execution (S2-052) CVE-2017-9805 CWE-94 CWE-94 High Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611 CWE-94 CWE-94 High Apache Struts Remote Code Execution (S2-057) CVE-2018-11776 CWE-917 CWE-917 High Apache Tapestry Unauthenticated RCE (CVE-2019-0195, CVE-2021-27850) CVE-2021-27850 CWE-200 CWE-200 High Apache Tapestry weak secret key CWE-693 CWE-693 High Apache Tomcat Information Disclosure CVE-2017-7674 CVE-2017-12616 CWE-200 CWE-200 High Apache Tomcat insecure default administrative password CWE-284 CWE-284 High Apache Tomcat JK connector security bypass CVE-2007-1860 CWE-200 CWE-200 High Apache Tomcat Remote Code Execution Vulnerability CVE-2017-12615 CWE-94 CWE-94 High Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 CWE-264 CWE-264 High Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CWE-20 CWE-20 High Apache Tomcat version older than 7.0.21 CVE-2011-3190 CWE-264 CWE-264 High Apache Tomcat version older than 7.0.23 CVE-2012-0022 CWE-189 CWE-189 High Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534 CWE-20 CWE-20 High Apache Tomcat version older than 7.0.30 CVE-2012-3439 CVE-2012-3544 CVE-2012-3546 CWE-20 CWE-20 High Apache Unomi MVEL RCE (CVE-2020-13942) CVE-2020-13942 CWE-20 CWE-20 High AppWeb Authentication Bypass (CVE-2018-8715) CWE-287 CWE-287 High Arbitrary EL Evaluation in RichFaces CWE-917 CWE-917 High Arbitrary file creation CWE-20 CWE-20 High Arbitrary file deletion CWE-20 CWE-20 High Arbitrary File Read in Next.js CWE-22 CWE-22 High Arbitrary local file read via file upload CWE-200 CWE-200 High Argument Injection CWE-88 CWE-88 High ASP code injection CWE-95 CWE-95 High Atlassian Confluence information disclosure CVE-2017-7415 High 12345...112 1 / 112
