High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Joomla Other Vulnerability (CVE-2007-0374)	CVE-2007-0374		High
Joomla Other Vulnerability (CVE-2007-4184)	CVE-2007-4184		High
Joomla Other Vulnerability (CVE-2013-1453)	CVE-2013-1453		High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4475)	CVE-2006-4475 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4476)	CVE-2006-4476 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)	CVE-2012-1598 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)	CVE-2014-7984 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)	CVE-2016-9837 CWE-264	CWE-264	High
Joomla Session Fixation Vulnerability (CVE-2010-1434)	CVE-2010-1434 CWE-384	CWE-384	High
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)	CVE-2018-11322 CWE-434	CWE-434	High
Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)	CVE-2012-1562 CWE-330	CWE-330	High
jQuery File Upload unauthenticated arbitrary file upload	CVE-2018-9206 CWE-434	CWE-434	High
jQuery Validation Other Vulnerability (CVE-2021-43306)	CVE-2021-43306		High
jQuery Validation Other Vulnerability (CVE-2022-31147)	CVE-2022-31147		High
jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)	CVE-2021-21252 CWE-400	CWE-400	High
JSP authentication bypass	CWE-287	CWE-287	High
jszip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-48285)	CVE-2022-48285 CWE-22	CWE-22	High
Jupyter Notebook publicly accessible	CWE-78	CWE-78	High
JWT Signature Bypass via kid Path Traversal	CWE-287	CWE-287	High
JWT Signature Bypass via kid SQL injection	CWE-287	CWE-287	High
JWT Signature Bypass via None Algorithm	CWE-345	CWE-345	High
JWT Signature Bypass via unvalidated jku parameter	CWE-287	CWE-287	High
JWT Signature Bypass via unvalidated jwk parameter	CWE-287	CWE-287	High
JWT Signature Bypass via unvalidated x5c parameter	CWE-287	CWE-287	High
JWT Signature Bypass via unvalidated x5u parameter	CWE-287	CWE-287	High
JWT Signature is not Verified	CWE-287	CWE-287	High
Kayako Fusion v4.51.1891 - multiple web vulnerabilities	CWE-79	CWE-79	High
Kentico CMS Deserialization RCE	CVE-2019-10068 CWE-502	CWE-502	High
Kentico CMS RCE CVE-2017-17736	CVE-2017-17736 CWE-425	CWE-425	High
Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)	CVE-2021-27306 CWE-863	CWE-863	High
Kong Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)	CVE-2023-44487 CWE-400	CWE-400	High
Laravel log viewer local file download (LFD)	CVE-2018-8947 CWE-22	CWE-22	High
Laravel Terminal open	CWE-200	CWE-200	High
LDAP injection	CWE-20	CWE-20	High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)	CVE-2024-26271 CWE-352	CWE-352	High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)	CVE-2024-26272 CWE-352	CWE-352	High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)	CVE-2024-26273 CWE-352	CWE-352	High
Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266)	CVE-2021-38266		High
Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148)	CVE-2024-25148		High
Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)	CVE-2020-15842 CWE-502	CWE-502	High
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)	CVE-2022-42123 CWE-22	CWE-22	High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)	CVE-2022-42121 CWE-138	CWE-138	High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)	CVE-2023-33945 CWE-138	CWE-138	High
Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)	CVE-2024-25606 CWE-611	CWE-611	High
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002)	CVE-2024-38002 CWE-863	CWE-863	High
Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)	CVE-2022-42124 CWE-1333	CWE-1333	High
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)	CVE-2023-33949 CWE-1188	CWE-1188	High
Liferay DXP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-25607)	CVE-2024-25607 CWE-916	CWE-916	High
Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)	CVE-2020-13445 CWE-138	CWE-138	High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444)	CVE-2019-11444 CWE-138	CWE-138	High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884)	CVE-2020-28884 CWE-138	CWE-138	High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885)	CVE-2020-28885 CWE-138	CWE-138	High
Liferay JSON service API authentication vulnerability	CWE-287	CWE-287	High
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)	CVE-2021-33323 CWE-312	CWE-312	High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)	CVE-2021-33338 CWE-352	CWE-352	High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)	CVE-2023-35030 CWE-352	CWE-352	High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)	CVE-2024-26271 CWE-352	CWE-352	High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)	CVE-2024-26272 CWE-352	CWE-352	High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)	CVE-2024-26273 CWE-352	CWE-352	High
Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)	CVE-2020-15841		High
Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266)	CVE-2021-38266		High
Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148)	CVE-2024-25148		High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)	CVE-2019-16891 CWE-502	CWE-502	High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)	CVE-2020-15842 CWE-502	CWE-502	High
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)	CVE-2021-29047 CWE-287	CWE-287	High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981)	CVE-2022-28981 CWE-22	CWE-22	High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)	CVE-2022-42123 CWE-22	CWE-22	High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125)	CVE-2022-42125 CWE-22	CWE-22	High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-29053)	CVE-2021-29053 CWE-138	CWE-138	High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)	CVE-2022-42121 CWE-138	CWE-138	High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)	CVE-2023-33945 CWE-138	CWE-138	High
Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)	CVE-2024-25606 CWE-611	CWE-611	High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2021-33335)	CVE-2021-33335 CWE-863	CWE-863	High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002)	CVE-2024-38002 CWE-863	CWE-863	High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)	CVE-2022-42124 CWE-1333	CWE-1333	High

Joomla Other Vulnerability (CVE-2007-0374)

CVE-2007-0374

High

Joomla Other Vulnerability (CVE-2007-4184)

CVE-2007-4184

High

Joomla Other Vulnerability (CVE-2013-1453)

CVE-2013-1453

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4475)

CVE-2006-4475

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4476)

CVE-2006-4476

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)

CVE-2012-1598

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)

CVE-2014-7984

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)

CVE-2016-9837

CWE-264

High

Joomla Session Fixation Vulnerability (CVE-2010-1434)

CVE-2010-1434

CWE-384

High

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)

CVE-2018-11322

CWE-434

High

Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)

CVE-2012-1562

CWE-330

High

jQuery File Upload unauthenticated arbitrary file upload

CVE-2018-9206

CWE-434

High

jQuery Validation Other Vulnerability (CVE-2021-43306)

CVE-2021-43306

High

jQuery Validation Other Vulnerability (CVE-2022-31147)

CVE-2022-31147

High

jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)

CVE-2021-21252

CWE-400

High

JSP authentication bypass

CWE-287

High

jszip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-48285)

CVE-2022-48285

CWE-22

High

Jupyter Notebook publicly accessible

CWE-78

High

JWT Signature Bypass via kid Path Traversal

CWE-287

High

JWT Signature Bypass via kid SQL injection

CWE-287

High

JWT Signature Bypass via None Algorithm

CWE-345

High

JWT Signature Bypass via unvalidated jku parameter

CWE-287

High

JWT Signature Bypass via unvalidated jwk parameter

CWE-287

High

JWT Signature Bypass via unvalidated x5c parameter

CWE-287

High

JWT Signature Bypass via unvalidated x5u parameter

CWE-287

High

JWT Signature is not Verified

CWE-287

High

Kayako Fusion v4.51.1891 - multiple web vulnerabilities

CWE-79

High

Kentico CMS Deserialization RCE

CVE-2019-10068

CWE-502

High

Kentico CMS RCE CVE-2017-17736

CVE-2017-17736

CWE-425

High

Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)

CVE-2021-27306

CWE-863

High

Kong Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

CVE-2023-44487

CWE-400

High

Laravel log viewer local file download (LFD)

CVE-2018-8947

CWE-22

High

Laravel Terminal open

CWE-200

High

LDAP injection

CWE-20

High

Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)

CVE-2024-26271

CWE-352

High

Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)

CVE-2024-26272

CWE-352

High

Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)

CVE-2024-26273

CWE-352

High

Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266)

CVE-2021-38266

High

Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148)

CVE-2024-25148

High

Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)

CVE-2020-15842

CWE-502

High

Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)

CVE-2022-42123

CWE-22

High

Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)

CVE-2022-42121

CWE-138

High

Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)

CVE-2023-33945

CWE-138

High

Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)

CVE-2024-25606

CWE-611

High

Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002)

CVE-2024-38002

CWE-863

High

Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)

CVE-2022-42124

CWE-1333

High

Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)

CVE-2023-33949

CWE-1188

High

Liferay DXP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-25607)

CVE-2024-25607

CWE-916

High

Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)

CVE-2020-13445

CWE-138

High

Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444)

CVE-2019-11444

CWE-138

High

Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884)

CVE-2020-28884

CWE-138

High

Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885)

CVE-2020-28885

CWE-138

High

Liferay JSON service API authentication vulnerability

CWE-287

High

Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)

CVE-2021-33323

CWE-312

High

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)

CVE-2021-33338

CWE-352

High

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)

CVE-2023-35030

CWE-352

High

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)

CVE-2024-26271

CWE-352

High

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)

CVE-2024-26272

CWE-352

High

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)

CVE-2024-26273

CWE-352

High

Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)

CVE-2020-15841

High

Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266)

CVE-2021-38266

High

Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148)

CVE-2024-25148

High

Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)

CVE-2019-16891

CWE-502

High

Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)

CVE-2020-15842

CWE-502

High

Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)

CVE-2021-29047

CWE-287

High

Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981)

CVE-2022-28981

CWE-22

High

Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)

CVE-2022-42123

CWE-22

High

Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125)

CVE-2022-42125

CWE-22

High

Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-29053)

CVE-2021-29053

CWE-138

High

Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)

CVE-2022-42121

CWE-138

High

Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)

CVE-2023-33945

CWE-138

High

Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)

CVE-2024-25606

CWE-611

High

Liferay Portal Incorrect Authorization Vulnerability (CVE-2021-33335)

CVE-2021-33335

CWE-863

High

Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002)

CVE-2024-38002

CWE-863

High

Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)

CVE-2022-42124

CWE-1333

High

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities