Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity JWT Signature is not Verified CWE-287 CWE-287 High Kayako Fusion v4.51.1891 - multiple web vulnerabilities CWE-79 CWE-79 High Kentico CMS Deserialization RCE CVE-2019-10068 CWE-502 CWE-502 High Kentico CMS RCE CVE-2017-17736 CVE-2017-17736 CWE-425 CWE-425 High Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306) CVE-2021-27306 CWE-863 CWE-863 High Kong Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487) CVE-2023-44487 CWE-400 CWE-400 High Laravel log viewer local file download (LFD) CVE-2018-8947 CWE-22 CWE-22 High Laravel Terminal open CWE-200 CWE-200 High LDAP injection CWE-20 CWE-20 High Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43790) CVE-2025-43790 CWE-639 CWE-639 High Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271) CVE-2024-26271 CWE-352 CWE-352 High Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272) CVE-2024-26272 CWE-352 CWE-352 High Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273) CVE-2024-26273 CWE-352 CWE-352 High Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266) CVE-2021-38266 High Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148) CVE-2024-25148 High Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842) CVE-2020-15842 CWE-502 CWE-502 High Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123) CVE-2022-42123 CWE-22 CWE-22 High Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-43813) CVE-2025-43813 CWE-22 CWE-22 High Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-62254) CVE-2025-62254 CWE-22 CWE-22 High Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121) CVE-2022-42121 CWE-138 CWE-138 High Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945) CVE-2023-33945 CWE-138 CWE-138 High Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606) CVE-2024-25606 CWE-611 CWE-611 High Liferay DXP Improper Validation of Specified Quantity in Input Vulnerability (CVE-2025-43793) CVE-2025-43793 CWE-1284 CWE-1284 High Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002) CVE-2024-38002 CWE-863 CWE-863 High Liferay DXP Incorrect Authorization Vulnerability (CVE-2025-3586) CVE-2025-3586 CWE-863 CWE-863 High Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124) CVE-2022-42124 CWE-1333 CWE-1333 High Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949) CVE-2023-33949 CWE-1188 CWE-1188 High Liferay DXP Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43768) CVE-2025-43768 CWE-201 CWE-201 High Liferay DXP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-43816) CVE-2025-43816 CWE-401 CWE-401 High Liferay DXP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-4581) CVE-2025-4581 CWE-918 CWE-918 High Liferay DXP Unchecked Input for Loop Condition Vulnerability (CVE-2025-43801) CVE-2025-43801 CWE-606 CWE-606 High Liferay DXP Uncontrolled Resource Consumption Vulnerability (CVE-2025-43796) CVE-2025-43796 CWE-400 CWE-400 High Liferay DXP Uncontrolled Resource Consumption Vulnerability (CVE-2025-62260) CVE-2025-62260 CWE-400 CWE-400 High Liferay DXP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-25607) CVE-2024-25607 CWE-916 CWE-916 High Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445) CVE-2020-13445 CWE-138 CWE-138 High Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444) CVE-2019-11444 CWE-138 CWE-138 High Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884) CVE-2020-28884 CWE-138 CWE-138 High Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885) CVE-2020-28885 CWE-138 CWE-138 High Liferay JSON service API authentication vulnerability CWE-287 CWE-287 High Liferay Portal Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43790) CVE-2025-43790 CWE-639 CWE-639 High Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323) CVE-2021-33323 CWE-312 CWE-312 High Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338) CVE-2021-33338 CWE-352 CWE-352 High Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030) CVE-2023-35030 CWE-352 CWE-352 High Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271) CVE-2024-26271 CWE-352 CWE-352 High Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272) CVE-2024-26272 CWE-352 CWE-352 High Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273) CVE-2024-26273 CWE-352 CWE-352 High Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841) CVE-2020-15841 High Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266) CVE-2021-38266 High Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148) CVE-2024-25148 High Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891) CVE-2019-16891 CWE-502 CWE-502 High Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842) CVE-2020-15842 CWE-502 CWE-502 High Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047) CVE-2021-29047 CWE-287 CWE-287 High Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981) CVE-2022-28981 CWE-22 CWE-22 High Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123) CVE-2022-42123 CWE-22 CWE-22 High Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125) CVE-2022-42125 CWE-22 CWE-22 High Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-43813) CVE-2025-43813 CWE-22 CWE-22 High Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-62254) CVE-2025-62254 CWE-22 CWE-22 High Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-29053) CVE-2021-29053 CWE-138 CWE-138 High Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121) CVE-2022-42121 CWE-138 CWE-138 High Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945) CVE-2023-33945 CWE-138 CWE-138 High Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606) CVE-2024-25606 CWE-611 CWE-611 High Liferay Portal Improper Validation of Specified Quantity in Input Vulnerability (CVE-2025-43793) CVE-2025-43793 CWE-1284 CWE-1284 High Liferay Portal Incorrect Authorization Vulnerability (CVE-2021-33335) CVE-2021-33335 CWE-863 CWE-863 High Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002) CVE-2024-38002 CWE-863 CWE-863 High Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-3586) CVE-2025-3586 CWE-863 CWE-863 High Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124) CVE-2022-42124 CWE-1333 CWE-1333 High Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950) CVE-2023-33950 CWE-1333 CWE-1333 High Liferay Portal Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949) CVE-2023-33949 CWE-1188 CWE-1188 High Liferay Portal Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43768) CVE-2025-43768 CWE-201 CWE-201 High Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2021-33322) CVE-2021-33322 CWE-613 CWE-613 High Liferay Portal Missing Authorization Vulnerability (CVE-2023-33948) CVE-2023-33948 CWE-862 CWE-862 High Liferay Portal Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-43816) CVE-2025-43816 CWE-401 CWE-401 High Liferay Portal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5327) CVE-2010-5327 CWE-264 CWE-264 High Liferay Portal Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-4581) CVE-2025-4581 CWE-918 CWE-918 High Liferay Portal Unchecked Input for Loop Condition Vulnerability (CVE-2025-43801) CVE-2025-43801 CWE-606 CWE-606 High 1...26272829...176 27 / 176
