High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Atlassian Jira CVE-2019-8442 Vulnerability (CVE-2019-8442)	CVE-2019-8442		High
Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413)	CVE-2019-20413		High
Atlassian Jira CVE-2019-20898 Vulnerability (CVE-2019-20898)	CVE-2019-20898		High
Atlassian Jira CVE-2020-14167 Vulnerability (CVE-2020-14167)	CVE-2020-14167		High
Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)	CVE-2020-14178		High
Atlassian Jira CVE-2021-39123 Vulnerability (CVE-2021-39123)	CVE-2021-39123		High
Atlassian Jira CVE-2021-43947 Vulnerability (CVE-2021-43947)	CVE-2021-43947		High
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-8443)	CVE-2019-8443 CWE-287	CWE-287	High
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-26070)	CVE-2021-26070 CWE-287	CWE-287	High
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41312)	CVE-2021-41312 CWE-287	CWE-287	High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-18113)	CVE-2017-18113 CWE-94	CWE-94	High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001)	CVE-2019-15001 CWE-94	CWE-94	High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43944)	CVE-2021-43944 CWE-94	CWE-94	High
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39128)	CVE-2021-39128 CWE-138	CWE-138	High
Atlassian Jira insecure REST permissions			High
Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113)	CVE-2021-39113 CWE-613	CWE-613	High
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399)	CVE-2019-3399 CWE-862	CWE-862	High
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619)	CVE-2007-6619 CWE-264	CWE-264	High
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400)	CVE-2019-20400 CWE-427	CWE-427	High
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419)	CVE-2019-20419 CWE-427	CWE-427	High
Atlassian OAuth Plugin IconUriServlet SSRF	CVE-2017-9506 CWE-918	CWE-918	High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583)	CVE-2015-1583 CWE-352	CWE-352	High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539)	CVE-2016-2539 CWE-352	CWE-352	High
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400)	CVE-2016-10400 CWE-22	CWE-22	High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446)	CVE-2019-11446 CWE-434	CWE-434	High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169)	CVE-2019-12169 CWE-434	CWE-434	High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170)	CVE-2019-12170 CWE-434	CWE-434	High
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498)	CVE-2021-43498 CWE-640	CWE-640	High
Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805)	CVE-2023-46805 CWE-287	CWE-287	High
Authentication bypass via MongoDB operator injection	CWE-943	CWE-943	High
Auxiliary systems SSRF	CWE-918	CWE-918	High
axios Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-1214)	CVE-2022-1214 CWE-200	CWE-200	High
axios Improper Input Validation Vulnerability (CVE-2019-10742)	CVE-2019-10742 CWE-20	CWE-20	High
axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749)	CVE-2021-3749 CWE-400	CWE-400	High
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479)	CVE-2016-9479		High
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480)	CVE-2017-5480 CWE-22	CWE-22	High
b2evolution Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-28242)	CVE-2021-28242 CWE-138	CWE-138	High
b2evolution Other Vulnerability (CVE-2006-6417)	CVE-2006-6417		High
b2evolution Other Vulnerability (CVE-2007-2358)	CVE-2007-2358		High
b2evolution Other Vulnerability (CVE-2007-2681)	CVE-2007-2681		High
Barracuda networks products multiple directory traversal vulnerabilities	CWE-22	CWE-22	High
Bazaar repository found	CWE-538	CWE-538	High
Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)	CVE-2024-40464 CWE-295	CWE-295	High
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116)	CVE-2021-27116 CWE-59	CWE-59	High
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117)	CVE-2021-27117 CWE-59	CWE-59	High
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465)	CVE-2024-40465 CWE-327	CWE-327	High
BigIP iRule Tcl code injection	CWE-78	CWE-78	High
BillQuick Web Suite SQL injection (CVE-2021-42258)	CVE-2021-42258 CWE-89	CWE-89	High
Blind XSS	CWE-80	CWE-80	High
Bonita Authorization Bypass (CVE-2022-25237)	CVE-2022-25237 CWE-863	CWE-863	High
BottlePy weak secret key	CWE-693	CWE-693	High
BuddyPress REST API Privilege Escalation	CVE-2021-21389 CWE-269	CWE-269	High
Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037)	CVE-2022-34037 CWE-125	CWE-125	High
Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)	CVE-2023-44487 CWE-400	CWE-400	High
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability	CVE-2010-4335 CWE-20	CWE-20	High
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379)	CVE-2015-8379 CWE-352	CWE-352	High
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239)	CVE-2020-35239 CWE-352	CWE-352	High
CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458)	CVE-2019-11458 CWE-502	CWE-502	High
CakePHP Improper Input Validation Vulnerability (CVE-2010-4335)	CVE-2010-4335 CWE-20	CWE-20	High
CakePHP Improper Input Validation Vulnerability (CVE-2016-4793)	CVE-2016-4793 CWE-20	CWE-20	High
Case-Insensitive Routing Bypass in Express.js Application	CWE-287	CWE-287	High
Certificate is Signed Using a Weak Signature Algorithm			High
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-23127)	CVE-2020-23127 CWE-352	CWE-352	High
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-40662)	CVE-2021-40662 CWE-352	CWE-352	High
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427)	CVE-2022-27427 CWE-94	CWE-94	High
Chamilo Improper Input Validation Vulnerability (CVE-2012-4030)	CVE-2012-4030 CWE-20	CWE-20	High
Chamilo Improper Input Validation Vulnerability (CVE-2021-31933)	CVE-2021-31933 CWE-20	CWE-20	High
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35413)	CVE-2021-35413 CWE-707	CWE-707	High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4221)	CVE-2023-4221 CWE-138	CWE-138	High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4222)	CVE-2023-4222 CWE-138	CWE-138	High
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20329)	CVE-2018-20329 CWE-138	CWE-138	High
Chamilo Improper Privilege Management Vulnerability (CVE-2022-27421)	CVE-2022-27421 CWE-269	CWE-269	High
Chamilo Other Vulnerability (CVE-2023-34962)	CVE-2023-34962		High
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27426)	CVE-2022-27426 CWE-918	CWE-918	High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-40407)	CVE-2022-40407 CWE-434	CWE-434	High

Atlassian Jira CVE-2019-8442 Vulnerability (CVE-2019-8442)

CVE-2019-8442

High