Vulnerability Name CVE Severity
Atlassian Jira CVE-2020-14167 Vulnerability (CVE-2020-14167) CVE-2020-14167
Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178) CVE-2020-14178
Atlassian Jira CVE-2021-39123 Vulnerability (CVE-2021-39123) CVE-2021-39123
Atlassian Jira CVE-2021-43947 Vulnerability (CVE-2021-43947) CVE-2021-43947
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-8443) CVE-2019-8443
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-26070) CVE-2021-26070
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41312) CVE-2021-41312
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-18113) CVE-2017-18113
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001) CVE-2019-15001
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43944) CVE-2021-43944
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39128) CVE-2021-39128
Atlassian Jira insecure REST permissions
Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113) CVE-2021-39113
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399) CVE-2019-3399
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619) CVE-2007-6619
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400) CVE-2019-20400
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419) CVE-2019-20419
Atlassian OAuth Plugin IconUriServlet SSRF CVE-2017-9506
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583) CVE-2015-1583
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539) CVE-2016-2539
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400) CVE-2016-10400
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446) CVE-2019-11446
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169) CVE-2019-12169
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170) CVE-2019-12170
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498) CVE-2021-43498
Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805) CVE-2023-46805
Authentication bypass via MongoDB operator injection
Auxiliary systems SSRF
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-58754) CVE-2025-58754
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-44488) CVE-2026-44488
axios Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-44486) CVE-2026-44486
axios Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2026-25639) CVE-2026-25639
axios Improper Input Validation Vulnerability (CVE-2019-10742) CVE-2019-10742
axios Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-42033) CVE-2026-42033
axios Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-44490) CVE-2026-44490
axios Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') Vulnerability (CVE-2026-42035) CVE-2026-42035
axios Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2026-44487) CVE-2026-44487
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338) CVE-2024-39338
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-27152) CVE-2025-27152
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-42038) CVE-2026-42038
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-44492) CVE-2026-44492
axios Uncontrolled Recursion Vulnerability (CVE-2026-42039) CVE-2026-42039
axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749) CVE-2021-3749
axios Uncontrolled Resource Consumption Vulnerability (CVE-2026-44496) CVE-2026-44496
axios Unintended Proxy or Intermediary ('Confused Deputy') Vulnerability (CVE-2026-44494) CVE-2026-44494
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479) CVE-2016-9479
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480) CVE-2017-5480
b2evolution Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-28242) CVE-2021-28242
b2evolution Other Vulnerability (CVE-2006-6417) CVE-2006-6417
b2evolution Other Vulnerability (CVE-2007-2358) CVE-2007-2358
b2evolution Other Vulnerability (CVE-2007-2681) CVE-2007-2681
Barracuda networks products multiple directory traversal vulnerabilities
Basic authentication over HTTP
Bazaar repository found
Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464) CVE-2024-40464
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116) CVE-2021-27116
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117) CVE-2021-27117
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465) CVE-2024-40465
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-55885) CVE-2024-55885
BigIP iRule Tcl code injection
BillQuick Web Suite SQL injection (CVE-2021-42258) CVE-2021-42258
Blind XSS
Bonita Authorization Bypass (CVE-2022-25237) CVE-2022-25237
BottlePy weak secret key
Broken Object Property Level Authorization (Mass Assignment)
BuddyPress REST API Privilege Escalation CVE-2021-21389
Caddy Web Server Improper Authentication Vulnerability (CVE-2026-30851) CVE-2026-30851
Caddy Web Server Improper Authentication Vulnerability (CVE-2026-52845) CVE-2026-52845
Caddy Web Server Improper Input Validation Vulnerability (CVE-2026-45135) CVE-2026-45135
Caddy Web Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2026-30852) CVE-2026-30852
Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037) CVE-2022-34037
Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487) CVE-2023-44487
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379) CVE-2015-8379
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239) CVE-2020-35239