Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1131) CVE-2008-1131 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3741) CVE-2008-3741 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6170) CVE-2008-6170 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1844) CVE-2009-1844 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3156) CVE-2009-3156 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4369) CVE-2009-4369 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4370) CVE-2009-4370 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4371) CVE-2009-4371 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3094) CVE-2010-3094 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0244) CVE-2013-0244 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6387) CVE-2013-6387 CWE-707 CWE-707 Low Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5021) CVE-2014-5021 CWE-707 CWE-707 Low Drupal Other Vulnerability (CVE-2006-2832) CVE-2006-2832 Low Drupal Other Vulnerability (CVE-2006-2833) CVE-2006-2833 Low Drupal Other Vulnerability (CVE-2006-5477) CVE-2006-5477 Low Drupal Other Vulnerability (CVE-2007-0124) CVE-2007-0124 Low Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3093) CVE-2010-3093 CWE-264 CWE-264 Low Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0827) CVE-2012-0827 CWE-264 CWE-264 Low Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0245) CVE-2013-0245 CWE-264 CWE-264 Low Drupal Resource Management Errors Vulnerability (CVE-2012-1588) CVE-2012-1588 Low e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0997) CVE-2010-0997 CWE-707 CWE-707 Low Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0046) CVE-2014-0046 CWE-707 CWE-707 Low Envoy Metadata disclosure CWE-200 CWE-200 Low Envoy Proxy Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-11767) CVE-2020-11767 CWE-200 CWE-200 Low Error messages CWE-209 CWE-209 Low Error page path disclosure CWE-200 CWE-200 Low F5 BIG-IP Cookie Information Disclosure CWE-200 CWE-200 Low FrontPage Identified CWE-16 CWE-16 Low Gitlab user disclosure CWE-200 CWE-200 Low GlassFish CVE-2010-2397 Vulnerability (CVE-2010-2397) CVE-2010-2397 Low GlassFish CVE-2012-0081 Vulnerability (CVE-2012-0081) CVE-2012-0081 Low GlassFish CVE-2017-3626 Vulnerability (CVE-2017-3626) CVE-2017-3626 Low GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3239) CVE-2017-3239 CWE-200 CWE-200 Low Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-39324) CVE-2022-39324 CWE-707 CWE-707 Low Grafana Improper Preservation of Permissions Vulnerability (CVE-2022-36062) CVE-2022-36062 CWE-281 CWE-281 Low H2 console publicly accessible CWE-287 CWE-287 Low HTML Attribute Injection CWE-80 CWE-80 Low HTML Form found in redirect page CWE-287 CWE-287 Low IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3050) CVE-2014-3050 CWE-200 CWE-200 Low IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-4962) CVE-2015-4962 CWE-200 CWE-200 Low IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7449) CVE-2015-7449 CWE-200 CWE-200 Low IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0372) CVE-2016-0372 CWE-200 CWE-200 Low IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2947) CVE-2016-2947 CWE-200 CWE-200 Low IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1029) CVE-2011-1029 CWE-707 CWE-707 Low IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5404) CVE-2013-5404 CWE-707 CWE-707 Low IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0122) CVE-2015-0122 CWE-707 CWE-707 Low IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0123) CVE-2015-0123 CWE-707 CWE-707 Low IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0130) CVE-2015-0130 CWE-707 CWE-707 Low IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-4946) CVE-2015-4946 CWE-264 CWE-264 Low IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3045) CVE-2016-3045 CWE-200 CWE-200 Low IBM WebSEAL Improper Certificate Validation Vulnerability (CVE-2019-4150) CVE-2019-4150 CWE-295 CWE-295 Low IBM WebSEAL Session Fixation Vulnerability (CVE-2018-1804) CVE-2018-1804 CWE-384 CWE-384 Low IIS Path disclosure CWE-200 CWE-200 Low Information Disclosure (Microsoft Office) CWE-200 CWE-200 Low Insecure Frame (External) CWE-829 CWE-829 Low Insecure transition from HTTPS to HTTP in form post CWE-200 CWE-200 Low Internet Information Server returns IP address in HTTP header (Content-Location) CWE-200 CWE-200 Low Internet Information Services Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-1999-0861) CVE-1999-0861 CWE-362 CWE-362 Low Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2000-0649) CVE-2000-0649 CWE-200 CWE-200 Low Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-0422) CVE-2002-0422 CWE-200 CWE-200 Low Internet Information Services Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2003-1582) CVE-2003-1582 CWE-707 CWE-707 Low Internet Information Services Other Vulnerability (CVE-1999-1538) CVE-1999-1538 Low Internet Information Services Other Vulnerability (CVE-2000-0167) CVE-2000-0167 Low Internet Information Services Other Vulnerability (CVE-2001-0544) CVE-2001-0544 Low Java Denial of Service (DoS) Vulnerability (CVE-2018-2952) CVE-2018-2952 Low Java Unspesificed Vulnerability (CVE-2018-3136) CVE-2018-3136 Low Java Unspesificed Vulnerability (CVE-2018-3139) CVE-2018-3139 Low Java Unspesificed Vulnerability (CVE-2018-3150) CVE-2018-3150 Low Java Unspesificed Vulnerability (CVE-2018-3157) CVE-2018-3157 Low Java Unspesificed Vulnerability (CVE-2019-2422) CVE-2019-2422 Low Java Unspesificed Vulnerability (CVE-2019-2426) CVE-2019-2426 Low Java Unspesificed Vulnerability (CVE-2019-2766) CVE-2019-2766 Low Java Unspesificed Vulnerability (CVE-2019-2786) CVE-2019-2786 Low Java Unspesificed Vulnerability (CVE-2019-2818) CVE-2019-2818 Low Java Unspesificed Vulnerability (CVE-2020-14798) CVE-2020-14798 Low 12345...10 2 / 10
