| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5078)
|
CVE-2010-5078
CWE-264
|
CWE-264
|
Medium
|
|
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5087)
|
CVE-2010-5087
CWE-264
|
CWE-264
|
Medium
|
|
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5089)
|
CVE-2010-5089
CWE-264
|
CWE-264
|
Medium
|
|
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5090)
|
CVE-2010-5090
CWE-264
|
CWE-264
|
Medium
|
|
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5093)
|
CVE-2010-5093
CWE-264
|
CWE-264
|
Medium
|
|
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5094)
|
CVE-2010-5094
CWE-264
|
CWE-264
|
Medium
|
|
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4961)
|
CVE-2011-4961
CWE-264
|
CWE-264
|
Medium
|
|
silverstripeCMS Session Fixation Vulnerability (CVE-2019-12203)
|
CVE-2019-12203
CWE-384
|
CWE-384
|
Medium
|
|
silverstripeCMS Session Fixation Vulnerability (CVE-2022-24444)
|
CVE-2022-24444
CWE-384
|
CWE-384
|
Medium
|
|
SOAP WS-Addressing SSRF
|
CWE-918
|
CWE-918
|
Medium
|
|
Sonicwall SMA 100 Unintended proxy (CVE-2021-20042)
|
CVE-2021-20042
CWE-441
|
CWE-441
|
Medium
|
|
Source Code Disclosure
|
CWE-538
|
CWE-538
|
Medium
|
|
Source Code Disclosure (Node.js)
|
CWE-540
|
CWE-540
|
Medium
|
|
Source Code Disclosure (Python)
|
CWE-540
|
CWE-540
|
Medium
|
|
Spring Boot Actuator
|
CWE-489
|
CWE-489
|
Medium
|
|
Spring Boot Actuator v2
|
CWE-489
|
CWE-489
|
Medium
|
|
Spring Boot Misconfiguration: Actuator endpoint security disabled
|
CWE-749
|
CWE-749
|
Medium
|
|
Spring Boot Misconfiguration: Admin MBean enabled
|
CWE-749
|
CWE-749
|
Medium
|
|
Spring Boot Misconfiguration: All Spring Boot Actuator endpoints are web exposed
|
CWE-200
|
CWE-200
|
Medium
|
|
Spring Boot Misconfiguration: Datasource credentials stored in the properties file
|
CWE-312
|
CWE-312
|
Medium
|
|
Spring Boot Misconfiguration: Developer tools enabled on production
|
CWE-200
CWE-489
|
CWE-200
CWE-489
|
Medium
|
|
Spring Boot Misconfiguration: H2 console enabled
|
CWE-200
|
CWE-200
|
Medium
|
|
Spring Boot Misconfiguration: MongoDB credentials stored in the properties file
|
CWE-312
|
CWE-312
|
Medium
|
|
Spring Boot Misconfiguration: Overly long session timeout
|
CWE-613
|
CWE-613
|
Medium
|
|
Spring Boot Misconfiguration: Unsafe value for session tracking
|
CWE-200
CWE-598
|
CWE-200
CWE-598
|
Medium
|
|
Spring Cloud Gateway Improper Certificate Validation Vulnerability (CVE-2022-22946)
|
CVE-2022-22946
CWE-295
|
CWE-295
|
Medium
|
|
Spring Cloud Gateway Incorrect Authorization Vulnerability (CVE-2021-22051)
|
CVE-2021-22051
CWE-863
|
CWE-863
|
Medium
|
|
Spring Misconfiguration: HTML Escaping disabled
|
CWE-116
|
CWE-116
|
Medium
|
|
Sqlite CVE-2020-13631 Vulnerability (CVE-2020-13631)
|
CVE-2020-13631
|
|
Medium
|
|
Sqlite CVE-2023-36191 Vulnerability (CVE-2023-36191)
|
CVE-2023-36191
|
|
Medium
|
|
SQLite Database File Found
|
CWE-538
|
CWE-538
|
Medium
|
|
Sqlite Divide By Zero Vulnerability (CVE-2019-16168)
|
CVE-2019-16168
CWE-369
|
CWE-369
|
Medium
|
|
Sqlite Improper Handling of Exceptional Conditions Vulnerability (CVE-2019-19924)
|
CVE-2019-19924
CWE-755
|
CWE-755
|
Medium
|
|
Sqlite Improper Input Validation Vulnerability (CVE-2016-6153)
|
CVE-2016-6153
CWE-20
|
CWE-20
|
Medium
|
|
Sqlite Improper Input Validation Vulnerability (CVE-2017-13685)
|
CVE-2017-13685
CWE-20
|
CWE-20
|
Medium
|
|
Sqlite Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-6590)
|
CVE-2008-6590
CWE-22
|
CWE-22
|
Medium
|
|
Sqlite Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6589)
|
CVE-2008-6589
CWE-707
|
CWE-707
|
Medium
|
|
Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-7443)
|
CVE-2013-7443
CWE-119
|
CWE-119
|
Medium
|
|
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2020-13434)
|
CVE-2020-13434
CWE-190
|
CWE-190
|
Medium
|
|
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2025-29088)
|
CVE-2025-29088
CWE-190
|
CWE-190
|
Medium
|
|
Sqlite Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-45346)
|
CVE-2021-45346
CWE-401
|
CWE-401
|
Medium
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19242)
|
CVE-2019-19242
CWE-476
|
CWE-476
|
Medium
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-13435)
|
CVE-2020-13435
CWE-476
|
CWE-476
|
Medium
|
|
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-13632)
|
CVE-2020-13632
CWE-476
|
CWE-476
|
Medium
|
|
Sqlite Out-of-bounds Write Vulnerability (CVE-2020-15358)
|
CVE-2020-15358
CWE-787
|
CWE-787
|
Medium
|
|
Sqlite Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-6607)
|
CVE-2015-6607
CWE-264
|
CWE-264
|
Medium
|
|
Sqlite Uncontrolled Recursion Vulnerability (CVE-2019-19645)
|
CVE-2019-19645
CWE-674
|
CWE-674
|
Medium
|
|
Sqlite Use After Free Vulnerability (CVE-2021-20227)
|
CVE-2021-20227
CWE-416
|
CWE-416
|
Medium
|
|
Sqlite Use After Free Vulnerability (CVE-2024-0232)
|
CVE-2024-0232
CWE-416
|
CWE-416
|
Medium
|
|
Squid Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-18677)
|
CVE-2019-18677
CWE-352
|
CWE-352
|
Medium
|
|
Squid Data Processing Errors Vulnerability (CVE-2014-7141)
|
CVE-2014-7141
|
|
Medium
|
|
Squid Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-41317)
|
CVE-2022-41317
CWE-668
|
CWE-668
|
Medium
|
|
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12529)
|
CVE-2019-12529
CWE-200
|
CWE-200
|
Medium
|
|
Squid Improper Encoding or Escaping of Output Vulnerability (CVE-2021-28662)
|
CVE-2021-28662
CWE-116
|
CWE-116
|
Medium
|
|
Squid Improper Encoding or Escaping of Output Vulnerability (CVE-2021-31806)
|
CVE-2021-31806
CWE-116
|
CWE-116
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2009-2622)
|
CVE-2009-2622
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2009-2855)
|
CVE-2009-2855
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2010-0308)
|
CVE-2010-0308
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2012-5643)
|
CVE-2012-5643
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2013-4123)
|
CVE-2013-4123
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2014-0128)
|
CVE-2014-0128
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2014-3609)
|
CVE-2014-3609
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2014-7142)
|
CVE-2014-7142
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2016-2390)
|
CVE-2016-2390
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2021-31808)
|
CVE-2021-31808
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Input Validation Vulnerability (CVE-2021-33620)
|
CVE-2021-33620
CWE-20
|
CWE-20
|
Medium
|
|
Squid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19131)
|
CVE-2018-19131
CWE-707
|
CWE-707
|
Medium
|
|
Squid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13345)
|
CVE-2019-13345
CWE-707
|
CWE-707
|
Medium
|
|
Squid Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-18860)
|
CVE-2019-18860
CWE-138
|
CWE-138
|
Medium
|
|
Squid Improper Privilege Management Vulnerability (CVE-2019-12522)
|
CVE-2019-12522
CWE-269
|
CWE-269
|
Medium
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-2621)
|
CVE-2009-2621
CWE-119
|
CWE-119
|
Medium
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-0189)
|
CVE-2013-0189
CWE-119
|
CWE-119
|
Medium
|
|
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-6270)
|
CVE-2014-6270
CWE-119
|
CWE-119
|
Medium
|
|
Squid Improper Synchronization Vulnerability (CVE-2020-14059)
|
CVE-2020-14059
CWE-662
|
CWE-662
|
Medium
|
|
Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46846)
|
CVE-2023-46846
|
|
Medium
|