Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Rails controller possible sensitive information disclosure CWE-200 CWE-200 Medium React CVE-2025-55183 Vulnerability (CVE-2025-55183) CVE-2025-55183 Medium React Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6341) CVE-2018-6341 CWE-707 CWE-707 Medium Redis Unauthorized Access Vulnerability CWE-200 CWE-200 Medium Resin Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2012-2968) CVE-2012-2968 CWE-22 CWE-22 Medium Resin Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2462) CVE-2008-2462 CWE-707 CWE-707 Medium Resin Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2032) CVE-2010-2032 CWE-707 CWE-707 Medium Resin Application Server Other Vulnerability (CVE-2004-0281) CVE-2004-0281 Medium Resin Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2969) CVE-2012-2969 CWE-264 CWE-264 Medium Resin Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2966) CVE-2014-2966 CWE-264 CWE-264 Medium Resource Accessible Without Required Authentication CWE-287 CWE-287 Medium reveal.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8127) CVE-2020-8127 CWE-707 CWE-707 Medium reveal.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-0776) CVE-2022-0776 CWE-707 CWE-707 Medium Reverse proxy bypass CVE-2011-3368 CWE-20 CWE-20 Medium Reverse proxy misrouting through HTTP/2 pseudo-headers (SSRF) CWE-918 CWE-918 Medium ReviveAdserver Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-52670) CVE-2025-52670 CWE-639 CWE-639 Medium ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-5954) CVE-2013-5954 CWE-352 CWE-352 Medium ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9407) CVE-2014-9407 CWE-352 CWE-352 Medium ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7364) CVE-2015-7364 CWE-352 CWE-352 Medium ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7366) CVE-2015-7366 CWE-352 CWE-352 Medium ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9129) CVE-2016-9129 CWE-200 CWE-200 Medium ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-52669) CVE-2025-52669 CWE-200 CWE-200 Medium ReviveAdserver Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-52671) CVE-2025-52671 CWE-209 CWE-209 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-8793) CVE-2014-8793 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7365) CVE-2015-7365 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7370) CVE-2015-7370 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7373) CVE-2015-7373 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9126) CVE-2016-9126 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9128) CVE-2016-9128 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9130) CVE-2016-9130 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9454) CVE-2016-9454 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9457) CVE-2016-9457 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9472) CVE-2016-9472 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5832) CVE-2017-5832 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5833) CVE-2017-5833 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8115) CVE-2020-8115 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22871) CVE-2021-22871 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22872) CVE-2021-22872 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22874) CVE-2021-22874 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22875) CVE-2021-22875 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22888) CVE-2021-22888 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22889) CVE-2021-22889 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-38040) CVE-2023-38040 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-53931) CVE-2023-53931 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-27208) CVE-2025-27208 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-48987) CVE-2025-48987 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52667) CVE-2025-52667 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52668) CVE-2025-52668 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-55123) CVE-2025-55123 CWE-707 CWE-707 Medium ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-55124) CVE-2025-55124 CWE-707 CWE-707 Medium ReviveAdserver Incorrect Authorization Vulnerability (CVE-2020-8142) CVE-2020-8142 CWE-863 CWE-863 Medium ReviveAdserver Other Vulnerability (CVE-2014-8875) CVE-2014-8875 Medium ReviveAdserver Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7371) CVE-2015-7371 CWE-264 CWE-264 Medium ReviveAdserver Session Fixation Vulnerability (CVE-2017-5831) CVE-2017-5831 CWE-384 CWE-384 Medium ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-5433) CVE-2019-5433 CWE-601 CWE-601 Medium ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-8143) CVE-2020-8143 CWE-601 CWE-601 Medium ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22873) CVE-2021-22873 CWE-601 CWE-601 Medium Revoked SSL Certificate CWE-295 CWE-295 Medium RoR Development Mode enabled CWE-200 CWE-200 Medium Roundcube Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2026-35541) CVE-2026-35541 CWE-843 CWE-843 Medium Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4076) CVE-2009-4076 CWE-352 CWE-352 Medium Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4077) CVE-2009-4077 CWE-352 CWE-352 Medium Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-12626) CVE-2020-12626 CWE-352 CWE-352 Medium Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-1433) CVE-2015-1433 Medium Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8793) CVE-2015-8793 Medium Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8864) CVE-2015-8864 Medium Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2016-4068) CVE-2016-4068 Medium Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0464) CVE-2010-0464 CWE-200 CWE-200 Medium Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5382) CVE-2015-5382 CWE-200 CWE-200 Medium Roundcube Improper Input Validation Vulnerability (CVE-2011-1492) CVE-2011-1492 CWE-20 CWE-20 Medium Roundcube Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1904) CVE-2013-1904 CWE-22 CWE-22 Medium Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0413) CVE-2009-0413 CWE-707 CWE-707 Medium Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2937) CVE-2011-2937 CWE-707 CWE-707 Medium Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3508) CVE-2012-3508 CWE-707 CWE-707 Medium Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4668) CVE-2012-4668 CWE-707 CWE-707 Medium 1...96979899...118 97 / 118
