Denial Of Service - Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Apache 2.x version older than 2.0.48	CVE-2003-0542 CVE-2003-0789 CWE-119	CWE-119	Medium
Apache 2.x version older than 2.0.49	CVE-2003-0020 CVE-2004-0113 CVE-2004-0174 CWE-20	CWE-20	Medium
Apache 2.x version older than 2.0.61	CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-701	CWE-701	Medium
Apache 2.x version older than 2.2.3	CVE-2006-3747 CWE-189	CWE-189	Medium
Apache 2.x version older than 2.2.6	CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-20	CWE-20	Medium
Apache 2.x version older than 2.2.8	CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CWE-79	CWE-79	Medium
Apache 2.x version older than 2.2.9	CVE-2007-6420 CVE-2008-2364 CWE-399	CWE-399	Medium
Apache httpd remote denial of service	CVE-2011-3192 CWE-399	CWE-399	Medium
Apache mod_jk access control bypass	CVE-2018-11759 CWE-918	CWE-918	Medium
Apache mod_rewrite off-by-one buffer overflow vulnerability	CVE-2006-3747 CWE-189	CWE-189	High
Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496)	CVE-2020-9496 CWE-502	CWE-502	High
Apache Struts 2 ClassLoader manipulation and denial of service	CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701	CWE-701	High
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020)	CVE-2014-0094 CVE-2014-0050 CWE-701	CWE-701	High
Apache Tomcat version older than 6.0.35	CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 CWE-264	CWE-264	High
Apache Tomcat version older than 6.0.36	CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CWE-20	CWE-20	High
Apache Tomcat version older than 7.0.23	CVE-2012-0022 CWE-189	CWE-189	High
Apache Tomcat version older than 7.0.28	CVE-2012-2733 CVE-2012-4534 CWE-20	CWE-20	High
Apache version older than 1.3.39	CVE-2006-5752 CVE-2007-3304 CWE-79	CWE-79	Medium
Apache version older than 1.3.41	CVE-2007-6388 CWE-79	CWE-79	Medium
Arbitrary file deletion	CWE-20	CWE-20	High
Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296)	CVE-2018-0296 CWE-22	CWE-22	High
ColdFusion AMF Deserialization RCE	CVE-2017-3066 CWE-502	CWE-502	High
Deserialization of Untrusted Data (Java JSON Deserialization) Genson	CWE-502	CWE-502	High
Deserialization of Untrusted Data (Java JSON Deserialization) Jackson	CWE-502	CWE-502	High
Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10)	CVE-2007-0124 CWE-400	CWE-400	High
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4)	CVE-2007-0124 CWE-400	CWE-400	High
Drupal Core 6.x Denial of Service (6.0 - 6.32)	CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400	CWE-400	High
Drupal Core 7.x Denial of Service (7.0 - 7.19)	CVE-2013-0316 CWE-400	CWE-400	High
Drupal Core 7.x Denial of Service (7.0 - 7.30)	CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400	CWE-400	High
Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10)	CWE-400	CWE-400	High
Drupal Core 8.8.0 Denial of Service (8.8.0)	CWE-400	CWE-400	High
Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18)	CWE-400	CWE-400	High
Edge Side Include injection	CWE-918	CWE-918	High
GeoServer SQLi (CVE-2023-25157)	CVE-2023-25157 CWE-89	CWE-89	High
GraphQL Alias Overloading Allowed: Potential Denial of Service Vulnerability	CWE-400	CWE-400	Medium
GraphQL Array-based Query Batching Allowed: Potential Batching Attack Vulnerability	CWE-770	CWE-770	Medium
GraphQL Circular-Query via Introspection Allowed: Potential DoS Vulnerability	CWE-400	CWE-400	Medium
JavaMelody XML External Entity (XXE) vulnerability	CVE-2018-15531 CWE-611	CWE-611	High
Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9)	CVE-2013-3242 CWE-400	CWE-400	High
Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25)	CVE-2014-7229 CWE-400	CWE-400	High
Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3)	CVE-2013-3242 CWE-400	CWE-400	High
Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4)	CVE-2014-7229 CWE-400	CWE-400	High
Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5)	CVE-2014-7229 CWE-400	CWE-400	High
Joomla! Core Denial of Service (2.5.0 - 3.9.27)	CVE-2021-26036 CWE-400	CWE-400	High
Liferay TunnelServlet Deserialization Remote Code Execution	CWE-502	CWE-502	High
Long password denial of service	CWE-400	CWE-400	High
nginx range filter integer overflow	CVE-2017-7529 CWE-200	CWE-200	Medium
Node.js Web Application does not handle uncaughtException	CWE-248	CWE-248	Medium
Node.js Web Application does not handle unhandledRejection	CWE-248	CWE-248	Medium
Oracle Access Manager 'opensso' Deserialization RCE (CVE-2021-35587)	CVE-2021-35587 CWE-502	CWE-502	High
Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950	CVE-2020-2950 CWE-502	CWE-502	High
Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616	CWE-611	CWE-611	High
Oracle Weblogic T3 XXE (CVE-2019-2647)	CVE-2019-2647 CWE-611	CWE-611	High
Oracle Weblogic T3 XXE (CVE-2019-2888)	CVE-2019-2888 CWE-611	CWE-611	High
PHP-CGI remote code execution	CVE-2012-1823 CVE-2012-2311 CWE-20	CWE-20	High
PHP4 IMAP module buffer overflow vulnerability	CWE-119	CWE-119	Medium
PHP4 multiple vulnerabilities	CVE-2003-0860 CVE-2003-0861 CWE-119	CWE-119	High
PHP hangs on parsing particular strings as floating point number	CVE-2010-4645 CWE-189	CWE-189	Medium
PHP HTML entity encoder heap overflow vulnerability	CVE-2006-5465 CWE-119	CWE-119	High
PHP HTTP POST incorrect MIME header parsing vulnerability	CVE-2002-0717 CWE-20	CWE-20	Medium
PHP multipart/form-data denial of service	CVE-2009-4017 CWE-400	CWE-400	Medium
PHP object deserialization of user-supplied data	CWE-20	CWE-20	Medium
PHP preg_replace used on user input	CWE-20	CWE-20	Medium
PHP unserialize() used on user input	CWE-20	CWE-20	Medium
PHP version older than 4.3.8	CVE-2004-0594 CVE-2004-0595 CWE-1104	CWE-1104	Medium
PHP version older than 5.2.1	CVE-2007-1376 CVE-2007-1380 CVE-2007-1453 CVE-2007-1454 CWE-1104	CWE-1104	High
PHP version older than 5.2.3	CVE-2007-1900 CVE-2007-2756 CVE-2007-2872 CWE-1104	CWE-1104	High
PHP version older than 5.2.5	CVE-2007-4840 CVE-2007-4887 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900 CWE-1104	CWE-1104	High
PHP version older than 5.2.6	CVE-2007-4850 CVE-2008-0599 CVE-2008-0674 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051 CWE-1104	CWE-1104	High
Python object deserialization of user-supplied data	CWE-20	CWE-20	Medium
Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface	CVE-2020-2036 CWE-79	CWE-79	High
SAP Hybris Deserialization RCE	CWE-502	CWE-502	High
Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed	CWE-16	CWE-16	Low
Web Cache Poisoning DoS	CWE-400	CWE-400	Medium
Web Cache Poisoning DoS (for javascript)	CWE-400	CWE-400	Medium
Web Cache Poisoning via Host Header	CWE-44	CWE-44	High
WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1)	CWE-400	CWE-400	High
WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4)	CVE-2009-3622 CWE-310	CWE-310	High
WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.1.x Denial of Service Vulnerability (4.1 - 4.1.22)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.8.x Denial of Service Vulnerability (4.8 - 4.8.5)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress Denial of Service Vulnerability (0.70 - 3.6.1)	CVE-2018-6389 CWE-400	CWE-400	High
WordPress Denial of Service Vulnerability (3.5 - 3.6.1)	CVE-2014-5265 CWE-399	CWE-399	High
WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)	CVE-2007-0540 CWE-200 CWE-400	CWE-200 CWE-400	High
WordPress Plugin Authenticator Denial of Service (1.3.0)	CVE-2022-3994 CWE-400	CWE-400	High
WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3)	CWE-400	CWE-400	High
WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1)	CVE-2020-29384 CWE-400	CWE-400	High
WordPress Plugin PS PHPCaptcha WP Denial of Service (1.1.0)	CVE-2019-7412 CWE-400	CWE-400	High
WordPress Plugin Reviews Plus Denial of Service (1.2.13)	CVE-2021-24894 CWE-400	CWE-400	High
WordPress Plugin Safe SVG Denial of Service (1.9.4)	CVE-2019-18854 CVE-2019-18855 CWE-400	CWE-400	High
WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114)	CWE-400	CWE-400	High
WordPress Plugin WPGraphQL Denial of Service (1.3.5)	CVE-2021-31157 CWE-400	CWE-400	High
WordPress Plugin WP Image Zoom Denial of Service (1.23)	CWE-400	CWE-400	High
XML entity injection	CWE-611	CWE-611	Critical
XML external entity injection	CWE-611	CWE-611	Critical
XML external entity injection (variant)	CWE-611	CWE-611	Critical
XML external entity injection and XML injection	CWE-611	CWE-611	Critical
XML External Entity Injection via external file	CWE-611	CWE-611	Critical
XML external entity injection via File Upload	CWE-611	CWE-611	Critical
XML quadratic blowup denial of service attack	CWE-400	CWE-400	High

Apache 2.x version older than 2.0.48

CVE-2003-0542 CVE-2003-0789

CWE-119

Medium