Vulnerability Name CVE Severity
Apache 2.x version older than 2.0.48 CVE-2003-0542 CVE-2003-0789
Apache 2.x version older than 2.0.49 CVE-2003-0020 CVE-2004-0113 CVE-2004-0174
Apache 2.x version older than 2.0.61 CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847
Apache 2.x version older than 2.2.3 CVE-2006-3747
Apache 2.x version older than 2.2.6 CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847
Apache 2.x version older than 2.2.8 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005
Apache 2.x version older than 2.2.9 CVE-2007-6420 CVE-2008-2364
Apache httpd remote denial of service CVE-2011-3192
Apache mod_jk access control bypass CVE-2018-11759
Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747
Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496) CVE-2020-9496
Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050
Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022
Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534
Apache Tomcat version older than 7.0.23 CVE-2012-0022
Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534
Apache version older than 1.3.39 CVE-2006-5752 CVE-2007-3304
Apache version older than 1.3.41 CVE-2007-6388
Arbitrary file deletion
Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296) CVE-2018-0296
ColdFusion AMF Deserialization RCE CVE-2017-3066
Deserialization of Untrusted Data (Java JSON Deserialization) Genson
Deserialization of Untrusted Data (Java JSON Deserialization) Jackson
Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124
Drupal Core 6.x Denial of Service (6.0 - 6.32) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267
Drupal Core 7.x Denial of Service (7.0 - 7.19) CVE-2013-0316
Drupal Core 7.x Denial of Service (7.0 - 7.30) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267
Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10)
Drupal Core 8.8.0 Denial of Service (8.8.0)
Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18)
Edge Side Include injection
GeoServer SQLi (CVE-2023-25157) CVE-2023-25157
GraphQL Alias Overloading Allowed: Potential Denial of Service Vulnerability
GraphQL Array-based Query Batching Allowed: Potential Batching Attack Vulnerability
GraphQL Circular-Query via Introspection Allowed: Potential DoS Vulnerability
JavaMelody XML External Entity (XXE) vulnerability CVE-2018-15531
Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9) CVE-2013-3242
Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25) CVE-2014-7229
Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3) CVE-2013-3242
Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) CVE-2014-7229
Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) CVE-2014-7229
Joomla! Core Denial of Service (2.5.0 - 3.9.27) CVE-2021-26036
Liferay TunnelServlet Deserialization Remote Code Execution
Long password denial of service
nginx range filter integer overflow CVE-2017-7529
Node.js Web Application does not handle uncaughtException
Node.js Web Application does not handle unhandledRejection
Oracle Access Manager 'opensso' Deserialization RCE (CVE-2021-35587) CVE-2021-35587
Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950 CVE-2020-2950
Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616
Oracle Weblogic T3 XXE (CVE-2019-2647) CVE-2019-2647
Oracle Weblogic T3 XXE (CVE-2019-2888) CVE-2019-2888
PHP-CGI remote code execution CVE-2012-1823 CVE-2012-2311
PHP4 IMAP module buffer overflow vulnerability
PHP4 multiple vulnerabilities CVE-2003-0860 CVE-2003-0861
PHP hangs on parsing particular strings as floating point number CVE-2010-4645
PHP HTML entity encoder heap overflow vulnerability CVE-2006-5465
PHP HTTP POST incorrect MIME header parsing vulnerability CVE-2002-0717
PHP multipart/form-data denial of service CVE-2009-4017
PHP object deserialization of user-supplied data
PHP preg_replace used on user input
PHP unserialize() used on user input
PHP version older than 4.3.8 CVE-2004-0594 CVE-2004-0595
PHP version older than 5.2.1 CVE-2007-1376 CVE-2007-1380 CVE-2007-1453 CVE-2007-1454
PHP version older than 5.2.3 CVE-2007-1900 CVE-2007-2756 CVE-2007-2872
PHP version older than 5.2.5 CVE-2007-4840 CVE-2007-4887 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900
PHP version older than 5.2.6 CVE-2007-4850 CVE-2008-0599 CVE-2008-0674 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051
Python object deserialization of user-supplied data
Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface CVE-2020-2036
SAP Hybris Deserialization RCE
Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed
Web Cache Poisoning DoS
Web Cache Poisoning DoS (for javascript)
Web Cache Poisoning via Host Header
WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1)
WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4) CVE-2009-3622
WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25) CVE-2018-6389
WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25) CVE-2018-6389
WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23) CVE-2018-6389
WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22) CVE-2018-6389
WordPress 4.1.x Denial of Service Vulnerability (4.1 - 4.1.22) CVE-2018-6389
WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19) CVE-2018-6389
WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15) CVE-2018-6389
WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14) CVE-2018-6389
WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13) CVE-2018-6389
WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10) CVE-2018-6389
WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9) CVE-2018-6389
WordPress 4.8.x Denial of Service Vulnerability (4.8 - 4.8.5) CVE-2018-6389
WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4) CVE-2018-6389
WordPress Denial of Service Vulnerability (0.70 - 3.6.1) CVE-2018-6389
WordPress Denial of Service Vulnerability (3.5 - 3.6.1) CVE-2014-5265
WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3) CVE-2007-0540
WordPress Plugin Authenticator Denial of Service (1.3.0) CVE-2022-3994
WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3)
WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1) CVE-2020-29384
WordPress Plugin PS PHPCaptcha WP Denial of Service (1.1.0) CVE-2019-7412
WordPress Plugin Reviews Plus Denial of Service (1.2.13) CVE-2021-24894
WordPress Plugin Safe SVG Denial of Service (1.9.4) CVE-2019-18854 CVE-2019-18855
WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114)
WordPress Plugin WPGraphQL Denial of Service (1.3.5) CVE-2021-31157
WordPress Plugin WP Image Zoom Denial of Service (1.23)
XML entity injection
XML external entity injection
XML external entity injection (variant)
XML external entity injection and XML injection
XML External Entity Injection via external file
XML external entity injection via File Upload
XML quadratic blowup denial of service attack