Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache 2.x version older than 2.0.48 CVE-2003-0542 CVE-2003-0789 CWE-119 CWE-119 Medium Apache 2.x version older than 2.0.49 CVE-2003-0020 CVE-2004-0113 CVE-2004-0174 CWE-20 CWE-20 Medium Apache 2.x version older than 2.0.61 CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-701 CWE-701 Medium Apache 2.x version older than 2.2.3 CVE-2006-3747 CWE-189 CWE-189 Medium Apache 2.x version older than 2.2.6 CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-20 CWE-20 Medium Apache 2.x version older than 2.2.8 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CWE-79 CWE-79 Medium Apache 2.x version older than 2.2.9 CVE-2007-6420 CVE-2008-2364 CWE-399 CWE-399 Medium Apache httpd remote denial of service CVE-2011-3192 CWE-399 CWE-399 Medium Apache mod_jk access control bypass CVE-2018-11759 CWE-918 CWE-918 Medium Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747 CWE-189 CWE-189 High Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496/CVE-2023-49070) CVE-2020-9496 CVE-2023-49070 CWE-502 CWE-502 High Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701 CWE-701 High Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050 CWE-701 CWE-701 High Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 CWE-264 CWE-264 High Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CWE-20 CWE-20 High Apache Tomcat version older than 7.0.23 CVE-2012-0022 CWE-189 CWE-189 High Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534 CWE-20 CWE-20 High Apache version older than 1.3.39 CVE-2006-5752 CVE-2007-3304 CWE-79 CWE-79 Medium Apache version older than 1.3.41 CVE-2007-6388 CWE-79 CWE-79 Medium Arbitrary File Deletion CWE-20 CWE-20 High Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296) CVE-2018-0296 CWE-22 CWE-22 High ColdFusion AMF Deserialization RCE CVE-2017-3066 CWE-502 CWE-502 High Deserialization of Untrusted Data (Java JSON Deserialization) Genson CWE-502 CWE-502 High Deserialization of Untrusted Data (Java JSON Deserialization) Jackson CVE-2017-7525 CWE-502 CWE-502 High Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 6.x Denial of Service (6.0 - 6.32) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.19) CVE-2013-0316 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.30) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10) CWE-400 CWE-400 High Drupal Core 8.8.0 Denial of Service (8.8.0) CWE-400 CWE-400 High Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18) CWE-400 CWE-400 High Edge Side Include injection CWE-918 CWE-918 High GeoServer SQLi (CVE-2023-25157) CVE-2023-25157 CWE-89 CWE-89 High GraphQL Alias Overloading Allowed: Potential Denial of Service Vulnerability CWE-400 CWE-400 Medium GraphQL Array-based Query Batching Allowed: Potential Batching Attack Vulnerability CWE-770 CWE-770 Medium GraphQL Circular-Query via Introspection Allowed: Potential DoS Vulnerability CWE-400 CWE-400 Medium JavaMelody XML External Entity (XXE) vulnerability CVE-2018-15531 CWE-611 CWE-611 High Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core Denial of Service (2.5.0 - 3.9.27) CVE-2021-26036 CWE-400 CWE-400 High Liferay TunnelServlet Deserialization Remote Code Execution CWE-502 CWE-502 High Long password denial of service CWE-400 CWE-400 High nginx range filter integer overflow CVE-2017-7529 CWE-200 CWE-200 Medium Node.js Web Application does not handle uncaughtException CWE-248 CWE-248 Medium Node.js Web Application does not handle unhandledRejection CWE-248 CWE-248 Medium Oracle Access Manager 'opensso' Deserialization RCE (CVE-2021-35587) CVE-2021-35587 CWE-502 CWE-502 High Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950 CVE-2020-2950 CWE-502 CWE-502 High Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616 CVE-2019-2616 CWE-611 CWE-611 High Oracle Weblogic T3 XXE (CVE-2019-2647) CVE-2019-2647 CWE-611 CWE-611 High Oracle Weblogic T3 XXE (CVE-2019-2888) CVE-2019-2888 CWE-611 CWE-611 High PHP-CGI remote code execution CVE-2012-1823 CVE-2012-2311 CWE-20 CWE-20 High PHP4 IMAP module buffer overflow vulnerability CWE-119 CWE-119 Medium PHP4 multiple vulnerabilities CVE-2003-0860 CVE-2003-0861 CWE-119 CWE-119 High PHP hangs on parsing particular strings as floating point number CVE-2010-4645 CWE-189 CWE-189 Medium PHP HTML entity encoder heap overflow vulnerability CVE-2006-5465 CWE-119 CWE-119 High PHP HTTP POST incorrect MIME header parsing vulnerability CVE-2002-0717 CWE-20 CWE-20 Medium PHP multipart/form-data denial of service CVE-2009-4017 CWE-400 CWE-400 Medium PHP object deserialization of user-supplied data CWE-20 CWE-20 Medium PHP preg_replace used on user input CWE-20 CWE-20 Medium PHP unserialize() used on user input CWE-20 CWE-20 Medium PHP version older than 4.3.8 CVE-2004-0594 CVE-2004-0595 CWE-1104 CWE-1104 Medium PHP version older than 5.2.1 CVE-2007-1376 CVE-2007-1380 CVE-2007-1453 CVE-2007-1454 CWE-1104 CWE-1104 High PHP version older than 5.2.3 CVE-2007-1900 CVE-2007-2756 CVE-2007-2872 CWE-1104 CWE-1104 High PHP version older than 5.2.5 CVE-2007-4840 CVE-2007-4887 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900 CWE-1104 CWE-1104 High PHP version older than 5.2.6 CVE-2007-4850 CVE-2008-0599 CVE-2008-0674 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051 CWE-1104 CWE-1104 High Python object deserialization of user-supplied data CWE-20 CWE-20 Medium Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface CVE-2020-2036 CWE-79 CWE-79 High SAP Hybris Deserialization RCE CVE-2019-0344 CWE-502 CWE-502 High Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed CWE-16 CWE-16 Low Web Cache Poisoning DoS CWE-400 CWE-400 Medium Web Cache Poisoning DoS (for javascript) CWE-400 CWE-400 Medium Web Cache Poisoning via Host Header CWE-44 CWE-44 High WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1) CWE-400 CWE-400 High WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4) CVE-2009-3622 CWE-310 CWE-310 High WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.1.x Denial of Service Vulnerability (4.1 - 4.1.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.8.x Denial of Service Vulnerability (4.8 - 4.8.5) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (0.70 - 3.6.1) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (3.5 - 3.6.1) CVE-2014-5265 CWE-399 CWE-399 High WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3) CVE-2007-0540 CWE-200 CWE-400 CWE-200 CWE-400 High WordPress Plugin Authenticator Denial of Service (1.3.0) CVE-2022-3994 CWE-400 CWE-400 High WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3) CWE-400 CWE-400 High WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1) CVE-2020-29384 CWE-400 CWE-400 High WordPress Plugin PS PHPCaptcha WP Denial of Service (1.1.0) CVE-2019-7412 CWE-400 CWE-400 High WordPress Plugin Reviews Plus Denial of Service (1.2.13) CVE-2021-24894 CWE-400 CWE-400 High WordPress Plugin Safe SVG Denial of Service (1.9.4) CVE-2019-18854 CVE-2019-18855 CWE-400 CWE-400 High WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114) CWE-400 CWE-400 High WordPress Plugin WPGraphQL Denial of Service (1.3.5) CVE-2021-31157 CWE-400 CWE-400 High WordPress Plugin WP Image Zoom Denial of Service (1.23) CWE-400 CWE-400 High XML entity injection CWE-611 CWE-611 High XML external entity injection CWE-611 CWE-611 High XML external entity injection (variant) CWE-611 CWE-611 High XML external entity injection and XML injection CWE-611 CWE-611 High XML External Entity Injection via external file CWE-611 CWE-611 High XML external entity injection via File Upload CWE-611 CWE-611 High XML quadratic blowup denial of service attack CWE-400 CWE-400 High
