Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496/CVE-2023-49070) CVE-2020-9496 CVE-2023-49070 CWE-502 CWE-502 High Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701 CWE-701 High Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050 CWE-701 CWE-701 High Arbitrary File Deletion CWE-20 CWE-20 High Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296) CVE-2018-0296 CWE-22 CWE-22 High ColdFusion AMF Deserialization RCE CVE-2017-3066 CWE-502 CWE-502 High Deserialization of Untrusted Data (Java JSON Deserialization) Genson CWE-502 CWE-502 High Deserialization of Untrusted Data (Java JSON Deserialization) Jackson CVE-2017-7525 CWE-502 CWE-502 High Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 6.x Denial of Service (6.0 - 6.32) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.19) CVE-2013-0316 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.30) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10) CWE-400 CWE-400 High Drupal Core 8.8.0 Denial of Service (8.8.0) CWE-400 CWE-400 High Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18) CWE-400 CWE-400 High Edge Side Include injection CWE-918 CWE-918 High GeoServer SQLi (CVE-2023-25157) CVE-2023-25157 CWE-89 CWE-89 High JavaMelody XML External Entity (XXE) vulnerability CVE-2018-15531 CWE-611 CWE-611 High Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core Denial of Service (2.5.0 - 3.9.27) CVE-2021-26036 CWE-400 CWE-400 High Liferay TunnelServlet Deserialization Remote Code Execution CWE-502 CWE-502 High Long password denial of service CWE-400 CWE-400 High Oracle Access Manager 'opensso' Deserialization RCE (CVE-2021-35587) CVE-2021-35587 CWE-502 CWE-502 High Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950 CVE-2020-2950 CWE-502 CWE-502 High Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616 CVE-2019-2616 CWE-611 CWE-611 High Oracle Weblogic T3 XXE (CVE-2019-2647) CVE-2019-2647 CWE-611 CWE-611 High Oracle Weblogic T3 XXE (CVE-2019-2888) CVE-2019-2888 CWE-611 CWE-611 High PHP-CGI remote code execution CVE-2012-1823 CVE-2012-2311 CWE-20 CWE-20 High Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface CVE-2020-2036 CWE-79 CWE-79 High SAP Hybris Deserialization RCE CVE-2019-0344 CWE-502 CWE-502 High Web Cache Poisoning via Host Header CWE-44 CWE-44 High WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1) CWE-400 CWE-400 High WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4) CVE-2009-3622 High WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.1.x Denial of Service Vulnerability (4.1 - 4.1.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.8.x Denial of Service Vulnerability (4.8 - 4.8.5) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (0.70 - 3.6.1) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (3.5 - 3.6.1) CVE-2014-5265 CWE-399 CWE-399 High WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3) CVE-2007-0540 CWE-200 CWE-400 CWE-200 CWE-400 High WordPress Plugin Authenticator Denial of Service (1.3.0) CVE-2022-3994 CWE-400 CWE-400 High WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3) CWE-400 CWE-400 High WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1) CVE-2020-29384 CWE-400 CWE-400 High WordPress Plugin PS PHPCaptcha WP Denial of Service (1.1.0) CVE-2019-7412 CWE-400 CWE-400 High WordPress Plugin Reviews Plus Denial of Service (1.2.13) CVE-2021-24894 CWE-400 CWE-400 High WordPress Plugin Safe SVG Denial of Service (1.9.4) CVE-2019-18854 CVE-2019-18855 CWE-400 CWE-400 High WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114) CWE-400 CWE-400 High WordPress Plugin WPGraphQL Denial of Service (1.3.5) CVE-2021-31157 CWE-400 CWE-400 High WordPress Plugin WP Image Zoom Denial of Service (1.23) CWE-400 CWE-400 High XML entity injection CWE-611 CWE-611 High XML external entity injection CWE-611 CWE-611 High XML external entity injection (variant) CWE-611 CWE-611 High XML external entity injection and XML injection CWE-611 CWE-611 High XML External Entity Injection via external file CWE-611 CWE-611 High XML external entity injection via File Upload CWE-611 CWE-611 High XML quadratic blowup denial of service attack CWE-400 CWE-400 High
