Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747 CWE-189 CWE-189 High Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496/CVE-2023-49070) CVE-2020-9496 CVE-2023-49070 CWE-502 CWE-502 High Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701 CWE-701 High Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050 CWE-701 CWE-701 High Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 CWE-264 CWE-264 High Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CWE-20 CWE-20 High Apache Tomcat version older than 7.0.23 CVE-2012-0022 CWE-189 CWE-189 High Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534 CWE-20 CWE-20 High Arbitrary File Deletion CWE-20 CWE-20 High Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296) CVE-2018-0296 CWE-22 CWE-22 High ColdFusion AMF Deserialization RCE CVE-2017-3066 CWE-502 CWE-502 High Deserialization of Untrusted Data (Java JSON Deserialization) Genson CWE-502 CWE-502 High Deserialization of Untrusted Data (Java JSON Deserialization) Jackson CVE-2017-7525 CWE-502 CWE-502 High Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 6.x Denial of Service (6.0 - 6.32) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.19) CVE-2013-0316 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.30) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10) CWE-400 CWE-400 High Drupal Core 8.8.0 Denial of Service (8.8.0) CWE-400 CWE-400 High Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18) CWE-400 CWE-400 High Edge Side Include injection CWE-918 CWE-918 High GeoServer SQLi (CVE-2023-25157) CVE-2023-25157 CWE-89 CWE-89 High JavaMelody XML External Entity (XXE) vulnerability CVE-2018-15531 CWE-611 CWE-611 High Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core Denial of Service (2.5.0 - 3.9.27) CVE-2021-26036 CWE-400 CWE-400 High Liferay TunnelServlet Deserialization Remote Code Execution CWE-502 CWE-502 High Long password denial of service CWE-400 CWE-400 High Oracle Access Manager 'opensso' Deserialization RCE (CVE-2021-35587) CVE-2021-35587 CWE-502 CWE-502 High Oracle Business Intelligence AMF Deserialization RCE CVE-2020-2950 CVE-2020-2950 CWE-502 CWE-502 High Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616 CVE-2019-2616 CWE-611 CWE-611 High Oracle Weblogic T3 XXE (CVE-2019-2647) CVE-2019-2647 CWE-611 CWE-611 High Oracle Weblogic T3 XXE (CVE-2019-2888) CVE-2019-2888 CWE-611 CWE-611 High PHP-CGI remote code execution CVE-2012-1823 CVE-2012-2311 CWE-20 CWE-20 High PHP4 multiple vulnerabilities CVE-2003-0860 CVE-2003-0861 CWE-119 CWE-119 High PHP HTML entity encoder heap overflow vulnerability CVE-2006-5465 CWE-119 CWE-119 High PHP version older than 5.2.1 CVE-2007-1376 CVE-2007-1380 CVE-2007-1453 CVE-2007-1454 CWE-1104 CWE-1104 High PHP version older than 5.2.3 CVE-2007-1900 CVE-2007-2756 CVE-2007-2872 CWE-1104 CWE-1104 High PHP version older than 5.2.5 CVE-2007-4840 CVE-2007-4887 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900 CWE-1104 CWE-1104 High PHP version older than 5.2.6 CVE-2007-4850 CVE-2008-0599 CVE-2008-0674 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051 CWE-1104 CWE-1104 High Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface CVE-2020-2036 CWE-79 CWE-79 High SAP Hybris Deserialization RCE CVE-2019-0344 CWE-502 CWE-502 High Web Cache Poisoning via Host Header CWE-44 CWE-44 High WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1) CWE-400 CWE-400 High WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4) CVE-2009-3622 CWE-310 CWE-310 High WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.1.x Denial of Service Vulnerability (4.1 - 4.1.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.8.x Denial of Service Vulnerability (4.8 - 4.8.5) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (0.70 - 3.6.1) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (3.5 - 3.6.1) CVE-2014-5265 CWE-399 CWE-399 High WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3) CVE-2007-0540 CWE-200 CWE-400 CWE-200 CWE-400 High WordPress Plugin Authenticator Denial of Service (1.3.0) CVE-2022-3994 CWE-400 CWE-400 High WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3) CWE-400 CWE-400 High WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1) CVE-2020-29384 CWE-400 CWE-400 High WordPress Plugin PS PHPCaptcha WP Denial of Service (1.1.0) CVE-2019-7412 CWE-400 CWE-400 High WordPress Plugin Reviews Plus Denial of Service (1.2.13) CVE-2021-24894 CWE-400 CWE-400 High WordPress Plugin Safe SVG Denial of Service (1.9.4) CVE-2019-18854 CVE-2019-18855 CWE-400 CWE-400 High WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114) CWE-400 CWE-400 High WordPress Plugin WPGraphQL Denial of Service (1.3.5) CVE-2021-31157 CWE-400 CWE-400 High WordPress Plugin WP Image Zoom Denial of Service (1.23) CWE-400 CWE-400 High XML entity injection CWE-611 CWE-611 High XML external entity injection CWE-611 CWE-611 High XML external entity injection (variant) CWE-611 CWE-611 High XML external entity injection and XML injection CWE-611 CWE-611 High XML External Entity Injection via external file CWE-611 CWE-611 High XML external entity injection via File Upload CWE-611 CWE-611 High XML quadratic blowup denial of service attack CWE-400 CWE-400 High
