| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20141)
|
CVE-2018-20141
CWE-707
|
CWE-707
|
Medium
|
|
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050)
|
CVE-2021-42050
CWE-707
|
CWE-707
|
Medium
|
|
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42051)
|
CVE-2021-42051
CWE-707
|
CWE-707
|
Medium
|
|
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10755)
|
CVE-2016-10755
CWE-138
|
CWE-138
|
High
|
|
AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521)
|
CVE-2022-26521
CWE-434
|
CWE-434
|
High
|
|
Adminer 4.6.2 file disclosure vulnerability
|
CWE-22
|
CWE-22
|
High
|
|
Adobe Coldfusion 8 multiple linked XSS vulnerabilies
|
CVE-2009-1872
CWE-79
|
CWE-79
|
High
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-47828)
|
CVE-2024-47828
CWE-352
|
CWE-352
|
Medium
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51484)
|
CVE-2024-51484
CWE-352
|
CWE-352
|
High
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51485)
|
CVE-2024-51485
CWE-352
|
CWE-352
|
High
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51487)
|
CVE-2024-51487
CWE-352
|
CWE-352
|
High
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51488)
|
CVE-2024-51488
CWE-352
|
CWE-352
|
Medium
|
|
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51489)
|
CVE-2024-51489
CWE-352
|
CWE-352
|
Medium
|
|
Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)
|
CVE-2017-18375
CWE-502
|
CWE-502
|
High
|
|
Ampache Improper Access Control Vulnerability (CVE-2021-21399)
|
CVE-2021-21399
CWE-284
|
CWE-284
|
High
|
|
Ampache Improper Authentication Vulnerability (CVE-2007-4438)
|
CVE-2007-4438
CWE-287
|
CWE-287
|
Medium
|
|
Ampache Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3929)
|
CVE-2008-3929
CWE-59
|
CWE-59
|
High
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12386)
|
CVE-2019-12386
CWE-707
|
CWE-707
|
Medium
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32644)
|
CVE-2021-32644
CWE-707
|
CWE-707
|
Medium
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0606)
|
CVE-2023-0606
CWE-707
|
CWE-707
|
Medium
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28852)
|
CVE-2024-28852
CWE-707
|
CWE-707
|
Medium
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28853)
|
CVE-2024-28853
CWE-707
|
CWE-707
|
Medium
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41665)
|
CVE-2024-41665
CWE-707
|
CWE-707
|
Medium
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-47184)
|
CVE-2024-47184
CWE-707
|
CWE-707
|
Medium
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51486)
|
CVE-2024-51486
CWE-707
|
CWE-707
|
High
|
|
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51490)
|
CVE-2024-51490
CWE-707
|
CWE-707
|
Critical
|
|
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12385)
|
CVE-2019-12385
CWE-138
|
CWE-138
|
High
|
|
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153)
|
CVE-2020-15153
CWE-138
|
CWE-138
|
Critical
|
|
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771)
|
CVE-2023-0771
CWE-138
|
CWE-138
|
High
|
|
Ampache Other Vulnerability (CVE-2006-5668)
|
CVE-2006-5668
|
|
High
|
|
Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665)
|
CVE-2022-4665
CWE-434
|
CWE-434
|
High
|
|
Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4231)
|
CVE-2021-4231
CWE-707
|
CWE-707
|
Medium
|
|
Angular Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
|
CVE-2024-21490
CWE-1333
|
CWE-1333
|
High
|
|
AngularJS Improper Input Validation Vulnerability (CVE-2019-10768)
|
CVE-2019-10768
CWE-20
|
CWE-20
|
High
|
|
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14863)
|
CVE-2019-14863
CWE-707
|
CWE-707
|
Medium
|
|
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7676)
|
CVE-2020-7676
CWE-707
|
CWE-707
|
Medium
|
|
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25869)
|
CVE-2022-25869
CWE-707
|
CWE-707
|
Medium
|
|
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25844)
|
CVE-2022-25844
CWE-1333
|
CWE-1333
|
High
|
|
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26116)
|
CVE-2023-26116
CWE-1333
|
CWE-1333
|
Medium
|
|
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26117)
|
CVE-2023-26117
CWE-1333
|
CWE-1333
|
Medium
|
|
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26118)
|
CVE-2023-26118
CWE-1333
|
CWE-1333
|
Medium
|
|
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
|
CVE-2024-21490
CWE-1333
|
CWE-1333
|
High
|
|
AngularJS Other Vulnerability (CVE-2024-8372)
|
CVE-2024-8372
|
|
Medium
|
|
AngularJS Other Vulnerability (CVE-2024-8373)
|
CVE-2024-8373
|
|
Medium
|
|
Apache 2.2.14 mod_isapi Dangling Pointer
|
CVE-2010-0425
CWE-20
|
CWE-20
|
High
|
|
Apache 2.x version equal to 2.0.51
|
CVE-2004-0811
CWE-264
|
CWE-264
|
Medium
|
|
Apache 2.x version older than 2.0.43
|
CVE-2002-0840
CVE-2002-1156
CWE-538
|
CWE-538
|
Medium
|
|
Apache 2.x version older than 2.0.45
|
CVE-2003-0132
CWE-400
|
CWE-400
|
Medium
|
|
Apache 2.x version older than 2.0.46
|
CVE-2003-0083
CVE-2003-0134
CVE-2003-0189
CVE-2003-0245
CWE-20
|
CWE-20
|
Medium
|
|
Apache 2.x version older than 2.0.47
|
CVE-2003-0192
CVE-2003-0253
CVE-2003-0254
CWE-20
|
CWE-20
|
Medium
|
|
Apache 2.x version older than 2.0.48
|
CVE-2003-0542
CVE-2003-0789
CWE-119
|
CWE-119
|
Medium
|
|
Apache 2.x version older than 2.0.49
|
CVE-2003-0020
CVE-2004-0113
CVE-2004-0174
CWE-20
|
CWE-20
|
Medium
|
|
Apache 2.x version older than 2.0.51
|
CVE-2004-0747
CVE-2004-0748
CVE-2004-0751
CVE-2004-0786
CVE-2004-0809
CWE-119
|
CWE-119
|
Medium
|
|
Apache 2.x version older than 2.0.55
|
CVE-2005-1268
CVE-2005-2088
CVE-2005-2491
CVE-2005-2700
CVE-2005-2728
CVE-2005-2970
CWE-119
|
CWE-119
|
Medium
|
|
Apache 2.x version older than 2.0.61
|
CVE-2006-5752
CVE-2007-1863
CVE-2007-3304
CVE-2007-3847
CWE-701
|
CWE-701
|
Medium
|
|
Apache 2.x version older than 2.0.63
|
CVE-2007-5000
CVE-2007-6388
CVE-2008-0005
CWE-79
|
CWE-79
|
Medium
|
|
Apache 2.x version older than 2.2.3
|
CVE-2006-3747
CWE-189
|
CWE-189
|
Medium
|
|
Apache 2.x version older than 2.2.6
|
CVE-2006-5752
CVE-2007-1862
CVE-2007-1863
CVE-2007-3304
CVE-2007-3847
CWE-20
|
CWE-20
|
Medium
|
|
Apache 2.x version older than 2.2.8
|
CVE-2007-5000
CVE-2007-6388
CVE-2007-6421
CVE-2007-6422
CVE-2008-0005
CWE-79
|
CWE-79
|
Medium
|
|
Apache 2.x version older than 2.2.9
|
CVE-2007-6420
CVE-2008-2364
CWE-399
|
CWE-399
|
Medium
|
|
Apache 2.x version older than 2.2.10
|
CVE-2008-2939
CVE-2010-2791
CWE-79
|
CWE-79
|
Low
|
|
Apache Denial of service in mod_lua r:parsebody Vulnerability (CVE-2022-29404)
|
CVE-2022-29404
|
|
Medium
|
|
Apache error log escape sequence injection vulnerability
|
CVE-2003-0020
CWE-20
|
CWE-20
|
Medium
|
|
Apache httpd remote denial of service
|
CVE-2011-3192
CWE-399
|
CWE-399
|
Medium
|
|
Apache httpOnly cookie disclosure
|
CVE-2012-0053
CWE-264
|
CWE-264
|
Medium
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2005-2970)
|
CVE-2005-2970
CWE-770
|
CWE-770
|
Medium
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2008-2364)
|
CVE-2008-2364
CWE-770
|
CWE-770
|
Medium
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2011-0419)
|
CVE-2011-0419
CWE-770
|
CWE-770
|
Medium
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
|
CVE-2019-9517
CWE-770
|
CWE-770
|
High
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-30522)
|
CVE-2022-30522
CWE-770
|
CWE-770
|
High
|
|
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-27316)
|
CVE-2024-27316
CWE-770
|
CWE-770
|
High
|
|
Apache HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-11984)
|
CVE-2020-11984
CWE-120
|
CWE-120
|
Critical
|
|
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2007-1741)
|
CVE-2007-1741
CWE-362
|
CWE-362
|
Medium
|
|
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0226)
|
CVE-2014-0226
CWE-362
|
CWE-362
|
Medium
|
|
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-0217)
|
CVE-2019-0217
CWE-362
|
CWE-362
|
High
|
|
Apache HTTP Server Configuration Vulnerability (CVE-2009-1195)
|
CVE-2009-1195
|
|
Medium
|
|
Apache HTTP Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6420)
|
CVE-2007-6420
CWE-352
|
CWE-352
|
Medium
|
|
Apache HTTP Server Cryptographic Issues Vulnerability (CVE-2009-3555)
|
CVE-2009-3555
|
|
Medium
|
|
Apache HTTP Server Cryptographic Issues Vulnerability (CVE-2016-0736)
|
CVE-2016-0736
|
|
High
|
|
Apache HTTP Server CVE-1999-0070 Vulnerability (CVE-1999-0070)
|
CVE-1999-0070
|
|
Medium
|
|
Apache HTTP Server CVE-2002-0392 Vulnerability (CVE-2002-0392)
|
CVE-2002-0392
|
|
High
|
|
Apache HTTP Server CVE-2002-0839 Vulnerability (CVE-2002-0839)
|
CVE-2002-0839
|
|
High
|
|
Apache HTTP Server CVE-2003-0789 Vulnerability (CVE-2003-0789)
|
CVE-2003-0789
|
|
Critical
|
|
Apache HTTP Server CVE-2004-0751 Vulnerability (CVE-2004-0751)
|
CVE-2004-0751
|
|
Medium
|
|
Apache HTTP Server CVE-2004-0786 Vulnerability (CVE-2004-0786)
|
CVE-2004-0786
|
|
Medium
|
|
Apache HTTP Server CVE-2004-0809 Vulnerability (CVE-2004-0809)
|
CVE-2004-0809
|
|
Medium
|
|
Apache HTTP Server CVE-2005-2700 Vulnerability (CVE-2005-2700)
|
CVE-2005-2700
|
|
Critical
|
|
Apache HTTP Server CVE-2007-3304 Vulnerability (CVE-2007-3304)
|
CVE-2007-3304
|
|
Medium
|
|
Apache HTTP Server CVE-2009-1191 Vulnerability (CVE-2009-1191)
|
CVE-2009-1191
|
|
Medium
|
|
Apache HTTP Server CVE-2009-3720 Vulnerability (CVE-2009-3720)
|
CVE-2009-3720
|
|
Medium
|
|
Apache HTTP Server CVE-2010-0425 Vulnerability (CVE-2010-0425)
|
CVE-2010-0425
|
|
Critical
|
|
Apache HTTP Server CVE-2012-0031 Vulnerability (CVE-2012-0031)
|
CVE-2012-0031
|
|
Medium
|
|
Apache HTTP Server CVE-2012-0053 Vulnerability (CVE-2012-0053)
|
CVE-2012-0053
|
|
Medium
|
|
Apache HTTP Server CVE-2012-0883 Vulnerability (CVE-2012-0883)
|
CVE-2012-0883
|
|
Medium
|
|
Apache HTTP Server CVE-2013-1862 Vulnerability (CVE-2013-1862)
|
CVE-2013-1862
|
|
Medium
|
|
Apache HTTP Server CVE-2013-1896 Vulnerability (CVE-2013-1896)
|
CVE-2013-1896
|
|
Medium
|
|
Apache HTTP Server CVE-2013-2249 Vulnerability (CVE-2013-2249)
|
CVE-2013-2249
|
|
High
|
|
Apache HTTP Server CVE-2013-5704 Vulnerability (CVE-2013-5704)
|
CVE-2013-5704
|
|
Medium
|
|
Apache HTTP Server CVE-2013-6438 Vulnerability (CVE-2013-6438)
|
CVE-2013-6438
|
|
Medium
|
|
Apache HTTP Server CVE-2014-0098 Vulnerability (CVE-2014-0098)
|
CVE-2014-0098
|
|
Medium
|
|
Apache HTTP Server CVE-2016-5387 Vulnerability (CVE-2016-5387)
|
CVE-2016-5387
|
|
High
|
|
Apache HTTP Server CVE-2016-8743 Vulnerability (CVE-2016-8743)
|
CVE-2016-8743
|
|
High
|
|
Apache HTTP Server CVE-2018-1283 Vulnerability (CVE-2018-1283)
|
CVE-2018-1283
|
|
Medium
|
|
Apache HTTP Server CVE-2018-11763 Vulnerability (CVE-2018-11763)
|
CVE-2018-11763
|
|
Medium
|
|
Apache HTTP Server CVE-2019-0190 Vulnerability (CVE-2019-0190)
|
CVE-2019-0190
|
|
High
|
|
Apache HTTP Server CVE-2019-0215 Vulnerability (CVE-2019-0215)
|
CVE-2019-0215
|
|
High
|
|
Apache HTTP Server CVE-2024-38476 Vulnerability (CVE-2024-38476)
|
CVE-2024-38476
|
|
Critical
|
|
Apache HTTP Server CVE-2024-40725 Vulnerability (CVE-2024-40725)
|
CVE-2024-40725
|
|
Medium
|
|
Apache HTTP Server DEPRECATED: Code Vulnerability (CVE-2015-3183)
|
CVE-2015-3183
|
|
Medium
|
|
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2003-1418)
|
CVE-2003-1418
CWE-200
|
CWE-200
|
Medium
|
|
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-6514)
|
CVE-2007-6514
CWE-200
|
CWE-200
|
Medium
|
|
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0434)
|
CVE-2010-0434
CWE-200
|
CWE-200
|
Medium
|
|
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2068)
|
CVE-2010-2068
CWE-200
|
CWE-200
|
Medium
|
|
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2791)
|
CVE-2010-2791
CWE-200
|
CWE-200
|
Medium
|
|
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3502)
|
CVE-2012-3502
CWE-200
|
CWE-200
|
Medium
|
|
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-30556)
|
CVE-2022-30556
CWE-200
|
CWE-200
|
High
|
|
Apache HTTP Server Improper Access Control Vulnerability (CVE-2016-4979)
|
CVE-2016-4979
CWE-284
|
CWE-284
|
High
|
|
Apache HTTP Server Improper Authentication Vulnerability (CVE-2017-3167)
|
CVE-2017-3167
CWE-287
|
CWE-287
|
Critical
|
|
Apache HTTP Server Improper Authentication Vulnerability (CVE-2018-1312)
|
CVE-2018-1312
CWE-287
|
CWE-287
|
Critical
|
|
Apache HTTP Server Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-3303)
|
CVE-2007-3303
CWE-94
|
CWE-94
|
Medium
|
|
Apache HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2024-38474)
|
CVE-2024-38474
CWE-116
|
CWE-116
|
Critical
|
|
Apache HTTP Server Improper Handling of Case Sensitivity Vulnerability (CVE-2001-0766)
|
CVE-2001-0766
CWE-178
|
CWE-178
|
Critical
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-3368)
|
CVE-2011-3368
CWE-20
|
CWE-20
|
Medium
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-3639)
|
CVE-2011-3639
CWE-20
|
CWE-20
|
Medium
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-4317)
|
CVE-2011-4317
CWE-20
|
CWE-20
|
Medium
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-4415)
|
CVE-2011-4415
CWE-20
|
CWE-20
|
Low
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2012-0021)
|
CVE-2012-0021
CWE-20
|
CWE-20
|
Low
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2014-0117)
|
CVE-2014-0117
CWE-20
|
CWE-20
|
Medium
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2015-0228)
|
CVE-2015-0228
CWE-20
|
CWE-20
|
Medium
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2016-2161)
|
CVE-2016-2161
CWE-20
|
CWE-20
|
High
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2016-8612)
|
CVE-2016-8612
CWE-20
|
CWE-20
|
Medium
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-9788)
|
CVE-2017-9788
CWE-20
|
CWE-20
|
Critical
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-12171)
|
CVE-2017-12171
CWE-20
|
CWE-20
|
Medium
|
|
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-15715)
|
CVE-2017-15715
CWE-20
|
CWE-20
|
High
|
|
Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2001-0925)
|
CVE-2001-0925
CWE-22
|
CWE-22
|
Medium
|
|
Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-41773)
|
CVE-2021-41773
CWE-22
|
CWE-22
|
High
|
|
Apache HTTP Server Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2001-0131)
|
CVE-2001-0131
CWE-59
|
CWE-59
|
Low
|
|
Apache HTTP Server Improper Locking Vulnerability (CVE-2002-1850)
|
CVE-2002-1850
CWE-667
|
CWE-667
|
High
|
|
Apache HTTP Server Improper Locking Vulnerability (CVE-2004-0174)
|
CVE-2004-0174
CWE-667
|
CWE-667
|
High
|
|
Apache HTTP Server Improper Locking Vulnerability (CVE-2009-2699)
|
CVE-2009-2699
CWE-667
|
CWE-667
|
High
|
|
Apache HTTP Server Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2016-4975)
|
CVE-2016-4975
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2000-1205)
|
CVE-2000-1205
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2003-1581)
|
CVE-2003-1581
CWE-707
|
CWE-707
|
Low
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2005-3352)
|
CVE-2005-3352
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-3918)
|
CVE-2006-3918
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-4465)
|
CVE-2007-4465
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5000)
|
CVE-2007-5000
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6203)
|
CVE-2007-6203
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6388)
|
CVE-2007-6388
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6421)
|
CVE-2007-6421
CWE-707
|
CWE-707
|
Low
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0005)
|
CVE-2008-0005
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0455)
|
CVE-2008-0455
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2168)
|
CVE-2008-2168
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2939)
|
CVE-2008-2939
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2687)
|
CVE-2012-2687
CWE-707
|
CWE-707
|
Low
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3499)
|
CVE-2012-3499
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4558)
|
CVE-2012-4558
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10092)
|
CVE-2019-10092
CWE-707
|
CWE-707
|
Medium
|
|
Apache HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2008-0456)
|
CVE-2008-0456
CWE-138
|
CWE-138
|
Low
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2002-2272)
|
CVE-2002-2272
CWE-119
|
CWE-119
|
High
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0542)
|
CVE-2003-0542
CWE-119
|
CWE-119
|
High
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-0023)
|
CVE-2009-0023
CWE-119
|
CWE-119
|
Medium
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-3560)
|
CVE-2009-3560
CWE-119
|
CWE-119
|
Medium
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-1623)
|
CVE-2010-1623
CWE-119
|
CWE-119
|
Medium
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-1181)
|
CVE-2012-1181
CWE-119
|
CWE-119
|
Medium
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3583)
|
CVE-2014-3583
CWE-119
|
CWE-119
|
Medium
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-7679)
|
CVE-2017-7679
CWE-119
|
CWE-119
|
Critical
|
|
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-1301)
|
CVE-2018-1301
CWE-119
|
CWE-119
|
Medium
|
|
Apache HTTP Server Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2009-1955)
|
CVE-2009-1955
CWE-776
|
CWE-776
|
High
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2005-2088)
|
CVE-2005-2088
|
|
Medium
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-36760)
|
CVE-2022-36760
|
|
Critical
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-25690)
|
CVE-2023-25690
|
|
Critical
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27522)
|
CVE-2023-27522
|
|
High
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-0197)
|
CVE-2019-0197
CWE-444
|
CWE-444
|
Medium
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17567)
|
CVE-2019-17567
CWE-444
|
CWE-444
|
Medium
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-9490)
|
CVE-2020-9490
CWE-444
|
CWE-444
|
High
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11993)
|
CVE-2020-11993
CWE-444
|
CWE-444
|
High
|
|
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-26377)
|
CVE-2022-26377
CWE-444
|
CWE-444
|
High
|
|
Apache HTTP Server Incorrect Authorization Vulnerability (CVE-2014-8109)
|
CVE-2014-8109
CWE-863
|
CWE-863
|
Medium
|
|
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0747)
|
CVE-2004-0747
CWE-131
|
CWE-131
|
High
|
|
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0940)
|
CVE-2004-0940
CWE-131
|
CWE-131
|
High
|
|
Apache HTTP Server Insertion of Sensitive Information into Log File Vulnerability (CVE-2001-1556)
|
CVE-2001-1556
CWE-532
|
CWE-532
|
Medium
|
|
Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-11985)
|
CVE-2020-11985
CWE-345
|
CWE-345
|
Medium
|
|
Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2022-31813)
|
CVE-2022-31813
CWE-345
|
CWE-345
|
Critical
|
|
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)
|
CVE-2022-22721
CWE-190
|
CWE-190
|
Critical
|
|
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-28615)
|
CVE-2022-28615
CWE-190
|
CWE-190
|
Critical
|
|
Apache HTTP Server Interpretation Conflict Vulnerability (CVE-2022-37436)
|
CVE-2022-37436
CWE-436
|
CWE-436
|
Medium
|
|
Apache HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2004-0748)
|
CVE-2004-0748
CWE-835
|
CWE-835
|
Medium
|
|
Apache HTTP Server Missing Authorization Vulnerability (CVE-2020-13938)
|
CVE-2020-13938
CWE-862
|
CWE-862
|
Medium
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2009-3094)
|
CVE-2009-3094
CWE-476
|
CWE-476
|
Low
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2014-3581)
|
CVE-2014-3581
CWE-476
|
CWE-476
|
Medium
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169)
|
CVE-2017-3169
CWE-476
|
CWE-476
|
Critical
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-7659)
|
CVE-2017-7659
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-1302)
|
CVE-2018-1302
CWE-476
|
CWE-476
|
Medium
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-8011)
|
CVE-2018-8011
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-13950)
|
CVE-2020-13950
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-26690)
|
CVE-2021-26690
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-31618)
|
CVE-2021-31618
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-41524)
|
CVE-2021-41524
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2023-28625)
|
CVE-2023-28625
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)
|
CVE-2024-38477
CWE-476
|
CWE-476
|
High
|
|
Apache HTTP Server Numeric Errors Vulnerability (CVE-2003-1580)
|
CVE-2003-1580
|
|
Medium
|
|
Apache HTTP Server Numeric Errors Vulnerability (CVE-2006-3747)
|
CVE-2006-3747
|
|
High
|
|
Apache HTTP Server Numeric Errors Vulnerability (CVE-2009-1956)
|
CVE-2009-1956
|
|
Medium
|
|
Apache HTTP Server Numeric Errors Vulnerability (CVE-2010-0010)
|
CVE-2010-0010
|
|
Medium
|
|
Apache HTTP Server Numeric Errors Vulnerability (CVE-2011-3607)
|
CVE-2011-3607
|
|
Medium
|
|
Apache HTTP Server Off-by-one Error Vulnerability (CVE-2005-1268)
|
CVE-2005-1268
CWE-193
|
CWE-193
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-0045)
|
CVE-1999-0045
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-0067)
|
CVE-1999-0067
|
|
Critical
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-0071)
|
CVE-1999-0071
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-0107)
|
CVE-1999-0107
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-0926)
|
CVE-1999-0926
|
|
Critical
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-1053)
|
CVE-1999-1053
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-1199)
|
CVE-1999-1199
|
|
Critical
|
|
Apache HTTP Server Other Vulnerability (CVE-1999-1293)
|
CVE-1999-1293
|
|
Critical
|
|
Apache HTTP Server Other Vulnerability (CVE-2000-0505)
|
CVE-2000-0505
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2000-0868)
|
CVE-2000-0868
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2000-0869)
|
CVE-2000-0869
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2000-0913)
|
CVE-2000-0913
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2000-1204)
|
CVE-2000-1204
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2000-1206)
|
CVE-2000-1206
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2001-0042)
|
CVE-2001-0042
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2001-0729)
|
CVE-2001-0729
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2001-0730)
|
CVE-2001-0730
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2001-0731)
|
CVE-2001-0731
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2001-1072)
|
CVE-2001-1072
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2001-1342)
|
CVE-2001-1342
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2001-1449)
|
CVE-2001-1449
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0061)
|
CVE-2002-0061
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0257)
|
CVE-2002-0257
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0654)
|
CVE-2002-0654
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0661)
|
CVE-2002-0661
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0840)
|
CVE-2002-0840
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-0843)
|
CVE-2002-0843
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-1156)
|
CVE-2002-1156
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-1233)
|
CVE-2002-1233
|
|
Low
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-1592)
|
CVE-2002-1592
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-1593)
|
CVE-2002-1593
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-1658)
|
CVE-2002-1658
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-2012)
|
CVE-2002-2012
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-2029)
|
CVE-2002-2029
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2002-2103)
|
CVE-2002-2103
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0016)
|
CVE-2003-0016
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0017)
|
CVE-2003-0017
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0020)
|
CVE-2003-0020
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0083)
|
CVE-2003-0083
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0132)
|
CVE-2003-0132
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0134)
|
CVE-2003-0134
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0189)
|
CVE-2003-0189
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0192)
|
CVE-2003-0192
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0245)
|
CVE-2003-0245
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0253)
|
CVE-2003-0253
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0254)
|
CVE-2003-0254
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0460)
|
CVE-2003-0460
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0987)
|
CVE-2003-0987
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-0993)
|
CVE-2003-0993
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2003-1307)
|
CVE-2003-1307
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0113)
|
CVE-2004-0113
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0173)
|
CVE-2004-0173
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0263)
|
CVE-2004-0263
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0492)
|
CVE-2004-0492
|
|
Critical
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0493)
|
CVE-2004-0493
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0811)
|
CVE-2004-0811
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0885)
|
CVE-2004-0885
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-0942)
|
CVE-2004-0942
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-1082)
|
CVE-2004-1082
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-1387)
|
CVE-2004-1387
|
|
Low
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-1834)
|
CVE-2004-1834
|
|
Low
|
|
Apache HTTP Server Other Vulnerability (CVE-2004-2343)
|
CVE-2004-2343
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2005-1344)
|
CVE-2005-1344
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2005-2728)
|
CVE-2005-2728
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2006-4110)
|
CVE-2006-4110
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2006-4154)
|
CVE-2006-4154
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2006-5752)
|
CVE-2006-5752
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2007-1742)
|
CVE-2007-1742
|
|
Low
|
|
Apache HTTP Server Other Vulnerability (CVE-2007-1743)
|
CVE-2007-1743
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2007-1862)
|
CVE-2007-1862
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2007-1863)
|
CVE-2007-1863
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2009-3095)
|
CVE-2009-3095
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2010-0408)
|
CVE-2010-0408
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2010-1452)
|
CVE-2010-1452
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2013-4352)
|
CVE-2013-4352
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2015-0253)
|
CVE-2015-0253
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2021-30641)
|
CVE-2021-30641
|
|
Medium
|
|
Apache HTTP Server Other Vulnerability (CVE-2021-33193)
|
CVE-2021-33193
|
|
High
|
|
Apache HTTP Server Other Vulnerability (CVE-2021-42013)
|
CVE-2021-42013
|
|
Critical
|
|
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2007-3847)
|
CVE-2007-3847
CWE-125
|
CWE-125
|
Medium
|
|
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2017-7668)
|
CVE-2017-7668
CWE-125
|
CWE-125
|
High
|
|
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2018-1303)
|
CVE-2018-1303
CWE-125
|
CWE-125
|
High
|
|
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2023-31122)
|
CVE-2023-31122
CWE-125
|
CWE-125
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2004-0488)
|
CVE-2004-0488
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2006-20001)
|
CVE-2006-20001
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2017-15710)
|
CVE-2017-15710
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10081)
|
CVE-2019-10081
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10097)
|
CVE-2019-10097
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2020-35452)
|
CVE-2020-35452
CWE-787
|
CWE-787
|
High
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-26691)
|
CVE-2021-26691
CWE-787
|
CWE-787
|
Critical
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-39275)
|
CVE-2021-39275
CWE-787
|
CWE-787
|
Critical
|
|
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943)
|
CVE-2022-23943
CWE-787
|
CWE-787
|
Critical
|
|
Apache HTTP Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3185)
|
CVE-2015-3185
CWE-264
|
CWE-264
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2005-3357)
|
CVE-2005-3357
|
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2007-6422)
|
CVE-2007-6422
|
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2007-6423)
|
CVE-2007-6423
|
|
High
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2007-6750)
|
CVE-2007-6750
|
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2011-1928)
|
CVE-2011-1928
|
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2012-4557)
|
CVE-2012-4557
|
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2014-0231)
|
CVE-2014-0231
|
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2014-3523)
|
CVE-2014-3523
|
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2016-1546)
|
CVE-2016-1546
|
|
Medium
|
|
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2016-8740)
|
CVE-2016-8740
|
|
High
|
|
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
|
CVE-2021-40438
CWE-918
|
CWE-918
|
Critical
|
|
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40898)
|
CVE-2024-40898
CWE-918
|
CWE-918
|
High
|
|
Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)
|
CVE-2001-1534
CWE-384
|
CWE-384
|
Low
|
|
Apache HTTP Server Session Fixation Vulnerability (CVE-2018-17199)
|
CVE-2018-17199
CWE-384
|
CWE-384
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1890)
|
CVE-2009-1890
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1891)
|
CVE-2009-1891
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3192)
|
CVE-2011-3192
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3348)
|
CVE-2011-3348
CWE-400
|
CWE-400
|
Medium
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2014-0118)
|
CVE-2014-0118
CWE-400
|
CWE-400
|
Medium
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-1333)
|
CVE-2018-1333
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-17189)
|
CVE-2018-17189
CWE-400
|
CWE-400
|
Medium
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-43622)
|
CVE-2023-43622
CWE-400
|
CWE-400
|
High
|
|
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-45802)
|
CVE-2023-45802
CWE-400
|
CWE-400
|
Medium
|
|
Apache HTTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-10098)
|
CVE-2019-10098
CWE-601
|
CWE-601
|
Medium
|
|
Apache HTTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1927)
|
CVE-2020-1927
CWE-601
|
CWE-601
|
Medium
|
|
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9789)
|
CVE-2017-9789
CWE-416
|
CWE-416
|
High
|
|
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9798)
|
CVE-2017-9798
CWE-416
|
CWE-416
|
High
|
|
Apache HTTP Server Use After Free Vulnerability (CVE-2019-0196)
|
CVE-2019-0196
CWE-416
|
CWE-416
|
Medium
|
|
Apache HTTP Server Use After Free Vulnerability (CVE-2019-0211)
|
CVE-2019-0211
CWE-416
|
CWE-416
|
High
|
|
Apache HTTP Server Use After Free Vulnerability (CVE-2019-10082)
|
CVE-2019-10082
CWE-416
|
CWE-416
|
Critical
|
|
Apache HTTP Server Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-0220)
|
CVE-2019-0220
CWE-706
|
CWE-706
|
Medium
|
|
Apache HTTP Server Use of Uninitialized Resource Vulnerability (CVE-2020-1934)
|
CVE-2020-1934
CWE-908
|
CWE-908
|
Medium
|
|
Apache mod_rewrite off-by-one buffer overflow vulnerability
|
CVE-2006-3747
CWE-189
|
CWE-189
|
High
|
|
Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330)
|
CVE-2022-28330
|
|
Medium
|
|
Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614)
|
CVE-2022-28614
|
|
Medium
|
|
Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)
|
CVE-2016-8745
|
|
High
|
|
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493)
|
CVE-2002-0493
|
|
High
|
|
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9634)
|
CVE-2014-9634
|
|
Medium
|
|
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635)
|
CVE-2014-9635
|
|
Medium
|
|
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286)
|
CVE-2024-38286
CWE-770
|
CWE-770
|
High
|
|
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037)
|
CVE-2018-8037
CWE-362
|
CWE-362
|
Medium
|
|
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-43980)
|
CVE-2021-43980
CWE-362
|
CWE-362
|
Low
|
|
Apache Tomcat Configuration Vulnerability (CVE-2008-0128)
|
CVE-2008-0128
|
|
Medium
|
|
Apache Tomcat Configuration Vulnerability (CVE-2010-4312)
|
CVE-2010-4312
|
|
Medium
|
|
Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)
|
CVE-2009-3548
|
|
High
|
|
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-4724)
|
CVE-2007-4724
CWE-352
|
CWE-352
|
Medium
|
|
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-6357)
|
CVE-2013-6357
CWE-352
|
CWE-352
|
Medium
|
|
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351)
|
CVE-2015-5351
CWE-352
|
CWE-352
|
High
|
|
Apache Tomcat Cryptographic Issues Vulnerability (CVE-2011-5064)
|
CVE-2011-5064
|
|
Medium
|
|
Apache Tomcat CVE-2012-5568 Vulnerability (CVE-2012-5568)
|
CVE-2012-5568
|
|
Medium
|
|
Apache Tomcat CVE-2016-6794 Vulnerability (CVE-2016-6794)
|
CVE-2016-6794
|
|
Medium
|
|
Apache Tomcat CVE-2016-8735 Vulnerability (CVE-2016-8735)
|
CVE-2016-8735
|
|
Critical
|
|
Apache Tomcat CVE-2017-5651 Vulnerability (CVE-2017-5651)
|
CVE-2017-5651
|
|
Critical
|
|
Apache Tomcat CVE-2018-1304 Vulnerability (CVE-2018-1304)
|
CVE-2018-1304
|
|
Medium
|
|
Apache Tomcat CVE-2018-1305 Vulnerability (CVE-2018-1305)
|
CVE-2018-1305
|
|
Medium
|
|
Apache Tomcat CVE-2019-2684 Vulnerability (CVE-2019-2684)
|
CVE-2019-2684
|
|
Medium
|
|
Apache Tomcat CVE-2020-0822 Vulnerability (CVE-2020-0822)
|
CVE-2020-0822
|
|
High
|
|
Apache Tomcat CVE-2020-13943 Vulnerability (CVE-2020-13943)
|
CVE-2020-13943
|
|
Medium
|
|
Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)
|
CVE-2022-29885
|
|
High
|
|
Apache Tomcat CVE-2023-34981 Vulnerability (CVE-2023-34981)
|
CVE-2023-34981
|
|
High
|
|
Apache Tomcat CVE-2023-44487 Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
|
|
High
|
|
Apache Tomcat Data Processing Errors Vulnerability (CVE-2014-0227)
|
CVE-2014-0227
|
|
Medium
|
|
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2020-9484)
|
CVE-2020-9484
CWE-502
|
CWE-502
|
High
|
|
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329)
|
CVE-2021-25329
CWE-502
|
CWE-502
|
High
|
|
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2025-24813)
|
CVE-2025-24813
CWE-502
|
CWE-502
|
Critical
|
|
Apache Tomcat directory host Appbase authentication bypass vulnerability
|
CVE-2009-2901
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-5648)
|
CVE-2017-5648
CWE-668
|
CWE-668
|
Critical
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-3164)
|
CVE-2005-3164
CWE-200
|
CWE-200
|
Low
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4836)
|
CVE-2005-4836
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-3382)
|
CVE-2007-3382
CWE-200
|
CWE-200
|
Medium
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-3385)
|
CVE-2007-3385
CWE-200
|
CWE-200
|
Medium
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5333)
|
CVE-2007-5333
CWE-200
|
CWE-200
|
Medium
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4308)
|
CVE-2008-4308
CWE-200
|
CWE-200
|
Low
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-5519)
|
CVE-2008-5519
CWE-200
|
CWE-200
|
Low
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0580)
|
CVE-2009-0580
CWE-200
|
CWE-200
|
Medium
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0783)
|
CVE-2009-0783
CWE-200
|
CWE-200
|
Medium
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1157)
|
CVE-2010-1157
CWE-200
|
CWE-200
|
Low
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2204)
|
CVE-2011-2204
CWE-200
|
CWE-200
|
Low
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3375)
|
CVE-2011-3375
CWE-200
|
CWE-200
|
Medium
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2071)
|
CVE-2013-2071
CWE-200
|
CWE-200
|
Low
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4590)
|
CVE-2013-4590
CWE-200
|
CWE-200
|
Medium
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0706)
|
CVE-2016-0706
CWE-200
|
CWE-200
|
Medium
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8747)
|
CVE-2016-8747
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5647)
|
CVE-2017-5647
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12616)
|
CVE-2017-12616
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-17527)
|
CVE-2020-17527
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-25122)
|
CVE-2021-25122
CWE-200
|
CWE-200
|
High
|
|
Apache Tomcat Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-21733)
|
CVE-2024-21733
CWE-209
|
CWE-209
|
Medium
|
|
Apache Tomcat Improper Access Control Vulnerability (CVE-2014-7810)
|
CVE-2014-7810
CWE-284
|
CWE-284
|
Medium
|
|
Apache Tomcat Improper Access Control Vulnerability (CVE-2016-5388)
|
CVE-2016-5388
CWE-284
|
CWE-284
|
High
|
|
Apache Tomcat Improper Authentication Vulnerability (CVE-2011-5063)
|
CVE-2011-5063
CWE-287
|
CWE-287
|
Medium
|
|
Apache Tomcat Improper Authentication Vulnerability (CVE-2012-5886)
|
CVE-2012-5886
CWE-287
|
CWE-287
|
Medium
|
|
Apache Tomcat Improper Authentication Vulnerability (CVE-2012-5887)
|
CVE-2012-5887
CWE-287
|
CWE-287
|
Medium
|
|
Apache Tomcat Improper Authentication Vulnerability (CVE-2013-2067)
|
CVE-2013-2067
CWE-287
|
CWE-287
|
Medium
|
|
Apache Tomcat Improper Certificate Validation Vulnerability (CVE-2018-8034)
|
CVE-2018-8034
CWE-295
|
CWE-295
|
High
|
|
Apache Tomcat Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-4444)
|
CVE-2013-4444
CWE-94
|
CWE-94
|
Medium
|
|
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2021-30640)
|
CVE-2021-30640
CWE-116
|
CWE-116
|
Medium
|
|
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2022-45143)
|
CVE-2022-45143
CWE-116
|
CWE-116
|
High
|
|
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5664)
|
CVE-2017-5664
CWE-755
|
CWE-755
|
High
|
|
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2021-30639)
|
CVE-2021-30639
CWE-755
|
CWE-755
|
High
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2009-0033)
|
CVE-2009-0033
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2011-1475)
|
CVE-2011-1475
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2011-2526)
|
CVE-2011-2526
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2012-2733)
|
CVE-2012-2733
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2012-3544)
|
CVE-2012-3544
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-2185)
|
CVE-2013-2185
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-4286)
|
CVE-2013-4286
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-4322)
|
CVE-2013-4322
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2014-0033)
|
CVE-2014-0033
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2014-0095)
|
CVE-2014-0095
CWE-20
|
CWE-20
|
Medium
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-1240)
|
CVE-2016-1240
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-3092)
|
CVE-2016-3092
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-6816)
|
CVE-2016-6816
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-0450)
|
CVE-2007-0450
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-5461)
|
CVE-2007-5461
CWE-22
|
CWE-22
|
Low
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-2370)
|
CVE-2008-2370
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-2938)
|
CVE-2008-2938
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-5515)
|
CVE-2008-5515
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-2693)
|
CVE-2009-2693
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-2902)
|
CVE-2009-2902
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-5174)
|
CVE-2015-5174
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-5345)
|
CVE-2015-5345
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-7675)
|
CVE-2017-7675
CWE-22
|
CWE-22
|
High
|
|
Apache Tomcat Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-9774)
|
CVE-2016-9774
CWE-59
|
CWE-59
|
High
|
|
Apache Tomcat Improper Locking Vulnerability (CVE-2019-10072)
|
CVE-2019-10072
CWE-667
|
CWE-667
|
High
|
|
Apache Tomcat Improperly Implemented Security Check for Standard Vulnerability (CVE-2017-15706)
|
CVE-2017-15706
CWE-358
|
CWE-358
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2005-4838)
|
CVE-2005-4838
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-7196)
|
CVE-2006-7196
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-1358)
|
CVE-2007-1358
CWE-707
|
CWE-707
|
Low
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-2450)
|
CVE-2007-2450
CWE-707
|
CWE-707
|
Low
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-3386)
|
CVE-2007-3386
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1232)
|
CVE-2008-1232
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1947)
|
CVE-2008-1947
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0781)
|
CVE-2009-0781
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2696)
|
CVE-2009-2696
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4172)
|
CVE-2010-4172
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0013)
|
CVE-2011-0013
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0221)
|
CVE-2019-0221
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34305)
|
CVE-2022-34305
CWE-707
|
CWE-707
|
Medium
|
|
Apache Tomcat Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-0232)
|
CVE-2019-0232
CWE-138
|
CWE-138
|
High
|
|
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2017-5650)
|
CVE-2017-5650
CWE-404
|
CWE-404
|
High
|
|
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2022-25762)
|
CVE-2022-25762
CWE-404
|
CWE-404
|
High
|
|
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2002-2272)
|
CVE-2002-2272
CWE-119
|
CWE-119
|
High
|
|
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2227)
|
CVE-2010-2227
CWE-119
|
CWE-119
|
Medium
|
|
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6817)
|
CVE-2016-6817
CWE-119
|
CWE-119
|
High
|
|
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-13934)
|
CVE-2020-13934
CWE-119
|
CWE-119
|
High
|
|
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2023-42794)
|
CVE-2023-42794
CWE-459
|
CWE-459
|
Medium
|
|
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2023-42795)
|
CVE-2023-42795
CWE-459
|
CWE-459
|
Medium
|
|
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-42252)
|
CVE-2022-42252
|
|
High
|
|
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46589)
|
CVE-2023-46589
|
|
High
|
|
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17569)
|
CVE-2019-17569
CWE-444
|
CWE-444
|
Medium
|
|
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-1935)
|
CVE-2020-1935
CWE-444
|
CWE-444
|
Medium
|
|
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-33037)
|
CVE-2021-33037
CWE-444
|
CWE-444
|
Medium
|
|
Apache Tomcat Incorrect Authorization Vulnerability (CVE-2016-6797)
|
CVE-2016-6797
CWE-863
|
CWE-863
|
High
|
|
Apache Tomcat Incorrect Default Permissions Vulnerability (CVE-2020-8022)
|
CVE-2020-8022
CWE-276
|
CWE-276
|
High
|
|
Apache Tomcat Insecure Default Initialization of Resource Vulnerability (CVE-2018-8014)
|
CVE-2018-8014
CWE-1188
|
CWE-1188
|
Critical
|
|
Apache Tomcat Insufficiently Protected Credentials Vulnerability (CVE-2019-12418)
|
CVE-2019-12418
CWE-522
|
CWE-522
|
High
|
|
Apache Tomcat Insufficient Verification of Data Authenticity Vulnerability (CVE-2017-7674)
|
CVE-2017-7674
CWE-345
|
CWE-345
|
Medium
|
|
Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2015-8751)
|
CVE-2015-8751
CWE-190
|
CWE-190
|
High
|
|
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)
|
CVE-2018-1336
CWE-835
|
CWE-835
|
High
|
|
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2020-13935)
|
CVE-2020-13935
CWE-835
|
CWE-835
|
High
|
|
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-41079)
|
CVE-2021-41079
CWE-835
|
CWE-835
|
High
|
|
Apache Tomcat Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2021-42340)
|
CVE-2021-42340
CWE-772
|
CWE-772
|
High
|
|
Apache Tomcat Numeric Errors Vulnerability (CVE-2012-0022)
|
CVE-2012-0022
|
|
Medium
|
|
Apache Tomcat Numeric Errors Vulnerability (CVE-2014-0075)
|
CVE-2014-0075
|
|
Medium
|
|
Apache Tomcat Numeric Errors Vulnerability (CVE-2014-0099)
|
CVE-2014-0099
|
|
Medium
|
|
Apache Tomcat Off-by-one Error Vulnerability (CVE-2023-28709)
|
CVE-2023-28709
CWE-193
|
CWE-193
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2000-0672)
|
CVE-2000-0672
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2000-0759)
|
CVE-2000-0759
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2000-0760)
|
CVE-2000-0760
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2000-1210)
|
CVE-2000-1210
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2001-0590)
|
CVE-2001-0590
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2001-0829)
|
CVE-2001-0829
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2001-0917)
|
CVE-2001-0917
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2001-1563)
|
CVE-2001-1563
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2002-0682)
|
CVE-2002-0682
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2002-0935)
|
CVE-2002-0935
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2002-0936)
|
CVE-2002-0936
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2002-1148)
|
CVE-2002-1148
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2002-1394)
|
CVE-2002-1394
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2002-1567)
|
CVE-2002-1567
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2002-1895)
|
CVE-2002-1895
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2002-2006)
|
CVE-2002-2006
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2002-2007)
|
CVE-2002-2007
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2002-2008)
|
CVE-2002-2008
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2002-2009)
|
CVE-2002-2009
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2003-0042)
|
CVE-2003-0042
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2003-0043)
|
CVE-2003-0043
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2003-0044)
|
CVE-2003-0044
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2003-0045)
|
CVE-2003-0045
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2003-0866)
|
CVE-2003-0866
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2005-0808)
|
CVE-2005-0808
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2005-2090)
|
CVE-2005-2090
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2005-3510)
|
CVE-2005-3510
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2005-4703)
|
CVE-2005-4703
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2006-3835)
|
CVE-2006-3835
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2006-7195)
|
CVE-2006-7195
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2006-7197)
|
CVE-2006-7197
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2007-1355)
|
CVE-2007-1355
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2007-1858)
|
CVE-2007-1858
|
|
Low
|
|
Apache Tomcat Other Vulnerability (CVE-2007-2449)
|
CVE-2007-2449
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2007-3383)
|
CVE-2007-3383
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2007-3384)
|
CVE-2007-3384
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2007-6286)
|
CVE-2007-6286
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2008-0002)
|
CVE-2008-0002
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2010-3718)
|
CVE-2010-3718
|
|
Low
|
|
Apache Tomcat Other Vulnerability (CVE-2011-1088)
|
CVE-2011-1088
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2011-1183)
|
CVE-2011-1183
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2011-1419)
|
CVE-2011-1419
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2011-2481)
|
CVE-2011-2481
|
|
Medium
|
|
Apache Tomcat Other Vulnerability (CVE-2015-5346)
|
CVE-2015-5346
|
|
High
|
|
Apache Tomcat Other Vulnerability (CVE-2020-1938)
|
CVE-2020-1938
|
|
Critical
|
|
Apache Tomcat Other Vulnerability (CVE-2023-45648)
|
CVE-2023-45648
|
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5342)
|
CVE-2007-5342
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3271)
|
CVE-2008-3271
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-2901)
|
CVE-2009-2901
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1184)
|
CVE-2011-1184
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1582)
|
CVE-2011-1582
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2729)
|
CVE-2011-2729
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3190)
|
CVE-2011-3190
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3376)
|
CVE-2011-3376
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5062)
|
CVE-2011-5062
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3546)
|
CVE-2012-3546
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4431)
|
CVE-2012-4431
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5885)
|
CVE-2012-5885
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0346)
|
CVE-2013-0346
CWE-264
|
CWE-264
|
Low
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0050)
|
CVE-2014-0050
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0096)
|
CVE-2014-0096
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0119)
|
CVE-2014-0119
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0714)
|
CVE-2016-0714
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0762)
|
CVE-2016-0762
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0763)
|
CVE-2016-0763
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9775)
|
CVE-2016-9775
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2011-0534)
|
CVE-2011-0534
|
|
Medium
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2011-4858)
|
CVE-2011-4858
|
|
Medium
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2012-4534)
|
CVE-2012-4534
|
|
Low
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2014-0230)
|
CVE-2014-0230
|
|
High
|
|
Apache Tomcat Session Fixation Vulnerability (CVE-2019-17563)
|
CVE-2019-17563
CWE-384
|
CWE-384
|
High
|
|
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)
|
CVE-2022-23181
CWE-367
|
CWE-367
|
High
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2019-0199)
|
CVE-2019-0199
CWE-400
|
CWE-400
|
High
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2020-11996)
|
CVE-2020-11996
CWE-400
|
CWE-400
|
High
|
|
Apache Tomcat Unprotected Transport of Credentials Vulnerability (CVE-2023-28708)
|
CVE-2023-28708
CWE-523
|
CWE-523
|
Medium
|
|
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12615)
|
CVE-2017-12615
CWE-434
|
CWE-434
|
High
|
|
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
|
CVE-2017-12617
CWE-434
|
CWE-434
|
High
|
|
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-11784)
|
CVE-2018-11784
CWE-601
|
CWE-601
|
Medium
|
|
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41080)
|
CVE-2023-41080
CWE-601
|
CWE-601
|
Medium
|
|
Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2021-24122)
|
CVE-2021-24122
CWE-706
|
CWE-706
|
Medium
|
|
Apache Tomcat version older than 4.1.37
|
CVE-2005-3164
CVE-2007-1355
CVE-2007-2449
CVE-2007-2450
CVE-2007-3382
CVE-2007-3383
CVE-2007-3385
CVE-2007-5333
CVE-2007-5461
CWE-79
|
CWE-79
|
Medium
|
|
Apache Tomcat version older than 4.1.39
|
CVE-2008-0128
CVE-2008-1232
CVE-2008-2370
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat version older than 5.5.25
|
CVE-2007-2449
CVE-2007-2450
CVE-2007-3382
CVE-2007-3385
CVE-2007-3386
CWE-79
|
CWE-79
|
Medium
|
|
Apache Tomcat version older than 5.5.26
|
CVE-2007-5333
CVE-2007-5342
CVE-2007-5461
CVE-2007-6286
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat version older than 5.5.27
|
CVE-2008-1232
CVE-2008-1947
CVE-2008-2370
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat version older than 6.0.6
|
CVE-2007-1358
CWE-79
|
CWE-79
|
Low
|
|
Apache Tomcat version older than 6.0.9
|
CVE-2008-0128
CWE-614
|
CWE-614
|
Medium
|
|
Apache Tomcat version older than 6.0.10
|
CVE-2007-0450
CWE-22
|
CWE-22
|
Medium
|
|
Apache Tomcat version older than 6.0.11
|
CVE-2005-2090
CVE-2007-1355
CWE-79
|
CWE-79
|
Medium
|
|
Apache Tomcat version older than 6.0.14
|
CVE-2007-2449
CVE-2007-2450
CVE-2007-3382
CVE-2007-3385
CVE-2007-3386
CWE-79
|
CWE-79
|
Medium
|
|
Apache Tomcat version older than 6.0.16
|
CVE-2007-5333
CVE-2007-5342
CVE-2007-5461
CVE-2007-6286
CVE-2008-0002
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat version older than 6.0.18
|
CVE-2008-1232
CVE-2008-1947
CVE-2008-2370
CWE-79
|
CWE-79
|
Medium
|
|
Apache Tomcat version older than 6.0.35
|
CVE-2011-3190
CVE-2011-3375
CVE-2012-0022
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat version older than 6.0.36
|
CVE-2012-2733
CVE-2012-3439
CVE-2012-3546
CVE-2012-4431
CVE-2012-4534
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat version older than 7.0.21
|
CVE-2011-3190
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat version older than 7.0.23
|
CVE-2012-0022
CWE-189
|
CWE-189
|
High
|
|
Apache Tomcat version older than 7.0.28
|
CVE-2012-2733
CVE-2012-4534
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat version older than 7.0.30
|
CVE-2012-3439
CVE-2012-3544
CVE-2012-3546
CWE-20
|
CWE-20
|
High
|
|
Apache Tomcat version older than 7.0.32
|
CVE-2012-4431
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat WAR file directory traversal vulnerability
|
CVE-2009-2693
CVE-2009-2901
CWE-22
|
CWE-22
|
Medium
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)
|
CVE-2019-9511
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514)
|
CVE-2019-9514
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9515)
|
CVE-2019-9515
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
|
CVE-2019-9516
CWE-770
|
CWE-770
|
Medium
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
|
CVE-2019-9517
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)
|
CVE-2019-9518
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-43082)
|
CVE-2021-43082
CWE-120
|
CWE-120
|
Critical
|
|
Apache Traffic Server CVE-2014-3525 Vulnerability (CVE-2014-3525)
|
CVE-2014-3525
|
|
Critical
|
|
Apache Traffic Server CVE-2015-5168 Vulnerability (CVE-2015-5168)
|
CVE-2015-5168
|
|
Critical
|
|
Apache Traffic Server CVE-2015-5206 Vulnerability (CVE-2015-5206)
|
CVE-2015-5206
|
|
Critical
|
|
Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)
|
CVE-2022-47184
|
|
High
|
|
Apache Traffic Server CVE-2022-47185 Vulnerability (CVE-2022-47185)
|
CVE-2022-47185
|
|
High
|
|
Apache Traffic Server CVE-2023-30631 Vulnerability (CVE-2023-30631)
|
CVE-2023-30631
|
|
High
|
|
Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933)
|
CVE-2023-33933
|
|
High
|
|
Apache Traffic Server CVE-2023-41752 Vulnerability (CVE-2023-41752)
|
CVE-2023-41752
|
|
High
|
|
Apache Traffic Server CVE-2023-44487 Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
|
|
High
|
|
Apache Traffic Server CVE-2024-35296 Vulnerability (CVE-2024-35296)
|
CVE-2024-35296
|
|
High
|
|
Apache Traffic Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2018-8040)
|
CVE-2018-8040
CWE-668
|
CWE-668
|
Medium
|
|
Apache Traffic Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-11783)
|
CVE-2018-11783
CWE-200
|
CWE-200
|
High
|
|
Apache Traffic Server HTTP Request Smuggling Vulnerability (CVE-2020-17509 )
|
CVE-2020-17509
|
|
High
|
|
Apache Traffic Server Improper Access Control Vulnerability (CVE-2014-3624)
|
CVE-2014-3624
CWE-284
|
CWE-284
|
Critical
|
|
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-38161)
|
CVE-2021-38161
CWE-287
|
CWE-287
|
High
|
|
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759)
|
CVE-2021-44759
CWE-287
|
CWE-287
|
High
|
|
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-32749)
|
CVE-2022-32749
CWE-754
|
CWE-754
|
High
|
|
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-37392)
|
CVE-2022-37392
CWE-754
|
CWE-754
|
Medium
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2010-2952)
|
CVE-2010-2952
CWE-20
|
CWE-20
|
Medium
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5659)
|
CVE-2017-5659
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5660)
|
CVE-2017-5660
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-7671)
|
CVE-2017-7671
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-1318)
|
CVE-2018-1318
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-8022)
|
CVE-2018-8022
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2019-10079)
|
CVE-2019-10079
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32566)
|
CVE-2021-32566
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32567)
|
CVE-2021-32567
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37147)
|
CVE-2021-37147
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37148)
|
CVE-2021-37148
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37149)
|
CVE-2021-37149
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37150)
|
CVE-2021-37150
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-41585)
|
CVE-2021-41585
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-44040)
|
CVE-2021-44040
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-25763)
|
CVE-2022-25763
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-28129)
|
CVE-2022-28129
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31778)
|
CVE-2022-31778
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31779)
|
CVE-2022-31779
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31780)
|
CVE-2022-31780
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2023-39456)
|
CVE-2023-39456
CWE-20
|
CWE-20
|
High
|
|
Apache Traffic Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-40743)
|
CVE-2022-40743
CWE-707
|
CWE-707
|
Medium
|
|
Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-0256)
|
CVE-2012-0256
CWE-119
|
CWE-119
|
Medium
|
|
Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-10022)
|
CVE-2014-10022
CWE-119
|
CWE-119
|
Medium
|
|
Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3249)
|
CVE-2015-3249
CWE-119
|
CWE-119
|
Critical
|
|
Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-9494)
|
CVE-2020-9494
CWE-119
|
CWE-119
|
High
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-33934)
|
CVE-2023-33934
|
|
Critical
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-38522)
|
CVE-2023-38522
|
|
High
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-35161)
|
CVE-2024-35161
|
|
High
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2018-8004)
|
CVE-2018-8004
CWE-444
|
CWE-444
|
Medium
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17559)
|
CVE-2019-17559
CWE-444
|
CWE-444
|
Critical
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17565)
|
CVE-2019-17565
CWE-444
|
CWE-444
|
Critical
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-1944)
|
CVE-2020-1944
CWE-444
|
CWE-444
|
Critical
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-27577)
|
CVE-2021-27577
CWE-444
|
CWE-444
|
High
|
|
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-32565)
|
CVE-2021-32565
CWE-444
|
CWE-444
|
High
|
|
Apache Traffic Server Integer Overflow or Wraparound Vulnerability (CVE-2018-9481)
|
CVE-2018-9481
CWE-190
|
CWE-190
|
Medium
|
|
Apache Traffic Server Memory Disclosure Vulnerability (CVE-2020-17508)
|
CVE-2020-17508
|
|
High
|
|
Apache Traffic Server Other Vulnerability (CVE-2019-9513)
|
CVE-2019-9513
|
|
High
|
|
Apache Traffic Server Out-of-bounds Write Vulnerability (CVE-2021-35474)
|
CVE-2021-35474
CWE-787
|
CWE-787
|
Critical
|
|
Apache Traffic Server Remote DOS Attack (CVE-2021-27737)
|
CVE-2021-27737
|
|
High
|
|
Apache Traffic Server Resource Management Errors Vulnerability (CVE-2016-5396)
|
CVE-2016-5396
|
|
High
|
|
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-8005)
|
CVE-2018-8005
CWE-400
|
CWE-400
|
Medium
|
|
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2019-9512)
|
CVE-2019-9512
CWE-400
|
CWE-400
|
High
|
|
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2020-9481)
|
CVE-2020-9481
CWE-400
|
CWE-400
|
High
|
|
Apache version older than 1.3.27
|
CVE-2002-0839
CVE-2002-0840
CVE-2002-0843
CWE-119
|
CWE-119
|
Medium
|
|
Apache version older than 1.3.28
|
CVE-2003-0460
CWE-20
|
CWE-20
|
Medium
|
|
Apache version older than 1.3.29
|
CVE-2003-0542
CWE-119
|
CWE-119
|
Medium
|
|
Apache version older than 1.3.31
|
CVE-2003-0020
CVE-2003-0987
CVE-2003-0993
CVE-2004-0174
CWE-264
|
CWE-264
|
Medium
|
|
Apache version older than 1.3.34
|
CVE-2005-2088
CWE-20
|
CWE-20
|
Medium
|
|
Apache version older than 1.3.37
|
CVE-2006-3747
CWE-189
|
CWE-189
|
Medium
|
|
Apache version older than 1.3.39
|
CVE-2006-5752
CVE-2007-3304
CWE-79
|
CWE-79
|
Medium
|
|
Apache version older than 1.3.41
|
CVE-2007-6388
CWE-79
|
CWE-79
|
Medium
|
|
Apache version up to 1.3.33 htpasswd local overflow
|
CVE-2006-1078
CWE-119
|
CWE-119
|
Low
|
|
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)
|
CVE-2018-1000206
CWE-352
|
CWE-352
|
High
|
|
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10321)
|
CVE-2019-10321
CWE-352
|
CWE-352
|
Medium
|
|
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10324)
|
CVE-2019-10324
CWE-352
|
CWE-352
|
Medium
|
|
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)
|
CVE-2021-23163
CWE-352
|
CWE-352
|
High
|
|
Artifactory CVE-2019-9733 Vulnerability (CVE-2019-9733)
|
CVE-2019-9733
|
|
Critical
|
|
Artifactory CVE-2020-7931 Vulnerability (CVE-2020-7931)
|
CVE-2020-7931
|
|
High
|
|
Artifactory CVE-2023-42508 Vulnerability (CVE-2023-42508)
|
CVE-2023-42508
|
|
Medium
|
|
Artifactory CVE-2023-42661 Vulnerability (CVE-2023-42661)
|
CVE-2023-42661
|
|
High
|
|
Artifactory CVE-2024-3505 Vulnerability (CVE-2024-3505)
|
CVE-2024-3505
|
|
Medium
|
|
Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573)
|
CVE-2022-0573
CWE-502
|
CWE-502
|
High
|
|
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
|
CVE-2021-46687
CWE-668
|
CWE-668
|
Medium
|
|
Artifactory Improper Authentication Vulnerability (CVE-2023-42662)
|
CVE-2023-42662
CWE-287
|
CWE-287
|
Medium
|
|
Artifactory Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-42509)
|
CVE-2023-42509
CWE-755
|
CWE-755
|
High
|
|
Artifactory Improper Input Validation Vulnerability (CVE-2016-6501)
|
CVE-2016-6501
CWE-20
|
CWE-20
|
Critical
|
|
Artifactory Improper Input Validation Vulnerability (CVE-2019-19937)
|
CVE-2019-19937
CWE-20
|
CWE-20
|
High
|
|
Artifactory Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000623)
|
CVE-2018-1000623
CWE-22
|
CWE-22
|
High
|
|
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45721)
|
CVE-2021-45721
CWE-707
|
CWE-707
|
Medium
|
|
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2247)
|
CVE-2024-2247
CWE-707
|
CWE-707
|
Medium
|
|
Artifactory Improper Privilege Management Vulnerability (CVE-2022-0668)
|
CVE-2022-0668
CWE-269
|
CWE-269
|
Critical
|
|
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45074)
|
CVE-2021-45074
CWE-863
|
CWE-863
|
Medium
|
|
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730)
|
CVE-2021-45730
CWE-863
|
CWE-863
|
Medium
|
|
Artifactory Incorrect Default Permissions Vulnerability (CVE-2021-46270)
|
CVE-2021-46270
CWE-276
|
CWE-276
|
Low
|
|
Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-41834)
|
CVE-2021-41834
CWE-732
|
CWE-732
|
Medium
|
|
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2018-1000424)
|
CVE-2018-1000424
CWE-522
|
CWE-522
|
High
|
|
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2164)
|
CVE-2020-2164
CWE-522
|
CWE-522
|
Medium
|
|
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165)
|
CVE-2020-2165
CWE-522
|
CWE-522
|
High
|
|
Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971)
|
CVE-2018-19971
CWE-345
|
CWE-345
|
Critical
|
|
Artifactory Missing Authorization Vulnerability (CVE-2019-10322)
|
CVE-2019-10322
CWE-862
|
CWE-862
|
Medium
|
|
Artifactory Missing Authorization Vulnerability (CVE-2019-10323)
|
CVE-2019-10323
CWE-862
|
CWE-862
|
Medium
|
|
Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036)
|
CVE-2016-10036
CWE-434
|
CWE-434
|
Critical
|
|
Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)
|
CVE-2019-17444
CWE-521
|
CWE-521
|
Critical
|
|
ASP.NET MVC Improper Authentication Vulnerability (CVE-2018-8171)
|
CVE-2018-8171
CWE-287
|
CWE-287
|
High
|
|
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0247)
|
CVE-2017-0247
CWE-20
|
CWE-20
|
High
|
|
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0249)
|
CVE-2017-0249
CWE-20
|
CWE-20
|
High
|
|
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0256)
|
CVE-2017-0256
CWE-20
|
CWE-20
|
Medium
|
|
ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075)
|
CVE-2014-4075
CWE-707
|
CWE-707
|
Medium
|
|
ASP.NET SignalR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5042)
|
CVE-2013-5042
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6342)
|
CVE-2012-6342
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Confluence CVE-2020-29448 Vulnerability (CVE-2020-29448)
|
CVE-2020-29448
|
|
Medium
|
|
Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503)
|
CVE-2023-22503
|
|
Medium
|
|
Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505)
|
CVE-2023-22505
|
|
High
|
|
Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508)
|
CVE-2023-22508
|
|
High
|
|
Atlassian Confluence CVE-2023-22515 Vulnerability (CVE-2023-22515)
|
CVE-2023-22515
|
|
Critical
|
|
Atlassian Confluence CVE-2024-21683 Vulnerability (CVE-2024-21683)
|
CVE-2024-21683
|
|
High
|
|
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8399)
|
CVE-2015-8399
CWE-200
|
CWE-200
|
Medium
|
|
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6668)
|
CVE-2016-6668
CWE-200
|
CWE-200
|
High
|
|
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415)
|
CVE-2017-7415
CWE-200
|
CWE-200
|
High
|
|
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20237)
|
CVE-2018-20237
CWE-200
|
CWE-200
|
Medium
|
|
Atlassian Confluence Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2019-15006)
|
CVE-2019-15006
CWE-913
|
CWE-913
|
Medium
|
|
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-22526)
|
CVE-2023-22526
CWE-94
|
CWE-94
|
High
|
|
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21672)
|
CVE-2024-21672
CWE-94
|
CWE-94
|
High
|
|
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21673)
|
CVE-2024-21673
CWE-94
|
CWE-94
|
High
|
|
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21674)
|
CVE-2024-21674
CWE-94
|
CWE-94
|
High
|
|
Atlassian Confluence Improper Input Validation Vulnerability (CVE-2018-13389)
|
CVE-2018-13389
CWE-20
|
CWE-20
|
Medium
|
|
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3394)
|
CVE-2019-3394
CWE-22
|
CWE-22
|
High
|
|
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3396)
|
CVE-2019-3396
CWE-22
|
CWE-22
|
Critical
|
|
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3398)
|
CVE-2019-3398
CWE-22
|
CWE-22
|
High
|
|
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21677)
|
CVE-2024-21677
CWE-22
|
CWE-22
|
High
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8398)
|
CVE-2015-8398
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4317)
|
CVE-2016-4317
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6283)
|
CVE-2016-6283
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16856)
|
CVE-2017-16856
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18083)
|
CVE-2017-18083
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18084)
|
CVE-2017-18084
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18085)
|
CVE-2017-18085
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18086)
|
CVE-2017-18086
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20239)
|
CVE-2018-20239
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20102)
|
CVE-2019-20102
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14175)
|
CVE-2020-14175
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29444)
|
CVE-2020-29444
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36290)
|
CVE-2020-36290
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21686)
|
CVE-2024-21686
CWE-707
|
CWE-707
|
High
|
|
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-4027)
|
CVE-2020-4027
CWE-138
|
CWE-138
|
Medium
|
|
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-26084)
|
CVE-2021-26084
CWE-138
|
CWE-138
|
Critical
|
|
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39114)
|
CVE-2021-39114
CWE-138
|
CWE-138
|
High
|
|
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-22522)
|
CVE-2023-22522
CWE-138
|
CWE-138
|
High
|
|
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-22527)
|
CVE-2023-22527
CWE-138
|
CWE-138
|
Critical
|
|
Atlassian Confluence Incorrect Authorization Vulnerability (CVE-2023-22518)
|
CVE-2023-22518
CWE-863
|
CWE-863
|
Critical
|
|
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136)
|
CVE-2022-26136
CWE-180
|
CWE-180
|
Critical
|
|
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
|
CVE-2022-26137
CWE-180
|
CWE-180
|
Critical
|
|
Atlassian Confluence Incorrect Default Permissions Vulnerability (CVE-2017-9505)
|
CVE-2017-9505
CWE-276
|
CWE-276
|
Medium
|
|
Atlassian Confluence Missing Authorization Vulnerability (CVE-2019-15005)
|
CVE-2019-15005
CWE-862
|
CWE-862
|
Medium
|
|
Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085)
|
CVE-2021-26085
CWE-862
|
CWE-862
|
Medium
|
|
Atlassian Confluence Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)
|
CVE-2012-2928
CWE-264
|
CWE-264
|
Medium
|
|
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-3395)
|
CVE-2019-3395
CWE-918
|
CWE-918
|
Critical
|
|
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-29445)
|
CVE-2020-29445
CWE-918
|
CWE-918
|
Medium
|
|
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-26072)
|
CVE-2021-26072
CWE-918
|
CWE-918
|
Medium
|
|
Atlassian Confluence Unauthenticated Remote Code Execution Vulnerability (CVE-2022-26134)
|
CVE-2022-26134
|
|
Critical
|
|
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2019-20406)
|
CVE-2019-20406
CWE-427
|
CWE-427
|
High
|
|
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2021-43940)
|
CVE-2021-43940
CWE-427
|
CWE-427
|
High
|
|
Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-29450)
|
CVE-2020-29450
CWE-434
|
CWE-434
|
Medium
|
|
Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-22504)
|
CVE-2023-22504
CWE-434
|
CWE-434
|
Medium
|
|
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-14174)
|
CVE-2020-14174
CWE-639
|
CWE-639
|
Medium
|
|
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-36231)
|
CVE-2020-36231
CWE-639
|
CWE-639
|
Medium
|
|
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41305)
|
CVE-2021-41305
CWE-639
|
CWE-639
|
High
|
|
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41306)
|
CVE-2021-41306
CWE-639
|
CWE-639
|
High
|
|
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41307)
|
CVE-2021-41307
CWE-639
|
CWE-639
|
High
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-6832)
|
CVE-2008-6832
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-4319)
|
CVE-2016-4319
CWE-352
|
CWE-352
|
High
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16862)
|
CVE-2017-16862
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-18033)
|
CVE-2017-18033
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8447)
|
CVE-2019-8447
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11586)
|
CVE-2019-11586
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11587)
|
CVE-2019-11587
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11588)
|
CVE-2019-11588
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-14998)
|
CVE-2019-14998
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20098)
|
CVE-2019-20098
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20099)
|
CVE-2019-20099
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20100)
|
CVE-2019-20100
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20401)
|
CVE-2019-20401
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20405)
|
CVE-2019-20405
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20411)
|
CVE-2019-20411
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20415)
|
CVE-2019-20415
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26071)
|
CVE-2021-26071
CWE-352
|
CWE-352
|
Low
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-39124)
|
CVE-2021-39124
CWE-352
|
CWE-352
|
High
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-39126)
|
CVE-2021-39126
CWE-352
|
CWE-352
|
High
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43941)
|
CVE-2021-43941
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43952)
|
CVE-2021-43952
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43953)
|
CVE-2021-43953
CWE-352
|
CWE-352
|
Medium
|
|
Atlassian Jira CVE-2012-2926 Vulnerability (CVE-2012-2926)
|
CVE-2012-2926
|
|
Critical
|
|
Atlassian Jira CVE-2018-5231 Vulnerability (CVE-2018-5231)
|
CVE-2018-5231
|
|
High
|
|
Atlassian Jira CVE-2019-8442 Vulnerability (CVE-2019-8442)
|
CVE-2019-8442
|
|
High
|
|
Atlassian Jira CVE-2019-8448 Vulnerability (CVE-2019-8448)
|
CVE-2019-8448
|
|
Medium
|
|
Atlassian Jira CVE-2019-11583 Vulnerability (CVE-2019-11583)
|
CVE-2019-11583
|
|
Medium
|
|
Atlassian Jira CVE-2019-20402 Vulnerability (CVE-2019-20402)
|
CVE-2019-20402
|
|
Medium
|
|
Atlassian Jira CVE-2019-20403 Vulnerability (CVE-2019-20403)
|
CVE-2019-20403
|
|
Medium
|
|
Atlassian Jira CVE-2019-20404 Vulnerability (CVE-2019-20404)
|
CVE-2019-20404
|
|
Medium
|
|
Atlassian Jira CVE-2019-20410 Vulnerability (CVE-2019-20410)
|
CVE-2019-20410
|
|
Medium
|
|
Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413)
|
CVE-2019-20413
|
|
High
|
|
Atlassian Jira CVE-2019-20418 Vulnerability (CVE-2019-20418)
|
CVE-2019-20418
|
|
Medium
|
|
Atlassian Jira CVE-2019-20898 Vulnerability (CVE-2019-20898)
|
CVE-2019-20898
|
|
High
|
|
Atlassian Jira CVE-2019-20899 Vulnerability (CVE-2019-20899)
|
CVE-2019-20899
|
|
Medium
|
|
Atlassian Jira CVE-2020-4029 Vulnerability (CVE-2020-4029)
|
CVE-2020-4029
|
|
Medium
|
|
Atlassian Jira CVE-2020-14165 Vulnerability (CVE-2020-14165)
|
CVE-2020-14165
|
|
Medium
|
|
Atlassian Jira CVE-2020-14167 Vulnerability (CVE-2020-14167)
|
CVE-2020-14167
|
|
High
|
|
Atlassian Jira CVE-2020-14168 Vulnerability (CVE-2020-14168)
|
CVE-2020-14168
|
|
Medium
|
|
Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)
|
CVE-2020-14178
|
|
High
|
|
Atlassian Jira CVE-2020-29451 Vulnerability (CVE-2020-29451)
|
CVE-2020-29451
|
|
Medium
|
|
Atlassian Jira CVE-2020-36235 Vulnerability (CVE-2020-36235)
|
CVE-2020-36235
|
|
Medium
|
|
Atlassian Jira CVE-2020-36237 Vulnerability (CVE-2020-36237)
|
CVE-2020-36237
|
|
Medium
|
|
Atlassian Jira CVE-2020-36286 Vulnerability (CVE-2020-36286)
|
CVE-2020-36286
|
|
Medium
|
|
Atlassian Jira CVE-2021-26075 Vulnerability (CVE-2021-26075)
|
CVE-2021-26075
|
|
Medium
|
|
Atlassian Jira CVE-2021-26076 Vulnerability (CVE-2021-26076)
|
CVE-2021-26076
|
|
Low
|
|
Atlassian Jira CVE-2021-26081 Vulnerability (CVE-2021-26081)
|
CVE-2021-26081
|
|
Medium
|
|
Atlassian Jira CVE-2021-39116 Vulnerability (CVE-2021-39116)
|
CVE-2021-39116
|
|
Medium
|
|
Atlassian Jira CVE-2021-39121 Vulnerability (CVE-2021-39121)
|
CVE-2021-39121
|
|
Medium
|
|
Atlassian Jira CVE-2021-39122 Vulnerability (CVE-2021-39122)
|
CVE-2021-39122
|
|
Medium
|
|
Atlassian Jira CVE-2021-39123 Vulnerability (CVE-2021-39123)
|
CVE-2021-39123
|
|
High
|
|
Atlassian Jira CVE-2021-43947 Vulnerability (CVE-2021-43947)
|
CVE-2021-43947
|
|
High
|
|
Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2017-5983)
|
CVE-2017-5983
CWE-502
|
CWE-502
|
Critical
|
|
Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2020-14172)
|
CVE-2020-14172
CWE-502
|
CWE-502
|
Critical
|
|
Atlassian Jira Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-39127)
|
CVE-2021-39127
CWE-668
|
CWE-668
|
Medium
|
|
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8481)
|
CVE-2015-8481
CWE-200
|
CWE-200
|
Low
|
|
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-18104)
|
CVE-2017-18104
CWE-200
|
CWE-200
|
Medium
|
|
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13391)
|
CVE-2018-13391
CWE-200
|
CWE-200
|
Medium
|
|
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-14181)
|
CVE-2020-14181
CWE-200
|
CWE-200
|
Medium
|
|
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-36289)
|
CVE-2020-36289
CWE-200
|
CWE-200
|
Medium
|
|
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39118)
|
CVE-2021-39118
CWE-200
|
CWE-200
|
Medium
|
|
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39125)
|
CVE-2021-39125
CWE-200
|
CWE-200
|
Medium
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-8443)
|
CVE-2019-8443
CWE-287
|
CWE-287
|
High
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-20412)
|
CVE-2019-20412
CWE-287
|
CWE-287
|
Medium
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-26070)
|
CVE-2021-26070
CWE-287
|
CWE-287
|
High
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-39119)
|
CVE-2021-39119
CWE-287
|
CWE-287
|
Medium
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41308)
|
CVE-2021-41308
CWE-287
|
CWE-287
|
Medium
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41312)
|
CVE-2021-41312
CWE-287
|
CWE-287
|
High
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-43946)
|
CVE-2021-43946
CWE-287
|
CWE-287
|
Medium
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-43950)
|
CVE-2021-43950
CWE-287
|
CWE-287
|
Medium
|
|
Atlassian Jira Improper Authentication Vulnerability (CVE-2022-0540)
|
CVE-2022-0540
CWE-287
|
CWE-287
|
Critical
|
|
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6531)
|
CVE-2008-6531
CWE-94
|
CWE-94
|
Medium
|
|
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1165)
|
CVE-2010-1165
CWE-94
|
CWE-94
|
Critical
|
|
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-18113)
|
CVE-2017-18113
CWE-94
|
CWE-94
|
High
|
|
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001)
|
CVE-2019-15001
CWE-94
|
CWE-94
|
High
|
|
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43944)
|
CVE-2021-43944
CWE-94
|
CWE-94
|
High
|
|
Atlassian Jira Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-2313)
|
CVE-2014-2313
CWE-22
|
CWE-22
|
Medium
|
|
Atlassian Jira Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-2314)
|
CVE-2014-2314
CWE-22
|
CWE-22
|
Medium
|
|
Atlassian Jira Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-29453)
|
CVE-2020-29453
CWE-22
|
CWE-22
|
Medium
|
|
Atlassian Jira Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-26086)
|
CVE-2021-26086
CWE-22
|
CWE-22
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-6617)
|
CVE-2007-6617
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6831)
|
CVE-2008-6831
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1164)
|
CVE-2010-1164
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1500)
|
CVE-2012-1500
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5319)
|
CVE-2013-5319
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4318)
|
CVE-2016-4318
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6285)
|
CVE-2016-6285
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14594)
|
CVE-2017-14594
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16863)
|
CVE-2017-16863
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16864)
|
CVE-2017-16864
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18039)
|
CVE-2017-18039
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18097)
|
CVE-2017-18097
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18098)
|
CVE-2017-18098
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18100)
|
CVE-2017-18100
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18102)
|
CVE-2017-18102
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5230)
|
CVE-2018-5230
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5232)
|
CVE-2018-5232
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13387)
|
CVE-2018-13387
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13395)
|
CVE-2018-13395
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13403)
|
CVE-2018-13403
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20232)
|
CVE-2018-20232
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20239)
|
CVE-2018-20239
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20824)
|
CVE-2018-20824
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20827)
|
CVE-2018-20827
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3400)
|
CVE-2019-3400
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3402)
|
CVE-2019-3402
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8444)
|
CVE-2019-8444
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8450)
|
CVE-2019-8450
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11584)
|
CVE-2019-11584
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14996)
|
CVE-2019-14996
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20414)
|
CVE-2019-20414
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20416)
|
CVE-2019-20416
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20900)
|
CVE-2019-20900
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4021)
|
CVE-2020-4021
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4022)
|
CVE-2020-4022
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4024)
|
CVE-2020-4024
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4025)
|
CVE-2020-4025
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14164)
|
CVE-2020-14164
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14166)
|
CVE-2020-14166
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14169)
|
CVE-2020-14169
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14173)
|
CVE-2020-14173
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14184)
|
CVE-2020-14184
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36234)
|
CVE-2020-36234
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36236)
|
CVE-2020-36236
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36288)
|
CVE-2020-36288
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26078)
|
CVE-2021-26078
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26079)
|
CVE-2021-26079
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26080)
|
CVE-2021-26080
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26082)
|
CVE-2021-26082
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26083)
|
CVE-2021-26083
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39111)
|
CVE-2021-39111
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39117)
|
CVE-2021-39117
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41304)
|
CVE-2021-41304
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43945)
|
CVE-2021-43945
CWE-707
|
CWE-707
|
Medium
|
|
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-11581)
|
CVE-2019-11581
CWE-138
|
CWE-138
|
Critical
|
|
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-20409)
|
CVE-2019-20409
CWE-138
|
CWE-138
|
Critical
|
|
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-14193)
|
CVE-2020-14193
CWE-138
|
CWE-138
|
Medium
|
|
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-26069)
|
CVE-2021-26069
CWE-138
|
CWE-138
|
Medium
|
|
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39128)
|
CVE-2021-39128
CWE-138
|
CWE-138
|
High
|
|
Atlassian Jira Improper Privilege Management Vulnerability (CVE-2018-13400)
|
CVE-2018-13400
CWE-269
|
CWE-269
|
Medium
|
|
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2018-20826)
|
CVE-2018-20826
CWE-863
|
CWE-863
|
Medium
|
|
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-3401)
|
CVE-2019-3401
CWE-863
|
CWE-863
|
Medium
|
|
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-3403)
|
CVE-2019-3403
CWE-863
|
CWE-863
|
Medium
|
|
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-8446)
|
CVE-2019-8446
CWE-863
|
CWE-863
|
Medium
|
|
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36238)
|
CVE-2020-36238
CWE-863
|
CWE-863
|
Medium
|
|
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36287)
|
CVE-2020-36287
CWE-863
|
CWE-863
|
Medium
|
|
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2021-43948)
|
CVE-2021-43948
CWE-863
|
CWE-863
|
Medium
|
|
Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136)
|
CVE-2022-26136
CWE-180
|
CWE-180
|
Critical
|
|
Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
|
CVE-2022-26137
CWE-180
|
CWE-180
|
Critical
|
|
Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-14995)
|
CVE-2019-14995
CWE-276
|
CWE-276
|
Medium
|
|
Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-20106)
|
CVE-2019-20106
CWE-276
|
CWE-276
|
Medium
|
|
Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113)
|
CVE-2021-39113
CWE-613
|
CWE-613
|
High
|
|
Atlassian Jira Missing Authentication for Critical Function Vulnerability (CVE-2019-8449)
|
CVE-2019-8449
CWE-306
|
CWE-306
|
Medium
|
|
Atlassian Jira Missing Authorization Vulnerability (CVE-2017-18101)
|
CVE-2017-18101
CWE-862
|
CWE-862
|
Medium
|
|
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399)
|
CVE-2019-3399
CWE-862
|
CWE-862
|
High
|
|
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-8445)
|
CVE-2019-8445
CWE-862
|
CWE-862
|
Medium
|
|
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-15013)
|
CVE-2019-15013
CWE-862
|
CWE-862
|
Medium
|
|
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-20407)
|
CVE-2019-20407
CWE-862
|
CWE-862
|
Medium
|
|
Atlassian Jira Missing Authorization Vulnerability (CVE-2020-14185)
|
CVE-2020-14185
CWE-862
|
CWE-862
|
Medium
|
|
Atlassian Jira Observable Discrepancy Vulnerability (CVE-2020-4028)
|
CVE-2020-4028
CWE-203
|
CWE-203
|
Medium
|
|
Atlassian Jira Other Vulnerability (CVE-2006-3338)
|
CVE-2006-3338
|
|
Low
|
|
Atlassian Jira Other Vulnerability (CVE-2006-3339)
|
CVE-2006-3339
|
|
Medium
|
|
Atlassian Jira Other Vulnerability (CVE-2007-6618)
|
CVE-2007-6618
|
|
Medium
|
|
Atlassian Jira Other Vulnerability (CVE-2019-14997)
|
CVE-2019-14997
|
|
Medium
|
|
Atlassian Jira Other Vulnerability (CVE-2019-20101)
|
CVE-2019-20101
|
|
Medium
|
|
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619)
|
CVE-2007-6619
CWE-264
|
CWE-264
|
High
|
|
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)
|
CVE-2012-2928
CWE-264
|
CWE-264
|
Medium
|
|
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-16865)
|
CVE-2017-16865
CWE-918
|
CWE-918
|
Medium
|
|
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13404)
|
CVE-2018-13404
CWE-918
|
CWE-918
|
Medium
|
|
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8451)
|
CVE-2019-8451
CWE-918
|
CWE-918
|
Medium
|
|
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-20408)
|
CVE-2019-20408
CWE-918
|
CWE-918
|
Medium
|
|
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400)
|
CVE-2019-20400
CWE-427
|
CWE-427
|
High
|
|
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419)
|
CVE-2019-20419
CWE-427
|
CWE-427
|
High
|
|
Atlassian Jira Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-20897)
|
CVE-2019-20897
CWE-434
|
CWE-434
|
Medium
|
|
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)
|
CVE-2018-13401
CWE-601
|
CWE-601
|
Medium
|
|
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13402)
|
CVE-2018-13402
CWE-601
|
CWE-601
|
Medium
|
|
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11585)
|
CVE-2019-11585
CWE-601
|
CWE-601
|
Medium
|
|
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11589)
|
CVE-2019-11589
CWE-601
|
CWE-601
|
Medium
|
|
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20417)
|
CVE-2019-20417
CWE-601
|
CWE-601
|
Medium
|
|
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20901)
|
CVE-2019-20901
CWE-601
|
CWE-601
|
Medium
|
|
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-39112)
|
CVE-2021-39112
CWE-601
|
CWE-601
|
Medium
|
|
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583)
|
CVE-2015-1583
CWE-352
|
CWE-352
|
High
|
|
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539)
|
CVE-2016-2539
CWE-352
|
CWE-352
|
High
|
|
ATutor Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3706)
|
CVE-2011-3706
CWE-200
|
CWE-200
|
Medium
|
|
ATutor Improper Authentication Vulnerability (CVE-2014-9753)
|
CVE-2014-9753
CWE-287
|
CWE-287
|
Critical
|
|
ATutor Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3368)
|
CVE-2008-3368
CWE-94
|
CWE-94
|
Medium
|
|
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400)
|
CVE-2016-10400
CWE-22
|
CWE-22
|
High
|
|
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000002)
|
CVE-2017-1000002
CWE-22
|
CWE-22
|
Critical
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0828)
|
CVE-2008-0828
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0971)
|
CVE-2010-0971
CWE-707
|
CWE-707
|
Low
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6528)
|
CVE-2012-6528
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2091)
|
CVE-2014-2091
CWE-707
|
CWE-707
|
Low
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6521)
|
CVE-2015-6521
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7711)
|
CVE-2015-7711
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6483)
|
CVE-2017-6483
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14981)
|
CVE-2017-14981
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7172)
|
CVE-2019-7172
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23341)
|
CVE-2020-23341
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27008)
|
CVE-2023-27008
CWE-707
|
CWE-707
|
Medium
|
|
ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-2555)
|
CVE-2016-2555
CWE-138
|
CWE-138
|
Critical
|
|
ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000004)
|
CVE-2017-1000004
CWE-138
|
CWE-138
|
Critical
|
|
ATutor Improper Privilege Management Vulnerability (CVE-2017-1000003)
|
CVE-2017-1000003
CWE-269
|
CWE-269
|
Critical
|
|
ATutor Incorrect Authorization Vulnerability (CVE-2019-16114)
|
CVE-2019-16114
CWE-863
|
CWE-863
|
Critical
|
|
ATutor Other Vulnerability (CVE-2014-9752)
|
CVE-2014-9752
|
|
Medium
|
|
ATutor Other Vulnerability (CVE-2015-7712)
|
CVE-2015-7712
|
|
Medium
|
|
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446)
|
CVE-2019-11446
CWE-434
|
CWE-434
|
High
|
|
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169)
|
CVE-2019-12169
CWE-434
|
CWE-434
|
High
|
|
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170)
|
CVE-2019-12170
CWE-434
|
CWE-434
|
High
|
|
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498)
|
CVE-2021-43498
CWE-640
|
CWE-640
|
High
|
|
axios Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-45857)
|
CVE-2023-45857
CWE-352
|
CWE-352
|
Medium
|
|
axios Improper Input Validation Vulnerability (CVE-2019-10742)
|
CVE-2019-10742
CWE-20
|
CWE-20
|
High
|
|
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28168)
|
CVE-2020-28168
CWE-918
|
CWE-918
|
Medium
|
|
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)
|
CVE-2024-39338
CWE-918
|
CWE-918
|
High
|
|
axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749)
|
CVE-2021-3749
CWE-400
|
CWE-400
|
High
|
|
Axway Secure Transport Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-14277)
|
CVE-2019-14277
CWE-611
|
CWE-611
|
Critical
|
|
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479)
|
CVE-2016-9479
|
|
High
|
|
b2evolution Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-7352)
|
CVE-2013-7352
CWE-352
|
CWE-352
|
Medium
|
|
b2evolution Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3709)
|
CVE-2011-3709
CWE-200
|
CWE-200
|
Medium
|
|
b2evolution Improper Input Validation Vulnerability (CVE-2017-1000423)
|
CVE-2017-1000423
CWE-20
|
CWE-20
|
Critical
|
|
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480)
|
CVE-2017-5480
CWE-22
|
CWE-22
|
High
|
|
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5539)
|
CVE-2017-5539
CWE-22
|
CWE-22
|
Critical
|
|
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0175)
|
CVE-2007-0175
CWE-707
|
CWE-707
|
Medium
|
|
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5911)
|
CVE-2012-5911
CWE-707
|
CWE-707
|
Medium
|
|
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9599)
|
CVE-2014-9599
CWE-707
|
CWE-707
|
Medium
|
|
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7149)
|
CVE-2016-7149
CWE-707
|
CWE-707
|
Medium
|
|
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7150)
|
CVE-2016-7150
CWE-707
|
CWE-707
|
Medium
|
|
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5494)
|
CVE-2017-5494
CWE-707
|
CWE-707
|
Medium
|
|
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5553)
|
CVE-2017-5553
CWE-707
|
CWE-707
|
Medium
|
|
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22841)
|
CVE-2020-22841
CWE-707
|
CWE-707
|
Medium
|
|
b2evolution Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-8901)
|
CVE-2016-8901
CWE-138
|
CWE-138
|
Critical
|
|
b2evolution Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-28242)
|
CVE-2021-28242
CWE-138
|
CWE-138
|
High
|
|
b2evolution Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5910)
|
CVE-2012-5910
CWE-138
|
CWE-138
|
Medium
|
|
b2evolution Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-2945)
|
CVE-2013-2945
CWE-138
|
CWE-138
|
Medium
|
|
b2evolution Other Vulnerability (CVE-2006-6197)
|
CVE-2006-6197
|
|
Medium
|
|
b2evolution Other Vulnerability (CVE-2006-6417)
|
CVE-2006-6417
|
|
High
|
|
b2evolution Other Vulnerability (CVE-2007-2358)
|
CVE-2007-2358
|
|
High
|
|
b2evolution Other Vulnerability (CVE-2007-2681)
|
CVE-2007-2681
|
|
High
|
|
b2evolution URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-22840)
|
CVE-2020-22840
CWE-601
|
CWE-601
|
Medium
|
|
b2evolution Use of Insufficiently Random Values Vulnerability (CVE-2022-30935)
|
CVE-2022-30935
CWE-330
|
CWE-330
|
Critical
|
|
Backbone.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10537)
|
CVE-2016-10537
CWE-707
|
CWE-707
|
Medium
|
|
Beego Framework CVE-2021-30080 Vulnerability (CVE-2021-30080)
|
CVE-2021-30080
|
|
Critical
|
|
Beego Framework CVE-2022-31259 Vulnerability (CVE-2022-31259)
|
CVE-2022-31259
|
|
Critical
|
|
Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)
|
CVE-2024-40464
CWE-295
|
CWE-295
|
High
|
|
Beego Framework Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-31836)
|
CVE-2022-31836
CWE-22
|
CWE-22
|
Critical
|
|
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116)
|
CVE-2021-27116
CWE-59
|
CWE-59
|
High
|
|
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117)
|
CVE-2021-27117
CWE-59
|
CWE-59
|
High
|
|
Beego Framework Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39391)
|
CVE-2021-39391
CWE-707
|
CWE-707
|
Medium
|
|
Beego Framework Incorrect Default Permissions Vulnerability (CVE-2019-16355)
|
CVE-2019-16355
CWE-276
|
CWE-276
|
Medium
|
|
Beego Framework Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-16354)
|
CVE-2019-16354
CWE-732
|
CWE-732
|
Medium
|
|
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465)
|
CVE-2024-40465
CWE-327
|
CWE-327
|
High
|
|
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10735)
|
CVE-2016-10735
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14040)
|
CVE-2018-14040
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14041)
|
CVE-2018-14041
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14042)
|
CVE-2018-14042
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20676)
|
CVE-2018-20676
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20677)
|
CVE-2018-20677
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8331)
|
CVE-2019-8331
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6484)
|
CVE-2024-6484
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Select Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20921)
|
CVE-2019-20921
CWE-707
|
CWE-707
|
Medium
|
|
Bootstrap Table Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2021-23472)
|
CVE-2021-23472
CWE-843
|
CWE-843
|
Medium
|
|
Bootstrap Table Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1726)
|
CVE-2022-1726
CWE-707
|
CWE-707
|
Medium
|
|
Caddy Web Server Authentication Bypass by Spoofing Vulnerability (CVE-2023-50463)
|
CVE-2023-50463
CWE-290
|
CWE-290
|
Medium
|
|
Caddy Web Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19148)
|
CVE-2018-19148
CWE-200
|
CWE-200
|
Low
|
|
Caddy Web Server Improper Authentication Vulnerability (CVE-2018-21246)
|
CVE-2018-21246
CWE-287
|
CWE-287
|
Critical
|
|
Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037)
|
CVE-2022-34037
CWE-125
|
CWE-125
|
High
|
|
Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28923)
|
CVE-2022-28923
CWE-601
|
CWE-601
|
Medium
|
|
Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29718)
|
CVE-2022-29718
CWE-601
|
CWE-601
|
Medium
|
|
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379)
|
CVE-2015-8379
CWE-352
|
CWE-352
|
High
|
|
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15400)
|
CVE-2020-15400
CWE-352
|
CWE-352
|
Medium
|
|
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239)
|
CVE-2020-35239
CWE-352
|
CWE-352
|
High
|
|
CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458)
|
CVE-2019-11458
CWE-502
|
CWE-502
|
High
|
|
CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3712)
|
CVE-2011-3712
CWE-200
|
CWE-200
|
Medium
|
|
CakePHP Improper Input Validation Vulnerability (CVE-2010-4335)
|
CVE-2010-4335
CWE-20
|
CWE-20
|
High
|
|
CakePHP Improper Input Validation Vulnerability (CVE-2016-4793)
|
CVE-2016-4793
CWE-20
|
CWE-20
|
High
|
|
CakePHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2006-5031)
|
CVE-2006-5031
CWE-22
|
CWE-22
|
Medium
|
|
CakePHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-4067)
|
CVE-2006-4067
CWE-707
|
CWE-707
|
Medium
|
|
CakePHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-22727)
|
CVE-2023-22727
CWE-138
|
CWE-138
|
Critical
|
|
CakePHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4399)
|
CVE-2012-4399
CWE-264
|
CWE-264
|
Medium
|
|
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-23127)
|
CVE-2020-23127
CWE-352
|
CWE-352
|
High
|
|
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-40662)
|
CVE-2021-40662
CWE-352
|
CWE-352
|
High
|
|
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-39061)
|
CVE-2023-39061
CWE-352
|
CWE-352
|
Low
|
|
Chamilo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32925)
|
CVE-2021-32925
CWE-200
|
CWE-200
|
Medium
|
|
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-1999019)
|
CVE-2018-1999019
CWE-94
|
CWE-94
|
Critical
|
|
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-38745)
|
CVE-2021-38745
CWE-94
|
CWE-94
|
Medium
|
|
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427)
|
CVE-2022-27427
CWE-94
|
CWE-94
|
High
|
|
Chamilo Improper Handling of Case Sensitivity Vulnerability (CVE-2023-3545)
|
CVE-2023-3545
CWE-178
|
CWE-178
|
Critical
|
|
Chamilo Improper Input Validation Vulnerability (CVE-2012-4030)
|
CVE-2012-4030
CWE-20
|
CWE-20
|
High
|
|
Chamilo Improper Input Validation Vulnerability (CVE-2021-31933)
|
CVE-2021-31933
CWE-20
|
CWE-20
|
High
|
|
Chamilo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-3533)
|
CVE-2023-3533
CWE-22
|
CWE-22
|
Critical
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4029)
|
CVE-2012-4029
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0738)
|
CVE-2013-0738
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0739)
|
CVE-2013-0739
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20327)
|
CVE-2018-20327
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20328)
|
CVE-2018-20328
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1000015)
|
CVE-2019-1000015
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23126)
|
CVE-2020-23126
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26746)
|
CVE-2021-26746
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35413)
|
CVE-2021-35413
CWE-707
|
CWE-707
|
High
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35414)
|
CVE-2021-35414
CWE-707
|
CWE-707
|
Critical
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35415)
|
CVE-2021-35415
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37389)
|
CVE-2021-37389
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37390)
|
CVE-2021-37390
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37391)
|
CVE-2021-37391
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43687)
|
CVE-2021-43687
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422)
|
CVE-2022-27422
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27425)
|
CVE-2022-27425
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31799)
|
CVE-2023-31799
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31800)
|
CVE-2023-31800
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31801)
|
CVE-2023-31801
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31802)
|
CVE-2023-31802
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31803)
|
CVE-2023-31803
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31804)
|
CVE-2023-31804
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31805)
|
CVE-2023-31805
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31806)
|
CVE-2023-31806
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31807)
|
CVE-2023-31807
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34961)
|
CVE-2023-34961
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37061)
|
CVE-2023-37061
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37062)
|
CVE-2023-37062
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37063)
|
CVE-2023-37063
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37064)
|
CVE-2023-37064
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37065)
|
CVE-2023-37065
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37066)
|
CVE-2023-37066
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37067)
|
CVE-2023-37067
CWE-707
|
CWE-707
|
Medium
|
|
Chamilo Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2023-34960)
|
CVE-2023-34960
CWE-138
|
CWE-138
|
Critical
|
|
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-3368)
|
CVE-2023-3368
CWE-138
|
CWE-138
|
Critical
|
|
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4221)
|
CVE-2023-4221
CWE-138
|
CWE-138
|
High
|
|
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4222)
|
CVE-2023-4222
CWE-138
|
CWE-138
|
High
|
|
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6787)
|
CVE-2013-6787
CWE-138
|
CWE-138
|
Medium
|
|
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20329)
|
CVE-2018-20329
CWE-138
|
CWE-138
|
High
|
|
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-34187)
|
CVE-2021-34187
CWE-138
|
CWE-138
|
Critical
|
|
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-27423)
|
CVE-2022-27423
CWE-138
|
CWE-138
|
Critical
|
|
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39582)
|
CVE-2023-39582
CWE-138
|
CWE-138
|
Medium
|
|
Chamilo Improper Privilege Management Vulnerability (CVE-2020-23128)
|
CVE-2020-23128
CWE-269
|
CWE-269
|
Medium
|
|
Chamilo Improper Privilege Management Vulnerability (CVE-2022-27421)
|
CVE-2022-27421
CWE-269
|
CWE-269
|
High
|
|
Chamilo Missing Authorization Vulnerability (CVE-2019-1000017)
|
CVE-2019-1000017
CWE-862
|
CWE-862
|
Medium
|
|
Chamilo Other Vulnerability (CVE-2023-34958)
|
CVE-2023-34958
|
|
Medium
|
|
Chamilo Other Vulnerability (CVE-2023-34962)
|
CVE-2023-34962
|
|
High
|
|
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27426)
|
CVE-2022-27426
CWE-918
|
CWE-918
|
High
|
|
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-34959)
|
CVE-2023-34959
CWE-918
|
CWE-918
|
Medium
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-13082)
|
CVE-2019-13082
CWE-434
|
CWE-434
|
Critical
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-40407)
|
CVE-2022-40407
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)
|
CVE-2022-42029
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4220)
|
CVE-2023-4220
CWE-434
|
CWE-434
|
Medium
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223)
|
CVE-2023-4223
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4224)
|
CVE-2023-4224
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4225)
|
CVE-2023-4225
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4226)
|
CVE-2023-4226
CWE-434
|
CWE-434
|
High
|
|
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-34944)
|
CVE-2023-34944
CWE-434
|
CWE-434
|
Critical
|
|
Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-9540)
|
CVE-2015-9540
CWE-601
|
CWE-601
|
Medium
|
|
Chart.js Improper Input Validation Vulnerability (CVE-2020-7746)
|
CVE-2020-7746
CWE-20
|
CWE-20
|
High
|
|
Check for apache versions up to 1.3.25, 2.0.38
|
CVE-2002-0392
CWE-119
|
CWE-119
|
High
|
|
Cherokee Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-2191)
|
CVE-2011-2191
CWE-352
|
CWE-352
|
Medium
|
|
Cherokee Cryptographic Issues Vulnerability (CVE-2011-2190)
|
CVE-2011-2190
|
|
Low
|
|
Cherokee Improper Authentication Vulnerability (CVE-2014-4668)
|
CVE-2014-4668
CWE-287
|
CWE-287
|
Medium
|
|
Cherokee Improper Input Validation Vulnerability (CVE-2009-4489)
|
CVE-2009-4489
CWE-20
|
CWE-20
|
Medium
|
|
Cherokee Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20798)
|
CVE-2019-20798
CWE-707
|
CWE-707
|
High
|
|
Cherokee Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-20799)
|
CVE-2019-20799
CWE-119
|
CWE-119
|
High
|
|
Cherokee NULL Pointer Dereference Vulnerability (CVE-2020-12845)
|
CVE-2020-12845
CWE-476
|
CWE-476
|
High
|
|
Cherokee Out-of-bounds Write Vulnerability (CVE-2019-20800)
|
CVE-2019-20800
CWE-787
|
CWE-787
|
Critical
|
|
CherryPy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0252)
|
CVE-2008-0252
CWE-22
|
CWE-22
|
High
|
|
CherryPy Other Vulnerability (CVE-2006-0847)
|
CVE-2006-0847
|
|
Medium
|
|
Citrix ADC NetScaler Local File Inclusion (CVE-2020-8193)
|
CVE-2020-8193
CWE-284
|
CWE-284
|
Medium
|
|
Citrix NetScaler Information Disclosure 'Citrix Bleed' (CVE-2023-4966)
|
CVE-2023-4966
CWE-119
|
CWE-119
|
Critical
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5191)
|
CVE-2014-5191
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17960)
|
CVE-2018-17960
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9281)
|
CVE-2020-9281
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9440)
|
CVE-2020-9440
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27193)
|
CVE-2020-27193
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32808)
|
CVE-2021-32808
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32809)
|
CVE-2021-32809
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37695)
|
CVE-2021-37695
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
|
CVE-2021-41164
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
|
CVE-2021-41165
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
|
CVE-2022-24728
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48110)
|
CVE-2022-48110
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28439)
|
CVE-2023-28439
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24815)
|
CVE-2024-24815
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24816)
|
CVE-2024-24816
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43407)
|
CVE-2024-43407
CWE-707
|
CWE-707
|
Medium
|
|
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26271)
|
CVE-2021-26271
CWE-829
|
CWE-829
|
Medium
|
|
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26272)
|
CVE-2021-26272
CWE-829
|
CWE-829
|
Medium
|
|
CKEditor Other Vulnerability (CVE-2022-24729)
|
CVE-2022-24729
|
|
High
|
|
CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-31541)
|
CVE-2023-31541
CWE-434
|
CWE-434
|
Critical
|
|
Claroline Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3262)
|
CVE-2008-3262
CWE-352
|
CWE-352
|
Medium
|
|
Claroline Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3716)
|
CVE-2011-3716
CWE-200
|
CWE-200
|
Medium
|
|
Claroline Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4844)
|
CVE-2006-4844
CWE-94
|
CWE-94
|
Medium
|
|
Claroline Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3261)
|
CVE-2008-3261
CWE-59
|
CWE-59
|
Medium
|
|
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3260)
|
CVE-2008-3260
CWE-707
|
CWE-707
|
Medium
|
|
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3315)
|
CVE-2008-3315
CWE-707
|
CWE-707
|
Medium
|
|
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1907)
|
CVE-2009-1907
CWE-707
|
CWE-707
|
Medium
|
|
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4753)
|
CVE-2013-4753
CWE-707
|
CWE-707
|
Low
|
|
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6267)
|
CVE-2013-6267
CWE-707
|
CWE-707
|
Medium
|
|
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37160)
|
CVE-2022-37160
CWE-707
|
CWE-707
|
Medium
|
|
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37161)
|
CVE-2022-37161
CWE-707
|
CWE-707
|
Medium
|
|
Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37162)
|
CVE-2022-37162
CWE-707
|
CWE-707
|
Medium
|
|
Claroline Other Vulnerability (CVE-2005-1374)
|
CVE-2005-1374
|
|
Medium
|
|
Claroline Other Vulnerability (CVE-2005-1375)
|
CVE-2005-1375
|
|
High
|
|
Claroline Other Vulnerability (CVE-2005-1376)
|
CVE-2005-1376
|
|
High
|
|
Claroline Other Vulnerability (CVE-2005-1377)
|
CVE-2005-1377
|
|
High
|
|
Claroline Other Vulnerability (CVE-2006-0411)
|
CVE-2006-0411
|
|
Critical
|
|
Claroline Other Vulnerability (CVE-2006-1594)
|
CVE-2006-1594
|
|
High
|
|
Claroline Other Vulnerability (CVE-2006-1595)
|
CVE-2006-1595
|
|
Medium
|
|
Claroline Other Vulnerability (CVE-2006-1596)
|
CVE-2006-1596
|
|
High
|
|
Claroline Other Vulnerability (CVE-2006-2284)
|
CVE-2006-2284
|
|
Medium
|
|
Claroline Other Vulnerability (CVE-2006-2868)
|
CVE-2006-2868
|
|
Medium
|
|
Claroline Other Vulnerability (CVE-2006-3257)
|
CVE-2006-3257
|
|
Medium
|
|
Claroline Other Vulnerability (CVE-2006-5256)
|
CVE-2006-5256
|
|
High
|
|
Claroline Other Vulnerability (CVE-2006-7048)
|
CVE-2006-7048
|
|
High
|
|
Claroline Other Vulnerability (CVE-2007-3517)
|
CVE-2007-3517
|
|
Medium
|
|
Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)
|
CVE-2022-37159
CWE-434
|
CWE-434
|
Critical
|
|
ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717)
|
CVE-2011-3717
CWE-200
|
CWE-200
|
Medium
|
|
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6642)
|
CVE-2012-6642
CWE-707
|
CWE-707
|
Medium
|
|
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6644)
|
CVE-2012-6644
CWE-707
|
CWE-707
|
Medium
|
|
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4673)
|
CVE-2015-4673
CWE-707
|
CWE-707
|
Medium
|
|
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4848)
|
CVE-2016-4848
CWE-707
|
CWE-707
|
Medium
|
|
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1000307)
|
CVE-2016-1000307
CWE-707
|
CWE-707
|
Medium
|
|
ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664)
|
CVE-2018-7664
CWE-138
|
CWE-138
|
Critical
|
|
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5849)
|
CVE-2012-5849
CWE-138
|
CWE-138
|
High
|
|
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6643)
|
CVE-2012-6643
CWE-138
|
CWE-138
|
High
|
|
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666)
|
CVE-2018-7666
CWE-138
|
CWE-138
|
Critical
|
|
ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665)
|
CVE-2018-7665
CWE-434
|
CWE-434
|
Critical
|
|
ColdFusion 8 FCKEditor file upload vulnerability
|
CVE-2009-2265
CWE-22
|
CWE-22
|
High
|
|
ColdFusion 9 solr service exposed
|
CVE-2010-0185
CWE-264
|
CWE-264
|
High
|
|
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
|
CVE-2023-26359
CVE-2023-26360
CWE-502
|
CWE-502
|
High
|
|
ColdFusion directory traversal
|
CVE-2010-2861
CWE-22
|
CWE-22
|
High
|
|
ColdFusion User-Agent cross-site scripting
|
CVE-2007-0817
CWE-79
|
CWE-79
|
High
|
|
Collabtive Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5285)
|
CVE-2010-5285
CWE-352
|
CWE-352
|
Medium
|
|
Collabtive Improper Input Validation Vulnerability (CVE-2012-2670)
|
CVE-2012-2670
CWE-20
|
CWE-20
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5284)
|
CVE-2010-5284
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3247)
|
CVE-2014-3247
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8935)
|
CVE-2019-8935
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13655)
|
CVE-2020-13655
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3298)
|
CVE-2021-3298
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46240)
|
CVE-2024-46240
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48706)
|
CVE-2024-48706
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48707)
|
CVE-2024-48707
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48708)
|
CVE-2024-48708
CWE-707
|
CWE-707
|
Medium
|
|
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4269)
|
CVE-2010-4269
CWE-138
|
CWE-138
|
High
|
|
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6872)
|
CVE-2013-6872
CWE-138
|
CWE-138
|
Medium
|
|
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3246)
|
CVE-2014-3246
CWE-138
|
CWE-138
|
Medium
|
|
Collabtive Improper Privilege Management Vulnerability (CVE-2013-5027)
|
CVE-2013-5027
CWE-269
|
CWE-269
|
Critical
|
|
Collabtive Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2015-0258)
|
CVE-2015-0258
CWE-434
|
CWE-434
|
High
|
|
concrete5 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8082)
|
CVE-2017-8082
CWE-352
|
CWE-352
|
Medium
|
|
concrete5 CVE-2020-14961 Vulnerability (CVE-2020-14961)
|
CVE-2020-14961
|
|
Medium
|
|
concrete5 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5107)
|
CVE-2014-5107
CWE-200
|
CWE-200
|
Medium
|
|
concrete5 Improper Input Validation Vulnerability (CVE-2017-18195)
|
CVE-2017-18195
CWE-20
|
CWE-20
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5181)
|
CVE-2012-5181
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5108)
|
CVE-2014-5108
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9526)
|
CVE-2014-9526
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2250)
|
CVE-2015-2250
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3989)
|
CVE-2015-3989
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4721)
|
CVE-2015-4721
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6905)
|
CVE-2017-6905
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6908)
|
CVE-2017-6908
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7725)
|
CVE-2017-7725
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19146)
|
CVE-2018-19146
CWE-707
|
CWE-707
|
Medium
|
|
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3111)
|
CVE-2021-3111
CWE-707
|
CWE-707
|
Low
|
|
concrete5 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4724)
|
CVE-2015-4724
CWE-138
|
CWE-138
|
High
|
|
concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13790)
|
CVE-2018-13790
CWE-918
|
CWE-918
|
High
|
|
concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-22958)
|
CVE-2021-22958
CWE-918
|
CWE-918
|
Critical
|
|
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11476)
|
CVE-2020-11476
CWE-434
|
CWE-434
|
High
|
|
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24986)
|
CVE-2020-24986
CWE-434
|
CWE-434
|
High
|
|
Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1297)
|
CVE-2012-1297
CWE-352
|
CWE-352
|
Medium
|
|
Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10642)
|
CVE-2019-10642
CWE-352
|
CWE-352
|
High
|
|
Contao CVE-2018-20028 Vulnerability (CVE-2018-20028)
|
CVE-2018-20028
|
|
Medium
|
|
Contao CVE-2024-28234 Vulnerability (CVE-2024-28234)
|
CVE-2024-28234
|
|
Medium
|
|
Contao CVE-2024-28235 Vulnerability (CVE-2024-28235)
|
CVE-2024-28235
|
|
Medium
|
|
Contao Deserialization of Untrusted Data Vulnerability (CVE-2014-1860)
|
CVE-2014-1860
CWE-502
|
CWE-502
|
Critical
|
|
Contao Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-37626)
|
CVE-2021-37626
CWE-94
|
CWE-94
|
High
|
|
Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714)
|
CVE-2019-19714
CWE-116
|
CWE-116
|
Medium
|
|
Contao Improper Input Validation Vulnerability (CVE-2020-25768)
|
CVE-2020-25768
CWE-20
|
CWE-20
|
Medium
|
|
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-0269)
|
CVE-2015-0269
CWE-22
|
CWE-22
|
Medium
|
|
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-10993)
|
CVE-2017-10993
CWE-22
|
CWE-22
|
High
|
|
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-29200)
|
CVE-2023-29200
CWE-22
|
CWE-22
|
Medium
|
|
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-45604)
|
CVE-2024-45604
CWE-22
|
CWE-22
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0508)
|
CVE-2011-0508
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4335)
|
CVE-2011-4335
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5478)
|
CVE-2018-5478
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10125)
|
CVE-2018-10125
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35210)
|
CVE-2021-35210
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35955)
|
CVE-2021-35955
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24899)
|
CVE-2022-24899
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36806)
|
CVE-2023-36806
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28190)
|
CVE-2024-28190
CWE-707
|
CWE-707
|
Medium
|
|
Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-28191)
|
CVE-2024-28191
CWE-138
|
CWE-138
|
Medium
|
|
Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-45612)
|
CVE-2024-45612
CWE-138
|
CWE-138
|
Medium
|
|
Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4383)
|
CVE-2012-4383
CWE-138
|
CWE-138
|
High
|
|
Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-16558)
|
CVE-2017-16558
CWE-138
|
CWE-138
|
Critical
|
|
Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-11512)
|
CVE-2019-11512
CWE-138
|
CWE-138
|
Critical
|
|
Contao Improper Privilege Management Vulnerability (CVE-2021-37627)
|
CVE-2021-37627
CWE-269
|
CWE-269
|
High
|
|
Contao Incorrect Default Permissions Vulnerability (CVE-2019-19712)
|
CVE-2019-19712
CWE-276
|
CWE-276
|
Medium
|
|
Contao Insufficient Session Expiration Vulnerability (CVE-2024-30262)
|
CVE-2024-30262
CWE-613
|
CWE-613
|
High
|
|
Contao Key Management Errors Vulnerability (CVE-2019-10643)
|
CVE-2019-10643
|
|
Critical
|
|
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)
|
CVE-2019-19745
CWE-434
|
CWE-434
|
High
|
|
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-45398)
|
CVE-2024-45398
CWE-434
|
CWE-434
|
High
|
|
Contao Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10641)
|
CVE-2019-10641
CWE-640
|
CWE-640
|
Critical
|
|
Coppermine Cross-site Scripting (XSS) Vulnerability (CVE-2015-3921)
|
CVE-2015-3921
|
|
Low
|
|
Coppermine Cross-site Scripting (XSS) Vulnerability (CVE-2018-14478)
|
CVE-2018-14478
|
|
Medium
|
|
Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-7187)
|
CVE-2008-7187
CWE-200
|
CWE-200
|
Medium
|
|
Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3722)
|
CVE-2011-3722
CWE-200
|
CWE-200
|
Medium
|
|
Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1614)
|
CVE-2012-1614
CWE-200
|
CWE-200
|
Medium
|
|
Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3923)
|
CVE-2015-3923
CWE-200
|
CWE-200
|
Medium
|
|
Coppermine Improper Authentication Vulnerability (CVE-2005-3979)
|
CVE-2005-3979
CWE-287
|
CWE-287
|
Medium
|
|
Coppermine Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3481)
|
CVE-2008-3481
CWE-94
|
CWE-94
|
High
|
|
Coppermine Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3486)
|
CVE-2008-3486
CWE-22
|
CWE-22
|
High
|
|
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4667)
|
CVE-2010-4667
CWE-707
|
CWE-707
|
Medium
|
|
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4693)
|
CVE-2010-4693
CWE-707
|
CWE-707
|
Medium
|
|
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2476)
|
CVE-2011-2476
CWE-707
|
CWE-707
|
Medium
|
|
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1613)
|
CVE-2012-1613
CWE-707
|
CWE-707
|
Low
|
|
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4612)
|
CVE-2014-4612
CWE-707
|
CWE-707
|
Medium
|
|
Coppermine Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0504)
|
CVE-2008-0504
CWE-138
|
CWE-138
|
Medium
|
|
Coppermine Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-6528)
|
CVE-2015-6528
|
|
Medium
|
|
Coppermine Open Redirection Vulnerability (CVE-2015-3922)
|
CVE-2015-3922
|
|
Medium
|
|
Coppermine Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7186)
|
CVE-2008-7186
CWE-264
|
CWE-264
|
Medium
|
|
Craft CMS CVE-2017-8383 Vulnerability (CVE-2017-8383)
|
CVE-2017-8383
|
|
Medium
|
|
Craft CMS CVE-2024-21622 Vulnerability (CVE-2024-21622)
|
CVE-2024-21622
|
|
High
|
|
Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280)
|
CVE-2019-14280
CWE-200
|
CWE-200
|
Medium
|
|
Craft CMS Files or Directories Accessible to External Parties Vulnerability (CVE-2024-52292)
|
CVE-2024-52292
CWE-552
|
CWE-552
|
Medium
|
|
Craft CMS Improper Authentication Vulnerability (CVE-2024-41800)
|
CVE-2024-41800
CWE-287
|
CWE-287
|
High
|
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-27903)
|
CVE-2021-27903
CWE-94
|
CWE-94
|
Critical
|
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130)
|
CVE-2023-30130
CWE-94
|
CWE-94
|
High
|
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30179)
|
CVE-2023-30179
CWE-94
|
CWE-94
|
High
|
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41892)
|
CVE-2023-41892
CWE-94
|
CWE-94
|
Critical
|
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-23209)
|
CVE-2025-23209
CWE-94
|
CWE-94
|
High
|
|
Craft CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-52291)
|
CVE-2024-52291
CWE-22
|
CWE-22
|
High
|
|
Craft CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-52293)
|
CVE-2024-52293
CWE-22
|
CWE-22
|
High
|
|
Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)
|
CVE-2021-41824
CWE-1236
|
CWE-1236
|
High
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8052)
|
CVE-2017-8052
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8384)
|
CVE-2017-8384
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9516)
|
CVE-2017-9516
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20418)
|
CVE-2018-20418
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-9554)
|
CVE-2019-9554
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12823)
|
CVE-2019-12823
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17496)
|
CVE-2019-17496
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-19626)
|
CVE-2020-19626
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27902)
|
CVE-2021-27902
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32470)
|
CVE-2021-32470
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28378)
|
CVE-2022-28378
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37246)
|
CVE-2022-37246
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37247)
|
CVE-2022-37247
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37248)
|
CVE-2022-37248
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37250)
|
CVE-2022-37250
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37251)
|
CVE-2022-37251
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-2817)
|
CVE-2023-2817
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23927)
|
CVE-2023-23927
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-30177)
|
CVE-2023-30177
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31144)
|
CVE-2023-31144
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33194)
|
CVE-2023-33194
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33195)
|
CVE-2023-33195
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33196)
|
CVE-2023-33196
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33197)
|
CVE-2023-33197
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33495)
|
CVE-2023-33495
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36259)
|
CVE-2023-36259
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45406)
|
CVE-2024-45406
CWE-707
|
CWE-707
|
Medium
|
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-9757)
|
CVE-2020-9757
CWE-138
|
CWE-138
|
High
|
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-32679)
|
CVE-2023-32679
CWE-138
|
CWE-138
|
High
|
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36260)
|
CVE-2023-36260
CWE-138
|
CWE-138
|
High
|
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-40035)
|
CVE-2023-40035
CWE-138
|
CWE-138
|
High
|
|
Craft CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-37843)
|
CVE-2024-37843
CWE-138
|
CWE-138
|
Critical
|
|
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2018-20465)
|
CVE-2018-20465
CWE-311
|
CWE-311
|
High
|
|
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2022-37783)
|
CVE-2022-37783
CWE-311
|
CWE-311
|
High
|
|
Craft CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-3814)
|
CVE-2018-3814
CWE-434
|
CWE-434
|
High
|
|
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2017-8385)
|
CVE-2017-8385
CWE-640
|
CWE-640
|
Medium
|
|
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-15929)
|
CVE-2019-15929
CWE-640
|
CWE-640
|
Critical
|
|
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-29933)
|
CVE-2022-29933
CWE-640
|
CWE-640
|
High
|
|
CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035)
|
CVE-2017-14035
CWE-502
|
CWE-502
|
Critical
|
|
CrushFTP Server Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2023-43177)
|
CVE-2023-43177
CWE-913
|
CWE-913
|
Critical
|
|
CrushFTP Server Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-4040)
|
CVE-2024-4040
CWE-94
|
CWE-94
|
Critical
|
|
CrushFTP Server Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2017-14037)
|
CVE-2017-14037
CWE-707
|
CWE-707
|
Medium
|
|
CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14036)
|
CVE-2017-14036
CWE-707
|
CWE-707
|
Medium
|
|
CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44076)
|
CVE-2021-44076
CWE-707
|
CWE-707
|
Medium
|
|
CrushFTP Server Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795)
|
CVE-2023-48795
CWE-354
|
CWE-354
|
Medium
|
|
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-14038)
|
CVE-2017-14038
CWE-601
|
CWE-601
|
Medium
|
|
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-18288)
|
CVE-2018-18288
CWE-601
|
CWE-601
|
Medium
|
|
CubeCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-38130)
|
CVE-2023-38130
CWE-352
|
CWE-352
|
High
|
|
CubeCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3724)
|
CVE-2011-3724
CWE-200
|
CWE-200
|
Medium
|
|
CubeCart Improper Access Control Vulnerability (CVE-2015-6928)
|
CVE-2015-6928
CWE-284
|
CWE-284
|
Medium
|
|
CubeCart Improper Authentication Vulnerability (CVE-2014-2341)
|
CVE-2014-2341
CWE-287
|
CWE-287
|
Medium
|
|
CubeCart Improper Input Validation Vulnerability (CVE-2012-0865)
|
CVE-2012-0865
CWE-20
|
CWE-20
|
Medium
|
|
CubeCart Improper Input Validation Vulnerability (CVE-2013-1465)
|
CVE-2013-1465
CWE-20
|
CWE-20
|
High
|
|
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2090)
|
CVE-2017-2090
CWE-22
|
CWE-22
|
Medium
|
|
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2098)
|
CVE-2017-2098
CWE-22
|
CWE-22
|
Medium
|
|
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2117)
|
CVE-2017-2117
CWE-22
|
CWE-22
|
Medium
|
|
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-42428)
|
CVE-2023-42428
CWE-22
|
CWE-22
|
Medium
|
|
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-47283)
|
CVE-2023-47283
CWE-22
|
CWE-22
|
Medium
|
|
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-34832)
|
CVE-2024-34832
CWE-22
|
CWE-22
|
Critical
|
|
CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1550)
|
CVE-2008-1550
CWE-707
|
CWE-707
|
Medium
|
|
CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20703)
|
CVE-2018-20703
CWE-707
|
CWE-707
|
Medium
|
|
CubeCart Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-47675)
|
CVE-2023-47675
CWE-138
|
CWE-138
|
High
|
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4060)
|
CVE-2009-4060
CWE-138
|
CWE-138
|
High
|
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1931)
|
CVE-2010-1931
CWE-138
|
CWE-138
|
High
|
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4903)
|
CVE-2010-4903
CWE-138
|
CWE-138
|
High
|
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20716)
|
CVE-2018-20716
CWE-138
|
CWE-138
|
Critical
|
|
CubeCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3904)
|
CVE-2009-3904
CWE-264
|
CWE-264
|
High
|
|
CubeCart Session Fixation Vulnerability (CVE-2021-33394)
|
CVE-2021-33394
CWE-384
|
CWE-384
|
Medium
|
|
D3.js Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-16044)
|
CVE-2017-16044
CWE-200
|
CWE-200
|
High
|
|
datatables Cross-site Scripting (XSS) Vulnerability (CVE-2015-6584)
|
CVE-2015-6584
|
|
Medium
|
|
DataTables Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23445)
|
CVE-2021-23445
CWE-707
|
CWE-707
|
Medium
|
|
DataTables Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-36713)
|
CVE-2021-36713
CWE-707
|
CWE-707
|
Medium
|
|
DataTables Prototype Pollution Vulnerability (CVE-2020-28458)
|
CVE-2020-28458
|
|
High
|
|
Django 7PK - Security Features Vulnerability (CVE-2016-7401)
|
CVE-2016-7401
|
|
High
|
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-6975)
|
CVE-2019-6975
CWE-770
|
CWE-770
|
High
|
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-23969)
|
CVE-2023-23969
CWE-770
|
CWE-770
|
High
|
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-46695)
|
CVE-2023-46695
CWE-770
|
CWE-770
|
High
|
|
Django Cleartext Transmission of Sensitive Information Vulnerability (CVE-2019-12781)
|
CVE-2019-12781
CWE-319
|
CWE-319
|
Medium
|
|
Django Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0696)
|
CVE-2011-0696
CWE-352
|
CWE-352
|
Medium
|
|
Django Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4140)
|
CVE-2011-4140
CWE-352
|
CWE-352
|
Medium
|
|
Django CVE-2014-1418 Vulnerability (CVE-2014-1418)
|
CVE-2014-1418
|
|
Medium
|
|
Django CVE-2024-24680 Vulnerability (CVE-2024-24680)
|
CVE-2024-24680
|
|
High
|
|
Django CVE-2024-41989 Vulnerability (CVE-2024-41989)
|
CVE-2024-41989
|
|
High
|
|
Django CVE-2024-41990 Vulnerability (CVE-2024-41990)
|
CVE-2024-41990
|
|
High
|
|
Django CVE-2024-45230 Vulnerability (CVE-2024-45230)
|
CVE-2024-45230
|
|
High
|
|
Django CVE-2024-45231 Vulnerability (CVE-2024-45231)
|
CVE-2024-45231
|
|
Medium
|
|
Django DEPRECATED: Code Vulnerability (CVE-2015-0219)
|
CVE-2015-0219
|
|
Medium
|
|
Django DEPRECATED: Code Vulnerability (CVE-2015-0222)
|
CVE-2015-0222
|
|
Medium
|
|
Django Download of Code Without Integrity Check Vulnerability (CVE-2022-36359)
|
CVE-2022-36359
CWE-494
|
CWE-494
|
High
|
|
Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)
|
CVE-2021-45116
CWE-668
|
CWE-668
|
High
|
|
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-0305)
|
CVE-2013-0305
CWE-200
|
CWE-200
|
Medium
|
|
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8213)
|
CVE-2015-8213
CWE-200
|
CWE-200
|
Medium
|
|
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2513)
|
CVE-2016-2513
CWE-200
|
CWE-200
|
Low
|
|
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-6188)
|
CVE-2018-6188
CWE-200
|
CWE-200
|
High
|
|
Django Improper Access Control Vulnerability (CVE-2016-2048)
|
CVE-2016-2048
CWE-284
|
CWE-284
|
Medium
|
|
Django Improper Authentication Vulnerability (CVE-2013-1443)
|
CVE-2013-1443
CWE-287
|
CWE-287
|
Medium
|
|
Django Improper Authentication Vulnerability (CVE-2014-0482)
|
CVE-2014-0482
CWE-287
|
CWE-287
|
Medium
|
|
Django Improper Authentication Vulnerability (CVE-2021-44420)
|
CVE-2021-44420
CWE-287
|
CWE-287
|
High
|
|
Django Improper Certificate Validation Vulnerability (CVE-2020-13254)
|
CVE-2020-13254
CWE-295
|
CWE-295
|
Medium
|
|
Django Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-0472)
|
CVE-2014-0472
CWE-94
|
CWE-94
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2010-4535)
|
CVE-2010-4535
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2011-4136)
|
CVE-2011-4136
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2011-4138)
|
CVE-2011-4138
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2011-4139)
|
CVE-2011-4139
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2012-3443)
|
CVE-2012-3443
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2012-4520)
|
CVE-2012-4520
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2014-0480)
|
CVE-2014-0480
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2014-3730)
|
CVE-2014-3730
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2015-5144)
|
CVE-2015-5144
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2019-3498)
|
CVE-2019-3498
CWE-20
|
CWE-20
|
Medium
|
|
Django Improper Input Validation Vulnerability (CVE-2023-31047)
|
CVE-2023-31047
CWE-20
|
CWE-20
|
Critical
|
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2011-0698)
|
CVE-2011-0698
CWE-22
|
CWE-22
|
High
|
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-4315)
|
CVE-2013-4315
CWE-22
|
CWE-22
|
Medium
|
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-3281)
|
CVE-2021-3281
CWE-22
|
CWE-22
|
Medium
|
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28658)
|
CVE-2021-28658
CWE-22
|
CWE-22
|
Medium
|
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-33203)
|
CVE-2021-33203
CWE-22
|
CWE-22
|
High
|
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-45452)
|
CVE-2021-45452
CWE-22
|
CWE-22
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3082)
|
CVE-2010-3082
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0697)
|
CVE-2011-0697
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3442)
|
CVE-2012-3442
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4249)
|
CVE-2013-4249
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6044)
|
CVE-2013-6044
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0220)
|
CVE-2015-0220
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2241)
|
CVE-2015-2241
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2317)
|
CVE-2015-2317
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-2512)
|
CVE-2016-2512
CWE-707
|
CWE-707
|
High
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6186)
|
CVE-2016-6186
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12794)
|
CVE-2017-12794
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12308)
|
CVE-2019-12308
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13596)
|
CVE-2020-13596
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32052)
|
CVE-2021-32052
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22818)
|
CVE-2022-22818
CWE-707
|
CWE-707
|
Medium
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-14234)
|
CVE-2019-14234
CWE-138
|
CWE-138
|
Critical
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-7471)
|
CVE-2020-7471
CWE-138
|
CWE-138
|
Critical
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-9402)
|
CVE-2020-9402
CWE-138
|
CWE-138
|
High
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-35042)
|
CVE-2021-35042
CWE-138
|
CWE-138
|
Critical
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28346)
|
CVE-2022-28346
CWE-138
|
CWE-138
|
Critical
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28347)
|
CVE-2022-28347
CWE-138
|
CWE-138
|
Critical
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-34265)
|
CVE-2022-34265
CWE-138
|
CWE-138
|
Critical
|
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-42005)
|
CVE-2024-42005
CWE-138
|
CWE-138
|
Critical
|
|
Django Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-3444)
|
CVE-2012-3444
CWE-119
|
CWE-119
|
Medium
|
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-41164)
|
CVE-2023-41164
CWE-1284
|
CWE-1284
|
High
|
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-43665)
|
CVE-2023-43665
CWE-1284
|
CWE-1284
|
High
|
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2024-41991)
|
CVE-2024-41991
CWE-1284
|
CWE-1284
|
High
|
|
Django Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-23336)
|
CVE-2021-23336
CWE-444
|
CWE-444
|
Medium
|
|
Django Incorrect Default Permissions Vulnerability (CVE-2019-19118)
|
CVE-2019-19118
CWE-276
|
CWE-276
|
Medium
|
|
Django Incorrect Default Permissions Vulnerability (CVE-2020-24583)
|
CVE-2020-24583
CWE-276
|
CWE-276
|
High
|
|
Django Incorrect Default Permissions Vulnerability (CVE-2020-24584)
|
CVE-2020-24584
CWE-276
|
CWE-276
|
High
|
|
Django Incorrect Regular Expression Vulnerability (CVE-2018-7536)
|
CVE-2018-7536
CWE-185
|
CWE-185
|
Medium
|
|
Django Incorrect Regular Expression Vulnerability (CVE-2018-7537)
|
CVE-2018-7537
CWE-185
|
CWE-185
|
Medium
|
|
Django Inefficient Regular Expression Complexity Vulnerability (CVE-2023-36053)
|
CVE-2023-36053
CWE-1333
|
CWE-1333
|
High
|
|
Django Insufficiently Protected Credentials Vulnerability (CVE-2018-16984)
|
CVE-2018-16984
CWE-522
|
CWE-522
|
Medium
|
|
Django Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23833)
|
CVE-2022-23833
CWE-835
|
CWE-835
|
High
|
|
Django Numeric Errors Vulnerability (CVE-2013-0306)
|
CVE-2013-0306
|
|
Medium
|
|
Django Other Vulnerability (CVE-2009-3695)
|
CVE-2009-3695
|
|
Medium
|
|
Django Other Vulnerability (CVE-2015-3982)
|
CVE-2015-3982
|
|
Medium
|
|
Django Other Vulnerability (CVE-2022-41323)
|
CVE-2022-41323
|
|
High
|
|
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-4534)
|
CVE-2010-4534
CWE-264
|
CWE-264
|
Medium
|
|
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0473)
|
CVE-2014-0473
CWE-264
|
CWE-264
|
Medium
|
|
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0483)
|
CVE-2014-0483
CWE-264
|
CWE-264
|
Low
|
|
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)
|
CVE-2016-9014
CWE-264
|
CWE-264
|
High
|
|
Django Resource Management Errors Vulnerability (CVE-2011-4137)
|
CVE-2011-4137
|
|
Medium
|
|
Django Resource Management Errors Vulnerability (CVE-2014-0474)
|
CVE-2014-0474
|
|
Critical
|
|
Django Resource Management Errors Vulnerability (CVE-2014-0481)
|
CVE-2014-0481
|
|
Medium
|
|
Django Resource Management Errors Vulnerability (CVE-2015-0221)
|
CVE-2015-0221
|
|
Medium
|
|
Django Resource Management Errors Vulnerability (CVE-2015-2316)
|
CVE-2015-2316
|
|
Medium
|
|
Django Resource Management Errors Vulnerability (CVE-2015-5143)
|
CVE-2015-5143
|
|
High
|
|
Django Resource Management Errors Vulnerability (CVE-2015-5145)
|
CVE-2015-5145
|
|
High
|
|
Django Resource Management Errors Vulnerability (CVE-2015-5963)
|
CVE-2015-5963
|
|
Medium
|
|
Django Resource Management Errors Vulnerability (CVE-2015-5964)
|
CVE-2015-5964
|
|
Medium
|
|
Django Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33571)
|
CVE-2021-33571
CWE-918
|
CWE-918
|
High
|
|
Django Uncontrolled Recursion Vulnerability (CVE-2019-14235)
|
CVE-2019-14235
CWE-674
|
CWE-674
|
High
|
|
Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14232)
|
CVE-2019-14232
CWE-400
|
CWE-400
|
High
|
|
Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14233)
|
CVE-2019-14233
CWE-400
|
CWE-400
|
High
|
|
Django Uncontrolled Resource Consumption Vulnerability (CVE-2021-45115)
|
CVE-2021-45115
CWE-400
|
CWE-400
|
High
|
|
Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)
|
CVE-2023-24580
CWE-400
|
CWE-400
|
High
|
|
Django Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-31542)
|
CVE-2021-31542
CWE-434
|
CWE-434
|
High
|
|
Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7233)
|
CVE-2017-7233
CWE-601
|
CWE-601
|
Medium
|
|
Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7234)
|
CVE-2017-7234
CWE-601
|
CWE-601
|
Medium
|
|
Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-14574)
|
CVE-2018-14574
CWE-601
|
CWE-601
|
Medium
|
|
Django Use of Hard-coded Credentials Vulnerability (CVE-2016-9013)
|
CVE-2016-9013
CWE-798
|
CWE-798
|
Critical
|
|
Django Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-19844)
|
CVE-2019-19844
CWE-640
|
CWE-640
|
Critical
|
|
Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-5258)
|
CVE-2020-5258
CWE-1321
|
CWE-1321
|
High
|
|
Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-23450)
|
CVE-2021-23450
CWE-1321
|
CWE-1321
|
Critical
|
|
Dolibarr Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3991)
|
CVE-2021-3991
CWE-639
|
CWE-639
|
Medium
|
|
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-1010054)
|
CVE-2019-1010054
CWE-352
|
CWE-352
|
High
|
|
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11825)
|
CVE-2020-11825
CWE-352
|
CWE-352
|
High
|
|
Dolibarr CVE-2019-11200 Vulnerability (CVE-2019-11200)
|
CVE-2019-11200
|
|
High
|
|
Dolibarr CVE-2023-38886 Vulnerability (CVE-2023-38886)
|
CVE-2023-38886
|
|
High
|
|
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-14240)
|
CVE-2017-14240
CWE-200
|
CWE-200
|
High
|
|
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-17898)
|
CVE-2017-17898
CWE-200
|
CWE-200
|
High
|
|
Dolibarr Files or Directories Accessible to External Parties Vulnerability (CVE-2023-33568)
|
CVE-2023-33568
CWE-552
|
CWE-552
|
High
|
|
Dolibarr Improper Authentication Vulnerability (CVE-2017-8879)
|
CVE-2017-8879
CWE-287
|
CWE-287
|
Medium
|
|
Dolibarr Improper Authentication Vulnerability (CVE-2020-7995)
|
CVE-2020-7995
CWE-287
|
CWE-287
|
Critical
|
|
Dolibarr Improper Authentication Vulnerability (CVE-2021-25956)
|
CVE-2021-25956
CWE-287
|
CWE-287
|
High
|
|
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-11201)
|
CVE-2019-11201
CWE-94
|
CWE-94
|
High
|
|
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-33816)
|
CVE-2021-33816
CWE-94
|
CWE-94
|
Critical
|
|
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-0819)
|
CVE-2022-0819
CWE-94
|
CWE-94
|
High
|
|
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-29477)
|
CVE-2024-29477
CWE-94
|
CWE-94
|
High
|
|
Dolibarr Improper Input Validation Vulnerability (CVE-2013-2093)
|
CVE-2013-2093
CWE-20
|
CWE-20
|
Critical
|
|
Dolibarr Improper Input Validation Vulnerability (CVE-2022-0174)
|
CVE-2022-0174
CWE-20
|
CWE-20
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4329)
|
CVE-2011-4329
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4814)
|
CVE-2011-4814
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2092)
|
CVE-2013-2092
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3991)
|
CVE-2014-3991
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3935)
|
CVE-2015-3935
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8685)
|
CVE-2015-8685
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1912)
|
CVE-2016-1912
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7887)
|
CVE-2017-7887
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9838)
|
CVE-2017-9838
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14239)
|
CVE-2017-14239
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14241)
|
CVE-2017-14241
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17971)
|
CVE-2017-17971
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18259)
|
CVE-2017-18259
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1000509)
|
CVE-2017-1000509
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10095)
|
CVE-2018-10095
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16808)
|
CVE-2018-16808
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19799)
|
CVE-2018-19799
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19992)
|
CVE-2018-19992
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19993)
|
CVE-2018-19993
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19995)
|
CVE-2018-19995
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11199)
|
CVE-2019-11199
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16197)
|
CVE-2019-16197
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16685)
|
CVE-2019-16685
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16686)
|
CVE-2019-16686
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16687)
|
CVE-2019-16687
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16688)
|
CVE-2019-16688
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17223)
|
CVE-2019-17223
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17576)
|
CVE-2019-17576
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17577)
|
CVE-2019-17577
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17578)
|
CVE-2019-17578
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19206)
|
CVE-2019-19206
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19210)
|
CVE-2019-19210
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19211)
|
CVE-2019-19211
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19212)
|
CVE-2019-19212
CWE-707
|
CWE-707
|
Critical
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1010016)
|
CVE-2019-1010016
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7994)
|
CVE-2020-7994
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7996)
|
CVE-2020-7996
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9016)
|
CVE-2020-9016
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11823)
|
CVE-2020-11823
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13094)
|
CVE-2020-13094
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13239)
|
CVE-2020-13239
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13828)
|
CVE-2020-13828
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14475)
|
CVE-2020-14475
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-25955)
|
CVE-2021-25955
CWE-707
|
CWE-707
|
Critical
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33618)
|
CVE-2021-33618
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42220)
|
CVE-2021-42220
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2060)
|
CVE-2022-2060
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22293)
|
CVE-2022-22293
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-30875)
|
CVE-2022-30875
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5323)
|
CVE-2023-5323
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5842)
|
CVE-2023-5842
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-38888)
|
CVE-2023-38888
CWE-707
|
CWE-707
|
Critical
|
|
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23817)
|
CVE-2024-23817
CWE-707
|
CWE-707
|
Medium
|
|
Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-4197)
|
CVE-2023-4197
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-35136)
|
CVE-2020-35136
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-30253)
|
CVE-2023-30253
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4802)
|
CVE-2011-4802
CWE-138
|
CWE-138
|
Medium
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1225)
|
CVE-2012-1225
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-2091)
|
CVE-2013-2091
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3992)
|
CVE-2014-3992
CWE-138
|
CWE-138
|
Medium
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7137)
|
CVE-2014-7137
CWE-138
|
CWE-138
|
Medium
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-7886)
|
CVE-2017-7886
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9435)
|
CVE-2017-9435
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9839)
|
CVE-2017-9839
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14238)
|
CVE-2017-14238
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14242)
|
CVE-2017-14242
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17897)
|
CVE-2017-17897
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17899)
|
CVE-2017-17899
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17900)
|
CVE-2017-17900
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-18260)
|
CVE-2017-18260
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9019)
|
CVE-2018-9019
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-10094)
|
CVE-2018-10094
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13447)
|
CVE-2018-13447
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13448)
|
CVE-2018-13448
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13449)
|
CVE-2018-13449
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13450)
|
CVE-2018-13450
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16809)
|
CVE-2018-16809
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19994)
|
CVE-2018-19994
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19998)
|
CVE-2018-19998
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19209)
|
CVE-2019-19209
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14443)
|
CVE-2020-14443
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36625)
|
CVE-2021-36625
CWE-138
|
CWE-138
|
High
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0224)
|
CVE-2022-0224
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-4093)
|
CVE-2022-4093
CWE-138
|
CWE-138
|
Critical
|
|
Dolibarr Improper Privilege Management Vulnerability (CVE-2020-14201)
|
CVE-2020-14201
CWE-269
|
CWE-269
|
Medium
|
|
Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)
|
CVE-2022-43138
CWE-269
|
CWE-269
|
Critical
|
|
Dolibarr Inadequate Encryption Strength Vulnerability (CVE-2017-7888)
|
CVE-2017-7888
CWE-326
|
CWE-326
|
Critical
|
|
Dolibarr Incorrect Authorization Vulnerability (CVE-2020-12669)
|
CVE-2020-12669
CWE-863
|
CWE-863
|
High
|
|
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-25954)
|
CVE-2021-25954
CWE-863
|
CWE-863
|
Medium
|
|
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-37517)
|
CVE-2021-37517
CWE-863
|
CWE-863
|
High
|
|
Dolibarr Incorrect Authorization Vulnerability (CVE-2022-0731)
|
CVE-2022-0731
CWE-863
|
CWE-863
|
Medium
|
|
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2020-13240)
|
CVE-2020-13240
CWE-276
|
CWE-276
|
Medium
|
|
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2022-40871)
|
CVE-2022-40871
CWE-276
|
CWE-276
|
Critical
|
|
Dolibarr Missing Authorization Vulnerability (CVE-2018-10092)
|
CVE-2018-10092
CWE-862
|
CWE-862
|
High
|
|
Dolibarr Missing Authorization Vulnerability (CVE-2023-4198)
|
CVE-2023-4198
CWE-862
|
CWE-862
|
Medium
|
|
Dolibarr Other Vulnerability (CVE-2022-0414)
|
CVE-2022-0414
|
|
Medium
|
|
Dolibarr Other Vulnerability (CVE-2022-0746)
|
CVE-2022-0746
|
|
Medium
|
|
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9840)
|
CVE-2017-9840
CWE-434
|
CWE-434
|
High
|
|
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-14209)
|
CVE-2020-14209
CWE-434
|
CWE-434
|
High
|
|
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-38887)
|
CVE-2023-38887
CWE-434
|
CWE-434
|
High
|
|
Dolibarr Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-25957)
|
CVE-2021-25957
CWE-640
|
CWE-640
|
High
|
|
Dolphin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4333)
|
CVE-2014-4333
CWE-352
|
CWE-352
|
Medium
|
|
Dolphin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3728)
|
CVE-2011-3728
CWE-200
|
CWE-200
|
Medium
|
|
Dolphin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3167)
|
CVE-2008-3167
CWE-94
|
CWE-94
|
Critical
|
|
Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0873)
|
CVE-2012-0873
CWE-707
|
CWE-707
|
Medium
|
|
Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27969)
|
CVE-2021-27969
CWE-707
|
CWE-707
|
Medium
|
|
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3638)
|
CVE-2013-3638
CWE-138
|
CWE-138
|
High
|
|
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3810)
|
CVE-2014-3810
CWE-138
|
CWE-138
|
Medium
|
|
Dolphin Other Vulnerability (CVE-2006-4189)
|
CVE-2006-4189
|
|
Medium
|
|
Dolphin Other Vulnerability (CVE-2006-5410)
|
CVE-2006-5410
|
|
Medium
|
|
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16728)
|
CVE-2019-16728
CWE-707
|
CWE-707
|
Medium
|
|
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26870)
|
CVE-2020-26870
CWE-707
|
CWE-707
|
Medium
|
|
DOMPurify URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-25155)
|
CVE-2019-25155
CWE-601
|
CWE-601
|
Medium
|
|
Dotclear Improper Access Control Vulnerability (CVE-2015-8832)
|
CVE-2015-8832
CWE-284
|
CWE-284
|
High
|
|
Dotclear Improper Authentication Vulnerability (CVE-2014-3781)
|
CVE-2014-3781
CWE-287
|
CWE-287
|
Medium
|
|
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)
|
CVE-2008-3232
CWE-94
|
CWE-94
|
Critical
|
|
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-1613)
|
CVE-2014-1613
CWE-94
|
CWE-94
|
High
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0933)
|
CVE-2009-0933
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1039)
|
CVE-2012-1039
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5316)
|
CVE-2014-5316
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5651)
|
CVE-2015-5651
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8831)
|
CVE-2015-8831
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6523)
|
CVE-2016-6523
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9891)
|
CVE-2016-9891
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6446)
|
CVE-2017-6446
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5689)
|
CVE-2018-5689
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5690)
|
CVE-2018-5690
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16358)
|
CVE-2018-16358
CWE-707
|
CWE-707
|
Medium
|
|
Dotclear Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3783)
|
CVE-2014-3783
CWE-138
|
CWE-138
|
Medium
|
|
Dotclear Other Vulnerability (CVE-2005-3957)
|
CVE-2005-3957
|
|
Critical
|
|
Dotclear Other Vulnerability (CVE-2005-3963)
|
CVE-2005-3963
|
|
High
|
|
Dotclear Other Vulnerability (CVE-2006-2866)
|
CVE-2006-2866
|
|
Medium
|
|
Dotclear Other Vulnerability (CVE-2006-3938)
|
CVE-2006-3938
|
|
Medium
|
|
Dotclear Other Vulnerability (CVE-2007-1989)
|
CVE-2007-1989
|
|
Medium
|
|
Dotclear Other Vulnerability (CVE-2007-3672)
|
CVE-2007-3672
|
|
Medium
|
|
Dotclear Other Vulnerability (CVE-2007-3688)
|
CVE-2007-3688
|
|
Low
|
|
Dotclear Other Vulnerability (CVE-2014-3782)
|
CVE-2014-3782
|
|
Medium
|
|
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1584)
|
CVE-2011-1584
CWE-264
|
CWE-264
|
Medium
|
|
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5083)
|
CVE-2011-5083
CWE-264
|
CWE-264
|
High
|
|
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7903)
|
CVE-2016-7903
CWE-264
|
CWE-264
|
Low
|
|
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-7902)
|
CVE-2016-7902
CWE-434
|
CWE-434
|
High
|
|
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)
|
CVE-2016-9268
CWE-434
|
CWE-434
|
High
|
|
Dot CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-3187)
|
CVE-2017-3187
CWE-352
|
CWE-352
|
High
|
|
Dot CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3688)
|
CVE-2016-3688
CWE-200
|
CWE-200
|
Medium
|
|
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3708)
|
CVE-2008-3708
CWE-22
|
CWE-22
|
Medium
|
|
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-3972)
|
CVE-2016-3972
CWE-22
|
CWE-22
|
Low
|
|
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-3188)
|
CVE-2017-3188
CWE-22
|
CWE-22
|
Medium
|
|
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-12309)
|
CVE-2019-12309
CWE-22
|
CWE-22
|
Medium
|
|
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-6754)
|
CVE-2020-6754
CWE-22
|
CWE-22
|
Critical
|
|
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45783)
|
CVE-2022-45783
CWE-22
|
CWE-22
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2397)
|
CVE-2008-2397
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-3484)
|
CVE-2013-3484
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-3971)
|
CVE-2016-3971
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5875)
|
CVE-2017-5875
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5876)
|
CVE-2017-5876
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5877)
|
CVE-2017-5877
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6003)
|
CVE-2017-6003
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-15219)
|
CVE-2017-15219
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16980)
|
CVE-2018-16980
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19554)
|
CVE-2018-19554
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11846)
|
CVE-2019-11846
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17542)
|
CVE-2020-17542
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35274)
|
CVE-2020-35274
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35358)
|
CVE-2021-35358
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35360)
|
CVE-2021-35360
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35361)
|
CVE-2021-35361
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35740)
|
CVE-2022-35740
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37431)
|
CVE-2022-37431
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3042)
|
CVE-2023-3042
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-3938)
|
CVE-2024-3938
CWE-707
|
CWE-707
|
Medium
|
|
Dot CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-18875)
|
CVE-2020-18875
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-2355)
|
CVE-2016-2355
CWE-138
|
CWE-138
|
Critical
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-4040)
|
CVE-2016-4040
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8902)
|
CVE-2016-8902
CWE-138
|
CWE-138
|
Critical
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8903)
|
CVE-2016-8903
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8904)
|
CVE-2016-8904
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8905)
|
CVE-2016-8905
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8906)
|
CVE-2016-8906
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8907)
|
CVE-2016-8907
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8908)
|
CVE-2016-8908
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10007)
|
CVE-2016-10007
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10008)
|
CVE-2016-10008
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5344)
|
CVE-2017-5344
CWE-138
|
CWE-138
|
Critical
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12872)
|
CVE-2019-12872
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-27848)
|
CVE-2020-27848
CWE-138
|
CWE-138
|
High
|
|
Dot CMS Other Vulnerability (CVE-2016-4803)
|
CVE-2016-4803
|
|
High
|
|
Dot CMS Other Vulnerability (CVE-2022-26352)
|
CVE-2022-26352
|
|
Critical
|
|
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1826)
|
CVE-2012-1826
CWE-264
|
CWE-264
|
Medium
|
|
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8600)
|
CVE-2016-8600
CWE-264
|
CWE-264
|
High
|
|
Dot CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-37033)
|
CVE-2022-37033
CWE-918
|
CWE-918
|
Medium
|
|
Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034)
|
CVE-2022-37034
CWE-674
|
CWE-674
|
Medium
|
|
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-3189)
|
CVE-2017-3189
CWE-434
|
CWE-434
|
High
|
|
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-11466)
|
CVE-2017-11466
CWE-434
|
CWE-434
|
High
|
|
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-19138)
|
CVE-2020-19138
CWE-434
|
CWE-434
|
Critical
|
|
Dot CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-17422)
|
CVE-2018-17422
CWE-601
|
CWE-601
|
Medium
|
|
Dot CMS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-45782)
|
CVE-2022-45782
CWE-338
|
CWE-338
|
High
|
|
Drupal 7PK - Security Features Vulnerability (CVE-2016-3163)
|
CVE-2016-3163
|
|
High
|
|
Drupal 7PK - Security Features Vulnerability (CVE-2016-3168)
|
CVE-2016-3168
|
|
Medium
|
|
Drupal Configuration Vulnerability (CVE-2008-6171)
|
CVE-2008-6171
|
|
Critical
|
|
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1)
|
CVE-2005-0682
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.5)
|
CVE-2005-3973
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.7)
|
CVE-2006-1226
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.5.x Mail Header Injection (4.5.0 - 4.5.7)
|
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 4.5.x Multiple Vulnerabilities (4.5.0 - 4.5.5)
|
CWE-79
CWE-113
|
CWE-79
CWE-113
|
High
|
|
Drupal Core 4.5.x Security Bypass (4.5.0 - 4.5.7)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 4.5.x Session Fixation (4.5.0 - 4.5.7)
|
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6)
|
CVE-2006-2743
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7)
|
CVE-2006-2831
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.6.x Cross-Site Request Forgery (4.6.0 - 4.6.9)
|
CVE-2006-5476
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3)
|
CVE-2005-3973
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5)
|
CVE-2006-1226
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7)
|
CVE-2006-2833
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.8)
|
CVE-2006-4002
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.10)
|
CVE-2007-0136
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10)
|
CVE-2007-0124
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 4.6.x Form Action Attribute Injection (4.6.0 - 4.6.9)
|
CVE-2006-5477
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5)
|
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 4.6.x Multiple Cross-Site Scripting Vulnerabilities (4.6.0 - 4.6.9)
|
CVE-2006-5475
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.6.x Multiple Vulnerabilities (4.6.0 - 4.6.3)
|
CWE-79
CWE-113
|
CWE-79
CWE-113
|
High
|
|
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3)
|
CVE-2005-3974
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.5)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 4.6.x Session Fixation (4.6.0 - 4.6.5)
|
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6)
|
CVE-2006-2742
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5)
|
CVE-2007-0626
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0)
|
CVE-2006-2743
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.3)
|
CVE-2006-5476
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.10)
|
CVE-2008-0272
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.1)
|
CVE-2006-2833
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2)
|
CVE-2006-4002
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.4)
|
CVE-2007-0136
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.7)
|
CVE-2007-5596
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10)
|
CVE-2008-0274
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4)
|
CVE-2007-0124
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3)
|
CVE-2006-5477
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 4.7.x HTTP Response Splitting (4.7.0 - 4.7.7)
|
CVE-2007-5595
CWE-113
|
CWE-113
|
High
|
|
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.3)
|
CVE-2006-5475
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.6)
|
CVE-2007-4064
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 4.7.x Multiple Vulnerabilities (4.7.0 - 4.7.1)
|
CVE-2006-2831
CVE-2006-2832
CWE-79
CWE-95
|
CWE-79
CWE-95
|
High
|
|
Drupal Core 4.7.x Security Bypass (4.7.0 - 4.7.7)
|
CVE-2007-5597
CWE-702
|
CWE-702
|
High
|
|
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8)
|
CVE-2007-6299
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 4.7.x SQL Injection (4.7.0)
|
CVE-2006-2742
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2)
|
CVE-2007-5593
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 5.x Arbitrary Code Execution (5.0)
|
CVE-2007-0626
CWE-95
|
CWE-95
|
High
|
|
Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.2)
|
CVE-2007-5594
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.5)
|
CVE-2008-0272
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.2)
|
CVE-2007-5596
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.5)
|
CVE-2008-0273
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.16)
|
CVE-2009-1575
CVE-2009-1576
CVE-2009-1844
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.17)
|
CVE-2009-1844
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.20)
|
CVE-2009-4369
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x HTTP Response Splitting (5.0 - 5.2)
|
CVE-2007-5595
CWE-113
|
CWE-113
|
High
|
|
Drupal Core 5.x Information Disclosure (5.0 - 5.18)
|
CVE-2009-2374
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 5.x Local File Inclusion (5.0 - 5.11)
|
CVE-2008-6171
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 5.x Local File Inclusion (5.0 - 5.15)
|
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 5.x Multiple Cross-Site Request Forgery Vulnerabilities (5.0 - 5.1)
|
CVE-2007-4063
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 5.x Multiple Cross-Site Scripting Vulnerabilities (5.0 - 5.1)
|
CVE-2007-4064
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.10)
|
CVE-2008-4790
CVE-2008-4791
CVE-2008-4792
CVE-2008-4793
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.22)
|
CVE-2010-3092
CVE-2010-3093
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.7)
|
CVE-2008-3219
CVE-2008-3220
CVE-2008-3222
CWE-352
CWE-384
|
CWE-352
CWE-384
|
High
|
|
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.9)
|
CVE-2008-3740
CVE-2008-3741
CVE-2008-3742
CVE-2008-3744
CWE-79
CWE-352
CWE-434
|
CWE-79
CWE-352
CWE-434
|
High
|
|
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.12)
|
CVE-2008-6532
CVE-2008-6533
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.21)
|
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
Drupal Core 5.x Security Bypass (5.0 - 5.2)
|
CVE-2007-5597
CWE-702
|
CWE-702
|
High
|
|
Drupal Core 5.x Session Fixation (5.0 - 5.8)
|
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 5.x Session Fixation (5.0 - 5.19)
|
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 5.x SQL Injection (5.0 - 5.3)
|
CVE-2007-6299
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 5.x SQL Injection (5.0 - 5.14)
|
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.10)
|
CVE-2009-1575
CVE-2009-1576
CVE-2009-1844
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.11)
|
CVE-2009-1844
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Denial of Service (6.0 - 6.32)
|
CVE-2014-5265
CVE-2014-5266
CVE-2014-5267
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 6.x Information Disclosure (6.0 - 6.30)
|
CVE-2014-2983
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 6.x Local File Inclusion (6.0 - 6.9)
|
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.14)
|
CVE-2009-4369
CVE-2009-4370
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.20)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0)
|
CVE-2008-1131
CVE-2008-1133
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 6.x Multiple Security Bypass Vulnerabilities (6.0 - 6.4)
|
CVE-2008-4789
CVE-2008-4791
CVE-2008-4792
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.2)
|
CVE-2008-3218
CVE-2008-3219
CVE-2008-3220
CVE-2008-3221
CVE-2008-3222
CVE-2008-3223
CWE-79
CWE-89
CWE-352
CWE-384
|
CWE-79
CWE-89
CWE-352
CWE-384
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.3)
|
CVE-2008-3740
CVE-2008-3741
CVE-2008-3742
CVE-2008-3743
CVE-2008-3744
CVE-2008-3745
CWE-79
CWE-264
CWE-352
CWE-434
|
CWE-79
CWE-264
CWE-352
CWE-434
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.5)
|
CVE-2008-6170
CVE-2008-6171
CWE-22
CWE-79
|
CWE-22
CWE-79
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.6)
|
CVE-2008-6532
CVE-2008-6533
CWE-79
CWE-352
|
CWE-79
CWE-352
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.8)
|
CWE-89
CWE-264
|
CWE-89
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.12)
|
CVE-2009-2372
CVE-2009-2373
CVE-2009-2374
CWE-79
CWE-200
CWE-264
|
CWE-79
CWE-200
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.13)
|
CWE-264
CWE-352
CWE-434
|
CWE-264
CWE-352
CWE-434
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.15)
|
CWE-79
CWE-264
CWE-601
|
CWE-79
CWE-264
CWE-601
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.17)
|
CVE-2010-3091
CVE-2010-3092
CVE-2010-3093
CVE-2010-3094
CVE-2010-3685
CVE-2010-3686
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.22)
|
CVE-2012-0825
CVE-2012-0826
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.26)
|
CVE-2012-5651
CVE-2012-5652
CVE-2012-5653
CWE-95
CWE-264
|
CWE-95
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.27)
|
CVE-2013-0244
CVE-2013-0245
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.28)
|
CVE-2013-6385
CVE-2013-6386
CWE-95
CWE-264
CWE-330
|
CWE-95
CWE-264
CWE-330
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.31)
|
CVE-2014-5019
CVE-2014-5021
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.34)
|
CVE-2015-2559
CVE-2015-2749
CVE-2015-2750
CWE-264
CWE-601
|
CWE-264
CWE-601
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.36)
|
CVE-2015-6658
CVE-2015-6660
CVE-2015-6661
CWE-79
CWE-200
CWE-352
|
CWE-79
CWE-200
CWE-352
|
High
|
|
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.37)
|
CVE-2016-3163
CVE-2016-3164
CVE-2016-3165
CVE-2016-3166
CVE-2016-3167
CVE-2016-3168
CVE-2016-3169
CVE-2016-3171
CWE-113
CWE-287
CWE-405
CWE-601
|
CWE-113
CWE-287
CWE-405
CWE-601
|
High
|
|
Drupal Core 6.x Remote Code Execution (6.0 - 6.38)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 6.x Security Bypass (6.0 - 6.1)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 6.x Security Bypass (6.0 - 6.29)
|
CVE-2014-1475
CWE-287
|
CWE-287
|
High
|
|
Drupal Core 6.x Security Bypass (6.0 - 6.35)
|
CVE-2015-3234
CWE-287
|
CWE-287
|
High
|
|
Drupal Core 6.x Session Hijacking (6.0 - 6.33)
|
CVE-2014-9015
CWE-384
|
CWE-384
|
High
|
|
Drupal Core 7.x Arbitrary File Overwrite (7.0 - 7.77)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 7.x Cross-Site Request Forgery (7.0 - 7.12)
|
CVE-2007-6752
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 7.x Cross-Site Request Forgery (7.0 - 7.71)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.64)
|
CVE-2019-6341
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.65)
|
CVE-2019-11358
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.69)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.72)
|
CVE-2020-13666
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Cross-Site Scripting (7.0 - 7.79)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Denial of Service (7.0 - 7.19)
|
CVE-2013-0316
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 7.x Denial of Service (7.0 - 7.30)
|
CVE-2014-5265
CVE-2014-5266
CVE-2014-5267
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 7.x Directory Traversal (7.0 - 7.66)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 7.x Directory Traversal (7.0 - 7.81)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 7.x Information Disclosure (7.0 - 7.14)
|
CVE-2012-2922
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 7.x Information Disclosure (7.0 - 7.26)
|
CVE-2014-2983
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 7.x Multiple Cross-Site Scripting Vulnerabilities (7.0 - 7.85)
|
CVE-2010-5312
CVE-2016-7103
CVE-2021-41182
CVE-2021-41183
CVE-2021-41184
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 7.x Multiple Security Bypass Vulnerabilities (7.0 - 7.25)
|
CVE-2014-1475
CVE-2014-1476
CWE-264
CWE-287
|
CWE-264
CWE-287
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.10)
|
CVE-2012-0825
CVE-2012-0826
CVE-2012-0827
CWE-264
CWE-352
|
CWE-264
CWE-352
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.12)
|
CVE-2012-1588
CVE-2012-1589
CVE-2012-1590
CVE-2012-1591
CVE-2012-2153
CWE-264
CWE-400
CWE-601
|
CWE-264
CWE-400
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.15)
|
CVE-2012-4553
CVE-2012-4554
CWE-95
CWE-538
|
CWE-95
CWE-538
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.17)
|
CVE-2012-5651
CVE-2012-5653
CWE-95
CWE-264
|
CWE-95
CWE-264
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.18)
|
CVE-2013-0244
CVE-2013-0245
CVE-2013-0246
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.23)
|
CVE-2013-6385
CVE-2013-6386
CVE-2013-6387
CVE-2013-6388
CVE-2013-6389
CWE-79
CWE-95
CWE-264
CWE-330
CWE-601
|
CWE-79
CWE-95
CWE-264
CWE-330
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.28)
|
CVE-2014-5019
CVE-2014-5020
CVE-2014-5021
CVE-2014-5022
CWE-79
CWE-264
CWE-400
|
CWE-79
CWE-264
CWE-400
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.33)
|
CVE-2014-9015
CVE-2014-9016
CWE-384
CWE-400
|
CWE-384
CWE-400
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.34)
|
CVE-2015-2559
CVE-2015-2749
CVE-2015-2750
CWE-264
CWE-601
|
CWE-264
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.37)
|
CVE-2015-3231
CVE-2015-3232
CVE-2015-3233
CVE-2015-3234
CWE-200
CWE-287
CWE-601
|
CWE-200
CWE-287
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.38)
|
CVE-2015-6658
CVE-2015-6659
CVE-2015-6660
CVE-2015-6661
CVE-2015-6665
CWE-79
CWE-89
CWE-200
CWE-352
|
CWE-79
CWE-89
CWE-200
CWE-352
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.42)
|
CVE-2016-3162
CVE-2016-3163
CVE-2016-3164
CVE-2016-3168
CVE-2016-3169
CVE-2016-3170
CWE-200
CWE-287
CWE-400
CWE-405
CWE-601
|
CWE-200
CWE-287
CWE-400
CWE-405
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.51)
|
CVE-2016-9449
CVE-2016-9451
CWE-200
CWE-601
|
CWE-200
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.56)
|
CVE-2017-6927
CVE-2017-6928
CVE-2017-6929
CVE-2017-6932
CWE-79
CWE-264
CWE-610
|
CWE-79
CWE-264
CWE-610
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.59)
|
CWE-94
CWE-601
|
CWE-94
CWE-601
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.61)
|
CVE-2018-1000888
CVE-2019-6339
CWE-94
CWE-915
|
CWE-94
CWE-915
|
High
|
|
Drupal Core 7.x Multiple Vulnerabilities (7.0)
|
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 7.x Open Redirect (7.0 - 7.40)
|
CVE-2015-7943
CWE-601
|
CWE-601
|
High
|
|
Drupal Core 7.x Open Redirect (7.0 - 7.69)
|
CVE-2020-13662
CWE-601
|
CWE-601
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.57)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.58)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.73)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 7.x Remote Code Execution (7.0 - 7.74)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.2)
|
CVE-2011-2687
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.4)
|
CVE-2011-2726
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.43)
|
CVE-2016-6211
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.55)
|
CVE-2017-6922
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.68)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.87)
|
CVE-2022-25271
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 7.x Security Bypass (7.0 - 7.90)
|
CVE-2022-25275
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 7.x SQL Injection (7.0 - 7.31)
|
CVE-2014-3704
CWE-89
|
CWE-89
|
High
|
|
Drupal Core 8.0.x Multiple Vulnerabilities (8.0.0 - 8.0.3)
|
CVE-2016-3162
CVE-2016-3164
CVE-2016-3170
CWE-200
CWE-287
CWE-400
CWE-601
|
CWE-200
CWE-287
CWE-400
CWE-601
|
High
|
|
Drupal Core 8.3.0 Security Bypass (8.3.0)
|
CVE-2017-6919
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.5)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.7)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.0 Remote Code Execution (8.5.0)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.1)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.13)
|
CVE-2019-6341
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.14)
|
CVE-2019-11358
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.5.x Multiple Vulnerabilities (8.5.0 - 8.5.7)
|
CWE-94
CWE-264
CWE-601
|
CWE-94
CWE-264
CWE-601
|
High
|
|
Drupal Core 8.5.x Multiple Vulnerabilities (8.5.0 - 8.5.8)
|
CVE-2018-1000888
CVE-2019-6339
CWE-94
CWE-915
|
CWE-94
CWE-915
|
High
|
|
Drupal Core 8.5.x Multiple Vulnerabilities (8.5.0 - 8.5.14)
|
CVE-2019-10909
CVE-2019-10910
CVE-2019-10911
CWE-79
CWE-94
CWE-264
|
CWE-79
CWE-94
CWE-264
|
High
|
|
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.10)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.6.x Cross-Site Scripting (8.6.0 - 8.6.12)
|
CVE-2019-6341
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.6.x Cross-Site Scripting (8.6.0 - 8.6.14)
|
CVE-2019-11358
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.6.x Directory Traversal (8.6.0 - 8.6.15)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.1)
|
CWE-94
CWE-264
CWE-601
|
CWE-94
CWE-264
CWE-601
|
High
|
|
Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.5)
|
CVE-2018-1000888
CVE-2019-6339
CWE-94
CWE-915
|
CWE-94
CWE-915
|
High
|
|
Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.14)
|
CVE-2019-10909
CVE-2019-10910
CVE-2019-10911
CWE-79
CWE-94
CWE-264
|
CWE-79
CWE-94
CWE-264
|
High
|
|
Drupal Core 8.6.x Remote Code Execution (8.6.0 - 8.6.9)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.7.0 Directory Traversal (8.7.0)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.7.4 Security Bypass (8.7.4)
|
CVE-2019-6342
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.7.x Cross-Site Scripting (8.7.0 - 8.7.11)
|
CVE-2020-9281
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.7.x Cross-Site Scripting (8.7.0 - 8.7.13)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10)
|
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 8.7.x Security Bypass (8.7.0 - 8.7.10)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.8.0 Denial of Service (8.8.0)
|
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 8.8.0 Security Bypass (8.8.0)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.8.x Arbitrary File Overwrite (8.8.0 - 8.8.12)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 8.8.x Cross-Site Request Forgery (8.8.0 - 8.8.7)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.8.x Cross-Site Scripting (8.8.0 - 8.8.3)
|
CVE-2020-9281
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.8.x Cross-Site Scripting (8.8.0 - 8.8.5)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.8.x Information Disclosure (8.8.0 - 8.8.9)
|
CVE-2020-13670
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 8.8.x Multiple Cross-Site Scripting Vulnerabilities (8.8.0 - 8.8.9)
|
CVE-2020-13666
CVE-2020-13668
CVE-2020-13669
CVE-2020-13688
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.7)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.10)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.11)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.8.x Security Bypass (8.8.0 - 8.8.7)
|
CVE-2020-13665
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.8.x Security Bypass (8.8.0 - 8.8.9)
|
CVE-2020-13667
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.9.0 Cross-Site Request Forgery (8.9.0)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.9.0 Remote Code Execution (8.9.0)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.9.0 Security Bypass (8.9.0)
|
CVE-2020-13665
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.9.x Arbitrary File Overwrite (8.9.0 - 8.9.12)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 8.9.x Cross-Site Request Forgery (8.9.0 - 8.9.18)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.13)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.15)
|
CVE-2021-33829
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.17)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.19)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Directory Traversal (8.9.0 - 8.9.16)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.9.x Information Disclosure (8.9.0 - 8.9.5)
|
CVE-2020-13670
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 8.9.x Multiple Cross-Site Scripting Vulnerabilities (8.9.0 - 8.9.5)
|
CVE-2020-13666
CVE-2020-13668
CVE-2020-13669
CVE-2020-13688
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.9.x Multiple Security Bypass Vulnerabilities (8.9.0 - 8.9.18)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.8)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.9)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 8.9.x Security Bypass (8.9.0 - 8.9.5)
|
CVE-2020-13667
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x.x Arbitrary File Overwrite (8.0.0 - 8.7.14)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 8.x.x Cross-Site Request Forgery (8.0.0 - 8.7.14)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.x.x Cross-Site Request Forgery (8.0.0 - 8.8.12)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.4.6)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.4.8)
|
CVE-2019-11358
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.6.18)
|
CVE-2020-11022
CVE-2020-11023
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.8.12)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18)
|
CWE-400
|
CWE-400
|
High
|
|
Drupal Core 8.x.x Directory Traversal (8.0.0 - 8.5.15)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.x.x Directory Traversal (8.0.0 - 8.8.12)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 8.x.x Information Disclosure (8.0.0 - 8.7.14)
|
CVE-2020-13670
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 8.x.x Multiple Cross-Site Scripting Vulnerabilities (8.0.0 - 8.7.14)
|
CVE-2020-13666
CVE-2020-13668
CVE-2020-13669
CVE-2020-13688
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 8.x.x Multiple Security Bypass Vulnerabilities (8.0.0 - 8.8.12)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 8.x.x Multiple Vulnerabilities (8.0.0 - 8.4.8)
|
CVE-2019-10909
CVE-2019-10910
CVE-2019-10911
CWE-79
CWE-94
CWE-264
|
CWE-79
CWE-94
CWE-264
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.3.8)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.4.8)
|
CVE-2019-6340
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 8.x.x Security Bypass (8.0.0 - 8.6.18)
|
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x.x Security Bypass (8.0.0 - 8.7.14)
|
CVE-2020-13665
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x Multiple Security Bypass Vulnerabilities (8.0.0 - 8.3.6)
|
CVE-2017-6923
CVE-2017-6924
CVE-2017-6925
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.1.9)
|
CVE-2016-7570
CVE-2016-7571
CVE-2016-7572
CWE-79
CWE-200
CWE-264
|
CWE-79
CWE-200
CWE-264
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.2.2)
|
CVE-2016-9449
CVE-2016-9450
CVE-2016-9452
CWE-200
CWE-400
|
CWE-200
CWE-400
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.2.6)
|
CVE-2017-6377
CVE-2017-6379
CVE-2017-6381
CWE-94
CWE-264
CWE-352
|
CWE-94
CWE-264
CWE-352
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.3.3)
|
CVE-2017-6920
CVE-2017-6921
CVE-2017-6922
CWE-94
CWE-264
|
CWE-94
CWE-264
|
High
|
|
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.4.4)
|
CVE-2017-6926
CVE-2017-6927
CVE-2017-6930
CVE-2017-6931
CWE-79
CWE-264
|
CWE-79
CWE-264
|
High
|
|
Drupal Core 8.x Security Bypass (8.0.0 - 8.1.2)
|
CVE-2016-6212
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x Security Bypass (8.0.0 - 8.1.6)
|
CVE-2016-5385
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 8.x Security Bypass (8.0.0 - 8.2.7)
|
CVE-2017-6919
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 8.x Security Bypass (8.0.0 - 8.5.5)
|
CVE-2018-14773
CWE-749
|
CWE-749
|
High
|
|
Drupal Core 9.0.0 Cross-Site Request Forgery (9.0.0)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 9.0.0 Remote Code Execution (9.0.0)
|
CVE-2020-13664
CWE-94
|
CWE-94
|
High
|
|
Drupal Core 9.0.0 Security Bypass (9.0.0)
|
CVE-2020-13665
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.0.x Arbitrary File Overwrite (9.0.0 - 9.0.10)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 9.0.x Cross-Site Request Forgery (9.0.0 - 9.0.14)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 9.0.x Cross-Site Scripting (9.0.0 - 9.0.11)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.0.x Cross-Site Scripting (9.0.0 - 9.0.13)
|
CVE-2021-33829
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.0.x Cross-Site Scripting (9.0.0 - 9.0.14)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.0.x Directory Traversal (9.0.0 - 9.0.14)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 9.0.x Information Disclosure (9.0.0 - 9.0.5)
|
CVE-2020-13670
CWE-200
|
CWE-200
|
High
|
|
Drupal Core 9.0.x Multiple Cross-Site Scripting Vulnerabilities (9.0.0 - 9.0.5)
|
CVE-2020-13666
CVE-2020-13668
CVE-2020-13669
CVE-2020-13688
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.0.x Multiple Security Bypass Vulnerabilities (9.0.0 - 9.0.14)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.7)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.8)
|
CVE-2020-28948
CVE-2020-28949
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.0.x Security Bypass (9.0.0 - 9.0.5)
|
CVE-2020-13667
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.1.x Arbitrary File Overwrite (9.1.0 - 9.1.2)
|
CVE-2020-36193
CWE-73
|
CWE-73
|
High
|
|
Drupal Core 9.1.x Cross-Site Request Forgery (9.1.0 - 9.1.12)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.6)
|
CVE-2020-13672
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.8)
|
CVE-2021-33829
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.11)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.13)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.1.x Directory Traversal (9.1.0 - 9.1.10)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 9.1.x Multiple Security Bypass Vulnerabilities (9.1.0 - 9.1.12)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.2.x Cross-Site Request Forgery (9.2.0 - 9.2.5)
|
CVE-2020-13673
CVE-2020-13674
CWE-352
|
CWE-352
|
High
|
|
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.3)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.8)
|
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.10)
|
CVE-2021-41184
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.2.x Directory Traversal (9.2.0 - 9.2.1)
|
CVE-2021-32610
CWE-22
|
CWE-22
|
High
|
|
Drupal Core 9.2.x Multiple Security Bypass Vulnerabilities (9.2.0 - 9.2.5)
|
CVE-2020-13675
CVE-2020-13676
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.2.x Multiple Vulnerabilities (9.2.0 - 9.2.14)
|
CVE-2022-24728
CVE-2022-24729
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.12)
|
CVE-2022-25270
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.15)
|
CVE-2022-24775
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.17)
|
CVE-2022-25273
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.19)
|
CVE-2022-29248
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.20)
|
CVE-2022-31042
CVE-2022-31043
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.2)
|
CVE-2021-41184
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.18)
|
CVE-2022-25276
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.3.x Multiple Vulnerabilities (9.3.0 - 9.3.7)
|
CVE-2022-24728
CVE-2022-24729
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
Drupal Core 9.3.x Remote Code Execution (9.3.0 - 9.3.18)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.5)
|
CVE-2022-25271
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.8)
|
CVE-2022-24775
CWE-20
|
CWE-20
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.11)
|
CVE-2022-25274
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.13)
|
CVE-2022-29248
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.15)
|
CVE-2022-31042
CVE-2022-31043
CWE-284
|
CWE-284
|
High
|
|
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.18)
|
CVE-2022-25278
CWE-264
|
CWE-264
|
High
|
|
Drupal Core 9.4.x Cross-Site Scripting (9.4.0 - 9.4.2)
|
CVE-2022-25276
CWE-79
|
CWE-79
|
High
|
|
Drupal Core 9.4.x Remote Code Execution (9.4.0 - 9.4.2)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Core 9.4.x Security Bypass (9.4.0 - 9.4.2)
|
CVE-2022-25275
CWE-264
|
CWE-264
|
High
|
|
Drupal Core Cross-Site Scripting (8.0.0 - 9.1.15)
|
CVE-2021-41184
CWE-79
|
CWE-79
|
High
|
|
Drupal Core Cross-Site Scripting (8.0.0 - 9.2.21)
|
CVE-2022-25276
CWE-79
|
CWE-79
|
High
|
|
Drupal Core Multiple Vulnerabilities (8.0.0 - 9.1.15)
|
CVE-2022-24728
CVE-2022-24729
CWE-79
CWE-400
|
CWE-79
CWE-400
|
High
|
|
Drupal Core Remote Code Execution (8.0.0 - 9.2.21)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal Core Security Bypass (8.0.0 - 9.1.15)
|
CVE-2022-24775
CWE-20
|
CWE-20
|
High
|
|
Drupal Core Security Bypass (8.0.0 - 9.2.21)
|
CVE-2022-25275
CWE-264
|
CWE-264
|
High
|
|
Drupal Credentials Management Errors Vulnerability (CVE-2009-2374)
|
CVE-2009-2374
|
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-5594)
|
CVE-2007-5594
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6752)
|
CVE-2007-6752
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0272)
|
CVE-2008-0272
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3220)
|
CVE-2008-3220
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3221)
|
CVE-2008-3221
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3743)
|
CVE-2008-3743
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3744)
|
CVE-2008-3744
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-6532)
|
CVE-2008-6532
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4066)
|
CVE-2009-4066
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0826)
|
CVE-2012-0826
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6660)
|
CVE-2015-6660
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-6379)
|
CVE-2017-6379
CWE-352
|
CWE-352
|
High
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13663)
|
CVE-2020-13663
CWE-352
|
CWE-352
|
High
|
|
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13674)
|
CVE-2020-13674
CWE-352
|
CWE-352
|
Medium
|
|
Drupal Cryptographic Issues Vulnerability (CVE-2013-6386)
|
CVE-2013-6386
|
|
Medium
|
|
Drupal CVE-2007-0626 Vulnerability (CVE-2007-0626)
|
CVE-2007-0626
|
|
Medium
|
|
Drupal CVE-2008-1729 Vulnerability (CVE-2008-1729)
|
CVE-2008-1729
|
|
Medium
|
|
Drupal CVE-2008-4793 Vulnerability (CVE-2008-4793)
|
CVE-2008-4793
|
|
High
|
|
Drupal CVE-2009-1576 Vulnerability (CVE-2009-1576)
|
CVE-2009-1576
|
|
Medium
|
|
Drupal CVE-2009-3352 Vulnerability (CVE-2009-3352)
|
CVE-2009-3352
|
|
Critical
|
|
Drupal CVE-2014-1475 Vulnerability (CVE-2014-1475)
|
CVE-2014-1475
|
|
High
|
|
Drupal CVE-2014-9016 Vulnerability (CVE-2014-9016)
|
CVE-2014-9016
|
|
Medium
|
|
Drupal CVE-2017-6919 Vulnerability (CVE-2017-6919)
|
CVE-2017-6919
|
|
High
|
|
Drupal CVE-2017-6925 Vulnerability (CVE-2017-6925)
|
CVE-2017-6925
|
|
Critical
|
|
Drupal CVE-2017-6930 Vulnerability (CVE-2017-6930)
|
CVE-2017-6930
|
|
High
|
|
Drupal CVE-2018-7602 Vulnerability (CVE-2018-7602)
|
CVE-2018-7602
|
|
Critical
|
|
Drupal CVE-2018-14773 Vulnerability (CVE-2018-14773)
|
CVE-2018-14773
|
|
Medium
|
|
Drupal CVE-2020-13665 Vulnerability (CVE-2020-13665)
|
CVE-2020-13665
|
|
Critical
|
|
Drupal CVE-2020-28949 Vulnerability (CVE-2020-28949)
|
CVE-2020-28949
|
|
High
|
|
Drupal CVE-2022-25278 Vulnerability (CVE-2022-25278)
|
CVE-2022-25278
|
|
Medium
|
|
Drupal Data Processing Errors Vulnerability (CVE-2016-3171)
|
CVE-2016-3171
|
|
High
|
|
Drupal Data Processing Errors Vulnerability (CVE-2017-6920)
|
CVE-2017-6920
|
|
Critical
|
|
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6338)
|
CVE-2019-6338
CWE-502
|
CWE-502
|
High
|
|
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6340)
|
CVE-2019-6340
CWE-502
|
CWE-502
|
High
|
|
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2020-28948)
|
CVE-2020-28948
CWE-502
|
CWE-502
|
High
|
|
Drupal Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-13670)
|
CVE-2020-13670
CWE-668
|
CWE-668
|
High
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3730)
|
CVE-2011-3730
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0825)
|
CVE-2012-0825
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-2922)
|
CVE-2012-2922
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5652)
|
CVE-2012-5652
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-2983)
|
CVE-2014-2983
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3231)
|
CVE-2015-3231
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6661)
|
CVE-2015-6661
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3170)
|
CVE-2016-3170
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6212)
|
CVE-2016-6212
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9449)
|
CVE-2016-9449
CWE-200
|
CWE-200
|
Medium
|
|
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6926)
|
CVE-2017-6926
CWE-200
|
CWE-200
|
High
|
|
Drupal Files or Directories Accessible to External Parties Vulnerability (CVE-2017-6922)
|
CVE-2017-6922
CWE-552
|
CWE-552
|
Medium
|
|
Drupal Improper Access Control Vulnerability (CVE-2015-2559)
|
CVE-2015-2559
CWE-284
|
CWE-284
|
Low
|
|
Drupal Improper Access Control Vulnerability (CVE-2016-3162)
|
CVE-2016-3162
CWE-284
|
CWE-284
|
High
|
|
Drupal Improper Access Control Vulnerability (CVE-2016-3165)
|
CVE-2016-3165
CWE-284
|
CWE-284
|
High
|
|
Drupal Improper Access Control Vulnerability (CVE-2016-5385)
|
CVE-2016-5385
CWE-284
|
CWE-284
|
High
|
|
Drupal Improper Access Control Vulnerability (CVE-2020-13677)
|
CVE-2020-13677
CWE-284
|
CWE-284
|
High
|
|
Drupal Improper Authentication Vulnerability (CVE-2006-1228)
|
CVE-2006-1228
CWE-287
|
CWE-287
|
Medium
|
|
Drupal Improper Authentication Vulnerability (CVE-2010-3091)
|
CVE-2010-3091
CWE-287
|
CWE-287
|
Medium
|
|
Drupal Improper Authentication Vulnerability (CVE-2010-3685)
|
CVE-2010-3685
CWE-287
|
CWE-287
|
Medium
|
|
Drupal Improper Authentication Vulnerability (CVE-2010-3686)
|
CVE-2010-3686
CWE-287
|
CWE-287
|
Medium
|
|
Drupal Improper Authentication Vulnerability (CVE-2019-10911)
|
CVE-2019-10911
CWE-287
|
CWE-287
|
High
|
|
Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-1921)
|
CVE-2005-1921
CWE-94
|
CWE-94
|
High
|
|
Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5593)
|
CVE-2007-5593
CWE-94
|
CWE-94
|
Medium
|
|
Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-2372)
|
CVE-2009-2372
CWE-94
|
CWE-94
|
Medium
|
|
Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-6385)
|
CVE-2013-6385
CWE-94
|
CWE-94
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2007-6299)
|
CVE-2007-6299
CWE-20
|
CWE-20
|
High
|
|
Drupal Improper Input Validation Vulnerability (CVE-2010-2473)
|
CVE-2010-2473
CWE-20
|
CWE-20
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2012-1589)
|
CVE-2012-1589
CWE-20
|
CWE-20
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2012-5653)
|
CVE-2012-5653
CWE-20
|
CWE-20
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2013-6389)
|
CVE-2013-6389
CWE-20
|
CWE-20
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2014-5019)
|
CVE-2014-5019
CWE-20
|
CWE-20
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2015-3234)
|
CVE-2015-3234
CWE-20
|
CWE-20
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2016-9452)
|
CVE-2016-9452
CWE-20
|
CWE-20
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2017-6921)
|
CVE-2017-6921
CWE-20
|
CWE-20
|
Medium
|
|
Drupal Improper Input Validation Vulnerability (CVE-2018-7600)
|
CVE-2018-7600
CWE-20
|
CWE-20
|
Critical
|
|
Drupal Improper Input Validation Vulnerability (CVE-2019-6339)
|
CVE-2019-6339
CWE-20
|
CWE-20
|
Critical
|
|
Drupal Improper Input Validation Vulnerability (CVE-2019-6342)
|
CVE-2019-6342
CWE-20
|
CWE-20
|
Critical
|
|
Drupal Improper Input Validation Vulnerability (CVE-2022-24775)
|
CVE-2022-24775
CWE-20
|
CWE-20
|
High
|
|
Drupal Improper Input Validation Vulnerability (CVE-2022-25271)
|
CVE-2022-25271
CWE-20
|
CWE-20
|
High
|
|
Drupal Improper Input Validation Vulnerability (CVE-2022-25273)
|
CVE-2022-25273
CWE-20
|
CWE-20
|
High
|
|
Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-11831)
|
CVE-2019-11831
CWE-22
|
CWE-22
|
Critical
|
|
Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-39261)
|
CVE-2022-39261
CWE-22
|
CWE-22
|
High
|
|
Drupal Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2020-36193)
|
CVE-2020-36193
CWE-59
|
CWE-59
|
High
|
|
Drupal Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)
|
CVE-2019-11358
CWE-1321
|
CWE-1321
|
Medium
|
|
Drupal Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2007-5595)
|
CVE-2007-5595
CWE-113
|
CWE-113
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0136)
|
CVE-2007-0136
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-4064)
|
CVE-2007-4064
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5596)
|
CVE-2007-5596
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5621)
|
CVE-2007-5621
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0273)
|
CVE-2008-0273
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0274)
|
CVE-2008-0274
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0276)
|
CVE-2008-0276
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0462)
|
CVE-2008-0462
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1131)
|
CVE-2008-1131
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1133)
|
CVE-2008-1133
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3218)
|
CVE-2008-3218
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3219)
|
CVE-2008-3219
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3740)
|
CVE-2008-3740
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3741)
|
CVE-2008-3741
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6170)
|
CVE-2008-6170
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6533)
|
CVE-2008-6533
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1047)
|
CVE-2009-1047
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1575)
|
CVE-2009-1575
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1844)
|
CVE-2009-1844
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2373)
|
CVE-2009-2373
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3156)
|
CVE-2009-3156
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3479)
|
CVE-2009-3479
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4369)
|
CVE-2009-4369
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4370)
|
CVE-2009-4370
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4371)
|
CVE-2009-4371
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2250)
|
CVE-2010-2250
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2472)
|
CVE-2010-2472
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3094)
|
CVE-2010-3094
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5312)
|
CVE-2010-5312
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2714)
|
CVE-2011-2714
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2339)
|
CVE-2012-2339
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0244)
|
CVE-2013-0244
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6387)
|
CVE-2013-6387
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6388)
|
CVE-2013-6388
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1607)
|
CVE-2014-1607
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5021)
|
CVE-2014-5021
CWE-707
|
CWE-707
|
Low
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5022)
|
CVE-2014-5022
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6658)
|
CVE-2015-6658
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6665)
|
CVE-2015-6665
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7571)
|
CVE-2016-7571
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6927)
|
CVE-2017-6927
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6929)
|
CVE-2017-6929
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-9861)
|
CVE-2018-9861
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6341)
|
CVE-2019-6341
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10909)
|
CVE-2019-10909
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11876)
|
CVE-2019-11876
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9281)
|
CVE-2020-9281
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)
|
CVE-2020-11022
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
|
CVE-2020-11023
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13666)
|
CVE-2020-13666
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13668)
|
CVE-2020-13668
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13669)
|
CVE-2020-13669
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13672)
|
CVE-2020-13672
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13688)
|
CVE-2020-13688
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33829)
|
CVE-2021-33829
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164)
|
CVE-2021-41164
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165)
|
CVE-2021-41165
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)
|
CVE-2021-41182
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183)
|
CVE-2021-41183
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)
|
CVE-2021-41184
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728)
|
CVE-2022-24728
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25276)
|
CVE-2022-25276
CWE-707
|
CWE-707
|
Medium
|
|
Drupal Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-13664)
|
CVE-2020-13664
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-2999)
|
CVE-2008-2999
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3223)
|
CVE-2008-3223
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2715)
|
CVE-2011-2715
CWE-138
|
CWE-138
|
Critical
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3704)
|
CVE-2014-3704
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6659)
|
CVE-2015-6659
CWE-138
|
CWE-138
|
High
|
|
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10910)
|
CVE-2019-10910
CWE-138
|
CWE-138
|
Critical
|
|
Drupal Improper Privilege Management Vulnerability (CVE-2017-6924)
|
CVE-2017-6924
CWE-269
|
CWE-269
|
High
|
|
Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31042)
|
CVE-2022-31042
CWE-212
|
CWE-212
|
Medium
|
|
Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31043)
|
CVE-2022-31043
CWE-212
|
CWE-212
|
Medium
|
|
Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)
|
CVE-2017-6381
CWE-829
|
CWE-829
|
High
|
|
Drupal Incorrect Authorization Vulnerability (CVE-2011-2726)
|
CVE-2011-2726
CWE-863
|
CWE-863
|
High
|
|
Drupal Incorrect Authorization Vulnerability (CVE-2017-6377)
|
CVE-2017-6377
CWE-863
|
CWE-863
|
High
|
|
Drupal Incorrect Authorization Vulnerability (CVE-2020-13676)
|
CVE-2020-13676
CWE-863
|
CWE-863
|
Medium
|
|
Drupal Incorrect Authorization Vulnerability (CVE-2022-25270)
|
CVE-2022-25270
CWE-863
|
CWE-863
|
Medium
|
|
Drupal Incorrect Authorization Vulnerability (CVE-2022-25274)
|
CVE-2022-25274
CWE-863
|
CWE-863
|
Medium
|
|
Drupal Incorrect Authorization Vulnerability (CVE-2023-31250)
|
CVE-2023-31250
CWE-863
|
CWE-863
|
Medium
|
|
Drupal Incorrect Default Permissions Vulnerability (CVE-2020-13667)
|
CVE-2020-13667
CWE-276
|
CWE-276
|
Medium
|
|
Drupal Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2017-6928)
|
CVE-2017-6928
CWE-732
|
CWE-732
|
Medium
|
|
Drupal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-24729)
|
CVE-2022-24729
CWE-1333
|
CWE-1333
|
High
|
|
Drupal Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-9450)
|
CVE-2016-9450
CWE-345
|
CWE-345
|
High
|
|
Drupal Missing Authorization Vulnerability (CVE-2017-6923)
|
CVE-2017-6923
CWE-862
|
CWE-862
|
Medium
|
|
Drupal Numeric Errors Vulnerability (CVE-2007-5416)
|
CVE-2007-5416
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2002-1806)
|
CVE-2002-1806
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2005-0682)
|
CVE-2005-0682
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2005-1871)
|
CVE-2005-1871
|
|
High
|
|
Drupal Other Vulnerability (CVE-2005-2106)
|
CVE-2005-2106
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2005-3973)
|
CVE-2005-3973
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2005-3974)
|
CVE-2005-3974
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2005-3975)
|
CVE-2005-3975
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-0070)
|
CVE-2006-0070
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-1225)
|
CVE-2006-1225
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-1226)
|
CVE-2006-1226
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-1227)
|
CVE-2006-1227
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-2260)
|
CVE-2006-2260
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-2742)
|
CVE-2006-2742
|
|
High
|
|
Drupal Other Vulnerability (CVE-2006-2743)
|
CVE-2006-2743
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-2831)
|
CVE-2006-2831
|
|
High
|
|
Drupal Other Vulnerability (CVE-2006-2832)
|
CVE-2006-2832
|
|
Low
|
|
Drupal Other Vulnerability (CVE-2006-2833)
|
CVE-2006-2833
|
|
Low
|
|
Drupal Other Vulnerability (CVE-2006-3570)
|
CVE-2006-3570
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-4002)
|
CVE-2006-4002
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-4120)
|
CVE-2006-4120
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-5475)
|
CVE-2006-5475
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2006-5476)
|
CVE-2006-5476
|
|
High
|
|
Drupal Other Vulnerability (CVE-2006-5477)
|
CVE-2006-5477
|
|
Low
|
|
Drupal Other Vulnerability (CVE-2007-0124)
|
CVE-2007-0124
|
|
Low
|
|
Drupal Other Vulnerability (CVE-2007-0658)
|
CVE-2007-0658
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2007-4063)
|
CVE-2007-4063
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2008-3661)
|
CVE-2008-3661
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2015-3232)
|
CVE-2015-3232
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2015-3233)
|
CVE-2015-3233
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2016-3164)
|
CVE-2016-3164
|
|
High
|
|
Drupal Other Vulnerability (CVE-2016-3166)
|
CVE-2016-3166
|
|
Medium
|
|
Drupal Other Vulnerability (CVE-2016-3167)
|
CVE-2016-3167
|
|
High
|
|
Drupal Other Vulnerability (CVE-2022-25275)
|
CVE-2022-25275
|
|
High
|
|
Drupal Other Vulnerability (CVE-2024-22362)
|
CVE-2024-22362
|
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5597)
|
CVE-2007-5597
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2771)
|
CVE-2008-2771
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3742)
|
CVE-2008-3742
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3745)
|
CVE-2008-3745
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4789)
|
CVE-2008-4789
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4790)
|
CVE-2008-4790
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4791)
|
CVE-2008-4791
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4792)
|
CVE-2008-4792
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3092)
|
CVE-2010-3092
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3093)
|
CVE-2010-3093
CWE-264
|
CWE-264
|
Low
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2687)
|
CVE-2011-2687
CWE-264
|
CWE-264
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0827)
|
CVE-2012-0827
CWE-264
|
CWE-264
|
Low
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1590)
|
CVE-2012-1590
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1591)
|
CVE-2012-1591
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2153)
|
CVE-2012-2153
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4553)
|
CVE-2012-4553
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4554)
|
CVE-2012-4554
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5651)
|
CVE-2012-5651
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0245)
|
CVE-2013-0245
CWE-264
|
CWE-264
|
Low
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0246)
|
CVE-2013-0246
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-1476)
|
CVE-2014-1476
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-5020)
|
CVE-2014-5020
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-5267)
|
CVE-2014-5267
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9015)
|
CVE-2014-9015
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3169)
|
CVE-2016-3169
CWE-264
|
CWE-264
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)
|
CVE-2016-6211
CWE-264
|
CWE-264
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7570)
|
CVE-2016-7570
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7572)
|
CVE-2016-7572
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2022-29248)
|
CVE-2022-29248
CWE-565
|
CWE-565
|
High
|
|
Drupal Resource Management Errors Vulnerability (CVE-2012-1588)
|
CVE-2012-1588
|
|
Low
|
|
Drupal Resource Management Errors Vulnerability (CVE-2013-0316)
|
CVE-2013-0316
|
|
Medium
|
|
Drupal Resource Management Errors Vulnerability (CVE-2014-5265)
|
CVE-2014-5265
|
|
Medium
|
|
Drupal Resource Management Errors Vulnerability (CVE-2014-5266)
|
CVE-2014-5266
|
|
Medium
|
|
Drupal Session Fixation Vulnerability (CVE-2008-3222)
|
CVE-2008-3222
CWE-384
|
CWE-384
|
Medium
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-6931)
|
CVE-2017-6931
CWE-434
|
CWE-434
|
Medium
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13671)
|
CVE-2020-13671
CWE-434
|
CWE-434
|
High
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13675)
|
CVE-2020-13675
CWE-434
|
CWE-434
|
Critical
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-2471)
|
CVE-2010-2471
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2749)
|
CVE-2015-2749
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2750)
|
CVE-2015-2750
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943)
|
CVE-2015-7943
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-9451)
|
CVE-2016-9451
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-6932)
|
CVE-2017-6932
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-13662)
|
CVE-2020-13662
CWE-601
|
CWE-601
|
Medium
|
|
DWR Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5325)
|
CVE-2014-5325
CWE-200
|
CWE-200
|
Medium
|
|
DWR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5326)
|
CVE-2014-5326
CWE-707
|
CWE-707
|
Medium
|
|
e107 Credentials Management Errors Vulnerability (CVE-2013-7305)
|
CVE-2013-7305
|
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5084)
|
CVE-2010-5084
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)
|
CVE-2011-4947
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6433)
|
CVE-2012-6433
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434)
|
CVE-2012-6434
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)
|
CVE-2017-8098
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-11127)
|
CVE-2018-11127
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)
|
CVE-2018-15901
CWE-352
|
CWE-352
|
High
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
|
CVE-2018-17081
CWE-352
|
CWE-352
|
Medium
|
|
e107 Deserialization of Untrusted Data Vulnerability (CVE-2016-10753)
|
CVE-2016-10753
CWE-502
|
CWE-502
|
High
|
|
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
|
CVE-2011-3731
CWE-200
|
CWE-200
|
Medium
|
|
e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)
|
CVE-2008-1989
CWE-94
|
CWE-94
|
Critical
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0857)
|
CVE-2006-0857
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6208)
|
CVE-2008-6208
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3444)
|
CVE-2009-3444
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083)
|
CVE-2009-4083
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0997)
|
CVE-2010-0997
CWE-707
|
CWE-707
|
Low
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4757)
|
CVE-2010-4757
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0457)
|
CVE-2011-0457
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4920)
|
CVE-2011-4920
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3843)
|
CVE-2012-3843
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2750)
|
CVE-2013-2750
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1041)
|
CVE-2015-1041
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1057)
|
CVE-2015-1057
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-11734)
|
CVE-2018-11734
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16381)
|
CVE-2018-16381
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17423)
|
CVE-2018-17423
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36121)
|
CVE-2023-36121
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2011-1513)
|
CVE-2011-1513
CWE-138
|
CWE-138
|
High
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-2416)
|
CVE-2006-2416
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5320)
|
CVE-2008-5320
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1409)
|
CVE-2009-1409
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4084)
|
CVE-2009-4084
CWE-138
|
CWE-138
|
High
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4921)
|
CVE-2011-4921
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4946)
|
CVE-2011-4946
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10378)
|
CVE-2016-10378
CWE-138
|
CWE-138
|
High
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16389)
|
CVE-2018-16389
CWE-138
|
CWE-138
|
Medium
|
|
e107 Inadequate Encryption Strength Vulnerability (CVE-2021-27885)
|
CVE-2021-27885
CWE-326
|
CWE-326
|
High
|
|
e107 Other Vulnerability (CVE-2003-1191)
|
CVE-2003-1191
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2028)
|
CVE-2004-2028
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2031)
|
CVE-2004-2031
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2039)
|
CVE-2004-2039
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2040)
|
CVE-2004-2040
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2042)
|
CVE-2004-2042
|
|
High
|
|
e107 Other Vulnerability (CVE-2004-2262)
|
CVE-2004-2262
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-1949)
|
CVE-2005-1949
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-1966)
|
CVE-2005-1966
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-2327)
|
CVE-2005-2327
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-2559)
|
CVE-2005-2559
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-2805)
|
CVE-2005-2805
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-3521)
|
CVE-2005-3521
|
|
High
|
|
e107 Other Vulnerability (CVE-2005-3594)
|
CVE-2005-3594
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-4051)
|
CVE-2005-4051
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-4224)
|
CVE-2005-4224
|
|
High
|
|
e107 Other Vulnerability (CVE-2006-0682)
|
CVE-2006-0682
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-2590)
|
CVE-2006-2590
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-2591)
|
CVE-2006-2591
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-3259)
|
CVE-2006-3259
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-4548)
|
CVE-2006-4548
|
|
High
|
|
e107 Other Vulnerability (CVE-2006-4757)
|
CVE-2006-4757
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-4794)
|
CVE-2006-4794
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-5786)
|
CVE-2006-5786
|
|
High
|
|
e107 Other Vulnerability (CVE-2007-3429)
|
CVE-2007-3429
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2010-0996)
|
CVE-2010-0996
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2010-2098)
|
CVE-2010-2098
|
|
High
|
|
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020)
|
CVE-2008-2020
CWE-264
|
CWE-264
|
Medium
|
|
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-2099)
|
CVE-2010-2099
CWE-264
|
CWE-264
|
High
|
|
e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16388)
|
CVE-2018-16388
CWE-434
|
CWE-434
|
High
|
|
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5212)
|
CVE-2013-5212
CWE-707
|
CWE-707
|
Medium
|
|
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1403)
|
CVE-2014-1403
CWE-707
|
CWE-707
|
Medium
|
|
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27739)
|
CVE-2023-27739
CWE-707
|
CWE-707
|
Medium
|
|
Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964)
|
CVE-2021-3964
CWE-639
|
CWE-639
|
Medium
|
|
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980)
|
CVE-2021-3980
CWE-359
|
CWE-359
|
High
|
|
Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3733)
|
CVE-2011-3733
CWE-200
|
CWE-200
|
Medium
|
|
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2935)
|
CVE-2011-2935
CWE-707
|
CWE-707
|
Medium
|
|
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6561)
|
CVE-2012-6561
CWE-707
|
CWE-707
|
Medium
|
|
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0234)
|
CVE-2013-0234
CWE-707
|
CWE-707
|
Medium
|
|
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4072)
|
CVE-2021-4072
CWE-707
|
CWE-707
|
Medium
|
|
Elgg Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2936)
|
CVE-2011-2936
CWE-138
|
CWE-138
|
Critical
|
|
Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6562)
|
CVE-2012-6562
CWE-264
|
CWE-264
|
Medium
|
|
Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6563)
|
CVE-2012-6563
CWE-264
|
CWE-264
|
Medium
|
|
Elgg URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11016)
|
CVE-2019-11016
CWE-601
|
CWE-601
|
Medium
|
|
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4170)
|
CVE-2013-4170
CWE-707
|
CWE-707
|
Medium
|
|
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0013)
|
CVE-2014-0013
CWE-707
|
CWE-707
|
Medium
|
|
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0014)
|
CVE-2014-0014
CWE-707
|
CWE-707
|
Medium
|
|
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0046)
|
CVE-2014-0046
CWE-707
|
CWE-707
|
Low
|
|
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1866)
|
CVE-2015-1866
CWE-707
|
CWE-707
|
Medium
|
|
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565)
|
CVE-2015-7565
CWE-707
|
CWE-707
|
Medium
|
|
Envoy mishandles dropped and truncated datagrams Issue (CVE-2020-35471)
|
CVE-2020-35471
|
|
High
|
|
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)
|
CVE-2019-15225
CWE-770
|
CWE-770
|
High
|
|
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27492)
|
CVE-2023-27492
CWE-770
|
CWE-770
|
Medium
|
|
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2022-21655)
|
CVE-2022-21655
CWE-670
|
CWE-670
|
High
|
|
Envoy Proxy Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-45806)
|
CVE-2024-45806
CWE-639
|
CWE-639
|
Critical
|
|
Envoy Proxy CVE-2019-18802 Vulnerability (CVE-2019-18802)
|
CVE-2019-18802
|
|
Critical
|
|
Envoy Proxy CVE-2020-25018 Vulnerability (CVE-2020-25018)
|
CVE-2020-25018
|
|
High
|
|
Envoy Proxy CVE-2023-27487 Vulnerability (CVE-2023-27487)
|
CVE-2023-27487
|
|
Critical
|
|
Envoy Proxy CVE-2023-27488 Vulnerability (CVE-2023-27488)
|
CVE-2023-27488
|
|
Critical
|
|
Envoy Proxy CVE-2023-27496 Vulnerability (CVE-2023-27496)
|
CVE-2023-27496
|
|
High
|
|
Envoy Proxy CVE-2024-7207 Vulnerability (CVE-2024-7207)
|
CVE-2024-7207
|
|
Critical
|
|
Envoy Proxy CVE-2024-23324 Vulnerability (CVE-2024-23324)
|
CVE-2024-23324
|
|
High
|
|
Envoy Proxy CVE-2024-45807 Vulnerability (CVE-2024-45807)
|
CVE-2024-45807
|
|
High
|
|
Envoy Proxy CVE-2024-45810 Vulnerability (CVE-2024-45810)
|
CVE-2024-45810
|
|
High
|
|
Envoy Proxy CVE-2025-30157 Vulnerability (CVE-2025-30157)
|
CVE-2025-30157
|
|
High
|
|
Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-32778)
|
CVE-2021-32778
CWE-834
|
CWE-834
|
High
|
|
Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-39204)
|
CVE-2021-39204
CWE-834
|
CWE-834
|
High
|
|
Envoy Proxy Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-11767)
|
CVE-2020-11767
CWE-200
|
CWE-200
|
Low
|
|
Envoy Proxy Improper Authentication Vulnerability (CVE-2021-21378)
|
CVE-2021-21378
CWE-287
|
CWE-287
|
High
|
|
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21654)
|
CVE-2022-21654
CWE-295
|
CWE-295
|
Critical
|
|
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21656)
|
CVE-2022-21656
CWE-295
|
CWE-295
|
Medium
|
|
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21657)
|
CVE-2022-21657
CWE-295
|
CWE-295
|
Medium
|
|
Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-32780)
|
CVE-2021-32780
CWE-754
|
CWE-754
|
High
|
|
Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-39162)
|
CVE-2021-39162
CWE-754
|
CWE-754
|
High
|
|
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2023-35941)
|
CVE-2023-35941
CWE-116
|
CWE-116
|
Critical
|
|
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2024-45808)
|
CVE-2024-45808
CWE-116
|
CWE-116
|
Medium
|
|
Envoy Proxy Improper Handling of Exceptional Conditions Vulnerability (CVE-2024-23325)
|
CVE-2024-23325
CWE-755
|
CWE-755
|
High
|
|
Envoy Proxy Improper Handling of Highly Compressed Data (Data Amplification) Vulnerability (CVE-2022-29225)
|
CVE-2022-29225
CWE-409
|
CWE-409
|
High
|
|
Envoy Proxy Improper Input Validation Vulnerability (CVE-2019-9900)
|
CVE-2019-9900
CWE-20
|
CWE-20
|
High
|
|
Envoy Proxy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-29492)
|
CVE-2021-29492
CWE-22
|
CWE-22
|
Critical
|
|
Envoy Proxy Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-12604)
|
CVE-2020-12604
CWE-119
|
CWE-119
|
High
|
|
Envoy Proxy Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32781)
|
CVE-2021-32781
CWE-119
|
CWE-119
|
High
|
|
Envoy Proxy Incomplete Cleanup Vulnerability (CVE-2023-35945)
|
CVE-2023-35945
CWE-459
|
CWE-459
|
High
|
|
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27491)
|
CVE-2023-27491
|
|
Critical
|
|
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27493)
|
CVE-2023-27493
|
|
Critical
|
|
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-35944)
|
CVE-2023-35944
|
|
Medium
|
|
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-23326)
|
CVE-2024-23326
|
|
High
|
|
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-32777)
|
CVE-2021-32777
CWE-863
|
CWE-863
|
High
|
|
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-32779)
|
CVE-2021-32779
CWE-863
|
CWE-863
|
High
|
|
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-39206)
|
CVE-2021-39206
CWE-863
|
CWE-863
|
High
|
|
Envoy Proxy Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-8660)
|
CVE-2020-8660
CWE-345
|
CWE-345
|
Medium
|
|
Envoy Proxy Integer Overflow or Wraparound Vulnerability (CVE-2021-28682)
|
CVE-2021-28682
CWE-190
|
CWE-190
|
High
|
|
Envoy Proxy Integer Underflow (Wrap or Wraparound) Vulnerability (CVE-2024-32975)
|
CVE-2024-32975
CWE-191
|
CWE-191
|
High
|
|
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-18836)
|
CVE-2019-18836
CWE-835
|
CWE-835
|
High
|
|
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)
|
CVE-2024-32976
CWE-835
|
CWE-835
|
High
|
|
Envoy Proxy Missing Authentication for Critical Function Vulnerability (CVE-2022-29226)
|
CVE-2022-29226
CWE-306
|
CWE-306
|
Critical
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2019-18838)
|
CVE-2019-18838
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-28683)
|
CVE-2021-28683
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-43824)
|
CVE-2021-43824
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2022-29224)
|
CVE-2022-29224
CWE-476
|
CWE-476
|
Medium
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-23327)
|
CVE-2024-23327
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-45809)
|
CVE-2024-45809
CWE-476
|
CWE-476
|
High
|
|
Envoy Proxy Origin Validation Error Vulnerability (CVE-2020-15104)
|
CVE-2020-15104
CWE-346
|
CWE-346
|
Medium
|
|
Envoy Proxy Other Vulnerability (CVE-2020-25017)
|
CVE-2020-25017
|
|
High
|
|
Envoy Proxy Other Vulnerability (CVE-2024-34363)
|
CVE-2024-34363
|
|
High
|
|
Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2019-18801)
|
CVE-2019-18801
CWE-787
|
CWE-787
|
Critical
|
|
Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2024-34364)
|
CVE-2024-34364
CWE-787
|
CWE-787
|
Medium
|
|
Envoy Proxy Reachable Assertion Vulnerability (CVE-2021-29258)
|
CVE-2021-29258
CWE-617
|
CWE-617
|
High
|
|
Envoy Proxy Reachable Assertion Vulnerability (CVE-2022-29228)
|
CVE-2022-29228
CWE-617
|
CWE-617
|
High
|
|
Envoy Proxy Uncontrolled Recursion Vulnerability (CVE-2022-23606)
|
CVE-2022-23606
CWE-674
|
CWE-674
|
Medium
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2019-15226)
|
CVE-2019-15226
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-8663)
|
CVE-2020-8663
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-12603)
|
CVE-2020-12603
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-12605)
|
CVE-2020-12605
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
CWE-400
|
CWE-400
|
High
|
|
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2024-23323)
|
CVE-2024-23323
CWE-400
|
CWE-400
|
Medium
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2021-43825)
|
CVE-2021-43825
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2021-43826)
|
CVE-2021-43826
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2022-29227)
|
CVE-2022-29227
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2023-35942)
|
CVE-2023-35942
CWE-416
|
CWE-416
|
Medium
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2023-35943)
|
CVE-2023-35943
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2024-23322)
|
CVE-2024-23322
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2024-32974)
|
CVE-2024-32974
CWE-416
|
CWE-416
|
High
|
|
Envoy Proxy Use After Free Vulnerability (CVE-2024-34362)
|
CVE-2024-34362
CWE-416
|
CWE-416
|
Medium
|
|
Envoy Proxy Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-9901)
|
CVE-2019-9901
CWE-706
|
CWE-706
|
Critical
|
|
Envoy Wrong DOWNSTREAM_REMOTE_ADDRESS logged Issue (CVE-2020-35470)
|
CVE-2020-35470
|
|
High
|
|
EspoCRM Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-38846)
|
CVE-2022-38846
CWE-319
|
CWE-319
|
Medium
|
|
EspoCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7985)
|
CVE-2014-7985
CWE-22
|
CWE-22
|
Critical
|
|
EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38844)
|
CVE-2022-38844
CWE-1236
|
CWE-1236
|
High
|
|
EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38845)
|
CVE-2022-38845
CWE-1236
|
CWE-1236
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7987)
|
CVE-2014-7987
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17301)
|
CVE-2018-17301
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17302)
|
CVE-2018-17302
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13643)
|
CVE-2019-13643
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14329)
|
CVE-2019-14329
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14330)
|
CVE-2019-14330
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14331)
|
CVE-2019-14331
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14349)
|
CVE-2019-14349
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14350)
|
CVE-2019-14350
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14546)
|
CVE-2019-14546
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14547)
|
CVE-2019-14547
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14548)
|
CVE-2019-14548
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14549)
|
CVE-2019-14549
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14550)
|
CVE-2019-14550
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3539)
|
CVE-2021-3539
CWE-707
|
CWE-707
|
Medium
|
|
EspoCRM Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2019-14351)
|
CVE-2019-14351
CWE-307
|
CWE-307
|
High
|
|
EspoCRM Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7986)
|
CVE-2014-7986
CWE-264
|
CWE-264
|
Medium
|
|
EspoCRM Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-46736)
|
CVE-2023-46736
CWE-918
|
CWE-918
|
Medium
|
|
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-38843)
|
CVE-2022-38843
CWE-434
|
CWE-434
|
High
|
|
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5965)
|
CVE-2023-5965
CWE-434
|
CWE-434
|
High
|
|
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5966)
|
CVE-2023-5966
CWE-434
|
CWE-434
|
High
|
|
Ext JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8046)
|
CVE-2018-8046
CWE-707
|
CWE-707
|
Medium
|
|
Ext JS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2007-6758)
|
CVE-2007-6758
CWE-918
|
CWE-918
|
High
|
|
Family Connections Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0699)
|
CVE-2012-0699
CWE-352
|
CWE-352
|
High
|
|
Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-3419)
|
CVE-2010-3419
CWE-94
|
CWE-94
|
High
|
|
Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-5130)
|
CVE-2011-5130
CWE-94
|
CWE-94
|
Medium
|
|
Family Connections Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-2901)
|
CVE-2008-2901
CWE-138
|
CWE-138
|
Medium
|
|
Family Connections Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2010)
|
CVE-2009-2010
CWE-138
|
CWE-138
|
Medium
|
|
Family Connections Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-4338)
|
CVE-2007-4338
CWE-264
|
CWE-264
|
Critical
|
|
fancybox Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1494)
|
CVE-2015-1494
CWE-707
|
CWE-707
|
Medium
|
|
FluxBB CVE-2011-3621 Vulnerability (CVE-2011-3621)
|
CVE-2011-3621
|
|
Critical
|
|
FluxBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-9574)
|
CVE-2014-9574
CWE-22
|
CWE-22
|
Critical
|
|
FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35240)
|
CVE-2020-35240
CWE-707
|
CWE-707
|
Medium
|
|
FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43677)
|
CVE-2021-43677
CWE-707
|
CWE-707
|
Medium
|
|
FluxBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-10029)
|
CVE-2014-10029
CWE-138
|
CWE-138
|
High
|
|
FluxBB Other Vulnerability (CVE-2014-10030)
|
CVE-2014-10030
|
|
Medium
|
|
FluxBB Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2020-28873)
|
CVE-2020-28873
CWE-916
|
CWE-916
|
High
|
|
FrontAccounting Cross-site Request Forgery (CSRF) Vulnerability (CVE-2018-7176)
|
CVE-2018-7176
|
|
High
|
|
Frontaccounting Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3740)
|
CVE-2011-3740
CWE-200
|
CWE-200
|
Medium
|
|
Frontaccounting Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5117)
|
CVE-2007-5117
CWE-94
|
CWE-94
|
Critical
|
|
Frontaccounting Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5148)
|
CVE-2007-5148
CWE-94
|
CWE-94
|
Medium
|
|
Frontaccounting Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-21244)
|
CVE-2020-21244
CWE-22
|
CWE-22
|
Medium
|
|
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4037)
|
CVE-2009-4037
CWE-138
|
CWE-138
|
High
|
|
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4045)
|
CVE-2009-4045
CWE-138
|
CWE-138
|
High
|
|
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-1000890)
|
CVE-2018-1000890
CWE-138
|
CWE-138
|
High
|
|
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5720)
|
CVE-2019-5720
CWE-138
|
CWE-138
|
Critical
|
|
FrontAccounting Multiple SQL Injection Vulnerabilities (CVE-2014-3973)
|
CVE-2014-3973
|
|
High
|
|
Frontaccounting Other Vulnerability (CVE-2007-4279)
|
CVE-2007-4279
|
|
High
|
|
GeoServer CVE-2023-35042 Vulnerability (CVE-2023-35042)
|
CVE-2023-35042
|
|
Critical
|
|
GeoServer CVE-2024-34696 Vulnerability (CVE-2024-34696)
|
CVE-2024-34696
|
|
Medium
|
|
GeoServer Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-36401)
|
CVE-2024-36401
CWE-94
|
CWE-94
|
Critical
|
|
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-41877)
|
CVE-2023-41877
CWE-22
|
CWE-22
|
High
|
|
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-24749)
|
CVE-2024-24749
CWE-22
|
CWE-22
|
High
|
|
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-51445)
|
CVE-2023-51445
CWE-707
|
CWE-707
|
Medium
|
|
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23640)
|
CVE-2024-23640
CWE-707
|
CWE-707
|
Medium
|
|
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23642)
|
CVE-2024-23642
CWE-707
|
CWE-707
|
Medium
|
|
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23643)
|
CVE-2024-23643
CWE-707
|
CWE-707
|
Medium
|
|
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23818)
|
CVE-2024-23818
CWE-707
|
CWE-707
|
Medium
|
|
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23819)
|
CVE-2024-23819
CWE-707
|
CWE-707
|
Medium
|
|
GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23821)
|
CVE-2024-23821
CWE-707
|
CWE-707
|
Medium
|
|
GeoServer Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-7227)
|
CVE-2008-7227
CWE-119
|
CWE-119
|
Medium
|
|
GeoServer Other Vulnerability (CVE-2024-23634)
|
CVE-2024-23634
|
|
Medium
|
|
GeoServer Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-51444)
|
CVE-2023-51444
CWE-434
|
CWE-434
|
High
|
|
GibbonEdu CVE-2023-45878 Vulnerability (CVE-2023-45878)
|
CVE-2023-45878
|
|
Critical
|
|
GibbonEdu Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-34598)
|
CVE-2023-34598
CWE-22
|
CWE-22
|
Critical
|
|
GibbonEdu Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-45880)
|
CVE-2023-45880
CWE-22
|
CWE-22
|
High
|
|
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40214)
|
CVE-2021-40214
CWE-707
|
CWE-707
|
Medium
|
|
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40492)
|
CVE-2021-40492
CWE-707
|
CWE-707
|
Medium
|
|
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22868)
|
CVE-2022-22868
CWE-707
|
CWE-707
|
Medium
|
|
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23871)
|
CVE-2022-23871
CWE-707
|
CWE-707
|
Medium
|
|
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34599)
|
CVE-2023-34599
CWE-707
|
CWE-707
|
Medium
|
|
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45879)
|
CVE-2023-45879
CWE-707
|
CWE-707
|
Medium
|
|
GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45881)
|
CVE-2023-45881
CWE-707
|
CWE-707
|
Medium
|
|
GibbonEdu Session Fixation Vulnerability (CVE-2022-27305)
|
CVE-2022-27305
CWE-384
|
CWE-384
|
High
|
|
GlassFish CVE-2010-2397 Vulnerability (CVE-2010-2397)
|
CVE-2010-2397
|
|
Low
|
|
GlassFish CVE-2010-4438 Vulnerability (CVE-2010-4438)
|
CVE-2010-4438
|
|
Medium
|
|
GlassFish CVE-2011-0807 Vulnerability (CVE-2011-0807)
|
CVE-2011-0807
|
|
Critical
|
|
GlassFish CVE-2011-3559 Vulnerability (CVE-2011-3559)
|
CVE-2011-3559
|
|
High
|
|
GlassFish CVE-2012-0081 Vulnerability (CVE-2012-0081)
|
CVE-2012-0081
|
|
Low
|
|
GlassFish CVE-2012-0104 Vulnerability (CVE-2012-0104)
|
CVE-2012-0104
|
|
Medium
|
|
GlassFish CVE-2012-0550 Vulnerability (CVE-2012-0550)
|
CVE-2012-0550
|
|
Medium
|
|
GlassFish CVE-2012-0551 Vulnerability (CVE-2012-0551)
|
CVE-2012-0551
|
|
Medium
|
|
GlassFish CVE-2012-3155 Vulnerability (CVE-2012-3155)
|
CVE-2012-3155
|
|
Medium
|
|
GlassFish CVE-2013-1508 Vulnerability (CVE-2013-1508)
|
CVE-2013-1508
|
|
Medium
|
|
GlassFish CVE-2016-3607 Vulnerability (CVE-2016-3607)
|
CVE-2016-3607
|
|
Critical
|
|
GlassFish CVE-2016-3608 Vulnerability (CVE-2016-3608)
|
CVE-2016-3608
|
|
Medium
|
|
GlassFish CVE-2016-5477 Vulnerability (CVE-2016-5477)
|
CVE-2016-5477
|
|
Medium
|
|
GlassFish CVE-2016-5519 Vulnerability (CVE-2016-5519)
|
CVE-2016-5519
|
|
High
|
|
GlassFish CVE-2016-5528 Vulnerability (CVE-2016-5528)
|
CVE-2016-5528
|
|
Critical
|
|
GlassFish CVE-2017-3247 Vulnerability (CVE-2017-3247)
|
CVE-2017-3247
|
|
Medium
|
|
GlassFish CVE-2017-3249 Vulnerability (CVE-2017-3249)
|
CVE-2017-3249
|
|
High
|
|
GlassFish CVE-2017-3626 Vulnerability (CVE-2017-3626)
|
CVE-2017-3626
|
|
Low
|
|
GlassFish CVE-2017-10385 Vulnerability (CVE-2017-10385)
|
CVE-2017-10385
|
|
Medium
|
|
GlassFish CVE-2017-10391 Vulnerability (CVE-2017-10391)
|
CVE-2017-10391
|
|
High
|
|
GlassFish CVE-2017-10393 Vulnerability (CVE-2017-10393)
|
CVE-2017-10393
|
|
Medium
|
|
GlassFish CVE-2017-10400 Vulnerability (CVE-2017-10400)
|
CVE-2017-10400
|
|
Medium
|
|
GlassFish CVE-2018-2911 Vulnerability (CVE-2018-2911)
|
CVE-2018-2911
|
|
High
|
|
GlassFish CVE-2018-3152 Vulnerability (CVE-2018-3152)
|
CVE-2018-3152
|
|
High
|
|
GlassFish CVE-2018-3210 Vulnerability (CVE-2018-3210)
|
CVE-2018-3210
|
|
Medium
|
|
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3239)
|
CVE-2017-3239
CWE-200
|
CWE-200
|
Low
|
|
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3250)
|
CVE-2017-3250
CWE-200
|
CWE-200
|
High
|
|
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000029)
|
CVE-2017-1000029
CWE-200
|
CWE-200
|
High
|
|
GlassFish Improper Authentication Vulnerability (CVE-2017-1000030)
|
CVE-2017-1000030
CWE-287
|
CWE-287
|
Critical
|
|
GlassFish Improper Input Validation Vulnerability (CVE-2011-5035)
|
CVE-2011-5035
CWE-20
|
CWE-20
|
Medium
|
|
GlassFish Improper Input Validation Vulnerability (CVE-2015-3237)
|
CVE-2015-3237
CWE-20
|
CWE-20
|
Medium
|
|
GlassFish Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000028)
|
CVE-2017-1000028
CWE-22
|
CWE-22
|
High
|
|
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2751)
|
CVE-2008-2751
CWE-707
|
CWE-707
|
Medium
|
|
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5266)
|
CVE-2008-5266
CWE-707
|
CWE-707
|
Medium
|
|
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1553)
|
CVE-2009-1553
CWE-707
|
CWE-707
|
Medium
|
|
GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3314)
|
CVE-2021-3314
CWE-707
|
CWE-707
|
Medium
|
|
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-7182)
|
CVE-2015-7182
CWE-119
|
CWE-119
|
Critical
|
|
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1950)
|
CVE-2016-1950
CWE-119
|
CWE-119
|
High
|
|
GlassFish Observable Discrepancy Vulnerability (CVE-2013-1620)
|
CVE-2013-1620
CWE-203
|
CWE-203
|
Medium
|
|
GlassFish Use of Hard-coded Credentials Vulnerability (CVE-2018-14324)
|
CVE-2018-14324
CWE-798
|
CWE-798
|
Critical
|
|
Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2022-35957)
|
CVE-2022-35957
CWE-290
|
CWE-290
|
Medium
|
|
Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2023-3128)
|
CVE-2023-3128
CWE-290
|
CWE-290
|
Critical
|
|
Grafana Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-10452)
|
CVE-2024-10452
CWE-639
|
CWE-639
|
Low
|
|
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-12458)
|
CVE-2020-12458
CWE-312
|
CWE-312
|
Medium
|
|
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2022-26148)
|
CVE-2022-26148
CWE-312
|
CWE-312
|
Critical
|
|
Grafana Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-39328)
|
CVE-2022-39328
CWE-362
|
CWE-362
|
High
|
|
Grafana Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-21703)
|
CVE-2022-21703
CWE-352
|
CWE-352
|
High
|
|
Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)
|
CVE-2021-27358
|
|
High
|
|
Grafana CVE-2022-39201 Vulnerability (CVE-2022-39201)
|
CVE-2022-39201
|
|
High
|
|
Grafana CVE-2022-39307 Vulnerability (CVE-2022-39307)
|
CVE-2022-39307
|
|
Medium
|
|
Grafana CVE-2023-1387 Vulnerability (CVE-2023-1387)
|
CVE-2023-1387
|
|
High
|
|
Grafana CVE-2023-4399 Vulnerability (CVE-2023-4399)
|
CVE-2023-4399
|
|
High
|
|
Grafana CVE-2023-4822 Vulnerability (CVE-2023-4822)
|
CVE-2023-4822
|
|
High
|
|
Grafana CVE-2024-1442 Vulnerability (CVE-2024-1442)
|
CVE-2024-1442
|
|
High
|
|
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19039)
|
CVE-2018-19039
CWE-200
|
CWE-200
|
Medium
|
|
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-19499)
|
CVE-2019-19499
CWE-200
|
CWE-200
|
Medium
|
|
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-12459)
|
CVE-2020-12459
CWE-200
|
CWE-200
|
Medium
|
|
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21673)
|
CVE-2022-21673
CWE-200
|
CWE-200
|
Medium
|
|
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-23498)
|
CVE-2022-23498
CWE-200
|
CWE-200
|
High
|
|
Grafana Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2021-41244)
|
CVE-2021-41244
CWE-610
|
CWE-610
|
Critical
|
|
Grafana Improper Authentication Vulnerability (CVE-2018-15727)
|
CVE-2018-15727
CWE-287
|
CWE-287
|
Critical
|
|
Grafana Improper Authentication Vulnerability (CVE-2021-28148)
|
CVE-2021-28148
CWE-287
|
CWE-287
|
High
|
|
Grafana Improper Authentication Vulnerability (CVE-2021-39226)
|
CVE-2021-39226
CWE-287
|
CWE-287
|
High
|
|
Grafana Improper Authentication Vulnerability (CVE-2022-32276)
|
CVE-2022-32276
CWE-287
|
CWE-287
|
High
|
|
Grafana Improper Authentication Vulnerability (CVE-2022-39229)
|
CVE-2022-39229
CWE-287
|
CWE-287
|
Medium
|
|
Grafana Improper Input Validation Vulnerability (CVE-2022-39306)
|
CVE-2022-39306
CWE-20
|
CWE-20
|
High
|
|
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43798)
|
CVE-2021-43798
CWE-22
|
CWE-22
|
High
|
|
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43813)
|
CVE-2021-43813
CWE-22
|
CWE-22
|
Medium
|
|
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43815)
|
CVE-2021-43815
CWE-22
|
CWE-22
|
Medium
|
|
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-32275)
|
CVE-2022-32275
CWE-22
|
CWE-22
|
High
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12099)
|
CVE-2018-12099
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18623)
|
CVE-2018-18623
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18624)
|
CVE-2018-18624
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18625)
|
CVE-2018-18625
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000816)
|
CVE-2018-1000816
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13068)
|
CVE-2019-13068
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11110)
|
CVE-2020-11110
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12052)
|
CVE-2020-12052
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12245)
|
CVE-2020-12245
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13430)
|
CVE-2020-13430
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24303)
|
CVE-2020-24303
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41174)
|
CVE-2021-41174
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-21702)
|
CVE-2022-21702
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23552)
|
CVE-2022-23552
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31097)
|
CVE-2022-31097
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-39324)
|
CVE-2022-39324
CWE-707
|
CWE-707
|
Low
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0507)
|
CVE-2023-0507
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0594)
|
CVE-2023-0594
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1410)
|
CVE-2023-1410
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-22462)
|
CVE-2023-22462
CWE-707
|
CWE-707
|
Medium
|
|
Grafana Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-9264)
|
CVE-2024-9264
CWE-138
|
CWE-138
|
High
|
|
Grafana Improper Preservation of Permissions Vulnerability (CVE-2022-36062)
|
CVE-2022-36062
CWE-281
|
CWE-281
|
Low
|
|
Grafana Improper Synchronization Vulnerability (CVE-2023-2801)
|
CVE-2023-2801
CWE-662
|
CWE-662
|
Medium
|
|
Grafana Improper Verification of Cryptographic Signature Vulnerability (CVE-2022-31123)
|
CVE-2022-31123
CWE-347
|
CWE-347
|
High
|
|
Grafana Incorrect Authorization Vulnerability (CVE-2021-28146)
|
CVE-2021-28146
CWE-863
|
CWE-863
|
Medium
|
|
Grafana Incorrect Authorization Vulnerability (CVE-2022-21713)
|
CVE-2022-21713
CWE-863
|
CWE-863
|
Medium
|
|
Grafana Incorrect Authorization Vulnerability (CVE-2022-31107)
|
CVE-2022-31107
CWE-863
|
CWE-863
|
High
|
|
Grafana Incorrect Authorization Vulnerability (CVE-2023-6152)
|
CVE-2023-6152
CWE-863
|
CWE-863
|
Medium
|
|
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962)
|
CVE-2021-27962
CWE-732
|
CWE-732
|
High
|
|
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2019-15635)
|
CVE-2019-15635
CWE-522
|
CWE-522
|
Medium
|
|
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130)
|
CVE-2022-31130
CWE-522
|
CWE-522
|
High
|
|
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2019-15043)
|
CVE-2019-15043
CWE-306
|
CWE-306
|
High
|
|
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2022-28660)
|
CVE-2022-28660
CWE-306
|
CWE-306
|
Critical
|
|
Grafana Missing Authorization Vulnerability (CVE-2023-2183)
|
CVE-2023-2183
CWE-862
|
CWE-862
|
Medium
|
|
Grafana Other Vulnerability (CVE-2021-28147)
|
CVE-2021-28147
|
|
Medium
|
|
Grafana Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-13379)
|
CVE-2020-13379
CWE-918
|
CWE-918
|
High
|
|
Grafana Signature Verification Vulnerability (CVE-2020-27846)
|
CVE-2020-27846
|
|
Critical
|
|
Grafana URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29170)
|
CVE-2022-29170
CWE-601
|
CWE-601
|
High
|
|
GSAP CVE-2020-28478 Vulnerability (CVE-2020-28478)
|
CVE-2020-28478
|
|
High
|
|
Gunicorn Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2018-1000164)
|
CVE-2018-1000164
CWE-707
|
CWE-707
|
High
|
|
Handlebars CVE-2021-23369 Vulnerability (CVE-2021-23369)
|
CVE-2021-23369
|
|
Critical
|
|
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-20920)
|
CVE-2019-20920
CWE-94
|
CWE-94
|
High
|
|
Handlebars Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8861)
|
CVE-2015-8861
CWE-707
|
CWE-707
|
Medium
|
|
Handlebars Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-19919)
|
CVE-2019-19919
CWE-138
|
CWE-138
|
Critical
|
|
Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)
|
CVE-2019-20922
CWE-835
|
CWE-835
|
High
|
|
Handlebars Other Vulnerability (CVE-2021-23383)
|
CVE-2021-23383
|
|
Critical
|
|
Hesk Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3743)
|
CVE-2011-3743
CWE-200
|
CWE-200
|
Medium
|
|
Hesk Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5287)
|
CVE-2011-5287
CWE-707
|
CWE-707
|
Medium
|
|
Hesk Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13897)
|
CVE-2020-13897
CWE-707
|
CWE-707
|
Medium
|
|
Hiawatha Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8358)
|
CVE-2019-8358
CWE-22
|
CWE-22
|
High
|
|
Highcharts JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29489)
|
CVE-2021-29489
CWE-707
|
CWE-707
|
Medium
|
|
Highcharts JS Incorrect Regular Expression Vulnerability (CVE-2018-20801)
|
CVE-2018-20801
CWE-185
|
CWE-185
|
High
|
|
Horde remote code execution
|
CVE-2014-1691
CWE-94
|
CWE-94
|
High
|
|
HSQLDB CVE-2022-41853 Vulnerability (CVE-2022-41853)
|
CVE-2022-41853
|
|
Critical
|
|
IBMHttpServer CVE-2012-5955 Vulnerability (CVE-2012-5955)
|
CVE-2012-5955
|
|
Critical
|
|
IBMHttpServer Improper Input Validation Vulnerability (CVE-2023-26281)
|
CVE-2023-26281
CWE-20
|
CWE-20
|
High
|
|
IBMHttpServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1360)
|
CVE-2011-1360
CWE-707
|
CWE-707
|
Medium
|
|
IBMHttpServer Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-4947)
|
CVE-2015-4947
CWE-119
|
CWE-119
|
Critical
|
|
IBMHttpServer Observable Discrepancy Vulnerability (CVE-2023-32342)
|
CVE-2023-32342
CWE-203
|
CWE-203
|
High
|
|
IBMHttpServer Other Vulnerability (CVE-2000-0505)
|
CVE-2000-0505
|
|
Medium
|
|
IBMHttpServer Other Vulnerability (CVE-2000-1168)
|
CVE-2000-1168
|
|
High
|
|
IBMHttpServer Other Vulnerability (CVE-2001-0122)
|
CVE-2001-0122
|
|
Medium
|
|
IBMHttpServer Other Vulnerability (CVE-2002-1822)
|
CVE-2002-1822
|
|
Medium
|
|
IBMHttpServer Other Vulnerability (CVE-2004-0263)
|
CVE-2004-0263
|
|
Medium
|
|
IBMHttpServer Other Vulnerability (CVE-2004-0492)
|
CVE-2004-0492
|
|
Critical
|
|
IBMHttpServer Other Vulnerability (CVE-2004-0493)
|
CVE-2004-0493
|
|
Medium
|
|
IBMHttpServer Other Vulnerability (CVE-2004-1082)
|
CVE-2004-1082
|
|
High
|
|
IBMHttpServer Other Vulnerability (CVE-2006-3918)
|
CVE-2006-3918
|
|
Medium
|
|
IBM Lotus Domino web server Cross-Site Scripting vulnerabilities
|
CVE-2012-3301
CVE-2012-3302
CWE-79
|
CWE-79
|
High
|
|
IBM RTC Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-29786)
|
CVE-2021-29786
CWE-312
|
CWE-312
|
Medium
|
|
IBM RTC Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0748)
|
CVE-2012-0748
CWE-352
|
CWE-352
|
Medium
|
|
IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4691)
|
CVE-2020-4691
|
|
Medium
|
|
IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4697)
|
CVE-2020-4697
|
|
Medium
|
|
IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4733)
|
CVE-2020-4733
|
|
Medium
|
|
IBM RTC CVE-2015-1971 Vulnerability (CVE-2015-1971)
|
CVE-2015-1971
|
|
Medium
|
|
IBM RTC CVE-2017-1191 Vulnerability (CVE-2017-1191)
|
CVE-2017-1191
|
|
Medium
|
|
IBM RTC CVE-2018-1694 Vulnerability (CVE-2018-1694)
|
CVE-2018-1694
|
|
Medium
|
|
IBM RTC CVE-2019-4084 Vulnerability (CVE-2019-4084)
|
CVE-2019-4084
|
|
Medium
|
|
IBM RTC CVE-2020-4964 Vulnerability (CVE-2020-4964)
|
CVE-2020-4964
|
|
Medium
|
|
IBM RTC Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-4989)
|
CVE-2020-4989
CWE-668
|
CWE-668
|
Medium
|
|
IBM RTC Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-29701)
|
CVE-2021-29701
CWE-668
|
CWE-668
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3050)
|
CVE-2014-3050
CWE-200
|
CWE-200
|
Low
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3092)
|
CVE-2014-3092
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6131)
|
CVE-2014-6131
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-0113)
|
CVE-2015-0113
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-4962)
|
CVE-2015-4962
CWE-200
|
CWE-200
|
Low
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7449)
|
CVE-2015-7449
CWE-200
|
CWE-200
|
Low
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0372)
|
CVE-2016-0372
CWE-200
|
CWE-200
|
Low
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2865)
|
CVE-2016-2865
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2947)
|
CVE-2016-2947
CWE-200
|
CWE-200
|
Low
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2987)
|
CVE-2016-2987
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6024)
|
CVE-2016-6024
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9700)
|
CVE-2016-9700
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9735)
|
CVE-2016-9735
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1099)
|
CVE-2017-1099
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1240)
|
CVE-2017-1240
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1251)
|
CVE-2017-1251
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1488)
|
CVE-2017-1488
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1507)
|
CVE-2017-1507
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1509)
|
CVE-2017-1509
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1524)
|
CVE-2017-1524
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1559)
|
CVE-2017-1559
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1570)
|
CVE-2017-1570
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1725)
|
CVE-2017-1725
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1734)
|
CVE-2017-1734
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1423)
|
CVE-2018-1423
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1606)
|
CVE-2018-1606
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1734)
|
CVE-2018-1734
CWE-200
|
CWE-200
|
Medium
|
|
IBM RTC Files or Directories Accessible to External Parties Vulnerability (CVE-2017-1602)
|
CVE-2017-1602
CWE-552
|
CWE-552
|
Medium
|
|
IBM RTC Generation of Error Message Containing Sensitive Information (CVE-2020-4487)
|
CVE-2020-4487
CWE-209
|
CWE-209
|
Medium
|
|
IBM RTC Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2020-4544)
|
CVE-2020-4544
CWE-209
|
CWE-209
|
Medium
|
|
IBM RTC Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1753)
|
CVE-2017-1753
CWE-94
|
CWE-94
|
Medium
|
|
IBM RTC Improper Input Validation Vulnerability (CVE-2015-1928)
|
CVE-2015-1928
CWE-20
|
CWE-20
|
Medium
|
|
IBM RTC Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-4252)
|
CVE-2019-4252
CWE-22
|
CWE-22
|
High
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1029)
|
CVE-2011-1029
CWE-707
|
CWE-707
|
Low
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2606)
|
CVE-2011-2606
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2607)
|
CVE-2011-2607
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5404)
|
CVE-2013-5404
CWE-707
|
CWE-707
|
Low
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0122)
|
CVE-2015-0122
CWE-707
|
CWE-707
|
Low
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0123)
|
CVE-2015-0123
CWE-707
|
CWE-707
|
Low
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0130)
|
CVE-2015-0130
CWE-707
|
CWE-707
|
Low
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7453)
|
CVE-2015-7453
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7471)
|
CVE-2015-7471
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-0273)
|
CVE-2016-0273
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-0285)
|
CVE-2016-0285
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-0331)
|
CVE-2016-0331
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-2864)
|
CVE-2016-2864
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-2926)
|
CVE-2016-2926
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-2986)
|
CVE-2016-2986
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-3014)
|
CVE-2016-3014
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6035)
|
CVE-2016-6035
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6037)
|
CVE-2016-6037
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9701)
|
CVE-2016-9701
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9733)
|
CVE-2016-9733
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9746)
|
CVE-2016-9746
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9973)
|
CVE-2016-9973
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1113)
|
CVE-2017-1113
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1237)
|
CVE-2017-1237
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1365)
|
CVE-2017-1365
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1629)
|
CVE-2017-1629
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1653)
|
CVE-2017-1653
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1655)
|
CVE-2017-1655
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1762)
|
CVE-2017-1762
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1394)
|
CVE-2018-1394
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1407)
|
CVE-2018-1407
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1408)
|
CVE-2018-1408
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1521)
|
CVE-2018-1521
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1558)
|
CVE-2018-1558
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1688)
|
CVE-2018-1688
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1758)
|
CVE-2018-1758
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1760)
|
CVE-2018-1760
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1761)
|
CVE-2018-1761
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1762)
|
CVE-2018-1762
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1766)
|
CVE-2018-1766
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1826)
|
CVE-2018-1826
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1827)
|
CVE-2018-1827
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1828)
|
CVE-2018-1828
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1892)
|
CVE-2018-1892
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1893)
|
CVE-2018-1893
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1916)
|
CVE-2018-1916
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1952)
|
CVE-2018-1952
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1982)
|
CVE-2018-1982
CWE-707
|
CWE-707
|
Medium
|
|
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1983)
|
CVE-2018-1983
CWE-707
|
CWE-707
|
Medium
|
|
|