Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Argo CD Information Disclosure (CVE-2024-37152) CVE-2024-37152 CWE-287 CWE-287 Medium Argument Injection CWE-88 CWE-88 High Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206) CVE-2018-1000206 CWE-352 CWE-352 High Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10321) CVE-2019-10321 CWE-352 CWE-352 Medium Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10324) CVE-2019-10324 CWE-352 CWE-352 Medium Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163) CVE-2021-23163 CWE-352 CWE-352 High Artifactory CVE-2019-9733 Vulnerability (CVE-2019-9733) CVE-2019-9733 Critical Artifactory CVE-2020-7931 Vulnerability (CVE-2020-7931) CVE-2020-7931 High Artifactory CVE-2023-42508 Vulnerability (CVE-2023-42508) CVE-2023-42508 Medium Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573) CVE-2022-0573 CWE-502 CWE-502 High Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687) CVE-2021-46687 CWE-668 CWE-668 Medium Artifactory Improper Input Validation Vulnerability (CVE-2016-6501) CVE-2016-6501 CWE-20 CWE-20 Critical Artifactory Improper Input Validation Vulnerability (CVE-2019-19937) CVE-2019-19937 CWE-20 CWE-20 High Artifactory Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000623) CVE-2018-1000623 CWE-22 CWE-22 High Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45721) CVE-2021-45721 CWE-707 CWE-707 Medium Artifactory Improper Privilege Management Vulnerability (CVE-2022-0668) CVE-2022-0668 CWE-269 CWE-269 Critical Artifactory Incorrect Authorization Vulnerability (CVE-2021-45074) CVE-2021-45074 CWE-863 CWE-863 Medium Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730) CVE-2021-45730 CWE-863 CWE-863 Medium Artifactory Incorrect Default Permissions Vulnerability (CVE-2021-46270) CVE-2021-46270 CWE-276 CWE-276 Low Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-41834) CVE-2021-41834 CWE-732 CWE-732 Medium Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2018-1000424) CVE-2018-1000424 CWE-522 CWE-522 High Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2164) CVE-2020-2164 CWE-522 CWE-522 Medium Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165) CVE-2020-2165 CWE-522 CWE-522 High Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971) CVE-2018-19971 CWE-345 CWE-345 Critical Artifactory Missing Authorization Vulnerability (CVE-2019-10322) CVE-2019-10322 CWE-862 CWE-862 Medium Artifactory Missing Authorization Vulnerability (CVE-2019-10323) CVE-2019-10323 CWE-862 CWE-862 Medium Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036) CVE-2016-10036 CWE-434 CWE-434 Critical Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444) CVE-2019-17444 CWE-521 CWE-521 Critical ASP.NET: Failure To Require SSL For Authentication Cookies CWE-319 CWE-319 Medium ASP.NET application-level tracing enabled CWE-215 CWE-215 Medium ASP.NET ASPX debugging enabled CWE-11 CWE-11 Medium ASP.NET connection strings stored in plaintext CWE-16 CWE-16 High ASP.NET cookieless authentication enabled CWE-598 CWE-598 Medium ASP.NET Cookieless session state enabled CWE-598 CWE-598 Medium ASP.NET cookies accessible from client-side scripts CWE-1004 CWE-1004 Medium ASP.NET Core Development Mode enabled CWE-200 CWE-200 Medium ASP.NET CustomErrors Is Disabled CWE-12 CWE-12 Medium ASP.NET debugging enabled CWE-11 CWE-11 Low ASP.NET Deny missing from authorization rule on location CWE-16 CWE-16 Medium ASP.NET diagnostic page CWE-200 CWE-200 Medium ASP.NET error message CWE-12 CWE-12 Medium ASP.NET event validation disabled CWE-16 CWE-16 Medium ASP.NET expired session IDs are not regenerated CWE-16 CWE-16 Medium ASP.NET forms authentication using inadequate protection CWE-16 CWE-16 Medium ASP.NET header checking is disabled in web.config CWE-16 CWE-16 Medium ASP.NET login credentials stored in plain text CWE-256 CWE-256 Medium ASP.NET MVC Improper Authentication Vulnerability (CVE-2018-8171) CVE-2018-8171 CWE-287 CWE-287 High ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0247) CVE-2017-0247 CWE-20 CWE-20 High ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0249) CVE-2017-0249 CWE-20 CWE-20 High ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0256) CVE-2017-0256 CWE-20 CWE-20 Medium ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075) CVE-2014-4075 CWE-707 CWE-707 Medium ASP.NET path disclosure CWE-200 CWE-200 Low ASP.NET potential HTTP Verb Tampering CWE-16 CWE-16 Medium ASP.NET SignalR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5042) CVE-2013-5042 CWE-707 CWE-707 Medium ASP.NET ValidateRequest Is Globally Disabled CWE-707 CWE-707 Medium ASP.NET viewstate encryption disabled CWE-16 CWE-16 Medium ASP.NET ViewStateUserKey Is Not Set CWE-642 CWE-642 Low ASP.NET WCF metadata enabled for behavior CWE-16 CWE-16 Medium ASP.NET WCF replay attacks are not detected CWE-16 CWE-16 Medium ASP.NET WCF service include exception details CWE-16 CWE-16 Medium Atlassian Confluence Access Restriction Bypass CVE-2017-9505 Medium Atlassian Confluence Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6342) CVE-2012-6342 CWE-352 CWE-352 Medium Atlassian Confluence CVE-2020-29448 Vulnerability (CVE-2020-29448) CVE-2020-29448 Medium Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503) CVE-2023-22503 Medium Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505) CVE-2023-22505 High Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508) CVE-2023-22508 High Atlassian Confluence CVE-2023-22515 Vulnerability (CVE-2023-22515) CVE-2023-22515 Critical Atlassian Confluence CVE-2024-21683 Vulnerability (CVE-2024-21683) CVE-2024-21683 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8399) CVE-2015-8399 CWE-200 CWE-200 Medium Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6668) CVE-2016-6668 CWE-200 CWE-200 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415) CVE-2017-7415 CWE-200 CWE-200 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20237) CVE-2018-20237 CWE-200 CWE-200 Medium Atlassian Confluence Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2019-15006) CVE-2019-15006 CWE-913 CWE-913 Medium Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-22526) CVE-2023-22526 CWE-94 CWE-94 High Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21672) CVE-2024-21672 CWE-94 CWE-94 High 1...10111213...303 11 / 303
