Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2018-1000424) CVE-2018-1000424 CWE-522 CWE-522 High Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2164) CVE-2020-2164 CWE-522 CWE-522 Medium Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165) CVE-2020-2165 CWE-522 CWE-522 High Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971) CVE-2018-19971 CWE-345 CWE-345 Critical Artifactory Missing Authorization Vulnerability (CVE-2019-10322) CVE-2019-10322 CWE-862 CWE-862 Medium Artifactory Missing Authorization Vulnerability (CVE-2019-10323) CVE-2019-10323 CWE-862 CWE-862 Medium Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036) CVE-2016-10036 CWE-434 CWE-434 Critical Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444) CVE-2019-17444 CWE-521 CWE-521 Critical ASP.NET: Failure To Require SSL For Authentication Cookies CWE-319 CWE-319 Medium ASP.NET application-level tracing enabled CWE-215 CWE-215 Medium ASP.NET ASPX debugging enabled CWE-11 CWE-11 Medium ASP.NET connection strings stored in plaintext CWE-16 CWE-16 High ASP.NET cookieless authentication enabled CWE-598 CWE-598 Medium ASP.NET Cookieless session state enabled CWE-598 CWE-598 Medium ASP.NET cookies accessible from client-side scripts CWE-1004 CWE-1004 Medium ASP.NET Core Development Mode enabled CWE-200 CWE-200 Medium ASP.NET CustomErrors Is Disabled CWE-12 CWE-12 Medium ASP.NET debugging enabled CWE-11 CWE-11 Low ASP.NET Deny missing from authorization rule on location CWE-16 CWE-16 Medium ASP.NET diagnostic page CWE-200 CWE-200 Medium ASP.NET error message CWE-12 CWE-12 Medium ASP.NET event validation disabled CWE-16 CWE-16 Medium ASP.NET expired session IDs are not regenerated CWE-16 CWE-16 Medium ASP.NET forms authentication using inadequate protection CWE-16 CWE-16 Medium ASP.NET header checking is disabled in web.config CWE-16 CWE-16 Medium ASP.NET login credentials stored in plain text CWE-256 CWE-256 Medium ASP.NET MVC Improper Authentication Vulnerability (CVE-2018-8171) CVE-2018-8171 CWE-287 CWE-287 High ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0247) CVE-2017-0247 CWE-20 CWE-20 High ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0249) CVE-2017-0249 CWE-20 CWE-20 High ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0256) CVE-2017-0256 CWE-20 CWE-20 Medium ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075) CVE-2014-4075 CWE-707 CWE-707 Medium ASP.NET path disclosure CWE-200 CWE-200 Low ASP.NET potential HTTP Verb Tampering CWE-16 CWE-16 Medium ASP.NET SignalR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5042) CVE-2013-5042 CWE-707 CWE-707 Medium ASP.NET ValidateRequest Is Globally Disabled CWE-707 CWE-707 Medium ASP.NET viewstate encryption disabled CWE-16 CWE-16 Medium ASP.NET ViewStateUserKey Is Not Set CWE-642 CWE-642 Low ASP.NET WCF metadata enabled for behavior CWE-16 CWE-16 Medium ASP.NET WCF replay attacks are not detected CWE-16 CWE-16 Medium ASP.NET WCF service include exception details CWE-16 CWE-16 Medium Atlassian Confluence Access Restriction Bypass CVE-2017-9505 Medium Atlassian Confluence Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6342) CVE-2012-6342 CWE-352 CWE-352 Medium Atlassian Confluence CVE-2020-29448 Vulnerability (CVE-2020-29448) CVE-2020-29448 Medium Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503) CVE-2023-22503 Medium Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505) CVE-2023-22505 High Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508) CVE-2023-22508 High Atlassian Confluence CVE-2023-22515 Vulnerability (CVE-2023-22515) CVE-2023-22515 Critical Atlassian Confluence CVE-2024-21683 Vulnerability (CVE-2024-21683) CVE-2024-21683 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8399) CVE-2015-8399 CWE-200 CWE-200 Medium Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6668) CVE-2016-6668 CWE-200 CWE-200 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415) CVE-2017-7415 CWE-200 CWE-200 High Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20237) CVE-2018-20237 CWE-200 CWE-200 Medium Atlassian Confluence Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2019-15006) CVE-2019-15006 CWE-913 CWE-913 Medium Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-22526) CVE-2023-22526 CWE-94 CWE-94 High Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21672) CVE-2024-21672 CWE-94 CWE-94 High Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21673) CVE-2024-21673 CWE-94 CWE-94 High Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21674) CVE-2024-21674 CWE-94 CWE-94 High Atlassian Confluence Improper Input Validation Vulnerability (CVE-2018-13389) CVE-2018-13389 CWE-20 CWE-20 Medium Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3394) CVE-2019-3394 CWE-22 CWE-22 High Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3396) CVE-2019-3396 CWE-22 CWE-22 Critical Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3398) CVE-2019-3398 CWE-22 CWE-22 High Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8398) CVE-2015-8398 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4317) CVE-2016-4317 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6283) CVE-2016-6283 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16856) CVE-2017-16856 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18083) CVE-2017-18083 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18084) CVE-2017-18084 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18085) CVE-2017-18085 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18086) CVE-2017-18086 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20239) CVE-2018-20239 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20102) CVE-2019-20102 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14175) CVE-2020-14175 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29444) CVE-2020-29444 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36290) CVE-2020-36290 CWE-707 CWE-707 Medium Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-4027) CVE-2020-4027 CWE-138 CWE-138 Medium 1...10111213...293 11 / 293
