Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3045) CVE-2016-3045 CWE-200 CWE-200 Low IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1474) CVE-2017-1474 CWE-200 CWE-200 Medium IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1476) CVE-2017-1476 CWE-200 CWE-200 Medium IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1805) CVE-2018-1805 CWE-200 CWE-200 Medium IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1886) CVE-2018-1886 CWE-200 CWE-200 Medium IBM WebSEAL Improper Authentication Vulnerability (CVE-2018-1443) CVE-2018-1443 CWE-287 CWE-287 Medium IBM WebSEAL Improper Certificate Validation Vulnerability (CVE-2019-4150) CVE-2019-4150 CWE-295 CWE-295 Low IBM WebSEAL Improper Input Validation Vulnerability (CVE-2019-4036) CVE-2019-4036 CWE-20 CWE-20 High IBM WebSEAL Improper Input Validation Vulnerability (CVE-2020-4461) CVE-2020-4461 CWE-20 CWE-20 Medium IBM WebSEAL Improper Input Validation Vulnerability (CVE-2021-20496) CVE-2021-20496 CWE-20 CWE-20 Medium IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-3018) CVE-2016-3018 CWE-707 CWE-707 Medium IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1653) CVE-2018-1653 CWE-707 CWE-707 Medium IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1740) CVE-2018-1740 CWE-707 CWE-707 Medium IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1815) CVE-2018-1815 CWE-707 CWE-707 Medium IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4157) CVE-2019-4157 CWE-707 CWE-707 Medium IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4725) CVE-2019-4725 CWE-707 CWE-707 Medium IBM WebSEAL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-3028) CVE-2016-3028 CWE-138 CWE-138 Critical IBM WebSEAL Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2018-1803) CVE-2018-1803 CWE-1021 CWE-1021 Medium IBM WebSEAL Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-4707) CVE-2019-4707 CWE-611 CWE-611 High IBM WebSEAL Inadequate Encryption Strength Vulnerability (CVE-2018-1814) CVE-2018-1814 CWE-326 CWE-326 High IBM WebSEAL Inadequate Encryption Strength Vulnerability (CVE-2019-4151) CVE-2019-4151 CWE-326 CWE-326 Medium IBM WebSEAL Incorrect Authorization Vulnerability (CVE-2023-38368) CVE-2023-38368 CWE-863 CWE-863 Medium IBM WebSEAL Incorrect Default Permissions Vulnerability (CVE-2023-38370) CVE-2023-38370 CWE-276 CWE-276 Medium IBM WebSEAL Incorrect Default Permissions Vulnerability (CVE-2024-35139) CVE-2024-35139 CWE-276 CWE-276 Medium IBM WebSEAL Insertion of Sensitive Information into Log File Vulnerability (CVE-2017-1480) CVE-2017-1480 CWE-532 CWE-532 Medium IBM WebSEAL Insufficiently Protected Credentials Vulnerability (CVE-2021-20439) CVE-2021-20439 CWE-522 CWE-522 High IBM WebSEAL Missing Authorization Vulnerability (CVE-2019-4158) CVE-2019-4158 CWE-862 CWE-862 Medium IBM WebSEAL Missing Authorization Vulnerability (CVE-2020-4499) CVE-2020-4499 CWE-862 CWE-862 Critical IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4660) CVE-2020-4660 Medium IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4661) CVE-2020-4661 Medium IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4699) CVE-2020-4699 Medium IBM WebSEAL Other Vulnerability (CVE-2019-4552) CVE-2019-4552 Medium IBM WebSEAL Other Vulnerability (CVE-2023-30997) CVE-2023-30997 High IBM WebSEAL Other Vulnerability (CVE-2023-30998) CVE-2023-30998 High IBM WebSEAL Session Fixation Vulnerability (CVE-2018-1804) CVE-2018-1804 CWE-384 CWE-384 Low IBM WebSEAL Session Fixation Vulnerability (CVE-2019-4152) CVE-2019-4152 CWE-384 CWE-384 Medium IBM WebSEAL URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1489) CVE-2017-1489 CWE-601 CWE-601 Medium IBM WebSEAL URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-4153) CVE-2019-4153 CWE-601 CWE-601 Medium IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2019-4156) CVE-2019-4156 CWE-327 CWE-327 Medium IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2023-38371) CVE-2023-38371 CWE-327 CWE-327 High IBM WebSEAL Use of Hard-coded Credentials Vulnerability (CVE-2018-1887) CVE-2018-1887 CWE-798 CWE-798 High IBM WebSEAL Weak Password Requirements Vulnerability (CVE-2024-35137) CVE-2024-35137 CWE-521 CWE-521 Medium IBM WebSphere/WebLogic application source file exposure CWE-200 CWE-200 High IBM WebSphere administration console weak password CWE-200 CWE-200 High IBM WebSphere RCE Java Deserialization Vulnerability CVE-2015-7450 CWE-502 CWE-502 High IIS extended unicode directory traversal vulnerability CVE-2000-0884 CWE-22 CWE-22 High IIS Path disclosure CWE-200 CWE-200 Low ImageMagick remote code execution CVE-2016-3714 CWE-78 CWE-78 High imgproxy SSRF (CVE-2023-30019) CVE-2023-30019 CWE-918 CWE-918 Medium Improper Authorization in Confluence Server and Data Center (CVE-2023-22518) CVE-2023-22518 CWE-284 CWE-284 Critical Incorrect Content Security Policy (CSP) Implementation CWE-16 CWE-16 Informational InfluxDB Unauthorized Access Vulnerability CWE-200 CWE-200 Medium Insecure crossdomain.xml policy CWE-284 CWE-284 Medium Insecure Frame (External) CWE-829 CWE-829 Low Insecure HTTP Usage CWE-16 CWE-16 Medium Insecure Protocol Detected in Content Security Policy (CSP) CWE-16 CWE-16 Informational Insecure Referrer Policy CWE-16 CWE-16 Informational Insecure transition from HTTPS to HTTP in form post CWE-200 CWE-200 Low Insecure transition from HTTP to HTTPS in form post CWE-200 CWE-200 Medium Insecure Transportation Security Protocol Supported (SSLv2) CWE-326 CWE-326 High Insecure Transportation Security Protocol Supported (SSLv3) CWE-326 CWE-326 High Insecure Transportation Security Protocol Supported (TLS 1.0) CWE-326 CWE-326 High Insecure Transportation Security Protocol Supported (TLS 1.1) CWE-326 CWE-326 Medium Insecure usage of Version 1 UUID/GUID CWE-328 CWE-328 Medium Internet Information Server returns IP address in HTTP header (Content-Location) CWE-200 CWE-200 Low Internet Information Services Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2009-3023) CVE-2009-3023 CWE-120 CWE-120 Critical Internet Information Services Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-1999-0861) CVE-1999-0861 CWE-362 CWE-362 Low Internet Information Services Configuration Vulnerability (CVE-1999-0725) CVE-1999-0725 High Internet Information Services Configuration Vulnerability (CVE-2003-1566) CVE-2003-1566 Medium Internet Information Services CVE-2001-0146 Vulnerability (CVE-2001-0146) CVE-2001-0146 Medium Internet Information Services CVE-2002-1790 Vulnerability (CVE-2002-1790) CVE-2002-1790 Medium Internet Information Services CVE-2006-6578 Vulnerability (CVE-2006-6578) CVE-2006-6578 High Internet Information Services CVE-2008-0074 Vulnerability (CVE-2008-0074) CVE-2008-0074 High Internet Information Services CVE-2009-4444 Vulnerability (CVE-2009-4444) CVE-2009-4444 Medium Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-1999-0348) CVE-1999-0348 CWE-200 CWE-200 Medium 1...42434445...303 43 / 303
