Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache Log4j2 JNDI Remote Code Execution (404 page handler) CVE-2021-44228 CWE-78 CWE-78 Critical Apache Log4j2 JNDI Remote Code Execution (delayed) CVE-2021-44228 CWE-78 CWE-78 Critical Apache Log4j2 JNDI Remote Code Execution (per folder) CVE-2021-44228 CWE-78 CWE-78 Critical Apache Log4j socket receiver deserialization vulnerability CVE-2017-5645 CWE-502 CWE-502 Critical Apache mod_jk access control bypass CVE-2018-11759 CWE-918 CWE-918 Medium Apache mod_negotiation filename bruteforcing CWE-538 CWE-538 Low Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747 CWE-189 CWE-189 High Apache mod_rewrite open redirect CVE-2019-10098 CWE-601 CWE-601 Medium Apache OFBiz Authentication Bypass (CVE-2023-51467) CVE-2023-51467 CWE-287 CWE-287 Critical Apache OFBiz Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High Apache OFBiz RCE (CVE-2024-32113/CVE-2024-36104/CVE-2024-38856) CVE-2024-32113 CVE-2024-36104 CVE-2024-38856 CWE-22 CWE-22 Critical Apache OFBiz RCE (CVE-2024-45195) CVE-2024-45195 CWE-425 CWE-425 Critical Apache OFBiz SOAPService Deserialization RCE CVE-2021-26295 CWE-502 CWE-502 High Apache OFBiz SSRF (CVE-2023-50968) CVE-2023-50968 CWE-918 CWE-918 High Apache OFBiz SSRF (CVE-2024-45507) CVE-2024-45507 CWE-918 CWE-918 Critical Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496/CVE-2023-49070) CVE-2020-9496 CVE-2023-49070 CWE-502 CWE-502 High Apache perl-status enabled CWE-200 CWE-200 Medium Apache Proxy HTTP CONNECT method enabled CWE-441 CWE-441 Medium Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330) CVE-2022-28330 Medium Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614) CVE-2022-28614 Medium Apache REST RCE CVE-2018-11770 CVE-2018-11770 CWE-94 CWE-94 High Apache Roller OGNL injection CVE-2013-4212 CWE-20 CWE-20 High Apache Server-Info Detected CWE-200 CWE-200 Medium Apache Server-Status Detected CWE-200 CWE-200 Medium Apache Shiro authentication bypass CVE-2020-17523 CWE-287 CWE-287 High Apache Shiro Deserialization RCE CVE-2016-4437 CWE-78 CWE-78 High Apache Solr Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192 High Apache Solr endpoint CWE-200 CWE-200 Low Apache Solr Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High Apache Solr Parameter Injection CWE-88 CWE-88 Medium Apache solr service exposed CWE-200 CWE-200 High Apache Solr SSRF CVE-2017-3164 CVE-2017-3164 CWE-918 CWE-918 Medium Apache Spark Master Unauthorized Access Vulnerability CWE-200 CWE-200 High Apache Spark Web UI Unauthorized Access Vulnerability CWE-200 CWE-200 Medium Apache stronghold-info enabled CWE-200 CWE-200 Low Apache stronghold-status enabled CWE-200 CWE-200 Low Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701 CWE-701 High Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050 CWE-701 CWE-701 High Apache Struts2 remote code execution vulnerability CVE-2016-0785 CWE-78 CWE-78 Critical Apache Struts2 Remote Command Execution (S2-048) CVE-2017-9791 CWE-94 CWE-94 High Apache Struts2 Remote Command Execution (S2-052) CVE-2017-9805 CWE-94 CWE-94 High Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611 CWE-94 CWE-94 Critical Apache Struts Path traversal (S2-067/CVE-2024-53677, S2-066/CVE-2023-50164) CVE-2024-53677 CVE-2023-50164 CWE-434 CWE-434 Critical Apache Struts Remote Code Execution (S2-057) CVE-2018-11776 CWE-917 CWE-917 High Apache Tapestry Unauthenticated RCE (CVE-2019-0195, CVE-2021-27850) CVE-2021-27850 CWE-200 CWE-200 High Apache Tapestry weak secret key CWE-693 CWE-693 High Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745) CVE-2016-8745 High Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493) CVE-2002-0493 High Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9634) CVE-2014-9634 Medium Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635) CVE-2014-9635 Medium Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037) CVE-2018-8037 CWE-362 CWE-362 Medium Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-43980) CVE-2021-43980 CWE-362 CWE-362 Low Apache Tomcat Configuration Vulnerability (CVE-2008-0128) CVE-2008-0128 Medium Apache Tomcat Configuration Vulnerability (CVE-2010-4312) CVE-2010-4312 Medium Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548) CVE-2009-3548 High Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-4724) CVE-2007-4724 CWE-352 CWE-352 Medium Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-6357) CVE-2013-6357 CWE-352 CWE-352 Medium Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351) CVE-2015-5351 CWE-352 CWE-352 High Apache Tomcat Cryptographic Issues Vulnerability (CVE-2011-5064) CVE-2011-5064 Medium Apache Tomcat CVE-2012-5568 Vulnerability (CVE-2012-5568) CVE-2012-5568 Medium Apache Tomcat CVE-2016-6794 Vulnerability (CVE-2016-6794) CVE-2016-6794 Medium Apache Tomcat CVE-2017-5651 Vulnerability (CVE-2017-5651) CVE-2017-5651 Critical Apache Tomcat CVE-2018-1304 Vulnerability (CVE-2018-1304) CVE-2018-1304 Medium Apache Tomcat CVE-2018-1305 Vulnerability (CVE-2018-1305) CVE-2018-1305 Medium Apache Tomcat CVE-2019-2684 Vulnerability (CVE-2019-2684) CVE-2019-2684 Medium Apache Tomcat CVE-2020-0822 Vulnerability (CVE-2020-0822) CVE-2020-0822 High Apache Tomcat CVE-2020-13943 Vulnerability (CVE-2020-13943) CVE-2020-13943 Medium Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885) CVE-2022-29885 High Apache Tomcat CVE-2023-34981 Vulnerability (CVE-2023-34981) CVE-2023-34981 High Apache Tomcat CVE-2023-44487 Vulnerability (CVE-2023-44487) CVE-2023-44487 High Apache Tomcat Data Processing Errors Vulnerability (CVE-2014-0227) CVE-2014-0227 Medium Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2020-9484) CVE-2020-9484 CWE-502 CWE-502 High Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329) CVE-2021-25329 CWE-502 CWE-502 High Apache Tomcat directory host Appbase authentication bypass vulnerability CVE-2009-2901 CWE-264 CWE-264 Medium Apache Tomcat examples directory vulnerabilities CWE-264 CWE-264 Medium 1...5678...303 6 / 303
