High Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7981)	CVE-2014-7981 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)	CVE-2015-4654 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7297)	CVE-2015-7297 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7857)	CVE-2015-7857 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7858)	CVE-2015-7858 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8769)	CVE-2015-8769 CWE-138	CWE-138	High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-8045)	CVE-2018-8045 CWE-138	CWE-138	High
Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)	CVE-2020-13763 CWE-281	CWE-281	High
Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)	CVE-2012-1563 CWE-269	CWE-269	High
Joomla Improper Privilege Management Vulnerability (CVE-2018-11323)	CVE-2018-11323 CWE-269	CWE-269	High
Joomla Improper Privilege Management Vulnerability (CVE-2018-17855)	CVE-2018-17855 CWE-269	CWE-269	High
Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)	CVE-2023-23755 CWE-307	CWE-307	High
Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)	CVE-2011-3629 CWE-326	CWE-326	High
Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)	CVE-2019-10946 CWE-306	CWE-306	High
Joomla Missing Authorization Vulnerability (CVE-2019-9713)	CVE-2019-9713 CWE-862	CWE-862	High
Joomla Missing Authorization Vulnerability (CVE-2020-10239)	CVE-2020-10239 CWE-862	CWE-862	High
Joomla Numeric Errors Vulnerability (CVE-2008-4102)	CVE-2008-4102		High
Joomla Other Vulnerability (CVE-2005-3772)	CVE-2005-3772		High
Joomla Other Vulnerability (CVE-2006-1028)	CVE-2006-1028		High
Joomla Other Vulnerability (CVE-2006-2960)	CVE-2006-2960		High
Joomla Other Vulnerability (CVE-2006-3481)	CVE-2006-3481		High
Joomla Other Vulnerability (CVE-2006-6833)	CVE-2006-6833		High
Joomla Other Vulnerability (CVE-2006-7008)	CVE-2006-7008		High
Joomla Other Vulnerability (CVE-2006-7009)	CVE-2006-7009		High
Joomla Other Vulnerability (CVE-2006-7010)	CVE-2006-7010		High
Joomla Other Vulnerability (CVE-2007-0374)	CVE-2007-0374		High
Joomla Other Vulnerability (CVE-2007-4184)	CVE-2007-4184		High
Joomla Other Vulnerability (CVE-2013-1453)	CVE-2013-1453		High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4475)	CVE-2006-4475 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4476)	CVE-2006-4476 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)	CVE-2012-1598 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)	CVE-2014-7984 CWE-264	CWE-264	High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)	CVE-2016-9837 CWE-264	CWE-264	High
Joomla Session Fixation Vulnerability (CVE-2010-1434)	CVE-2010-1434 CWE-384	CWE-384	High
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)	CVE-2018-11322 CWE-434	CWE-434	High
Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)	CVE-2012-1562 CWE-330	CWE-330	High
jQuery File Upload unauthenticated arbitrary file upload	CVE-2018-9206 CWE-434	CWE-434	High
jQuery Validation Other Vulnerability (CVE-2021-43306)	CVE-2021-43306		High
jQuery Validation Other Vulnerability (CVE-2022-31147)	CVE-2022-31147		High
jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)	CVE-2021-21252 CWE-400	CWE-400	High
JSP authentication bypass	CWE-287	CWE-287	High
Jupyter Notebook publicly accessible	CWE-78	CWE-78	High
Kayako Fusion v4.51.1891 - multiple web vulnerabilities	CWE-79	CWE-79	High
Kentico CMS Deserialization RCE	CVE-2019-10068 CWE-502	CWE-502	High
Kentico CMS RCE CVE-2017-17736	CVE-2017-17736 CWE-425	CWE-425	High
Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)	CVE-2021-27306 CWE-863	CWE-863	High
Kong Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)	CVE-2023-44487 CWE-400	CWE-400	High
Laravel log viewer local file download (LFD)	CVE-2018-8947 CWE-22	CWE-22	High
Laravel Terminal open	CWE-200	CWE-200	High
LDAP injection	CWE-20	CWE-20	High
Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266)	CVE-2021-38266		High
Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148)	CVE-2024-25148		High
Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)	CVE-2020-15842 CWE-502	CWE-502	High
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)	CVE-2022-42123 CWE-22	CWE-22	High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)	CVE-2022-42121 CWE-138	CWE-138	High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)	CVE-2023-33945 CWE-138	CWE-138	High
Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)	CVE-2022-42124 CWE-1333	CWE-1333	High
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)	CVE-2023-33949 CWE-1188	CWE-1188	High
Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)	CVE-2020-13445 CWE-138	CWE-138	High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444)	CVE-2019-11444 CWE-138	CWE-138	High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884)	CVE-2020-28884 CWE-138	CWE-138	High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885)	CVE-2020-28885 CWE-138	CWE-138	High
Liferay JSON service API authentication vulnerability	CWE-287	CWE-287	High
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)	CVE-2021-33323 CWE-312	CWE-312	High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)	CVE-2021-33338 CWE-352	CWE-352	High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)	CVE-2023-35030 CWE-352	CWE-352	High
Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)	CVE-2020-15841		High
Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266)	CVE-2021-38266		High
Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148)	CVE-2024-25148		High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)	CVE-2019-16891 CWE-502	CWE-502	High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)	CVE-2020-15842 CWE-502	CWE-502	High
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)	CVE-2021-29047 CWE-287	CWE-287	High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981)	CVE-2022-28981 CWE-22	CWE-22	High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)	CVE-2022-42123 CWE-22	CWE-22	High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125)	CVE-2022-42125 CWE-22	CWE-22	High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7981)

CVE-2014-7981

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)

CVE-2015-4654

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7297)

CVE-2015-7297

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7857)

CVE-2015-7857

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7858)

CVE-2015-7858

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8769)

CVE-2015-8769

CWE-138

High

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-8045)

CVE-2018-8045

CWE-138

High

Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)

CVE-2020-13763

CWE-281

High

Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)

CVE-2012-1563

CWE-269

High

Joomla Improper Privilege Management Vulnerability (CVE-2018-11323)

CVE-2018-11323

CWE-269

High

Joomla Improper Privilege Management Vulnerability (CVE-2018-17855)

CVE-2018-17855

CWE-269

High

Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)

CVE-2023-23755

CWE-307

High

Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)

CVE-2011-3629

CWE-326

High

Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)

CVE-2019-10946

CWE-306

High

Joomla Missing Authorization Vulnerability (CVE-2019-9713)

CVE-2019-9713

CWE-862

High

Joomla Missing Authorization Vulnerability (CVE-2020-10239)

CVE-2020-10239

CWE-862

High

Joomla Numeric Errors Vulnerability (CVE-2008-4102)

CVE-2008-4102

High

Joomla Other Vulnerability (CVE-2005-3772)

CVE-2005-3772

High

Joomla Other Vulnerability (CVE-2006-1028)

CVE-2006-1028

High

Joomla Other Vulnerability (CVE-2006-2960)

CVE-2006-2960

High

Joomla Other Vulnerability (CVE-2006-3481)

CVE-2006-3481

High

Joomla Other Vulnerability (CVE-2006-6833)

CVE-2006-6833

High

Joomla Other Vulnerability (CVE-2006-7008)

CVE-2006-7008

High

Joomla Other Vulnerability (CVE-2006-7009)

CVE-2006-7009

High

Joomla Other Vulnerability (CVE-2006-7010)

CVE-2006-7010

High

Joomla Other Vulnerability (CVE-2007-0374)

CVE-2007-0374

High

Joomla Other Vulnerability (CVE-2007-4184)

CVE-2007-4184

High

Joomla Other Vulnerability (CVE-2013-1453)

CVE-2013-1453

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4475)

CVE-2006-4475

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4476)

CVE-2006-4476

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)

CVE-2012-1598

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)

CVE-2014-7984

CWE-264

High

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)

CVE-2016-9837

CWE-264

High

Joomla Session Fixation Vulnerability (CVE-2010-1434)

CVE-2010-1434

CWE-384

High

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)

CVE-2018-11322

CWE-434

High

Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)

CVE-2012-1562

CWE-330

High

jQuery File Upload unauthenticated arbitrary file upload

CVE-2018-9206

CWE-434

High

jQuery Validation Other Vulnerability (CVE-2021-43306)

CVE-2021-43306

High

jQuery Validation Other Vulnerability (CVE-2022-31147)

CVE-2022-31147

High

jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)

CVE-2021-21252

CWE-400

High

JSP authentication bypass

CWE-287

High

Jupyter Notebook publicly accessible

CWE-78

High

Kayako Fusion v4.51.1891 - multiple web vulnerabilities

CWE-79

High

Kentico CMS Deserialization RCE

CVE-2019-10068

CWE-502

High

Kentico CMS RCE CVE-2017-17736

CVE-2017-17736

CWE-425

High

Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)

CVE-2021-27306

CWE-863

High

Kong Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

CVE-2023-44487

CWE-400

High

Laravel log viewer local file download (LFD)

CVE-2018-8947

CWE-22

High

Laravel Terminal open

CWE-200

High

LDAP injection

CWE-20

High

Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266)

CVE-2021-38266

High

Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148)

CVE-2024-25148

High

Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)

CVE-2020-15842

CWE-502

High

Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)

CVE-2022-42123

CWE-22

High

Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)

CVE-2022-42121

CWE-138

High

Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)

CVE-2023-33945

CWE-138

High

Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)

CVE-2022-42124

CWE-1333

High

Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)

CVE-2023-33949

CWE-1188

High

Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)

CVE-2020-13445

CWE-138

High

Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444)

CVE-2019-11444

CWE-138

High

Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884)

CVE-2020-28884

CWE-138

High

Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885)

CVE-2020-28885

CWE-138

High

Liferay JSON service API authentication vulnerability

CWE-287

High

Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)

CVE-2021-33323

CWE-312

High

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)

CVE-2021-33338

CWE-352

High

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)

CVE-2023-35030

CWE-352

High

Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)

CVE-2020-15841

High

Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266)

CVE-2021-38266

High

Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148)

CVE-2024-25148

High

Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)

CVE-2019-16891

CWE-502

High

Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)

CVE-2020-15842

CWE-502

High

Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)

CVE-2021-29047

CWE-287

High

Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981)

CVE-2022-28981

CWE-22

High

Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)

CVE-2022-42123

CWE-22

High

Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125)

CVE-2022-42125

CWE-22

High

High Severity Vulnerabilities

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities