Vulnerability Name CVE Severity
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690) CVE-2021-3690
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053) CVE-2022-2053
Unprotected phpMyAdmin interface
Unrestricted access to Caddy API interface
Unrestricted access to Haproxy Data Plane API
Unrestricted access to Kong Gateway API
Unrestricted access to NGINX+ API interface (read write)
Unrestricted access to Odoo DB manager
Unrestricted File Upload
Unrestricted file upload vulnerability in ofc_upload_image.php CVE-2009-4140
Unsafe use of Reflection
Uploadify arbitrary file upload
User controllable script source
uWSGI Path Traversal vulnerability CVE-2018-7490
uWSGI Unauthorized Access Vulnerability
Vanilla Forums Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000432) CVE-2017-1000432
Vanilla Forums CVE-2013-3528 Vulnerability (CVE-2013-3528) CVE-2013-3528
Vanilla Forums Deserialization of Untrusted Data Vulnerability (CVE-2018-19499) CVE-2018-19499
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3613) CVE-2011-3613
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10073) CVE-2016-10073
Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3527) CVE-2013-3527
Varnish Cache Integer Overflow or Wraparound Vulnerability (CVE-2017-12425) CVE-2017-12425
Varnish Cache Other Vulnerability (CVE-2013-4090) CVE-2013-4090
Varnish Cache Other Vulnerability (CVE-2015-8852) CVE-2015-8852
Varnish Cache Reachable Assertion Vulnerability (CVE-2019-15892) CVE-2019-15892
vBSEO 3.6.0 PHP code injection CVE-2012-5223
vBulletin 4 (up to 4.1.2) search.php SQL injection
vBulletin 5 CONNECT remote code execution
vBulletin 5.1.2 SQL injection CVE-2014-5102
vBulletin 5.6.1 nodeId SQL injection CVE-2020-12720
vBulletin 5.x 0day pre-auth RCE
vBulletin customer number disclosure CVE-2013-6129
vBulletin PHP object injection vulnerability
vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496
vBulletin routestring Local File Inclusion
Vertical Broken Function Level Authorization (BFLA)
Vertical IDOR/BOLA (Broken Object Level Authorization)
Virtual Host locations misconfiguration
VirtueMart access control bypass
Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125) CVE-2025-30208 CVE-2025-31125
VMware directory traversal and privilege escalation vulnerabilities CVE-2009-2267 CVE-2009-3733
VMware Horizon Log4Shell RCE CVE-2021-44228
VMware vCenter Log4Shell RCE CVE-2021-44228
VMware vCenter Server Unauthorized Remote Code Execution CVE-2021-21972
VMware vCenter vcavbootstrap Arbitrary File Read
VMware vRealize Operations Server Side Request Forgery (SSRF) vulnerability CVE-2021-21975
VMware Workspace ONE Access SSTI (CVE-2022-22954) CVE-2022-22954
Vulnerabilities in SharePoint could allow elevation of privilege CVE-2012-1859
Vulnerable package dependencies [high]
Vulnerable project dependencies
W3 Total Cache CVE-2019-6715 Vulnerability (CVE-2019-6715) CVE-2019-6715
Weak password
Weak Secret is Used to Sign JWT
Weak WordPress security key
web.xml configuration file disclosure
webadmin.php script
Web application default/weak credentials
Web Cache Deception
Web Cache Poisoning
Web Cache Poisoning through HTTP/2 pseudo-headers
Web Cache Poisoning via Fat GET Request
Web Cache Poisoning via Host Header
Web Cache Poisoning via JSONP and UTM_ parameter
Web Cache Poisoning via POST Request
Web Cache Poisoning via semicolon query separator
WebDAV Directory Has Write Permissions
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19434) CVE-2018-19434
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19435) CVE-2018-19435
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19436) CVE-2018-19436
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7755) CVE-2019-7755
WeBid Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000882) CVE-2018-1000882
WeBid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-7116) CVE-2008-7116
WeBid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-7119) CVE-2008-7119
WeBid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-1000867) CVE-2018-1000867
WeBid Other Vulnerability (CVE-2014-5114) CVE-2014-5114