Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21657) CVE-2022-21657 CWE-295 CWE-295 Medium Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-35944) CVE-2023-35944 Medium Envoy Proxy Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-8660) CVE-2020-8660 CWE-345 CWE-345 Medium Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2022-29224) CVE-2022-29224 CWE-476 CWE-476 Medium Envoy Proxy Origin Validation Error Vulnerability (CVE-2020-15104) CVE-2020-15104 CWE-346 CWE-346 Medium Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2024-34364) CVE-2024-34364 CWE-787 CWE-787 Medium Envoy Proxy Uncontrolled Recursion Vulnerability (CVE-2022-23606) CVE-2022-23606 CWE-674 CWE-674 Medium Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2024-23323) CVE-2024-23323 CWE-400 CWE-400 Medium Envoy Proxy Use After Free Vulnerability (CVE-2023-35942) CVE-2023-35942 CWE-416 CWE-416 Medium Envoy Proxy Use After Free Vulnerability (CVE-2024-34362) CVE-2024-34362 CWE-416 CWE-416 Medium EspoCRM Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-38846) CVE-2022-38846 CWE-319 CWE-319 Medium EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38845) CVE-2022-38845 CWE-1236 CWE-1236 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7987) CVE-2014-7987 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17301) CVE-2018-17301 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17302) CVE-2018-17302 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13643) CVE-2019-13643 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14329) CVE-2019-14329 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14330) CVE-2019-14330 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14331) CVE-2019-14331 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14349) CVE-2019-14349 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14350) CVE-2019-14350 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14546) CVE-2019-14546 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14547) CVE-2019-14547 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14548) CVE-2019-14548 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14549) CVE-2019-14549 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14550) CVE-2019-14550 CWE-707 CWE-707 Medium EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3539) CVE-2021-3539 CWE-707 CWE-707 Medium EspoCRM Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7986) CVE-2014-7986 CWE-264 CWE-264 Medium EspoCRM Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-46736) CVE-2023-46736 CWE-918 CWE-918 Medium Express cookie-session weak secret key CWE-693 CWE-693 Medium Express running in development mode CWE-200 CWE-200 Medium Ext JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8046) CVE-2018-8046 CWE-707 CWE-707 Medium Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-5130) CVE-2011-5130 CWE-94 CWE-94 Medium Family Connections Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-2901) CVE-2008-2901 CWE-138 CWE-138 Medium Family Connections Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2010) CVE-2009-2010 CWE-138 CWE-138 Medium fancybox Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1494) CVE-2015-1494 CWE-707 CWE-707 Medium FCKeditor arbitrary file upload CVE-2009-2265 CWE-22 CWE-22 Medium File tampering CWE-20 CWE-20 Medium Firebase database accessible without authentication CWE-200 CWE-200 Medium Flask weak secret key CWE-693 CWE-693 Medium FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35240) CVE-2020-35240 CWE-707 CWE-707 Medium FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43677) CVE-2021-43677 CWE-707 CWE-707 Medium FluxBB Other Vulnerability (CVE-2014-10030) CVE-2014-10030 Medium Frontaccounting Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3740) CVE-2011-3740 CWE-200 CWE-200 Medium Frontaccounting Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5148) CVE-2007-5148 CWE-94 CWE-94 Medium Frontaccounting Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-21244) CVE-2020-21244 CWE-22 CWE-22 Medium Frontpage authors.pwd available CWE-538 CWE-538 Medium Full public read access Azure blob storage CWE-264 CWE-264 Medium GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40214) CVE-2021-40214 CWE-707 CWE-707 Medium GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40492) CVE-2021-40492 CWE-707 CWE-707 Medium GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22868) CVE-2022-22868 CWE-707 CWE-707 Medium GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23871) CVE-2022-23871 CWE-707 CWE-707 Medium GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34599) CVE-2023-34599 CWE-707 CWE-707 Medium GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45879) CVE-2023-45879 CWE-707 CWE-707 Medium GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45881) CVE-2023-45881 CWE-707 CWE-707 Medium GIT Detected CWE-527 CWE-527 Medium Gitlab CI Lint SSRF CWE-918 CWE-918 Medium Gitlab open user registration CWE-200 CWE-200 Medium GlassFish CVE-2010-4438 Vulnerability (CVE-2010-4438) CVE-2010-4438 Medium GlassFish CVE-2012-0104 Vulnerability (CVE-2012-0104) CVE-2012-0104 Medium GlassFish CVE-2012-0550 Vulnerability (CVE-2012-0550) CVE-2012-0550 Medium GlassFish CVE-2012-0551 Vulnerability (CVE-2012-0551) CVE-2012-0551 Medium GlassFish CVE-2012-3155 Vulnerability (CVE-2012-3155) CVE-2012-3155 Medium GlassFish CVE-2013-1508 Vulnerability (CVE-2013-1508) CVE-2013-1508 Medium GlassFish CVE-2016-3608 Vulnerability (CVE-2016-3608) CVE-2016-3608 Medium GlassFish CVE-2016-5477 Vulnerability (CVE-2016-5477) CVE-2016-5477 Medium GlassFish CVE-2017-3247 Vulnerability (CVE-2017-3247) CVE-2017-3247 Medium GlassFish CVE-2017-10385 Vulnerability (CVE-2017-10385) CVE-2017-10385 Medium GlassFish CVE-2017-10393 Vulnerability (CVE-2017-10393) CVE-2017-10393 Medium GlassFish CVE-2017-10400 Vulnerability (CVE-2017-10400) CVE-2017-10400 Medium GlassFish CVE-2018-3210 Vulnerability (CVE-2018-3210) CVE-2018-3210 Medium GlassFish Improper Input Validation Vulnerability (CVE-2011-5035) CVE-2011-5035 CWE-20 CWE-20 Medium GlassFish Improper Input Validation Vulnerability (CVE-2015-3237) CVE-2015-3237 CWE-20 CWE-20 Medium GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2751) CVE-2008-2751 CWE-707 CWE-707 Medium GlassFish Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5266) CVE-2008-5266 CWE-707 CWE-707 Medium 1...17181920...99 18 / 99
