Web Application Vulnerabilities

This page lists 23441 vulnerabilities in 68 categories.

Critical: 1499 High: 12791 Medium: 8230 Low: 857 Information: 64

Vulnerability Name

CVE

CWE

Severity

Apache HTTP Server Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-0220)

CVE-2019-0220

CWE-706

Medium

Apache HTTP Server Use of Uninitialized Resource Vulnerability (CVE-2020-1934)

CVE-2020-1934

CWE-908

Medium

Apache httpOnly cookie disclosure

CVE-2012-0053

CWE-264

Medium

Apache JServ protocol service

-

CWE-200

Medium

Apache Kafka Unauthorized Access Vulnerability

-

CWE-200

Medium

Apache Log4j socket receiver deserialization vulnerability

CVE-2017-5645

CWE-502

Critical

Apache Log4j2 JNDI Remote Code Execution

CVE-2021-44228

CWE-78

Critical

Apache Log4j2 JNDI Remote Code Execution (404 page handler)

CVE-2021-44228

CWE-78

Critical

Apache Log4j2 JNDI Remote Code Execution (delayed)

CVE-2021-44228

CWE-78

Critical

Apache Log4j2 JNDI Remote Code Execution (per folder)

CVE-2021-44228

CWE-78

Critical

Apache mod_jk access control bypass

CVE-2018-11759

CWE-918

Medium

Apache mod_negotiation filename bruteforcing

-

CWE-538

Low

Apache mod_rewrite open redirect

CVE-2019-10098

CWE-601

Medium

Apache OFBiz Authentication Bypass (CVE-2023-51467)

CVE-2023-51467

CWE-287

Critical

Apache OFBiz Log4Shell RCE

CVE-2021-44228

CWE-78

High

Apache OFBiz RCE (CVE-2024-32113/CVE-2024-36104/CVE-2024-38856)

CVE-2024-38856

CWE-22

Critical

Apache OFBiz RCE (CVE-2024-45195)

CVE-2024-45195

CWE-425

Critical

Apache OFBiz SOAPService Deserialization RCE

CVE-2021-26295

CWE-502

High

Apache OFBiz SSRF (CVE-2023-50968)

CVE-2023-50968

CWE-918

High

Apache OFBiz SSRF (CVE-2024-45507)

CVE-2024-45507

CWE-918

Critical

Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496/CVE-2023-49070)

CVE-2023-49070

CWE-502

High

Apache perl-status enabled

-

CWE-200

Medium

Apache Proxy HTTP CONNECT method enabled

-

CWE-441

Medium

Apache read beyond bounds in mod_isapi Vulnerability (CVE-2022-28330)

CVE-2022-28330

-

Medium

Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614)

CVE-2022-28614

-

Medium

Apache REST RCE CVE-2018-11770

CVE-2018-11770

CWE-94

High

Apache Roller OGNL injection

CVE-2013-4212

CWE-20

High

Apache Server-Info Detected

-

CWE-200

Medium

Apache Server-Status Detected

-

CWE-200

Medium

Apache Shiro authentication bypass

CVE-2020-17523

CWE-287

High

Apache Shiro Deserialization RCE

CVE-2016-4437

CWE-78

High

Apache Solr Deserialization of untrusted data via jmx.serviceUrl

CVE-2019-0192

-

High

Apache Solr endpoint

-

CWE-200

Low

Apache Solr Log4Shell RCE

CVE-2021-44228

CWE-78

High

Apache Solr Parameter Injection

-

CWE-88

Medium

Apache solr service exposed

-

CWE-200

High

Apache Solr SSRF CVE-2017-3164

CVE-2017-3164

CWE-918

Medium

Apache Spark Master Unauthorized Access Vulnerability

-

CWE-200

High

Apache Spark Web UI Unauthorized Access Vulnerability

-

CWE-200

Medium

Apache stronghold-info enabled

-

CWE-200

Low

Apache stronghold-status enabled

-

CWE-200

Low

Apache Struts 2 ClassLoader manipulation and denial of service

CVE-2014-0114

CWE-701

High

Apache Struts 2 ClassLoader manipulation and denial of service (S2-020)

CVE-2014-0050

CWE-701

High

Apache Struts Path traversal (S2-067/CVE-2024-53677, S2-066/CVE-2023-50164)

CVE-2023-50164

CWE-434

Critical

Apache Struts Remote Code Execution (S2-057)

CVE-2018-11776

CWE-917

High

Apache Struts2 remote code execution vulnerability

CVE-2016-0785

CWE-78

Critical

Apache Struts2 Remote Command Execution (S2-048)

CVE-2017-9791

CWE-94

High

Apache Struts2 Remote Command Execution (S2-052)

CVE-2017-9805

CWE-94

High

Apache Struts2 Remote Command Execution (S2-053)

CVE-2017-12611

CWE-94

Critical

Apache Tapestry Unauthenticated RCE (CVE-2019-0195, CVE-2021-27850)

CVE-2021-27850

CWE-200

High

Apache Tapestry weak secret key

-

CWE-693

High

Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)

CVE-2016-8745

-

High

Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493)

CVE-2002-0493

-

High

Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9634)

CVE-2014-9634

-

Medium

Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635)

CVE-2014-9635

-

Medium

Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286)

CVE-2024-38286

CWE-770

High

Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-48988)

CVE-2025-48988

CWE-770

High

Apache Tomcat Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-49125)

CVE-2025-49125

CWE-288

High

Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037)

CVE-2018-8037

CWE-362

Medium

Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-43980)

CVE-2021-43980

CWE-362

Low

Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-52434)

CVE-2025-52434

CWE-362

High

Apache Tomcat Configuration Vulnerability (CVE-2008-0128)

CVE-2008-0128

-

Medium

Apache Tomcat Configuration Vulnerability (CVE-2010-4312)

CVE-2010-4312

-

Medium

Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)

CVE-2009-3548

-

High

Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-4724)

CVE-2007-4724

CWE-352

Medium

Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-6357)

CVE-2013-6357

CWE-352

Medium

Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351)

CVE-2015-5351

CWE-352

High

Apache Tomcat Cryptographic Issues Vulnerability (CVE-2011-5064)

CVE-2011-5064

-

Medium

Apache Tomcat CVE-2012-5568 Vulnerability (CVE-2012-5568)

CVE-2012-5568

-

Medium

Apache Tomcat CVE-2016-6794 Vulnerability (CVE-2016-6794)

CVE-2016-6794

-

Medium

Apache Tomcat CVE-2016-8735 Vulnerability (CVE-2016-8735)

CVE-2016-8735

-

Critical

Apache Tomcat CVE-2017-5651 Vulnerability (CVE-2017-5651)

CVE-2017-5651

-

Critical

Apache Tomcat CVE-2018-1304 Vulnerability (CVE-2018-1304)

CVE-2018-1304

-

Medium

Apache Tomcat CVE-2018-1305 Vulnerability (CVE-2018-1305)

CVE-2018-1305

-

Medium

Apache Tomcat CVE-2019-2684 Vulnerability (CVE-2019-2684)

CVE-2019-2684

-

Medium

«
1
...
5
6
7
...
313
»