v.26.4.2314

Critical Severity Vulnerabilities

Found 1593 vulnerabilities at Critical severity.

Vulnerability Name

CVE

CWE

Severity

MySQL CVE-2016-9841 Vulnerability (CVE-2016-9841)

CVE-2016-9841

-

Critical

MySQL CVE-2016-9843 Vulnerability (CVE-2016-9843)

CVE-2016-9843

-

Critical

phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9849)

CVE-2016-9849

CWE-264

Critical

phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9865)

CVE-2016-9865

-

Critical

phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9866)

CVE-2016-9866

CWE-352

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2016-9935)

CVE-2016-9935

CWE-125

Critical

PHP Use After Free Vulnerability (CVE-2016-9936)

CVE-2016-9936

CWE-416

Critical

MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-0372)

CVE-2017-0372

CWE-138

Critical

Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2017-0898)

CVE-2017-0898

CWE-134

Critical

RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-0899)

CVE-2017-0899

CWE-94

Critical

RubyGems Deserialization of Untrusted Data Vulnerability (CVE-2017-0903)

CVE-2017-0903

CWE-502

Critical

ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000002)

CVE-2017-1000002

CWE-22

Critical

ATutor Improper Privilege Management Vulnerability (CVE-2017-1000003)

CVE-2017-1000003

CWE-269

Critical

ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000004)

CVE-2017-1000004

CWE-138

Critical

GlassFish Improper Authentication Vulnerability (CVE-2017-1000030)

CVE-2017-1000030

CWE-287

Critical

Python Integer Overflow or Wraparound Vulnerability (CVE-2017-1000158)

CVE-2017-1000158

CWE-190

Critical

Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-1000353)

CVE-2017-1000353

CWE-502

Critical

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000362)

CVE-2017-1000362

CWE-200

Critical

b2evolution Improper Input Validation Vulnerability (CVE-2017-1000423)

CVE-2017-1000423

CWE-20

Critical

math.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1001002)

CVE-2017-1001002

CWE-94

Critical

WebLogic CVE-2017-10137 Vulnerability (CVE-2017-10137)

CVE-2017-10137

-

Critical

Oracle Database Server CVE-2017-10282 Vulnerability (CVE-2017-10282)

CVE-2017-10282

-

Critical

Oracle JRE CVE-2017-10285 Vulnerability (CVE-2017-10285)

CVE-2017-10285

-

Critical

Oracle JRE CVE-2017-10346 Vulnerability (CVE-2017-10346)

CVE-2017-10346

-

Critical

WebLogic CVE-2017-10352 Vulnerability (CVE-2017-10352)

CVE-2017-10352

-

Critical

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-10682)

CVE-2017-10682

CWE-138

Critical

Sqlite Out-of-bounds Read Vulnerability (CVE-2017-10989)

CVE-2017-10989

CWE-125

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2017-11147)

CVE-2017-11147

CWE-125

Critical

XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-11174)

CVE-2017-11174

CWE-138

Critical

phpMyFAQ Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2017-11187)

CVE-2017-11187

CWE-307

Critical

Telerik Web UI Inadequate Encryption Strength Vulnerability (CVE-2017-11317)

CVE-2017-11317

CWE-326

Critical

Telerik Web UI Improper Input Validation Vulnerability (CVE-2017-11357)

CVE-2017-11357

CWE-20

Critical

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-11362)

CVE-2017-11362

CWE-119

Critical

Ruby Out-of-bounds Write Vulnerability (CVE-2017-11465)

CVE-2017-11465

CWE-787

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-12149)

CVE-2017-12149

CWE-502

Critical

Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-12629)

CVE-2017-12629

CWE-611

Critical

Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12814)

CVE-2017-12814

CWE-119

Critical

Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12883)

CVE-2017-12883

CWE-119

Critical

PHP Use After Free Vulnerability (CVE-2017-12932)

CVE-2017-12932

CWE-416

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2017-12933)

CVE-2017-12933

CWE-125

Critical

CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035)

CVE-2017-14035

CWE-502

Critical

Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14064)

CVE-2017-14064

CWE-119

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14238)

CVE-2017-14238

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14242)

CVE-2017-14242

CWE-138

Critical

osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14396)

CVE-2017-14396

CWE-138

Critical

Joomla Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') Vulnerability (CVE-2017-14596)

CVE-2017-14596

CWE-138

Critical

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14723)

CVE-2017-14723

CWE-138

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-15095)

CVE-2017-15095

CWE-502

Critical

Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2017-15095)

CVE-2017-15095

CWE-502

Critical

MongoDb CVE-2017-15535 Vulnerability (CVE-2017-15535)

CVE-2017-15535

-

Critical

osTicket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-15580)

CVE-2017-15580

CWE-434

Critical

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-16510)

CVE-2017-16510

CWE-138

Critical

Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-16558)

CVE-2017-16558

CWE-138

Critical

Joomla Improper Authentication Vulnerability (CVE-2017-16634)

CVE-2017-16634

CWE-287

Critical

MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16780)

CVE-2017-16780

CWE-352

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-17485)

CVE-2017-17485

CWE-502

Critical

Nexus Repository Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2017-17717)

CVE-2017-17717

CWE-327

Critical

Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-17790)

CVE-2017-17790

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17897)

CVE-2017-17897

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17899)

CVE-2017-17899

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17900)

CVE-2017-17900

CWE-138

Critical

phpMyAdmin CVE-2017-18264 Vulnerability (CVE-2017-18264)

CVE-2017-18264

-

Critical

Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-20005)

CVE-2017-20005

CWE-190

Critical

phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20029)

CVE-2017-20029

CWE-138

Critical

phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20032)

CVE-2017-20032

CWE-138

Critical

Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-2641)

CVE-2017-2641

CWE-138

Critical

Apache HTTP Server Improper Authentication Vulnerability (CVE-2017-3167)

CVE-2017-3167

CWE-287

Critical

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169)

CVE-2017-3169

CWE-476

Critical

WebLogic CVE-2017-3248 Vulnerability (CVE-2017-3248)

CVE-2017-3248

-

Critical

PHP Integer Overflow or Wraparound Vulnerability (CVE-2017-5340)

CVE-2017-5340

CWE-190

Critical

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5344)

CVE-2017-5344

CWE-138

Critical

b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5539)

CVE-2017-5539

CWE-22

Critical

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5611)

CVE-2017-5611

CWE-138

Critical

WebLogic Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5638)

CVE-2017-5638

CWE-755

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2017-5645)

CVE-2017-5645

CWE-502

Critical