v.26.4.2314

Critical Severity Vulnerabilities

Found 1593 vulnerabilities at Critical severity.

Vulnerability Name

CVE

CWE

Severity

WebLogic CVE-2018-2893 Vulnerability (CVE-2018-2893)

CVE-2018-2893

-

Critical

WebLogic CVE-2018-2894 Vulnerability (CVE-2018-2894)

CVE-2018-2894

-

Critical

Oracle Database Server CVE-2018-3110 Vulnerability (CVE-2018-3110)

CVE-2018-3110

-

Critical

Java Unspesificed Vulnerability (CVE-2018-3183)

CVE-2018-3183

-

Critical

WebLogic CVE-2018-3191 Vulnerability (CVE-2018-3191)

CVE-2018-3191

-

Critical

WebLogic CVE-2018-3197 Vulnerability (CVE-2018-3197)

CVE-2018-3197

-

Critical

WebLogic CVE-2018-3201 Vulnerability (CVE-2018-3201)

CVE-2018-3201

-

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2018-3245)

CVE-2018-3245

CWE-502

Critical

WebLogic CVE-2018-3252 Vulnerability (CVE-2018-3252)

CVE-2018-3252

-

Critical

Oracle Database Server CVE-2018-3259 Vulnerability (CVE-2018-3259)

CVE-2018-3259

-

Critical

SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-6308)

CVE-2018-6308

CWE-138

Critical

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-6376)

CVE-2018-6376

CWE-138

Critical

Perl Out-of-bounds Write Vulnerability (CVE-2018-6797)

CVE-2018-6797

CWE-787

Critical

Perl Out-of-bounds Write Vulnerability (CVE-2018-6913)

CVE-2018-6913

CWE-787

Critical

Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-7489)

CVE-2018-7489

CWE-184

Critical

LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-7556)

CVE-2018-7556

CWE-200

Critical

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-7584)

CVE-2018-7584

CWE-119

Critical

Drupal Improper Input Validation Vulnerability (CVE-2018-7600)

CVE-2018-7600

CWE-20

Critical

Drupal CVE-2018-7602 Vulnerability (CVE-2018-7602)

CVE-2018-7602

-

Critical

ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664)

CVE-2018-7664

CWE-138

Critical

ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665)

CVE-2018-7665

CWE-434

Critical

ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666)

CVE-2018-7666

CWE-138

Critical

Apache Tomcat Insecure Default Initialization of Resource Vulnerability (CVE-2018-8014)

CVE-2018-8014

CWE-1188

Critical

Jboss EAP CVE-2018-8088 Vulnerability (CVE-2018-8088)

CVE-2018-8088

-

Critical

Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-8780)

CVE-2018-8780

CWE-22

Critical

PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-8823)

CVE-2018-8823

CWE-94

Critical

PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-8824)

CVE-2018-8824

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9019)

CVE-2018-9019

CWE-138

Critical

Open Resty Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9230)

CVE-2018-9230

CWE-138

Critical

SharePoint Improper Input Validation Vulnerability (CVE-2019-0604)

CVE-2019-0604

CWE-20

Critical

Apache HTTP Server Use After Free Vulnerability (CVE-2019-10082)

CVE-2019-10082

CWE-416

Critical

Oracle HTTP Server Use After Free Vulnerability (CVE-2019-10082)

CVE-2019-10082

CWE-416

Critical

Python Credentials Management Errors Vulnerability (CVE-2019-10160)

CVE-2019-10160

-

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10202)

CVE-2019-10202

CWE-502

Critical

PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10211)

CVE-2019-10211

CWE-20

Critical

Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)

CVE-2019-10212

CWE-532

Critical

Jboss EAP Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)

CVE-2019-10212

CWE-532

Critical

Contao Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10641)

CVE-2019-10641

CWE-640

Critical

Contao Key Management Errors Vulnerability (CVE-2019-10643)

CVE-2019-10643

-

Critical

Lodash Other Vulnerability (CVE-2019-10744)

CVE-2019-10744

-

Critical

Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10910)

CVE-2019-10910

CWE-138

Critical

Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-10945)

CVE-2019-10945

CWE-22

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2019-11034)

CVE-2019-11034

CWE-125

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2019-11035)

CVE-2019-11035

CWE-125

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2019-11036)

CVE-2019-11036

CWE-125

Critical

PHP Integer Overflow or Wraparound Vulnerability (CVE-2019-11039)

CVE-2019-11039

CWE-190

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2019-11040)

CVE-2019-11040

CWE-125

Critical

PHP Out-of-bounds Write Vulnerability (CVE-2019-11043)

CVE-2019-11043

CWE-787

Critical

PHP Double Free Vulnerability (CVE-2019-11049)

CVE-2019-11049

CWE-415

Critical

Lighttpd Integer Overflow or Wraparound Vulnerability (CVE-2019-11072)

CVE-2019-11072

CWE-190

Critical

Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-11512)

CVE-2019-11512

CWE-138

Critical

Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-11581)

CVE-2019-11581

CWE-138

Critical

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-11768)

CVE-2019-11768

CWE-138

Critical

Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-11831)

CVE-2019-11831

CWE-22

Critical

Joomla Deserialization of Untrusted Data Vulnerability (CVE-2019-11831)

CVE-2019-11831

CWE-502

Critical

silverstripeCMS CVE-2019-12204 Vulnerability (CVE-2019-12204)

CVE-2019-12204

-

Critical

MediaWiki Missing Authentication for Critical Function Vulnerability (CVE-2019-12468)

CVE-2019-12468

CWE-306

Critical

Squid Out-of-bounds Write Vulnerability (CVE-2019-12519)

CVE-2019-12519

CWE-787

Critical

Squid CVE-2019-12523 Vulnerability (CVE-2019-12523)

CVE-2019-12523

-

Critical

Squid Missing Authentication for Critical Function Vulnerability (CVE-2019-12524)

CVE-2019-12524

CWE-306

Critical

Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-12525)

CVE-2019-12525

CWE-119

Critical

Squid Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2019-12526)

CVE-2019-12526

CWE-120

Critical

TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747)

CVE-2019-12747

CWE-502

Critical

Joomla Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-12765)

CVE-2019-12765

CWE-1236

Critical

Python Out-of-bounds Write Vulnerability (CVE-2019-12900)

CVE-2019-12900

CWE-787

Critical

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-13082)

CVE-2019-13082

CWE-434

Critical

PHP Use After Free Vulnerability (CVE-2019-13224)

CVE-2019-13224

CWE-416

Critical

WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-13292)

CVE-2019-13292

CWE-138

Critical

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13363)

CVE-2019-13363

CWE-352

Critical

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13364)

CVE-2019-13364

CWE-707

Critical

Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-14234)

CVE-2019-14234

CWE-138

Critical

Axway Secure Transport Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-14277)

CVE-2019-14277

CWE-611

Critical

Jboss EAP Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-14379)

CVE-2019-14379

CWE-915

Critical

YOURLS Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-14537)

CVE-2019-14537

CWE-843

Critical

MySQL Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)

CVE-2019-14540

CWE-502

Critical