v.26.4.2314

Critical Severity Vulnerabilities

Found 1593 vulnerabilities at Critical severity.

Vulnerability Name

CVE

CWE

Severity

Magento CVE-2019-8144 Vulnerability (CVE-2019-8144)

CVE-2019-8144

-

Critical

Magento Insufficient Session Expiration Vulnerability (CVE-2019-8149)

CVE-2019-8149

CWE-613

Critical

Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2019-8158)

CVE-2019-8158

CWE-91

Critical

Sqlite Out-of-bounds Read Vulnerability (CVE-2019-8457)

CVE-2019-8457

CWE-125

Critical

PHP Use After Free Vulnerability (CVE-2019-9020)

CVE-2019-9020

CWE-416

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2019-9021)

CVE-2019-9021

CWE-125

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2019-9023)

CVE-2019-9023

CWE-125

Critical

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9025)

CVE-2019-9025

CWE-119

Critical

Nexus Repository Manager Improper Authentication Vulnerability (CVE-2019-9629)

CVE-2019-9629

CWE-287

Critical

Python CVE-2019-9636 Vulnerability (CVE-2019-9636)

CVE-2019-9636

-

Critical

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9641)

CVE-2019-9641

CWE-119

Critical

Artifactory CVE-2019-9733 Vulnerability (CVE-2019-9733)

CVE-2019-9733

-

Critical

Envoy Proxy Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-9901)

CVE-2019-9901

CWE-706

Critical

Python Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9948)

CVE-2019-9948

CWE-22

Critical

LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9960)

CVE-2019-9960

CWE-22

Critical

TwistedHTTP Request Splitting Vulnerability (CVE-2020-10108)

CVE-2020-10108

-

Critical

TwistedHTTP Request Splitting Vulnerability (CVE-2020-10109)

CVE-2020-10109

-

Critical

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10243)

CVE-2020-10243

CWE-138

Critical

MediaWiki Improper Privilege Management Vulnerability (CVE-2020-10534)

CVE-2020-10534

CWE-269

Critical

Serendipity Remote Code Execution (CVE-2020-10964)

CVE-2020-10964

-

Critical

TYPO3 Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2020-11066)

CVE-2020-11066

CWE-915

Critical

Sqlite Use After Free Vulnerability (CVE-2020-11656)

CVE-2020-11656

CWE-416

Critical

qdPM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11811)

CVE-2020-11811

CWE-434

Critical

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-11812)

CVE-2020-11812

CWE-138

Critical

Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11815)

CVE-2020-11815

CWE-434

Critical

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-11816)

CVE-2020-11816

CWE-138

Critical

Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11817)

CVE-2020-11817

CWE-434

Critical

Rukovoditel Improper Input Validation Vulnerability (CVE-2020-11819)

CVE-2020-11819

CWE-20

Critical

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-11820)

CVE-2020-11820

CWE-138

Critical

Squid Integer Overflow or Wraparound Vulnerability (CVE-2020-11945)

CVE-2020-11945

CWE-190

Critical

Apache HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-11984)

CVE-2020-11984

CWE-120

Critical

Roundcube Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-12640)

CVE-2020-12640

CWE-22

Critical

Roundcube Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2020-12641)

CVE-2020-12641

CWE-707

Critical

Drupal CVE-2020-13665 Vulnerability (CVE-2020-13665)

CVE-2020-13665

-

Critical

Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13675)

CVE-2020-13675

CWE-434

Critical

Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2020-14172)

CVE-2020-14172

CWE-502

Critical

WebLogic CVE-2020-14625 Vulnerability (CVE-2020-14625)

CVE-2020-14625

-

Critical

WebLogic CVE-2020-14644 Vulnerability (CVE-2020-14644)

CVE-2020-14644

-

Critical

WebLogic CVE-2020-14645 Vulnerability (CVE-2020-14645)

CVE-2020-14645

-

Critical

WebLogic CVE-2020-14687 Vulnerability (CVE-2020-14687)

CVE-2020-14687

-

Critical

WebLogic CVE-2020-14750 Vulnerability (CVE-2020-14750)

CVE-2020-14750

-

Critical

WebLogic CVE-2020-14825 Vulnerability (CVE-2020-14825)

CVE-2020-14825

-

Critical

WebLogic CVE-2020-14841 Vulnerability (CVE-2020-14841)

CVE-2020-14841

-

Critical

WebLogic CVE-2020-14859 Vulnerability (CVE-2020-14859)

CVE-2020-14859

-

Critical

WebLogic CVE-2020-14882 Vulnerability (CVE-2020-14882)

CVE-2020-14882

-

Critical

Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153)

CVE-2020-15153

CWE-138

Critical

PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15160)

CVE-2020-15160

CWE-138

Critical

Pega Infinity Improper Privilege Management Vulnerability (CVE-2020-15390)

CVE-2020-15390

CWE-269

Critical

Python Incorrect Authorization Vulnerability (CVE-2020-15801)

CVE-2020-15801

CWE-863

Critical

SharePoint CVE-2020-17118 Vulnerability (CVE-2020-17118)

CVE-2020-17118

-

Critical

Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-19138)

CVE-2020-19138

CWE-434

Critical

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19213)

CVE-2020-19213

CWE-138

Critical

SharePoint Improper Input Validation Vulnerability (CVE-2020-1025)

CVE-2020-1025

CWE-20

Critical

Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)

CVE-2020-1745

CWE-200

Critical

Apache Tomcat Other Vulnerability (CVE-2020-1938)

CVE-2020-1938

-

Critical

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-1944)

CVE-2020-1944

CWE-444

Critical

Oracle Database Server Improper Input Validation Vulnerability (CVE-2020-1953)

CVE-2020-1953

CWE-20

Critical

phpList Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-22249)

CVE-2020-22249

CWE-434

Critical

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-22452)

CVE-2020-22452

CWE-138

Critical

MyBB CVE-2020-22612 Vulnerability (CVE-2020-22612)

CVE-2020-22612

-

Critical

WeBid Incorrect Comparison Vulnerability (CVE-2020-23359)

CVE-2020-23359

CWE-697

Critical

osCommerce Incorrect Comparison Vulnerability (CVE-2020-23360)

CVE-2020-23360

CWE-697

Critical

phpList Incorrect Comparison Vulnerability (CVE-2020-23361)

CVE-2020-23361

CWE-697

Critical

Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24407)

CVE-2020-24407

CWE-434

Critical

osTicket Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-24881)

CVE-2020-24881

CWE-918

Critical

MODX Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25911)

CVE-2020-25911

CWE-611

Critical

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-26935)

CVE-2020-26935

CWE-138

Critical

Python CVE-2020-27619 Vulnerability (CVE-2020-27619)

CVE-2020-27619

-

Critical

Grafana Signature Verification Vulnerability (CVE-2020-27846)

CVE-2020-27846

-

Critical

osCommerce Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-27976)

CVE-2020-27976

CWE-138

Critical

WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-28032)

CVE-2020-28032

CWE-502

Critical

WordPress Improper Privilege Management Vulnerability (CVE-2020-28035)

CVE-2020-28035

CWE-269

Critical

WordPress Improper Privilege Management Vulnerability (CVE-2020-28036)

CVE-2020-28036

CWE-269

Critical

WordPress Improper Input Validation Vulnerability (CVE-2020-28037)

CVE-2020-28037

CWE-20

Critical

WordPress CVE-2020-28039 Vulnerability (CVE-2020-28039)

CVE-2020-28039

-

Critical