v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2

Vulnerability Name

CVE

CWE

Severity

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-10094)

CVE-2018-10094

CWE-138

Critical

WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36155)

CVE-2020-36155

CWE-269

Critical

PrestaShop Improper Authentication Vulnerability (CVE-2020-4074)

CVE-2020-4074

CWE-287

Critical

Magento CVE-2020-3718 Vulnerability (CVE-2020-3718)

CVE-2020-3718

-

Critical

Magento Deserialization of Untrusted Data Vulnerability (CVE-2020-3716)

CVE-2020-3716

CWE-502

Critical

EspoCRM Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-37094)

CVE-2020-37094

CWE-639

Critical

WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-36326)

CVE-2020-36326

CWE-502

Critical

WordPress Ultimate Member Plugin CVE-2020-36157 Vulnerability (CVE-2020-36157)

CVE-2020-36157

-

Critical

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-35613)

CVE-2020-35613

CWE-138

Critical

Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-6754)

CVE-2020-6754

CWE-22

Critical

WordPress Improper Input Validation Vulnerability (CVE-2020-35539)

CVE-2020-35539

CWE-20

Critical

Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-35527)

CVE-2020-35527

CWE-119

Critical

WP Plugin Contact Form 7 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-35489)

CVE-2020-35489

CWE-434

Critical

SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2008-4019)

CVE-2008-4019

CWE-190

Critical

Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)

CVE-2020-35190

CWE-306

Critical

Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-35169)

CVE-2020-35169

CWE-20

Critical

IBM WebSEAL Missing Authorization Vulnerability (CVE-2020-4499)

CVE-2020-4499

CWE-862

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2020-7059)

CVE-2020-7059

CWE-125

Critical

Oracle HTTP Server Other Vulnerability (CVE-2020-35167)

CVE-2020-35167

-

Critical

SharePoint Resource Management Errors Vulnerability (CVE-2008-3006)

CVE-2008-3006

-

Critical

Ruby Integer Overflow or Wraparound Vulnerability (CVE-2008-2663)

CVE-2008-2663

CWE-190

Critical

phpList Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2020-8547)

CVE-2020-8547

CWE-843

Critical

Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8165)

CVE-2020-8165

CWE-502

Critical

Dolibarr Improper Authentication Vulnerability (CVE-2020-7995)

CVE-2020-7995

CWE-287

Critical

Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-7961)

CVE-2020-7961

CWE-502

Critical

Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)

CVE-2020-7941

CWE-269

Critical

Dolphin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3167)

CVE-2008-3167

CWE-94

Critical

WebLogic Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-3257)

CVE-2008-3257

CWE-119

Critical

SugarCRM Missing Authorization Vulnerability (CVE-2020-7472)

CVE-2020-7472

CWE-862

Critical

Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-7471)

CVE-2020-7471

CWE-138

Critical

phpBB CVE-2008-3224 Vulnerability (CVE-2008-3224)

CVE-2008-3224

-

Critical

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3225)

CVE-2008-3225

CWE-264

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2020-7061)

CVE-2020-7061

CWE-125

Critical

Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)

CVE-2008-3232

CWE-94

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2020-7060)

CVE-2020-7060

CWE-125

Critical

Oracle HTTP Server Other Vulnerability (CVE-2020-35168)

CVE-2020-35168

-

Critical

Oracle HTTP Server Other Vulnerability (CVE-2020-35166)

CVE-2020-35166

-

Critical

OpenVPN AS Improper Authentication Vulnerability (CVE-2020-8953)

CVE-2020-8953

CWE-287

Critical

WordPress CVE-2008-6767 Vulnerability (CVE-2008-6767)

CVE-2008-6767

-

Critical

Grafana Signature Verification Vulnerability (CVE-2020-27846)

CVE-2020-27846

-

Critical

Python CVE-2020-27619 Vulnerability (CVE-2020-27619)

CVE-2020-27619

-

Critical

PrestaShop CVE-2008-5791 Vulnerability (CVE-2008-5791)

CVE-2008-5791

-

Critical

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-26935)

CVE-2020-26935

CWE-138

Critical

Drupal Configuration Vulnerability (CVE-2008-6171)

CVE-2008-6171

-

Critical

MODX Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25911)

CVE-2020-25911

CWE-611

Critical

osTicket Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-24881)

CVE-2020-24881

CWE-918

Critical

WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-28032)

CVE-2020-28032

CWE-502

Critical

Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24407)

CVE-2020-24407

CWE-434

Critical

phpList Incorrect Comparison Vulnerability (CVE-2020-23361)

CVE-2020-23361

CWE-697

Critical

osCommerce Incorrect Comparison Vulnerability (CVE-2020-23360)

CVE-2020-23360

CWE-697

Critical

WeBid Incorrect Comparison Vulnerability (CVE-2020-23359)

CVE-2020-23359

CWE-697

Critical

MyBB CVE-2020-22612 Vulnerability (CVE-2020-22612)

CVE-2020-22612

-

Critical

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-22452)

CVE-2020-22452

CWE-138

Critical

osCommerce Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-27976)

CVE-2020-27976

CWE-138

Critical

WordPress Improper Privilege Management Vulnerability (CVE-2020-28035)

CVE-2020-28035

CWE-269

Critical

Oracle HTTP Server Use of Insufficiently Random Values Vulnerability (CVE-2020-35163)

CVE-2020-35163

CWE-330

Critical

WordPress Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2008-4796)

CVE-2008-4796

CWE-138

Critical

WebLogic CVE-2020-2884 Vulnerability (CVE-2020-2884)

CVE-2020-2884

-

Critical

WebLogic CVE-2020-2883 Vulnerability (CVE-2020-2883)

CVE-2020-2883

-

Critical

WebLogic CVE-2020-2801 Vulnerability (CVE-2020-2801)

CVE-2020-2801

-

Critical

WebLogic CVE-2020-2551 Vulnerability (CVE-2020-2551)

CVE-2020-2551

-

Critical

WebLogic CVE-2020-2546 Vulnerability (CVE-2020-2546)

CVE-2020-2546

-

Critical

WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-4769)

CVE-2008-4769

CWE-22

Critical

Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29508)

CVE-2020-29508

CWE-20

Critical

WordPress Improper Privilege Management Vulnerability (CVE-2020-28036)

CVE-2020-28036

CWE-269

Critical

Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29507)

CVE-2020-29507

CWE-20

Critical

Oracle HTTP Server Other Vulnerability (CVE-2020-29506)

CVE-2020-29506

-

Critical

Python Numeric Errors Vulnerability (CVE-2008-5031)

CVE-2008-5031

-

Critical

ownCloud Improper Input Validation Vulnerability (CVE-2020-28645)

CVE-2020-28645

CWE-20

Critical

WordPress CVE-2020-28039 Vulnerability (CVE-2020-28039)

CVE-2020-28039

-

Critical

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-5557)

CVE-2008-5557

CWE-119

Critical

WordPress Improper Input Validation Vulnerability (CVE-2020-28037)

CVE-2020-28037

CWE-20

Critical

Ruby Numeric Errors Vulnerability (CVE-2008-2662)

CVE-2008-2662

-

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9546)

CVE-2020-9546

CWE-502

Critical

phpList Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-22249)

CVE-2020-22249

CWE-434

Critical

1
2
3
4
...
196
»