v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2

Vulnerability Name

CVE

CWE

Severity

Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-7269)

CVE-2017-7269

CWE-119

Critical

Drupal CVE-2017-6925 Vulnerability (CVE-2017-6925)

CVE-2017-6925

-

Critical

Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2017-5983)

CVE-2017-5983

CWE-502

Critical

Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-7503)

CVE-2017-7503

CWE-611

Critical

ReviveAdserver Deserialization of Untrusted Data Vulnerability (CVE-2017-5830)

CVE-2017-5830

CWE-502

Critical

Apache Tomcat CVE-2017-5651 Vulnerability (CVE-2017-5651)

CVE-2017-5651

-

Critical

Apache Tomcat Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-5648)

CVE-2017-5648

CWE-668

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2017-5645)

CVE-2017-5645

CWE-502

Critical

WebLogic Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5638)

CVE-2017-5638

CWE-755

Critical

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5611)

CVE-2017-5611

CWE-138

Critical

Jboss EAP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-7465)

CVE-2017-7465

CWE-94

Critical

Jboss Deserialization of Untrusted Data Vulnerability (CVE-2017-7504)

CVE-2017-7504

CWE-502

Critical

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5344)

CVE-2017-5344

CWE-138

Critical

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-8917)

CVE-2017-8917

CWE-138

Critical

TYPO3 Improper Authentication Vulnerability (CVE-2011-4628)

CVE-2011-4628

CWE-287

Critical

PHP Out-of-bounds Write Vulnerability (CVE-2017-9226)

CVE-2017-9226

CWE-787

Critical

PHP Out-of-bounds Read Vulnerability (CVE-2017-9224)

CVE-2017-9224

CWE-125

Critical

PHP Integer Overflow or Wraparound Vulnerability (CVE-2017-9120)

CVE-2017-9120

CWE-190

Critical

PHP Uncontrolled Resource Consumption Vulnerability (CVE-2017-9119)

CVE-2017-9119

CWE-400

Critical

PHP Improper Input Validation Vulnerability (CVE-2017-8923)

CVE-2017-8923

CWE-20

Critical

MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-8809)

CVE-2017-8809

CWE-138

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-7525)

CVE-2017-7525

CWE-502

Critical

Varnish Cache Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8807)

CVE-2017-8807

CWE-119

Critical

Dolibarr Inadequate Encryption Strength Vulnerability (CVE-2017-7888)

CVE-2017-7888

CWE-326

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-7886)

CVE-2017-7886

CWE-138

Critical

Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-7679)

CVE-2017-7679

CWE-119

Critical

Jetty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7658)

CVE-2017-7658

CWE-444

Critical

Jetty Integer Overflow or Wraparound Vulnerability (CVE-2017-7657)

CVE-2017-7657

CWE-190

Critical

PostgreSQL Improper Authentication Vulnerability (CVE-2017-7546)

CVE-2017-7546

CWE-287

Critical

b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5539)

CVE-2017-5539

CWE-22

Critical

PHP Integer Overflow or Wraparound Vulnerability (CVE-2017-5340)

CVE-2017-5340

CWE-190

Critical

Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14064)

CVE-2017-14064

CWE-119

Critical

osTicket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-15580)

CVE-2017-15580

CWE-434

Critical

Nexus Repository Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2017-17717)

CVE-2017-17717

CWE-327

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-17485)

CVE-2017-17485

CWE-502

Critical

MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16780)

CVE-2017-16780

CWE-352

Critical

Joomla Improper Authentication Vulnerability (CVE-2017-16634)

CVE-2017-16634

CWE-287

Critical

Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-16558)

CVE-2017-16558

CWE-138

Critical

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-16510)

CVE-2017-16510

CWE-138

Critical

MongoDb CVE-2017-15535 Vulnerability (CVE-2017-15535)

CVE-2017-15535

-

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17897)

CVE-2017-17897

CWE-138

Critical

Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2017-15095)

CVE-2017-15095

CWE-502

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-15095)

CVE-2017-15095

CWE-502

Critical

WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14723)

CVE-2017-14723

CWE-138

Critical

Joomla Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') Vulnerability (CVE-2017-14596)

CVE-2017-14596

CWE-138

Critical

osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14396)

CVE-2017-14396

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14242)

CVE-2017-14242

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14238)

CVE-2017-14238

CWE-138

Critical

Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-17790)

CVE-2017-17790

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17899)

CVE-2017-17899

CWE-138

Critical

Oracle JRE CVE-2012-0497 Vulnerability (CVE-2012-0497)

CVE-2012-0497

-

Critical

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169)

CVE-2017-3169

CWE-476

Critical

Oracle JRE CVE-2012-0498 Vulnerability (CVE-2012-0498)

CVE-2012-0498

-

Critical

Oracle JRE CVE-2012-0499 Vulnerability (CVE-2012-0499)

CVE-2012-0499

-

Critical

Oracle JRE CVE-2012-0500 Vulnerability (CVE-2012-0500)

CVE-2012-0500

-

Critical

Oracle JRE CVE-2012-0504 Vulnerability (CVE-2012-0504)

CVE-2012-0504

-

Critical

WebLogic CVE-2017-3248 Vulnerability (CVE-2017-3248)

CVE-2017-3248

-

Critical

Oracle JRE CVE-2012-0507 Vulnerability (CVE-2012-0507)

CVE-2012-0507

-

Critical

Apache HTTP Server Improper Authentication Vulnerability (CVE-2017-3167)

CVE-2017-3167

CWE-287

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17900)

CVE-2017-17900

CWE-138

Critical

Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-2641)

CVE-2017-2641

CWE-138

Critical

phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20032)

CVE-2017-20032

CWE-138

Critical

phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20029)

CVE-2017-20029

CWE-138

Critical

Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-20005)

CVE-2017-20005

CWE-190

Critical

Oracle Database Server CVE-2012-0552 Vulnerability (CVE-2012-0552)

CVE-2012-0552

-

Critical

phpMyAdmin CVE-2017-18264 Vulnerability (CVE-2017-18264)

CVE-2017-18264

-

Critical

SugarCRM Improper Input Validation Vulnerability (CVE-2012-0694)

CVE-2012-0694

CWE-20

Critical

Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27493)

CVE-2023-27493

-

Critical

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9788)

CVE-2017-9788

CWE-200

Critical

Wordpress Plugin Backup Migration CVE-2023-6553 Vulnerability (CVE-2023-6553)

CVE-2023-6553

-

Critical

PHP Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-3566)

CVE-2024-3566

CWE-138

Critical

Envoy Proxy Use After Free Vulnerability (CVE-2024-39305)

CVE-2024-39305

CWE-416

Critical

SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-53770)

CVE-2025-53770

CWE-502

Critical

PaperCut NG/MF Path Traversal (CVE-2023-39143)

CVE-2023-39143

CWE-22

Critical

Palo Alto PAN-OS Management Interface Auth Bypass (CVE-2024-0012/CVE-2024-9474)

CVE-2024-9474

CWE-306

Critical

«
1
...
15
16
17
...
196
»