v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2

Vulnerability Name

CVE

CWE

Severity

RubyGems Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000079)

CVE-2018-1000079

CWE-22

Medium

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000195)

CVE-2018-1000195

CWE-352

Medium

Jenkins CVE-2018-1000408 Vulnerability (CVE-2018-1000408)

CVE-2018-1000408

-

Medium

Jenkins Session Fixation Vulnerability (CVE-2018-1000409)

CVE-2018-1000409

CWE-384

Medium

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7724)

CVE-2018-7724

CWE-352

Medium

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1890)

CVE-2011-1890

CWE-707

Medium

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11586)

CVE-2019-11586

CWE-352

Medium

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11587)

CVE-2019-11587

CWE-352

Medium

Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6356)

CVE-2018-6356

CWE-22

Medium

React Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6341)

CVE-2018-6341

CWE-707

Medium

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11584)

CVE-2019-11584

CWE-707

Medium

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9061)

CVE-2017-9061

CWE-707

Medium

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6844)

CVE-2018-6844

CWE-707

Medium

WordPress Incorrect Default Permissions Vulnerability (CVE-2011-1762)

CVE-2011-1762

CWE-276

Medium

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-6883)

CVE-2018-6883

CWE-138

Medium

MediaWiki Improper Input Validation Vulnerability (CVE-2011-0003)

CVE-2011-0003

CWE-20

Medium

ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11533)

CVE-2019-11533

CWE-707

Medium

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11537)

CVE-2019-11537

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1497)

CVE-2011-1497

CWE-707

Medium

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5312)

CVE-2010-5312

CWE-707

Medium

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1765)

CVE-2011-1765

CWE-707

Medium

Plone CMS Improper Input Validation Vulnerability (CVE-2011-4462)

CVE-2011-4462

CWE-20

Medium

Atlassian Jira CVE-2019-11583 Vulnerability (CVE-2019-11583)

CVE-2019-11583

-

Medium

Liferay Portal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1502)

CVE-2011-1502

CWE-200

Medium

MediaWiki Improper Authentication Vulnerability (CVE-2011-1766)

CVE-2011-1766

CWE-287

Medium

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7722)

CVE-2018-7722

CWE-707

Medium

PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0208)

CVE-2006-0208

CWE-707

Low

Jboss EAP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-4874)

CVE-2026-4874

CWE-918

Low

Oracle Database Server Improper Access Control Vulnerability (CVE-2025-61749)

CVE-2025-61749

CWE-284

Low

EspoCRM Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2026-33659)

CVE-2026-33659

CWE-367

Low

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4525)

CVE-2013-4525

CWE-707

Low

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4995)

CVE-2013-4995

CWE-707

Low

MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-2922)

CVE-2020-2922

CWE-200

Low

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3629)

CVE-2009-3629

CWE-707

Low

Drupal Other Vulnerability (CVE-2006-2832)

CVE-2006-2832

-

Low

Python Improper Input Validation Vulnerability (CVE-2026-4519)

CVE-2026-4519

CWE-20

Low

MediaWiki Other Vulnerability (CVE-2006-2895)

CVE-2006-2895

-

Low

Oracle JRE Improper Access Control Vulnerability (CVE-2025-61748)

CVE-2025-61748

CWE-284

Low

MySQL Other Vulnerability (CVE-2006-4226)

CVE-2006-4226

-

Low

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3554)

CVE-2009-3554

CWE-200

Low

Django Missing Authorization Vulnerability (CVE-2026-4292)

CVE-2026-4292

CWE-862

Low

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4340)

CVE-2013-4340

CWE-264

Low

Oracle Application Server CVE-2006-3707 Vulnerability (CVE-2006-3707)

CVE-2006-3707

-

Low

PHP Other Vulnerability (CVE-2006-7204)

CVE-2006-7204

-

Low

Hiawatha CVE-2025-57784 Vulnerability (CVE-2025-57784)

CVE-2025-57784

-

Low

Python Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4944)

CVE-2011-4944

CWE-264

Low

SharePoint CVE-2023-23395 Vulnerability (CVE-2023-23395)

CVE-2023-23395

-

Low

Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4753)

CVE-2013-4753

CWE-707

Low

PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-0754)

CVE-2009-0754

CWE-134

Low

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3586)

CVE-2014-3586

CWE-264

Low

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3551)

CVE-2014-3551

CWE-707

Low

MySQL Other Vulnerability (CVE-2006-4031)

CVE-2006-4031

-

Low

Atlassian Jira Other Vulnerability (CVE-2006-3338)

CVE-2006-3338

-

Low

TYPO3 Uncaught Exception Vulnerability (CVE-2025-59014)

CVE-2025-59014

CWE-248

Low

Python Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4940)

CVE-2011-4940

CWE-707

Low

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4308)

CVE-2008-4308

CWE-200

Low

OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3566)

CVE-2014-3566

-

Low

Oracle Application Server CVE-2008-3987 Vulnerability (CVE-2008-3987)

CVE-2008-3987

-

Low

Oracle JRE CVE-2013-2415 Vulnerability (CVE-2013-2415)

CVE-2013-2415

-

Low

PostgreSQL CVE-2022-41862 Vulnerability (CVE-2022-41862)

CVE-2022-41862

-

Low

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0737)

CVE-2009-0737

CWE-707

Low

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4523)

CVE-2013-4523

CWE-707

Low

Drupal Other Vulnerability (CVE-2007-0124)

CVE-2007-0124

-

Low

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3050)

CVE-2014-3050

CWE-200

Low

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3891)

CVE-2009-3891

CWE-707

Low

MySQL CVE-2013-2381 Vulnerability (CVE-2013-2381)

CVE-2013-2381

-

Low

MySQL Numeric Errors Vulnerability (CVE-2006-3486)

CVE-2006-3486

-

Low

CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2026-35496)

CVE-2026-35496

CWE-22

Low

MediaWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-61634)

CVE-2025-61634

CWE-22

Low

Werkzeug WSGI CVE-2023-23934 Vulnerability (CVE-2023-23934)

CVE-2023-23934

-

Low

MySQL CVE-2013-2391 Vulnerability (CVE-2013-2391)

CVE-2013-2391

-

Low

Plone CMS Improper Input Validation Vulnerability (CVE-2013-4199)

CVE-2013-4199

CWE-20

Low

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3544)

CVE-2014-3544

CWE-707

Low

Drupal Other Vulnerability (CVE-2006-2833)

CVE-2006-2833

-

Low

Oracle Application Server CVE-2008-3986 Vulnerability (CVE-2008-3986)

CVE-2008-3986

-

Low

«
1
...
185
186
187
...
196
»