v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2

Vulnerability Name

CVE

CWE

Severity

Apache Tomcat Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-9774)

CVE-2016-9774

CWE-59

High

phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000018)

CVE-2017-1000018

CWE-20

High

SharePoint Use After Free Vulnerability (CVE-2025-47168)

CVE-2025-47168

CWE-416

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000356)

CVE-2017-1000356

CWE-352

High

Jenkins Improper Authentication Vulnerability (CVE-2017-1000354)

CVE-2017-1000354

CWE-287

High

Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000129)

CVE-2017-1000129

CWE-138

High

MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000067)

CVE-2017-1000067

CWE-138

High

SharePoint Heap-based Buffer Overflow Vulnerability (CVE-2025-47169)

CVE-2025-47169

CWE-122

High

GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000029)

CVE-2017-1000029

CWE-200

High

GlassFish Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000028)

CVE-2017-1000028

CWE-22

High

phpMyAdmin Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000017)

CVE-2017-1000017

CWE-918

High

MediaWiki CVE-2017-0371 Vulnerability (CVE-2017-0371)

CVE-2017-0371

-

High

phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000016)

CVE-2017-1000016

CWE-20

High

phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000014)

CVE-2017-1000014

CWE-20

High

SharePoint Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-47172)

CVE-2025-47172

CWE-138

High

Tornado Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-47287)

CVE-2025-47287

CWE-770

High

RubyGems Origin Validation Error Vulnerability (CVE-2017-0902)

CVE-2017-0902

CWE-346

High

RubyGems Improper Input Validation Vulnerability (CVE-2017-0901)

CVE-2017-0901

CWE-20

High

RubyGems Improper Input Validation Vulnerability (CVE-2017-0900)

CVE-2017-0900

CWE-20

High

TYPO3 Unverified Ownership Vulnerability (CVE-2025-47940)

CVE-2025-47940

CWE-283

High

TYPO3 Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-47941)

CVE-2025-47941

CWE-288

High

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9775)

CVE-2016-9775

CWE-264

High

Serendipity Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9752)

CVE-2016-9752

CWE-918

High

Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)

CVE-2016-8745

-

High

SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-49712)

CVE-2025-49712

CWE-502

High

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9127)

CVE-2016-9127

CWE-352

High

XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49587)

CVE-2025-49587

CWE-357

High

Apache HTTP Server Reachable Assertion Vulnerability (CVE-2025-49630)

CVE-2025-49630

CWE-617

High

SharePoint Improper Authorization Vulnerability (CVE-2025-49701)

CVE-2025-49701

CWE-285

High

SharePoint Use After Free Vulnerability (CVE-2025-49703)

CVE-2025-49703

CWE-416

High

Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)

CVE-2016-9014

CWE-264

High

SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49704)

CVE-2025-49704

CWE-94

High

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8908)

CVE-2016-8908

CWE-138

High

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8907)

CVE-2016-8907

CWE-138

High

Grafana Missing Authentication for Critical Function Vulnerability (CVE-2019-15043)

CVE-2019-15043

CWE-306

High

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8906)

CVE-2016-8906

CWE-138

High

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8905)

CVE-2016-8905

CWE-138

High

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8904)

CVE-2016-8904

CWE-138

High

Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2025-49763)

CVE-2025-49763

CWE-400

High

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8903)

CVE-2016-8903

CWE-138

High

Apache HTTP Server Improper Authentication Vulnerability (CVE-2025-49812)

CVE-2025-49812

CWE-287

High

Next.js Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-49826)

CVE-2025-49826

-

High

Joomla Improper Input Validation Vulnerability (CVE-2016-8870)

CVE-2016-8870

CWE-20

High

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8747)

CVE-2016-8747

CWE-200

High

XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-49586)

CVE-2025-49586

CWE-863

High

XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49585)

CVE-2025-49585

CWE-357

High

IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-9707)

CVE-2016-9707

CWE-611

High

Apache Tomcat Untrusted Search Path Vulnerability (CVE-2025-49124)

CVE-2025-49124

CWE-426

High

WildFly Application Server Uncontrolled Resource Consumption Vulnerability (CVE-2016-9589)

CVE-2016-9589

CWE-400

High

b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479)

CVE-2016-9479

-

High

ownCloud Improper Authentication Vulnerability (CVE-2016-9463)

CVE-2016-9463

CWE-287

High

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9456)

CVE-2016-9456

CWE-352

High

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455)

CVE-2016-9455

CWE-352

High

Drupal Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-9450)

CVE-2016-9450

CWE-345

High

Roundcube Deserialization of Untrusted Data Vulnerability (CVE-2025-49113)

CVE-2025-49113

CWE-502

High

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9418)

CVE-2016-9418

CWE-200

High

MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9417)

CVE-2016-9417

CWE-918

High

MyBB Improper Access Control Vulnerability (CVE-2016-9415)

CVE-2016-9415

CWE-284

High

XWikiplatform Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-49584)

CVE-2025-49584

CWE-201

High

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9414)

CVE-2016-9414

CWE-200

High

Apache Tomcat Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-49125)

CVE-2025-49125

CWE-288

High

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9410)

CVE-2016-9410

CWE-200

High

XWikiplatform Incorrect Privilege Assignment Vulnerability (CVE-2025-49580)

CVE-2025-49580

CWE-266

High

XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49581)

CVE-2025-49581

CWE-94

High

XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49582)

CVE-2025-49582

CWE-357

High

Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)

CVE-2016-9268

CWE-434

High

Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9187)

CVE-2016-9187

CWE-434

High

Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9186)

CVE-2016-9186

CWE-434

High

phpMyAdmin Resource Management Errors Vulnerability (CVE-2016-5706)

CVE-2016-5706

-

High

MySQL CVE-2016-5625 Vulnerability (CVE-2016-5625)

CVE-2016-5625

-

High

WebLogic CVE-2016-0577 Vulnerability (CVE-2016-0577)

CVE-2016-0577

-

High

GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1950)

CVE-2016-1950

CWE-119

High

Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-62254)

CVE-2025-62254

CWE-22

High

OpenSSL Resource Management Errors Vulnerability (CVE-2016-2109)

CVE-2016-2109

-

High

Liferay DXP Uncontrolled Resource Consumption Vulnerability (CVE-2025-62260)

CVE-2025-62260

CWE-400

High

«
1
...
35
36
37
...
196
»