v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2

Vulnerability Name

CVE

CWE

Severity

Ruby Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-28965)

CVE-2021-28965

CWE-611

High

Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-28683)

CVE-2021-28683

CWE-476

High

Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-4197)

CVE-2023-4197

CWE-138

High

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223)

CVE-2023-4223

CWE-434

High

Envoy Proxy Integer Overflow or Wraparound Vulnerability (CVE-2021-28682)

CVE-2021-28682

CWE-190

High

Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-28651)

CVE-2021-28651

CWE-400

High

Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28584)

CVE-2021-28584

CWE-22

High

SharePoint CVE-2021-28478 Vulnerability (CVE-2021-28478)

CVE-2021-28478

-

High

Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-28419)

CVE-2021-28419

CWE-138

High

b2evolution Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-28242)

CVE-2021-28242

CWE-138

High

Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)

CVE-2021-28165

CWE-400

High

Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)

CVE-2021-28165

CWE-400

High

WebLogic CVE-2021-2018 Vulnerability (CVE-2021-2018)

CVE-2021-2018

-

High

Squid Use After Free Vulnerability (CVE-2023-49288)

CVE-2023-49288

CWE-416

High

Perl Out-of-bounds Write Vulnerability (CVE-2023-47038)

CVE-2023-47038

CWE-787

High

CubeCart Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-47675)

CVE-2023-47675

CWE-138

High

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-31618)

CVE-2021-31618

CWE-476

High

Perl Out-of-bounds Write Vulnerability (CVE-2023-47039)

CVE-2023-47039

CWE-787

High

MediaWiki Improper Input Validation Vulnerability (CVE-2021-31555)

CVE-2021-31555

CWE-20

High

Django Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-31542)

CVE-2021-31542

CWE-434

High

Sqlite Out-of-bounds Read Vulnerability (CVE-2021-31239)

CVE-2021-31239

CWE-125

High

Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2021-30639)

CVE-2021-30639

CWE-755

High

Rukovoditel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-30224)

CVE-2021-30224

CWE-352

High

Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-47444)

CVE-2023-47444

CWE-94

High

Oracle JRE CVE-2021-2388 Vulnerability (CVE-2021-2388)

CVE-2021-2388

-

High

WebLogic CVE-2021-2378 Vulnerability (CVE-2021-2378)

CVE-2021-2378

-

High

Squid Reachable Assertion Vulnerability (CVE-2023-49286)

CVE-2023-49286

CWE-617

High

WebLogic CVE-2021-2376 Vulnerability (CVE-2021-2376)

CVE-2021-2376

-

High

WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-2351)

CVE-2021-2351

CWE-327

High

XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)

CVE-2023-48240

CWE-918

High

XWiki CVE-2023-48241 Vulnerability (CVE-2023-48241)

CVE-2023-48241

-

High

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-48293)

CVE-2023-48293

CWE-352

High

WebLogic CVE-2021-2157 Vulnerability (CVE-2021-2157)

CVE-2021-2157

-

High

MySQL CVE-2021-2144 Vulnerability (CVE-2021-2144)

CVE-2021-2144

-

High

Squid Out-of-bounds Read Vulnerability (CVE-2023-49285)

CVE-2023-49285

CWE-125

High

WebLogic CVE-2021-2109 Vulnerability (CVE-2021-2109)

CVE-2021-2109

-

High

Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)

CVE-2022-23181

CWE-367

High

Zope Web Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-41050)

CVE-2023-41050

CWE-200

High

PostgreSQL Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2024-10979)

CVE-2024-10979

CWE-610

High

IBM WebSEAL Other Vulnerability (CVE-2023-30997)

CVE-2023-30997

-

High

e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-50907)

CVE-2022-50907

CWE-434

High

Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665)

CVE-2022-4665

CWE-434

High

PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30839)

CVE-2023-30839

CWE-138

High

OpenSSL Double Free Vulnerability (CVE-2022-4450)

CVE-2022-4450

CWE-415

High

phpMyFAQ Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-4409)

CVE-2022-4409

CWE-319

High

Python Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-48566)

CVE-2022-48566

CWE-362

High

Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30944)

CVE-2023-30944

CWE-138

High

Python Use After Free Vulnerability (CVE-2022-48560)

CVE-2022-48560

CWE-416

High

jszip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-48285)

CVE-2022-48285

CWE-22

High

e107 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-50939)

CVE-2022-50939

CWE-22

High

IBM WebSEAL Other Vulnerability (CVE-2023-30998)

CVE-2023-30998

-

High

Apache Traffic Server CVE-2022-47185 Vulnerability (CVE-2022-47185)

CVE-2022-47185

-

High

Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)

CVE-2022-47184

-

High

Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2023-31122)

CVE-2023-31122

CWE-125

High

MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45867)

CVE-2022-45867

CWE-22

High

Dot CMS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-45782)

CVE-2022-45782

CWE-338

High

WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-31216)

CVE-2023-31216

CWE-352

High

Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2022-45143)

CVE-2022-45143

CWE-116

High

Payara Files or Directories Accessible to External Parties Vulnerability (CVE-2022-45129)

CVE-2022-45129

CWE-552

High

e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-50916)

CVE-2022-50916

CWE-434

High

OpenSSL Use After Free Vulnerability (CVE-2023-0215)

CVE-2023-0215

CWE-416

High

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45020)

CVE-2022-45020

CWE-707

High

Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-2315)

CVE-2023-2315

CWE-22

High

phpMyFAQ Uncaught Exception Vulnerability (CVE-2023-0790)

CVE-2023-0790

CWE-248

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29525)

CVE-2023-29525

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29526)

CVE-2023-29526

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29527)

CVE-2023-29527

CWE-138

High

Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771)

CVE-2023-0771

CWE-138

High

PHP Uncontrolled Resource Consumption Vulnerability (CVE-2023-0662)

CVE-2023-0662

CWE-400

High

PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-0568)

CVE-2023-0568

CWE-770

High

OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0464)

CVE-2023-0464

CWE-295

High

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0401)

CVE-2023-0401

CWE-476

High

PostgreSQL CVE-2023-2454 Vulnerability (CVE-2023-2454)

CVE-2023-2454

-

High

Apache Traffic Server CVE-2023-30631 Vulnerability (CVE-2023-30631)

CVE-2023-30631

-

High

osTicket Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-30082)

CVE-2023-30082

CWE-1284

High

«
1
...
43
44
45
...
196
»