v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2

Vulnerability Name

CVE

CWE

Severity

Envoy Proxy Incomplete Cleanup Vulnerability (CVE-2023-35945)

CVE-2023-35945

CWE-459

High

Django Inefficient Regular Expression Complexity Vulnerability (CVE-2023-36053)

CVE-2023-36053

CWE-1333

High

Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-32275)

CVE-2022-32275

CWE-22

High

Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36260)

CVE-2023-36260

CWE-138

High

Microsoft SQL Server CVE-2023-36417 Vulnerability (CVE-2023-36417)

CVE-2023-36417

-

High

Microsoft SQL Server CVE-2023-36420 Vulnerability (CVE-2023-36420)

CVE-2023-36420

-

High

XWiki Incomplete Cleanup Vulnerability (CVE-2023-36468)

CVE-2023-36468

CWE-459

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36469)

CVE-2023-36469

CWE-138

High

Jenkins Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)

CVE-2023-36478

CWE-190

High

SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-35811)

CVE-2023-35811

CWE-138

High

Jetty Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)

CVE-2023-36478

CWE-190

High

Python Uncontrolled Recursion Vulnerability (CVE-2023-36632)

CVE-2023-36632

CWE-674

High

Microsoft SQL Server CVE-2023-36730 Vulnerability (CVE-2023-36730)

CVE-2023-36730

-

High

osTicket Session Fixation Vulnerability (CVE-2022-31888)

CVE-2022-31888

CWE-384

High

SharePoint CVE-2023-36762 Vulnerability (CVE-2023-36762)

CVE-2023-36762

-

High

SharePoint CVE-2023-36764 Vulnerability (CVE-2023-36764)

CVE-2023-36764

-

High

SharePoint CVE-2023-36891 Vulnerability (CVE-2023-36891)

CVE-2023-36891

-

High

SharePoint CVE-2023-36892 Vulnerability (CVE-2023-36892)

CVE-2023-36892

-

High

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31780)

CVE-2022-31780

CWE-20

High

Grafana Improper Authentication Vulnerability (CVE-2022-32276)

CVE-2022-32276

CWE-287

High

SugarCRM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-35810)

CVE-2023-35810

CWE-138

High

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)

CVE-2023-35030

CWE-352

High

Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037)

CVE-2022-34037

CWE-125

High

MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-34750)

CVE-2022-34750

CWE-770

High

Skipper Incorrect Authorization Vulnerability (CVE-2022-34296)

CVE-2022-34296

CWE-863

High

Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-35133)

CVE-2023-35133

CWE-918

High

Magento Incorrect Authorization Vulnerability (CVE-2022-34255)

CVE-2022-34255

CWE-863

High

Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-34254)

CVE-2022-34254

CWE-22

High

Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2022-34253)

CVE-2022-34253

CWE-91

High

Jenkins Incorrect Authorization Vulnerability (CVE-2022-34175)

CVE-2022-34175

CWE-863

High

Jenkins Observable Discrepancy Vulnerability (CVE-2022-34174)

CVE-2022-34174

CWE-203

High

Oracle JRE Incorrect Conversion between Numeric Types Vulnerability (CVE-2022-34169)

CVE-2022-34169

CWE-681

High

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35141)

CVE-2023-35141

CWE-352

High

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-32297)

CVE-2022-32297

CWE-138

High

OpenVPN AS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-33738)

CVE-2022-33738

CWE-338

High

OpenVPN AS Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-33737)

CVE-2022-33737

CWE-532

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35150)

CVE-2023-35150

CWE-94

High

XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-35151)

CVE-2023-35151

CWE-668

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35152)

CVE-2023-35152

CWE-94

High

XWiki CVE-2023-35166 Vulnerability (CVE-2023-35166)

CVE-2023-35166

-

High

SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-35808)

CVE-2023-35808

CWE-434

High

Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-32749)

CVE-2022-32749

CWE-754

High

SugarCRM CVE-2023-35809 Vulnerability (CVE-2023-35809)

CVE-2023-35809

-

High

MongoDb Improper Neutralization of Null Byte or NUL Character Vulnerability (CVE-2024-10921)

CVE-2024-10921

CWE-158

High

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21030)

CVE-2021-21030

CWE-707

High

Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2019-15226)

CVE-2019-15226

CWE-400

High

Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8134)

CVE-2019-8134

CWE-138

High

Magento CVE-2019-8150 Vulnerability (CVE-2019-8150)

CVE-2019-8150

-

High

axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)

CVE-2024-39338

CWE-918

High

Apache HTTP Server Improper Input Validation Vulnerability (CVE-2024-39573)

CVE-2024-39573

CWE-20

High

Magento Deserialization of Untrusted Data Vulnerability (CVE-2019-8141)

CVE-2019-8141

CWE-502

High

Magento CVE-2019-8137 Vulnerability (CVE-2019-8137)

CVE-2019-8137

-

High

Django Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2024-39614)

CVE-2024-39614

CWE-130

High

Next.js Uncontrolled Resource Consumption Vulnerability (CVE-2024-39693)

CVE-2024-39693

CWE-400

High

MongoDb Improper Input Validation Vulnerability (CVE-2024-3372)

CVE-2024-3372

CWE-20

High

Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8130)

CVE-2019-8130

CWE-138

High

Magento Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2019-8154)

CVE-2019-8154

CWE-829

High

Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8127)

CVE-2019-8127

CWE-138

High

Magento CVE-2019-8125 Vulnerability (CVE-2019-8125)

CVE-2019-8125

-

High

Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8124)

CVE-2019-8124

CWE-345

High

Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)

CVE-2024-40464

CWE-295

High

Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465)

CVE-2024-40465

CWE-327

High

Magento CVE-2019-8122 Vulnerability (CVE-2019-8122)

CVE-2019-8122

-

High

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-40597)

CVE-2024-40597

CWE-200

High

Magento CVE-2019-8119 Vulnerability (CVE-2019-8119)

CVE-2019-8119

-

High

Magento Session Fixation Vulnerability (CVE-2019-8116)

CVE-2019-8116

CWE-384

High

Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8151)

CVE-2019-8151

CWE-918

High

Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8155)

CVE-2019-8155

CWE-352

High

Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8112)

CVE-2019-8112

CWE-345

High

RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8325)

CVE-2019-8325

CWE-138

High

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)

CVE-2024-38477

CWE-476

High

PHP Out-of-bounds Read Vulnerability (CVE-2019-9022)

CVE-2019-9022

CWE-125

High

Apache Traffic Server CVE-2024-38479 Vulnerability (CVE-2024-38479)

CVE-2024-38479

-

High

GeoServer Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-38524)

CVE-2024-38524

CWE-200

High

WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8942)

CVE-2019-8942

CWE-94

High

«
1
...
48
49
50
...
196
»