v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2

Vulnerability Name

CVE

CWE

Severity

Lodash Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-8203)

CVE-2020-8203

CWE-1321

High

Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21518)

CVE-2024-21518

CWE-22

High

Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8164)

CVE-2020-8164

CWE-502

High

Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-8163)

CVE-2020-8163

CWE-94

High

Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)

CVE-2020-8162

CWE-434

High

Opencart CVE-2024-21519 Vulnerability (CVE-2024-21519)

CVE-2024-21519

-

High

math.js Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2020-7743)

CVE-2020-7743

CWE-915

High

Craft CMS CVE-2024-21622 Vulnerability (CVE-2024-21622)

CVE-2024-21622

-

High

XWiki Improper Handling of Insufficient Privileges Vulnerability (CVE-2024-21648)

CVE-2024-21648

CWE-274

High

Plone CMS Weak Password Requirements Vulnerability (CVE-2020-7940)

CVE-2020-7940

CWE-521

High

Plone CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-7939)

CVE-2020-7939

CWE-138

High

Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7938)

CVE-2020-7938

CWE-269

High

Artifactory CVE-2020-7931 Vulnerability (CVE-2020-7931)

CVE-2020-7931

-

High

MongoDb Improper Input Validation Vulnerability (CVE-2020-7925)

CVE-2020-7925

CWE-20

High

Chart.js Improper Input Validation Vulnerability (CVE-2020-7746)

CVE-2020-7746

CWE-20

High

Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21672)

CVE-2024-21672

CWE-94

High

osCommerce Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-27975)

CVE-2020-27975

CWE-352

High

Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-27316)

CVE-2024-27316

CWE-770

High

MediaWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-34506)

CVE-2024-34506

CWE-400

High

SharePoint CVE-2024-32987 Vulnerability (CVE-2024-32987)

CVE-2024-32987

-

High

Masa CMS Origin Validation Error Vulnerability (CVE-2024-32642)

CVE-2024-32642

CWE-346

High

MySQL CVE-2020-14878 Vulnerability (CVE-2020-14878)

CVE-2020-14878

-

High

Masa CMS Incorrect Authorization Vulnerability (CVE-2024-32643)

CVE-2024-32643

CWE-863

High

Envoy Proxy Use After Free Vulnerability (CVE-2024-32974)

CVE-2024-32974

CWE-416

High

MySQL CVE-2020-14828 Vulnerability (CVE-2020-14828)

CVE-2020-14828

-

High

Envoy Proxy Integer Underflow (Wrap or Wraparound) Vulnerability (CVE-2024-32975)

CVE-2024-32975

CWE-191

High

WebLogic CVE-2020-14820 Vulnerability (CVE-2020-14820)

CVE-2020-14820

-

High

Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-32976)

CVE-2024-32976

CWE-835

High

MySQL CVE-2020-14697 Vulnerability (CVE-2020-14697)

CVE-2020-14697

-

High

MySQL CVE-2020-14678 Vulnerability (CVE-2020-14678)

CVE-2020-14678

-

High

PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14960)

CVE-2020-14960

CWE-138

High

MySQL CVE-2020-14663 Vulnerability (CVE-2020-14663)

CVE-2020-14663

-

High

CubeCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-33438)

CVE-2024-33438

CWE-434

High

WebLogic CVE-2020-14639 Vulnerability (CVE-2020-14639)

CVE-2020-14639

-

High

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34001)

CVE-2024-34001

CWE-352

High

Oracle JRE CVE-2020-14593 Vulnerability (CVE-2020-14593)

CVE-2020-14593

-

High

WebLogic CVE-2020-14589 Vulnerability (CVE-2020-14589)

CVE-2020-14589

-

High

WebLogic CVE-2020-14588 Vulnerability (CVE-2020-14588)

CVE-2020-14588

-

High

Oracle JRE CVE-2020-14583 Vulnerability (CVE-2020-14583)

CVE-2020-14583

-

High

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14443)

CVE-2020-14443

CWE-138

High

WebLogic CVE-2020-14883 Vulnerability (CVE-2020-14883)

CVE-2020-14883

-

High

Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-15012)

CVE-2020-15012

CWE-22

High

PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-14350)

CVE-2020-14350

CWE-426

High

Python Uncontrolled Search Path Element Vulnerability (CVE-2020-15523)

CVE-2020-15523

CWE-427

High

XWikiplatform Missing Authorization Vulnerability (CVE-2024-31987)

CVE-2024-31987

CWE-862

High

SharePoint CVE-2020-17089 Vulnerability (CVE-2020-17089)

CVE-2020-17089

-

High

SharePoint CVE-2020-17016 Vulnerability (CVE-2020-17016)

CVE-2020-17016

-

High

SharePoint Origin Validation Error Vulnerability (CVE-2020-16952)

CVE-2020-16952

CWE-346

High

SharePoint Origin Validation Error Vulnerability (CVE-2020-16951)

CVE-2020-16951

CWE-346

High

Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)

CVE-2020-15842

CWE-502

High

Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)

CVE-2020-15842

CWE-502

High

XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31988)

CVE-2024-31988

CWE-352

High

Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)

CVE-2020-15841

-

High

XWikiplatform Missing Authorization Vulnerability (CVE-2024-31997)

CVE-2024-31997

CWE-862

High

Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-15049)

CVE-2020-15049

CWE-444

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15252)

CVE-2020-15252

CWE-138

High

WeBid Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-32166)

CVE-2024-32166

CWE-639

High

Envoy Proxy Reachable Assertion Vulnerability (CVE-2024-32475)

CVE-2024-32475

CWE-617

High

Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-15151)

CVE-2020-15151

-

High

TYPO3 Improper Input Validation Vulnerability (CVE-2020-15099)

CVE-2020-15099

CWE-20

High

TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098)

CVE-2020-15098

CWE-502

High

PrestaShop Other Vulnerability (CVE-2020-15082)

CVE-2020-15082

-

High

OpenVPN AS Insufficient Session Expiration Vulnerability (CVE-2020-15074)

CVE-2020-15074

CWE-613

High

phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15072)

CVE-2020-15072

CWE-138

High

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)

CVE-2020-14384

CWE-400

High

PostgreSQL Uncontrolled Search Path Element Vulnerability (CVE-2020-14349)

CVE-2020-14349

CWE-427

High

Apache Traffic Server HTTP Request Smuggling Vulnerability (CVE-2020-17509 )

CVE-2020-17509

-

High

Perl Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-12723)

CVE-2020-12723

CWE-120

High

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13592)

CVE-2020-13592

CWE-138

High

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13591)

CVE-2020-13591

CWE-138

High

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13590)

CVE-2020-13590

CWE-138

High

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13589)

CVE-2020-13589

CWE-138

High

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13588)

CVE-2020-13588

CWE-138

High

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13587)

CVE-2020-13587

CWE-138

High

Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)

CVE-2020-13445

CWE-138

High

«
1
...
56
57
58
...
196
»