VulnScope — package-centric CVE lookup- —CVE-2015-1427⚠ KEVEPSS 92.3%Improper Access Control in Elasticsearch
- CRITICAL9.8⚠ KEVEPSS 94.3%Improper Access Control in Apache Shiro
- CRITICAL9.8⚠ KEVEPSS 94.3%Improper Input Validation in Apache ActiveMQ
- HIGH8.1⚠ KEVEPSS 94.4%Unrestricted Upload of File with Dangerous Type Apache Tomcat
- HIGH7.5⚠ KEVEPSS 39.7%Jenkins discloses project names via fingerprints
- CRITICAL9.8⚠ KEVEPSS 94.1%Code execution in Apache Struts 1 plugin
- CRITICAL9.8⚠ KEVEPSS 89.5%Richfaces vulnerable to arbitrary code execution
- CRITICAL9.8⚠ KEVEPSS 93.8%Apache Tomcat Improper Access Control vulnerability
- CRITICAL9.9⚠ KEVEPSS 91.8%Sandbox bypass in Jenkins Pipeline: Groovy Plugin
- CRITICAL9.8⚠ KEVEPSS 94.3%Code injection in Apache Struts
- CRITICAL9.8⚠ KEVEPSS 94.5%Deserialization of Untrusted Data in Jenkins
- CRITICAL9.8⚠ KEVEPSS 94.5%Deserialization of Untrusted Data in Jenkins
- CRITICAL9.9⚠ KEVEPSS 92.6%Sandbox bypass in Script Security Plugin
- CRITICAL9.8⚠ KEVEPSS 87.5%Apache Struts Remote Java Code Execution
- HIGH7.5⚠ KEVEPSS 22.2%Improper Input Validation in Apache Struts
- CRITICAL9.8⚠ KEVEPSS 94.5%Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expression
- CRITICAL9.8⚠ KEVEPSS 94.4%Remote Code Execution in Spring Framework
- CRITICAL10.0⚠ KEVEPSS 94.5%Spring Cloud Gateway vulnerable to Code Injection when Gateway Actuator endpoint enabled, exposed, unsecured
- CRITICAL9.8⚠ KEVEPSS 94.4%Remote code execution in Apache Struts
- CRITICAL9.0⚠ KEVEPSS 94.3%Incomplete fix for Apache Log4j vulnerability
- CRITICAL10.0⚠ KEVEPSS 94.4%Remote code injection in Log4j
- HIGH8.5⚠ KEVEPSS 94.3%XStream is vulnerable to a Remote Command Execution attack
- CRITICAL9.8⚠ KEVEPSS 93.9%Inadequate Encryption Strength
- HIGH7.8⚠ KEVEPSS 94.0%Command Injection Vulnerability
- HIGH7.5⚠ KEVEPSS 94.3%Path Traversal in Apache Flink