|
Stored/Reflected XSS
CVE: 46081
|
RCE / Command Execution
CVE: 20181
|
CSRF Session Abuse
CVE: 9408
|
SSRF Pivoting
CVE: 2897
|
Path Traversal
CVE: 9994
|
Cryptographic Weakness
CVE: 6322
|
Information Disclosure
CVE: 10304
|
Resource Development Exposure
CVE: 47330
|
|
SQL Injection
CVE: 19866
|
Out-of-Bounds Write
CVE: 14335
|
Missing Authorization
CVE: 8612
|
Open Redirect Pivoting
CVE: 1567
|
Malicious File Upload Entry
CVE: 4188
|
Hard-coded Credentials
CVE: 1738
|
Resource Exhaustion/DoS
CVE: 3237
|
Untrusted Update Channel Exposure
CVE: 884
|
|
Generic Input/Entry Manipulation
CVE: 5803
|
Memory Corruption
CVE: 14038
|
Authorization/Privilege Bypass
CVE: 8051
|
Spoofing to Internal Trust Pivoting
CVE: 621
|
XXE Injection
CVE: 1268
|
Insufficiently Protected Credentials
CVE: 1392
|
Allocation Without Limits or Throttling
CVE: 2004
|
Inclusion of Untrusted Third-Party Components
CVE: 284
|
|
Command Injection Entry Point
CVE: 3607
|
Out-of-Bounds Read
CVE: 9056
|
Authentication Bypass
CVE: 7132
|
Origin Validation Bypass Pivoting
CVE: 615
|
File Inclusion
CVE: 1267
|
Cleartext Transmission of Sensitive Information
CVE: 893
|
Improper Resource Shutdown or Release
CVE: 742
|
Externally Controlled Reference Exposure
CVE: 236
|
|
Expression/Template Injection
CVE: 204
|
Use-After-Free
CVE: 7915
|
Improper Access Control
CVE: 5434
|
Trust Boundary Pivoting
CVE: 486
|
Security Misconfiguration
CVE: 457
|
Credential Theft/Exposure
CVE: 850
|
Service Exhaustion / DoS
CVE: 72
|
Template Engine Injection
CVE: 182
|
|
XPath Injection
CVE: 142
|
Code Injection
CVE: 6639
|
Incorrect Authorization
CVE: 3262
|
Confused Deputy Pivoting
CVE: 102
|
Relative Path Traversal
CVE: 450
|
Cleartext Storage of Sensitive Information
CVE: 810
|
Availability Disruption
CVE: 8
|
Use of Unmaintained Third-Party Components
CVE: 21
|
|
LDAP Injection
CVE: 70
|
Buffer/Memory Corruption
CVE: 6275
|
Improper Privilege Management
CVE: 2885
|
Reverse DNS Trust Abuse
CVE: 24
|
Environment Evasion
CVE: 82
|
Weak Cryptographic Algorithm
CVE: 684
|
-
|
Supply-Chain Exposure
CVE: 2
|
|
Parser Injection Entry
CVE: 2
|
OS Command Injection
CVE: 6153
|
Missing Authentication for Critical Function
CVE: 2531
|
-
|
Link Resolution Abuse
CVE: 10
|
Hard-coded Crypto Key
CVE: 305
|
-
|
Recon/Discovery Weakness
CVE: 1
|
|
-
|
Stack/Heap Overflow
CVE: 4314
|
IDOR/BOLA
CVE: 2004
|
-
|
-
|
Cleartext Credential Exposure
CVE: 166
|
-
|
Unmaintained Component Exposure
CVE: 1
|
|
-
|
Integer Overflow to Execution
CVE: 3390
|
Authorization Bypass
CVE: 1408
|
-
|
-
|
Weak Password Hashing
CVE: 118
|
-
|
Untrusted Search Path Exposure
CVE: 1
|
|
-
|
Unsafe Deserialization
CVE: 2950
|
Session/Token Privilege Abuse
CVE: 413
|
-
|
-
|
-
|
-
|
-
|
|
-
|
Type-Confusion/Sandbox Escape
CVE: 831
|
Privilege Escalation Vector
CVE: 128
|
-
|
-
|
-
|
-
|
-
|