Pass Apache Solr < 4.1.0 Multiple XML External Entity Injections CVE-2012-6612 CVE-2013-6407 07 Jan 2014 7.5 (v2) High Pass OpenSSL < 0.9.8h Multiple Vulnerabilities CVE-2008-0891 CVE-2008-1672 CVE-2011-4354 02 Dec 2011 4.3 (v2) Medium Pass PHP 7.0.x < 7.0.3 Multiple Vulnerabilities CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 CVE-2016-2554 CVE-2016-4342 CVE-2016-434311 Feb 2016 9.8 (v3) Critical Pass SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened eNcryption) CVE-2016-0800 01 Mar 2016 5.9 (v3) Medium Pass VMware ESX / ESXi libxml2 RCE (VMSA-2013-0004) (remote check) CVE-2012-5134 04 Mar 2016 6.8 (v2) Medium Pass ESXi 5.1 < Build 2323231 glibc Library Multiple Vulnerabilities (remote check) CVE-2013-0242 CVE-2013-1914 15 Dec 2014 5 (v2) Medium Pass Cisco ASA SSL VPN Remote Information Disclosure (CSCuq65542) CVE-2014-3398 27 Feb 2015 5 (v2) Medium Pass MS11-035: Vulnerability in WINS Could Allow Remote Code Execution (2524426) (uncredentialed check) CVE-2011-1248 19 May 2011 9.3 (v2) High Pass OpenSSL 1.0.1 < 1.0.1m Multiple Vulnerabilities CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass Newsletter Plugin for WordPress 'preview.php' 'data' Parameter Directory Traversal CVE-2012-3588 01 Apr 2013 5 (v2) Medium Pass Apache Solr < 4.10.5 'plugin.js' XSS CVE-2014-3628 24 Mar 2015 4.3 (v2) Medium Pass Atmail Webmail 6.x / 7.x < 7.2.0 Multiple Vulnerabilities CVE-2013-6017 CVE-2013-6028 18 Apr 2014 6.8 (v2) Medium Pass iPlanet Directory Server Traversal Arbitrary File Access CVE-2000-1075 08 Jan 2001 5 (v2) Medium Pass Cisco TelePresence Server Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass ESXi 5.5 < Build 1623387 Multiple Vulnerabilities (remote check) CVE-2013-4332 CVE-2013-5211 22 May 2015 5 (v2) Medium Pass OpenSSL 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam) CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 12 Jun 2015 6.8 (v2) Medium Pass Apple TV < 7.0.3 Multiple Vulnerabilities CVE-2014-3192 CVE-2014-4455 CVE-2014-4459 CVE-2014-4465 CVE-2014-4466 CVE-2014-4468 CVE-2014-4469 CVE-2014-4470 CVE-2014-4471 CVE-2014-4472 CVE-2014-4473 CVE-2014-4474 CVE-2014-4475 CVE-2014-4476 CVE-2014-4477 CVE-2014-4479 CVE-2014-4480 CVE-2014-4481 CVE-2014-4483 CVE-2014-4484 CVE-2014-4485 CVE-2014-4486 CVE-2014-4487 CVE-2014-4488 CVE-2014-4489 CVE-2014-4491 CVE-2014-4492 CVE-2014-4495 CVE-2014-449603 Feb 2015 10 (v2) Critical Pass Cisco TelePresence DSP Card Crafted RTP Packet H.264 Bit Stream Handling DoS CVE-2013-1176 23 Sep 2013 7.1 (v2) High Pass Network Service Malformed Data Remote DoS CVE-1999-1196 08 Mar 2005 9 (v2) High Pass Sybase M-Business Anywhere (AvantGo) gsoap Module password Tag Handling Overflow 23 May 2011 10 (v2) Critical Pass McAfee Managed Agent FrameworkService.exe HTTP Request DoS (SB10055) CVE-2013-3627 11 Oct 2013 5.3 (v3) Medium Pass Cisco Prime LAN Management Solution Cross-Frame Scripting CVE-2013-5482 01 Oct 2013 4.3 (v2) Medium Pass MySQL debian.cnf Plaintext Credential Disclosure CVE-2013-2162 08 Jan 2014 1.9 (v2) Low Pass Synology DiskStation Manager 4.0-x < 4.0-2259 / 4.1-x / 4.2-x < 4.2-3243 SLICEUPLOAD Function Remote Code ExecutionCVE-2013-6955 05 Feb 2014 10 (v2) Critical Pass VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 DoS (VMSA-2018-0018) (remote check) CVE-2018-6972 24 Mar 2020 6.5 (v3) Medium Pass Cisco Unified Computing System Cisco Management Controller Denial of Service Vulnerability (CSCtg20734)CVE-2012-4081 13 Feb 2014 4.6 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.43 Multiple Vulnerabilities CVE-2011-1376 CVE-2011-1377 CVE-2011-4889 CVE-2012-0193 CVE-2012-0716 CVE-2012-0717 CVE-2012-0720 04 Apr 2012 5 (v2) Medium Pass Nagios XI < 2011R1.9 Multiple Vulnerabilities 06 Aug 2012 4.6 (v2) Medium Pass Lexmark Printer config.html Administrator Authentication Bypass CVE-2013-6032 03 Mar 2014 10 (v2) Critical Pass Apache 2.2.x < 2.2.27 Multiple Vulnerabilities CVE-2013-6438 CVE-2014-0098 08 Apr 2014 5.3 (v3) Medium Pass A10 Networks Remote Buffer Overflow CVE-2014-3976 14 Apr 2014 5 (v2) Medium Pass HP OfficeJet Pro 8500 XSS CVE-2013-4845 02 Jun 2014 4.7 (v3) Medium Pass Cisco TelePresence MXP Series Software Multiple Vulnerabilities (cisco-sa-20140430-mxp) CVE-2014-2156 CVE-2014-2157 CVE-2014-2158 CVE-2014-2159 CVE-2014-2160 CVE-2014-2161 08 May 2014 7.8 (v2) High Pass Apple iTunes < 11.2.1 User Directory Insecure Permissions Vulnerability (uncredentialed check) CVE-2014-1347 19 May 2014 4.4 (v2) Medium Pass Western Digital Arkeia lang Cookie Crafted Local File Inclusion CVE-2014-2846 28 May 2014 7.5 (v2) High Pass Cisco Prime Data Center Network Manager 6.x XSS (uncredentialed check) CVE-2014-3329 15 Sep 2014 4.3 (v2) Medium Pass ESXi 5.5 < Build 1881737 OpenSSL Library Multiple Vulnerabilities (remote check) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 11 Jun 2014 5.8 (v2) Medium Pass OSSIM < 4.3.2 Multiple SQL Injection Vulnerabilities CVE-2013-5967 26 Jun 2014 7.5 (v2) High Pass Puppet < 2.7.26 / 3.6.2 and Enterprise 2.8.x < 2.8.7 Multiple Vulnerabilities CVE-2014-3248 CVE-2014-3249 CVE-2014-3250 02 Jul 2014 6.2 (v2) Medium Pass HP OneView < 1.10 OpenSSL Multiple Vulnerabilities (HPSBGN03068) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 24 Jul 2014 5.8 (v2) Medium Pass WP Source Control Plugin for WordPress Directory Traversal CVE-2014-5368 25 Aug 2014 5 (v2) Medium Pass IBM WebSphere Portal Dojo Module URI Traversal Arbitrary File Access CVE-2012-2181 10 Aug 2012 5 (v2) Medium Pass Oracle Fusion Middleware HTTP Server (July 2012 CPU) CVE-2012-1741 08 Oct 2014 5.8 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 35 Multiple Vulnerabilities CVE-2013-5704 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3021 CVE-2014-3083 CVE-2014-4770 CVE-2014-4816 21 Oct 2014 6.8 (v2) Medium Pass Apple TV < 7.0.1 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-4428 05 Nov 2014 5.4 (v2) Medium Pass Creative Contact Form Plugin for WordPress File Upload RCE CVE-2014-7969 24 Nov 2014 8.8 (v3) High Pass PHP 5.6.x < 5.6.1 'add_post_var' Code Execution CVE-2014-3622 07 Oct 2014 9.3 (v2) High Pass SSL Certificate Signed with the Publicly Known Cyberoam Key CVE-2012-3372 07 Aug 2012 5.8 (v2) Medium Pass MapServer for Windows (MS4W) Bundled Apache / PHP Configuration Local File Inclusion CVE-2012-2950 01 Nov 2012 10 (v2) Critical Pass IBM Rational ClearQuest Multiple Script Information Disclosure CVE-2012-0744 29 Oct 2012 5 (v2) Medium Pass MiniUPnP < 1.4 Multiple Vulnerabilities CVE-2013-0229 CVE-2013-0230 31 Jan 2013 9.8 (v3) Critical Pass OpenSSL 1.0.0 < 1.0.0r Multiple Vulnerabilities CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass Oracle Application Express (Apex) CVE-2010-0076 CVE-2010-0076 20 Feb 2013 6 (v2) Medium Pass F5 Device Default Support Password CVE-1999-0508 06 Dec 2001 10 (v2) Critical Pass Novell Identity Manager Role Based Provisioning Module Unspecified Vulnerability CVE-2013-1083 10 Apr 2013 10 (v2) Critical Pass HP SiteScope XSS CVE-2011-1726 02 May 2011 4.3 (v2) Medium Pass Sophos Web Protection Appliance end-user-/errdoc.php 'msg' Parameter XSS CVE-2013-2643 18 Apr 2013 4.7 (v3) Medium Pass Cisco Prime Data Center Network Manager RMI Remote Code Execution (uncredentialed check) CVE-2007-1036 CVE-2012-5417 11 Jul 2013 9.8 (v3) Critical Pass GroundWork Monitor Enterprise Foundation Webapp Admin Interface Authentication Bypass CVE-2013-3499 28 Jun 2013 7.5 (v2) High Pass BigTree CMS index.php SQL Injection CVE-2013-4879 15 Aug 2013 7.5 (v2) High Pass ManageEngine SupportCenter Plus FileDownload.jsp path Parameter Traversal Arbitrary File Access 28 Jun 2011 5 (v2) Medium Pass Cisco Security Manager MySQL Accessible Without Authentication (cisco-sa-20090121-csm) CVE-2008-3820 12 Aug 2013 6.8 (v2) Medium Pass LeagueManager Plugin for WordPress 'wp-admin/admin.php' 'league_id' Parameter SQL Injection CVE-2013-1852 12 Sep 2013 7.5 (v2) High Pass Apache 2.0.x < 2.0.64 Multiple Vulnerabilities CVE-2008-2364 CVE-2008-2939 CVE-2009-1891 CVE-2009-2412 CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2010-0434 CVE-2010-1452 CVE-2010-162320 Oct 2010 7.3 (v3) High Pass Symantec Web Gateway login.php Blind SQL Injection (SYM11-001) CVE-2010-0115 20 Jul 2011 7.5 (v2) High Pass Adobe Flash Media Server < 3.0.7 / 3.5.5 / 4.0.1 Multiple Vulnerabilities (APSB10-27) CVE-2010-3633 CVE-2010-3634 CVE-2010-3635 11 Nov 2010 10 (v2) Critical Pass OpenSSH Legacy Certificate Signing Information Disclosure CVE-2011-0539 09 Feb 2011 4.3 (v2) Medium Pass Twitter Feed for WordPress Plugin 'url' Parameter XSS CVE-2010-4825 09 Dec 2010 4.3 (v2) Medium Pass Novell GroupWise WebAccess Arbitrary File Download CVE-2010-4715 23 Nov 2010 7.8 (v2) High Pass HP OpenView Performance Insight Server Backdoor Account CVE-2011-0276 02 Feb 2011 7.5 (v2) High Pass Novell eDirectory DHost Predictable Session ID CVE-2009-4655 19 Mar 2010 7.5 (v2) High Pass VMware Security Updates for vCenter Server (VMSA-2014-0012) CVE-2014-0015 CVE-2014-0138 CVE-2014-0191 CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4247 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 CVE-2014-4268 CVE-2014-837112 Dec 2014 10 (v2) Critical Pass Symantec LiveUpdate Administrator < 2.3 CSRF (SYM11-005) CVE-2011-1524 CVE-2011-0545 29 Mar 2011 5 (v2) Medium Pass Apple TV < 13.3.1 Multiple Vulnerabilities CVE-2020-3829 CVE-2020-3836 CVE-2020-3837 CVE-2020-3838 CVE-2020-3840 CVE-2020-3842 CVE-2020-3853 CVE-2020-3856 CVE-2020-3857 CVE-2020-3868 CVE-2020-3870 CVE-2020-3872 CVE-2020-3875 CVE-2020-387818 Feb 2020 8.8 (v3) High Pass Oracle GlassFish Server Administrative Console Authentication Bypass CVE-2011-1511 12 May 2011 10 (v2) Critical Pass MediaWiki Backslash Escaped CSS Comments XSS CVE-2011-1579 15 Apr 2011 5.8 (v2) Medium Pass MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) (remote check) CVE-2011-1966 17 Aug 2011 10 (v2) Critical Pass OpenSSL 1.x < 1.0.0e Multiple Vulnerabilities CVE-2011-1945 CVE-2011-3207 CVE-2011-3210 12 Sep 2011 5 (v2) Medium Pass FileZilla Server < 0.9.31 Denial of Service CVE-2009-0884 19 Mar 2010 5 (v2) Medium Pass Apache HTTP Server mod_proxy Reverse Proxy Information Disclosure CVE-2011-3368 CVE-2011-4317 29 Nov 2011 5 (v2) Medium Pass Mac OS X 10.11.x < 10.11.6 Multiple Vulnerabilities CVE-2013-7456 CVE-2014-9862 CVE-2016-0718 CVE-2016-1684 CVE-2016-1836 CVE-2016-1863 CVE-2016-1864 CVE-2016-1865 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4582 CVE-2016-4594 CVE-2016-4595 CVE-2016-4596 CVE-2016-4597 CVE-2016-4598 CVE-2016-4599 CVE-2016-4600 CVE-2016-4601 CVE-2016-4602 CVE-2016-4607 CVE-2016-4608 CVE-2016-4609 CVE-2016-4610 CVE-2016-4612 CVE-2016-4614 CVE-2016-4615 CVE-2016-4616 CVE-2016-4619 CVE-2016-4621 CVE-2016-4625 CVE-2016-4626 CVE-2016-4629 CVE-2016-4630 CVE-2016-4631 CVE-2016-4632 CVE-2016-4633 CVE-2016-4634 CVE-2016-4635 CVE-2016-4637 CVE-2016-4638 CVE-2016-4639 CVE-2016-4640 CVE-2016-4641 CVE-2016-4645 CVE-2016-4646 CVE-2016-4647 CVE-2016-4648 CVE-2016-4649 CVE-2016-4650 CVE-2016-4652 CVE-2016-5093 CVE-2016-5094 CVE-2016-509621 Jul 2016 9.8 (v3) Critical Pass Kernel vulnerabilities detected in banner reporting (PCI-DSS check) 23 Mar 2018 7.3 (v3) High Pass Unsupported linux kernel version detected in banner reporting (PCI-DSS check) 14 Feb 2019 9.8 (v3) Critical Pass CA eTrust Directory SNMP Packet Parsing Denial of Service CVE-2011-3849 06 Dec 2011 5 (v2) Medium Pass Oracle GlassFish Server 2.1.1 < 2.1.1.15 / 3.0.1 < 3.0.1.5 / 3.1.1 < 3.1.1.2 Hash Collision DoS CVE-2011-5035 22 Feb 2012 5 (v2) Medium Pass Splunk Enterprise 4.3.x / 5.0.x < 5.0.9 / 6.0.x < 6.0.5 / 6.1.x < 6.1.2 Multiple OpenSSL Vulnerabilities CVE-2014-0224 CVE-2014-3470 16 Jul 2014 5.8 (v2) Medium Pass op5 Config Arbitrary Command Execution CVE-2012-0262 17 Jan 2012 10 (v2) Critical Pass op5 Monitor Credential Leak CVE-2012-0623 17 Jan 2012 4 (v2) Medium Pass Citrix EdgeSight Load Tester Buffer Overflow 22 Aug 2011 10 (v2) Critical Pass Scrutinizer < 9.0.1 d4d/alarms.php Multiple Parameters SQLi CVE-2012-1259 04 May 2012 7.5 (v2) High Pass VMware vRealize Log Insight 4.x < 8.1.0 XSS Vulnerability (VMSA-2020-0007) CVE-2020-3953 CVE-2020-3954 23 Apr 2020 6.1 (v3) Medium Pass Log Rover pword Parameter SQL Injection CVE-2009-3532 20 Jul 2009 7.5 (v2) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 3 Multiple Vulnerabilities CVE-2011-1377 CVE-2012-0193 CVE-2012-0716 CVE-2012-0720 14 Jun 2012 10 (v2) Critical Pass RealNetworks Helix Server < 13.0.0 Multiple Remote DoS CVE-2009-2533 CVE-2009-2534 21 Jul 2009 5 (v2) Medium Pass ISC BIND Dynamic Update Message Handling Remote DoS CVE-2009-0696 29 Jul 2009 5 (v2) Medium Pass Microsoft Windows SMB Shares Unprivileged Access CVE-1999-0519 CVE-1999-0520 06 Nov 2009 7.5 (v2) High Pass Symantec LiveUpdate Administrator < 2.3.2 Privilege Escalation (SYM12-009) CVE-2012-0304 28 Jun 2012 6.9 (v2) Medium Pass MS04-011: Microsoft Windows SSL Library Malformed Message Remote DoS (835732) (uncredentialed check)CVE-2004-0120 13 Apr 2004 10 (v2) Critical Pass Asterisk IAX2 Call Number Exhaustion DoS CVE-2009-2346 08 Sep 2009 5 (v2) Medium Pass BuildBot WebStatus waterfall 'branch' Parameter XSS CVE-2009-2959 03 Nov 2009 4.3 (v2) Medium Pass Sun Java System Directory Proxy Server 6.x < 6.3.1.1 Multiple Vulnerabilities. CVE-2009-4440 CVE-2009-4441 CVE-2009-4442 CVE-2009-4443 30 Dec 2009 6.8 (v2) Medium Pass Cisco Prime Security Manager Log Retention DoS (cisco-sa-20120912-asacx) CVE-2012-4629 18 Sep 2012 7.8 (v2) High Pass Portable OpenSSH < 3.8p1 Multiple Vulnerabilities CVE-2004-2069 04 Oct 2011 5 (v2) Medium Pass DokuWiki ajax.php cmd[del] Parameter Security Bypass CVE-2010-0288 19 Jan 2010 7.5 (v2) High Pass rsync Traversal Arbitrary File Creation CVE-2004-0426 06 May 2004 5 (v2) Medium Pass Xerox WorkCentre Authorization Bypass Vulnerabilities (XRX10-002) CVE-2010-0548 01 Mar 2010 7.8 (v2) High Pass RealNetworks Helix Server 11.x / 12.x / 13.x Multiple Vulnerabilities CVE-2010-1317 CVE-2010-1318 CVE-2010-1319 15 Apr 2010 9.3 (v2) High Pass Computer Associates XOsoft SOAP Request Username Enumeration (CA20100406) CVE-2010-1221 13 Apr 2010 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 9 CVE-2010-0768 CVE-2010-0769 CVE-2010-0770 06 Apr 2010 4.3 (v2) Medium Pass Tembria Server Monitor < 5.6.1 Denial of Service CVE-2010-1316 30 Apr 2010 5 (v2) Medium Pass Adobe ColdFusion 'cfadminUserId' XSS (APSB10-11) CVE-2010-1293 24 May 2010 4.3 (v2) Medium Pass ManageEngine ADAudit Plus 'reportList' Parameter XSS CVE-2010-2049 02 Jun 2010 4.3 (v2) Medium 19
RELAYTO Penetration Test Results Page 18 Page 20