RELAYTO Endpoints Penetration Test Results

RELAYTO Penetration Test Results Result Check name CVE Publication date Scanning engine CVSS rating Risk factor Pass Sawmill 8.x < 8.1.7.3 Arbitrary File Disclosure 01 Nov 2010 7.8 (v2) High Pass Cisco IOS Software Multicast Source Discovery Protocol DoS (cisco-sa-20120328-msdp) CVE-2012-0382 02 Apr 2012 7.1 (v2) High Pass Arista Networks CloudVision Portal Privilege Escalation (SA0044) CVE-2019-18181 08 Jul 2020 7.8 (v3) High Pass Novatel MiFi Default Credentials 08 Nov 2010 10 (v2) Critical Pass Juniper Junos SSH TACACS+ Incorrect Permissions (PSN-2012-04-545) 25 Apr 2012 7.1 (v2) High Pass OS Identi fi cation : SIP 10 Nov 2010 None Pass ignitionServer umode Command Global Operator Privilege Escalation CVE-2004-2553 27 Aug 2004 6 (v2) Medium Pass FeedList Plugin for WordPress 'i' Parameter XSS CVE-2010-4637 18 Nov 2010 4.3 (v2) Medium Pass Novell GroupWise Document Viewer Agent Arbitrary File Download CVE-2010-4715 23 Nov 2010 7.8 (v2) High Pass Novell GroupWise Document Viewer Agent Web Console Accessible 23 Nov 2010 5 (v2) Medium Pass Novell GroupWise Internet Agent Accessible 23 Nov 2010 6.4 (v2) Medium Pass Xerox WorkCentre 77XX Multiple Vulnerabilities (XRX15R) (FREAK) (GHOST) CVE-2015-0204 CVE-2015-0235 11 Dec 2015 10 (v2) Critical Pass Mac OS X 10.7.x < 10.7.4 Multiple Vulnerabilities (BEAST) CVE-2011-1004 CVE-2011-1005 CVE-2011-1777 CVE-2011-1778 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-2895 CVE-2011-3212 CVE-2011-3389 CVE-2011-3919 CVE-2011-4566 CVE-2011-4815 CVE-2011-4885 CVE-2012-0036 CVE-2012-0 10 May 2012 10 (v2) Critical Pass FTP Server Traversal Arbitrary File Access (RETR) 24 Nov 2010 5.3 (v3) Medium Pass DiskPulse Server Default Credentials 09 Dec 2010 10 (v2) Critical Pass Remote Code Execution in DiskPulse Server 09 Dec 2010 10 (v2) Critical Pass Juniper Junos ICMPv6 DoS (PSN-2012-07-644) 17 Jul 2012 5.4 (v2) Medium Pass EMC Documentum D2 < 4.1 P22 / 4.2 P11 Multiple Vulnerabilities (ESA-2015-010) CVE-2015-0517 CVE-2015-0518 13 Feb 2015 9 (v2) High Pass pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam) CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4000 CVE-2015-4029 CVE-2015-4171 CVE-2015-4598 CVE-2015-4 31 Jan 2018 9.8 (v3) Critical Pass BMC SNMP Agent Default Community Name (public) 14 Dec 2010 7.5 (v2) High Pass INN < 2.2.2 Crafted Article Handling Remote Over fl ow CVE-2000-0360 08 Sep 2004 5 (v2) Medium Pass Juniper Junos load factory-default Privilege Escalation (PSN-2012-07-646) 17 Jul 2012 6.3 (v2) Medium Pass Juniper Junos J-Web Hash Collision DoS (PSN-2012-07-650) 17 Jul 2012 7.8 (v2) High Pass Open fi re Admin Console login.jsp XSS 13 Dec 2010 4.3 (v2) Medium Pass Juniper Junos lo0 Firewall Bypass (PSN-2012-07-651) 17 Jul 2012 7.1 (v2) High Pass Juniper Junos host-inbound-tra ffi c Implicit Allow (PSN-2012-07-653) 17 Jul 2012 4 (v2) Medium Pass DD-WRT Info.live.htm Information Disclosure 30 Dec 2010 3.3 (v2) Low Pass Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20120926-dhcp) CVE-2012-4621 28 Sep 2012 7.8 (v2) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606) CVE-2019-1606 21 Jun 2019 7.8 (v3) High Pass HP StorageWorks MSA P2000 Default Credentials CVE-2012-0697 05 Jan 2011 9.8 (v3) Critical Pass PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS CVE-2010-4645 07 Jan 2011 5 (v2) Medium Pass OpenBiblio < 0.5.2 Multiple Scripts Local File Inclusion CVE-2006-5149 03 Oct 2006 7.5 (v2) High Pass Open fi ler Management Interface Default Administrator Credentials 12 Jan 2011 7.5 (v2) High Pass Cisco IOS Software DHCP Version 6 Server Denial of Service Vulnerability (cisco-sa-20120926-dhcpv6) CVE-2012-4623 28 Sep 2012 7.8 (v2) High Pass PRTG Network Monitor Default Credentials 04 Feb 2011 7.5 (v2) High Pass Microsoft System Center Con fi guration Manager Management Point Detection 01 Feb 2011 None Pass Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20120926-sip) CVE-2012-3949 28 Sep 2012 7.8 (v2) High Pass PRTG Network Monitor login.htm errormsg Parameter XSS 04 Feb 2011 4.3 (v2) Medium Pass Arista Networks Networks CloudVision Portal IP fragment DoS (SA0037) CVE-2018-5391 09 Jul 2020 7.5 (v3) High Pass MailEnable IMAP Server (meimaps.exe) Crafted RENAME Command Remote DoS CVE-2005-3813 28 Nov 2005 4 (v2) Medium Pass F-Secure Internet Gatekeeper Default Administrator Credentials 18 Feb 2011 7.5 (v2) High Pass Mac OS X 10.8.x < 10.8.3 Multiple Vulnerabilities CVE-2011-3058 CVE-2012-2088 CVE-2012-3749 CVE-2012-3756 CVE-2013-0963 CVE-2013-0966 CVE-2013-0967 CVE-2013-0969 CVE-2013-0970 CVE-2013-0971 CVE-2013-0976 15 Mar 2013 9.3 (v2) High Pass Cisco NX-OS Software Border Gateway Protocol DoS (cisco-sa-20180620-nxosbgp) CVE-2018-0295 09 Jul 2020 7.5 (v3) High Pass Cisco IOS Software Network Address Translation Vulnerability (cisco-sa-20130327-nat) CVE-2013-1142 10 Apr 2013 7.8 (v2) High Pass Cisco NX-OS Software Internet Group Management Protocol Snooping RCE and DoS (cisco-sa-20180620-nxosigmp) CVE-2018-0292 09 Jul 2020 8.8 (v3) High Pass Juniper Junos Proxy ARP DoS (PSN-2013-04-913) 20 May 2013 7.8 (v2) High Pass Adobe ColdFusion Admin Requires No Authentication 05 Apr 2011 7.5 (v2) High Pass Juniper Junos IPv6 Egress Filter DoS (PSN-2013-04-915) 20 May 2013 7.1 (v2) High Pass Cisco Email Security Appliance Internal Testing Interface RCE CVE-2016-6406 05 Oct 2016 9.8 (v3) Critical Pass pfSense Detection 22 Feb 2018 None Pass NUUO NVRMini2 Authenticated Command Injection CVE-2018-15716 03 Dec 2018 8.8 (v3) High Pass Juniper Junos GRE DoS (PSN-2013-04-917) 20 May 2013 6.1 (v2) Medium Pass Zend Server Java Bridge Arbitrary Java Code Execution 22 Apr 2011 10 (v2) Critical Pass Grandstream SIP Detection 28 Mar 2019 None Pass MediaWiki API XSS CVE-2011-1587 15 Apr 2011 4.3 (v2) Medium Pass WordPress < 2.1.1 Multiple Script Backdoors CVE-2007-1277 02 Mar 2007 7.5 (v2) High Pass NCR Aloha POS SOAP API Detection 29 Mar 2018 None Pass Juniper Junos DNSSEC Validation DoS (PSN-2013-04-918) CVE-2012-3817 20 May 2013 7.8 (v2) High Pass Puppet Enterprise x < 2018.1.9 / 2019.x.x < 2019.0.3 Default Password Vulnerabilities CVE-2019-10694 09 Oct 2019 9.8 (v3) Critical Pass EMC RSA Archer WebUI Detection 07 Jul 2017 None Pass Oracle Primavera Uni fi er Detection 21 Jul 2017 None Pass IceWarp install/index.html lang Parameter XSS 11 May 2011 4.3 (v2) Medium Pass is_human() Plugin for WordPress 'type' Parameter Command Injection 18 May 2011 7.5 (v2) High Pass IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Over fl ows CVE-2007-1868 03 May 2007 10 (v2) Critical Pass Post fi x Cyrus SASL Authentication Context Data Reuse Memory Corruption (exploit) CVE-2011-1720 19 May 2011 6.8 (v2) Medium Pass Vacron NVR Web Interface Detection 24 Oct 2017 None Pass AOST Network Video Recorder Detection 25 Oct 2017 None Pass IBM BigFix Remote Control Detection 27 Dec 2016 None Pass Cisco NX-OS Software Image Signature Veri fi cation (cisco-sa-20190306-nxos-sig-verif) CVE-2019-1615 09 Jul 2020 6.7 (v3) Medium Pass SiteMinder 5.5 Multiple Script XSS CVE-2005-2204 11 Jul 2005 4.3 (v2) Medium Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1779) CVE-2019-1779 02 Sep 2019 6.7 (v3) Medium Pass Kodi Media Player Detection 22 Mar 2017 None Pass SonicWALL Global Management System (GMS) / Analyzer Universal Management Appliance or Host (UMA / UMH) Information Disclosure 09 Dec 2016 5.3 (v3) Medium Pass HP Onboard Administrator < 4.22 Remote Information Disclosure CVE-2014-0224 03 Jul 2014 5.8 (v2) Medium Pass WPtouch Plugin for WordPress 'wptouch_redirect' Parameter URL Redirection 28 Jun 2011 4.3 (v2) Medium Pass ManageEngine ServiceDesk Plus Default Administrator Credentials 28 Jun 2011 7.5 (v2) High Pass Apple iTunes < 12.9.6 Multiple Vulnerabilities (uncredentialed check) CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8 26 Jul 2019 8.8 (v3) High Pass Active Directory Certi fi cate Services Web Enrollment Anonymous Access 15 Jun 2011 5 (v2) Medium Pass Mac OS X 10.8.x < 10.8.4 Multiple Vulnerabilities CVE-2011-1945 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0050 CVE-2012-2110 CVE-2012-2131 CVE-2012-2333 CVE-2012-4929 CVE-2012-5519 CVE-2013-0975 CVE-2013-0 05 Jun 2013 9.3 (v2) High Pass Polycom SoundPoint IP Phones reg_1.html SIP Information Disclosure 22 Jun 2011 5 (v2) Medium Pass Trend Micro Data Loss Prevention Virtual Appliance Encoded Traversal Arbitrary File Access 29 Jun 2011 5 (v2) Medium Pass eScan < 9.0.718.1 MicroWorld Agent service (MWAGENT.EXE) Command Decryption Over fl ow CVE-2007-2687 24 May 2007 10 (v2) Critical Pass Adobe ColdFusion Remote Development Services Enabled Without Authentication 05 Jul 2011 6.4 (v2) Medium Pass SQL Dump Files Disclosed via Web Server 21 Jul 2011 5 (v2) Medium Pass OpenSSL 1.1.0 < 1.1.0d Multiple Vulnerabilities CVE-2017-3730 CVE-2017-3731 CVE-2017-3732 30 Jan 2017 5.9 (v3) Medium Pass Oracle iPlanet Web Server 7.0.x < 7.0.20 Multiple Vulnerabilities CVE-2013-1739 CVE-2013-1740 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 18 Jul 2014 7.5 (v2) High Pass SolarWinds Server & Application Monitor (SAM) Detection 03 Jun 2016 None Pass SolarWinds Virtualization Manager Detection 13 Jul 2016 None Pass Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection CVE-2011-2261 25 Jul 2011 10 (v2) Critical Pass MS11-061: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250) (uncredentialed check) CVE-2011-1263 09 Aug 2011 4.3 (v2) Medium Pass Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) Remote Code Execution CVE-2007-2279 04 Jun 2007 9.3 (v2) High Pass iniNet SpiderControl SCADA Web Server 2.02 Local Privilege Escalation 27 Jan 2016 7.2 (v2) High Pass Cisco Security Manager Web Server Detection 05 Feb 2016 None Pass HP SiteScope Default Credentials 31 Aug 2011 7.5 (v2) High Pass CGI Generic XSS (extended patterns) 03 Aug 2011 4.3 (v2) Medium Pass macOS 10.14.x < 10.14.6 SU2 / 10.13.x < 10.13.6 Update 2019-005 / 10.12.x < 10.12.6 Update 2019-005 Out-of-Bounds Read Vulnerability CVE-2019-8641 30 Sep 2019 9.8 (v3) Critical Pass Netatalk OpenSession Remote Code Execution CVE-2018-1160 20 Dec 2018 9.8 (v3) Critical Pass PCI DSS Compliance : Insecure Communication Has Been Detected 15 Sep 2011 5.3 (v3) Medium Pass GoodTech SMTP Server < 5.17 Multiple Bu ff er Over fl ows CVE-2005-2387 04 Aug 2005 10 (v2) Critical Pass NetIQ Access Manager Detect 18 Feb 2015 None Pass IBM Rational ClearQuest Web Client Detection 12 Mar 2015 None Pass ManageEngine NetFlow Analyzer Detection 16 Mar 2015 None Pass Visualware MyConnection Server Web Detection 02 Apr 2015 None Pass Apache <= 2.0.51 Satisfy Directive Access Control Bypass CVE-2004-0811 23 Sep 2004 7.3 (v3) High Pass SSL Certi fi cate Fails to Adhere to Basic Constraints / Key Usage Extensions 23 Sep 2011 6.4 (v2) Medium Pass SMB Use Host SID to Enumerate Local Users Without Credentials CVE-2000-1200 15 Sep 2011 5.3 (v3) Medium Pass CGI Generic XPath Injection (2nd pass) 21 Sep 2011 5 (v2) Medium Pass HP Operations Orchestration Detection 07 May 2015 None Pass ManageEngine ADSelfService Plus resetUnLock Authentication Bypass CVE-2011-3485 14 Oct 2011 7.5 (v2) High 1

Pass TimThumb 'timthumb.php' WebShot 'src' Parameter Remote Command Execution CVE-2014-4663 28 Jul 2014 6.8 (v2) Medium Pass Inductive Automation Ignition Multiple Vulnerabilities CVE-2015-0976 CVE-2015-0991 CVE-2015-0992 CVE-2015-0993 CVE-2015-0994 CVE-2015-0995 02 Jun 2015 6.4 (v2) Medium Pass Puppet Enterprise < 2016.4.5 / 2016.5.x / 2017.1.x Multiple Vulnerabilities CVE-2017-2292 CVE-2017-2293 CVE-2017-2294 CVE-2017-2295 CVE-2017-2297 09 Oct 2019 9 (v3) Critical Pass IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities CVE-2013-6323 CVE-2013-6329 CVE-2013-6438 CVE-2013-6738 CVE-2013-6747 CVE-2014-0050 CVE-2014-0098 CVE-2014-0114 CVE-2014-0453 CVE-2014-0460 CVE-2014-0859 CVE-2014-0878 CVE-2014-0891 CVE-2014-0963 CVE-2014-0965 CVE-2014-3 01 Aug 2014 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.43 Multiple Vulnerabilities CVE-2010-0776 CVE-2010-0777 CVE-2010-0779 CVE-2010-2327 28 Sep 2010 5 (v2) Medium Pass Schneider Electric InduSoft Web Studio < 7.1.3.4 Multiple Information Disclosures (SEVD-2015-054-01) CVE-2015-0996 CVE-2015-0997 CVE-2015-0998 CVE-2015-0999 18 Jun 2015 5 (v2) Medium Pass VMware vCenter Update Manager Directory Traversal (VMSA-2011-0014) CVE-2011-4404 28 Nov 2011 7.8 (v2) High Pass Adobe Experience Manager 6.4 and 6.5 DoS (APSB20-08) CVE-2020-3741 14 Feb 2020 7.5 (v3) High Pass ManageEngine ADSelfService EmployeeSearch.cc Multiple XSS CVE-2010-3274 CVE-2011-5105 08 Dec 2011 4.3 (v2) Medium Pass SurgeMail IMAP Server SEARCH Command Remote Bu ff er Over fl ow CVE-2007-4377 23 Aug 2007 6 (v2) Medium Pass VERITAS Backup Exec Agent Unauthenticated Remote Registry Access CVE-2005-0771 08 Aug 2005 10 (v2) Critical Pass Apple iTunes < 7.4 Malformed Music File Heap Over fl ow (uncredentialed check) CVE-2007-3752 07 Sep 2007 9.3 (v2) High Pass ManageEngine Firewall Analyzer Multiple XSS 13 Apr 2016 4.3 (v2) Medium Pass Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness CVE-2005-1794 01 Jun 2005 5.1 (v2) Medium Pass Mercury IMAP Server SEARCH Command Remote Bu ff er Over fl ow CVE-2007-5018 20 Sep 2007 6 (v2) Medium Pass Novell GroupWise 'FileUploadServlet' Arbitrary File Access Vulnerability CVE-2014-0600 02 Sep 2014 7.8 (v2) High Pass Web Application Information Disclosure 25 Jan 2012 5 (v2) Medium Pass Mac OS X 10.11.x < 10.11.5 Multiple Vulnerabilities CVE-2016-1792 CVE-2016-1793 CVE-2016-1794 CVE-2016-1795 CVE-2016-1796 CVE-2016-1797 CVE-2016-1798 CVE-2016-1799 CVE-2016-1801 CVE-2016-1802 CVE-2016-1803 CVE-2016-1804 CVE-2016-1805 CVE-2016-1806 CVE-2016-1807 CVE-2016-1 19 May 2016 7.8 (v3) High Pass TrackerCam Multiple Remote Vulnerabilities CVE-2005-0478 CVE-2005-0479 CVE-2005-0480 CVE-2005-0481 CVE-2005-0482 21 Feb 2005 7.5 (v2) High Pass Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20090727-wlc) CVE-2009-1164 CVE-2009-1165 CVE-2009-1166 CVE-2009-1167 25 Sep 2013 10 (v2) Critical Pass SMB Signing not required 19 Jan 2012 5.3 (v3) Medium Pass Pivotal Web Server Version Detection 26 Aug 2014 None Pass Unsupported IPSO Firewall 25 Jan 2012 10 (v2) Critical Pass Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability (cisco-sa-nxos-ipip-dos-kCT9X4) CVE-2020-10136 05 Jun 2020 5.3 (v3) Medium Pass Riverbed SteelApp (Stingray) Tra ffi c Manager Web UI Detection 15 Sep 2014 None Pass OpenSSL 1.0.0f DTLS Denial of Service CVE-2012-0050 27 Jan 2012 5 (v2) Medium Pass Oracle GlassFish Server 3.1.1 < 3.1.1.2 Administration Component Unspeci fi ed Vulnerability CVE-2012-0081 02 Feb 2012 3.7 (v2) Low Pass OpenSSL 0.9.8s DTLS Denial of Service CVE-2012-0050 27 Jan 2012 5 (v2) Medium Pass CodeMeter TCP Packet Parsing Unspeci fi ed Remote DoS CVE-2011-4057 02 Feb 2012 5 (v2) Medium Pass CodeMeter Virtual Directory Traversal Arbitrary File Access (remote check) 02 Feb 2012 5.3 (v3) Medium Pass Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability (cisco-sa-20130925-ipv6vfr) CVE-2013-5474 07 Oct 2013 7.8 (v2) High Pass Oracle Application Express (APEX) / REST Data Services Listener Detection 07 Oct 2014 None Pass SolarWinds Log and Event Manager Detection 07 Nov 2014 None Pass RuggedCom RuggedOS Web-Based Admin Interface Default Credentials 15 Jun 2012 10 (v2) Critical Pass Modicon PLC CPU Type SNMP Request Model Type Remote Disclosure 11 Dec 2006 5 (v2) Medium Pass Oracle GlassFish Server 2.1.1 < 2.1.1 Patch15 Administration Component Unspeci fi ed Vulnerability CVE-2011-3564 02 Feb 2012 2.1 (v2) Low Pass EMC Celerra Control Station Default Credentials 13 Feb 2012 10 (v2) Critical Pass Cisco NX-OS OpenSSL Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2015-0292 26 Feb 2016 7.5 (v2) High Pass Docker Remote API Detection 12 Apr 2019 10 (v3) Critical Pass Novell eDirectory Server iMonitor Multiple Remote Over fl ows CVE-2005-2551 CVE-2006-2496 12 Aug 2005 10 (v2) Critical Pass Oracle GlassFish Server 2.1.1 < 2.1.1.14 / 3.0.1 < 3.0.1.4 / 3.1.1 < 3.1.1.1 Web Container Component Unspeci fi ed Vulnerability CVE-2011-3559 22 Feb 2012 7.8 (v2) High Pass eIQnetworks Enterprise Security Analyzer Monitoring.exe Multiple Command Over fl ow CVE-2006-3838 10 Aug 2006 10 (v2) Critical Pass HP-UX Ignite-UX TFTP Service Remote File Manipulation CVE-2004-0952 26 Aug 2005 6.4 (v2) Medium Pass IIS Detailed Error Information Disclosure 16 Mar 2012 5.3 (v3) Medium Pass Tenable Appliance Web Authentication Bypass 17 Jul 2012 7.5 (v2) High Pass WordPress ToolsPack Plugin Backdoor 07 Mar 2012 8.8 (v3) High Pass TheCartPress Plugin for WordPress 'tcp_class_path' Parameter Remote File Inclusion 19 Mar 2012 7.5 (v2) High Pass 3S CODESYS V3 CmpUserMgr 3.x < 3.5.16.0 Password Transmission Vulnerability CVE-2019-9013 12 Aug 2019 8.8 (v3) High Pass CA ARCserve Backup Network Service Network Request Parsing Remote DoS CVE-2012-1662 05 Apr 2012 5 (v2) Medium Pass Mac OS X 10.11.x < 10.11.3 Multiple Vulnerabilities CVE-2015-7995 CVE-2016-1716 CVE-2016-1717 CVE-2016-1718 CVE-2016-1719 CVE-2016-1720 CVE-2016-1721 CVE-2016-1722 CVE-2016-1729 21 Jan 2016 7.3 (v3) High Pass phpWebNotes core/api.php t_path_core Parameter File Inclusion CVE-2005-2775 29 Aug 2005 7.5 (v2) High Pass Palo Alto Networks PAN-OS 8.0.x < 8.0.6 Multiple Vulnerabilities CVE-2017-15942 CVE-2017-15944 15 Dec 2017 9.8 (v3) Critical Pass ManageEngine DeviceExpert ScheduleResultViewer Remote Directory Traversal 22 Mar 2012 7.8 (v2) High Pass Palo Alto Networks 7.1.x < 7.1.22 / 8.0.x < 8.0.15 / 8.1.x < 8.1.6 Cross-Site Scripting Vulnerability (PAN-SA-2019-0001) CVE-2019-1565 12 Mar 2019 5.4 (v3) Medium Pass Apache Tra ffi c Server 3.0.x < 3.0.4 / 3.1.x < 3.1.3 Host HTTP Header Parsing Remote Over fl ow CVE-2012-0256 04 Apr 2012 7.5 (v2) High Pass IBM Storwize Detection 23 Jan 2015 None Pass Debugging Log Report 17 Jun 2015 None Pass at32 Reverse Proxy Admin Portal No Password 05 Apr 2012 7.5 (v2) High Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.22 / 7.1.x < 7.1.20 / 8.0.x < 8.0.13 / 8.1.x < 8.1.5 Multiple Vulnerabilities (PAN-SA-2018-0012) CVE-2018-5391 19 Feb 2019 7.5 (v3) High Pass Sendmail Service Detection 06 Aug 2018 None Pass ePolicy Orchestrator Symlink Arbitrary Privileged File Access CVE-2005-2554 01 Sep 2005 4.9 (v2) Medium Pass TP-Link HTTP Server Detection 01 Oct 2018 None Pass OpenSSH < 4.4 Multiple Vulnerabilities CVE-2006-4924 CVE-2006-4925 CVE-2006-5051 CVE-2006-5052 CVE-2006-5229 CVE-2007-3102 CVE-2008-4109 28 Sep 2006 9.3 (v2) High Pass Cisco NX-OS OTV GRE Packet Header Parameter Handling RCE (cisco-sa-20161005-otv) CVE-2016-1453 18 Oct 2016 9.8 (v3) Critical Pass Citrix XenServer vSwitch Controller < 2.0.0+build11349 Multiple Vulnerabilities 20 Apr 2012 4.3 (v2) Medium Pass Apple iTunes < 11.2 Multiple Vulnerabilities (uncredentialed check) CVE-2014-1296 CVE-2014-8842 16 May 2014 4.3 (v2) Medium Pass 3S CODESYS Runtime 3.x < 3.5.14.20 Multiple Vulnerabilities CVE-2019-9010 CVE-2019-9012 CVE-2019-9013 30 Mar 2020 9.8 (v3) Critical Pass Palo Alto Networks 7.1.x < 7.1.22 / 8.0.x < 8.0.15 / 8.1.x < 8.1.6 Multiple Vulnerabilities (PAN-SA-2019-0002) CVE-2019-1566 20 Feb 2019 6.1 (v3) Medium Pass Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check) CVE-2010-3190 CVE-2014-8146 CVE-2015-1152 CVE-2015-1153 CVE-2015-1157 CVE-2015-1205 CVE-2015-3686 CVE-2015-3687 CVE-2015-3688 CVE-2015-3730 CVE-2015-3731 CVE-2015-3733 CVE-2015-3734 CVE-2015-3735 CVE-2015-3736 CVE-2015-3 26 Oct 2015 9.3 (v2) High Pass CGIProxy < 2.1.2 Multiple Unspeci fi ed Vulnerabilities 23 Apr 2012 7.5 (v2) High Pass VERITAS Storage Foundation NULL NTLMSSP Authentication Bypass (SYM08-015) CVE-2008-3703 15 Aug 2008 10 (v2) Critical Pass Dell EMC Data Protection Central Web Interface Detected 02 Apr 2020 None Pass IBM Spectrum Protect Plus Administrative Console Detection 21 Apr 2020 None Pass Cisco IOS XE Software Common Industrial Protocol Privilege Escalation (cisco-sa-XE-SAP-OPLbze68) CVE-2021-1392 30 Mar 2021 7.8 (v3) High Pass Cisco IOS Software CIP Request DoS (cisco-sa-20160928-cip) CVE-2016-6391 25 Oct 2016 7.5 (v3) High Pass Cisco UCS Director and Cisco UCS Director Express for Big Data Multiple Vuulnerabilities (cisco-sa-ucsd-mult-vulns-UNfpdW4E) CVE-2020-3239 CVE-2020-3240 CVE-2020-3243 CVE-2020-3247 CVE-2020-3248 CVE-2020-3249 CVE-2020-3250 CVE-2020-3251 CVE-2020-3252 21 Apr 2020 9.8 (v3) Critical Pass Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities CVE-2014-9495 CVE-2015-0973 CVE-2015-1819 CVE-2015-3195 CVE-2015-5312 CVE-2015-7499 CVE-2015-7500 CVE-2015-7551 CVE-2015-7942 CVE-2015-8035 CVE-2015-8126 CVE-2015-8242 CVE-2015-8472 CVE-2015-8659 CVE-2016-0777 CVE-2016-0 22 Mar 2016 9.8 (v3) Critical Pass BeanShell Remote Server Mode Arbitrary Code Execution 03 May 2012 10 (v2) Critical Pass 3S CODESYS Runtime 3.x < 3.5.15.40 Multiple Vulnerabilities CVE-2019-5105 CVE-2020-10245 30 Apr 2020 9.8 (v3) Critical Pass macOS 10.12.x < 10.12.1 Multiple Vulnerabilities CVE-2016-4660 CVE-2016-4661 CVE-2016-4667 CVE-2016-4669 CVE-2016-4670 CVE-2016-4673 CVE-2016-4674 CVE-2016-4675 CVE-2016-4678 CVE-2016-4679 CVE-2016-4688 CVE-2016-4721 CVE-2016-4780 CVE-2016-7577 CVE-2016-7579 CVE-2016-7 25 Oct 2016 7.8 (v3) High Pass PHP PHP-CGI Query String Parameter Injection Arbitrary Code Execution CVE-2012-1823 CVE-2012-2311 14 May 2012 7.5 (v2) High Pass PHP 5.3.x < 5.3.13 CGI Query String Code Execution CVE-2012-2311 CVE-2012-2335 CVE-2012-2336 09 May 2012 7.5 (v2) High Pass Cisco Firepower Device Manager On-Box Software XML Parsing (cisco-sa-xpftd-gYDXyN8H) CVE-2020-3310 10 Jul 2020 4.9 (v3) Medium Pass Kibana ESA-2018-05 CVE-2018-3821 14 Jan 2019 6.1 (v3) Medium Pass McAfee WebShield UI Dashboard XSS (SB10026) CVE-2012-4597 16 May 2012 4.3 (v2) Medium Pass McAfee WebShield UI mui Directory Traversal (SB10026) CVE-2012-4596 16 May 2012 4.3 (v2) Medium Pass Caldera 'cdir' Parameter Absolute Path Directory Traversal CVE-2014-2933 05 Jun 2014 5 (v2) Medium Pass IBM San Volume Controller / Storwize / FlashSystem Arbitrary File Read (CVE-2018-1775) CVE-2018-1775 14 Jun 2019 6.5 (v3) Medium Pass Liferay Portal Default Credentials 22 May 2012 7.5 (v2) High Pass Inductive Automation Ignition 8.x < 8.0.10 Multiple Vulnerabilities CVE-2020-10641 CVE-2020-10644 CVE-2020-12000 CVE-2020-12004 11 Jun 2020 7.5 (v3) High Pass OpenSSL 1.1.1 < 1.1.1c Vulnerability CVE-2019-1543 03 Jun 2019 7.4 (v3) High Pass ManageEngine AssetExplorer Multiple Vulnerabilities 16 Nov 2015 5 (v2) Medium Pass PacketVideo TwonkyServer Directory Traversal 23 May 2012 5 (v2) Medium Pass SAP Netweaver Application Server (AS) HTTP Server Detection 15 Jul 2020 None Pass HP SAN/iQ < 9.5 Root Shell Command Injection CVE-2012-4361 01 Jun 2012 7.7 (v2) High Pass Cisco IP Phone SIP Detection 20 Jul 2020 None Pass Cisco Small Business RV132W and RV134W Routers Management Interface RCE / DoS (cisco-sa-rv-132w134w-over fl ow-Pptt4H2p) CVE-2021-1287 25 Mar 2021 7.2 (v3) High Pass Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities CVE-2013-1862 CVE-2013-1896 CVE-2013-4073 CVE-2013-4113 CVE-2013-4248 CVE-2013-5986 CVE-2013-5987 CVE-2013-6420 CVE-2013-6629 CVE-2014-1245 CVE-2014-1246 CVE-2014-1247 CVE-2014-1248 CVE-2014-1249 CVE-2014-1250 CVE-2014-1 25 Feb 2014 10 (v2) Critical Pass TLS Version 1.0 Protocol Detection 22 Nov 2017 6.5 (v3) Medium Pass Open WebMail sessionid Parameter XSS CVE-2005-2863 21 Sep 2005 4.3 (v2) Medium Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.2 Multiple Vulnerabilities CVE-2013-5372 CVE-2013-5780 CVE-2013-5803 CVE-2013-6323 CVE-2013-6325 CVE-2013-6329 CVE-2013-6438 CVE-2013-6725 CVE-2013-6738 CVE-2013-6747 CVE-2014-0050 CVE-2014-0823 CVE-2014-0857 CVE-2014-0859 CVE-2014-0891 CVE-2014-0 29 May 2014 7.5 (v2) High Pass IBM MQ Service Detection 28 Jul 2020 None Pass Titan FTP Server SITE WHO Command Resource Consumption DoS CVE-2008-6082 16 Oct 2008 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.19 Multiple Vulnerabilities CVE-2017-15940 CVE-2017-15942 CVE-2017-15943 CVE-2017-15944 15 Dec 2017 9.8 (v3) Critical Pass Cisco NX-OS Software Unauthorized Administrator Account (cisco-sa-20180620-nxosadmin) CVE-2018-0294 14 Jul 2020 6.7 (v3) Medium Pass Palo Alto Networks PAN-OS < 4.0.8 Multiple Vulnerabilities CVE-2012-6590 CVE-2012-6598 05 Mar 2014 9 (v2) High Pass Network UPS Tools Cleartext Authentication 22 Jun 2012 6.8 (v2) Medium Pass MobileIron Core API Detection 09 Oct 2020 None Pass Elasticsearch ESA-2018-19 CVE-2018-17247 18 Jan 2019 5.9 (v3) Medium Pass Cisco IoT Field Network Director Web UI Detection. 30 Sep 2020 None Pass MailEnable IMAP Server W3C Logging Over fl ow CVE-2005-3155 04 Oct 2005 7.5 (v2) High Pass Juniper Junos Multiple CLI Command Handling Local Privilege Escalations (JSA10763) CVE-2016-4922 27 Oct 2016 7.8 (v3) High 2

Pass Kerio WinRoute Firewall Web Server Remote Source Code Disclosure 20 Jun 2012 5 (v2) Medium Pass Cisco Prime Collaboration Assurance 10.5.1.x < 10.5.1.58480 Multiple Vulnerabilities CVE-2015-6328 CVE-2015-6331 09 May 2016 6.8 (v2) Medium Pass Apache Tomcat 8.5.0 < 8.5.63 Multiple Vulnerabilities CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 04 Mar 2021 7.5 (v3) High Pass NSClient Default Password 20 Jul 2009 5 (v2) Medium Pass Basilic di ff .php Command Injection CVE-2012-3399 05 Jul 2012 7.5 (v2) High Pass SecurityReporter < 4.6.3p1 Multiple Vulnerabilities CVE-2007-3985 CVE-2007-3986 06 Sep 2007 5 (v2) Medium Pass Palo Alto Networks PAN-OS 6.1.x <= 6.1.20 / 7.1.x < 7.1.21 / 8.0.x < 8.0.14 / 8.1.x < 8.1.4 Multiple Vulnerabilities (PAN-SA-2018-0015) CVE-2018-0732 CVE-2018-0737 CVE-2018-0739 29 Mar 2019 5.9 (v3) Medium Pass Altiris Deployment Solution Server DB Manager Unauthenticated Command Execution CVE-2009-3107 31 Aug 2009 7.5 (v2) High Pass Spiceworks HTTP Response Accept Header Handling Over fl ow DoS 11 Aug 2009 10 (v2) Critical Pass Citrix NetScaler Application Delivery Controller Multiple Vulnerabilities CVE-2012-2141 CVE-2013-6938 CVE-2013-6939 CVE-2013-6940 CVE-2013-6941 CVE-2013-6942 CVE-2013-6943 CVE-2013-6944 26 Mar 2014 10 (v2) Critical Pass Novell GroupWise WebAccess User.interface Directory Traversal CVE-2012-0410 13 Jul 2012 5 (v2) Medium Pass Scrutinizer < 9.5.2 exporters.php XSS CVE-2012-3848 23 Aug 2012 4.3 (v2) Medium Pass Juniper Junos vMX 14.1 < 14.1R8 / 15.1 < 15.1F5 Local Information Disclosure (JSA10766) CVE-2016-4924 04 Nov 2016 6.5 (v3) Medium Pass WordPress < 2.8.4 Password Reset CVE-2009-2762 12 Aug 2009 6.4 (v2) Medium Pass Apache Tomcat 7.0.0 < 7.0.108 RCE CVE-2020-9484 CVE-2021-25329 05 Mar 2021 7 (v3) High Pass OpenWrt Router with a Blank Password (telnet check) CVE-1999-0508 23 Jul 2009 10 (v2) Critical Pass Cisco IOS Software Multiple Network Address Translation (NAT) Denial of Service Vulnerabilities (cisco-sa-20140326-nat) CVE-2014-2109 CVE-2014-2111 04 Apr 2014 7.8 (v2) High Pass Xerox WorkCentre Web Services Extensible Interface Platform Unauthorized Access (XRX09-003) 28 Aug 2009 5 (v2) Medium Pass CMS Made Simple url Parameter Arbitrary File Access 11 Aug 2009 5 (v2) Medium Pass Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1) CVE-2016-6381 14 Nov 2016 7.5 (v3) High Pass Apple iTunes < 9.0.1 PLS File Bu ff er Over fl ow (uncredentialed check) CVE-2009-2817 23 Sep 2009 9.3 (v2) High Pass Browsable Web Directories 15 Sep 2009 5.3 (v3) Medium Pass Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities CVE-2008-2286 CVE-2008-2287 CVE-2008-2288 CVE-2008-2289 CVE-2008-2291 15 May 2008 10 (v2) Critical Pass Dell OpenManage Server Administrator omalogin.html DOM-based XSS CVE-2012-4955 20 Nov 2012 6.1 (v3) Medium Pass NaviCOPA ::$DATA Extension Request Source Code Disclosure CVE-2009-3646 28 Sep 2009 5 (v2) Medium Pass McAfee Web Gateway Multiple OpenSSL Vulnerabilities (SB10075) CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 19 Jun 2014 6.8 (v2) Medium Pass SNMP Agent Default Community Name (public) CVE-1999-0517 25 Nov 2002 7.5 (v2) High Pass Adobe RoboHelp Server Security Bypass (APSA09-05) CVE-2009-3068 30 Sep 2009 10 (v2) Critical Pass Adobe RoboHelp Server Security Bypass (APSA09-05 / intrusive check) CVE-2009-3068 30 Sep 2009 10 (v2) Critical Pass NaviCOPA Encoded Space Request Source Code Disclosure CVE-2009-4529 15 Oct 2009 5 (v2) Medium Pass CGI Generic SSI Injection 07 Oct 2009 7.5 (v2) High Pass CGI Generic Local File Inclusion 07 Oct 2009 5 (v2) Medium Pass Unencrypted Telnet Server 27 Oct 2009 6.5 (v3) Medium Pass Infoblox IPAM Appliance Default Credentials 22 Oct 2009 7.5 (v2) High Pass OSSIM Web Frontend Default Credentials 02 Nov 2009 7.5 (v2) High Pass XOOPS misc.php Query String XSS CVE-2009-3963 10 Nov 2009 4.3 (v2) Medium Pass osCommerce fi le_manager.php Arbitrary PHP Code Injection 03 Nov 2009 7.5 (v2) High Pass OpenVMPS Logging Function Format String CVE-2005-4714 20 Oct 2005 7.5 (v2) High Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10629) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 05 Aug 2014 6.8 (v2) Medium Pass CGI Generic SQL Injection (HTTP Cookies) 06 Nov 2009 7.5 (v2) High Pass SugarCRM on Apache / Windows .htaccess Direct Request Arbitrary File Access 01 Dec 2009 5 (v2) Medium Pass CGI Generic SSI Injection (HTTP headers) 06 Nov 2009 7.5 (v2) High Pass Gallery Plugin for WordPress 'load' Parameter Remote File Inclusion CVE-2012-4919 11 Feb 2013 7.5 (v2) High Pass Symantec (Blue Coat) Reporter CLI OS Command Injection Vulnerability (SYMSA1465) CVE-2018-12237 18 Jan 2019 7.2 (v3) High Pass Novell eDirectory < 8.8.5.2 / 8.7.3.10 ftf2 'NDS Verb' Request Bu ff er Over fl ow CVE-2009-0895 07 Dec 2009 10 (v2) Critical Pass OpenSSH X11 Forwarding Session Hijacking CVE-2008-1483 CVE-2008-3234 03 Apr 2008 6.9 (v2) Medium Pass Juniper Junos CLI Local Privilege Escalation (JSA10803) CVE-2017-10602 31 Jul 2017 7.8 (v3) High Pass Kiwi Syslog Server Web Access Login Username Enumeration 14 Dec 2009 5 (v2) Medium Pass Sun Java System Identity Manager Default Credentials 15 Dec 2008 7.5 (v2) High Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10649) CVE-2014-3509 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 14 Oct 2014 7.5 (v2) High Pass Snitz Forums 2000 active.asp HTTP X-Forwarded-For Header SQL Injection 07 Jan 2010 7.5 (v2) High Pass TurboFTP Server < 1.00.720 DoS 13 Jan 2010 4 (v2) Medium Pass Novell NetWare 6.5 OpenSSH Remote Stack Bu ff er Over fl ow 04 Oct 2011 9 (v2) High Pass OpenSSH < 2.9.9p1 Resource Limit Bypass CVE-2001-1459 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 2.9.9 / 2.9p2 Symbolic Link 'cookies' File Removal CVE-2001-0529 04 Oct 2011 3.3 (v2) Low Pass OpenSSH < 3.2.3 YP Netgroups Authentication Bypass CVE-2002-0765 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 2.9.9p2 echo simulation Information Disclosure CVE-2001-1382 04 Oct 2011 5 (v2) Medium Pass Juniper Junos J-Web Re fl ected XSS (JSA10764) CVE-2016-4923 27 Oct 2016 4.3 (v3) Medium Pass OpenSSH < 4.0 known_hosts Plaintext Host Information Disclosure CVE-2005-2666 CVE-2007-4654 CVE-2004-2760 04 Oct 2011 1.2 (v2) Low Pass OpenSSH < 4.3 scp Command Line Filename Processing Command Injection CVE-2006-0225 04 Oct 2011 4.6 (v2) Medium Pass OpenSSH < 4.7 Trusted X11 Cookie Connection Policy Bypass CVE-2007-4752 CVE-2007-2243 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 4.9 'ForceCommand' Directive Bypass CVE-2008-1657 04 Oct 2011 6.5 (v2) Medium Pass Web Server Generic Cookie Injection 25 Jan 2010 4.3 (v2) Medium Pass SAP BusinessObjects 'HappyAxis2.jsp' Information Disclosure 01 Feb 2010 5 (v2) Medium Pass MoinMoin Detection 02 Feb 2010 None Pass QMTP Open Relay 15 May 2009 7.8 (v2) High Pass Web Application SQL Backend Identi fi cation 19 Feb 2010 5 (v2) Medium Pass Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE) CVE-2014-1595 CVE-2014-3192 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-4371 CVE-2014-4389 CVE-2014-4419 CVE-2014-4420 CVE-2014-4421 CVE-2014-4460 CVE-2014-4461 CVE-2014-4476 CVE-2014-4477 CVE-2014-4479 CVE-2014-4 29 Jan 2015 9.8 (v3) Critical Pass Zabbix node_process_command() Function Crafted Request Arbitrary Command Execution CVE-2009-4498 15 Feb 2010 8.8 (v3) High Pass IBM WebSphere Application Server < 6.0.2.35 Multiple Vulnerabilities CVE-2009-1898 CVE-2009-1899 CVE-2009-1900 CVE-2009-1901 02 Jun 2009 5 (v2) Medium Pass Splunk 5.0.x < 5.0.3 Multiple Vulnerabilities CVE-2012-6447 CVE-2013-0166 CVE-2013-0169 06 Jun 2013 4.3 (v2) Medium Pass Cisco Nexus 9000 ACI Mode Shell Escape Vulnerability (cisco-sa-20190306-aci-shell-escape) CVE-2019-1591 01 Jun 2020 7.8 (v3) High Pass SpamAssassin Milter Plugin 'ml fi _envrcpt()' Remote Arbitrary Command Injection CVE-2010-1132 09 Mar 2010 10 (v2) Critical Pass MyDoom Virus Backdoor Detection 27 Jan 2004 10 (v2) Critical Pass CGI Generic Command Execution (time-based) 19 Feb 2010 7.5 (v2) High Pass McAfee LinuxShield Login Username Enumeration 04 Mar 2010 5 (v2) Medium Pass SilverStripe CMS Running in Development Mode 01 Mar 2010 5 (v2) Medium Pass Apache 2.2.x < 2.2.14 Multiple Vulnerabilities CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 07 Oct 2009 7.3 (v3) High Pass Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787) CVE-2017-2341 23 Aug 2017 8.8 (v3) High Pass Session Fixation Attack on HTTP Cookies 17 Mar 2010 7.5 (v2) High Pass Multiple Vendor phf CGI Arbitrary Command Execution CVE-1999-0067 22 Jun 1999 10 (v2) Critical Pass eScan MWAdmin forgotpassword.php uname Parameter Arbitrary Command Execution 25 Mar 2010 10 (v2) Critical Pass Hyperic HQ Web GUI Default Credentials 26 Mar 2010 7.5 (v2) High Pass Juniper Junos SRX DHCP fl owd DHCP Packet Handling DoS (JSA10789) CVE-2017-10605 23 Aug 2017 7.5 (v3) High Pass Mac OS X FTP Server Directory Traversal CVE-2010-0501 30 Mar 2010 5 (v2) Medium Pass IBM WebSphere Application Server 6.0 < 6.0.2.17 Multiple Vulnerabilities CVE-2006-6636 CVE-2006-6637 05 Apr 2010 10 (v2) Critical Pass SSL Certi fi cate with Wrong Hostname 03 Apr 2010 5.3 (v3) Medium Pass IBM WebSphere Application Server 6.0 < 6.0.2.23 Unspeci fi ed Vulnerability (PK45726) CVE-2007-5483 05 Apr 2010 10 (v2) Critical Pass IBM WebSphere Application Server 6.0 < 6.0.2.19 HTTP Response Splitting CVE-2007-1608 05 Apr 2010 7.5 (v2) High Pass Apple Mac OS X Wiki Server File Upload Security Bypass CVE-2010-0523 08 Apr 2010 5 (v2) Medium Pass Cisco NX-OS Multiple ntpd Vulnerabilities CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 18 Mar 2015 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.41 Multiple Vulnerabilities CVE-2010-0768 CVE-2010-0769 CVE-2010-0770 CVE-2010-0774 CVE-2010-0775 06 Apr 2010 4.3 (v2) Medium Pass Apache CouchDB Unauthenticated Administrative Access 07 Apr 2010 7.5 (v2) High Pass Samba < 3.0.35 / 3.2.13 / 3.3.6 Multiple Vulnerabilities CVE-2009-1886 CVE-2009-1888 CVE-2006-3403 24 Jun 2009 3.5 (v2) Low Pass VLC Web Interface XML Services Remote Command Execution CVE-2013-3564 23 Jul 2013 6.3 (v3) Medium Pass Apple Mac OS X Wiki Server Weblog SACL Security Bypass CVE-2010-0534 08 Apr 2010 4 (v2) Medium Pass Juniper Junos SRX Integrated User Firewall Hardcoded Credentials (JSA10791) CVE-2017-2343 23 Aug 2017 10 (v3) Critical Pass WindWeb <= 2.0 Malformed GET Request Remote DoS CVE-2005-3475 28 Oct 2005 5 (v2) Medium Pass Juniper Junos snmpd SNMP Packet Handling RCE (JSA10793) CVE-2017-2345 23 Aug 2017 9.8 (v3) Critical Pass Nessus Web UI Scanned Content Stored XSS CVE-2014-7280 25 Feb 2016 4.1 (v3) Medium Pass HP LaserJet Pro /IoMgmt/Adapters/wi fi 0/WPS/Pin WPS PIN Disclosure CVE-2013-4807 09 Aug 2013 7.8 (v2) High Pass Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities CVE-2005-3352 CVE-2006-5752 CVE-2007-3847 CVE-2007-5000 CVE-2007-6388 CVE-2008-2364 CVE-2010-0425 CVE-2010-0434 CVE-2010-2068 CVE-2011-0419 CVE-2011-3348 CVE-2012-2687 11 Aug 2013 10 (v2) Critical Pass CGI Generic XSS (HTTP Headers) 30 Apr 2010 2.6 (v2) Low Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10679) (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 21 Apr 2015 5 (v2) Medium Pass Ektron CMS400.NET 'workarea/reterror.aspx' info Parameter XSS 30 Apr 2010 4.3 (v2) Medium Pass Fixed HTTP Session Cookies 30 Apr 2010 5.6 (v3) Medium Pass Juniper Junos rpd MPLS Ping Packet Handling DoS (JSA10795) CVE-2017-2347 23 Aug 2017 6.5 (v3) Medium Pass Virtualizor < 2.3.1 Unspeci fi ed SQL Injection 24 Jul 2013 9 (v2) High Pass Resin resin-admin/digest.php XSS CVE-2010-2032 21 May 2010 4.3 (v2) Medium Pass Cisco NX-OS IS-IS Packet Processing Denial of Service Vulnerability CVE-2017-3804 07 Sep 2017 6.1 (v3) Medium Pass ManageEngine ADManager Plus 'computerName' Parameter XSS CVE-2010-5050 02 Jun 2010 4.3 (v2) Medium Pass Cisco Email Security Appliance Malformed EML Attachment Bypass Vulnerability (cisco-sa-20170906-esa) CVE-2017-12218 08 Sep 2017 5.8 (v3) Medium 3

Pass ManageEngine ADManager Plus Default Credentials 02 Jun 2010 7.5 (v2) High Pass PRTG Tra ffi c Grapher login.htm url Parameter XSS 10 Jun 2010 4.3 (v2) Medium Pass Apache Axis2 Default Credentials CVE-2010-0219 27 May 2010 7.5 (v2) High Pass Xerox WorkCentre Multiple Unspeci fi ed Vulnerabilities (XRX10-003) 21 Jun 2010 10 (v2) Critical Pass Palo Alto Networks PAN-OS 6.1.x / 7.0.x < 7.0.18 / 7.1.x < 7.1.12 / 8.0.x < 8.0.4 Network Time Protocol Vulnerability CVE-2017-6460 14 Sep 2017 8.8 (v3) High Pass Apache Tomcat 3.x < 3.2.2 JSP Error Condition XSS CVE-2001-0829 02 Nov 2010 5.6 (v3) Medium Pass Super Simple Blog Script entry Parameter SQL Injection CVE-2009-2553 20 Oct 2010 7.5 (v2) High Pass Terminal Services Encryption Level is not FIPS-140 Compliant 11 Feb 2008 2.6 (v2) Low Pass Aruba Networks ClearPass Policy Manager 6.7.x < 6.7.13-HF / 6.8.x < 6.8.5-HF / 6.9.x < 6.9.1 Multiple Vulnerabilities (ARUBA-PSA-2020-005) CVE-2020-7115 CVE-2020-7116 CVE-2020-7117 17 Jul 2020 9.8 (v3) Critical Pass Cisco TelePresence CVE-2013-3377 Malformed SIP Packet Handling Remote DoS CVE-2013-3377 24 Jul 2013 7.8 (v2) High Pass Juniper Junos DoS Telnet Vulnerability (JSA10817) CVE-2017-10614 CVE-2017-10621 20 Oct 2017 7.5 (v3) High Pass Splunk 4.x < 4.1.3 404 Response XSS CVE-2010-2429 07 Jul 2010 4.3 (v2) Medium Pass Fake SMTP/FTP Server Detection (possible backdoor) 19 May 2008 10 (v2) Critical Pass CUPS Memory Information Disclosure CVE-2010-1748 14 Jul 2010 4.3 (v2) Medium Pass Juniper Junos BGP Update Vulnerability (JSA10820) CVE-2017-10618 20 Oct 2017 7.5 (v3) High Pass Apple iTunes < 12.4.2 Multiple Vulnerabilities (uncredentialed check) CVE-2016-1684 CVE-2016-1836 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4607 CVE-2016-4608 CVE-2016-4609 CVE-2016-4610 CVE-2016-4612 CVE-2016-4614 CVE-2016-4615 CVE-2016-4616 CVE-2016-4619 19 Jul 2016 9.8 (v3) Critical Pass CGI Generic Open Redirection 26 Jul 2010 4.3 (v2) Medium Pass HP Systems Insight Manager Multiple Products Authentication Bypass CVE-2010-3986 CVE-2010-4100 CVE-2010-4103 11 Nov 2010 7.5 (v2) High Pass vBulletin Database Credentials Information Disclosure 27 Jul 2010 5 (v2) Medium Pass Cisco IOS Software TFTP DoS (cisco-sa-20150722-tftp) CVE-2015-0681 30 Jul 2015 7.1 (v2) High Pass Wing FTP Server < 3.2.0 PORT Command DoS 02 Aug 2010 5 (v2) Medium Pass Wing FTP Server < 3.6.1 Multiple Flaws 02 Aug 2010 4 (v2) Medium Pass Juniper Junos DoS Vulnerability (JSA10821) CVE-2017-10619 20 Oct 2017 7.5 (v3) High Pass Oracle WebLogic Server Plug-in HTTP Injection CVE-2010-2375 29 Jul 2010 6.4 (v2) Medium Pass Juniper Junos bfdd RCE (JSA10690) CVE-2015-5362 04 Aug 2015 9.3 (v2) High Pass HP Power Manager < 4.3.2 CVE-2010-4113 16 Dec 2010 10 (v2) Critical Pass Xerver Double Slash Authentication Bypass 05 Aug 2010 7.5 (v2) High Pass Oracle BPM Process Administrator tips.jsp context Parameter XSS CVE-2010-2370 16 Aug 2010 4.3 (v2) Medium Pass BlackMoon FTP Server Denial of Service CVE-2011-0507 20 Jan 2011 5 (v2) Medium Pass Web Application Session Cookies Not Marked HttpOnly 25 Aug 2010 4.3 (v2) Medium Pass CGI Generic HTML Injections (quick test) 01 Sep 2010 4.3 (v2) Medium Pass Wing FTP Server < 3.6.6 DoS 01 Sep 2010 5 (v2) Medium Pass Open-Realty index.php select_users_lang Parameter Traversal Local File Inclusion 23 Aug 2010 7.5 (v2) High Pass Splunk Free Detection 01 Sep 2010 7.5 (v2) High Pass Web Application Session Cookies Not Marked Secure 14 Sep 2010 4.3 (v2) Medium Pass Majordomo 2 _list_ fi le_get() Function Traversal Arbitrary File Access CVE-2011-0049 CVE-2011-0063 16 Feb 2011 5 (v2) Medium Pass Multiple Switch Vendors '__super' Account Backdoor 14 Sep 2010 8.8 (v3) High Pass OpenSSL 1.1.0 < 1.1.0a Multiple Vulnerabilities CVE-2016-6304 CVE-2016-6305 CVE-2016-6307 CVE-2016-6308 30 Sep 2016 7.5 (v3) High Pass Novell BorderManager Port 2000 Telnet DoS CVE-2000-0152 09 Feb 2000 5 (v2) Medium Pass Mura CMS Default Administrator Credentials 30 Sep 2010 7.5 (v2) High Pass Vtiger CRM graph.php Directory Traversal CVE-2009-3249 14 Mar 2011 7.5 (v2) High Pass Oracle WebLogic Server Servlet Container Session Fixation CVE-2010-4437 22 Mar 2011 5.8 (v2) Medium Pass Cisco Prime Collaboration Assurance Multiple Vulnerabilities (cisco-sa-20100217-csa) CVE-2015-4304 CVE-2015-4305 CVE-2015-4306 25 Sep 2015 9 (v2) High Pass Nagios XI < 2009R1.3C grab_request_var() Multiple XSS 06 Oct 2010 4.3 (v2) Medium Pass SSH with Kerberos NFS Share Ticket Disclosure CVE-2000-0575 16 Jul 2000 2.6 (v2) Low Pass VMware vCenter Multiple Vulnerabilities (VMSA-2015-0008) CVE-2015-3269 CVE-2015-5255 22 Dec 2015 5 (v2) Medium Pass DNS Server Recursive Query Cache Poisoning Weakness CVE-1999-0024 27 Oct 2000 5 (v2) Medium Pass Cisco Prime Collaboration Provisioning 9.0.x / 11.0.x < 11.1 Local Privilege Escalation (cisco-sa-20160209-pcp) CVE-2016-1320 09 Sep 2016 6.7 (v3) Medium Pass Apple iTunes < 10.2.2 Multiple Vulnerabilities (uncredentialed check) CVE-2011-1290 CVE-2011-1344 19 Apr 2011 9.3 (v2) High Pass WordPress fGallery ' fi m_rss.php' 'album' Parameter SQL Injection CVE-2008-0491 28 Jan 2008 7.5 (v2) High Pass MS11-030: Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553) (remote check) CVE-2011-0657 21 Apr 2011 10 (v2) Critical Pass Cisco CatOS VACM read-write Community String Device Con fi guration Manipulation CVE-2004-1775 15 Jun 2001 10 (v2) Critical Pass 3Proxy HTTP Proxy Crafted Transparent Request Remote Over fl ow CVE-2007-2031 14 Feb 2008 7.5 (v2) High Pass SSH (SSF Derivative) Detection 12 Mar 2008 2.6 (v2) Low Pass OpenSSH < 3.0.2 Multiple Vulnerabilities CVE-2001-0872 CVE-2001-1029 10 Dec 2001 7.2 (v2) High Pass MiniWebsvr GET Request Traversal Arbitrary File Access 04 Mar 2008 5 (v2) Medium Pass pfSense < 2.3 Multiple Vulnerabilities (SA-16_01 - SA-16_02) CVE-2015-3197 CVE-2015-5300 CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8139 CVE-2015-8140 CVE-2015-8158 CVE-2016-0702 CVE-2016-0703 CVE-2016-0 31 Jan 2018 9.8 (v3) Critical Pass HP Intelligent Management Center TFTP Multiple Vulnerabilities CVE-2011-1849 CVE-2011-1851 CVE-2011-1852 CVE-2011-1853 07 Jun 2011 10 (v2) Critical Pass EMC Documentum eRoom Indexing Server Hummingbird Client Connector Bu ff er Over fl ow CVE-2011-1741 29 Jul 2011 10 (v2) Critical Pass Versant Connection Services Daemon Arbitrary Command Execution CVE-2008-1319 12 Mar 2008 10 (v2) Critical Pass VLC Media Player network/httpd.c httpd_FileCallBack Function Connection Parameter Format String CVE-2007-6682 21 Mar 2008 7.5 (v2) High Pass EMC AlphaStor Library Manager Remote Code Execution CVE-2008-2157 01 Jul 2008 10 (v2) Critical Pass Cisco NX-OS System Software Authentication, Authorization, and Accounting Denial of Service Vulnerability Vulnerability CVE-2017-3883 26 Oct 2017 8.6 (v3) High Pass Apache < 2.0.59 mod_rewrite LDAP Protocol URL Handling Over fl ow CVE-2006-3747 26 Mar 2008 7.3 (v3) High Pass Web Server Uses Non Random Session IDs 26 Mar 2008 5.4 (v3) Medium Pass Apache mod_jk2 Host Header Multiple Fields Remote Over fl ow CVE-2007-6258 04 Apr 2008 7.3 (v3) High Pass Malware Payload Code detection 11 Apr 2008 10 (v2) Critical Pass IPSwitch IMail SMTP Multiple Vulnerabilities (OF, DoS) CVE-2001-0039 CVE-2001-0494 05 Jun 2002 9.3 (v2) High Pass Jigsaw < 2.2.4 Unspeci fi ed URI Parsing Unspeci fi ed Vulnerability CVE-2004-2274 22 Feb 2004 7.5 (v2) High Pass ESXi 5.1 < Build 1900470 OpenSSL Library Multiple Vulnerabilities (remote check) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 24 Jun 2014 5.8 (v2) Medium Pass Novell eDirectory Host Environment Service (dhost.exe) HTTP Connection Header DoS CVE-2008-0927 16 Apr 2008 7.8 (v2) High Pass WS_FTP Server SITE CPWD Command Remote Over fl ow CVE-2002-0826 21 Aug 2002 7.5 (v2) High Pass WordPress index.php 'cat' Parameter Local File Inclusion CVE-2008-4769 29 Apr 2008 6.8 (v2) Medium Pass SSH Multiple Remote Vulnerabilities CVE-2002-1357 CVE-2002-1358 CVE-2002-1359 CVE-2002-1360 20 Dec 2002 5 (v2) Medium Pass WEBrick Encoded Traversal Arbitrary CGI Source Disclosure CVE-2008-1891 17 Apr 2008 5 (v2) Medium Pass Debian OpenSSH/OpenSSL Package Random Number Generator Weakness CVE-2008-0166 14 May 2008 10 (v2) Critical Pass Cloudera Manager < 4.8.3 / 5.x < 5.0.1 Information Disclosure CVE-2014-0220 26 Jun 2014 4 (v2) Medium Pass MySQL Enterprise Server 5.0 < 5.0.60 MyISAM CREATE TABLE Privilege Check Bypass CVE-2008-2079 09 May 2008 3.5 (v2) Low Pass CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996) CVE-2008-2241 CVE-2008-2242 22 May 2008 10 (v2) Critical Pass SecurityGateway < 1.0.2 Administration Interface username Field Remote Over fl ow CVE-2008-4193 06 Jun 2008 10 (v2) Critical Pass Kismet Server Information Disclosure 25 Jun 2008 5 (v2) Medium Pass Lyris ListManager read/search/results words Parameter XSS CVE-2008-2923 18 Jun 2008 4.3 (v2) Medium Pass SurgeMail IMAP Service APPEND Command Remote DoS CVE-2008-2859 CVE-2008-7182 30 Jun 2008 4 (v2) Medium Pass Wordtrans-web exec_wordtrans Function Arbitrary Command Execution 02 Jul 2008 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.15 / 8.0.x < 8.0.7 Multiple Vulnerabilities (ROBOT) CVE-2017-15941 CVE-2017-16878 CVE-2017-17841 18 Jan 2018 6.1 (v3) Medium Pass Generic Backdoor Detection (banner check) 20 Aug 2008 10 (v2) Critical Pass VMware vCenter Server Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE) CVE-2014-3566 CVE-2014-6549 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0403 CVE-2015-0406 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0 01 May 2015 10 (v2) Critical Pass Mambo < 4.6.5 mos_user_template Local File Inclusion 11 Jul 2008 5.1 (v2) Medium Pass Aruba Networks ClearPass Policy Manager 6.7.x < 6.7.13 / 6.8.x < 6.8.4 Multiple Vulnerabilities (ARUBA-PSA-2020-004) CVE-2020-7110 CVE-2020-7111 CVE-2020-7113 CVE-2020-7114 01 May 2020 9.8 (v3) Critical Pass Apache 2.2.x < 2.2.13 APR apr_palloc Heap Over fl ow CVE-2009-2412 19 Jan 2012 9.8 (v3) Critical Pass Asterisk IAX2 FWDOWNL Request Spoo fi ng Remote DoS CVE-2008-3264 24 Jul 2008 5 (v2) Medium Pass Asterisk IAX2 (IAX) POKE Request Saturation Resource Exhaustion Remote DoS CVE-2008-3263 25 Jul 2008 5 (v2) Medium Pass MySQL Enterprise Monitor < 2.3.17 Multiple Vulnerabilities CVE-2014-0050 CVE-2014-0094 CVE-2014-0112 CVE-2014-0113 CVE-2014-0116 08 May 2015 7.5 (v2) High Pass Macromedia ColdFusion MX CFIDE/probe.cfm Direct Request Path Disclosure CVE-2003-1469 30 Apr 2003 5 (v2) Medium Pass XAMPP Example Pages Detection 05 Aug 2008 7.5 (v2) High Pass Management Center for Cisco Security Agents Remote Code Execution (cisco-sa-20110216-csa) CVE-2011-0364 18 Sep 2013 10 (v2) Critical Pass PowerDNS Authoritative Server Malformed Query Cache Poisoning Weakness CVE-2008-3337 12 Aug 2008 7.1 (v2) High Pass MailScan WebAdministrator Cookie Authentication Bypass CVE-2008-3729 17 Aug 2008 7.5 (v2) High Pass HP Managed Printing Administration jobDelivery Script Directory Traversal (intrusive check) CVE-2011-4168 26 Jan 2012 5 (v2) Medium Pass MS Site Server < 3.0 formslogin.asp url Parameter XSS CVE-2002-2073 18 Aug 2008 4.3 (v2) Medium Pass OpenSSL 0.9.8 < 0.9.8zg Multiple Vulnerabilities CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 12 Jun 2015 6.8 (v2) Medium Pass Default Password (000000) for 'admin' on WIP5000 IP Phone 16 Sep 2008 10 (v2) Critical Pass MS Executable Detection 20 Aug 2008 10 (v2) Critical Pass Web Server Generic 3xx Redirect 18 Aug 2008 4.3 (v2) Medium Pass Microsoft Windows SMBv1 Multiple Vulnerabilities CVE-2017-0267 CVE-2017-0268 CVE-2017-0269 CVE-2017-0270 CVE-2017-0271 CVE-2017-0272 CVE-2017-0273 CVE-2017-0274 CVE-2017-0275 CVE-2017-0276 CVE-2017-0277 CVE-2017-0278 CVE-2017-0279 CVE-2017-0280 26 May 2017 8.1 (v3) High Pass Apache Unomi Detection. 14 Jan 2021 None Pass Apple iTunes < 8.0 Integer Bu ff er Over fl ow (uncredentialed check) CVE-2008-3636 10 Sep 2008 7.2 (v2) High Pass MySQL Enterprise Server 5.0 < 5.0.66 Empty Bit-String Literal Token SQL Statement DoS CVE-2008-3963 11 Sep 2008 4 (v2) Medium Pass Default Password (admin) for 'admin' Account CVE-1999-0502 04 Sep 2008 9.8 (v3) Critical Pass Novell PlateSpin Orchestrate Remote Code Execution 19 Oct 2010 10 (v2) Critical Pass Xerox WorkCentre Samba Over fl ow (XRX08-009) CVE-2008-1105 19 Sep 2008 7.6 (v2) High Pass ISC BIND 9 for Windows UDP Client Handler Remote DoS CVE-2008-4163 20 Sep 2008 5 (v2) Medium 4

Pass ReviewPost PHP Pro Multiple Script SQL Injections CVE-2004-2175 04 Feb 2004 7.5 (v2) High Pass IBM DataPower Gateway Security Bypass CVE-2019-4621 20 Jul 2020 9.8 (v3) Critical Pass Telnetd - Remote Code Execution (CVE-2020-10188) CVE-2020-10188 26 May 2020 9.8 (v3) Critical Pass CA BrightStor ARCserve Backup RPC Interface (asdbapi.dll) Traversal Arbitrary Command Execution CVE-2008-4397 14 Oct 2008 10 (v2) Critical Pass Cisco IOS XE Software SD WAN vDaemon DoS (cisco-sa-iosxe-sdwdos-4zeEeC9w) CVE-2021-1431 06 Apr 2021 7.5 (v3) High Pass FTP Supports Cleartext Authentication 01 Oct 2008 2.6 (v2) Low Pass ESXi 5.0 < Build 1311175 Multiple Vulnerabilities (remote check) CVE-2013-0166 CVE-2013-0169 CVE-2013-0338 CVE-2013-5970 CVE-2013-5973 CVE-2014-1207 CVE-2014-1208 13 Nov 2013 4.4 (v2) Medium Pass Blue Coat Reporter Default Password (admin) for 'admin' Account 06 Oct 2008 7.5 (v2) High Pass OpenNMS Web Console Default Credentials 07 Oct 2008 7.5 (v2) High Pass MS08-065: Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Execution (951071) (uncredentialed check) CVE-2008-3479 15 Oct 2008 10 (v2) Critical Pass Palo Alto Networks PAN-OS 9.1.x < 9.1.3 Integer Under fl ow Vulnerability CVE-2020-2031 09 Jul 2020 4.9 (v3) Medium Pass ManageEngine Desktop Central AgentLogUploadServlet Arbitrary File Upload RCE (intrusive check) CVE-2013-7390 04 Dec 2013 10 (v2) Critical Pass Juniper Junos J-Web Interface PHP URL Handling Use-after-free RCE (JSA10828) CVE-2018-0001 26 Jan 2018 9.8 (v3) Critical Pass CCProxy < 6.62 HTTP Proxy CONNECT Request Handling Remote Over fl ow CVE-2008-6415 24 Oct 2008 10 (v2) Critical Pass Tivoli Directory Server ldacgi.exe Template Parameter Traversal Arbitrary File Access CVE-2004-2526 02 Aug 2004 5 (v2) Medium Pass MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass CVE-2008-2079 CVE-2008-4098 09 Nov 2008 4.6 (v2) Medium Pass Juniper Junos Flowd TCP/IP Response Packet Handling Remote DoS (JSA10829) CVE-2018-0002 26 Jan 2018 7.5 (v3) High Pass Intel Active Management Technology (AMT) Web UI Clickjacking Weakness (INTEL-SA-00081) (remote check) CVE-2017-5697 30 Jun 2017 6.5 (v3) Medium Pass phpPgAdmin index.php _language Parameter Local File Inclusion CVE-2008-5587 08 Dec 2008 6.8 (v2) Medium Pass Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check) CVE-2011-3102 CVE-2012-0841 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-5134 CVE-2013-1024 CVE-2013-1037 CVE-2013-1038 CVE-2013-1039 CVE-2013-1040 CVE-2013-1041 CVE-2013-1042 CVE-2013-1043 CVE-2013-1 23 Jan 2014 7.5 (v2) High Pass HTTP Backdoor Detection deprecated 08 Jan 2009 10 (v2) Critical Pass EMC Data Protection Advisor 6.4 / 6.5 / 18.1 OS Command Injection (DSA-2020-081) CVE-2020-5352 17 Jul 2020 8.8 (v3) High Pass WP-Forum Plugin for WordPress 'forum_feed.php' 'thread' Parameter SQL Injection 14 Jan 2009 7.5 (v2) High Pass 2BGal disp_album.php id_album Parameter SQL Injection CVE-2004-1415 23 Dec 2004 7.5 (v2) High Pass UPnP Internet Gateway Device (IGD) Protocol Detection 19 Feb 2009 6.3 (v3) Medium Pass EMC RepliStor Multiple Remote Heap Based Bu ff er Over fl ows CVE-2007-6426 27 Jan 2009 10 (v2) Critical Pass NaviCOPA Trailing Dot Source Code Disclosure 05 Feb 2009 5 (v2) Medium Pass Synology DiskStation Manager 4.3-x < 4.3-3810 Update 1 Multiple Vulnerabilities CVE-2013-6955 05 Feb 2014 10 (v2) Critical Pass Xerox WorkCentre Web Server Unspeci fi ed Command Injection (XRX09-001) 01 Feb 2009 10 (v2) Critical Pass Sun Java System Directory Server 6.x < 6.3.1 LDAP JDBC Backend DoS CVE-2009-0609 13 Feb 2009 5 (v2) Medium Pass Default Password (password) for 'admin' Account on Broadcom BCM96338 ADSL Router 09 Feb 2009 10 (v2) Critical Pass Default Password (profense) for 'operator' Account CVE-1999-0502 31 Jan 2009 9.8 (v3) Critical Pass NaviCOPA < 3.01 6th February 2009 Multiple Vulnerabilities 09 Feb 2009 10 (v2) Critical Pass Profense Web Application Firewall Default Credentials 03 Feb 2009 7.5 (v2) High Pass Trend Micro InterScan Web Security Suite Default Credentials 12 Feb 2009 7.5 (v2) High Pass CjOverkill trade.php Multiple Method XSS CVE-2004-2193 12 Oct 2004 4.3 (v2) Medium Pass Juniper Junos VLAN authentication processing DoS (JSA10834) CVE-2018-0006 26 Jan 2018 7.5 (v3) High Pass UPnP Internet Gateway Device (IGD) Port Mapping Manipulation 19 Feb 2009 6.3 (v3) Medium Pass ProFTPD Username Variable Substitution SQL Injection CVE-2009-0542 17 Feb 2009 7.5 (v2) High Pass FreeBSD telnetd sys_term.c Environment Variable Handling Privilege Escalation (FreeBSD-SA-09:05) CVE-2009-0641 17 Feb 2009 7.6 (v2) High Pass Novell eDirectory < 8.8 SP3 FTF3 iMonitor HTTP Accept-Language Header Over fl ow 03 Mar 2009 10 (v2) Critical Pass Apple iTunes < 8.1 Multiple Vulnerabilities (uncredentialed check) CVE-2009-0016 CVE-2009-0143 13 Mar 2009 5 (v2) Medium Pass Apache Tomcat 8.0.x < 8.0.15 Multiple Vulnerabilities (POODLE) CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 05 Mar 2015 7.3 (v3) High Pass Tenable Security Center Default Credentials 26 Mar 2009 7.5 (v2) High Pass Xlight FTP Server Authentication SQL Injection CVE-2009-4795 31 Mar 2009 7.5 (v2) High Pass mod_perl Apache::Status Info Disclosure 07 Apr 2009 5 (v2) Medium Pass Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure CVE-2009-1556 24 Apr 2009 6.8 (v2) Medium Pass Default Password (admin) for 'root' Account CVE-1999-0502 23 Jul 2009 9.8 (v3) Critical Pass Memcached / MemcacheDB ASLR Bypass Weakness CVE-2009-1255 29 Apr 2009 5 (v2) Medium Pass A-A-S Application Access Server Default Admin Password CVE-2009-1465 14 May 2009 10 (v2) Critical Pass Oracle GlassFish Server Administration Console Default Credentials 07 May 2009 7.5 (v2) High Pass Icecast XSL Parser Multiple Vulnerabilities (OF, ID) CVE-2005-0837 CVE-2005-0838 22 Mar 2005 5 (v2) Medium Pass Atmail WebMail <= 5.6.0 (5.60) Email Body Injection 30 Apr 2009 4.3 (v2) Medium Pass ESXi 5.0 < Build 1918656 OpenSSL Library Multiple Vulnerabilities (remote check) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 04 Jul 2014 5.8 (v2) Medium Pass Microsoft IIS WebDAV Unicode Request Directory Security Bypass CVE-2009-1535 18 May 2009 7.5 (v2) High Pass Sendmail < 8.13.2 Mail X-Header Handling Remote Over fl ow CVE-2009-1490 24 May 2009 5.3 (v3) Medium Pass MS09-039: Vulnerabilities in WINS Could Allow Remote Code Execution (969883) (uncredentialed check) CVE-2009-1923 CVE-2009-1924 12 Aug 2009 10 (v2) Critical Pass Sun Java System Calendar Server login.wcap Fmt-out Parameter XSS CVE-2009-1218 27 May 2009 4.3 (v2) Medium Pass WP-Lytebox 'pg' Parameter Local File Inclusion CVE-2009-4672 27 May 2009 6.8 (v2) Medium Pass OpenSSH < 5.9 Multiple DoS CVE-2010-4755 CVE-2011-5000 18 Nov 2011 4 (v2) Medium Pass News Server (NNTP) Anonymous Read Access 08 Jun 2009 2.6 (v2) Low Pass MikroTik RouterOS with Blank Password (HTTP) CVE-1999-0508 17 Jun 2009 10 (v2) Critical Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.3 Multiple Vulnerabilities CVE-2014-0076 CVE-2014-0098 CVE-2014-0963 CVE-2014-0965 CVE-2014-3022 CVE-2014-3070 CVE-2014-3083 CVE-2014-4244 CVE-2014-4263 CVE-2014-4764 CVE-2014-4767 29 Aug 2014 6.5 (v2) Medium Pass RIP-1 Poisoning Routing Table Modi fi cation 02 Jul 2009 5.8 (v2) Medium Pass CGI Generic Remote File Inclusion 19 Jun 2009 7.5 (v2) High Pass RIP Poisoning Routing Table Modi fi cation (Adjacent Network) 02 Jul 2009 5.8 (v2) Medium Pass PostgreSQL LDAP Anonymous Bind Authentication Bypass CVE-2009-3231 11 Sep 2009 6.8 (v2) Medium Pass Sun Java Web Console helpwindow.jsp / masthead.jsp Multiple XSS CVE-2009-2283 02 Jul 2009 4.3 (v2) Medium Pass RIP-2 Poisoning Routing Table Modi fi cation 02 Jul 2009 5.4 (v2) Medium Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 5 Re fl ected Cross-Site Scripting (ESA-2017-134) CVE-2017-14373 03 Nov 2017 6.1 (v3) Medium Pass OpenSSL 0.9.8 < 0.9.8zc Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 17 Oct 2014 4.3 (v2) Medium Pass Sun Java System Web Server ::$DATA Extension Request JSP Resource Disclosure CVE-2009-2445 07 Jul 2009 5 (v2) Medium Pass FCKeditor.Java Connector Servlet 'CurrentFolder' In fi nite Loop DoS CVE-2009-4875 20 Jul 2009 5 (v2) Medium Pass Alibaba Web Server 2.0 HTTP Request Over fl ow DoS CVE-2000-0626 29 Oct 1999 9.3 (v2) High Pass O'Reilly WebSite win-c-sample Remote Over fl ow CVE-1999-0178 22 Jun 1999 7.5 (v2) High Pass Cisco Content Security Management Appliance Privilege Escalation Vulnerability CVE-2018-0095 26 Jan 2018 7.8 (v3) High Pass RPC bootparamd Service Information Disclosure (Deprecated) 30 Aug 1999 5 (v2) Medium Pass CDK Backdoor Detection 20 Feb 2000 10 (v2) Critical Pass CERN httpd Virtual Web Path Disclosure CVE-2000-0079 20 Jan 2000 5 (v2) Medium Pass AltaVista Intranet Search CGI query Traversal Arbitrary File Access CVE-2000-0039 09 Jan 2000 5 (v2) Medium Pass F5 BIG/ip bigconf.cgi fi le Parameter Arbitrary File Access CVE-1999-1550 10 Nov 1999 7.5 (v2) High Pass BFTelnet Username Handling Remote Over fl ow DoS CVE-1999-0904 04 Nov 1999 10 (v2) Critical Pass VMware vRealize Operations Manager ver 6.x < 6.40 Suite API CollectorHttpRelayController RelayRequest Object DiskFileItem Deserialization DoS CVE-2016-7462 01 Dec 2016 8.5 (v3) High Pass Check Point FireWall-1 Identi fi cation 27 Jul 1999 5 (v2) Medium Pass DeleGate Multiple Function Remote Over fl ows CVE-2000-0165 14 Nov 1999 10 (v2) Critical Pass Eserv GET Request Traversal Arbitrary File Access CVE-1999-1509 05 Nov 1999 5 (v2) Medium Pass Alcatel PABX 4400 Detection 08 Jun 2002 None Pass FakeBO NetBus Handling Code Remote Over fl ow 22 Jun 1999 7.5 (v2) High Pass Finger Service Remote Information Disclosure CVE-1999-0612 22 Jun 1999 5 (v2) Medium Pass Finger 0@host Unused Account Disclosure CVE-1999-0197 22 Jun 1999 5 (v2) Medium Pass Finger .@host Unused Account Disclosure CVE-1999-0198 22 Jun 1999 5 (v2) Medium Pass EZShopper Multiple Directory Traversal Vulnerabilities CVE-2000-0187 CVE-2000-0188 28 Feb 2000 5 (v2) Medium Pass HylaFAX faxsurvey Arbitrary Command Execution CVE-1999-0262 22 Jun 1999 7.5 (v2) High Pass Matthew Wright FormMail CGI (formmail.cgi) Arbitrary Mail Relay CVE-1999-0172 01 Dec 1999 7.5 (v2) High Pass Linux FTP Server Backdoor Detection CVE-1999-0452 22 Jun 1999 9.8 (v3) Critical Pass Anonymous FTP Writable root Directory CVE-1999-0527 22 Jun 1999 9.8 (v3) Critical Pass Apache 2.2.x < 2.2.15 Multiple Vulnerabilities CVE-2007-6750 CVE-2009-3555 CVE-2010-0408 CVE-2010-0425 CVE-2010-0434 20 Oct 2010 9.8 (v3) Critical Pass FTPd CWD Command Account Enumeration 12 Nov 1999 5 (v2) Medium Pass FTPGate Web Proxy Traversal Arbitrary File Access 05 Nov 1999 5 (v2) Medium Pass WU-FTPD QUOTE PASV Forced Core Dump Information Disclosure CVE-1999-0075 22 Jun 1999 6.4 (v2) Medium Pass Multiple FTP Server QUOTE CWD Command Home Path Disclosure CVE-1999-0201 22 Jun 1999 6.4 (v2) Medium Pass Anonymous FTP Enabled CVE-1999-0497 22 Jun 1999 5.3 (v3) Medium Pass IMail IMonitor Service Remote Over fl ow CVE-1999-1046 CVE-2000-0056 22 Jun 1999 7.5 (v2) High Pass SCO UnixWare i2odialogd daemon Username Authorization String Over fl ow CVE-2000-0026 22 Dec 1999 10 (v2) Critical Pass iChat Server Traversal Arbitrary File Access CVE-1999-0897 22 Jun 1999 5 (v2) Medium Pass Puppet Enterprise 2.x < 2.6.1 Session Handling Weakness CVE-2012-5158 07 Apr 2014 4 (v2) Medium Pass ht://Dig < 3.1.5 htsearch CGI Multiple Vulnerabilities CVE-1999-0978 CVE-2000-0208 03 Mar 2000 5 (v2) Medium Pass IMail IMAP Server Login Functions Remote Over fl ow CVE-1999-1557 22 Jun 1999 7.5 (v2) High Pass INN < 1.6 Multiple Vulnerabilities CVE-1999-0705 CVE-1999-0043 CVE-1999-0247 25 Aug 1999 10 (v2) Critical Pass UoW IMAP/POP server_login() Function Remote Over fl ow CVE-1999-0042 22 Jun 1999 10 (v2) Critical Pass in. fi ngerd Pipe Input Arbitrary Command Execution CVE-1999-0152 22 Jun 1999 7.5 (v2) High Pass Microsoft IIS FTP Server NLST Command Over fl ow DoS CVE-1999-0349 22 Jun 1999 5 (v2) Medium 5

Pass Multiple Vendor info2www CGI Arbitrary Command Execution CVE-1999-0266 22 Jun 1999 10 (v2) Critical Pass MDaemon WorldClient HTTP Server URL Over fl ow DoS CVE-1999-0844 24 Nov 1999 5 (v2) Medium Pass Mini SQL w3-msql Arbitrary Directory Access (deprecated) CVE-1999-0753 08 Sep 1999 7.5 (v2) High Pass IRIX pfdispaly Arbitrary File Access CVE-1999-0270 22 Jun 1999 7.8 (v2) High Pass Lotus Notes SMTP Server HELO Command Over fl ow DoS CVE-1999-0284 22 Jun 1999 5 (v2) Medium Pass FlexCast Server Detection 07 Jun 2005 None Pass HP LaserJet Printer Unauthenticated Access CVE-1999-1061 22 Jun 1999 9 (v2) High Pass Web Server /cgi-bin Perl Interpreter Access CVE-1999-0509 22 Jun 1999 10 (v2) Critical Pass HTTP Proxy Arbitrary Site/Port Relaying 22 Jun 1999 6.8 (v2) Medium Pass Qpopper PASS Command Remote Over fl ow CVE-1999-0006 22 Jun 1999 10 (v2) Critical Pass MySQL Enterprise Monitor 4.x < 4.0.9 / 8.x < 8.0.16 Padding Oracle (Apr 2019 CPU) CVE-2019-1559 24 Jul 2020 5.9 (v3) Medium Pass Rover POP3 Server Username Remote Over fl ow CVE-2000-0060 03 Jan 2000 10 (v2) Critical Pass rexecd Service Detection CVE-1999-0618 31 Aug 1999 10 (v2) Critical Pass CDE RPC tooltalk Service Multiple Over fl ows CVE-1999-0003 CVE-1999-0693 22 Aug 1999 10 (v2) Critical Pass Multiple Mail Server EXPN/VRFY Information Disclosure 22 Jun 1999 5 (v2) Medium Pass NetCPlus SmartServer3 POP3 (NCPOPSERV.EXE) USER Command Remote Over fl ow 12 Nov 1999 10 (v2) Critical Pass Sendmail MAIL FROM Command Arbitrary Remote Command Execution CVE-1999-0203 22 Aug 1999 7.5 (v2) High Pass Sendmail RCPT TO Command Arbitrary File Overwrite 30 Aug 1999 10 (v2) Critical Pass Multiple MTA HELO Command Remote Over fl ow CVE-1999-0098 CVE-1999-1015 CVE-1999-1504 18 Aug 1999 7.5 (v2) High Pass Systat Service Remote Information Disclosure CVE-1999-0637 22 Jun 1999 5 (v2) Medium Pass Sendmail 8.6.9 IDENT Remote Over fl ow CVE-1999-0204 27 Aug 2002 9.8 (v3) Critical Pass SSH CBC/CFB Data Stream Injection CVE-1999-1085 23 Jul 1999 5.1 (v2) Medium Pass TCP/IP 'Chorusing' Windows DoS CVE-1999-1201 31 Oct 1999 5.7 (v2) Medium Pass MS00-013: Microsoft Windows Media Server Malformed Handshake Sequence DoS (253943) (intrusive check) CVE-2000-0211 28 Feb 2000 5 (v2) Medium Pass WinSATAN Backdoor Detection 04 Jan 2000 7.5 (v2) High Pass thttpd Double Slash Request Arbitrary File Access CVE-1999-1456 22 Jun 1999 5 (v2) Medium Pass UoW imapd AUTHENTICATE Command Remote Over fl ow CVE-1999-0005 22 Jun 1999 10 (v2) Critical Pass Vermillion FTPD Long CWD Commands DoS CVE-1999-1058 22 Nov 1999 5 (v2) Medium Pass Citrix Published Applications Remote Enumeration 09 Oct 2002 5 (v2) Medium Pass Microsoft Windows NT WINS Service Malformed Data DoS CVE-1999-0288 30 Aug 1999 5 (v2) Medium Pass WinGate Passwordless Default Installation CVE-1999-0291 22 Jun 1999 7.5 (v2) High Pass WindowsNT DNS Server Character Saturation DoS CVE-1999-0275 22 Jun 1999 5 (v2) Medium Pass CDomain whois_raw.cgi fqdn Parameter Arbitrary Command Execution CVE-1999-1063 22 Jun 1999 7.5 (v2) High Pass ISC BIND < 4.9.7 / 8.1.2 Inverse-Query Remote Over fl ow CVE-1999-0009 02 Apr 2002 10 (v2) Critical Pass Pocsag POC32 Remote Service Default Password (password) CVE-2000-0225 07 Mar 2000 5 (v2) Medium Pass Cayman DSL Router Unauthenticated Access CVE-1999-0508 12 Mar 2000 7.5 (v2) High Pass Kerberos klogind Remote Over fl ow CVE-2000-0389 18 May 2000 7.2 (v2) High Pass Microsoft IIS/PWS %2e Request ASP Source Disclosure CVE-1999-0253 10 Apr 2000 5 (v2) Medium Pass UoW imapd (UW-IMAP) Multiple Command Remote Over fl ows (2) CVE-2000-0284 18 Apr 2000 10 (v2) Critical Pass LCDproc < 0.4.1 screen_add Command Remote Over fl ow CVE-2000-0295 22 Apr 2000 7.5 (v2) High Pass MERCUR Mailserver Local Traversal Arbitrary File Access CVE-2000-0318 25 Apr 2000 6.5 (v2) Medium Pass Palo Alto Expedition < 1.1.13 Cross-Site Scripting Vulnerability (PAN-SA-2019-0009) CVE-2019-1574 08 Apr 2020 5.4 (v3) Medium Pass Piranha's RH6.2 default password CVE-2000-0248 25 Apr 2000 7.5 (v2) High Pass Cassandra NNTP Server Login Name Remote Over fl ow DoS CVE-2000-0341 02 May 2000 7.5 (v2) High Pass X Server Detection 12 May 2000 2.6 (v2) Low Pass spin_client.cgi Remote Over fl ow 03 May 2000 7.5 (v2) High Pass Gnapster Absolute Path Name Request Arbitrary File Access CVE-2000-0412 12 May 2000 7.5 (v2) High Pass Marcus Xenakis directory.php Execute Arbitrary Commands CVE-2002-0434 07 Jun 2002 10 (v2) Critical Pass SubSeven Trojan Detection 15 May 2000 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < Fix Pack 45 Multiple Vulnerabilities CVE-2012-2170 CVE-2012-2190 CVE-2012-2191 CVE-2012-3293 CVE-2012-3304 CVE-2012-3305 CVE-2012-3306 CVE-2012-3311 CVE-2012-3325 02 Oct 2012 6.8 (v2) Medium Pass Rockli ff e MailSite Management Agent wconsole.dll GET Request Over fl ow CVE-2000-0398 25 May 2000 7.8 (v2) High Pass Qpopper EUIDL Arbitrary Command Execution CVE-2000-0320 27 May 2000 6.5 (v2) Medium Pass NAI WebShield SMTP GET_CONFIG Information Disclosure CVE-2000-0448 27 May 2000 5 (v2) Medium Pass Imate SMTP Server HELO Command Remote Over fl ow DoS CVE-2000-0507 06 Jun 2000 5 (v2) Medium Pass Sambar Server /sysadmin Default Accounts 25 May 2000 7.5 (v2) High Pass INN < 2.2.3 verifycancels Option Cancel Request Message Over fl ow CVE-2000-0472 07 Jun 2000 3.6 (v2) Low Pass WU-FTPD site_exec() Function Remote Format String CVE-2000-0573 27 Jun 2000 9.8 (v3) Critical Pass vpopmail vchkpw USER/PASS Command Format String CVE-2000-0583 15 Jul 2000 5 (v2) Medium Pass ipop2d fold Command Arbitrary File Access 02 Aug 2000 5 (v2) Medium Pass Zope < 2.1.7 DocumentTemplate Unauthorized DTML Entity Modi fi cation CVE-2000-0483 22 Jun 2000 7.5 (v2) High Pass Snare Agent for Linux < 1.7.0 / 2.0.0 Multiple Vulnerabilities CVE-2011-5247 CVE-2011-5249 CVE-2011-5250 24 Dec 2012 4.3 (v2) Medium Pass Big Brother bb-hostsvc.sh 'HOSTSVC' Parameter Traversal Arbitrary File Access CVE-2000-0638 12 Jul 2000 5 (v2) Medium Pass Poll It CGI data_dir Parameter Arbitrary File Access CVE-2000-0590 12 Jul 2000 7.5 (v2) High Pass Apache Tomcat contextAdmin Arbitrary File Access CVE-2000-0672 22 Jul 2000 7.5 (v3) High Pass Multiple Web Server ~nobody/ Request Arbitrary File Access 01 Aug 2000 5 (v2) Medium Pass MiniVend view_page.html Shell Metacharacter Arbitrary Command Execution CVE-2000-0635 16 Jul 2000 7.5 (v2) High Pass Apache Tomcat Snoop Servlet Remote Information Disclosure CVE-2000-0760 22 Jul 2000 5.3 (v3) Medium Pass WebActive HTTP Server active.log Remote Information Disclosure CVE-2000-0642 16 Jul 2000 5 (v2) Medium Pass Roxen Web Server /%00/ Encoded Request Forced Directory Listing CVE-2000-0671 22 Jul 2000 5 (v2) Medium Pass bftpd NLST Command Output Format String 11 Dec 2000 7.3 (v3) High Pass Juniper Junos Connectionless Network Protocol (CLNP) Packet Handling Unspeci fi ed Remote Code Execution / DoS (JSA10844) CVE-2018-0016 20 Apr 2018 9.8 (v3) Critical Pass Apache WebDAV Module PROPFIND Arbitrary Directory Listing CVE-2000-0869 08 Sep 2000 5 (v2) Medium Pass Symantec (Blue Coat) Reporter UI Information Disclosure Vulnerability (SYMSA1489) CVE-2019-12753 30 Aug 2019 4.9 (v3) Medium Pass Simple Web Counter swc ctr Parameter Remote Over fl ow 24 Aug 2000 7.5 (v2) High Pass htgrep hdr Parameter Arbitrary File access CVE-2000-0832 24 Aug 2000 5 (v2) Medium Pass Juniper Junos VPLS Routing MPLS Packet Handling mbuf Exhaustion Remote DoS (JSA10845) CVE-2018-0017 20 Apr 2018 7.5 (v3) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 5 Multiple Vulnerabilities CVE-2012-3304 CVE-2012-3305 CVE-2012-3306 CVE-2012-3311 CVE-2012-3325 CVE-2012-3330 31 Jan 2013 6.8 (v2) Medium Pass Boa Web Server Traversal Arbtirary File Access/Execution CVE-2000-0920 06 Oct 2000 5 (v2) Medium Pass Nortel Networks Router Unpassworded Account (manager Level) 06 Oct 2000 7.8 (v2) High Pass Nortel Networks Router Unpassworded Account (User Level) 06 Oct 2000 7.8 (v2) High Pass Extent RBS Web Server Image Parameter Traversal Arbitrary File Access CVE-2000-1036 26 Sep 2000 5 (v2) Medium Pass Cisco PIX Firewall Mailguard Feature SMTP Content Filter Bypass CVE-2000-1022 04 Oct 2000 7.3 (v3) High Pass FreeBSD 4.1.1 Finger Arbitrary Remote File Access CVE-2000-0915 14 Oct 2000 7.8 (v2) High Pass eXtropia Web Store web_store.cgi Traversal Arbitrary File Access CVE-2000-1005 10 Oct 2000 5 (v2) Medium Pass CGIForum cgiforum.pl thesection Parameter Traversal Arbitrary File Access CVE-2000-1171 20 Nov 2000 5 (v2) Medium Pass KW Whois CGI whois Parameter Arbitrary Command Execution CVE-2000-0941 29 Nov 2002 7.5 (v2) High Pass Juniper Junos SNMP MIB-II Subagent Daemon (mib2d) Unspeci fi ed Remote DoS (JSA10847) CVE-2018-0019 20 Apr 2018 5.3 (v3) Medium Pass Microsoft Windows LAN Manager SNMP LanMan Users Disclosure CVE-1999-0499 10 Nov 2000 5.3 (v3) Medium Pass Microsoft Windows LAN Manager SNMP LanMan Shares Disclosure CVE-1999-0499 10 Nov 2000 5.3 (v3) Medium Pass XMail APOP / USER Command Remote Over fl ow CVE-2000-0840 CVE-2000-0841 28 Nov 2000 10 (v2) Critical Pass Serv-U CD Command Encoded Traversal Arbitrary File/Directory Access CVE-2001-0054 06 Dec 2000 5 (v2) Medium Pass Cisco 600 Series Router HTTP GET DoS (cisco-sa-20001204-cbos) CVE-2001-0058 29 Nov 2000 5.4 (v2) Medium Pass Cisco NX-OS DHCPv4 Crafted Packet DoS (cisco-sa-20161005-dhcp1) CVE-2015-6392 22 Nov 2016 7.5 (v3) High Pass Juniper Junos Short MacSec Keys Con fi guration CKN / CAK Key Extension Brute-force Mitm Spoo fi ng (JSA10854) CVE-2018-0021 20 Apr 2018 8.8 (v3) High Pass tinyProxy Long Connect Request Over fl ow CVE-2001-0129 19 Jan 2001 5 (v2) Medium Pass Juniper Junos VPLS Routing MPLS Packet Handling mbuf Exhaustion Remote DoS (JSA10855) CVE-2018-0022 20 Apr 2018 7.5 (v3) High Pass News Desk newsdesk.cgi t Parameter Traversal Arbitrary File Access CVE-2001-0231 04 Jan 2001 5 (v2) Medium Pass popper_mod PHP Administration Script Authentication Bypass CVE-2002-0513 09 Mar 2003 7.5 (v2) High Pass OpenSSH 2.3.1 SSHv2 Public Key Authentication Bypass CVE-2001-1585 09 Feb 2001 9.3 (v2) High Pass iWeb Hyperseek 2000 hsx.cgi show Parameter Traversal Arbitrary File Read CVE-2001-0253 29 Jan 2001 5 (v2) Medium Pass Allaire JRun Crafted Request Forced Directory Listing CVE-2000-1050 29 Jan 2001 5 (v2) Medium Pass Commerce.CGI Shopping Cart commerce.cgi page Parameter Traversal Arbitrary File Access CVE-2001-0210 13 Feb 2001 5 (v2) Medium Pass WebSPIRS webspirs.cgi Traversal Arbitrary File Access CVE-2001-0211 17 Feb 2001 5 (v2) Medium Pass W3.org Anaya Web sendtemp.pl 'templ' Parameter Traversal Arbitrary File Access CVE-2001-0272 15 Feb 2001 7.8 (v2) High Pass Savant Web Server Multiple Percent Request Remote DoS 13 Mar 2001 5 (v2) Medium Pass Oracle XSQL query.xsql sql Parameter SQL Injection CVE-2002-1631 15 Feb 2001 5 (v2) Medium Pass Solaris FTP Daemon CWD Command Account Enumeration 16 Apr 2001 5.3 (v3) Medium Pass BSD Based FTP Server Multiple glob Function Remote Over fl ow CVE-2001-0247 16 Apr 2001 9.8 (v3) Critical Pass Thinking Arts ES.One store.cgi StartID Parameter Traversal Arbitrary File Access CVE-2001-0305 25 Mar 2001 7.5 (v2) High Pass Ananconda Partners Clipper anacondaclip.pl Traversal Arbitrary File Access CVE-2001-0593 28 Mar 2001 5 (v2) Medium Pass DHCP Server Detection 05 May 2001 3.3 (v2) Low Pass Solaris snmpXdmid Long Indication Event Over fl ow (ELVISCICADA) CVE-2001-0236 03 May 2001 9.8 (v3) Critical 6

Pass IBM WebSphere Application Server 8.0 < Fix Pack 6 Multiple Vulnerabilities CVE-2012-4853 CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 CVE-2013-0458 CVE-2013-0459 CVE-2013-0461 CVE-2013-0462 CVE-2013-0482 CVE-2013-0541 CVE-2013-0542 CVE-2013-0543 CVE-2013-0544 10 May 2013 10 (v2) Critical Pass Apache mod_status /server-status Information Disclosure 28 May 2001 5.3 (v3) Medium Pass Apache mod_info /server-info Information Disclosure 28 May 2001 5.3 (v3) Medium Pass Web Server HTTP POST Method Handling Remote Over fl ow DoS 15 Jun 2001 9.3 (v2) High Pass PerlCal cal_make.pl p0 Parameter Traversal Arbitrary File Read CVE-2001-0463 10 May 2001 7.8 (v2) High Pass Netscape Enterprise Server Long Traversal Request Remote DoS CVE-2001-0252 15 Jun 2001 5 (v2) Medium Pass SSH 3.0.0 Locked Account Remote Authentication Bypass CVE-2001-0553 21 Jul 2001 5.1 (v2) Medium Pass SimpleServer:WWW Encoded Traversal Arbitrary Command Execution CVE-2001-1586 17 Jul 2001 10 (v2) Critical Pass BroadVision One-To-One Enterprise Nonexistent JSP Request Path Disclosure CVE-2001-0031 15 Jun 2001 5 (v2) Medium Pass Juniper Junos Security Bypass Stateless Firewall Deactivation (JSA10859) CVE-2018-0026 20 Jul 2018 4.7 (v3) Medium Pass Cisco IOS HTTP Con fi guration Unauthorized Administrative Access CVE-2001-0537 02 Jul 2001 9.3 (v2) High Pass Palo Alto Networks PAN-OS 6.1.21 and earlier / 7.1.x < 7.1.19 / 8.0.x < 8.0.12 / 8.1.x < 8.1.3 Multiple Vulnerabilities CVE-2018-10139 CVE-2018-10140 28 Aug 2018 6.1 (v3) Medium Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0001) (remote check) CVE-2009-0689 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 CVE-2009-3274 CVE-2009-3370 CVE-2009-3372 CVE-2009-3373 CVE-2009-3374 CVE-2009-3375 CVE-2009-3376 CVE-2009-3380 CVE-2009-3382 08 Mar 2016 10 (v2) Critical Pass Sambar Server pagecount CGI Traversal Arbitrary File Overwrite CVE-2001-1010 29 Jul 2001 5 (v2) Medium Pass BEA WebLogic Hex Encoded Request JSP Source Disclosure 13 Aug 2001 5 (v2) Medium Pass Cisco Small Business RV Series Router Unsupported Detection 12 Apr 2021 9.8 (v3) Critical Pass MS01-035: Microsoft IIS FrontPage fp30reg.dll Remote Over fl ow (uncredentialed check) CVE-2001-0341 26 Jun 2001 7.5 (v2) High Pass NetCode NC Book book.cgi current Parameter Arbitrary Command Execution CVE-2001-1114 13 Aug 2001 7.5 (v2) High Pass SuSE Support Data Base sbsearch.cgi Arbitrary Command Execution CVE-2001-1130 13 Aug 2001 7.5 (v2) High Pass SIX-webboard generate.cgi 'content' Parameter Traversal Arbitrary File Access CVE-2001-1115 13 Aug 2001 5 (v2) Medium Pass SHOUTcast Server User-Agent / Host Header DoS CVE-2001-1304 13 Aug 2001 5 (v2) Medium Pass Apache Auth Module SQL Injection CVE-2001-1379 07 Sep 2001 7.3 (v3) High Pass 3Com Superstack 3 Switch Multiple Default Accounts CVE-1999-0508 29 Aug 2001 7.5 (v2) High Pass Zope < 2.3.3 ZClass Permission Mapping Modi fi cation Local Privilege Escalation CVE-2001-0567 28 Sep 2001 4.6 (v2) Medium Pass Tripwire for Webpages Installation Disclosure 29 Aug 2001 5 (v2) Medium Pass Motorola Vanguard with No Password (telnet check) CVE-1999-0508 22 Jan 2003 10 (v2) Critical Pass Solaris in. fi ngerd Unused Accounts Disclosure CVE-2001-1503 22 Oct 2001 5 (v2) Medium Pass FTGate4 IMAP EXAMINE Command Remote Over fl ow CVE-2005-3640 17 Nov 2005 10 (v2) Critical Pass Cisco TelePresence Codecs DoS CVE-2011-2577 24 Jul 2013 7.8 (v2) High Pass Network Solutions Rwhoisd Syslog Remote Format String CVE-2001-0913 25 Nov 2001 7.5 (v2) High Pass Multiple Linux rpc.mountd Remote Over fl ow CVE-1999-0002 12 Mar 2003 10 (v2) Critical Pass Multiple Vendor FTPD on Windows Floppy Request CPU Consumption DoS 06 Dec 2001 5 (v2) Medium Pass ColdFusion Debug Mode Information Disclosure 07 Nov 2001 5 (v2) Medium Pass Webalizer < 2.01-09 Multiple XSS CVE-2001-0835 03 Dec 2001 4.3 (v2) Medium Pass Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution CVE-2001-0871 03 Dec 2001 7.5 (v2) High Pass Horde Imp Webmail status.php3 message Parameter XSS CVE-2001-0857 10 Nov 2001 7.5 (v2) High Pass Interactive Story story.pl next Parameter Traversal Arbitrary File Access CVE-2001-0804 03 Dec 2001 7.8 (v2) High Pass SSH Protocol Version 1 Session Key Retrieval CVE-2001-0361 CVE-2001-0572 CVE-2001-1473 06 Mar 2002 7.5 (v2) High Pass ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check) CVE-2017-4904 CVE-2017-4905 31 Mar 2017 8.8 (v3) High Pass memcached No Newline Memory Consumption DoS CVE-2010-1152 20 Apr 2010 5 (v2) Medium Pass SilverStream Directory Listing 06 Feb 2002 5 (v2) Medium Pass Oracle 9iAS mod_plsql DAD Admin Interface Access CVE-2000-1235 07 Feb 2002 5 (v2) Medium Pass FAQManager 'faqmanager.cgi' 'toc' Parameter Arbitrary File Access CVE-2002-2033 25 Jan 2002 5 (v2) Medium Pass Microsoft ASP.NET Malformed File Request Path Disclosure 05 Feb 2002 5 (v2) Medium Pass SilverStream Database Structure Disclosure 06 Feb 2002 5 (v2) Medium Pass MPEi/X Default FTP Accounts CVE-1999-0502 05 Jun 2002 10 (v2) Critical Pass Altiris Deployment Solution Server < 6.9 SP4 DBManager DoS (SYM10-007) CVE-2010-0109 21 Apr 2010 3.3 (v2) Low Pass SSH Protocol Versions Supported 06 Mar 2002 None Pass X Display Manager Control Protocol (XDMCP) Detection 13 Mar 2002 4.3 (v2) Medium Pass Multiple Vulnerabilities in Cisco Uni fi ed Computing System (cisco-sa-20130424-ucsmulti) CVE-2013-1182 CVE-2013-1183 CVE-2013-1184 CVE-2013-1185 CVE-2013-1186 17 Sep 2013 10 (v2) Critical Pass Microsoft IIS ASP ISAPI Filter Multiple Over fl ows CVE-2002-0079 CVE-2002-0147 CVE-2002-0149 10 Apr 2002 7.5 (v2) High Pass Windows 98 FTP MS/DOS Device Name Request DoS 29 Mar 2002 7.5 (v3) High Pass EFTP .lnk File Handling Remote Over fl ow CVE-2001-1112 29 Mar 2002 10 (v2) Critical Pass Squid FTP URL Special Character Handling Remote Over fl ow CVE-2002-0068 27 Mar 2002 7.5 (v2) High Pass lighttpd < 1.3.8 Null Byte Request CGI Script Source Code Disclosure CVE-2005-0453 16 Feb 2005 5.3 (v3) Medium Pass Trend Micro Control Manager cgiShowClientAdm Security Bypass 28 Apr 2017 7.3 (v3) High Pass ServletExec 4.1 / JRun ISAPI Multiple DoS CVE-2002-0894 CVE-2000-0681 22 May 2002 10 (v2) Critical Pass Apple iTunes < 10.2 Multiple Vulnerabilities (uncredentialed check) CVE-2010-1205 CVE-2010-1824 CVE-2010-2249 CVE-2010-4008 CVE-2010-4494 CVE-2011-0111 CVE-2011-0112 CVE-2011-0113 CVE-2011-0114 CVE-2011-0115 CVE-2011-0116 CVE-2011-0117 CVE-2011-0118 CVE-2011-0119 CVE-2011-0120 CVE-2011-0 03 Mar 2011 9.3 (v2) High Pass IBM WebSphere Application Server 6.1 < 6.1.0.37 Multiple Vulnerabilities CVE-2011-1308 CVE-2011-1321 CVE-2011-1322 CVE-2011-1683 18 Apr 2011 6.8 (v2) Medium Pass PHP 5.3 < 5.3.6 Multiple Vulnerabilities CVE-2011-0421 CVE-2011-0708 CVE-2011-1092 CVE-2011-1153 CVE-2011-1464 CVE-2011-1466 CVE-2011-1467 CVE-2011-1468 CVE-2011-1469 CVE-2011-1470 18 Mar 2011 7.5 (v2) High Pass IBM WebSphere Application Server 6.1 < 6.1.0.41 Multiple Vulnerabilities CVE-2011-1359 CVE-2011-1362 CVE-2011-1377 CVE-2011-3192 CVE-2011-5065 CVE-2011-5066 19 Jan 2012 10 (v2) Critical Pass Linksys Router Default Password CVE-1999-0508 05 Jun 2002 10 (v2) Critical Pass ActivePerl fi ndtar Sample Script Remote Command Execution 08 Jun 2002 10 (v2) Critical Pass Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS CVE-2002-0448 07 Jun 2002 5 (v2) Medium Pass ISC BIND < 9.2.1 rdataset Parameter Malformed DNS Packet DoS CVE-2002-0400 22 Jul 2002 7.8 (v2) High Pass Beanstalkd < 1.4.6 Remote Beanstalkd Command Injection CVE-2010-2060 14 Jun 2010 7.5 (v2) High Pass RemoteNC Backdoor Detection 29 Sep 2003 10 (v2) Critical Pass Microsoft Windows SMB Service Detection 05 Jun 2002 None Pass Wireless Access Point Detection 09 Jun 2002 None Pass HTTP Reverse Proxy Detection (Deprecated) CVE-2004-2320 CVE-2005-3398 CVE-2005-3498 CVE-2007-3008 02 Jul 2002 5.4 (v3) Medium Pass iPlanet Search Engine search CGI Arbitrary File Access CVE-2002-1042 10 Jul 2002 5 (v2) Medium Pass Resin MS-DOS Device Request Path Disclosure CVE-2002-2090 17 Jul 2002 5 (v2) Medium Pass MS10-012: Vulnerabilities in SMB Could Allow Remote Code Execution (971468) (uncredentialed check) CVE-2010-0020 CVE-2010-0021 CVE-2010-0022 CVE-2010-0231 13 Sep 2010 10 (v2) Critical Pass Sun AnswerBook2 Web Server dwhttpd GET Request Remote Format String 14 Aug 2002 10 (v2) Critical Pass RPC rusers Remote Information Disclosure CVE-1999-0626 03 Aug 2002 5 (v2) Medium Pass Trend Micro O ffi ceScan tmlisten.exe Malformed Data Remote DoS CVE-2000-0203 03 Aug 2002 5 (v2) Medium Pass BadBlue Malformed GET Request Remote DoS CVE-2002-1023 06 Aug 2002 5 (v2) Medium Pass Apache Tomcat DOS Device Name XSS 10 Jul 2002 4.3 (v2) Medium Pass MySQL < 4.0.21 mysqlhotcopy Insecure Temporary File Creation CVE-2004-0457 23 Aug 2004 4.6 (v2) Medium Pass Web Server HTTP Header Memory Exhaustion DoS 18 Aug 2002 7.8 (v2) High Pass Sendmail -C Malformed Con fi guration Privilege Escalation CVE-2001-0713 18 Aug 2002 5.9 (v3) Medium Pass Pi3Web < 2.0.1 CGI Handler Long Parameter Handling Over fl ow CVE-2002-0142 22 Aug 2002 5 (v2) Medium Pass Apache <= 2.0.39 Win32 Crafted Traversal Arbitrary File Access CVE-2002-0661 18 Aug 2002 7.3 (v3) High Pass WS_FTP Multiple Command Long Argument Over fl ow CVE-2001-1021 21 Aug 2002 10 (v2) Critical Pass Network UPS Tools < 2.6.4 addchar() Function Bu ff er Over fl ow CVE-2012-2944 22 Jun 2012 7.5 (v2) High Pass Canna SR_INIT Command Remote Over fl ow CVE-2000-0584 29 Aug 2002 7.5 (v2) High Pass Directory Manager edit_image.php Arbitrary Command Execution CVE-2001-1020 22 Aug 2002 7.5 (v2) High Pass xtelw Detection 13 Sep 2002 None Pass xtel Detection 13 Sep 2002 None Pass Radmin (Remote Administrator) Port 4899 Detection 15 Sep 2002 None Pass mldonkey Detection (telnet check) 17 Sep 2002 None Pass Mountain Network Systems webcart.cgi Arbitrary Command Execution CVE-2001-1502 21 Aug 2002 7.5 (v2) High Pass Palo Alto Networks PAN-OS < 6.1 / 7.x < 7.1 / 8.1.x < 8.1.4 Cross-Site Scripting Vulnerability (PAN-SA-2018-0014) CVE-2018-10141 14 Mar 2019 6.1 (v3) Medium Pass AnalogX Proxy SOCKS4a DNS Hostname Handling Remote Over fl ow CVE-2002-1001 21 Sep 2002 10 (v2) Critical Pass ISC BIND named SIG Resource Server Response RR Over fl ow CVE-2002-1219 12 Nov 2002 10 (v2) Critical Pass IBM WebSphere Edge Caching Proxy DoS CVE-2002-1169 25 Nov 2002 5 (v2) Medium Pass LiteServe HTTP Service Malformed URL Decoding Remote DoS 18 Nov 2002 5 (v2) Medium Pass Service Detection (HELP Request) 18 Nov 2002 None Pass Unknown Service Detection: Banner Retrieval 18 Nov 2002 None Pass IRC Daemon Version Detection 19 Nov 2002 None Pass Webserver 4D Plaintext Password Storage CVE-2002-1521 26 Oct 2002 2.1 (v2) Low Pass Savant Web Server cgitest.exe Over fl ow CVE-2002-2146 27 Nov 2002 7.5 (v2) High Pass Windows FTP Server NULL Administrator Password 21 Nov 2002 10 (v2) Critical Pass KeyFocus (KF) Web Server Null Byte Request Restricted File / Directory Access 25 Nov 2002 5 (v2) Medium Pass Samba Encrypted Password String Conversion Decryption Over fl ow CVE-2002-1318 25 Nov 2002 10 (v2) Critical Pass SWS Web Server Un fi nished Line Remote DoS CVE-2002-2370 27 Nov 2002 5 (v2) Medium Pass myEvent Multiple Remote Vulnerabilities CVE-2006-1890 CVE-2006-1907 CVE-2006-1908 21 Apr 2006 7.5 (v2) High Pass 4553 Parasite Mothership Backdoor Detection 03 Dec 2002 10 (v2) Critical Pass phpPgAdmin sql.php goto Parameter Traversal Arbitrary File Access CVE-2001-0479 04 Sep 2002 5 (v2) Medium Pass Cyrus IMAP Server login Command Remote Over fl ow 20 Dec 2002 7.5 (v2) High Pass WebServer 4 Everyone Host Field Header Bu ff er Over fl ow CVE-2002-1941 25 Nov 2002 5 (v2) Medium Pass 3Com NBX ftpd CEL Command Remote Over fl ow (1) CVE-2002-2300 02 Dec 2002 7.5 (v2) High 7

Pass X Font Service Crafted XFS Query Remote Over fl ow CVE-2002-1317 04 Dec 2002 7.5 (v2) High Pass BitKeeper Daemon Mode di ff Shell Command Injection 16 Jan 2003 7.5 (v2) High Pass PlatinumFTPServer Multiple Vulnerabilities 18 Jan 2003 7.5 (v2) High Pass DB4Web Server db4web_c Filename Request Traversal Arbitrary File Access CVE-2002-1483 02 Dec 2002 5 (v2) Medium Pass WarFTPd CWD/MKD Command Over fl ow CVE-2000-0131 22 Jan 2003 4 (v2) Medium Pass IBM WebSphere HTTP Request Header Remote Over fl ow CVE-2002-1153 02 Dec 2002 5 (v2) Medium Pass Apache 2.2.x < 2.2.16 Multiple Vulnerabilities CVE-2010-1452 CVE-2010-2068 30 Jul 2010 5.3 (v3) Medium Pass Tomcat /status Information Disclosure 03 Feb 2003 6.5 (v3) Medium Pass WarFTPd USER/PASS Command Remote Over fl ow CVE-1999-0256 22 Jan 2003 7.5 (v2) High Pass RPC nibindd Service Detection 19 Oct 2003 5 (v2) Medium Pass Netscape / iPlanet .perf Remote Information Disclosure 06 Feb 2003 5 (v2) Medium Pass HTTP TRACE / TRACK Methods Allowed CVE-2003-1567 CVE-2004-2320 CVE-2010-0386 23 Jan 2003 5.3 (v3) Medium Pass LiteSpeed Web Server Source Code Information Disclosure CVE-2010-2333 04 Aug 2010 5 (v2) Medium Pass Web Server info.php / phpinfo.php Detection 12 Feb 2003 5.3 (v3) Medium Pass Stronghold swish Search Script Information Disclosure 12 Feb 2003 5 (v2) Medium Pass MS02-061: Microsoft SQL Server Multiple Vulnerabilities (uncredentialed check) CVE-2002-1137 CVE-2002-1138 CVE-2002-0649 CVE-2002-0650 CVE-2002-1145 CVE-2002-0644 CVE-2002-0645 CVE-2002-0721 25 Jan 2003 10 (v2) Critical Pass IBM WebSphere Application Server < 6.1.0.27 Multiple Vulnerabilities CVE-2009-0023 CVE-2009-1955 CVE-2009-1956 CVE-2009-2091 CVE-2009-2742 CVE-2009-2743 CVE-2009-2744 CVE-2009-3106 23 Sep 2009 5 (v2) Medium Pass Unpassworded 'root' Account CVE-1999-0502 CVE-2019-5021 20 Feb 2003 9.8 (v3) Critical Pass leafnode Cross-Posted Article Group Name Pre fi x DoS CVE-2002-1661 27 Oct 2009 5 (v2) Medium Pass ClarkConnect Linux clarkconnectd Remote Information Disclosure CVE-2003-1379 28 Feb 2003 5 (v2) Medium Pass CuteNews Multiple Script cutepath Parameter Arbitrary Command Execution CVE-2003-1240 28 Feb 2003 8.3 (v3) High Pass Cisco Catalyst Switches Embedded HTTP Server Long HTTP Request DoS (CSCdy26428) CVE-2002-1222 28 Feb 2003 7.5 (v3) High Pass Cisco VPN 3000 Concentrator PPTP/IPSEC Group Credential Authentication Bypass (CSCdv66718) CVE-2002-1092 01 Mar 2003 7.5 (v2) High Pass Cisco VPN 3000 Concentrator HTML Source Plaintext User Password Disclosure (CSCdv88230, CSCdw22408) CVE-2002-1096 01 Mar 2003 7.5 (v2) High Pass Cisco VPN 3000 Concentrator Multiple Vulnerabilities (CSCdx07754, CSCdx24622, CSCdx24632) CVE-2002-1100 CVE-2002-1098 01 Mar 2003 7.5 (v2) High Pass Cisco VPN 3000 Concentrator Certi fi cate Management Page HTML Source Certi fi cate Password Disclosure (CSCdw50657) CVE-2002-1097 01 Mar 2003 7.5 (v2) High Pass WihPhoto sendphoto.php Traversal Arbitrary File Access CVE-2003-1239 27 Feb 2003 5 (v2) Medium Pass Usermin ' miniserv.pl ' Base-64 String Metacharacter Handling Session Spoo fi ng CVE-2003-0101 28 Feb 2003 7.5 (v2) High Pass Microsoft Windows SMTP Service NTLM Null Session Authorization Bypass (uncredentialed check) CVE-2002-0054 02 Mar 2003 6.4 (v2) Medium Pass Juniper Junos SRX crafted packets destined to fxp0 denial of service (JSA10927) CVE-2019-0038 19 Apr 2019 6.5 (v3) Medium Pass ISC BIND < 9.2.2 DNS Resolver Functions Remote Over fl ow CVE-2002-0684 04 Mar 2003 10 (v2) Critical Pass ISC BIND Dynamic Updates Unauthorized Resource Record Manipulation 04 Mar 2003 5 (v2) Medium Pass sshd scp Traversal Arbitrary File Overwrite CVE-2000-0992 10 Mar 2003 5 (v2) Medium Pass SSH1 SSH Daemon Logging Failure CVE-2001-0471 10 Mar 2003 7.1 (v2) High Pass WordPress Plugin 'LifterLMS' < 3.37.15 Arbitrary File Write CVE-2020-6008 30 Apr 2020 9.8 (v3) Critical Pass OpenSSH Client Unauthorized X11 Remote Forwarding CVE-2000-1169 10 Mar 2003 7.5 (v2) High Pass Sendmail < 8.6.8 -debug Local Privilege Escalation CVE-1999-1309 11 Mar 2003 8.4 (v3) High Pass SimpleBBS users disclosure 10 Mar 2003 5 (v2) Medium Pass Sendmail < 8.8.4 Group Write File Hardlink Privilege Escalation CVE-1999-0129 11 Mar 2003 5.9 (v3) Medium Pass NFS Exported Share Information Disclosure CVE-1999-0170 CVE-1999-0211 CVE-1999-0554 12 Mar 2003 10 (v2) Critical Pass FreeBSD 2.x lpd Long DNS Hostname Over fl ow CVE-1999-0299 12 Mar 2003 7.5 (v2) High Pass AIX lpd Multiple Functions Remote Over fl ow CVE-2001-0671 12 Mar 2003 10 (v2) Critical Pass Multiple Vendor NFS CD Command Arbitrary File/Directory Access CVE-1999-0166 12 Mar 2003 5 (v2) Medium Pass Sendmail < 8.9.3 Header Prescan Function Message Header DoS CVE-1999-0393 11 Mar 2003 5.3 (v3) Medium Pass NFS Predictable Filehandles Filesystem Access CVE-1999-0167 12 Mar 2003 4.6 (v2) Medium Pass Irix Performance Copilot Service Information Disclosure CVE-2000-0283 CVE-2000-1193 13 Mar 2003 6.4 (v2) Medium Pass CVS pserver Brute Force Access 14 Mar 2003 7.5 (v2) High Pass HP-UX ftpd glob() Expansion STAT Bu ff er Over fl ow CVE-2001-0248 13 Mar 2003 9.8 (v3) Critical Pass SunFTP Multiple Command Traversal Arbitrary File Creation/Deletion CVE-2001-0283 13 Mar 2003 7.8 (v2) High Pass Simple File Manager Directory / Filename XSS CVE-2003-1539 12 Mar 2003 4.3 (v2) Medium Pass Microsoft IIS fpcount.exe CGI Remote Over fl ow CVE-1999-1376 13 Mar 2003 7.5 (v2) High Pass Samba TNG < 0.3.1 Multiple Remote Vulnerabilities CVE-2003-0085 22 Mar 2003 10 (v2) Critical Pass HP OpenView Network Node Manager Multiple Scripts hostname Parameter Remote Command Execution CVE-2009-3845 14 Dec 2009 10 (v2) Critical Pass Samba < 2.2.8 Multiple Vulnerabilities CVE-2003-0085 CVE-2003-0086 15 Mar 2003 10 (v2) Critical Pass Serv-U < 2.5e Multiple Vulnerabilities (OF, Path Disc) CVE-2000-0176 CVE-1999-0838 15 Mar 2003 5 (v2) Medium Pass Thunderstone Software Texis Crafted Request Information Disclosure 15 Mar 2003 5 (v2) Medium Pass smb2www Unspeci fi ed Arbitrary Remote Command Execution CVE-2002-1342 13 Mar 2003 7.5 (v2) High Pass IBM Lotus Notes Detection 17 Mar 2003 None Pass IMAP Service Banner Retrieval 18 Mar 2003 None Pass Backup Files Disclosure 17 Mar 2003 5 (v2) Medium Pass Apache 2.0.x < 2.0.43 Multiple Vulnerabilities (Log Injection, Source Disc.) CVE-2002-1156 CVE-2003-0083 17 Mar 2003 5.3 (v3) Medium Pass ProFTPD 1.2.0rc2 Malformed cwd Command Format String CVE-2001-0318 17 Mar 2003 10 (v2) Critical Pass XOOPS 1.0 RC1 Multiple Vulnerabilities CVE-2002-0216 CVE-2002-0217 CVE-2002-1802 22 Mar 2003 7.5 (v2) High Pass Mozilla Bonsai Mutiple Flaws (Auth Bypass, XSS, Cmd Exec, PD) CVE-2003-0152 CVE-2003-0153 CVE-2003-0154 CVE-2003-0155 22 Mar 2003 10 (v2) Critical Pass Microsoft Windows Administrator Default Password Detection (W32/Deloder Worm Susceptibility) 24 Mar 2003 9.8 (v3) Critical Pass Microsoft FrontPage Unpassworded Installation 04 Apr 2003 7.5 (v2) High Pass OpenWebMail < 1.90 Multiple Vulnerabilities CVE-2002-1385 CVE-2002-2410 19 Mar 2003 10 (v2) Critical Pass Mambo Site Server 4.0.10 XSS CVE-2003-1203 22 Mar 2003 4.3 (v2) Medium Pass Kebi Academy Home Page Administration fi le Parameter Traversal Arbitrary File Access 24 Mar 2003 7.5 (v2) High Pass SimpleChat Information Disclosure 25 Mar 2003 5 (v2) Medium Pass paFileDB pa fi ledb.php Multiple Parameter SQL Injection 26 Mar 2003 7.5 (v2) High Pass eMule Malformed Data Handling Remote DoS 25 Mar 2003 5 (v2) Medium Pass WebChat XSS 25 Mar 2003 4.3 (v2) Medium Pass VChat Multiple Remote Vulnerabilities 25 Mar 2003 5 (v2) Medium Pass DCP-Portal Multiple Script Path Disclosure CVE-2002-0282 26 Mar 2003 5 (v2) Medium Pass D-Link DSL Broadband Modem SNMP Cleartext ISP Credential Disclosure 27 Mar 2003 10 (v2) Critical Pass Sambar Server Default Accounts 28 Mar 2003 7.5 (v2) High Pass PostgreSQL < 7.2.3 Multiple Vulnerabilities CVE-2002-1397 CVE-2002-1398 CVE-2002-1399 CVE-2002-1400 CVE-2002-1401 CVE-2002-1402 24 Mar 2003 6.5 (v2) Medium Pass DCP-Portal lib.php root Parameter Remote File Inclusion 26 Mar 2003 8.3 (v3) High Pass FsSni ff er Backdoor Detection 29 Sep 2003 9.4 (v2) High Pass Sambar Server Multiple Script XSS 28 Mar 2003 4.3 (v2) Medium Pass Advanced Poll info.php Remote Information Disclosure CVE-2003-1181 27 Mar 2003 5 (v2) Medium Pass l2tpd Malformed Data Remote DoS 28 Mar 2003 5 (v2) Medium Pass Justice Guestbook 1.3 Multiple Vulnerabilities CVE-2003-1534 CVE-2003-1535 30 Mar 2003 5 (v2) Medium Pass Beanwebb's Guestbook 1.0 Multiple Vulnerabilities 30 Mar 2003 7.5 (v2) High Pass XOOPS Glossary Module glossaire-a ff .php lettre Parameter XSS 03 Apr 2003 4.3 (v2) Medium Pass ScozBook scozbook/add.php Multiple Parameter XSS CVE-2003-1554 CVE-2003-1555 30 Mar 2003 5 (v2) Medium Pass CC GuestBook cc_guestbook.pl Multiple Parameter XSS CVE-2003-1556 30 Mar 2003 4.3 (v2) Medium Pass OpenSSH < 2.5.2 / 2.5.2p2 Multiple Information Disclosure Vulnerabilities CVE-2001-0361 CVE-2001-0572 04 Oct 2011 5 (v2) Medium Pass Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS CVE-2002-2272 04 Apr 2003 5 (v2) Medium Pass NETGEAR FM114P ProSafe Router Multiple Vulnerabilities 03 Apr 2003 7.5 (v2) High Pass Linksys Router Default Password (admin) 06 Apr 2003 7.5 (v2) High Pass Abyss Web Server Malformed GET Request Remote DoS CVE-2003-1364 06 Apr 2003 5 (v2) Medium Pass Ocean12 Guestbook XSS 14 Apr 2003 4.3 (v2) Medium Pass Check Point FireWall-1 Open Web Administration 04 Apr 2003 None Pass HP Instant TopTools hpnst.exe CGI DoS CVE-2003-0169 06 Apr 2003 5 (v2) Medium Pass AutomatedShops WebC.cgi Multiple Over fl ows 04 Apr 2003 7.5 (v2) High Pass Coppermine Photo Gallery Multiple Extension File Upload Arbitrary PHP Code Execution 07 Apr 2003 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.25 Multiple Vulnerabilities CVE-2007-6679 CVE-2008-0740 CVE-2008-0741 05 Apr 2010 10 (v2) Critical Pass SheerDNS < 1.0.1 Multiple Vulnerabilities 14 Apr 2003 5 (v2) Medium Pass Default Password for FTP 'admin' Account 15 Apr 2003 9.8 (v3) Critical Pass Xeneo Web Server %A Request Remote DoS CVE-2002-1248 23 Apr 2003 5 (v2) Medium Pass MDG Web Server 4D GET Request Remote Over fl ow 04 May 2003 5 (v2) Medium Pass BadBlue ISAPI Extension .hts Crafted File Extension Request Authentication Bypass CVE-2003-0332 27 Apr 2003 7.6 (v2) High Pass Xeneo Web Server 2.2.9.0 GET Request Remote Over fl ow DoS 23 Apr 2003 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 11 Multiple Vulnerabilities CVE-2010-0774 CVE-2010-0775 CVE-2010-0776 CVE-2010-0777 CVE-2010-0778 CVE-2010-0779 CVE-2010-1650 CVE-2010-1651 CVE-2010-2324 CVE-2010-2325 CVE-2010-2326 CVE-2010-2327 CVE-2010-2328 22 Jun 2010 10 (v2) Critical Pass Nokia IPSO Voyager WebGUI read fi le.tcl fi le Parameter Arbitrary File Access 24 Apr 2003 5 (v2) Medium Pass IdeaBox include.php ideaDir Parameter Remote File Inclusion 29 Apr 2003 8.3 (v3) High Pass bttlxeForum login.asp Multiple Field SQL Injection CVE-2003-0215 24 Apr 2003 7.5 (v2) High Pass Coppermine Photo Gallery displayimage.php SQL Injection 04 May 2003 7.5 (v2) High Pass FTP Server root Directory .forward File Present 04 May 2003 5 (v2) Medium Pass FTP Server root Directory .rhosts File Present 04 May 2003 5 (v2) Medium 8

Pass WebWeaver FTP Aborted RETR Command Remote DoS 06 May 2003 5.3 (v3) Medium Pass thttpd Host Header Traversal Arbitrary File Access CVE-2002-1562 CVE-2003-0899 06 May 2003 5 (v2) Medium Pass FTGatePro Mail Server Multiple Command Remote Over fl ow CVE-2003-0263 06 May 2003 5 (v2) Medium Pass Sambar Server Cleartext Password Transmission 07 May 2003 4.3 (v2) Medium Pass FileMaker Pro Client Request User Passwords Remote Disclosure 07 May 2003 7.5 (v2) High Pass StockMan Shopping Cart shop.plx Path Disclosure 05 May 2003 5 (v2) Medium Pass Mike Bobbitt's album.pl Alternative Con fi guration File Remote Command Execution CVE-2003-1456 06 May 2003 5 (v2) Medium Pass SLMail < 5.1.0.4433 Multiple Command Remote Over fl ows CVE-2003-0264 07 May 2003 7.5 (v2) High Pass ArGoSoft Mail Server HTTP Daemon GET Request Saturation DoS 11 Jun 2003 5 (v2) Medium Pass PT News Unauthorized Administrative Access 07 May 2003 6.4 (v2) Medium Pass SLMail WebMail Multiple Remote Over fl ows CVE-2003-0266 CVE-2003-0267 CVE-2003-0268 07 May 2003 7.5 (v2) High Pass mod_survey For Apache ENV Tags SQL Injection 09 May 2003 7.5 (v2) High Pass MailMaxWeb Cookie Application Path Disclosure 07 May 2003 5 (v2) Medium Pass BEA WebLogic SSIServlet Invocation Source Code Disclosure CVE-2000-0683 08 May 2003 5 (v2) Medium Pass Ikonboard FUNC.pm lang Cookie Arbitrary Command Execution CVE-2003-0770 08 May 2003 7.5 (v2) High Pass Cacti index.php/sql.php Login Action login_username Parameter SQL Injection CVE-2008-0785 13 Feb 2008 7.5 (v2) High Pass Eserv Non-Terminated Connection Saturation DoS 12 May 2003 7.8 (v2) High Pass VMware vCenter Server 6.0.x < 6.0u2 Unspeci fi ed HTTP Header Injection (VMSA-2016-0010) CVE-2016-5331 11 Aug 2016 6.1 (v3) Medium Pass Proxy Web Server XSS CVE-2003-0292 19 May 2003 4.3 (v2) Medium Pass Lovgate Virus Detection 19 May 2003 10 (v2) Critical Pass Juniper Junos OS Vulnerability (JSA11115) CVE-2019-8936 15 Apr 2021 7.5 (v3) High Pass MailMax IMAP Server SELECT Command Remote Over fl ow CVE-2003-0319 19 May 2003 6.5 (v2) Medium Pass BadBlue ISAPI Extension ext.dll LoadPage Parameter Arbitrary File Access 20 May 2003 7.6 (v2) High Pass WsMp3 Daemon (WsMp3d) HTTP Traversal Arbitrary File Execution/Access CVE-2003-0338 21 May 2003 7.5 (v2) High Pass BLNews objects.inc.php4 Server[path] Parameter Remote File Inclusion CVE-2003-0394 27 May 2003 8.3 (v3) High Pass Juniper Junos OS Vulnerability (JSA11152) CVE-2021-0261 15 Apr 2021 7.5 (v3) High Pass ShareMailPro POP3 Interface Error Message Account Enumeration 27 May 2003 5 (v2) Medium Pass SolarWinds Storage Resource Monitor Pro fi ler addNewRule SQL Injection RCE 26 Jul 2016 10 (v2) Critical Pass Synchrologic Email Accelerator aggregate.asp User Account Disclosure 28 May 2003 5 (v2) Medium Pass TextPortal Default Passwords 28 May 2003 7.5 (v2) High Pass CafeLog B2 Multiple Script Remote File Inclusion 29 May 2003 8.3 (v3) High Pass Webfroot shoutbox.php conf Parameter Traversal Local File Inclusion 29 May 2003 7.5 (v2) High Pass iisPROTECT Unpassworded Administrative Interface 28 May 2003 7.5 (v2) High Pass Microsoft Media Services ISAPI nsiislog.dll Multiple Over fl ows CVE-2003-0227 CVE-2003-0349 28 May 2003 10 (v2) Critical Pass BaSoMail SMTP Multiple Command Remote Over fl ow DoS 02 Jun 2003 10 (v2) Critical Pass Bandmin 1.4 index.cgi Multiple Parameter XSS CVE-2003-0416 29 May 2003 4.3 (v2) Medium Pass Super-M Son hServer URI Traversal Arbitrary File Access CVE-2003-0417 02 Jun 2003 5 (v2) Medium Pass mod_gzip Detection 02 Jun 2003 5 (v2) Medium Pass ST FTP Service Arbitrary File/Directory Access CVE-2003-0392 02 Jun 2003 5.3 (v3) Medium Pass Linux NFS utils package (nfs-utils) mountd xlog Function O ff -by-one Remote Over fl ow CVE-2003-0252 23 Jul 2003 10 (v2) Critical Pass IBM WebSphere Application Server < 6.1.0.17 Multiple Vulnerabilities CVE-2008-2550 CVE-2009-0435 10 Jun 2008 7.5 (v2) High Pass PostNuke Rating System DoS 02 Jun 2003 5 (v2) Medium Pass Xpressions Interactive Multiple Products login.asp SQL Injection 04 Jun 2003 7.5 (v2) High Pass Cisco IDS Device Manager Detection 03 Jun 2003 None Pass Juniper Junos OS Vulnerability (JSA11155) CVE-2021-0264 15 Apr 2021 7.5 (v3) High Pass zenTrack index.php con fi gFile Parameter Traversal Arbitrary Files Access 09 Jun 2003 5 (v2) Medium Pass Gnutella Root Directory Miscon fi guration 11 Jun 2003 7.8 (v2) High Pass Avirt Multiple Product HTTP Proxy Over fl ow (deprecated) CVE-2002-0133 11 Jun 2003 7.5 (v2) High Pass Bugbear.B Web Backdoor Detection 09 Jun 2003 10 (v2) Critical Pass Oracle WebLogic Server Plug-in Remote Over fl ow (1166189) CVE-2008-5457 15 Jan 2009 10 (v2) Critical Pass Bugbear.B Worm Detection 11 Jun 2003 10 (v2) Critical Pass In fi nity CGI Exploit Scanner Multiple Vulnerabilities 16 Jun 2003 7.5 (v2) High Pass Secure HyperText Transfer Protocol (S-HTTP) Detection 11 Jun 2003 5 (v2) Medium Pass Proxomitron GET Request Over fl ow Remote DoS 18 Jun 2003 5 (v2) Medium Pass NGC Active FTPServer 2002 Multiple Command Remote DoS 18 Jun 2003 10 (v2) Critical Pass CUPS Printer List Disclosure 18 Jun 2003 5 (v2) Medium Pass pMachine lib.inc.php pm_path Parameter Remote File Inclusion CVE-2003-1086 16 Jun 2003 7.3 (v3) High Pass Psunami.CGI Command Execution 17 Jun 2003 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA11143) CVE-2021-0250 15 Apr 2021 7.5 (v3) High Pass Vignette StoryServer < 6.0.4 Arbitrary TCL Code Execution CVE-2003-0398 CVE-2003-0399 CVE-2003-0402 CVE-2003-0405 17 Jun 2003 7.5 (v2) High Pass PostgreSQL Authentication Module (mod_sql) for ProFTPD USER Name Parameter SQL Injection CVE-2003-0500 19 Jun 2003 7.5 (v2) High Pass Zope Invalid Query Path Disclosure 23 Jun 2003 5 (v2) Medium Pass TMaxSoft JEUS url.jsp URI XSS 19 Jun 2003 4.3 (v2) Medium Pass Cajun Switch Negative Integer Handling Remote DoS 18 Jun 2003 7.8 (v2) High Pass UPnP TCP Helper Detection 19 Jun 2003 None Pass Abyss Web Server GET Request Multiple Vulnerabilities CVE-2003-1337 30 Jun 2003 7.5 (v2) High Pass iXmail index.php password Parameter SQL Injection 27 Jun 2003 7.5 (v2) High Pass ProductCart Multiple Vulnerabilities CVE-2003-0522 CVE-2003-0523 CVE-2003-1304 08 Jul 2003 5 (v2) Medium Pass VP-ASP shopexd.asp catalogid Parameter SQL Injection CVE-2002-1919 08 Jul 2003 7.5 (v2) High Pass IBM BigFix Server 9.2.x < 9.2.8.74 .beswrpt File Handling XSS CVE-2016-0293 30 Aug 2016 6.1 (v3) Medium Pass UnrealIRCd OperServ Raw Channel Join DoS 21 Jul 2003 5 (v2) Medium Pass FTP Server Copyrighted Material Present 26 Jun 2003 None Pass Forum51/Board51/News51 Users Disclosure 21 Jul 2003 5 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11166) CVE-2021-0275 15 Apr 2021 8.8 (v3) High Pass WebCalendar long.php user_inc Parameter Traversal Arbitrary File Access 21 Jul 2003 6.8 (v2) Medium Pass TrueType Font Server for X11 (xfstt) Malformed Packet Remote Over fl ow CVE-2003-0581 01 Aug 2003 10 (v2) Critical Pass RIP Poisoning Routing Table Modi fi cation 03 Sep 2003 7.5 (v2) High Pass TFTP Daemon Detection 13 Aug 2003 None Pass RIP Detection 28 Aug 2003 None Pass Dropbear SSH Server Username Remote Format String 20 Aug 2003 10 (v2) Critical Pass myPHPNuke phptonuke.php fi lnavn Parameter Traversal Arbitrary File Access CVE-2002-1913 31 Aug 2003 5 (v2) Medium Pass Stellar Docs Malformed Query Path Disclosure 11 Aug 2003 5 (v2) Medium Pass Sendmail < 8.12.10 prescan() Function Remote Over fl ow CVE-2003-0681 CVE-2003-0694 17 Sep 2003 10 (v3) Critical Pass WinMX Detection (uncredentialed check) 22 Sep 2003 5.3 (v3) Medium Pass FastTrack (FT) Crafted Packet Handling Remote Over fl ow CVE-2003-0397 22 Sep 2003 7.5 (v2) High Pass Exclude top-level domain wildcard hosts 18 Sep 2003 None Pass Overnet Detection 22 Sep 2003 None Pass Solaris sadmind AUTH_SYS Credential Remote Command Execution CVE-2003-0722 19 Sep 2003 10 (v2) Critical Pass myPHPNuke My_eGallery gallery/displayCategory.php basepath Parameter Remote File Inclusion CVE-2006-6795 12 Sep 2003 8.3 (v3) High Pass ISC BIND < 4.9.11 stub resolver (libresolv.a) DNS Response Over fl ow CVE-2002-0029 29 Sep 2003 10 (v2) Critical Pass MyServer 0.4.3 / 0.7 Crafted Traversal Arbitrary File Access CVE-2004-2516 26 Sep 2003 5 (v2) Medium Pass WordPress 'blog.header.php' Multiple Parameter SQL Injection 03 Oct 2003 7.5 (v2) High Pass EMC Documentum D2 4.5.x < 4.5 P15 / 4.6.x < 4.6 P03 r_object_id Handling Unauthenticated Document Disclosure (ESA-2016-108) CVE-2016-6644 26 Sep 2016 5.3 (v3) Medium Pass Fluxay Sensor Detection 13 Oct 2003 10 (v2) Critical Pass Wollf Backdoor Detection 13 Oct 2003 10 (v2) Critical Pass OpenSSL ASN.1 Parser Multiple Remote DoS CVE-2003-0543 CVE-2003-0544 CVE-2003-0545 CVE-2005-1247 CVE-2005-1730 10 Oct 2003 9.3 (v2) High Pass XtraMail SMTP HELO Command Remote Over fl ow CVE-1999-1511 10 Nov 1999 10 (v2) Critical Pass Symantec Backup Exec System Recovery Manager FileUpload Class Unauthorized File Upload CVE-2008-0457 09 Feb 2008 10 (v2) Critical Pass myPHPcalendar Multiple Scripts cal_dir Parameter Remote File Inclusion CVE-2006-6812 12 Oct 2003 8.3 (v3) High Pass NIPrint LPD-LPR Print Server String Handling Remote Over fl ow CVE-2003-1141 17 Nov 2003 7.5 (v2) High Pass Monkey HTTP Daemon (monkeyd) Post_Method Function Crafted Content-Length Header DoS CVE-2002-1663 13 Nov 2003 5.3 (v3) Medium Pass TinyWeb cgi-bin Crafted HTTP GET Request DoS CVE-2003-1510 16 Oct 2003 7.8 (v2) High Pass Quagga / Zebra Malformed Telnet Command Denial of Service CVE-2003-0795 17 Nov 2003 5 (v2) Medium Pass SAP DB / MaxDB Detection 22 Nov 2003 None Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0007) (remote check) CVE-2009-3732 CVE-2010-1141 CVE-2010-1142 08 Mar 2016 10 (v2) Critical Pass Ebola AV Daemon < 0.1.5 Authentication Sequence Remote Over fl ow 10 Dec 2003 7.5 (v2) High Pass OpenSSL 0.9.8 < 0.9.8zb Multiple Vulnerabilities CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 08 Aug 2014 4.3 (v2) Medium Pass VP-ASP shopsearch SQL Injection 04 Dec 2003 4.4 (v2) Medium Pass SGDynamo sgdynamo.exe HTNAME Parameter Path Disclosure 18 Dec 2003 4.3 (v2) Medium Pass CVS PServer CVSROOT Passwd File Arbitrary Code Execution 01 Jan 2004 9 (v2) High Pass Jordan's Windows Telnet Server Password Handling Remote Over fl ow 01 Jan 2004 7.5 (v2) High Pass eScan Server Management Console (eserv.exe) FTP Server Arbitrary File Download CVE-2008-1221 07 Mar 2008 5 (v2) Medium 9

Pass Compaq Web-Based Management Agent Remote Over fl ow DoS 06 Jan 2004 5 (v2) Medium Pass KpyM Telnet Server DoS 07 Jan 2004 5 (v2) Medium Pass Bagle Worm Removal 21 Jan 2004 10 (v2) Critical Pass Zope < 2.6.3 Multiple Vulnerabilities 13 Jan 2004 5 (v2) Medium Pass Apache 2.2.x < 2.2.21 mod_proxy_ajp DoS CVE-2011-3348 16 Sep 2011 5.3 (v3) Medium Pass DNS Server Fingerprinting 16 Dec 2003 None Pass APSIS Pound Load Balancer Format String Over fl ow CVE-2004-2026 15 Jun 2004 7.5 (v2) High Pass Finjan Sur fi nGate Proxy FHTTP Command Admin Functions Authentication Bypass CVE-2004-2107 02 Feb 2004 7.5 (v2) High Pass JBrowser _admin/ Direct Request Admin Authentication Bypass CVE-2007-1156 02 Feb 2004 7.5 (v2) High Pass PJ CGI Neo PJreview_Neo.cgi p Parameter Traversal Arbitrary File Access CVE-2004-2132 02 Feb 2004 5 (v2) Medium Pass XTreme ASP Photo Gallery adminlogin.asp Multiple Parameter SQL Injection CVE-2004-2746 16 Jan 2004 7.5 (v2) High Pass Qualiteam X-Cart Multiple Script perl_binary Parameter Arbitrary Command Execution CVE-2004-0241 03 Feb 2004 10 (v2) Critical Pass Apache-SSL SSLVerifyClient SSLFakeBasicAuth Client Certi fi cate Forgery CVE-2004-0009 06 Feb 2004 7.3 (v3) High Pass Mambo Site Server itemid Parameter XSS CVE-2004-2072 06 Feb 2004 4.3 (v2) Medium Pass MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028) (uncredentialed check) (HTTP) CVE-2003-0818 15 Feb 2004 7.5 (v2) High Pass BEA WebLogic con fi g.xml Operator/Admin Password Disclosure CVE-2004-1757 05 Feb 2004 4.4 (v2) Medium Pass Google Search Appliance proxystylesheet Parameter Multiple Remote Vulnerabilities (XSS, Code Exec, ID) CVE-2005-3754 CVE-2005-3755 CVE-2005-3756 CVE-2005-3757 CVE-2005-3758 22 Nov 2005 7.5 (v2) High Pass vBulletin search.php query Parameter XSS CVE-2004-2076 16 Feb 2004 4.3 (v2) Medium Pass Bagle.B Worm Detection 17 Feb 2004 9.3 (v2) High Pass MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028) (uncredentialed check) (NTLM) CVE-2003-0818 13 Feb 2004 9.8 (v3) Critical Pass Serv-U MDTM Command Over fl ow CVE-2004-0330 26 Feb 2004 9 (v2) High Pass ASN.1 Multiple Integer Over fl ows (SMTP check) CVE-2003-0818 18 Feb 2004 10 (v2) Critical Pass APC SmartSlot Web/SNMP Management Card Default Password CVE-2004-0311 18 Feb 2004 10 (v2) Critical Pass Crob FTP Server Connection Saturation Remote DoS CVE-2004-0282 17 Feb 2004 5 (v2) Medium Pass Ecommerce Corp. Online Store Kit 3.0 Multiple Vulnerabilities CVE-2004-0300 CVE-2004-0301 17 Feb 2004 7.5 (v2) High Pass TalentSoft Web+ webplus.exe Path Disclosure 24 Feb 2004 5 (v2) Medium Pass TYPSoft FTP Server 1.10 Invalid Path Request DoS CVE-2004-0325 25 Feb 2004 7.8 (v2) High Pass Apache Tomcat Default Files 02 Mar 2004 5.3 (v3) Medium Pass WFTP 3.21 Multiple Vulnerabilities (OF, DoS) CVE-2004-0340 CVE-2004-0341 CVE-2004-0342 29 Feb 2004 7.2 (v2) High Pass DreamFTP Server username Remote Format String CVE-2004-2074 04 Mar 2004 7.3 (v3) High Pass Apache 2.0.x < 2.0.49 mod_ssl Plain HTTP Request DoS CVE-2004-0113 14 Mar 2004 5.3 (v3) Medium Pass Robo-FTP Pre-authentication Command Execution DoS 27 Feb 2004 5 (v2) Medium Pass HotOpentickets Privilege Escalation 04 Mar 2004 6.5 (v2) Medium Pass ShopCartCGI Multiple Script Traversal Arbitrary File Access CVE-2004-0293 17 Feb 2004 5 (v2) Medium Pass Courier < 0.45 Multiple Remote Over fl ows CVE-2004-0224 14 Mar 2004 10 (v2) Critical Pass Apache Tomcat source.jsp Arbitrary Directory Listing CVE-2002-2007 31 Mar 2004 5.3 (v3) Medium Pass Agobot.FO Backdoor Detection 05 Apr 2004 10 (v2) Critical Pass Invision Power Board index.php pop Parameter XSS CVE-2004-2279 14 Mar 2004 4.3 (v2) Medium Pass Oracle 9iAS iSQLplus XSS 17 Mar 2004 4.3 (v2) Medium Pass oftpd PORT Command Remote DoS CVE-2004-0376 04 Apr 2004 5 (v2) Medium Pass Web Server Incomplete Basic Authentication DoS (deprecated) 11 Apr 2004 7.5 (v2) High Pass Novell NetWare Web Handler Multiple Vulnerabilities CVE-2002-1436 CVE-2002-1437 CVE-2002-1438 21 Nov 2002 7.5 (v2) High Pass Novell Groupwise Servlet Manager Default Password CVE-2001-1195 31 Mar 2004 5 (v2) Medium Pass Aborior Encore WebForum display.cgi fi le Parameter Command Execution CVE-2004-1888 04 Apr 2004 7.5 (v2) High Pass Ultimate PHP Board add.php Direct Request Information Disclosure CVE-2002-2276 05 Apr 2004 5 (v2) Medium Pass XOOPS Article Module article.php id Parameter SQL Injection CVE-2008-2094 23 Apr 2008 7.5 (v2) High Pass CVS Client Traversal Arbitrary File Retrieval CVE-2004-0405 16 Apr 2004 5 (v2) Medium Pass TCP/IP Sequence Prediction Blind Reset Spoo fi ng DoS CVE-2004-0230 25 Apr 2004 5 (v2) Medium Pass Web Server Load Balancer Detection 04 May 2004 2.6 (v2) Low Pass Web Server Reverse Proxy Detection 04 May 2004 5 (v2) Medium Pass MS04-011: Security Update for Microsoft Windows (835732) (uncredentialed check) CVE-2003-0533 15 Apr 2004 9.8 (v3) Critical Pass Helix RealServer HTTP GET Request DoS CVE-2004-0389 15 Apr 2004 7.8 (v2) High Pass Xerox WorkCentre Extensible Interface Platform Unspeci fi ed Security Bypass (XRX08-006) CVE-2008-2824 13 Jun 2008 10 (v2) Critical Pass Microsoft IIS Cookie information disclosure 06 May 2004 5 (v2) Medium Pass AppSocket & socketAPI Printers - Do Not Scan 19 May 2004 None Pass RPC bootparamd NIS Domain Name Disclosure 13 May 2004 5 (v2) Medium Pass NIS passwd.byname Map Disclosure 13 May 2004 5 (v2) Medium Pass IBM Lotus Domino ?ReadDesign Request Design Element Disclosure 26 May 2004 5 (v2) Medium Pass UoW imap Server (uw-imapd) Arbitrary Remote File Access CVE-2002-1782 26 May 2004 2.1 (v2) Low Pass mod_ssl ssl_util_uuencode_binary Remote Over fl ow CVE-2004-0488 29 May 2004 7.5 (v2) High Pass Terminal Services Web Detection 07 May 2004 None Pass H323 Protocol / VoIP Application Detection 20 May 2004 None Pass Subversion < 1.0.4 Pre-Commit-Hook Remote Over fl ow 08 Jun 2004 7.5 (v2) High Pass jPortal print.inc.php id Parameter SQL Injection CVE-2004-2036 29 May 2004 7.5 (v2) High Pass Qpopper Authentication Timing Response Account Enumeration 16 Jun 2004 5 (v2) Medium Pass Record Route 09 Jun 2004 None Pass US Robotics Broadband Router 8003 menu.htm Admin Password Disclosure 11 Jun 2004 10 (v2) Critical Pass MS04-017: Crystal Reports Web Viewer Could Allow Information Disclosure and DoS (842689) (uncredentialed check) CVE-2004-0204 11 Jun 2004 7.5 (v2) High Pass EDIMAX Wireless AP Default Password Check 11 Jun 2004 10 (v2) Critical Pass WordPress < 0.72 RC1 Multiple Vulnerabilities CVE-2003-1599 09 Jun 2003 7.3 (v3) High Pass Microsoft IIS Download.Ject Trojan Detection 25 Jun 2004 7.5 (v2) High Pass JetBrains TeamCity Agent XML-RPC Port RCE 10 Nov 2016 9.8 (v3) Critical Pass Unreal Engine Secure Query Remote Over fl ow CVE-2004-0608 22 Jun 2004 10 (v2) Critical Pass Horde Chora CVS Viewer di ff Utility Arbitrary Command Execution 21 Jun 2004 7.5 (v2) High Pass Citrix MetaFrame XP login.asp NFuse_Message Parameter XSS CVE-2003-1157 06 Jul 2004 4.3 (v2) Medium Pass Inktomi Search MS-DOS Device Name Request Path Disclosure CVE-2004-0050 06 Jul 2004 5 (v2) Medium Pass osTicket Arbitrary Attachment Disclosure CVE-2004-0613 14 Jul 2004 5 (v2) Medium Pass IMP Software Detection 10 Jul 2004 None Pass osTicket Form Field Modi fi cation File Upload Size Restriction Bypass CVE-2004-0614 14 Jul 2004 5 (v2) Medium Pass osTicket Attachment Handling File Upload Arbitrary Code Execution CVE-2004-0613 14 Jul 2004 7.5 (v2) High Pass Splunk Enterprise 6.1.x < 6.1.3 Multiple Vulnerabilities CVE-2014-5197 CVE-2014-5198 18 Aug 2014 4.3 (v2) Medium Pass SquirrelMail Detection 11 Jul 2004 None Pass Mensajeitor Tag Board Admin Bypass 26 Jul 2004 5 (v2) Medium Pass Subversion < 1.0.6 mod_authz_svn Restricted File Access Bypass CVE-2004-1438 27 Jul 2004 5 (v2) Medium Pass Citadel/UX USER Command Remote Over fl ow CVE-2004-1705 30 Jul 2004 10 (v2) Critical Pass Horde Chora Software Detection 28 Jul 2004 None Pass RiSearch show.pl Open Proxy Relay CVE-2004-2061 02 Aug 2004 7.5 (v2) High Pass PowerPortal modules/private_messages/index.php Multiple Parameter XSS CVE-2004-2514 01 Aug 2004 4.3 (v2) Medium Pass Samba < 3.0.7 Multiple Remote DoS CVE-2004-0807 CVE-2004-0808 13 Sep 2004 5 (v2) Medium Pass Medal of Honor Multiple Remote Over fl ows CVE-2004-0735 10 Aug 2004 10 (v2) Critical Pass MySQL < 3.23.59 / 4.0.21 Multiple Vulnerabilities CVE-2004-0835 CVE-2004-0837 11 Oct 2004 7.5 (v2) High Pass Zincite.A (MyDoom.M) Backdoor Detection 02 Aug 2004 10 (v2) Critical Pass WebCam Watchdog sresult.exe XSS CVE-2004-2528 02 Aug 2004 4.3 (v2) Medium Pass Juniper Junos OS Multiple Vulnerabilities (JSA11171) CVE-2013-5211 CVE-2016-9310 15 Apr 2021 6.5 (v3) Medium Pass thttpd 2.0.7 Directory Traversal (Windows) CVE-2004-2628 09 Aug 2004 5 (v2) Medium Pass Polar HelpDesk Authentication Bypass CVE-2004-2736 02 Aug 2004 7.5 (v2) High Pass BasiliX Message Content XSS CVE-2002-1708 09 Aug 2004 4.3 (v2) Medium Pass Basilix Webmail id Variable SQL Injection CVE-2002-1709 09 Aug 2004 6.4 (v2) Medium Pass RiSearch show.pl Arbitrary File Access CVE-2004-2061 04 Aug 2004 5 (v2) Medium Pass BreakCalendar < 1.3 XSS 09 Aug 2004 4.3 (v2) Medium Pass Dropbear SSH Server DSS Veri fi cation Failure Remote Privilege Escalation CVE-2004-2486 09 Aug 2004 7.5 (v2) High Pass GoScript go.cgi Arbitrary Command Execution CVE-2004-2776 09 Aug 2004 7.5 (v2) High Pass Knox Arkeia Network Backup Agent Default Account CVE-2005-0496 21 Feb 2005 10 (v2) Critical Pass CVSTrac cgi.c Multiple Over fl ows 17 Aug 2004 7.5 (v2) High Pass CVSTrac Database Plaintext Password Storage 17 Aug 2004 5 (v2) Medium Pass SNMP Scanner 15 Aug 2004 None Pass CVSTrac Invalid Ticket DoS 17 Aug 2004 5 (v2) Medium Pass BasiliX login.php3 username Variable Arbitrary Command Execution 09 Aug 2004 6.8 (v2) Medium Pass phpGroupWare Unspeci fi ed Remote File Inclusion 17 Aug 2004 7.5 (v2) High Pass CVS history.c File Existence Information Disclosure CVE-2004-0778 20 Aug 2004 5 (v2) Medium Pass CVSTrac Ticket Title Arbitrary Command Execution 17 Aug 2004 7.5 (v2) High Pass CVSTrac timeline.c timeline_page Function Over fl ow 17 Aug 2004 7.5 (v2) High 10

Pass Keene Digital Media Server Multiple Script XSS 08 Sep 2004 4.3 (v2) Medium Pass WordPress Trackback 'wp-trackback.php' 'tb_id' Parameter SQL Injection CVE-2007-0233 12 Jan 2007 7.5 (v2) High Pass PHP-Nuke PhotoADay Module pad_selected Parameter XSS 23 Aug 2004 4.3 (v2) Medium Pass MAILsweeper Archive File Filtering Bypass CVE-2003-0922 CVE-2003-0929 CVE-2003-0930 23 Aug 2004 7.5 (v2) High Pass Mailreader network.cgi enriched/richtext MIME Message XSS CVE-2005-0386 30 Mar 2005 4.3 (v2) Medium Pass SOCKS4 Server Recursive Connection Remote DoS 20 Feb 2005 7.8 (v2) High Pass eGroupWare <= 1.0.00.003 Multiple Module XSS CVE-2004-1467 23 Aug 2004 4.3 (v2) Medium Pass INL ulog-php port.php proto Parameter SQL Injection 24 Aug 2004 7.5 (v2) High Pass WebAPP Directory Traversal CVE-2004-1742 24 Aug 2004 5 (v2) Medium Pass Easy File Sharing Web Server disk_c Virtual Folder Request Arbitrary File Access CVE-2004-1743 26 Aug 2004 7.8 (v2) High Pass WS_FTP Server Path Parsing Remote DoS CVE-2004-1643 31 Aug 2004 7.8 (v2) High Pass WS_FTP Server CWD Command Remote DoS CVE-1999-0362 31 Aug 2004 5 (v2) Medium Pass Titan FTP Server Multiple Command Remote Over fl ow CVE-2004-1641 31 Aug 2004 10 (v2) Critical Pass External Scanner Service Identi fi cation 05 Sep 2004 None Pass HastyMail HTML Attachment Script Execution CVE-2004-2704 25 Aug 2004 4.3 (v2) Medium Pass WebMatic Unspeci fi ed Login Function Access Vulnerability 26 Aug 2004 7.5 (v2) High Pass Merak Webmail / IceWarp Web Mail < 5.2.8 Multiple Vulnerabilities CVE-2004-1719 CVE-2004-1720 CVE-2004-1721 CVE-2004-1722 26 Aug 2004 7.5 (v2) High Pass WS_FTP Server STAT Command Remote Over fl ow 31 Aug 2004 10 (v2) Critical Pass TorrentTrader download.php id Parameter SQL Injection 01 Sep 2004 7.5 (v2) High Pass IlohaMail Attachment Arbitrary File Create/Overwrite 02 Sep 2004 5 (v2) Medium Pass IlohaMail index.php session Parameter Arbitrary File Access 02 Sep 2004 5 (v2) Medium Pass IlohaMail index.php init_lang Parameter Arbitrary File Access 02 Sep 2004 5 (v2) Medium Pass Xedus Web Server Traversal Arbitrary File Access CVE-2004-1646 03 Sep 2004 5 (v2) Medium Pass Cerbere HTTP Proxy Server Host: Header Remote DoS 02 Sep 2004 7.8 (v2) High Pass IlohaMail user Parameter XSS 02 Sep 2004 4.3 (v2) Medium Pass IlohaMail Multiple External Programs Arbitrary Command Execution 02 Sep 2004 7.5 (v2) High Pass SOCKS5 Server Recursive Connection Remote DoS 20 Feb 2005 5 (v2) Medium Pass eZ/eZphotoshare Connection Saturation Remote DoS 08 Sep 2004 5 (v2) Medium Pass TYPSoft FTP Server Empty Username DoS CVE-2004-0252 13 Sep 2004 5 (v2) Medium Pass TYPSoft FTP Server Crafted RETR Command Sequence Remote DoS 09 Sep 2004 5 (v2) Medium Pass TYPSoft FTP Server LIST Command Traversal Arbitrary Directory Listing CVE-2002-0558 13 Sep 2004 4 (v2) Medium Pass Subversion < 1.0.8 / 1.1.0-rc4 mod_authz_svn Unreadable Path Metadata Information Disclosure CVE-2004-0749 23 Sep 2004 5 (v2) Medium Pass OpenCA crypto-utils.lib libCheckSignature Function Signature Validation Weakness CVE-2004-0004 13 Sep 2004 7.5 (v2) High Pass Turbo Seek tseekdir.cgi location Parameter Arbitrary File Access 14 Sep 2004 5 (v2) Medium Pass BBS E-Market Professional index.php fi lename Parameter Traversal Arbitrary File Access 21 Sep 2004 5 (v2) Medium Pass Service Detection: 3 ASCII Digit Code Responses 17 Sep 2004 None Pass IP Protocols Scan 22 Sep 2004 None Pass Active WebCam Webserver <= 5.5 Multiple Vulnerabilities (DoS, Path Disc) CVE-2005-0730 CVE-2005-0731 CVE-2005-0732 CVE-2005-0733 CVE-2005-0734 12 Mar 2005 5 (v2) Medium Pass aspWebAlbum album.asp SQL Injection CVE-2004-1553 24 Sep 2004 6.8 (v2) Medium Pass Pinnacle ShowCenter Skin DoS CVE-2004-1699 27 Sep 2004 5 (v2) Medium Pass BroadBoard Multiple Script SQL Injection CVE-2004-1555 27 Sep 2004 7.5 (v2) High Pass Radmin (Remote Administrator) Port 10002 - Possible GDI Compromise CVE-2004-0200 28 Sep 2004 9.3 (v2) High Pass IRC Bot ident Server Detection 28 Sep 2004 10 (v2) Critical Pass WebCalendar Detection 28 Jun 2005 None Pass MyServer HTTP POST Request Remote Over fl ow DoS CVE-2004-2517 28 Sep 2004 5 (v2) Medium Pass Debian GNU/Linux Sendmail Default SASL Password CVE-2004-0833 28 Sep 2004 7.5 (v2) High Pass phpBB Detection 22 Nov 2004 None Pass Icecast Crafted URI Remote DoS CVE-2001-1083 01 Oct 2004 5 (v2) Medium Pass Icecast Multiple Unspeci fi ed Remote Over fl ows CVE-2001-1230 01 Oct 2004 7.5 (v2) High Pass w32.spybot.fcd Worm Infection Detection 20 Oct 2004 9.7 (v2) High Pass Cisco NX-OS Software ICMP Version 6 Memory Leak DoS (cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq) CVE-2021-1229 20 Apr 2021 5.3 (v3) Medium Pass EasyPHPCalendar Multiple Script serverPath Parameter Remote File Inclusion CVE-2005-2155 05 Jul 2005 6.8 (v2) Medium Pass Silent-Storm Portal Multiple Input Validation Vulnerabilities CVE-2004-1566 CVE-2004-1567 01 Oct 2004 7.5 (v2) High Pass Kerio MailServer < 6.0.3 Unspeci fi ed Vulnerability CVE-2004-2441 01 Oct 2004 10 (v2) Critical Pass PostgreSQL make_oidjoins_check Arbitrary File Overwrite CVE-2004-0977 04 Oct 2004 2.1 (v2) Low Pass Helix Universal Server Remote Integer Handling DoS 08 Oct 2004 5 (v2) Medium Pass ArGoSoft FTP Server XCWD Remote Over fl ow 08 Oct 2004 5.3 (v3) Medium Pass w-Agora Multiple Script Traversal Arbitrary File Access 08 Oct 2004 5 (v2) Medium Pass Microsoft Windows/Exchange SMTP DNS Lookup Over fl ow (885881) CVE-2004-0840 12 Oct 2004 10 (v2) Critical Pass MS04-036: Microsoft NNTP Component Remote Over fl ow (883935) (uncredentialed check) CVE-2004-0574 12 Oct 2004 10 (v2) Critical Pass Zan fi CMS Lite index.php inc Parameter Remote File Inclusion CVE-2004-2195 11 Oct 2004 7.3 (v3) High Pass DUware Products Multiple Remote Vulnerabilities (SQLi, XSS) CVE-2004-2198 CVE-2004-2199 CVE-2004-2200 CVE-2004-2201 CVE-2004-2202 11 Oct 2004 7.5 (v2) High Pass BugPort Attached File Handling Unspeci fi ed Issue 13 Oct 2004 7.5 (v2) High Pass XOOPS viewtopic.php Multiple Parameter XSS CVE-2004-2756 17 Oct 2004 4.3 (v2) Medium Pass Cisco ClamAV for Windows DLL Hijacking (cisco-sa-amp-imm-dll-tu79hvkO) CVE-2021-1386 15 Apr 2021 7.8 (v3) High Pass Hacker Defender Backdoor Detection 19 Oct 2004 10 (v2) Critical Pass OmniHTTPd Pro Long POST Request DoS CVE-2001-0613 25 Oct 2004 5 (v2) Medium Pass FuseTalk Forum img src Tag XSS CVE-2004-1594 17 Oct 2004 4.3 (v2) Medium Pass Open WebMail userstat.pl Arbitrary Command Execution 21 Oct 2004 7.5 (v2) High Pass Coppermine Photo Gallery Voting Restriction Bypass 21 Oct 2004 5 (v2) Medium Pass Abyss Web Server MS-DOS Device Name DoS 25 Oct 2004 7.8 (v2) High Pass Hydra: rexec 01 Dec 2004 7.5 (v2) High Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10759) (SWEET32) CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2016-0702 CVE-2016-0703 CVE-2016-0704 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 CVE-2016-2 05 Jan 2017 9.8 (v3) Critical Pass MoonLit Virus Backdoor Detection 30 Oct 2004 10 (v2) Critical Pass Netbilling nbmember.cgi cmd Parameter Information Disclosure CVE-2004-2732 21 Oct 2004 4.3 (v2) Medium Pass Cisco NX-OS NXAPI Multiple Vulnerabilities. CVE-2018-0301 CVE-2018-0313 CVE-2018-0330 25 Jun 2018 9.8 (v3) Critical Pass IBM Lotus Notes/Domino Square Brackets Encoding Failure XSS CVE-2004-1621 19 Oct 2004 4.3 (v2) Medium Pass MailEnable Professional Webmail < 1.5.1 Unspeci fi ed Vulnerability 03 Nov 2004 7.5 (v2) High Pass Hydra: SAP R3 01 Dec 2004 7.5 (v2) High Pass Check Point InterSpect Detection 03 Nov 2004 None Pass Cherokee Web Server Malformed POST Request Remote DoS CVE-2003-1198 04 Nov 2004 5 (v2) Medium Pass ArGoSoft FTP Server .lnk Shortcut Upload Arbitrary File Manipulation CVE-2004-2672 04 Nov 2004 7.5 (v2) High Pass Caudium Web Server Malformed URI Remote DoS 04 Nov 2004 5 (v2) Medium Pass Cherokee Web Server auth_pam Authentication Format String CVE-2004-1097 03 Nov 2004 7.5 (v2) High Pass BNC IRC Server Incorrect Password Authentication Bypass CVE-2004-2612 13 Nov 2004 7.5 (v2) High Pass EGroupWare Multiple Vulnerabilities (SQLi, ID) CVE-2005-1129 CVE-2005-1202 CVE-2005-1203 13 Nov 2004 7.5 (v2) High Pass PostNuke Detection 13 Nov 2004 7.5 (v2) High Pass Cherokee Web Server Error Page XSS CVE-2004-2171 03 Nov 2004 4.3 (v2) Medium Pass TikiWiki tiki-error.php XSS 13 Nov 2004 4.3 (v2) Medium Pass TeeKai Tracking Online XSS CVE-2002-2055 13 Nov 2004 4.3 (v2) Medium Pass PowerPortal index.php index_page Parameter SQL Injection 18 Nov 2004 7.5 (v2) High Pass SlimFTPd Multiple Command Handling Over fl ow CVE-2004-2418 CVE-2005-2373 13 Nov 2004 9 (v2) High Pass Cisco NX-OS Software NX-API Command Injection Vulnerability CVE-2019-1614 11 Mar 2019 8.8 (v3) High Pass Juniper Junos SRX Series Gateway Chassis Cluster fl owd Multicast Session DoS (JSA10768) CVE-2017-2300 20 Jan 2017 6.5 (v3) Medium Pass Multiple Vendor DNS Response Flooding Denial Of Service CVE-2004-0789 18 Nov 2004 5 (v2) Medium Pass PHP < 3.0 mylog.html/mlog.html Arbitrary File Access CVE-1999-0068 CVE-1999-0346 13 Nov 2004 5 (v2) Medium Pass CCProxy Logging Compoent HTTP GET Request Remote Over fl ow CVE-2004-2416 20 Nov 2004 7.5 (v2) High Pass ZyXEL Prestige Router Con fi guration Reset CVE-2004-1540 22 Nov 2004 5 (v2) Medium Pass Digital Mappings Systems POP3 Server (pop3svr.exe) Multiple Field Remote Over fl ow CVE-2004-1533 22 Nov 2004 5 (v2) Medium Pass eGroupWare Detection 13 Nov 2004 None Pass CVSTrac Detection 13 Nov 2004 None Pass phpMyAdmin < 2.6.0-pl3 Multiple XSS CVE-2004-1055 19 Nov 2004 4.3 (v2) Medium Pass CCProxy Application Proxy Detection 20 Nov 2004 None Pass Nucleus CMS < 3.15 Multiple Vulnerabilities 23 Nov 2004 7.5 (v2) High Pass Youngzsoft CMailServer < 5.2.1 Multiple Remote Vulnerabilities CVE-2004-1128 CVE-2004-1129 CVE-2004-1130 24 Nov 2004 10 (v2) Critical Pass Open DC Hub RedirectAll Value Remote Over fl ow CVE-2004-1127 25 Nov 2004 9.3 (v2) High Pass GuildFTPd Long SITE Command Over fl ow CVE-2001-0770 30 Nov 2004 7.5 (v2) High Pass POP2 Cleartext Logins Permitted 30 Nov 2004 2.6 (v2) Low Pass POP3 Cleartext Logins Permitted 30 Nov 2004 2.6 (v2) Low Pass IMAP Service Cleartext Login Permitted 30 Nov 2004 2.6 (v2) Low Pass PAFileDB Multiple Script Error Message Path Disclosure 06 Dec 2004 5 (v2) Medium Pass WS_FTP Server Multiple Command Remote Over fl ow DoS CVE-2004-1135 30 Nov 2004 10 (v2) Critical 11

Pass PHPNews sendtofriend.php 'mid' Parameter SQLi CVE-2004-2474 30 Nov 2004 7.5 (v2) High Pass SSL Certi fi cate Expiry 03 Dec 2004 5.3 (v3) Medium Pass Hydra: POP3 01 Dec 2004 7.5 (v2) High Pass Hydra: SOCKS5 01 Dec 2004 7.5 (v2) High Pass Hydra: SSH2 01 Dec 2004 10 (v2) Critical Pass Hydra: VNC 01 Dec 2004 10 (v2) Critical Pass Hydra: NNTP 01 Dec 2004 7.5 (v2) High Pass Apache on Mac OS X HFS+ Arbitrary File Source Disclosure CVE-2004-1083 CVE-2004-1084 09 Dec 2004 5 (v2) Medium Pass OpenText FirstClass HTTP Daemon /Search Large Request Remote DoS CVE-2004-2496 11 Dec 2004 7.8 (v2) High Pass PunBB Search Dropdown Private Forum Disclosure 13 Dec 2004 5 (v2) Medium Pass F-Secure Policy Manager Path Disclosure CVE-2004-1223 10 Dec 2004 5 (v2) Medium Pass PunBB pro fi le.php XSS 13 Dec 2004 4.3 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1q Multiple DoS CVE-2015-3194 CVE-2015-3195 07 Dec 2015 5.3 (v3) Medium Pass SugarSales Multiple Module Traversal Arbitrary File Access 13 Dec 2004 5 (v2) Medium Pass UseModWiki wiki.pl XSS CVE-2004-1397 14 Dec 2004 4.3 (v2) Medium Pass ASP-Rider verify.asp username Parameter SQL Injection CVE-2004-1401 14 Dec 2004 7.5 (v2) High Pass PunBB < 1.1.2 install.php XSS 13 Dec 2004 4.3 (v2) Medium Pass Serendipity compat.php searchTerm Parameter XSS CVE-2004-2525 06 Dec 2004 4.3 (v2) Medium Pass Samba smbd Security Descriptor Parsing Remote Over fl ow CVE-2004-1154 16 Dec 2004 10 (v2) Critical Pass phpGroupWare Detection 16 Dec 2004 None Pass Ikonboard ikonboard.cgi Multiple Parameter SQL Injection CVE-2004-1406 16 Dec 2004 7.5 (v2) High Pass Singapore Gallery < 0.9.11 Multiple Vulnerabilities CVE-2004-1407 CVE-2004-1408 CVE-2004-1409 16 Dec 2004 6.5 (v2) Medium Pass ArGoSoft Mail Server Unspeci fi ed XSS 20 Dec 2004 5.8 (v2) Medium Pass Brightmail AntiSpam bmagent Multiple Remote Vulnerabilities (DoS, Traversal) CVE-2006-4013 CVE-2006-4014 04 Aug 2006 7.6 (v2) High Pass ViewCVS < 1.0.0 Multiple Vulnerabilities CVE-2004-1062 CVE-2005-4830 CVE-2005-4831 28 Dec 2004 4.3 (v2) Medium Pass Owl < 0.74.0 Multiple Vulnerabilities CVE-2005-0264 CVE-2005-0265 28 Dec 2004 7.5 (v2) High Pass SHOUTcast Server Filename Handling Format String CVE-2004-1373 28 Dec 2004 7.5 (v2) High Pass WU-FTPD wu_fnmatch() Function File Globbing Remote DoS CVE-2005-0256 23 Mar 2005 7.8 (v2) High Pass ISC BIND < 8.4.6 q_usedns Array Remote Over fl ow DoS CVE-2005-0033 26 Jan 2005 5 (v2) Medium Pass Squid NTLM Component fakeauth Multiple Remote DoS CVE-2005-0096 CVE-2005-0097 13 Jan 2005 5.3 (v3) Medium Pass Macallan Mail Solution Web Interface Authentication Bypass 13 Jan 2005 5 (v2) Medium Pass IlohaMail Con fi guration Scripts Remote Disclosure 13 Jan 2005 5 (v2) Medium Pass Invision Community Blog Module eid Parameter SQL Injection CVE-2005-0217 13 Jan 2005 7.5 (v2) High Pass Symantec Web Security (SWS) Multiple Vulnerabilities CVE-2007-0563 CVE-2007-0564 07 Jun 2007 4.3 (v2) Medium Pass IlohaMail Multiple Con fi guration Files Remote Information Disclosure 12 Jan 2005 5 (v2) Medium Pass Novell GroupWise WebAccess WebAccessUninstall.ini Information Disclosure 15 Jan 2005 5 (v2) Medium Pass Default Password (zebra) for Zebra 19 Jan 2005 10 (v2) Critical Pass SiteMinder smpwservicescgi.exe Arbitrary Site Redirect 17 Jan 2005 4.7 (v3) Medium Pass Novell GroupWise WebAccess Error Handler Authentication Bypass CVE-2005-0296 17 Jan 2005 5 (v2) Medium Pass BiTBOARD IMG BBCode Tag XSS CVE-2005-0374 18 Jan 2005 3.5 (v2) Low Pass ITA Forum Multiple Scripts SQL Injection 18 Jan 2005 7.5 (v2) High Pass pLog register.php Multiple Parameter XSS 19 Jan 2005 4.3 (v2) Medium Pass Chipmunk Forum Multiple SQL Injections 08 Feb 2005 7.5 (v2) High Pass JAWS index.php gadget Parameter Traversal Arbitrary File Access CVE-2004-2445 18 Jan 2005 5 (v2) Medium Pass FKey Arbitrary Remote File Disclosure 21 Jan 2005 5 (v2) Medium Pass Citadel/UX select() Bitmap Array Index Remote Oer fl ow 25 Jan 2005 10 (v2) Critical Pass VERITAS Backup Exec Agent Browser Registration Request Remote Over fl ow CVE-2004-1172 24 Jan 2005 10 (v2) Critical Pass ExBB Netsted BBcode XSS 20 Jan 2005 3.5 (v2) Low Pass Exponent CMS Multiple Script pathos_core_version Parameter Path Disclosure CVE-2005-0310 25 Jan 2005 5 (v2) Medium Pass WebWasher Classic Server Mode Arbitrary Proxy CONNECT Request CVE-2005-0316 31 Jan 2005 7.5 (v2) High Pass CoolForum Multiple SQL Injections 29 Jan 2005 7.5 (v2) High Pass ht://Dig htsearch.cgi con fi g Parameter XSS CVE-2005-0085 08 Feb 2005 4.3 (v2) Medium Pass ArGoSoft FTP Server < 1.4.2.8 Multiple .LNK File Handling Vulnerabilities CVE-2005-0519 CVE-2005-0520 09 Feb 2005 10 (v2) Critical Pass Sami HTTP Server Multiple Remote Vulnerabilities 16 Feb 2005 6.4 (v2) Medium Pass Mambo Site Server mos_change_template XSS CVE-2004-1825 07 Feb 2005 4.3 (v2) Medium Pass PerlDesk kb.cgi view Parameter SQL Injection CVE-2005-0343 08 Feb 2005 7.5 (v2) High Pass fi ngerd Remote Over fl ow 18 Feb 2005 10 (v2) Critical Pass HTTP Proxy CONNECT Loop DoS 20 Feb 2005 5 (v2) Medium Pass osCommerce contact_us.php enquiry Parameter XSS CVE-2005-0458 16 Feb 2005 4.3 (v2) Medium Pass Open WebMail openwebmail.pl logindomain Parameter XSS CVE-2005-0445 16 Feb 2005 4.3 (v2) Medium Pass MS11-004: Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256) (uncredentialed check) CVE-2010-3972 11 Feb 2011 9.8 (v3) Critical Pass Blazix Trailing Character JSP Source Disclosure CVE-2002-1451 19 Feb 2005 5 (v2) Medium Pass pMachine mail_autocheck.php Arbitrary Code Execution CVE-2005-0513 19 Feb 2005 7.3 (v3) High Pass News Server (NNTP) Anonymous Read / Write Access 23 Feb 2005 6.4 (v2) Medium Pass CA License Service Multiple Vulnerabilities CVE-2005-0581 CVE-2005-0582 CVE-2005-0583 10 Mar 2005 10 (v2) Critical Pass Tomcat Sample App cal2.jsp 'time' Parameter XSS CVE-2009-0781 09 Mar 2009 5.3 (v3) Medium Pass SocialEngine Blog Plugin category_id Parameter SQL Injection CVE-2009-0400 06 Feb 2009 7.5 (v2) High Pass RaidenHTTPD < 1.1.34 Multiple Remote Vulnerabilities 01 Mar 2005 10 (v2) Critical Pass PunBB < 1.2.2 Multiple Input Validation Vulnerabilities CVE-2005-0569 CVE-2005-0570 CVE-2005-0571 26 Feb 2005 7.5 (v2) High Pass Verity Ultraseek Search Request XSS CVE-2005-0514 28 Feb 2005 4.3 (v2) Medium Pass IDA Pro Disassembler Software Detection 03 Mar 2005 None Pass vBulletin Detection 07 Mar 2005 None Pass Stadtaus PHP Form Mail formmail.inc.php Remote File Inclusion CVE-2005-0678 07 Mar 2005 6.8 (v2) Medium Pass FCKeditor for PHP-Nuke Arbitrary File Upload CVE-2005-0613 01 Mar 2005 7.5 (v2) High Pass ESXi 5.1 < Build 3070626 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check) CVE-2015-6933 15 Jan 2016 6.3 (v3) Medium Pass Nabopoll survey.inc.php path Parameter Remote File Inclusion CVE-2005-2157 05 Jul 2005 6.8 (v2) Medium Pass ZyXEL Routers Default Web Account CVE-2001-1135 CVE-1999-0571 10 Mar 2005 10 (v2) Critical Pass CopperExport XP_Publish.PHP SQL Injection Vulnerability CVE-2005-0697 10 Mar 2005 6.5 (v2) Medium Pass PlatinumFTPServer username Multiple Connection Handling Remote Format String CVE-2005-0779 14 Mar 2005 5 (v2) Medium Pass Fortinet FortiGate Web Console Management Detection 18 Mar 2005 None Pass Check Point Secure Platform Detection 21 Mar 2005 None Pass paBox pabox.php posticon Parameter XSS 16 Mar 2005 4.3 (v2) Medium Pass paFileDB <= 3.1 Multiple Vulnerabilities (2) CVE-2004-1219 CVE-2004-1551 CVE-2004-1975 CVE-2005-0326 CVE-2005-0327 CVE-2005-0723 CVE-2005-0724 CVE-2005-0781 CVE-2005-0782 15 Mar 2005 6.8 (v2) Medium Pass LSH lshd parse_kexinit() Function Malformed Key Exchange Message Remote DoS CVE-2005-0814 17 Mar 2005 5 (v2) Medium Pass NetWin SurgeMail Multiple Remote Unspeci fi ed Vulnerabilities CVE-2005-0845 CVE-2005-0846 22 Mar 2005 7.5 (v2) High Pass Cisco IOS Device TFTP Certi fi cate Authority (CA) File Detection 16 Mar 2005 5 (v2) Medium Pass FileZilla FTP Server Multiple DoS CVE-2005-0850 CVE-2005-0851 22 Mar 2005 7.8 (v2) High Pass DeleGate < 8.11 Multiple Unspeci fi ed Over fl ows CVE-2005-0861 22 Mar 2005 10 (v2) Critical Pass NFX Series: Authentication Bypass Vulnerability Juniper Device Manager (JDM) (JSA10955) CVE-2019-0057 25 Oct 2019 7.8 (v3) High Pass Horde Parent Frame Page Title XSS CVE-2005-0961 30 Mar 2005 4.3 (v2) Medium Pass CPG Dragon fl y Multiple XSS CVE-2005-0914 29 Mar 2005 4.3 (v2) Medium Pass Squirrelcart index.php Multiple Parameter SQL Injection CVE-2005-0962 30 Mar 2005 7.5 (v2) High Pass Apache mod_negotiation Multi-Line Filename Upload Vulnerabilities CVE-2008-0455 CVE-2008-0456 18 Nov 2011 5.3 (v3) Medium Pass Oracle HTTP Server (January 2006 CPU) CVE-2006-0286 CVE-2006-0287 21 Nov 2011 10 (v2) Critical Pass Apple iTunes < 8.2 itms: URI Handling Over fl ow (uncredentialed check) CVE-2009-0950 02 Jun 2009 9.3 (v2) High Pass Apache Mixed Platform AddType Directive Information Disclosure CVE-2007-6514 18 Nov 2011 5.6 (v3) Medium Pass OpenSSH < 1.2.2 sshd Local TCP Redirection Connection Masking Weakness CVE-2000-0143 18 Nov 2011 4.6 (v2) Medium Pass OpenSSH < 3.6.1p2 Multiple Vulnerabilities CVE-2002-0746 18 Nov 2011 7.2 (v2) High Pass Oracle 9i Application Server HTTP Request Smuggling CVE-2005-2093 18 Nov 2011 4.3 (v2) Medium Pass OpenSSL < 0.9.6b Predictable Random Generator CVE-2001-1141 04 Jan 2012 5 (v2) Medium Pass OpenSSH >= 2.3.0 AllowTcpForwarding Port Bouncing CVE-2004-1653 01 Dec 2011 6.4 (v2) Medium Pass OpenSSL < 0.9.6f Denial of Service CVE-2002-1568 04 Jan 2012 5 (v2) Medium Pass OpenSSL < 0.9.6k Denial of Service CVE-2003-0543 CVE-2003-0544 04 Jan 2012 5 (v2) Medium Pass OpenSSL < 0.9.6l Denial of Service CVE-2003-0851 04 Jan 2012 5 (v2) Medium Pass Cisco NX-OS DHCPv4 Crafted Packet DoS (cisco-sa-20161005-dhcp2) CVE-2015-6393 22 Nov 2016 7.5 (v3) High Pass OpenSSL < 0.9.7c ASN.1 Decoding Vulnerabilities CVE-2003-0543 CVE-2003-0544 CVE-2003-0545 04 Jan 2012 10 (v2) Critical Pass OpenSSL < 0.9.7k / 0.9.8c PKCS Padding RSA Signature Forgery Vulnerability CVE-2006-4339 04 Jan 2012 4.3 (v2) Medium Pass OpenSSL < 0.9.8 Weak Default Con fi guration CVE-2005-2946 04 Jan 2012 5 (v2) Medium Pass OpenSSL < 0.9.8f Multiple Vulnerabilities CVE-2007-3108 CVE-2007-4995 04 Jan 2012 9.3 (v2) High Pass OpenSSL < 0.9.7-beta3 Bu ff er Over fl ow CVE-2002-0657 04 Jan 2012 7.5 (v2) High Pass Simple Form Subject Tags Arbitrary Mail Relay 13 Sep 2004 5 (v2) Medium Pass OpenSSL < vA.00.09.07l on HP-UX Local Denial of Service CVE-2007-5536 04 Jan 2012 4.9 (v2) Medium 12

Pass OpenSSL < 0.9.8j Signature Spoo fi ng CVE-2008-5077 04 Jan 2012 5.8 (v2) Medium Pass Big Brother bb-hist.sh History Module Directory Traversal CVE-1999-1462 22 Jun 1999 5 (v2) Medium Pass MDaemon WebCon fi g HTTP Server URL Over fl ow DoS CVE-1999-0844 24 Nov 1999 5 (v2) Medium Pass Linux Kernel UDP Implementation IP Identi fi cation Field Remote OS Disclosure CVE-2002-0510 20 Jan 2012 5.3 (v3) Medium Pass OpenSSH < 2.1.1p3 Format String Privilege Escalation CVE-2000-0999 18 Jan 2012 10 (v2) Critical Pass SiteEnable Multiple Input Validation Vulnerabilities CVE-2005-1011 CVE-2005-1012 05 Apr 2005 7.5 (v2) High Pass Google Mini Search Appliance search Script ie Parameter XSS CVE-2007-5255 02 Oct 2007 4.3 (v2) Medium Pass SurgeFTP LEAK Command Remote DoS CVE-2005-1034 08 Apr 2005 5 (v2) Medium Pass icat carbo.dll icatcommand Parameter Traversal Arbitrary File Access CVE-1999-1069 22 Jun 1999 5 (v2) Medium Pass RunCMS Remote Arbitrary File Upload CVE-2005-1031 06 Apr 2005 6 (v2) Medium Pass Active Auction Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1029 CVE-2005-1030 07 Apr 2005 7.5 (v2) High Pass Pro fi tCode PayProCart usrdetails.php sgnuptype Parameter XSS CVE-2005-1004 07 Apr 2005 4.3 (v2) Medium Pass Multiple Unix Netstat Service Remote Information Disclosure CVE-1999-0650 22 Jun 1999 5 (v2) Medium Pass MS05-017: Vulnerability in MSMQ Could Allow Code Execution (892944) (uncredentialed check) CVE-2005-0059 12 Apr 2005 10 (v2) Critical Pass CA BrightStor ARCserve Backup Universal Agent Remote Over fl ow (QO66526) CVE-2005-1018 13 Apr 2005 10 (v2) Critical Pass Comersus Cart comersus_searchItem.asp curPage Parameter XSS CVE-2005-1188 12 Apr 2005 4.3 (v2) Medium Pass HP StorageWorks MSA P2000 Hidden 'admin' User Default Credentials CVE-2010-4115 23 Dec 2010 9.8 (v3) Critical Pass PeerCast Detection 06 Jun 2005 None Pass Sun Java System Web Server Search Module XSS CVE-2008-2166 09 May 2008 4.3 (v2) Medium Pass Sun Java System Web Proxy Server Unspeci fi ed Remote Over fl ow CVE-2005-1232 21 Apr 2005 7.5 (v2) High Pass UBB.threads < 6.5.2 beta Multiple Vulnerabilities CVE-2005-1199 CVE-2005-2057 CVE-2005-2058 CVE-2005-2059 CVE-2005-2060 CVE-2005-2061 20 Apr 2005 7.5 (v2) High Pass MailEnable HTTPMail Service Authorization Header Remote Over fl ow 25 Apr 2005 10 (v2) Critical Pass Xerox WorkCentre Device Detection 26 Apr 2005 None Pass TFS SMTP 3.2 MAIL FROM over fl ow CVE-1999-1516 08 Sep 1999 7.5 (v2) High Pass Horde Chora common-footer.inc Page Title XSS 26 Apr 2005 4.3 (v2) Medium Pass Intersoft NetTerm Netftpd USER Command Remote Over fl ow CVE-2005-1323 26 Apr 2005 7.5 (v2) High Pass XtraMail Control Service Username Over fl ow CVE-1999-1511 10 Nov 1999 7.5 (v2) High Pass Trend Micro TMCM Console Management Detection 02 May 2005 5 (v2) Medium Pass Websense Reporting Console Detection 02 May 2005 5 (v2) Medium Pass MaxWebPortal <= 1.35 Multiple Vulnerabilities CVE-2005-1561 CVE-2005-1562 12 May 2005 7.5 (v2) High Pass EMC Avamar Server Incorrect Permission Assignment Vulnerability (DSA-2019-138) CVE-2019-3765 01 Nov 2019 8.1 (v3) High Pass PHP-Calendar includes/search.php Multiple Parameter SQL Injection CVE-2005-1397 29 Apr 2005 7.5 (v2) High Pass RM SafetyNet Plus snp fi ltered.pl u Parameter XSS 02 May 2005 4.3 (v2) Medium Pass Oracle Application Server Webcache Requests OHS mod_access Restriction Bypass CVE-2005-1383 02 May 2005 2.1 (v2) Low Pass Open WebMail Shell Escape Arbitrary Command Execution CVE-2005-1435 04 May 2005 6.5 (v2) Medium Pass Interspire ArticleLive Multiple Remote Vulnerabilities (XSS, Auth Bypass) CVE-2005-1482 CVE-2005-1483 05 May 2005 7.5 (v2) High Pass Kerio MailServer < 6.0.10 Multiple Mail Handling DoS 14 May 2005 4 (v2) Medium Pass Golden FTP Server Pro GET Traversal Arbitrary File Access CVE-2005-1484 04 May 2005 5.3 (v3) Medium Pass 602LAN SUITE Open Telnet Proxy 09 May 2005 5 (v2) Medium Pass PwsPHP pro fi l.php id Parameter XSS CVE-2005-1508 10 May 2005 6.8 (v2) Medium Pass Junos OS: srxpfe PIM DoS (JSA10976) CVE-2019-0075 04 Nov 2019 7.5 (v3) High Pass RaidenFTPD urlget Command Traversal Arbitrary File Access CVE-2005-1480 11 May 2005 5 (v2) Medium Pass McAfee E-Business Administration Agent Detection 27 Apr 2007 None Pass ITHouse Mail Server v1.04 To: Field Handling Over fl ow CVE-2000-0488 02 Jul 2000 10 (v2) Critical Pass JRun viewsource.jsp Directory Traversal Arbitrary File Access CVE-2000-0540 22 Jun 2000 5 (v2) Medium Pass boastMachine users.inc.php File Extension Validation Arbitrary File Upload CVE-2005-1580 12 May 2005 6.5 (v2) Medium Pass GoodTech SMTP Server Malformed RCPT TO Command DoS CVE-2005-1931 08 Jun 2005 5 (v2) Medium Pass TFTP Backdoor Detection 16 May 2005 10 (v2) Critical Pass Ultimate PHP Board < 1.9.7 viewforum.php Multiple Vulnerabilities CVE-2005-1614 CVE-2005-1615 CVE-2005-1616 14 May 2005 7.5 (v2) High Pass MailEnable HTTPMail Service Authorization Header Handling Remote DoS CVE-2004-2726 03 Sep 2004 5 (v2) Medium Pass CVSweb 1.80 cvsweb.cgi Arbitrary Command Execution CVE-2000-0670 15 Jul 2000 7.5 (v2) High Pass WebAPP apage.cgi f Parameter Arbitrary Command Execution CVE-2005-1628 17 May 2005 7.5 (v2) High Pass Allied Telesyn Router/Switch Default Password CVE-1999-0508 03 Jun 2005 10 (v2) Critical Pass Xerox DocuCentre / WorkCentre Postscript Interpreter Traversal (XRX05-001) 16 May 2005 7.8 (v2) High Pass Xerox Document Centre MicroServer Web Server Directory Navigation Crafted URL DoS (XRX05-004) 16 May 2005 7.8 (v2) High Pass ignitionServer < 0.3.6-P1 Multiple Vulnerabilities CVE-2005-1640 CVE-2005-1641 17 May 2005 7.5 (v2) High Pass Microsoft IIS Frontpage Server Extensions (FPSE) Malformed Form DoS CVE-2001-0096 22 Jul 2003 7.8 (v2) High Pass WebAPP Detection 17 May 2005 None Pass Junos OS: Insecure PKI key pair export fi le permissions (JSA10974) CVE-2019-0073 05 Nov 2019 7.1 (v3) High Pass Symantec Messaging Gateway 10.x < 10.6.3-266 Multiple Vulnerabilities (SYM17-004) CVE-2017-6324 CVE-2017-6325 CVE-2017-6326 30 Jun 2017 10 (v3) Critical Pass NETFile Default Credentials 17 May 2005 7.5 (v2) High Pass Fusion News comments.php X-Forwarded-For HTTP Header Arbitrary Code Injection 19 May 2005 7.5 (v2) High Pass Sambar Server Administrative Interface Multiple XSS 24 May 2005 4.3 (v2) Medium Pass Qpopper < 4.0.6 Multiple Insecure File Handling Local Privilege Escalation CVE-2005-1151 CVE-2005-1152 24 May 2005 7.2 (v2) High Pass SMTP Server Non-standard Port Detection 29 May 2005 5 (v2) Medium Pass Hosting Controller addsubsite.asp Security Bypass CVE-2005-1654 24 May 2005 5 (v2) Medium Pass Athena Web Registration athenareg.php pass Parameter Command Execution CVE-2004-1782 27 May 2005 7.5 (v2) High Pass MaxWebPortal memKey Parameter SQL Injection CVE-2005-1779 26 May 2005 7.5 (v2) High Pass IRC Bot Detection 29 May 2005 10 (v2) Critical Pass slident / fake identd Detection 27 May 2005 None Pass Entropy Gathering Daemon (EGD) Detection 29 May 2005 None Pass Apple iTunes < 12.6.2 Multiple Vulnerabilities (uncredentialed check) CVE-2017-7010 CVE-2017-7012 CVE-2017-7013 CVE-2017-7018 CVE-2017-7019 CVE-2017-7020 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7040 CVE-2017-7041 CVE-2017-7042 CVE-2017-7043 CVE-2017-7046 CVE-2017-7 25 Jul 2017 7.8 (v3) High Pass PeerCast URL Error Message Format String CVE-2005-1806 06 Jun 2005 7.5 (v2) High Pass Junos OS: SIP ALG fl owd DoS (JSA10953) CVE-2019-0055 05 Nov 2019 7.5 (v3) High Pass Juniper JSA10940 CVE-2015-6564 CVE-2015-8325 CVE-2016-6210 CVE-2016-6515 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 06 Nov 2019 7.8 (v3) High Pass Junos OS: MC-LAG DoS (JSA10966) CVE-2019-0067 06 Nov 2019 6.5 (v3) Medium Pass MiniShare Webserver HTTP GET Request Remote Over fl ow CVE-2004-2271 06 Jun 2005 7.5 (v2) High Pass Juniper JSA10949 CVE-2019-1559 06 Nov 2019 5.9 (v3) Medium Pass Enterasys Dragon Enterprise Reporting Detection 20 Jun 2005 None Pass Intrusion.com SecureNet Provider Detection 20 Jun 2005 None Pass Intrusion.com SecureNet Sensor Detection 20 Jun 2005 None Pass Juniper JSA10947 CVE-2019-0053 06 Nov 2019 7.8 (v3) High Pass Novell ZENworks Multiple Remote Pre-Authentication Over fl ows CVE-2005-1543 17 Jun 2005 10 (v2) Critical Pass VERITAS Backup Exec Agent for Windows CONNECT_CLIENT_AUTH Remote Over fl ow CVE-2005-0773 23 Jun 2005 10 (v2) Critical Pass SSH Tectia Server Host Authentication Authorization Bypass Vulnerability CVE-2005-4310 16 Dec 2005 7.5 (v2) High Pass Simple Machines Forum msg Parameter SQL Injection Vulnerability 23 Jun 2005 7.5 (v2) High Pass DUforum Multiple Scripts SQL Injection CVE-2005-2048 28 Jun 2005 7.5 (v2) High Pass DUportal Pro Multiple Scripts SQL Injection (2) CVE-2005-2045 28 Jun 2005 7.5 (v2) High Pass Zyxel D1000 CWMP Get Default Password 12 Jan 2017 9.8 (v3) Critical Pass Crob FTP Server < 3.6.1 build 263 Multiple Vulnerabilities CVE-2005-1873 CVE-2006-6558 20 Jul 2005 5 (v2) Medium Pass phpBB Fetch All < 2.0.12 Multiple Scripts SQL Injection 09 Aug 2004 7.5 (v2) High Pass K-COLLECT CSV_DB / i_DB csv_db.cgi fi le Parameter Arbitrary Command Execution 27 Jun 2005 7.5 (v2) High Pass GlobalSCAPE Secure FTP Server User Input Over fl ow CVE-2005-1415 06 Jul 2005 10 (v2) Critical Pass WPS Web-Portal-System wps_shop.cgi art Parameter Arbitrary Command Injection CVE-2005-2290 27 Jul 2005 7.5 (v2) High Pass Cisco IOS XE Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp) CVE-2017-3881 27 Mar 2017 9.8 (v3) Critical Pass phpBB < 2.0.16 viewtopic.php Highlighting Feature Arbitrary PHP Code Execution CVE-2005-2086 29 Jun 2005 7.5 (v2) High Pass DCE Services Enumeration 26 Aug 2001 None Pass Xerox WorkCentre Multiple Vulnerabilities (XRX05-006) CVE-2005-2200 CVE-2005-2201 CVE-2005-2202 08 Jul 2005 7.5 (v2) High Pass Symantec pcAnywhere Service Unrestricted Access CVE-1999-0508 07 Nov 2001 10 (v2) Critical Pass Sambar Server search.pl results.stm Over fl ow DoS 08 Jul 2005 7.5 (v2) High Pass Mac OS X < 10.3.4 Multiple Vulnerabilities CVE-2004-0171 CVE-2004-0430 CVE-2004-0485 CVE-2004-0513 CVE-2004-0514 CVE-2004-0515 CVE-2004-0516 CVE-2004-0517 CVE-2004-0518 01 Jun 2004 10 (v2) Critical Pass Sybase EAServer WebConsole jaqadmin Default Password 18 Jul 2005 7.5 (v2) High Pass SPiD lang.php lang_path Remote File Inclusion CVE-2005-2198 11 Jul 2005 6.8 (v2) Medium Pass PPA functions.inc.php con fi g[ppa_root_path] Parameter Remote File Inclusion CVE-2005-2199 11 Jul 2005 7.5 (v2) High Pass PunBB < 1.2.6 Multiple Vulnerabilities CVE-2005-2193 10 Jul 2005 7.5 (v2) High Pass Hydra: MySQL 10 Jul 2005 7.5 (v2) High Pass SysV /bin/login Environment Remote Over fl ow (telnet check) CVE-2001-0797 15 Dec 2001 10 (v2) Critical Pass VP-ASP Multiple Script SQL Injection 20 Jul 2005 7.5 (v2) High Pass IBM Lotus Domino Server time/date Fields Remote Over fl ow CVE-2005-1101 20 Jul 2005 7.5 (v2) High Pass Puppet Enterprise 2015.x / 2016.x < 2016.4.0 Multiple Vulnerabilities CVE-2016-5715 29 Nov 2016 6.1 (v3) Medium Pass Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20100922-nat) CVE-2010-2831 CVE-2010-2832 CVE-2010-2833 10 Jan 2012 7.8 (v2) High Pass FTPshell Server 3.38 Malformed PORT/QUIT DoS CVE-2005-2426 27 Jul 2005 4 (v2) Medium 13

Pass BusinessMail Multiple SMTP Command Remote Bu ff er Over fl ows CVE-2005-2472 02 Aug 2005 10 (v2) Critical Pass Simplicity oF Upload download.php language Parameter Local File Inclusion CVE-2005-2607 01 Aug 2005 7.5 (v2) High Pass Check_MK 1.2.4 < 1.2.4p4 / 1.2.5 < 1.2.5i4 Multiple Vulnerabilities CVE-2014-5338 CVE-2014-5339 CVE-2014-5340 28 Jun 2017 8.1 (v3) High Pass Cisco VLAN Trunking Protocol Vulnerability (cisco-sr-20081105-vtp) CVE-2008-4963 10 Jan 2012 5.7 (v2) Medium Pass CA BrightStor ARCserve Backup Agent for Windows Long String Over fl ow CVE-2005-1272 05 Aug 2005 10 (v2) Critical Pass Jaws BlogModel.php path Parameter Remote File Inclusion CVE-2005-2179 08 Aug 2005 5 (v2) Medium Pass Linux lpd DVI Print Filter (dvips) Remote Command Execution CVE-2001-1002 08 Jun 2002 7.3 (v3) High Pass WordPress Cookie 'cache_lastpostdate' Parameter PHP Code Injection CVE-2005-2612 11 Aug 2005 6.8 (v2) Medium Pass w-Agora index.php site Parameter Traversal Arbitrary File Access CVE-2005-2648 22 Aug 2005 5 (v2) Medium Pass Cheops NG Unauthenticated Access 08 Nov 2005 6.4 (v2) Medium Pass VERITAS Backup Exec Remote Agent Static Password Arbitrary File Download CVE-2005-2611 12 Aug 2005 10 (v2) Critical Pass Apache Chunked Encoding Remote Over fl ow CVE-2002-0392 17 Jun 2002 7.3 (v3) High Pass Microsoft Windows NT 4.0 Unsupported Installation Detection 14 Sep 2005 10 (v2) Critical Pass HP Ignite-UX TFTP File Access Information Disclosure 26 Aug 2005 5 (v2) Medium Pass PHP TopSites setup.php Administration Authentication Bypass 24 Aug 2005 7.5 (v2) High Pass RunCMS <= 1.2 Multiple Vulnerabilities CVE-2005-2691 CVE-2005-2692 25 Aug 2005 7.5 (v2) High Pass VMware Virtual Machine Detection 27 Oct 2005 None Pass Boozt index.cgi Banner Creation Name Field Over fl ow CVE-2002-0098 18 Aug 2002 7.5 (v2) High Pass phpGraphy EXIF Data XSS CVE-2005-2735 27 Aug 2005 3.5 (v2) Low Pass eXtremail Multiple SMTP Command fl og Function Format String CVE-2001-1078 22 Aug 2002 7.5 (v2) High Pass MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (ECLIPSEDWING) (uncredentialed check) CVE-2008-4250 23 Oct 2008 9.8 (v3) Critical Pass Junos OS: Improper handling of speci fi c IPv6 packets (JSA10982) CVE-2020-1603 21 Feb 2020 8.6 (v3) High Pass man2web Multiple Scripts Arbitrary Command Execution CVE-2005-2812 07 Sep 2005 7.5 (v2) High Pass Simple PHP Blog <= 0.4.0 Multiple Vulnerabilities CVE-2005-2733 CVE-2005-2787 27 Aug 2005 7.5 (v2) High Pass Looking Glass Multiple Vulnerabilities CVE-2005-2776 CVE-2005-2777 30 Aug 2005 7.5 (v2) High Pass Woltlab Burning Board modcp.php Multiple Parameter SQL Injection CVE-2005-2673 30 Aug 2005 4.6 (v2) Medium Pass Multiple OS /bin/login Remote Over fl ow CVE-2001-0797 03 Oct 2002 10 (v2) Critical Pass Xerox Document Centre MicroServer Web Server Multiple Vulnerabilities (XRX05-008) CVE-2005-2645 CVE-2005-2645 CVE-2005-2647 31 Aug 2005 7.5 (v2) High Pass DameWare Mini Remote Control Pre-Authentication Remote Over fl ow CVE-2003-1030 01 Sep 2005 10 (v2) Critical Pass DameWare Mini Remote Control Pre-Authentication Username Remote Over fl ow CVE-2005-2842 01 Sep 2005 10 (v2) Critical Pass Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak) CVE-2003-0001 14 Jan 2003 3.3 (v2) Low Pass CMSimple Guestbook Module index.php XSS 14 Sep 2005 4.3 (v2) Medium Pass Simple Machines Forum Avatar Information Disclosure Vulnerability CVE-2005-2817 31 Aug 2005 3.5 (v2) Low Pass Mac OS X 10.4.x < 10.4.10 IPv6 Type 0 Route Headers DoS CVE-2007-2242 21 Jun 2007 7.8 (v2) High Pass SlimFTPd Username/Password Over fl ow Remote DoS CVE-2005-2850 06 Sep 2005 5 (v2) Medium Pass Sun Java System Web Proxy Server Multiple Unspeci fi ed Remote DoS CVE-2005-4806 14 Sep 2005 5 (v2) Medium Pass CiscoWorks Management Console Detection 04 Sep 2005 None Pass Brightmail Control Center Default Password (symantec) for 'admin' Account 08 Sep 2005 7.5 (v2) High Pass MERCUR Messaging Control Server Multiple Bu ff er Over fl ows 08 Sep 2005 7.5 (v2) High Pass ATutor 1.5.1 Multiple Script XSS CVE-2005-2649 06 Sep 2005 4.3 (v2) Medium Pass NetVault Process Manager Service Detection 28 Jul 2007 None Pass ManageEngine Desktop Central statusUpdate Arbitrary File Upload RCE (intrusive check) CVE-2015-82001 25 Mar 2016 10 (v2) Critical Pass CGI Generic Cross-Site Request Forgery Detection (potential) 17 Nov 2011 6.5 (v3) Medium Pass HP Data Protector Detection 09 Sep 2005 None Pass OpenSSL < 0.9.6j / 0.9.7b Multiple Vulnerabilities CVE-2003-0078 CVE-2003-0131 CVE-2003-0147 20 Feb 2003 4.3 (v2) Medium Pass HP OpenView Topology Manager Daemon Detection 11 Sep 2005 None Pass HP OpenView UI Process Manager Daemon Detection 14 Sep 2005 None Pass HP OpenView NNM Alarm Service Detection 15 Sep 2005 None Pass Ventrilo Server Detection 17 Sep 2005 None Pass Ventrilo Server Malformed Status Query Remote DoS CVE-2005-2719 19 Sep 2005 5 (v2) Medium Pass Mac OS X 10.5.x < 10.5.1 Multiple Vulnerabilities CVE-2007-4702 CVE-2007-4703 CVE-2007-4704 16 Nov 2007 5.1 (v2) Medium Pass HP Integrated Lights-Out (iLO) Detection 09 Dec 2005 None Pass MERCUR Messaging < 2005 SP4 Multiple Remote DoS Vulnerabilities CVE-2006-7038 CVE-2006-7039 CVE-2006-7040 CVE-2006-7041 17 Jun 2006 7.8 (v2) High Pass Land Down Under HTTP Referer Header SQL Injection CVE-2005-4711 23 Sep 2005 6.8 (v2) Medium Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.17 / 7.0.x < 7.0.15 / 7.1.x < 7.1.10 / 8.0.x < 8.0.2 Multiple Vulnerabilities CVE-2016-4971 CVE-2016-5696 CVE-2017-3731 CVE-2017-7409 CVE-2017-7644 CVE-2017-7945 25 May 2017 4.8 (v3) Medium Pass UW-IMAP Mailbox Name Bu ff er Over fl ow CVE-2005-2933 06 Oct 2005 6.5 (v2) Medium Pass Alkalay.Net Multiple Scripts Arbitrary Command Execution CVE-2005-3094 CVE-2005-3095 CVE-2005-3096 CVE-2005-3097 27 Sep 2005 7.5 (v2) High Pass Xen Guest Detection 10 Dec 2008 None Pass 3Com Network Supervisor Traversal Arbitrary File Access CVE-2005-2020 06 Oct 2005 7.8 (v2) High Pass CubeCart < 3.0.4 Multiple Script XSS CVE-2005-3152 06 Oct 2005 4.3 (v2) Medium Pass Mac OS X 10.6.x < 10.6.1 Multiple Vulnerabilities CVE-2009-1862 CVE-2009-1863 CVE-2009-1864 CVE-2009-1865 CVE-2009-1866 CVE-2009-1867 CVE-2009-1868 CVE-2009-1869 CVE-2009-1870 11 Sep 2009 10 (v2) Critical Pass IBM Tivoli Management Framework Endpoint addr URL Remote Bu ff er Over fl ow CVE-2011-1220 31 May 2011 9 (v2) High Pass FTP Service AUTH TLS Plaintext Command Injection CVE-2011-1575 09 May 2011 6.5 (v3) Medium Pass BMC Server Automation RSCD Agent ACL Bypass CVE-2016-1542 CVE-2016-1543 CVE-2016-5063 10 May 2016 5.3 (v3) Medium Pass Snitz Forums 2000 register.asp Email Parameter SQL Injection CVE-2003-0286 12 May 2003 7.5 (v2) High Pass IBM Storwize SSL/TLS RC4 Stream Cipher Key Invariance (Bar Mitzvah) CVE-2015-2808 16 Jun 2016 4.3 (v2) Medium Pass Apache 2.2.x < 2.2.18 APR apr_fnmatch DoS CVE-2011-0419 13 May 2011 5.3 (v3) Medium Pass Trend Micro O ffi ceScan Client Detection 30 Oct 2005 None Pass e107 Detection 02 Nov 2005 None Pass Cheops-ng Cleartext Authentication Information Disclosure 08 Nov 2005 4.3 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 37 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-6167 CVE-2014-6174 CVE-2014-6457 CVE-2014-6512 CVE-2014-6558 CVE-2014-6593 CVE-2015-0400 CVE-2015-0410 17 Mar 2015 5 (v2) Medium Pass GO-Global Server Detection 10 Nov 2005 None Pass NetScaler Web Management ws/ generic_api_call.pl standalone Parameter XSS CVE-2007-6037 06 Dec 2007 4.3 (v2) Medium Pass Multiple Vendor IRC Daemon Debug Format String CVE-2003-0478 27 Jun 2003 10 (v2) Critical Pass mod_mylo for Apache mylo_log Logging Function HTTP GET Over fl ow CVE-2003-0651 28 Jul 2003 7.5 (v2) High Pass Arista Networks EOS Mlag agent DOS (SA0032) CVE-2018-5255 21 Feb 2020 6.5 (v3) Medium Pass Cisco Wireless LAN Controller IPv6 UDP Packet Handling DoS (cisco-sa-20170405-wlc2) CVE-2016-9219 19 Apr 2017 7.5 (v3) High Pass Oracle GlassFish Server Multiple Vulnerabilities (July 2014 CPU) CVE-2013-1739 CVE-2013-1740 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2013-5855 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 18 Jul 2014 7.5 (v2) High Pass ProFTPD File Transfer Newline Character Over fl ow CVE-2003-0831 23 Sep 2003 9 (v2) High Pass MTA Open Mail Relaying Allowed (thorough test) CVE-1999-0512 CVE-2002-1278 CVE-2003-0285 26 Sep 2003 7.5 (v3) High Pass freeFTPd Multiple Command Malformed Argument Remote DoS CVE-2005-3812 29 Nov 2005 6.8 (v2) Medium Pass HP Smart Update Manager Remote Unauthorized Access. 24 Feb 2020 9.8 (v3) Critical Pass Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS - Cisco Systems CVE-2008-1152 01 Sep 2010 7.8 (v2) High Pass MySQL Enterprise Server 5.0 < 5.0.52 Multiple Vulnerabilities CVE-2007-5969 CVE-2007-6303 CVE-2007-6304 13 Dec 2007 4.6 (v2) Medium Pass Cisco IOS Secure Shell Denial of Service Vulnerabilities - Cisco Systems CVE-2008-1159 01 Sep 2010 7.5 (v2) High Pass NetInfo Arbitrary Remote File Access CVE-2001-1412 19 Oct 2003 5 (v2) Medium Pass Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks CVE-2008-1447 01 Sep 2010 6.4 (v2) Medium Pass ListManager < 8.9b Multiple Vulnerabilities CVE-2005-4143 CVE-2005-4144 CVE-2005-4146 CVE-2005-4147 CVE-2005-4148 12 Dec 2005 7.5 (v2) High Pass Les Visiteurs Multiple Remote File Inclusion CVE-2003-1148 27 Oct 2003 8.3 (v3) High Pass Novell NetMail IMAP Agent Long Verb Arguments Remote Over fl ow CVE-2005-3314 16 Dec 2005 7.5 (v2) High Pass Qualcomm WorldMail Multiple IMAP Command Remote Over fl ow CVE-2005-4267 20 Dec 2005 7.5 (v2) High Pass Golden FTP Server APPE Command Remote Over fl ow CVE-2005-4553 26 Dec 2005 7.5 (v2) High Pass Airport Administrative Tra ffi c Detection (192/UDP) 27 Dec 2005 4.3 (v2) Medium Pass Webmin ' miniserv.pl ' 'username' Parameter Format String CVE-2005-3912 26 Dec 2005 7.5 (v2) High Pass SandSurfer < 1.7.0 User Authentication Bypass CVE-2004-2087 16 Feb 2004 7.5 (v2) High Pass Sami HTTP Server 1.0.4 GET Request Remote Over fl ow CVE-2004-0292 22 Feb 2004 7.5 (v2) High Pass MS10-024: Microsoft Exchange Denial of Service (uncredentialed) CVE-2010-0024 CVE-2010-0025 CVE-2010-1689 CVE-2010-1690 03 Apr 2018 6.5 (v3) Medium Pass Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities CVE-2008-3799 CVE-2008-3800 CVE-2008-3801 CVE-2008-3802 01 Sep 2010 7.8 (v2) High Pass Cisco IOS Software Multiple Features IP Sockets Vulnerability CVE-2009-0630 01 Sep 2010 7.8 (v2) High Pass SpiderSales Shopping Cart SQL injection CVE-2004-0348 04 Mar 2004 10 (v2) Critical Pass cfWebStore Multiple Vulnerabilities (SQLi, XSS) CVE-2004-1806 14 Mar 2004 7.5 (v2) High Pass Geronimo Console Default Credentials 18 Jan 2006 7.5 (v2) High Pass ADOdb tmssql.php do Parameter Arbitrary PHP Function Execution CVE-2006-0147 10 Jan 2006 7.5 (v2) High Pass IBM Lotus Domino Server Crafted .nsf Request Traversal Arbitrary File Access CVE-2001-0009 25 May 2004 5 (v2) Medium Pass Lexmark / Dell Printer Unauthenticated Access CVE-1999-1061 13 May 2004 9 (v2) High Pass WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities CVE-2005-3187 CVE-2005-4085 10 Jan 2006 7.5 (v2) High Pass WinProxy < 6.1a Telnet Proxy Remote DoS CVE-2005-3654 10 Jan 2006 7.5 (v2) High Pass CORBA IIOP Listener Detection 17 Jan 2006 None Pass Farmers WIFE FTP Server Multiple Command Traversal Arbitrary File Creation CVE-2006-0319 20 Jan 2006 5 (v2) Medium Pass RPC rpcbind Non-standard Port Assignment Filter Bypass CVE-1999-0632 CVE-1999-0189 25 May 2007 4 (v2) Medium Pass Sun ONE Directory Server LDAP Malformed Packet DoS CVE-2006-0647 13 Feb 2006 5 (v2) Medium Pass Subversion < 1.0.5 svnserver svn:// Protocol Handler Remote Over fl ow CVE-2004-0413 22 Jun 2004 10 (v2) Critical 14

Pass Firebird / InterBase Database Server Detection 25 Aug 2006 None Pass MailEnable IMAP Server EXAMINE Command Remote DoS CVE-2006-0503 02 Feb 2006 5 (v2) Medium Pass TiVo Detection 29 Jan 2006 None Pass Inter-Asterisk eXchange Protocol Detection 01 Feb 2006 None Pass Pirelli AGE mB Router Default Password (microbusiness) for 'admin' Account CVE-1999-0502 09 Jul 2004 7.5 (v2) High Pass CommuniGate Pro Server < 5.0.7 LDAP BER Decoding Multiple Vulnerabilities CVE-2006-0468 31 Jan 2006 7.5 (v2) High Pass MailEnable Webmail Malformed Quoted-printable Email DoS (CVE-2006-0504) CVE-2006-0504 09 Feb 2006 5 (v2) Medium Pass LDAP Server Detection 10 Feb 2006 None Pass MS08-059: Microsoft Host Integration Server (HIS) SNA RPC Request Remote Over fl ow (956695) (uncredentialed check) CVE-2008-3466 15 Oct 2008 10 (v2) Critical Pass RunCMS Multiple Script bbPath Parameter Remote File Inclusion CVE-2006-0659 10 Feb 2006 6.8 (v2) Medium Pass NeoMail neomail.pl sort Parameter XSS CVE-2006-0536 16 Feb 2006 4.3 (v2) Medium Pass Phorum search.php subject Parameter XSS CVE-2004-2242 02 Aug 2004 4.3 (v2) Medium Pass Macallan IMAP Server Multiple Traversals Arbitrary File/Directory Manipulation CVE-2006-0798 17 Feb 2006 5.5 (v2) Medium Pass Xerox WorkCentre Multiple Vulnerabilities (XRX06-001) CVE-2006-0825 CVE-2006-0826 CVE-2006-0827 CVE-2006-0828 21 Feb 2006 7.5 (v2) High Pass 4D WebStar Arbitrary Multiple Vulnerabilities CVE-2004-0696 03 Aug 2004 5 (v2) Medium Pass Fedora Directory Server Crafted IFRAME adm.conf Admin Server Password Disclosure CVE-2005-3630 21 Feb 2006 5 (v2) Medium Pass ArGoSoft Mail Server _DUMP Command System Information Disclosure CVE-2006-0928 25 Feb 2006 5 (v2) Medium Pass Geeklog < 1.3.11sr4 / 1.4.0sr1 Multiple Remote Vulnerabilities (LFI, SQLi) CVE-2006-0823 CVE-2006-0824 22 Feb 2006 7.5 (v2) High Pass Arista Networks EOS/vEOS IP fragment DoS (SA0037) CVE-2018-5391 24 Feb 2020 7.5 (v3) High Pass TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products - Cisco Systems CVE-2008-4609 CVE-2009-0627 01 Sep 2010 7.8 (v2) High Pass MDaemon IMAP Server Mail Folder Name Format String CVE-2006-0925 28 Feb 2006 5 (v2) Medium Pass Cisco IOS Software Authentication Proxy Vulnerability - Cisco Systems CVE-2009-2863 01 Sep 2010 7.1 (v2) High Pass Cisco IOS Software H.323 Denial of Service Vulnerability - Cisco Systems CVE-2009-2866 01 Sep 2010 7.8 (v2) High Pass RaidenHTTPD Crafted Request Script Source Disclosure CVE-2006-0949 06 Mar 2006 5 (v2) Medium Pass Cisco Uni fi ed Operations Manager < 8.6 Multiple Vulnerabilities CVE-2011-0959 CVE-2011-0960 CVE-2011-0961 CVE-2011-0962 CVE-2011-0966 CVE-2011-2738 13 Oct 2011 10 (v2) Critical Pass Oracle Tra ffi c Director Multiple Vulnerabilities (July 2014 CPU) CVE-2013-1739 CVE-2013-1740 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 31 Jul 2014 7.5 (v2) High Pass Cisco IOS Software Tunnels Vulnerability - Cisco Systems CVE-2009-2872 CVE-2009-2873 01 Sep 2010 7.1 (v2) High Pass Xerox WorkCentre Multiple Vulnerabilities (XRX06-002) CVE-2006-1136 CVE-2006-1137 CVE-2006-1138 08 Mar 2006 5 (v2) Medium Pass Cisco IOS Software H.323 Denial of Service Vulnerabilities (cisco-sa-20100324-h323) CVE-2010-0582 CVE-2010-0583 01 Sep 2010 7.8 (v2) High Pass PeerCast procConnectArgs() Function URL Handling Remote Over fl ow CVE-2006-1148 10 Mar 2006 7.5 (v2) High Pass Oracle Primavera Gateway (Apr 2021 CPU) CVE-2016-5725 CVE-2020-17521 22 Apr 2021 5.9 (v3) Medium Pass MERCUR Messaging IMAP Service Multiple Command Remote Over fl ow CVE-2006-1255 22 Mar 2006 10 (v2) Critical Pass Palo Alto Networks PAN-OS Firewall/Panorama WebUI Default Credentials 17 Dec 2013 7.3 (v3) High Pass Adobe Document Server File URI Arbitrary Resource Manipulation CVE-2006-1182 18 Mar 2006 2.6 (v2) Low Pass SynchronEyes Teacher Detection 13 Apr 2006 None Pass Jabber Studio jabberd SASL Negotiation Remote DoS CVE-2006-1329 23 Mar 2006 5 (v2) Medium Pass Multiple Slider Plugins for WordPress 'img' Parameter Local File Inclusion Vulnerability 13 Jan 2015 5 (v2) Medium Pass lighttpd on Windows < 1.4.10a Crafted Filename Request Script Source Disclosure CVE-2006-0814 27 Mar 2006 5.3 (v3) Medium Pass Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (cisco-sa-20100922-sip) CVE-2009-2051 CVE-2010-2835 22 Sep 2010 7.8 (v2) High Pass Zimbra Collaboration Server skin Parameter Traversal Local File Inclusion CVE-2013-7091 19 Feb 2014 5 (v2) Medium Pass Bitdefender GravityZone < 5.1.11.432 Information Disclosure CVE-2014-5350 25 Jul 2014 5 (v2) Medium Pass GlobalSCAPE Secure FTP Server (gsftps) Custom Command Long Parameter DoS CVE-2006-1693 07 Apr 2006 5 (v2) Medium Pass Novell eDirectory < 8.8 SP3 Multiple Vulnerabilities (OF, XSS, MC) CVE-2008-5091 CVE-2008-5092 CVE-2008-5093 CVE-2008-5094 CVE-2008-5095 16 Sep 2008 10 (v2) Critical Pass Mac OS X 10.6.x < 10.6.6 Multiple Vulnerabilities CVE-2010-4013 06 Jan 2011 7.6 (v2) High Pass Novell Messenger Messaging Agent Detection 19 Apr 2006 None Pass Coppermine Photo Gallery index.php fi le Parameter Local File Inclusion CVE-2006-1909 17 Apr 2006 7.5 (v2) High Pass Novell GroupWise Messenger Accept Language Remote Over fl ow CVE-2006-0992 19 Apr 2006 10 (v2) Critical Pass DeleGate DNS Response Message DoS CVE-2006-2072 26 Apr 2006 5 (v2) Medium Pass TLS Version 1.1 Protocol Detection (PCI DSS) 07 Aug 2020 8.2 (v3) High Pass ArGoSoft FTP Server RNTO Command Remote Bu ff er Over fl ow CVE-2006-2170 04 May 2006 6.4 (v2) Medium Pass EMC Retrospect Client Packet Handling Remote Over fl ow CVE-2006-2391 05 May 2006 7.5 (v2) High Pass Limbo CMS sql.php classes_dir Parameter Remote File Inclusion CVE-2006-2142 03 May 2006 6.4 (v2) Medium Pass Gene6 FTP Server Multiple Command Remote Over fl ows CVE-2006-2172 04 May 2006 7.5 (v2) High Pass Golden FTP Server Pro Multiple Command Remote Over fl ow DoS CVE-2006-2180 04 May 2006 6.4 (v2) Medium Pass XM Easy FTP Server USER Command Bu ff er Over fl ow CVE-2006-2225 11 May 2006 7.3 (v3) High Pass OpenVPN Unprotected Management Interface CVE-2006-2229 08 May 2006 4 (v2) Medium Pass Ipswitch WhatsUp Professional Multiple Vulnerabilities (XSS, Enum, ID) CVE-2006-2351 CVE-2006-2352 CVE-2006-2353 CVE-2006-2354 CVE-2006-2355 CVE-2006-2356 CVE-2006-2357 15 May 2006 5 (v2) Medium Pass WebCalendar Login Error Message User Account Enumeration CVE-2006-2247 16 May 2006 5 (v2) Medium Pass freeSSHd Key Exchange Algorithm String Remote Over fl ow CVE-2006-2407 22 May 2006 7.5 (v2) High Pass Resin for Windows Encoded URI Traversal Arbitrary File Access CVE-2006-1953 27 May 2006 7.8 (v2) High Pass BlackBerry Enterprise Service (BES) Management Console 12.x < 12.4.1 Multiple XSS CVE-2016-1916 CVE-2016-1917 CVE-2016-1918 CVE-2016-3126 03 Jun 2016 6.1 (v3) Medium Pass Sun Server Console Authentication Bypass CVE-2006-2513 26 May 2006 7.5 (v2) High Pass Cisco IOS Internet Key Exchange Vulnerability (cisco-sa-20120328-ike) CVE-2012-0381 02 Apr 2012 7.8 (v2) High Pass UBB.threads addpost_newpoll.php thispath Parameter Remote File Inclusion CVE-2006-2568 27 May 2006 5.1 (v2) Medium Pass Resin view fi le Servlet Arbitrary File Disclosure CVE-2006-2437 CVE-2006-2438 27 May 2006 5 (v2) Medium Pass Juniper Junos Multiple s fi d Daemon Malformed Packet Remote DoS (PSN-2011-04-241) 22 Aug 2011 6.1 (v2) Medium Pass Juniper Junos debug.php J-Web Component Unauthenticated Debug Access (PSN-2011-02-158) 22 Aug 2011 4.8 (v2) Medium Pass SpamAssassin spamd Crafted Message Arbitrary Command Execution CVE-2006-2447 08 Jun 2006 5.1 (v2) Medium Pass WinGate POST Request Bu ff er Over fl ow CVE-2006-2926 09 Jun 2006 7.5 (v2) High Pass Cisco IOS Software Data-Link Switching Vulnerability (cisco-sa-20110928-dlsw) CVE-2011-0945 29 Sep 2011 7.8 (v2) High Pass IAXClient Open Source Library iax_net_read Function Packet Handling Remote Over fl ow CVE-2006-2923 12 Jun 2006 6.4 (v2) Medium Pass MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741) (uncredentialed check) CVE-2003-0813 CVE-2004-0116 CVE-2003-0807 CVE-2004-0124 16 Mar 2007 10 (v2) Critical Pass Cisco Application Policy Infrastructure Controller Privilege Escalation (cisco-sa-20190501-apic-priv-escalation) CVE-2019-1682 05 Aug 2020 7.8 (v3) High Pass IBM Lotus Domino SMTP Server Malformed Meeting Request (vCal) DoS CVE-2006-0119 29 Jun 2006 10 (v2) Critical Pass Juniper Junos MPC Malformed Route Pre fi x Remote DoS (PSN-2011-08-327) 10 Nov 2011 5.7 (v2) Medium Pass w-Agora inc_dir Parameter Remote File Inclusion 23 Jun 2006 7.5 (v2) High Pass Juniper Junos J-Web Administrator Logs XSS (PSN-2011-10-392) 10 Nov 2011 5 (v2) Medium Pass Apple iTunes AAC File Parsing Integer Over fl ow (uncredentialed check) CVE-2006-1467 30 Jun 2006 5.1 (v2) Medium Pass KVM / QEMU Guest Detection (uncredentialed check) 21 Nov 2011 None Pass phpFormGenerator Arbitrary File Upload 04 Jul 2006 7.5 (v2) High Pass Western Digital Arkeia lang Cookie Local File Inclusion 28 May 2014 5 (v2) Medium Pass McAfee Common Management Agent Traversal Arbitrary File Write CVE-2006-3623 14 Jul 2006 5.3 (v3) Medium Pass WinGate IMAP Server Directory Traversal Vulnerabilities CVE-2006-2917 11 Jul 2006 5.5 (v2) Medium Pass Juniper Junos MGD-CLI Arbitrary Command Execution (PSN-2011-11-418) 23 Jan 2012 7.2 (v2) High Pass Juniper Junos BGP UPDATE Malformed ATTR_SET Attribute Remote DoS (PSN-2012-01-472) 23 Jan 2012 4.3 (v2) Medium Pass Webmin Null Byte Filtering Information Disclosure CVE-2006-4542 02 Sep 2006 6.8 (v2) Medium Pass MyBB HTTP Header 'CLIENT-IP' Field SQLi CVE-2006-3775 17 Jul 2006 7.5 (v2) High Pass Juniper Junos BGP Multiple Remote DoS (PSN-2012-01-475) 23 Jan 2012 4.3 (v2) Medium Pass PatchLink Update Server proxyreg.asp Arbitrary Proxy Manipulation CVE-2006-3425 28 Jul 2006 7.5 (v2) High Pass eIQnetworks Enterprise Security Analyzer Syslog Server Multiple Remote Over fl ows CVE-2006-3838 02 Aug 2006 10 (v2) Critical Pass Hobbit Monitor con fi g Method Traversal Arbitrary File Access CVE-2006-4003 08 Aug 2006 5 (v2) Medium Pass MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution (921883) (uncredentialed check) CVE-2006-3439 08 Aug 2006 10 (v2) Critical Pass ISC DHCP Server supersede_lease() Function DHCPDISCOVER Packet DoS CVE-2006-3122 04 Aug 2006 5 (v2) Medium Pass RMI Registry Detection 16 Aug 2006 None Pass Symantec SAVCE/Client Security Service Detection 21 Sep 2006 None Pass Informix Dynamic Server Multiple Remote Vulnerabilities CVE-2006-3853 CVE-2006-3855 CVE-2006-3856 CVE-2006-3857 CVE-2006-3858 CVE-2006-3860 CVE-2006-3861 CVE-2006-3862 16 Aug 2006 7.5 (v2) High Pass Cisco IOS Software Command Security Bypass (cisco-sa-20120328-pai) CVE-2012-0384 02 Apr 2012 8.8 (v3) High Pass IPCheck Server Monitor Traversal Arbitrary File Access CVE-2006-4140 14 Aug 2006 5 (v2) Medium Pass Juniper Junos J-Web CPU Utilization DoS (PSN-2012-04-547) 25 Apr 2012 5 (v2) Medium Pass osCommerce shopping_cart.php id Array Parameters SQL Injection CVE-2006-4297 23 Aug 2006 7.5 (v2) High Pass Zend Session Clustering Daemon PHP Session Identi fi er Remote Over fl ow CVE-2006-4431 29 Aug 2006 7.5 (v2) High Pass Juniper Junos MPLS DoS (PSN-2012-04-546) 25 Apr 2012 5.4 (v2) Medium Pass Juniper Junos SRX Series for the Data Center Memory Corruption (PSN-2012-04-548) 25 Apr 2012 7.5 (v2) High Pass Fuji Xerox Printing Systems (FXPS) Print Engine Crafted Request HTTP Authentication Bypass CVE-2006-2113 29 Aug 2006 6.4 (v2) Medium Pass ISC BIND 9 Multiple Remote DoS CVE-2006-2073 CVE-2006-4095 CVE-2006-4096 07 Sep 2006 5 (v2) Medium Pass Juniper Junos SYN Cookie Protection DoS (PSN-2012-07-643) 17 Jul 2012 7.8 (v2) High Pass WebAdmin < 3.2.6 MDaemon Account Hijacking CVE-2006-4620 05 Sep 2006 4.6 (v2) Medium Pass MSRPC Service Detection 11 Sep 2006 None Pass IBM WebSphere Application Server 7.0 < Fix Pack 25 Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2012-3293 CVE-2012-3304 CVE-2012-3305 CVE-2012-3306 CVE-2012-3311 CVE-2012-3325 03 Oct 2012 6.8 (v2) Medium Pass Juniper Junos OpenSSL ASN.1 Memory Corruption (PSN-2012-07-645) CVE-2012-2110 CVE-2012-2131 17 Jul 2012 7.5 (v2) High Pass ColdFusion MX Server Detection 15 Sep 2006 None Pass Claroline Software Detection 18 Sep 2006 None 15

Pass Juniper Junos IS-IS hello DoS (PSN-2012-07-647) 17 Jul 2012 5.7 (v2) Medium Pass IBM Spectrum Protect Plus hostname Command Injection CVE-2020-4211 CVE-2020-4469 05 Aug 2020 9.8 (v3) Critical Pass Juniper Junos J-Web XSS (PSN-2012-07-649) CVE-2014-2712 17 Jul 2012 4.3 (v2) Medium Pass Mambo Open Source usercookie Parameter SQL Injection 06 Oct 2006 6.8 (v2) Medium Pass SOAP Server Detection 29 Sep 2006 None Pass Juniper Junos PIM DoS (PSN-2012-07-648) 17 Jul 2012 6.1 (v2) Medium Pass MailEnable SMTP Connector Multiple NTLM Authentication Vulnerabilities CVE-2006-5176 CVE-2006-5177 02 Oct 2006 7.5 (v2) High Pass Xerox WorkCentre WebUI Arbitrary Command Execution (XRX06-005) CVE-2006-5290 05 Oct 2006 7.5 (v2) High Pass CA BrightStor ARCserve Backup for Windows Multiple Remote Bu ff er Over fl ows (QO81201) CVE-2006-5142 CVE-2006-5143 06 Oct 2006 7.5 (v2) High Pass IBM DB2 Interrupt Port Detection 21 Sep 2006 None Pass Zabbix Server Detection 10 Oct 2006 None Pass Skinny Server Detection 19 Oct 2006 None Pass CA BrightStor ARCserve Backup DBASVR for Windows Multiple Remote Bu ff er Over fl ows CVE-2006-5142 CVE-2006-5143 06 Oct 2006 7.5 (v2) High Pass Juniper Junos UDP/IP DoS (PSN-2012-07-652) 17 Jul 2012 5.7 (v2) Medium Pass ELOG Web LogBook global Denial of Service CVE-2006-6318 20 Nov 2006 5 (v2) Medium Pass phpMyAdmin < 2.9.1 Multiple Vulnerabilities CVE-2006-5116 06 Oct 2006 5.1 (v2) Medium Pass Adobe Breeze Directory Traversal Arbitrary File Access CVE-2006-5200 14 Oct 2006 5 (v2) Medium Pass Novell eDirectory iMonitor HTTP Protocol Stack (httpstk) Host HTTP Header Remote Over fl ow CVE-2006-5478 23 Oct 2006 7.5 (v2) High Pass HP OpenView Storage Mirroring Server Detection 21 Nov 2006 None Pass DataWizard FTPXQ Default Accounts CVE-2006-5569 14 Nov 2006 6.4 (v2) Medium Pass Horde Ingo Software Detection 20 Oct 2006 None Pass Xerox WorkCentre Multiple Vulnerabilities (XRX06-006) CVE-2006-6427 CVE-2006-6428 CVE-2006-6429 CVE-2006-6430 CVE-2006-6431 CVE-2006-6432 01 Dec 2006 7.8 (v2) High Pass Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008) CVE-2007-3456 CVE-2007-4678 CVE-2007-2926 CVE-2005-0953 CVE-2005-1260 CVE-2007-4679 CVE-2007-4680 CVE-2007-0464 CVE-2007-4681 CVE-2007-4682 CVE-2007-3999 CVE-2007-4743 CVE-2007-3749 CVE-2007-4683 CVE-2007-4684 CVE-2007-4 14 Nov 2007 10 (v2) Critical Pass Novell ZENworks Asset Management Collection Client Remote Over fl ow CVE-2006-6299 11 Dec 2006 10 (v2) Critical Pass Cisco IOS DHCP Client DoS (cisco-sa-20170322-dhcpc) CVE-2017-3864 28 Mar 2017 8.6 (v3) High Pass Land Down Under / Seditio polls.php id Parameter SQL Injection CVE-2006-6343 CVE-2006-6577 10 Dec 2006 6.8 (v2) Medium Pass WoltLab Burning Board Lite thread.php decode_cookie Function threadvisit Cookie Parameter SQL Injection CVE-2006-6237 27 Nov 2006 7.5 (v2) High Pass Novell ZenWorks Asset Management Server Detection 11 Dec 2006 None Pass Mort Bay Jetty URL Multiple Slash Character Information Disclosure CVE-2007-6672 07 Jan 2008 5 (v2) Medium Pass OpenSSH < 3.6.2 Reverse DNS Lookup Bypass CVE-2003-0386 10 Jun 2003 7.5 (v2) High Pass Juniper Junos PIM Hello DoS (PSN-2012-10-732) 26 Oct 2012 7.1 (v2) High Pass JBoss Application Server (jbossas) JMX Console DeploymentFileRepository Traversal Arbitrary File Manipulation CVE-2006-5750 14 Dec 2006 7.5 (v2) High Pass JBoss JMX Console Unrestricted Access 14 Dec 2006 7.5 (v2) High Pass ARCserve Backup for Laptops & Desktops Server Admin Service Detection 26 Jan 2007 None Pass CA BrightStor ARCserve Backup Discovery Service Over fl ow CVE-2006-6379 12 Dec 2006 7.5 (v2) High Pass Juniper Junos web-authentication Policy Not Enforced (PSN-2012-10-735) 26 Oct 2012 5 (v2) Medium Pass Juniper Junos J-Web URL Encoding Heap-Based Bu ff er Over fl ow (PSN-2013-01-807) 14 Jan 2013 10 (v2) Critical Pass Mono XSP for ASP.NET Server Crafted Request Script Source Code Disclosure CVE-2006-6104 23 Dec 2006 5 (v2) Medium Pass Cisco Device Default Password CVE-1999-0508 23 Dec 2006 9.8 (v3) Critical Pass CA BrightStor ARCserve Backup Tape Engine Multiple Remote Over fl ows (QO84983) CVE-2006-6076 CVE-2007-0168 CVE-2007-0169 12 Jan 2007 10 (v2) Critical Pass IBM DB2 < 8.1 Fix Pack 13 CONNECT Processing Unspeci fi ed DoS CVE-2006-4257 23 Dec 2006 4.3 (v3) Medium Pass Teredo Server Detection 04 Jan 2007 None Pass WebDAV Directory Enumeration 11 Jan 2007 None Pass phpBB < 2.0.22 Multiple Vulnerabilities CVE-2006-4758 CVE-2006-6421 CVE-2006-6839 CVE-2006-6840 CVE-2006-6841 03 Jan 2007 10 (v2) Critical Pass WordPress Trackback Charset Decoding SQL Injection CVE-2007-0107 12 Jan 2007 6.8 (v2) Medium Pass Easy File Sharing FTP Server PASS Command Over fl ow CVE-2006-3952 17 Jan 2007 7.5 (v2) High Pass CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO84983) CVE-2006-5171 CVE-2006-5172 CVE-2006-6076 CVE-2006-6917 CVE-2007-0168 CVE-2007-0169 15 Jan 2007 10 (v2) Critical Pass Sambar FTP Server Malformed SIZE Command DoS CVE-2006-6624 17 Jan 2007 4 (v2) Medium Pass MS06-056: Vulnerabilities in ASP.NET could allow information disclosure (922770) (uncredentialed check) CVE-2006-3436 26 Jan 2007 4.3 (v2) Medium Pass Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities CVE-2003-0063 CVE-2006-1329 CVE-2008-4456 CVE-2008-5515 CVE-2008-7247 CVE-2009-0033 CVE-2009-0580 CVE-2009-0689 CVE-2009-0781 CVE-2009-0783 CVE-2009-1904 CVE-2009-2042 CVE-2009-2417 CVE-2009-2422 CVE-2009-2446 CVE-2009-2 29 Mar 2010 10 (v2) Critical Pass Cisco IOS Software Protocol Translation Vulnerability (cisco-sa-20130327-pt) CVE-2013-1147 10 Apr 2013 7.8 (v2) High Pass Juniper Junos Unspeci fi ed DoS (PSN-2013-01-818) 07 May 2013 7.8 (v2) High Noise HyperText Transfer Protocol (HTTP) Information 30 Jan 2007 None Pass Microsoft .NET Custom Errors Not Set 26 Jan 2007 4.3 (v2) Medium Pass Juniper Junos Firewall Bypass DoS (PSN-2013-04-912) 20 May 2013 6.4 (v2) Medium Pass Juniper Junos J-Web Remote Code Execution (PSN-2013-04-914) 20 May 2013 9 (v2) High Pass CA eTrust Intrusion Detection System Key Exchange Remote DoS CVE-2007-1005 28 Feb 2007 7.8 (v2) High Pass DokuWiki Detection 26 Feb 2007 None Pass Trend Micro ServerProtect Detection 21 Feb 2007 None Pass Symantec Web Security Detection 07 Jun 2007 None Pass DevTrack Web Service UserName Field SQL Injection CVE-2007-0853 09 Feb 2007 7.5 (v2) High Pass Plain Old Webserver URI Traversal Arbitrary File Access CVE-2007-0872 19 Feb 2007 5 (v2) Medium Pass WFTPD APPE Command Bu ff er Over fl ow CVE-2006-5826 19 Feb 2007 5.8 (v2) Medium Pass Trend Micro ServerProtect TmRpcSrv.dll RPC Request Multiple Over fl ows CVE-2007-1070 21 Feb 2007 10 (v2) Critical Pass Cisco IOS SIP Packet Handling Remote DoS (CSCsh58082) CVE-2007-0648 01 Mar 2007 7.8 (v2) High Pass Juniper Junos Invalid Ether-type DoS (PSN-2013-04-916) 20 May 2013 6.1 (v2) Medium Pass Eudora WorldMail Mail Management Server (MAILMA.exe) Remote Over fl ow CVE-2006-6336 05 Mar 2007 10 (v2) Critical Pass Kiwi CatTools < 3.2.9 TFTP Server Traversal Arbitrary File Manipulation CVE-2007-0888 01 Mar 2007 10 (v2) Critical Pass Trend Micro ServerProtect for Linux splx_2376_info Cookie Authentication Bypass CVE-2007-1168 22 Feb 2007 7.5 (v2) High Pass Symantec Mail Security for SMTP Admin Center Default Credentials 05 Mar 2007 7.5 (v2) High Pass CA BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255) CVE-2006-6076 CVE-2007-0816 CVE-2007-1447 CVE-2007-1448 16 Mar 2007 10 (v2) Critical Pass Moodle 'moodledata/sessions' Session Files Remote Information Disclosure CVE-2007-1647 23 Mar 2007 5 (v2) Medium Pass Webapp.org WebAPP < 0.9.9.6 Multiple Vulnerabilities CVE-2007-1259 19 Mar 2007 7.5 (v2) High Pass IBM Tivoli Provisioning Manager OS Deployment Multiple Unspeci fi ed Input Validation Vulnerabilities CVE-2007-1868 07 Apr 2007 10 (v2) Critical Pass SNMP Version 3 Authentication Bypass Vulnerabilities (cisco-sa-20080610-snmpv3) CVE-2008-0960 31 May 2013 10 (v2) Critical Pass ProFTPD Auth API Multiple Auth Module Authentication Bypass CVE-2007-2165 19 Apr 2007 5.1 (v2) Medium Pass Sun Java Web Console LibWebconsole_Services.SO Remote Format String CVE-2007-1681 23 Apr 2007 7.5 (v2) High Pass Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Over fl ow CVE-2007-2171 23 Apr 2007 10 (v2) Critical Pass Cisco NX-OS Malformed IP Packet DoS (cisco-sa-20120215-nxos) 31 May 2013 7.8 (v2) High Pass Plesk Multiple Script locale_id Parameter Traversal Arbitrary File Access CVE-2007-2268 27 Apr 2007 5 (v2) Medium Pass myGallery mygallerybrowser.php 'myPath' Parameter Remote File Inclusion CVE-2007-2426 30 Apr 2007 7.5 (v2) High Pass Trend Micro ServerProtect AgRpcCln.dll Bu ff er Over fl ow CVE-2007-2528 09 May 2007 10 (v2) Critical Pass Trend Micro ServerProtect EarthAgent RPC Request Remote Bu ff er Over fl ow CVE-2007-2508 09 May 2007 10 (v2) Critical Pass MERCUR Messaging IMAP Server NTLM Authentication NTLMSSP Argument Remote Over fl ow CVE-2007-1578 30 Apr 2007 10 (v2) Critical Pass Resin for Windows \WEB-INF Traversal Arbitrary File Access CVE-2007-2440 16 May 2007 5 (v2) Medium Pass Cisco Uni fi ed Communications Manager Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20120926-cucm) CVE-2012-3949 08 Jul 2013 7.8 (v2) High Pass CommuniGate Pro WebMail w/ MSIE STYLE Tag XSS CVE-2007-2718 14 May 2007 4.3 (v2) Medium Pass RunCMS < 1.5.3 debug_show.php Multiple Vulnerabilities CVE-2007-2538 CVE-2007-2539 08 May 2007 7.8 (v2) High Pass IBM WebSphere Application Server 8.5 < Fix Pack 2 Multiple Vulnerabilities CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 CVE-2013-0458 CVE-2013-0459 CVE-2013-0461 CVE-2013-0462 CVE-2013-0482 CVE-2013-0540 CVE-2013-0541 CVE-2013-0542 CVE-2013-0543 CVE-2013-0544 CVE-2013-0565 10 May 2013 10 (v2) Critical Pass SNMPc Management Server Default Credentials 05 Jun 2007 7.5 (v2) High Pass F-Secure Policy Manager Server fsmsh.dll module DoS CVE-2007-2964 04 Jun 2007 5 (v2) Medium Pass HP System Management Homepage < 2.1.2 Unspeci fi ed XSS CVE-2007-3062 01 Jun 2007 4.3 (v2) Medium Pass Juniper Junos SRX Series PIM DoS (JSA10573) CVE-2013-4684 16 Jul 2013 7.8 (v2) High Pass Juniper Junos SRX Series UAC Enforcer HTTP Remote Code Execution (JSA10574) CVE-2013-4685 16 Jul 2013 10 (v2) Critical Pass Symantec Ghost Solution Locate Server Detection 13 Jun 2007 None Pass Symantec Ghost Solution Status Server Detection 13 Jun 2007 None Pass Packeteer Web Management Interface Authentication 26 Jun 2007 None Pass Xerox WorkCentre Multiple OpenSSL Vulnerabilities (XRX07-001) CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4343 01 Jul 2007 7.8 (v2) High Pass Juniper Junos OpenSSL Multiple Vulnerabilities (JSA10575) CVE-2013-0166 CVE-2013-0169 16 Jul 2013 4.3 (v2) Medium Pass IBM Spectrum Protect / Tivoli Storage Manager Service Detection 03 Jul 2007 None Pass Ingres Data Access Server Detection 01 Jul 2007 None Pass IBM Tivoli Storage Manager Multiple Remote Over fl ows CVE-2006-5855 03 Jul 2007 10 (v2) Critical Pass OpenSSL 1.0.1 < 1.0.1n Multiple Vulnerabilities (Logjam) CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 12 Jun 2015 6.8 (v2) Medium Pass AsteriDex callboth.php Multiple Parameter CRLF Injection Arbitrary Command Execution CVE-2007-3621 06 Jul 2007 7.5 (v2) High Pass CA Multiple Products Message Queuing Server (Cam.exe) Remote Over fl ow CVE-2007-0060 26 Jul 2007 9.3 (v2) High Pass Juniper Junos proxy-arp/arp-resp DoS (JSA10576) CVE-2013-4686 16 Jul 2013 5.7 (v2) Medium Pass Juniper Junos SRX Series TCP ALG DoS (JSA10577) CVE-2013-4687 16 Jul 2013 7.8 (v2) High Pass Juniper Junos SRX Series MSRPC DoS (JSA10578) CVE-2013-4688 16 Jul 2013 7.8 (v2) High Pass Juniper Junos SRX1400/3400/3600 Etherleak Information Disclosure (JSA10579) CVE-2003-0001 CVE-2013-4690 16 Jul 2013 5 (v2) Medium Pass Sun Java System Directory Server Multiple Vulnerabilities CVE-2006-4175 CVE-2007-2466 CVE-2007-3224 CVE-2007-3225 12 Jul 2007 7.8 (v2) High Pass Symantec Backup Exec for Windows RPC Crafted ncacn_ip_tcp Request Remote Over fl ow CVE-2007-3509 16 Jul 2007 7.5 (v2) High Pass Juniper Junos SSL/TLS Renegotiation DoS (JSA10580) CVE-2011-1473 16 Jul 2013 4.3 (v2) Medium 16

Pass Cisco IOS Extensible Authentication Protocol Vulnerability (cisco-sr-20071019-eap) CVE-2007-5651 22 Jul 2013 7.1 (v2) High Pass Cisco Expressway Series and TelePresence Video Communication DoS (cisco-sa-expressway-vcs-dos-n6xxTMZB) CVE-2020-3596 09 Oct 2020 7.5 (v3) High Pass Puppet Enterprise 2015.x / 2016.x < 2016.4.0 Multiple Vulnerabilities CVE-2016-5715 09 Oct 2019 6.1 (v3) Medium Pass RealNetworks Helix DNA Server RTSP Service Crafted Require Header Remote Over fl ow CVE-2007-4561 28 Aug 2007 10 (v2) Critical Pass Cisco Web Security Appliance Version 26 Jul 2013 None Pass Mercury SMTP Server AUTH CRAM-MD5 Remote Bu ff er Over fl ow CVE-2007-4440 23 Aug 2007 7.5 (v2) High Pass Sybase ASA Client Connection Broadcast Remote Information Disclosure 22 Aug 2007 5 (v2) Medium Pass Sybase ASA Default Database Password 22 Aug 2007 7.5 (v2) High Pass Cisco Content Security Management Appliance Version 26 Jul 2013 None Pass Juniper Junos OSPF Protocol Vulnerability (JSA10582) CVE-2013-0149 CVE-2013-7313 02 Aug 2013 7.8 (v2) High Pass Trend Micro ServerProtect Multiple Remote Over fl ows CVE-2007-4218 CVE-2007-4219 CVE-2007-4731 22 Aug 2007 10 (v2) Critical Pass SIDVault < 2.0f LDAP Server Malformed Search Request Bu ff er Over fl ow CVE-2007-4566 28 Aug 2007 10 (v2) Critical Pass OSPF LSA Manipulation Vulnerability in Cisco IOS (cisco-sa-20130801-lsaospf) CVE-2013-0149 16 Aug 2013 5.8 (v2) Medium Pass OSPF LSA Manipulation Vulnerability in Cisco NX-OS (cisco-sa-20130801-lsaospf) CVE-2013-0149 16 Aug 2013 5.8 (v2) Medium Pass HP Switch Identi fi cation 13 Aug 2013 None Pass OpenSSL 1.0.2 < 1.0.2d Multiple Vulnerabilities CVE-2015-1793 CVE-2015-3196 09 Jul 2015 6.5 (v3) Medium Pass Cisco Nexus 1000V VEM DoS (CSCtj17451) CVE-2011-0355 13 Aug 2013 7.8 (v2) High Pass lighttpd mod_fastcgi HTTP Request Header Remote Over fl ow CVE-2007-4727 17 Sep 2007 5.6 (v3) Medium Pass Kerio MailServer < 6.4.1 Attachment Filter Unspeci fi ed Vulnerability CVE-2007-3993 05 Sep 2007 10 (v2) Critical Pass OEJP Daemon Detection 28 Sep 2007 None Pass Web Server Transmits Cleartext Credentials 28 Sep 2007 2.6 (v2) Low Pass Hexamail Server pop3 Service USER Command Remote Over fl ow CVE-2007-4646 11 Sep 2007 10 (v2) Critical Pass BrightStor Hierarchical Storage Manager < r11.6 Multiple Remote Vulnerabilities CVE-2007-5082 CVE-2007-5083 CVE-2007-5084 04 Oct 2007 10 (v2) Critical Pass CA BrightStor HSM Engine Detection (UDP) 04 Oct 2007 None Pass Microsoft Windows SMB Blank Administrator Password CVE-1999-0504 CVE-1999-0505 CVE-1999-0506 CVE-2000-0222 CVE-2005-3595 04 Oct 2007 10 (v2) Critical Pass SSL Weak Cipher Suites Supported 08 Oct 2007 5.3 (v3) Medium Pass MagniComp SysInfo Agent Accessible 10 Oct 2007 5 (v2) Medium Pass CA BrightStor ARCserve Backup Multiple Remote Vulnerabilities (QO91094) CVE-2007-5325 CVE-2007-5326 CVE-2007-5327 CVE-2007-5328 CVE-2007-5329 CVE-2007-5330 CVE-2007-5331 CVE-2007-5332 12 Oct 2007 10 (v2) Critical Pass HP Linux Imaging and Printing Project (hplip) hpssd from Address Command Injection CVE-2007-5208 15 Oct 2007 7.6 (v2) High Pass CA Host-Based Intrusion Prevention System Server Default Credentials 23 Oct 2007 7.5 (v2) High Pass Datagram Transport Layer Security Detection 16 Oct 2007 None Pass HP Linux Imaging and Printing System HPSSD Daemon Detection 15 Oct 2007 None Pass K2 KeyServer Default Credentials 12 Oct 2007 7.5 (v2) High Pass Perdition IMAPD IMAP Tag Remote Format String Arbitrary Code Execution CVE-2007-5740 01 Nov 2007 7.5 (v2) High Pass Citrix Application Delivery Controller (ADC) / Citrix NetScaler Detection 06 Dec 2007 None Pass TikiWiki < 1.9.8.2 Multiple Scripts Local File Inclusion CVE-2007-5684 26 Oct 2007 5.1 (v2) Medium Pass Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20130123-wlc) CVE-2013-1102 CVE-2013-1103 CVE-2013-1104 CVE-2013-1105 25 Sep 2013 9 (v2) High Pass SNMP GETBULK Large max-repetitions Remote DoS CVE-2007-5846 09 Nov 2007 7.8 (v2) High Pass ManageEngine OpManager Login.do Multiple Parameter XSS CVE-2007-5891 07 Nov 2007 4.3 (v2) Medium Pass IBM Lotus Domino < 7.0.2 FP2 Multiple Vulnerabilities CVE-2007-5924 10 Nov 2007 10 (v2) Critical Pass IBM Lotus Domino < 6.5.6 FP2 Multiple Vulnerabilities CVE-2007-3510 CVE-2007-5924 10 Nov 2007 10 (v2) Critical Pass IBM Domino Detection (uncredentialed check) 10 Nov 2007 None Pass Mac OS X 10.8 < 10.8.5 Supplemental Update CVE-2013-5163 04 Oct 2013 6.6 (v2) Medium Pass Plumtree Portal Default Credentials 02 Dec 2007 7.5 (v2) High Pass I Hear U Detection 27 Nov 2007 None Pass NetScaler Web Management Successful Authentication 06 Dec 2007 None Pass ipMonitor Encoded Traversal Arbitrary File Access 13 Dec 2007 5 (v2) Medium Pass Rendezvous < 8.0.0 Crafted Packet Remote DoS CVE-2007-4158 02 Dec 2007 7.8 (v2) High Pass Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20130925-dhcp) CVE-2013-5475 07 Oct 2013 7.8 (v2) High Pass MS07-065: Vulnerability in Message Queuing Could Allow Remote Code Execution (937894) (uncredentialed check) CVE-2007-3039 12 Dec 2007 10 (v2) Critical Pass Fire fl y Media Server Limited Directory Traversal Admin Credential Disclosure 10 Dec 2007 7.5 (v2) High Pass Websense Reporting Tools WsCgiLogin.exe username Parameter XSS CVE-2007-6312 11 Dec 2007 4.3 (v2) Medium Pass Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20130925-nat) CVE-2013-5479 CVE-2013-5480 CVE-2013-5481 07 Oct 2013 7.8 (v2) High Pass CUPS SNMP Back End (backend/snmp.c) asn1_get_string Function Crafted SNMP Response Remote Over fl ow CVE-2007-5849 19 Dec 2007 9.3 (v2) High Pass WordPress 'query.php' is_admin() Function Information Disclosure 23 Dec 2007 5 (v2) Medium Pass Cisco IOS Software Queue Wedge Denial of Service Vulnerability (cisco-sa-20130925-wedge) CVE-2013-5477 07 Oct 2013 7.8 (v2) High Pass CuteNews search.php fi les_arch Array Arbitrary File Access 26 Dec 2007 5 (v2) Medium Pass ClamAV clamav-milter black-hole-mode Sendmail Recipient Field Arbitrary Command Execution CVE-2007-4560 03 Jan 2008 7.6 (v2) High Pass RunCMS Detection 07 Jan 2008 None Pass AXIS Camera Uncon fi gured Password Detection 09 Apr 2019 9.8 (v3) Critical Pass Cisco Open Network Environment Platform Unvalidated Pointer (CSCui51551) CVE-2013-5496 11 Oct 2013 6.3 (v2) Medium Pass Xerox WorkCentre Multiple Samba Vulnerabilities (XRX08-001) CVE-2007-2446 CVE-2007-2447 14 Jan 2008 10 (v2) Critical Pass Juniper Junos J-Web CSRF Protection Bypass (JSA10597) CVE-2013-4689 17 Oct 2013 9.3 (v2) High Pass Juniper Junos SRX Series fl owd Remote DoS (JSA10596) CVE-2013-6015 17 Oct 2013 7.8 (v2) High Pass Juniper Junos PIM Remote Denial of Service (JSA10548) CVE-2013-6170 17 Oct 2013 6.3 (v2) Medium Pass netOctopus Agent Detection (UDP) 14 Jan 2008 None Pass Blind Command Injection Vulnerability in Grandstream Products CVE-2019-10656 CVE-2019-10657 CVE-2019-10658 08 Apr 2019 8.8 (v3) High Pass Juniper Junos SRX Series fl owd telnet Messages Remote Code Execution (JSA10594) CVE-2013-6013 17 Oct 2013 10 (v2) Critical Pass Juniper Junos Unnumbered Interface Cache Poisoning Remote DoS and Information Disclosure (JSA10595) CVE-2013-6014 17 Oct 2013 6.1 (v2) Medium Pass Juniper Junos GNU libc glob Remote DoS (JSA10598) CVE-2010-2632 17 Oct 2013 6.8 (v2) Medium Pass IBM WebSphere Application Server 8.5 < Fix Pack 1 Multiple Vulnerabilities CVE-2012-2159 CVE-2012-2190 CVE-2012-2191 CVE-2012-3293 CVE-2012-3304 CVE-2012-3305 CVE-2012-3306 CVE-2012-3311 CVE-2012-3325 CVE-2012-3330 CVE-2012-4850 CVE-2012-4851 CVE-2012-4853 20 Nov 2012 7.5 (v2) High Pass Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST) CVE-2011-2391 CVE-2011-3389 CVE-2011-3427 CVE-2011-4944 CVE-2012-0845 CVE-2012-0876 CVE-2012-1150 CVE-2013-0249 CVE-2013-1667 CVE-2013-1944 CVE-2013-3950 CVE-2013-3954 CVE-2013-4073 CVE-2013-5135 CVE-2013-5138 CVE-2013-5 23 Oct 2013 9.3 (v2) High Pass HTTP DoS Vulnerability in Cisco Wireless LAN Controllers CVE-2013-6684 03 Dec 2013 6.8 (v2) Medium Pass Citadel/UX lprintf() Function Remote Format String CVE-2004-1192 13 Dec 2004 10 (v2) Critical Pass HP Data Protector Multiple Vulnerabilities (HPSBMU02895 SSRT101253) CVE-2013-2344 CVE-2013-2345 CVE-2013-2346 CVE-2013-2347 CVE-2013-2348 CVE-2013-2349 CVE-2013-2350 CVE-2013-6194 CVE-2013-6195 06 Jan 2014 10 (v2) Critical Pass Symantec Messaging Gateway 10.x < 10.7.0 Information Disclosure Vulnerability (SYMSA1482) CVE-2019-9699 24 May 2019 4.5 (v3) Medium Pass Apple TV < 9.2.1 Multiple Vulnerabilities CVE-2016-1801 CVE-2016-1802 CVE-2016-1803 CVE-2016-1807 CVE-2016-1808 CVE-2016-1811 CVE-2016-1813 CVE-2016-1814 CVE-2016-1817 CVE-2016-1818 CVE-2016-1819 CVE-2016-1823 CVE-2016-1824 CVE-2016-1827 CVE-2016-1828 CVE-2016-1 24 May 2016 7.8 (v3) High Pass Juniper Junos XNM Command Remote DoS (JSA10607) CVE-2014-0613 16 Jan 2014 5 (v2) Medium Pass Juniper Junos CLI Multiple Privilege Escalation Vulnerabilities (JSA10608) CVE-2014-0615 16 Jan 2014 7.2 (v2) High Pass Juniper Junos CLI libc recomp() rpd DoS (JSA10612) CVE-2010-4051 CVE-2010-4052 16 Jan 2014 2.1 (v2) Low Pass Cisco Data Center Network Manager XSS (cisco-sa-dncm-xss-AvMyAwd2) CVE-2020-3348 CVE-2020-3349 28 Jul 2020 4.8 (v3) Medium Pass Juniper Junos SRX Series fl owd Remote DoS (JSA10610) CVE-2014-0617 16 Jan 2014 7.8 (v2) High Pass Cisco WLC Web-Based Management Interface XSS Vulnerability (CSCuf77810) CVE-2013-5519 12 Feb 2014 4.3 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 27 Multiple Vulnerabilities CVE-2012-3330 CVE-2012-4853 CVE-2013-0458 CVE-2013-0459 CVE-2013-0460 CVE-2013-0461 25 Jan 2013 6.8 (v2) Medium Pass Cisco ASA AnyConnect Client Authentication Attempt Handling Information Disclosure (cisco-sa-20160115-asa) CVE-2016-1295 06 Jul 2016 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 3.1.10 / 4.x < 4.0.5 Multiple Command Injections CVE-2012-6591 CVE-2012-6592 05 Mar 2014 10 (v2) Critical Pass Oracle GlassFish Server 3.1.2.x < 3.1.2.15 Multiple Vulnerabilities (July 2016 CPU) CVE-2015-3237 CVE-2016-3607 20 Jul 2016 9.8 (v3) Critical Pass Cisco RV110W, RV130W, and RV215W Routers Syslog Disclosure (cisco-sa-20190619-rv- fi leaccess) CVE-2019-1898 19 Jun 2019 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS < 3.1.10 / 4.x < 4.0.4 Multiple Command Injections CVE-2012-6593 CVE-2012-6602 05 Mar 2014 10 (v2) Critical Pass Palo Alto Networks PAN-OS < 3.1.11 / 4.0.x < 4.0.8 / 4.1.x < 4.1.1 Command Injection CVE-2012-6594 05 Mar 2014 9 (v2) High Pass ISC BIND Race Condition Vulnerability (CVE-2019-6471) CVE-2019-6471 28 Jun 2019 5.9 (v3) Medium Pass Palo Alto Networks PAN-OS < 4.0.9 / 4.1.x < 4.1.3 Information Disclosure CVE-2012-6596 05 Mar 2014 6.5 (v2) Medium Pass Palo Alto Networks PAN-OS < 4.0.8 / 4.1.x < 4.1.1 Command Injection CVE-2012-6599 05 Mar 2014 9 (v2) High Pass Siemens SCALANCE X-200IRT < 5.2.0 Session Hijacking CVE-2015-1049 16 Feb 2015 6.8 (v2) Medium Pass PHP 7.3.x < 7.3.7 Multiple Vulnerabilities. 12 Jul 2019 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS < 3.1.12 / 4.0.x < 4.0.10 / 4.1.x < 4.1.4 Multiple Vulnerabilities CVE-2012-6601 CVE-2012-6603 05 Mar 2014 10 (v2) Critical Pass Palo Alto Networks PAN-OS < 4.0.14 / 4.1.x < 4.1.11 / 5.0.x < 5.0.2 Security Bypass CVE-2013-5663 05 Mar 2014 4.3 (v2) Medium Pass Palo Alto Networks PAN-OS < 4.1.13 / 5.0.x < 5.0.6 XSS CVE-2013-5664 05 Mar 2014 3.5 (v2) Low Pass Palo Alto Networks PAN-OS < 5.0.10 / 5.1.x < 5.1.5 XSS 07 Mar 2014 3.5 (v2) Low Pass Apple TV < 9.2.2 Multiple Vulnerabilities CVE-2016-1684 CVE-2016-1836 CVE-2016-1863 CVE-2016-1865 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4582 CVE-2016-4583 CVE-2016-4584 CVE-2016-4585 CVE-2016-4586 CVE-2016-4587 CVE-2016-4588 CVE-2016-4 21 Jul 2016 9.8 (v3) Critical Pass Juniper Junos J-Web Persistent XSS (JSA10619) CVE-2014-2711 14 Apr 2014 4.3 (v2) Medium Pass Palo Alto Networks PAN-OS 5.0.9 Multiple Vulnerabilities 05 Mar 2014 3.5 (v2) Low Pass McAfee Web Gateway < 7.3.2.6 / 7.4.1 Information Disclosure (SB10063) CVE-2014-2535 21 Mar 2014 4 (v2) Medium Pass Palo Alto Networks PAN-OS 4.1.x < 4.1.16 / 5.0.x < 5.0.10 / 5.1.x < 5.1.5 API Key Bypass Flaw 21 Mar 2014 3.5 (v2) Low Pass PHP 5.6.x < 5.6.3 'donote' DoS CVE-2014-3710 14 Nov 2014 5 (v2) Medium Pass Cisco Wireless LAN Controller 802.11i Management Frame DoS CVE-2015-6311 20 Jul 2016 6.1 (v2) Medium Pass Symantec Messaging Gateway 10.x < 10.6.2 Multiple Vulnerabilities (SYM16-015) (SYM16-016) CVE-2016-5309 CVE-2016-5310 CVE-2016-5312 22 Sep 2016 6.5 (v3) Medium Pass Juniper Junos SRX Series Dynamic IPsec VPN DoS (JSA10620) CVE-2014-0612 14 Apr 2014 5 (v2) Medium Pass Citrix NetScaler Version Detection 10 Mar 2014 None Pass Webmin 1.890 - 1.920 Remote Command Execution (CVE-2019-15107, CVE-2019-15231) CVE-2019-15107 CVE-2019-15231 19 Aug 2019 9.8 (v3) Critical Pass Juniper Junos Kernel IGMP Flood DoS (JSA10618) CVE-2014-0614 14 Apr 2014 7.1 (v2) High Pass Apple iTunes < 11.0.3 Multiple Vulnerabilities (uncredentialed check) CVE-2012-2824 CVE-2012-2857 CVE-2012-3748 CVE-2012-5112 CVE-2013-0879 CVE-2013-0912 CVE-2013-0948 CVE-2013-0949 CVE-2013-0950 CVE-2013-0951 CVE-2013-0952 CVE-2013-0953 CVE-2013-0954 CVE-2013-0955 CVE-2013-0956 CVE-2013-0 17 May 2013 10 (v2) Critical 17

Pass Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685) (credentialed check) CVE-2008-0456 CVE-2012-2687 CVE-2012-3499 CVE-2012-4558 CVE-2013-1862 CVE-2013-1896 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 20 Jul 2015 6.8 (v2) Medium Pass Juniper Junos MX and T4000 Series MPC Reboot DoS (JSA10621) CVE-2014-2713 14 Apr 2014 5 (v2) Medium Pass Cisco UCS Director Authentication Bypass (cisco-sa-20190821-imcs-ucs-cmdinj) CVE-2019-1936 24 Sep 2019 7.2 (v3) High Pass Unsupported Brocade Fabric OS 17 Apr 2014 10 (v2) Critical Pass Kibana ESA-2018-14 CVE-2018-3830 24 Sep 2018 6.1 (v3) Medium Pass ISC BIND Service Downgrade / Re fl ected DoS CVE-2020-8616 22 May 2020 8.6 (v3) High Pass Citrix NetScaler Gateway XSS (CTX140291) CVE-2014-1899 15 May 2014 4.3 (v2) Medium Pass McAfee Web Gateway OpenSSL Information Disclosure (SB10071) (Heartbleed) CVE-2014-0160 02 May 2014 7.5 (v3) High Pass Citrix NetScaler Multiple Vulnerabilities (CTX140651) CVE-2014-2881 CVE-2014-2882 15 May 2014 10 (v2) Critical Pass Apple TV < 6.1 Multiple Vulnerabilities CVE-2012-2088 CVE-2013-2909 CVE-2013-2926 CVE-2013-2928 CVE-2013-5196 CVE-2013-5197 CVE-2013-5198 CVE-2013-5199 CVE-2013-5225 CVE-2013-5228 CVE-2013-6625 CVE-2013-6629 CVE-2013-6635 CVE-2014-1267 CVE-2014-1269 CVE-2014-1 12 Mar 2014 7.5 (v2) High Pass Cisco IOS XR Software IPv6 Malformed Packet DoS (cisco-sa-20140611-ipv6) CVE-2014-2176 30 Jun 2014 7.1 (v2) High Pass Puppet Enterprise < 2015.3.0 Information Disclosure Vulnerability CVE-2015-8470 09 Oct 2019 6.5 (v3) Medium Pass Puppet Enterprise < 2015.3.1 Information Disclosure Vulnerability CVE-2015-8470 09 Oct 2019 6.5 (v3) Medium Pass IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12.1 Multiple Vulnerabilities CVE-2015-4931 CVE-2015-4932 CVE-2015-4933 CVE-2015-4934 CVE-2015-4935 06 Aug 2015 10 (v2) Critical Pass macOS 10.12.x < 10.12.5 Multiple Vulnerabilities CVE-2017-2494 CVE-2017-2497 CVE-2017-2501 CVE-2017-2502 CVE-2017-2503 CVE-2017-2507 CVE-2017-2509 CVE-2017-2512 CVE-2017-2513 CVE-2017-2516 CVE-2017-2518 CVE-2017-2519 CVE-2017-2520 CVE-2017-2524 CVE-2017-2527 CVE-2017-2 18 May 2017 7.8 (v3) High Pass McAfee Web Gateway < 7.3.2.2 DoS (SB10052) CVE-2013-4854 18 Jun 2014 7.8 (v2) High Pass IBM InfoSphere IGC Multiple Vulnerabilities CVE-2017-1350 CVE-2018-1432 CVE-2018-1454 08 Jun 2018 7.8 (v3) High Pass Puppet Enterprise 2018.x < 2018.1.1 Code Execution Vulnerability CVE-2018-6512 09 Oct 2019 9.8 (v3) Critical Pass Elasticsearch ESA-2017-10 CVE-2017-8442 22 Aug 2018 6.5 (v3) Medium Pass SuperMicro IPMI PSBlock File Plaintext Password Disclosure 25 Jun 2014 9.8 (v3) Critical Pass EMC RSA Archer 6.x < 6.4.10500.1006 Authorization Bypass Vulnerability CVE-2018-15780 10 Jan 2019 6.5 (v3) Medium Pass Citrix NetScaler nscon fi gd Remote DoS (CTX139017) CVE-2013-6011 26 Jun 2014 7.8 (v2) High Pass Juniper Junos SRX Series SIP ALG Remote DoS (JSA10633) CVE-2014-3815 15 Jul 2014 7.8 (v2) High Pass Juniper Junos CLI Privilege Escalation (JSA10634) CVE-2014-3816 15 Jul 2014 7.2 (v2) High Pass Juniper Junos SRX Series NAT IPv6 to IPv4 Remote DoS (JSA10635) CVE-2014-3817 15 Jul 2014 7.8 (v2) High Pass OpenSSL 1.1.0 < 1.1.0j Multiple Vulnerabilities CVE-2018-0734 CVE-2018-0735 25 Jan 2019 5.9 (v3) Medium Pass Cisco Prime Infrastructure Cross-Site Scripting Vulnerability (cisco-sa-20190123-cpi-xss) CVE-2019-1643 20 Feb 2019 6.1 (v3) Medium Pass Juniper Junos SRX Series Web Authentication XSS (JSA10640) CVE-2014-3821 15 Jul 2014 4.3 (v2) Medium Pass Juniper Junos SRX Series NAT IPv6 to IPv4 Remote DoS (JSA10641) CVE-2014-3822 15 Jul 2014 5.4 (v2) Medium Pass Apple iTunes < 12.2 Multiple Vulnerabilities (uncredentialed check) CVE-2014-3192 CVE-2014-4452 CVE-2014-4459 CVE-2014-4466 CVE-2014-4468 CVE-2014-4469 CVE-2014-4470 CVE-2014-4471 CVE-2014-4472 CVE-2014-4473 CVE-2014-4474 CVE-2014-4475 CVE-2014-4476 CVE-2014-4477 CVE-2014-4479 CVE-2015-1 26 Oct 2015 7.5 (v2) High Pass Citrix NetScaler Multiple Vulnerabilities (CTX140863) CVE-2014-4346 CVE-2014-4347 30 Jul 2014 5 (v2) Medium Pass Apple TV < 11.4 Multiple Vulnerabilities CVE-2018-4188 CVE-2018-4190 CVE-2018-4192 CVE-2018-4198 CVE-2018-4199 CVE-2018-4200 CVE-2018-4201 CVE-2018-4204 CVE-2018-4206 CVE-2018-4211 CVE-2018-4214 CVE-2018-4218 CVE-2018-4222 CVE-2018-4223 CVE-2018-4224 CVE-2018-4 05 Jun 2018 7.8 (v3) High Pass Cisco IOS Software EnergyWise DoS (cisco-sa-20140806-energywise CVE-2014-3327 12 Aug 2014 7.5 (v3) High Pass Cisco IOS XR Software Static Punt Policer DoS (CSCun83985) CVE-2014-3308 07 Aug 2014 6.4 (v2) Medium Pass Cisco NX-OS Arbitrary File Read Vulnerability (CSCul05217 / CSCul23419) CVE-2013-6975 20 Aug 2014 4.6 (v2) Medium Pass Avirt Gateway Suite Telnet Proxy Arbitrary Command Execution CVE-2002-0134 21 Aug 2002 7.5 (v2) High Pass Cisco IOS Software Network Address Translation (NAT) ALG Module DoS (cisco-sa-20140924-nat) CVE-2014-3361 30 Sep 2014 7.1 (v2) High Pass Cisco IOS Software RSVP DoS (cisco-sa-20140924-rsvp) CVE-2014-3354 02 Oct 2014 7.8 (v2) High Pass Cisco Uni fi ed Communications Manager Multiple Arbitrary File Manipulation Vulnerabilities (CSCuo17199 / CSCuo17302) CVE-2014-3292 29 Sep 2014 5.4 (v3) Medium Pass HP Ignite-UX TFTP /etc/pass File Disclosure CVE-2004-0951 26 Aug 2005 5 (v2) Medium Pass pfSense < 2.2.5 Multiple Vulnerabilities (SA-15_08) CVE-2014-2653 CVE-2015-1283 CVE-2015-1416 CVE-2015-1418 CVE-2015-5600 CVE-2015-5675 CVE-2015-6563 CVE-2015-6564 CVE-2015-6565 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7 31 Jan 2018 7.8 (v3) High Pass Juniper Junos SRX Series ALG ' fl owd' Remote DoS (JSA10650) CVE-2014-3825 14 Oct 2014 7.8 (v2) High Pass Oracle Application Express Listener Remote Information Disclosure Vulnerability (July 2012 CPU) CVE-2012-1740 07 Oct 2014 7.8 (v2) High Pass HPE Moonshot Provisioning Manager < 1.22 Multiple Vulnerabilities CVE-2017-8975 CVE-2017-8976 29 Jan 2018 9.8 (v3) Critical Pass Webmin chooser.cgi Cross-Site Scripting (< 1.330) CVE-2007-1276 22 Mar 2018 4.7 (v3) Medium Pass ManageEngine Desktop Central 9 < Build 92027 Multiple Vulnerabilities CVE-2018-8722 30 Mar 2018 6.1 (v3) Medium Pass Juniper Junos BGP UPDATE 'rpd' Remote DoS (JSA10653) CVE-2014-3818 14 Oct 2014 7.8 (v2) High Pass Juniper Junos RADIUS Security Bypass (JSA10654) CVE-2014-6379 14 Oct 2014 5.5 (v2) Medium Pass Cisco MDS 9000 VRRP DoS (CSCte27874) CVE-2013-5566 17 Oct 2014 5 (v2) Medium Pass HP Network Automation 9.x, 10.x < 10.00.022 / 10.1x.x < 10.11.03 / 10.20.x < 10.21.01 Multiple Vulnerabilities CVE-2017-5810 CVE-2017-5811 CVE-2017-5812 CVE-2017-5813 CVE-2017-5814 12 May 2017 9.8 (v3) Critical Pass Apple TV < 10.2.1 Multiple Vulnerabilities CVE-2017-2499 CVE-2017-2501 CVE-2017-2502 CVE-2017-2504 CVE-2017-2505 CVE-2017-2507 CVE-2017-2513 CVE-2017-2515 CVE-2017-2518 CVE-2017-2519 CVE-2017-2520 CVE-2017-2521 CVE-2017-2524 CVE-2017-2525 CVE-2017-2530 CVE-2017-2 17 May 2017 7.8 (v3) High Pass Palo Alto Networks PAN-OS < 5.0.14 / 5.1.x < 5.1.9 / 6.0.x < 6.0.4 OpenSSL MitM CVE-2014-0224 20 Oct 2014 6.8 (v2) Medium Pass Apple Time Capsule and AirPort Base Station Firmware < 7.5.2 (APPLE-SA-2010-12-16-1) CVE-2008-4309 CVE-2009-2189 CVE-2010-0039 CVE-2009-1574 CVE-2010-1804 17 Dec 2010 9.3 (v2) High Pass Sophos Web Appliance < 4.3.2 FTP Redirect Page Re fl ected XSS CVE-2017-9523 19 Jun 2017 6.1 (v3) Medium Pass WebChat de fi nes.php WEBCHATPATH Parameter Remote File Inclusion CVE-2007-0485 03 Mar 2003 7.3 (v3) High Pass Sophos Web Appliance < 4.3.1 Multiple Remote Command Injection Vulnerabilities CVE-2016-9553 CVE-2016-9554 16 Jun 2017 7.2 (v3) High Pass Cisco Nexus 1000V Series Switches Arbitrary Command Execution Vulnerability (CSCui21340) CVE-2013-5556 04 Nov 2014 6.8 (v2) Medium Pass Check_MK < 1.4.0p6 webapi.py XSS CVE-2017-9781 28 Jun 2017 6.1 (v3) Medium Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 2 Self-Service Console Brute-force PIN Disclosure (ESA-2017-084) CVE-2017-8006 20 Jul 2017 5.9 (v3) Medium Pass Plex Media Server < 1.19.3 Authenticated RCE CVE-2020-5741 11 Jun 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS < 5.0.15 / 5.1.x < 5.1.10 / 6.0.x < 6.0.6 XSS CVE-2014-3764 29 Dec 2014 4.3 (v2) Medium Pass Cisco Uni fi ed Communications Manager Unspeci fi ed SQL Injection (CSCup88089) CVE-2014-3366 02 Dec 2014 6.5 (v2) Medium Pass Apache Tomcat 7.0.0 < 7.0.104 Remote Code Execution CVE-2020-9484 22 May 2020 7 (v3) High Pass ESXi 6.5 < Build 5969300 Multiple Vulnerabilities (VMSA-2017-0015) (remote check) CVE-2017-4924 CVE-2017-4925 21 Sep 2017 8.8 (v3) High Pass Citrix NetScaler Unspeci fi ed Remote Unauthorized Access (CTX200254) CVE-2014-8580 12 Feb 2015 4.9 (v2) Medium Pass Schneider Electric InduSoft Web Studio < 8.0 SP2 Patch 1 Unspeci fi ed Remote Command Execution (LFSEC00000121) CVE-2017-13997 23 Oct 2017 9.8 (v3) Critical Pass OpenSSL 1.1.0 < 1.1.0g RSA/DSA Unspeci fi ed Carry Issue CVE-2017-3735 CVE-2017-3736 06 Nov 2017 5.3 (v3) Medium Pass Juniper Junos Fragmented OSPFv3 Packet DoS (JSA10668) CVE-2014-6385 23 Jan 2015 5.7 (v2) Medium Pass Juniper Junos BGP FlowSpec rpd DoS (JSA10670) CVE-2014-6386 23 Jan 2015 7.1 (v2) High Pass IBM BigFix Platform 9.x < 9.1.9 / 9.2.x < 9.2.9 / 9.5.x < 9.5.4 Multiple Vulnerabilities CVE-2016-6082 CVE-2016-6084 CVE-2016-6085 19 Jan 2017 10 (v3) Critical Pass Palo Alto Networks PAN-OS <= 5.0.15 / 6.0.x <= 6.0.8 / 6.1.x <= 6.1.2 GNU C Library (glibc) Bu ff er Over fl ow (GHOST) CVE-2015-0235 04 Feb 2015 7.6 (v2) High Pass Subversion < 1.0.3 apr_time_t data Conversion Remote Over fl ow CVE-2004-0397 08 Jun 2004 7.5 (v2) High Pass Ansible Tower 3.x.x < 3.7.2 / 3.8.0 Data Exposure CVE-2020-14337 07 Aug 2020 5.8 (v3) Medium Pass Acme thttpd < 2.26 Multiple Vulnerabilities CVE-2006-1078 CVE-2006-1079 CVE-2006-4248 14 Feb 2017 7.8 (v3) High Pass IBM Tivoli Storage Manager FastBack Server Opcode 1329 Information Disclosure CVE-2015-1941 07 Jun 2016 7.8 (v2) High Pass Cisco TelePresence Conductor SDP Media Description Vulnerability CVE-2015-0652 19 Mar 2015 7.8 (v2) High Pass HP Intelligent Management Center SOM Module fi lePath Information Disclosure CVE-2017-5797 13 Apr 2017 7.5 (v3) High Pass Cisco IOS Software TCP CIP DoS CVE-2015-0647 CVE-2015-0648 CVE-2015-0649 03 Apr 2015 7.5 (v3) High Pass Cisco IOS Software mDNS Gateway DoS CVE-2015-0650 03 Apr 2015 7.8 (v2) High Pass Cisco Nexus 9000 Series Platform Manager Service DoS CVE-2015-0686 09 Apr 2015 6.3 (v2) Medium Pass Juniper Junos SRX Series 'log-out-on-disconnect' Persistent Admin Access (JSA10672) CVE-2015-3002 15 Apr 2015 6.9 (v2) Medium Pass Juniper Junos X-Frame-Options Clickjacking (JSA10675) CVE-2015-3004 15 Apr 2015 4.3 (v2) Medium Pass Juniper Junos SRX Series Dynamic VPN XSS (JSA10677) CVE-2015-3005 15 Apr 2015 4.3 (v2) Medium Pass Juniper Junos QFX Low Entropy Vulnerability (JSA10678) CVE-2015-3006 15 Apr 2015 6.8 (v2) Medium Pass Juniper Junos Multiple Privilege Escalation Vulnerabilities (JSA10674) CVE-2015-3003 15 Apr 2015 6.9 (v2) Medium Pass Cisco TelePresence Server HTTP Parsing Engine DoS (cisco-sa-20160406-cts1) CVE-2015-6313 15 Apr 2016 7.5 (v3) High Pass Cisco NX-OS DHCP POAP Command Injection Vulnerability CVE-2015-0658 27 Apr 2015 7.9 (v2) High Pass HP Data Protector Multiple Vulnerabilities (HPSBMU03321 SSRT101677) CVE-2015-2116 23 Apr 2015 9.8 (v3) Critical Pass EMC RSA Authentication Manager < 8.1 SP1 Patch 14 Multiple Vulnerabilities CVE-2016-0900 CVE-2016-0901 CVE-2016-0902 13 May 2016 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS < 5.0.16 / 6.0.x < 6.0.9 / 6.1.x < 6.1.3 XSS 26 May 2015 4.3 (v2) Medium Pass Eaton Network Shutdown Module Default Administrator Credentials 20 Jul 2012 7.5 (v2) High Pass Eaton Network Shutdown Module view_list.php paneStatusListSortBy Parameter eval() Call Remote PHP Code Execution 20 Jul 2012 10 (v2) Critical Pass Cisco APIC < 1.3(2f) Binary File Installation Handling Local Privilege Escalation CVE-2016-1420 21 Jun 2016 7.8 (v3) High Pass McAfee Agent Unsupported Version Detection 09 Jun 2015 10 (v3) Critical Pass Cisco Data Center Network Manager XSS (cisco-sa-dcnm-xss-3jkDLsLV) CVE-2020-3460 14 Aug 2020 6.1 (v3) Medium Pass Cisco IOS XE Software for 1000 Series Aggregation Services Routers H.323 DoS CVE-2015-0688 28 May 2015 7.1 (v2) High Pass Cisco NX-OS HSRP DoS (CSCup11309) CVE-2014-3295 30 May 2015 4.8 (v2) Medium Pass Juniper Junos SRX Series Network Security Daemon DoS (JSA10692) CVE-2015-5363 15 Jul 2015 5 (v2) Medium Pass Juniper Junos LAST_ACK State DoS (JSA10686) CVE-2015-5358 04 Aug 2015 7.1 (v2) High Pass Juniper Junos BGP-VPLS Advertisements RPD DoS (JSA10687) CVE-2015-5359 04 Aug 2015 7.1 (v2) High Pass Juniper Junos IPv6 sendd DoS (JSA10688) CVE-2015-5360 04 Aug 2015 5 (v2) Medium Pass Cisco Data Center Network Manager Path Traversal (cisco-sa-dcnm-path-trav-2xZOnJdR) CVE-2020-3383 12 Aug 2020 8.8 (v3) High Pass OpenSSL 1.1.0a read_state_machine() Function Message Handling RCE CVE-2016-6309 28 Sep 2016 9.8 (v3) Critical Pass Namazu < 2.0.14 Multiple Vulnerabilities CVE-2004-1318 23 Dec 2004 7.5 (v2) High Pass Junos Operating System On Extended Support 07 Aug 2015 None Pass W3 Total Cache Plugin For WordPress Cache Key XSS CVE-2014-8724 15 Jan 2015 4.3 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 19 Multiple Vulnerabilities CVE-2011-1355 CVE-2011-1356 CVE-2011-1359 CVE-2011-1362 CVE-2011-1411 19 Sep 2011 5.8 (v2) Medium Pass Symantec Endpoint Protection Manager < 12.1 RU6 MP1 Multiple Vulnerabilities (SYM15-007) CVE-2015-1486 CVE-2015-1487 CVE-2015-1489 13 Aug 2015 8.5 (v2) High Pass OpenSSL 1.0.0 < 1.0.0p Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 16 Jan 2015 5 (v2) Medium Pass Xerox WorkCentre 6400 OpenSSL RSA Temporary Key Handling EXPORT_RSA Ciphers Downgrade MitM (XRX15AP) (FREAK) CVE-2015-0204 11 Dec 2015 4.3 (v2) Medium Pass Cisco Prime Collaboration Assurance Default 'cmuser' Credentials (cisco-sa-20151209-pca) CVE-2015-6389 18 Dec 2015 8.6 (v3) High Pass Fortinet FortiOS SSH Undocumented Interactive Login Vulnerability CVE-2016-1909 13 Jan 2016 9.8 (v3) Critical 18

Pass Apache Solr < 4.1.0 Multiple XML External Entity Injections CVE-2012-6612 CVE-2013-6407 07 Jan 2014 7.5 (v2) High Pass OpenSSL < 0.9.8h Multiple Vulnerabilities CVE-2008-0891 CVE-2008-1672 CVE-2011-4354 02 Dec 2011 4.3 (v2) Medium Pass PHP 7.0.x < 7.0.3 Multiple Vulnerabilities CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 CVE-2016-2554 CVE-2016-4342 CVE-2016-4343 11 Feb 2016 9.8 (v3) Critical Pass SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened eNcryption) CVE-2016-0800 01 Mar 2016 5.9 (v3) Medium Pass VMware ESX / ESXi libxml2 RCE (VMSA-2013-0004) (remote check) CVE-2012-5134 04 Mar 2016 6.8 (v2) Medium Pass ESXi 5.1 < Build 2323231 glibc Library Multiple Vulnerabilities (remote check) CVE-2013-0242 CVE-2013-1914 15 Dec 2014 5 (v2) Medium Pass Cisco ASA SSL VPN Remote Information Disclosure (CSCuq65542) CVE-2014-3398 27 Feb 2015 5 (v2) Medium Pass MS11-035: Vulnerability in WINS Could Allow Remote Code Execution (2524426) (uncredentialed check) CVE-2011-1248 19 May 2011 9.3 (v2) High Pass OpenSSL 1.0.1 < 1.0.1m Multiple Vulnerabilities CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass Newsletter Plugin for WordPress 'preview.php' 'data' Parameter Directory Traversal CVE-2012-3588 01 Apr 2013 5 (v2) Medium Pass Apache Solr < 4.10.5 'plugin.js' XSS CVE-2014-3628 24 Mar 2015 4.3 (v2) Medium Pass Atmail Webmail 6.x / 7.x < 7.2.0 Multiple Vulnerabilities CVE-2013-6017 CVE-2013-6028 18 Apr 2014 6.8 (v2) Medium Pass iPlanet Directory Server Traversal Arbitrary File Access CVE-2000-1075 08 Jan 2001 5 (v2) Medium Pass Cisco TelePresence Server Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass ESXi 5.5 < Build 1623387 Multiple Vulnerabilities (remote check) CVE-2013-4332 CVE-2013-5211 22 May 2015 5 (v2) Medium Pass OpenSSL 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam) CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 12 Jun 2015 6.8 (v2) Medium Pass Apple TV < 7.0.3 Multiple Vulnerabilities CVE-2014-3192 CVE-2014-4455 CVE-2014-4459 CVE-2014-4465 CVE-2014-4466 CVE-2014-4468 CVE-2014-4469 CVE-2014-4470 CVE-2014-4471 CVE-2014-4472 CVE-2014-4473 CVE-2014-4474 CVE-2014-4475 CVE-2014-4476 CVE-2014-4477 CVE-2014-4 03 Feb 2015 10 (v2) Critical Pass Cisco TelePresence DSP Card Crafted RTP Packet H.264 Bit Stream Handling DoS CVE-2013-1176 23 Sep 2013 7.1 (v2) High Pass Network Service Malformed Data Remote DoS CVE-1999-1196 08 Mar 2005 9 (v2) High Pass Sybase M-Business Anywhere (AvantGo) gsoap Module password Tag Handling Over fl ow 23 May 2011 10 (v2) Critical Pass McAfee Managed Agent FrameworkService.exe HTTP Request DoS (SB10055) CVE-2013-3627 11 Oct 2013 5.3 (v3) Medium Pass Cisco Prime LAN Management Solution Cross-Frame Scripting CVE-2013-5482 01 Oct 2013 4.3 (v2) Medium Pass MySQL debian.cnf Plaintext Credential Disclosure CVE-2013-2162 08 Jan 2014 1.9 (v2) Low Pass Synology DiskStation Manager 4.0-x < 4.0-2259 / 4.1-x / 4.2-x < 4.2-3243 SLICEUPLOAD Function Remote Code Execution CVE-2013-6955 05 Feb 2014 10 (v2) Critical Pass VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 DoS (VMSA-2018-0018) (remote check) CVE-2018-6972 24 Mar 2020 6.5 (v3) Medium Pass Cisco Uni fi ed Computing System Cisco Management Controller Denial of Service Vulnerability (CSCtg20734) CVE-2012-4081 13 Feb 2014 4.6 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.43 Multiple Vulnerabilities CVE-2011-1376 CVE-2011-1377 CVE-2011-4889 CVE-2012-0193 CVE-2012-0716 CVE-2012-0717 CVE-2012-0720 04 Apr 2012 5 (v2) Medium Pass Nagios XI < 2011R1.9 Multiple Vulnerabilities 06 Aug 2012 4.6 (v2) Medium Pass Lexmark Printer con fi g.html Administrator Authentication Bypass CVE-2013-6032 03 Mar 2014 10 (v2) Critical Pass Apache 2.2.x < 2.2.27 Multiple Vulnerabilities CVE-2013-6438 CVE-2014-0098 08 Apr 2014 5.3 (v3) Medium Pass A10 Networks Remote Bu ff er Over fl ow CVE-2014-3976 14 Apr 2014 5 (v2) Medium Pass HP O ffi ceJet Pro 8500 XSS CVE-2013-4845 02 Jun 2014 4.7 (v3) Medium Pass Cisco TelePresence MXP Series Software Multiple Vulnerabilities (cisco-sa-20140430-mxp) CVE-2014-2156 CVE-2014-2157 CVE-2014-2158 CVE-2014-2159 CVE-2014-2160 CVE-2014-2161 08 May 2014 7.8 (v2) High Pass Apple iTunes < 11.2.1 User Directory Insecure Permissions Vulnerability (uncredentialed check) CVE-2014-1347 19 May 2014 4.4 (v2) Medium Pass Western Digital Arkeia lang Cookie Crafted Local File Inclusion CVE-2014-2846 28 May 2014 7.5 (v2) High Pass Cisco Prime Data Center Network Manager 6.x XSS (uncredentialed check) CVE-2014-3329 15 Sep 2014 4.3 (v2) Medium Pass ESXi 5.5 < Build 1881737 OpenSSL Library Multiple Vulnerabilities (remote check) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 11 Jun 2014 5.8 (v2) Medium Pass OSSIM < 4.3.2 Multiple SQL Injection Vulnerabilities CVE-2013-5967 26 Jun 2014 7.5 (v2) High Pass Puppet < 2.7.26 / 3.6.2 and Enterprise 2.8.x < 2.8.7 Multiple Vulnerabilities CVE-2014-3248 CVE-2014-3249 CVE-2014-3250 02 Jul 2014 6.2 (v2) Medium Pass HP OneView < 1.10 OpenSSL Multiple Vulnerabilities (HPSBGN03068) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 24 Jul 2014 5.8 (v2) Medium Pass WP Source Control Plugin for WordPress Directory Traversal CVE-2014-5368 25 Aug 2014 5 (v2) Medium Pass IBM WebSphere Portal Dojo Module URI Traversal Arbitrary File Access CVE-2012-2181 10 Aug 2012 5 (v2) Medium Pass Oracle Fusion Middleware HTTP Server (July 2012 CPU) CVE-2012-1741 08 Oct 2014 5.8 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 35 Multiple Vulnerabilities CVE-2013-5704 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3021 CVE-2014-3083 CVE-2014-4770 CVE-2014-4816 21 Oct 2014 6.8 (v2) Medium Pass Apple TV < 7.0.1 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-4428 05 Nov 2014 5.4 (v2) Medium Pass Creative Contact Form Plugin for WordPress File Upload RCE CVE-2014-7969 24 Nov 2014 8.8 (v3) High Pass PHP 5.6.x < 5.6.1 'add_post_var' Code Execution CVE-2014-3622 07 Oct 2014 9.3 (v2) High Pass SSL Certi fi cate Signed with the Publicly Known Cyberoam Key CVE-2012-3372 07 Aug 2012 5.8 (v2) Medium Pass MapServer for Windows (MS4W) Bundled Apache / PHP Con fi guration Local File Inclusion CVE-2012-2950 01 Nov 2012 10 (v2) Critical Pass IBM Rational ClearQuest Multiple Script Information Disclosure CVE-2012-0744 29 Oct 2012 5 (v2) Medium Pass MiniUPnP < 1.4 Multiple Vulnerabilities CVE-2013-0229 CVE-2013-0230 31 Jan 2013 9.8 (v3) Critical Pass OpenSSL 1.0.0 < 1.0.0r Multiple Vulnerabilities CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass Oracle Application Express (Apex) CVE-2010-0076 CVE-2010-0076 20 Feb 2013 6 (v2) Medium Pass F5 Device Default Support Password CVE-1999-0508 06 Dec 2001 10 (v2) Critical Pass Novell Identity Manager Role Based Provisioning Module Unspeci fi ed Vulnerability CVE-2013-1083 10 Apr 2013 10 (v2) Critical Pass HP SiteScope XSS CVE-2011-1726 02 May 2011 4.3 (v2) Medium Pass Sophos Web Protection Appliance end-user-/errdoc.php 'msg' Parameter XSS CVE-2013-2643 18 Apr 2013 4.7 (v3) Medium Pass Cisco Prime Data Center Network Manager RMI Remote Code Execution (uncredentialed check) CVE-2007-1036 CVE-2012-5417 11 Jul 2013 9.8 (v3) Critical Pass GroundWork Monitor Enterprise Foundation Webapp Admin Interface Authentication Bypass CVE-2013-3499 28 Jun 2013 7.5 (v2) High Pass BigTree CMS index.php SQL Injection CVE-2013-4879 15 Aug 2013 7.5 (v2) High Pass ManageEngine SupportCenter Plus FileDownload.jsp path Parameter Traversal Arbitrary File Access 28 Jun 2011 5 (v2) Medium Pass Cisco Security Manager MySQL Accessible Without Authentication (cisco-sa-20090121-csm) CVE-2008-3820 12 Aug 2013 6.8 (v2) Medium Pass LeagueManager Plugin for WordPress 'wp-admin/admin.php' 'league_id' Parameter SQL Injection CVE-2013-1852 12 Sep 2013 7.5 (v2) High Pass Apache 2.0.x < 2.0.64 Multiple Vulnerabilities CVE-2008-2364 CVE-2008-2939 CVE-2009-1891 CVE-2009-2412 CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2010-0434 CVE-2010-1452 CVE-2010-1623 20 Oct 2010 7.3 (v3) High Pass Symantec Web Gateway login.php Blind SQL Injection (SYM11-001) CVE-2010-0115 20 Jul 2011 7.5 (v2) High Pass Adobe Flash Media Server < 3.0.7 / 3.5.5 / 4.0.1 Multiple Vulnerabilities (APSB10-27) CVE-2010-3633 CVE-2010-3634 CVE-2010-3635 11 Nov 2010 10 (v2) Critical Pass OpenSSH Legacy Certi fi cate Signing Information Disclosure CVE-2011-0539 09 Feb 2011 4.3 (v2) Medium Pass Twitter Feed for WordPress Plugin 'url' Parameter XSS CVE-2010-4825 09 Dec 2010 4.3 (v2) Medium Pass Novell GroupWise WebAccess Arbitrary File Download CVE-2010-4715 23 Nov 2010 7.8 (v2) High Pass HP OpenView Performance Insight Server Backdoor Account CVE-2011-0276 02 Feb 2011 7.5 (v2) High Pass Novell eDirectory DHost Predictable Session ID CVE-2009-4655 19 Mar 2010 7.5 (v2) High Pass VMware Security Updates for vCenter Server (VMSA-2014-0012) CVE-2014-0015 CVE-2014-0138 CVE-2014-0191 CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4 12 Dec 2014 10 (v2) Critical Pass Symantec LiveUpdate Administrator < 2.3 CSRF (SYM11-005) CVE-2011-1524 CVE-2011-0545 29 Mar 2011 5 (v2) Medium Pass Apple TV < 13.3.1 Multiple Vulnerabilities CVE-2020-3829 CVE-2020-3836 CVE-2020-3837 CVE-2020-3838 CVE-2020-3840 CVE-2020-3842 CVE-2020-3853 CVE-2020-3856 CVE-2020-3857 CVE-2020-3868 CVE-2020-3870 CVE-2020-3872 CVE-2020-3875 CVE-2020-3878 18 Feb 2020 8.8 (v3) High Pass Oracle GlassFish Server Administrative Console Authentication Bypass CVE-2011-1511 12 May 2011 10 (v2) Critical Pass MediaWiki Backslash Escaped CSS Comments XSS CVE-2011-1579 15 Apr 2011 5.8 (v2) Medium Pass MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) (remote check) CVE-2011-1966 17 Aug 2011 10 (v2) Critical Pass OpenSSL 1.x < 1.0.0e Multiple Vulnerabilities CVE-2011-1945 CVE-2011-3207 CVE-2011-3210 12 Sep 2011 5 (v2) Medium Pass FileZilla Server < 0.9.31 Denial of Service CVE-2009-0884 19 Mar 2010 5 (v2) Medium Pass Apache HTTP Server mod_proxy Reverse Proxy Information Disclosure CVE-2011-3368 CVE-2011-4317 29 Nov 2011 5 (v2) Medium Pass Mac OS X 10.11.x < 10.11.6 Multiple Vulnerabilities CVE-2013-7456 CVE-2014-9862 CVE-2016-0718 CVE-2016-1684 CVE-2016-1836 CVE-2016-1863 CVE-2016-1864 CVE-2016-1865 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-4447 CVE-2016-4 21 Jul 2016 9.8 (v3) Critical Pass Kernel vulnerabilities detected in banner reporting (PCI-DSS check) 23 Mar 2018 7.3 (v3) High Pass Unsupported linux kernel version detected in banner reporting (PCI-DSS check) 14 Feb 2019 9.8 (v3) Critical Pass CA eTrust Directory SNMP Packet Parsing Denial of Service CVE-2011-3849 06 Dec 2011 5 (v2) Medium Pass Oracle GlassFish Server 2.1.1 < 2.1.1.15 / 3.0.1 < 3.0.1.5 / 3.1.1 < 3.1.1.2 Hash Collision DoS CVE-2011-5035 22 Feb 2012 5 (v2) Medium Pass Splunk Enterprise 4.3.x / 5.0.x < 5.0.9 / 6.0.x < 6.0.5 / 6.1.x < 6.1.2 Multiple OpenSSL Vulnerabilities CVE-2014-0224 CVE-2014-3470 16 Jul 2014 5.8 (v2) Medium Pass op5 Con fi g Arbitrary Command Execution CVE-2012-0262 17 Jan 2012 10 (v2) Critical Pass op5 Monitor Credential Leak CVE-2012-0623 17 Jan 2012 4 (v2) Medium Pass Citrix EdgeSight Load Tester Bu ff er Over fl ow 22 Aug 2011 10 (v2) Critical Pass Scrutinizer < 9.0.1 d4d/alarms.php Multiple Parameters SQLi CVE-2012-1259 04 May 2012 7.5 (v2) High Pass VMware vRealize Log Insight 4.x < 8.1.0 XSS Vulnerability (VMSA-2020-0007) CVE-2020-3953 CVE-2020-3954 23 Apr 2020 6.1 (v3) Medium Pass Log Rover pword Parameter SQL Injection CVE-2009-3532 20 Jul 2009 7.5 (v2) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 3 Multiple Vulnerabilities CVE-2011-1377 CVE-2012-0193 CVE-2012-0716 CVE-2012-0720 14 Jun 2012 10 (v2) Critical Pass RealNetworks Helix Server < 13.0.0 Multiple Remote DoS CVE-2009-2533 CVE-2009-2534 21 Jul 2009 5 (v2) Medium Pass ISC BIND Dynamic Update Message Handling Remote DoS CVE-2009-0696 29 Jul 2009 5 (v2) Medium Pass Microsoft Windows SMB Shares Unprivileged Access CVE-1999-0519 CVE-1999-0520 06 Nov 2009 7.5 (v2) High Pass Symantec LiveUpdate Administrator < 2.3.2 Privilege Escalation (SYM12-009) CVE-2012-0304 28 Jun 2012 6.9 (v2) Medium Pass MS04-011: Microsoft Windows SSL Library Malformed Message Remote DoS (835732) (uncredentialed check) CVE-2004-0120 13 Apr 2004 10 (v2) Critical Pass Asterisk IAX2 Call Number Exhaustion DoS CVE-2009-2346 08 Sep 2009 5 (v2) Medium Pass BuildBot WebStatus waterfall 'branch' Parameter XSS CVE-2009-2959 03 Nov 2009 4.3 (v2) Medium Pass Sun Java System Directory Proxy Server 6.x < 6.3.1.1 Multiple Vulnerabilities. CVE-2009-4440 CVE-2009-4441 CVE-2009-4442 CVE-2009-4443 30 Dec 2009 6.8 (v2) Medium Pass Cisco Prime Security Manager Log Retention DoS (cisco-sa-20120912-asacx) CVE-2012-4629 18 Sep 2012 7.8 (v2) High Pass Portable OpenSSH < 3.8p1 Multiple Vulnerabilities CVE-2004-2069 04 Oct 2011 5 (v2) Medium Pass DokuWiki ajax.php cmd[del] Parameter Security Bypass CVE-2010-0288 19 Jan 2010 7.5 (v2) High Pass rsync Traversal Arbitrary File Creation CVE-2004-0426 06 May 2004 5 (v2) Medium Pass Xerox WorkCentre Authorization Bypass Vulnerabilities (XRX10-002) CVE-2010-0548 01 Mar 2010 7.8 (v2) High Pass RealNetworks Helix Server 11.x / 12.x / 13.x Multiple Vulnerabilities CVE-2010-1317 CVE-2010-1318 CVE-2010-1319 15 Apr 2010 9.3 (v2) High Pass Computer Associates XOsoft SOAP Request Username Enumeration (CA20100406) CVE-2010-1221 13 Apr 2010 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 9 CVE-2010-0768 CVE-2010-0769 CVE-2010-0770 06 Apr 2010 4.3 (v2) Medium Pass Tembria Server Monitor < 5.6.1 Denial of Service CVE-2010-1316 30 Apr 2010 5 (v2) Medium Pass Adobe ColdFusion 'cfadminUserId' XSS (APSB10-11) CVE-2010-1293 24 May 2010 4.3 (v2) Medium Pass ManageEngine ADAudit Plus 'reportList' Parameter XSS CVE-2010-2049 02 Jun 2010 4.3 (v2) Medium 19

Pass Magnoware DataTrack System Information Disclosure CVE-2010-2079 11 Jun 2010 5 (v2) Medium Pass Oracle Secure Backup Administration Server login.php Authentication Bypass CVE-2010-0904 16 Jul 2010 9.7 (v2) High Pass PCS Daemon (pcsd) Cookie Signing Multiple Vulnerabilities CVE-2015-1848 CVE-2015-3983 19 Jun 2015 6.8 (v2) Medium Pass Microsoft SharePoint Services Help.aspx 'cid0' Parameter XSS CVE-2010-0817 01 Jul 2010 4.3 (v2) Medium Pass OpenX Open Flash Chart ofc_upload_image.php File Upload Arbitrary Code Execution CVE-2009-4140 17 Sep 2010 7.5 (v2) High Pass MS10-054: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) (remote check) CVE-2010-2550 CVE-2010-2551 CVE-2010-2552 23 Aug 2010 10 (v2) Critical Pass Apple iTunes < 10.0 Multiple Vulnerabilities (uncredentialed check) CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1789 CVE-2010-1790 CVE-2010-1791 CVE-2010-1792 CVE-2010-1793 02 Sep 2010 9.3 (v2) High Pass Wing FTP Server < 3.5.1 XSS CVE-2010-2428 09 Jul 2010 3.5 (v2) Low Pass WinComLPD LPD Monitoring Server Authentication Bypass CVE-2008-5158 06 Feb 2008 7.5 (v2) High Pass Mambo MOStlyCE Mambot Arbitrary File Rename CVE-2008-7215 28 Jan 2008 5.8 (v2) Medium Pass Sun Java Web Console < 3.0.5 Remote File Enumeration CVE-2008-1286 13 Mar 2008 5 (v2) Medium Pass Apache < 2.0.63 Multiple XSS Vulnerabilities CVE-2007-5000 CVE-2007-6203 CVE-2007-6388 CVE-2008-0005 07 Mar 2008 5.3 (v3) Medium Pass ListManager < 9.3b / 9.2c / 8.95d Multiple Vulnerabilities CVE-2007-6319 22 Feb 2008 6.8 (v2) Medium Pass Novell eDirectory < 8.8.2 FTF2 / 8.7.3 SP10b Multiple Remote Over fl ows CVE-2008-1809 CVE-2008-3159 07 Jul 2008 10 (v2) Critical Pass HP OpenView Network Node Manager OpenView5.exe Action Parameter Traversal Arbitrary File Access CVE-2008-0068 15 Apr 2008 5 (v2) Medium Pass SAP Internet Graphics Server (IGS) Directory Traversal Vulnerability CVE-2005-1691 25 Jul 2005 5 (v2) Medium Pass CGI Generic Path Traversal (quick test) 05 Nov 2010 5 (v2) Medium Pass ViewVC Direct Request CVSROOT Information Disclosure CVE-2008-1291 19 May 2008 5 (v2) Medium Pass Coppermine Photo Gallery include/functions.inc.php _data Cookie lang Parameter Traversal Local File Inclusion CVE-2008-3486 01 Aug 2008 6.8 (v2) Medium Pass MailWatch for MailScanner mailscanner/docs.php doc Parameter Traversal Local File Inclusion CVE-2008-5991 26 Sep 2008 6.8 (v2) Medium Pass Security Center < 3.4.2.1 Directory Traversal Arbitrary File Access CVE-2008-4367 17 Oct 2008 4 (v2) Medium Pass IBM WebSphere Application Server 6.1 < Fix Pack 19 Multiple Flaws CVE-2008-4111 CVE-2009-0432 CVE-2009-0433 16 Sep 2008 7.5 (v2) High Pass Eaton Network Shutdown Module < 3.20 Authentication Bypass / Command Execution CVE-2008-6816 28 Oct 2008 10 (v2) Critical Pass MDaemon WorldClient < 10.0.2 Email Handling XSS CVE-2008-6967 21 Nov 2008 4.3 (v2) Medium Pass Oracle Secure Backup Administration Server login.php Arbitrary Command Injection CVE-2008-4006 CVE-2008-5448 14 Jan 2009 10 (v2) Critical Pass Sitecore CMS < 5.3.2 rev. 090212 Web Service Security Database Information Disclosure CVE-2009-1055 26 Mar 2009 5 (v2) Medium Pass Xerox WorkCentre Web Server Unspeci fi ed Command Injection (XRX09-002) CVE-2009-1656 15 May 2009 10 (v2) Critical Pass Novell eDirectory < 8.8 SP5 Multiple Vulnerabilities CVE-2009-0192 CVE-2009-2456 CVE-2009-2457 15 Jul 2009 5 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1p Multiple Vulnerabilities CVE-2015-1793 CVE-2015-3196 09 Jul 2015 6.5 (v3) Medium Pass Sawmill File Access Information Disclosure CVE-2000-0588 27 Jun 2000 5 (v2) Medium Pass AN-HTTPd Multiple Test CGIs Arbitrary Command Execution CVE-1999-0947 02 Nov 1999 7.5 (v2) High Pass Finger Recursive Request Arbitrary Site Redirection CVE-1999-0105 CVE-1999-0106 22 Jun 1999 5 (v2) Medium Pass MDaemon SMTP HELO Command Remote Over fl ow DoS CVE-1999-0284 22 Jun 1999 7.5 (v2) High Pass Sendmail DEBUG/WIZ Remote Command Execution CVE-1999-0095 CVE-1999-0145 22 Aug 1999 9.8 (v3) Critical Pass SGI InfoSearch infosrch.cgi fname Parameter Arbitrary Command Execution CVE-2000-0207 03 Mar 2000 7.5 (v2) High Pass Sendmail decode Alias Arbitrary File Overwrite CVE-1999-0096 30 Aug 1999 5.3 (v3) Medium Pass Sendmail mail from/rcpt to Pipe Arbitrary Command Execution CVE-1999-0163 22 Aug 1999 10 (v2) Critical Pass MySQL Unpassworded Account Check CVE-2002-1809 CVE-2004-1532 27 Jul 2000 7.3 (v3) High Pass CodeMeter Runtime Predictable Encryption Key CVE-2020-14517 06 May 2021 9.8 (v3) Critical Pass Shiva Integrator Default Password CVE-1999-0508 31 Aug 2000 7.5 (v2) High Pass Cart32 Backdoor Password Arbitrary Command Execution CVE-2000-0429 09 May 2000 7.5 (v2) High Pass ProFTPD Multiple Remote Over fl ows (palmetto) CVE-1999-0368 15 Jul 2000 10 (v2) Critical Pass Samba enum_csc_policy Data Structure Termination Remote Over fl ow CVE-2002-2196 29 Aug 2002 7.5 (v2) High Pass Microsoft IIS WebDAV SEARCH Method Arbitrary Directory Forced Listing CVE-2000-0951 05 Oct 2000 5 (v2) Medium Pass Trinity v3 Trojan Detection CVE-2000-0138 05 Sep 2000 10 (v2) Critical Pass SSH CRC-32 Compensation Attack Remote Over fl ow CVE-2001-0144 09 Feb 2001 10 (v2) Critical Pass UoW imapd (UW-IMAP) Multiple Command Remote Over fl ows CVE-2000-0284 01 Mar 2001 7.5 (v2) High Pass Kerberos Server Spoofed Packet Ampli fi cation DoS (PingPong) CVE-2002-2443 25 Mar 2001 7.8 (v2) High Pass c fi ngerd < 1.4.4 Multiple Vulnerabilities CVE-1999-0243 CVE-1999-0708 CVE-2001-0609 16 Apr 2001 10 (v2) Critical Pass BSD Based telnetd telrcv Function Remote Command Execution CVE-2001-0554 24 Jul 2001 10 (v2) Critical Pass Cisco Multiple Devices Unpassworded Account CVE-1999-0508 07 Sep 2001 10 (v2) Critical Pass HPE Edgeline Infrastructure Manager Authentication Bypass (HPESBGN04124) CVE-2021-29203 04 Jun 2021 9.8 (v3) Critical Pass Tarantella Enterprise ttawebtop.cgi pg Parameter Traversal Arbitrary File Access CVE-2001-0805 20 Jun 2001 7.8 (v2) High Pass Textor Webmasters Ltd listrec.pl TEMPLATE Parameter Arbitrary Command Execution CVE-2001-0997 26 Sep 2001 7.5 (v2) High Pass Network Solutions Rwhoisd -soa Command Remote Format String CVE-2001-0838 25 Oct 2001 7.5 (v2) High Pass RealServer /admin/includes/ Remote Memory Content Disclosure CVE-2000-1181 20 Nov 2000 5 (v2) Medium Pass Savant Web Server Malformed Content-Length DoS CVE-2002-1828 27 Nov 2002 5 (v2) Medium Pass Apache-SSL < 1.3.23+1.46 i2d_SSL_SESSION Function SSL Client Certi fi cate Over fl ow CVE-2002-0082 19 Mar 2002 7.3 (v3) High Pass mod_python < 2.7.8 Module Importing Privilege Function Execution CVE-2002-0185 02 May 2002 7.5 (v2) High Pass OpenSSH < 3.1 Channel Code O ff by One Remote Privilege Escalation CVE-2002-0083 07 Mar 2002 10 (v2) Critical Pass Multiple Web Server on Windows MS/DOS Device Request Remote DOS CVE-2001-0386 CVE-2001-0493 CVE-2001-0391 CVE-2001-0558 CVE-2002-0200 CVE-2000-0168 CVE-2003-0016 CVE-2001-0602 29 Mar 2002 5 (v2) Medium Pass ServletExec 4.1 ISAPI com.newatlanta.servletexec.JSP10Servlet Traversal Arbitrary File Access CVE-2002-0893 22 May 2002 5 (v2) Medium Pass Apache < 1.3.27 Multiple Vulnerabilities (DoS, XSS) CVE-2002-0839 CVE-2002-0840 CVE-2002-0843 04 Oct 2002 7.3 (v3) High Pass Bugbear Worm Detection CVE-2001-0154 03 Oct 2002 10 (v2) Critical Pass MRTG mrtg.cgi cfg Parameter Traversal Arbitrary Files Access CVE-2002-0232 05 Jun 2002 5 (v2) Medium Pass Microsoft Site Server Multiple Script Information Disclosure CVE-2002-1769 08 Jun 2002 5 (v2) Medium Pass Ipswitch WhatsUp Gold Default Admin Account CVE-1999-0508 05 Jun 2002 7.5 (v2) High Pass Enhydra Multiserver Default Password CVE-1999-0508 22 Jan 2003 7.5 (v2) High Pass Sendmail < 8.10.0 mail.local Newline Handling Remote DoS CVE-2000-0319 11 Mar 2003 5.3 (v3) Medium Pass SSH ssh-keygen with Secure-RPC SUN-DES-1 Phrase Recovery CVE-2001-0259 10 Mar 2003 2.6 (v2) Low Pass Solaris sendmail .forward Local Privilege Escalation CVE-2003-1076 12 Mar 2003 7.2 (v2) High Pass rsync I/O Functions Multiple Signedness Errors RCE CVE-2002-0048 14 Mar 2003 10 (v2) Critical Pass Ipswitch IMail Web Interface URI Referer Session Token Disclosure CVE-2001-1286 25 Feb 2003 5 (v2) Medium Pass Apple iTunes < 10.6.3 Multiple Vulnerabilities (uncredentialed check) CVE-2012-0672 CVE-2012-0677 14 Jun 2012 9.3 (v2) High Pass Sendmail < 8.12.9 NOCHAR Control Value prescan Over fl ow CVE-2003-0161 29 Mar 2003 9.8 (v3) Critical Pass Kerberos 4 Realm Principle Impersonation CVE-2003-0138 03 Apr 2003 7.5 (v2) High Pass Monkey HTTP Daemon (monkeyd) PostMethod() Function Remote Over fl ow CVE-2003-0218 22 Apr 2003 7.6 (v2) High Pass Poster version.two index.php Account Manipulation Privilege Escalation CVE-2003-0307 14 May 2003 6.4 (v2) Medium Pass Polycom ViaVideo Web Server Incomplete HTTP Connection Saturation Remote DoS CVE-2002-1906 01 Sep 2003 5 (v2) Medium Pass Magic Winmail Server PASS Command Remote Format String CVE-2003-0391 17 Jun 2003 7.5 (v2) High Pass OpenTSDB yrange RCE (direct check) CVE-2020-35476 09 Jul 2021 9.8 (v3) Critical Pass SHOUTcast Server admin.cgi Long Argument Over fl ow CVE-2002-0199 11 Jun 2003 7.5 (v2) High Pass Exim < 4.22 smtp_in.c HELO/EHLO Remote Over fl ow CVE-2003-0743 02 Sep 2003 7.5 (v2) High Pass OpenSSH < 3.7.1p2 Multiple Remote Vulnerabilities CVE-2003-0786 CVE-2003-0787 23 Sep 2003 9.3 (v2) High Pass ISC BIND < 8.3.7 / 8.4.3 Negative Record Cache Poisoning CVE-2003-0914 27 Nov 2003 7.8 (v2) High Pass Apache Double Slash GET Request Forced Directory Listing CVE-2003-1138 27 Oct 2003 5.3 (v3) Medium Pass EasyDynamicPages Multiple Script edp_relative_path Parameter Remote File Inclusion CVE-2004-0073 02 Jan 2004 8.3 (v3) High Pass SGDynamo sgdynamo.exe HTNAME XSS CVE-2002-0375 18 Dec 2003 4.3 (v2) Medium Pass Exchange XEXCH50 Remote Bu ff er Over fl ow CVE-2003-0714 16 Oct 2003 7.5 (v2) High Pass smallftpd 1.0.3 Multiple DoS CVE-2004-0299 22 Feb 2004 5.3 (v3) Medium Pass Xlight FTP Server Multiple Remote Over fl ows CVE-2004-0255 CVE-2004-0287 16 Feb 2004 5 (v2) Medium Pass Apache < 1.3.31 / 2.0.49 Socket Connection Blocking Race Condition DoS CVE-2004-0174 16 Jun 2004 5 (v2) Medium Pass vHost < 3.10r1 Unspeci fi ed XSS CVE-2004-2278 14 Mar 2004 4.3 (v2) Medium Pass Emumail WebMail Multiple Remote Vulnerabilities (XSS, Disc) CVE-2004-2334 CVE-2004-2385 14 Mar 2004 4.3 (v2) Medium Pass Nuked-Klan index.php user_langue Parameter Traversal Arbitrary File Access CVE-2004-1937 13 Apr 2004 7.5 (v2) High Pass Default Password (12345678) for 'root' Account on MacOS X Server CVE-1999-0502 07 Jul 2004 9.8 (v3) Critical Pass BlackJumboDog FTP Server Multiple Command Over fl ow CVE-2004-1439 11 Aug 2004 7.5 (v2) High Pass EasyWeb FileManager pathtext Traversal Arbitrary File/Directory Access CVE-2004-2047 26 Jul 2004 4 (v2) Medium Pass Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS) CVE-2004-0681 CVE-2004-0682 02 Aug 2004 7.5 (v2) High Pass Nucleus CMS action.php itemid Parameter SQL Injection CVE-2004-2056 03 Aug 2004 7.5 (v2) High Pass Samba smbd FindNextPrintChangeNotify() Request Remote DoS CVE-2004-0829 26 Aug 2004 5 (v2) Medium Pass Intellipeer POP3 Server User Account Enumeration CVE-2004-2150 27 Sep 2004 5 (v2) Medium Pass XOOPS <= 1.0 Dictionary Module Multiple Scripts XSS CVE-2004-1640 01 Sep 2004 4.3 (v2) Medium Pass DasBlog Activity / Event Viewer Multiple HTTP Header XSS CVE-2004-1657 02 Sep 2004 4.3 (v2) Medium Pass OpenCA Client System Browser Form Input Field XSS CVE-2004-0787 09 Sep 2004 4.3 (v2) Medium Pass CuteNews index.php mod Parameter XSS CVE-2004-1659 06 Sep 2004 4.3 (v2) Medium Pass Icecast Encoded Traversal Arbitrary File Access CVE-2001-0784 01 Oct 2004 5 (v2) Medium Pass Icecast / libshout Multiple Remote Over fl ows CVE-2001-1229 01 Oct 2004 7.5 (v2) High Pass Icecast HTTP Header Processing Remote Over fl ow CVE-2004-1561 28 Sep 2004 7.5 (v2) High Pass MoniWiki < 1.0.9 wiki.php XSS CVE-2004-1632 25 Oct 2004 4.3 (v2) Medium Pass 04WebServer Multiple Vulnerabilities (XSS, DoS, more) CVE-2004-1512 CVE-2004-1513 CVE-2004-1514 13 Nov 2004 5 (v2) Medium Pass Apache mod_proxy Content-Length Over fl ow CVE-2004-0492 25 Oct 2004 10 (v2) Critical 20

Pass Microsoft Windows EFSRPC NTLM Re fl ection Elevation of Privilege (PetitPotam) (Remote) CVE-2021-36942 27 Jul 2021 5.3 (v3) Medium Pass Mercury Mail Remote IMAP Server Remote Over fl ow CVE-2004-1211 30 Nov 2004 9 (v2) High Pass TIPS MailPost append Parameter XSS CVE-2004-1101 04 Nov 2004 4.3 (v2) Medium Pass miniBB index.php user Parameter SQL Injection CVE-2004-2456 19 Nov 2004 7.5 (v2) High Pass Microsoft W3Who ISAPI w3who.dll Multiple Remote Vulnerabilities CVE-2004-1133 CVE-2004-1134 06 Dec 2004 10 (v2) Critical Pass ISC BIND < 9.3.1 Validator Self Checking Remote DoS CVE-2005-0034 26 Jan 2005 4.3 (v2) Medium Pass Berlios gpsd gpsd_report() Function Format String CVE-2004-1388 27 Jan 2005 7.5 (v2) High Pass CA BrightStor ARCserve/Enterprise Backup Persistent Default Administrator Account CVE-2005-0349 14 Feb 2005 10 (v2) Critical Pass Siteman < 1.1.11 Multiple Vulnerabilities CVE-2005-0305 19 Jan 2005 6.5 (v2) Medium Pass Chipmunk CMScore Multiple Script SQL Injection CVE-2005-0368 08 Feb 2005 7.5 (v2) High Pass Knox Arkeia Backup Client Type 77 Request Processing Bu ff er Remote Over fl ow CVE-2005-0491 21 Feb 2005 10 (v2) Critical Pass BadBlue ext.dll mfcisapicommand Parameter Remote Over fl ow CVE-2005-0595 01 Mar 2005 10 (v2) Critical Pass CitrusDB Static id_hash Admin Authentication Bypass CVE-2005-0408 16 Feb 2005 7.5 (v2) High Pass Ipswitch IMail IMAP EXAMINE Argument Bu ff er Over fl ow CVE-2005-0707 11 Mar 2005 9 (v2) High Pass MailEnable Standard SMTP mailto: Request Format String CVE-2005-0804 18 Mar 2005 5 (v2) Medium Pass Smail-3 < 3.2.0.121 Multiple Vulnerabilities CVE-2005-0892 CVE-2005-0893 25 Mar 2005 7.5 (v2) High Pass osCommerce fi le_manager.php fi lename Parameter Traversal Arbitrary File Access CVE-2004-2021 22 Mar 2005 5 (v2) Medium Pass PunBB pro fi le.php Multiple Parameter XSS CVE-2005-0818 18 Mar 2005 4.3 (v2) Medium Pass Oracle HTTP Server (October 2006 CPU) CVE-2006-5346 CVE-2006-5347 CVE-2006-5348 CVE-2006-5349 CVE-2006-5350 CVE-2006-5353 CVE-2006-5354 CVE-2006-5357 21 Nov 2011 10 (v2) Critical Pass OpenSSL < 0.9.2b Session Reuse CVE-1999-0428 12 Jan 2012 7.5 (v2) High Pass Oracle 8i/9i Database Server UTL_FILE Traversal Arbitrary File Manipulation CVE-2005-0701 30 Mar 2005 6.5 (v2) Medium Pass OpenSSL < 0.9.7f Insecure Temporary File Creation CVE-2004-0975 04 Jan 2012 2.1 (v2) Low Pass IBM Lotus Domino Web Service NLSCCSTR.DLL Malformed GET Request Over fl ow DoS CVE-2005-0986 07 Apr 2005 5 (v2) Medium Pass IBM AS400 and iSeries POP3 Server Remote Information Disclosure CVE-2005-1133 14 Apr 2005 5 (v2) Medium Pass Kerio MailServer Webmail Malformed Email Handling Resource Exhaustion DoS CVE-2005-1138 15 Apr 2005 7.1 (v2) High Pass Oracle WebLogic JSP Pages and Servlets Unspeci fi ed Information Disclosure (CVE-2008-5460) CVE-2008-5460 30 Nov 2011 2.6 (v2) Low Pass Oracle Application Server 9i Webcache < 9.0.4.0 Multiple Vulnerabilities CVE-2005-1381 CVE-2005-1382 02 May 2005 5 (v2) Medium Pass WebcamXP Chat Name XSS CVE-2005-1189 22 Apr 2005 4.3 (v2) Medium Pass Comersus Cart Account Username Field XSS CVE-2005-1010 06 Apr 2005 4.3 (v2) Medium Pass NETFile FTP/Web Server FTP Bounce Attack CVE-2005-1646 18 May 2005 5 (v2) Medium Pass Skull-Splitter Guestbook Multiple Field XSS CVE-2005-1620 16 May 2005 4.3 (v2) Medium Pass DUamazon Pro Multiple Scripts SQL Injection CVE-2005-2046 28 Jun 2005 7.5 (v2) High Pass Qualiteam X-Cart Multiple Vulnerabilities CVE-2005-1822 CVE-2005-1823 06 Jun 2005 7.5 (v2) High Pass Ipswitch IMail Web Calendaring Server GET Request Traversal Arbitrary File Access CVE-2005-1252 25 May 2005 5 (v2) Medium Pass Golden FTP Server <= 2.60 LS Command Traversal Information Disclosure CVE-2005-2142 05 Jul 2005 5.3 (v3) Medium Pass IBM Lotus Domino HTML Hidden Field Encrypted Password Disclosure CVE-2005-2428 27 Jul 2005 5 (v2) Medium Pass ASP-DEv XM Forum post.asp IMG Tag XSS CVE-2005-1008 23 May 2005 4.3 (v2) Medium Pass phpPgAdmin index.php formLanguage Parameter Local File Inclusion CVE-2005-2256 07 Jul 2005 5.1 (v2) Medium Pass phpSecurePages cfgProgDir Variable File Include Vulnerabilities CVE-2005-2251 10 Jul 2005 7.5 (v2) High Pass Fusebox index.cfm fuseaction Parameter XSS CVE-2005-2480 04 Aug 2005 4.3 (v2) Medium Pass Microsoft Exchange Server RCE (ProxyShell) CVE-2021-34473 11 Aug 2021 9.8 (v3) Critical Pass Ultimate PHP Board users.dat Multiple Vulnerabilities CVE-2005-2005 CVE-2005-2030 24 Aug 2005 5 (v2) Medium Pass phpLDAPadmin custom_welcome_page Parameter File Include Vulnerability CVE-2005-2792 CVE-2005-2793 31 Aug 2005 7.5 (v2) High Pass Barracuda Spam Firewall < 3.1.18 Multiple Vulnerabilities CVE-2005-2847 CVE-2005-2848 01 Sep 2005 7.5 (v2) High Pass PHPNews news.php prevnext Parameter SQL Injection CVE-2005-2156 06 Jul 2005 7.5 (v2) High Pass Apple TV < 6.0 Multiple Vulnerabilities CVE-2011-2391 CVE-2011-3102 CVE-2012-0841 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-5134 CVE-2013-0879 CVE-2013-0991 CVE-2013-0992 CVE-2013-0993 CVE-2013-0994 CVE-2013-0995 CVE-2013-0996 CVE-2013-0 01 Oct 2013 9.3 (v2) High Pass PunBB < 1.2.8 Multiple Vulnerabilities CVE-2005-3078 CVE-2005-3079 23 Sep 2005 6.5 (v2) Medium Pass CuteNews fl ood.db.php Client-IP HTTP Header Arbitrary Code Injection CVE-2005-3010 19 Sep 2005 7.5 (v2) High Pass Polipo < 0.9.9 Unspeci fi ed Traversal Arbitrary File Access CVE-2005-3163 06 Oct 2005 5 (v2) Medium Pass MS05-051: Vulnerabilities in MSDTC Could Allow Remote Code Execution (902400) (uncredentialed check) CVE-2005-2119 CVE-2005-1978 CVE-2005-1979 CVE-2005-1980 12 Oct 2005 10 (v2) Critical Pass TYPSoft FTP Server <= 1.10 Multiple DoS CVE-2005-3294 CVE-2009-1668 CVE-2009-4105 CVE-2012-5329 14 Oct 2005 5 (v2) Medium Pass WorldMail IMAP Server Traversal Arbitrary Mail Spool Access CVE-2005-3189 18 Nov 2005 5 (v2) Medium Pass Macromedia Flash Media Server Administration Service Crafted Packet Remote DoS CVE-2005-4216 14 Dec 2005 7.8 (v2) High Pass ONVIF Snapshot Username and Password Leak 15 Nov 2017 5.3 (v3) Medium Pass MyBB < 1.01 function_upload.php SQLi CVE-2005-4602 02 Jan 2006 7.5 (v2) High Pass Apache Tomcat / Geronimo Sample Script cal2.jsp time Parameter XSS CVE-2006-0254 18 Jan 2006 4.3 (v2) Medium Pass Lyris ListManager Subscription Form Administrative Command Injection CVE-2005-4142 25 Jan 2006 7.5 (v2) High Pass VMware Harbor User Enumeration (CVE-2019-3990) CVE-2019-3990 19 Aug 2021 4.3 (v3) Medium Pass IA eMailServer IMAP SEARCH Command Remote Over fl ow CVE-2006-0853 22 Feb 2006 6.5 (v2) Medium Pass ArGoSoft Mail Server Pro IMAP RENAME Command Traversal Arbitrary Directory Creation CVE-2006-0929 25 Feb 2006 4 (v2) Medium Pass Mercury Mail ph Server Remote Over fl ow CVE-2005-4411 27 Jan 2006 7.5 (v2) High Pass Dropbear SSH Authorization-pending Connection Saturation DoS CVE-2006-1206 08 Mar 2006 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.0 LDAP Authentication Bypass (PAN-SA-2015-0005) 19 Aug 2015 10 (v2) Critical Pass SAP DB / MaxDB WebDBM Client Database Name Remote Over fl ow CVE-2006-4305 06 Sep 2006 10 (v2) Critical Pass RaidenHTTPD workspace.php ulang Parameter Local File Inclusion CVE-2007-6453 19 Dec 2007 9.3 (v2) High Pass OpenSSL 1.1.1 < 1.1.1d Multiple Vulnerabilities CVE-2019-1547 CVE-2019-1549 CVE-2019-1552 CVE-2019-1563 23 Aug 2019 5.3 (v3) Medium Pass Cisco ADE-OS Prime Collaboration Assurance Detection 25 Sep 2015 None Pass Scrutinizer < 10.1.2 Multiple Vulnerabilities 06 Mar 2013 7.5 (v2) High Pass VMware Harbor Privilege Escalation (VMSA-2019-0015) (CVE-2019-16097) CVE-2019-16097 11 Oct 2019 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.19 Multiple Vulnerabilities CVE-2017-15940 CVE-2017-15942 CVE-2017-15943 CVE-2017-15944 15 Dec 2017 9.8 (v3) Critical Pass Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17) CVE-2018-0732 CVE-2018-0734 CVE-2018-0737 CVE-2018-5407 02 Jan 2019 5.9 (v3) Medium Pass VMware vCenter Server 6.5.x < 6.5u1f Multiple Vulnerabilities (VMSA-2018-0007) (Spectre-1) (Meltdown) CVE-2017-5753 CVE-2017-5754 22 Feb 2018 5.6 (v3) Medium Pass MS10-106: Microsoft Exchange Server Denial of Service (uncredentialed) CVE-2010-3937 03 Apr 2018 4.3 (v3) Medium Pass Cisco Prime Data Center Network Manager 10.1.x < 10.2.1 Multiple Vulnerabilities (remote check) CVE-2017-6639 CVE-2017-6640 22 Jun 2017 9.8 (v3) Critical Pass SolarWinds Log and Event Manager < 6.3.1 Hot fi x 3 Jailbreak and Privilege Escalation CVE-2017-5198 CVE-2017-5199 31 Aug 2017 8.8 (v3) High Pass Jenkins < 2.89.4 / 2.107 Multiple Vulnerabilities CVE-2018-6356 CVE-2018-1000068 CVE-2018-1000102 CVE-2018-1000103 22 Feb 2018 5.3 (v3) Medium Pass IBM BigFix Platform 9.x < 9.1.9.1301 / 9.2.9.36 / 9.5.4.38 Multiple Vulnerabilities CVE-2016-6082 CVE-2016-6084 CVE-2016-6085 29 Dec 2016 10 (v3) Critical Pass Webmin ' miniserv.pl ' Arbitrary File Disclosure CVE-2006-3392 30 Jun 2006 5 (v2) Medium Pass Bitrix bitrix.mpbuilder Module < 1.0.12 bitrix.mpbuilder_step2.php 'work[]' Path Traversal File Inclusion CVE-2015-8358 02 May 2017 7.2 (v3) High Pass Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability (cisco-sa-20150916-pcp) CVE-2015-4307 29 Sep 2015 9 (v2) High Pass McAfee Security Information and Event Management 9.3.x < 9.3.2.19 / 9.4.x < 9.4.2.9 / 9.5.x < 9.5.0.8 Authentication Bypass (SB10137) CVE-2015-8024 08 Apr 2016 7.3 (v3) High Pass VMware vCenter Server 5.0.x < 5.0u3e / 5.1.x < 5.1u3b / 5.5.x < 5.5u3 (Linux) / 5.5.x < 5.5u3b (Windows) / 6.0.x < 6.0.0b JMX Deserialization RCE (VMSA-2016-0005) CVE-2016-3427 25 May 2016 9 (v3) Critical Pass ESXi 5.0 < Build 515841 Multiple Vulnerabilities (remote check) CVE-2009-4536 CVE-2010-0296 CVE-2011-0536 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 13 Nov 2013 7.2 (v2) High Pass IBM WebSphere Application Server 7.0 < 7.0.0.43 / 8.0 < 8.0.0.13 / 8.5 < 8.5.5.10 / Liberty 16.0 < 16.0.0.2 CRLF Sequences HTTP Response Splitting CVE-2016-0359 04 Aug 2016 6.1 (v3) Medium Pass Cisco UCS Platform Emulator < 3.1(1ePE1) Multiple Vulnerabilities CVE-2016-1339 CVE-2016-1340 06 Jul 2016 8.4 (v3) High Pass Cisco IOS IPv6 Snooping DoS (cisco-sa-20150923-fhs) CVE-2015-6278 CVE-2015-6279 02 Oct 2015 7.8 (v2) High Pass Mac OS X < 10.11 Multiple Vulnerabilities (GHOST) CVE-2013-3951 CVE-2014-2532 CVE-2014-3618 CVE-2014-6277 CVE-2014-7186 CVE-2014-7187 CVE-2014-8080 CVE-2014-8090 CVE-2014-8146 CVE-2014-8147 CVE-2014-8611 CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9705 CVE-2014-9 05 Oct 2015 9.8 (v3) Critical Pass Juniper Junos J-Web Service Multiple Vulnerabilities (JSA10723) CVE-2016-1261 27 Apr 2016 6.8 (v2) Medium Pass Cisco Wireless LAN Controller Multiple DoS CVE-2016-9195 CVE-2017-3832 19 Apr 2017 7.5 (v3) High Pass Cisco Wireless LAN Controller 802.11 WME Packet Header Handling DoS (cisco-sa-20170405-wlc) CVE-2016-9194 19 Apr 2017 6.5 (v3) Medium Pass Cisco NX-OS Failed Authentication Handling Remote DoS (cisco-sa-20170315-nss1) CVE-2017-3879 14 Apr 2017 5.3 (v3) Medium Pass Cisco NX-OS Telnet Packet Header Handling Remote DoS (cisco-sa-20170315-nss) CVE-2017-3878 14 Apr 2017 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.18 / 7.0.x < 7.0.17 / 7.1.x < 7.1.12 / 8.0.x < 8.0.3 Multiple Vulnerabilities CVE-2016-8610 CVE-2016-10229 CVE-2017-8390 CVE-2017-9458 CVE-2017-9459 CVE-2017-9467 CVE-2017-12416 30 Jun 2017 9.8 (v3) Critical Pass Juniper Junos ICMPv6 PTB Atomic Fragment DoS (JSA10780) CVE-2016-10142 06 Jul 2017 8.6 (v3) High Pass Juniper Junos sendmsg Local Privilege Escalation (JSA10797) CVE-2016-1887 31 Jul 2017 7.8 (v3) High Pass Juniper Junos SRX, vSRX, and J-Series ISC BIND DoS (JSA10799) CVE-2017-3135 31 Jul 2017 7.5 (v3) High Pass OpenSSL 1.0.1 < 1.0.1i Multiple Vulnerabilities CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 08 Aug 2014 7.5 (v2) High Pass Juniper Junos PHP multiple vulnerabilities (JSA10804) CVE-2012-3365 CVE-2013-4113 CVE-2013-6420 CVE-2014-9425 31 Jul 2017 7.3 (v3) High Pass McAfee Web Gateway 7.6.x < 7.6.2.15 / 7.7.x < 7.7.2.3 Multiple Vulnerabilities (SB10205) CVE-2012-6706 CVE-2017-1000364 CVE-2017-1000366 CVE-2017-1000368 15 Aug 2017 9.8 (v3) Critical Pass Juniper Junos CLI XML Privilege Escalation (JSA10805) CVE-2017-10603 31 Jul 2017 7.8 (v3) High Pass Juniper Junos SRX Cluster Synchronization Failover Errors (JSA10806) CVE-2017-10604 31 Jul 2017 5.3 (v3) Medium Pass Cisco Wireless LAN Controller Multiple Vulnerabilities CVE-2016-1362 CVE-2016-1363 CVE-2016-1364 04 May 2016 9.8 (v3) Critical Pass macOS < 10.13 Multiple Vulnerabilities CVE-2016-0736 CVE-2016-2161 CVE-2016-4736 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2016-9042 CVE-2016-9063 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-0381 CVE-2017-3167 CVE-2017-3169 CVE-2017-6 03 Oct 2017 9.8 (v3) Critical Pass Juniper Junos BGP PDU Vulnerability (JSA10810) CVE-2017-10607 20 Oct 2017 7.5 (v3) High Pass Juniper Junos SRX Flowd Crash Vulnerability (JSA10813) CVE-2017-10610 20 Oct 2017 7.5 (v3) High Pass Juniper Junos Kernel Vulnerability (JSA10816) CVE-2017-10613 20 Oct 2017 7.5 (v3) High Pass TYPO3 'AbstractController.php' 'BACK_PATH' Parameter Remote File Inclusion CVE-2011-4614 23 Dec 2011 6.8 (v2) Medium Pass Hosting Controller Multiple Script Arbitrary Directory Browsing CVE-2002-0466 17 Jun 2003 5 (v2) Medium Pass Cisco Wireless LAN Controllers 5500 Series (POODLE) CVE-2014-3566 03 Dec 2014 4.3 (v2) Medium Pass Citrix NetScaler Multiple Vulnerabilities (CTX230238, CTX230612) CVE-2017-17382 CVE-2017-17549 19 Dec 2017 5.9 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.14 Multiple Vulnerabilities CVE-2017-15940 CVE-2017-15943 CVE-2017-15944 15 Dec 2017 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 8.0.x < 8.0.6-h3 Web Interface Packet Capture Management Unspeci fi ed Remote Command Injection CVE-2017-15940 15 Dec 2017 9.8 (v3) Critical 21

Pass Arista Networks EOS IPv6 Neighbor Discovery Packet DoS (SA0022) 28 Feb 2018 5.3 (v3) Medium Pass Arista Networks EOS tcp_input Challenge ACKs Shared Counter Disclosure (SA0023) CVE-2016-5696 28 Feb 2018 4.8 (v3) Medium Pass Default Password (0000) for 'user' on WIP5000 IP Phone 16 Sep 2008 7.5 (v2) High Pass macOS 10.13.3 Supplemental Update CVE-2018-4124 28 Feb 2018 9.8 (v3) Critical Pass Cisco Wireless LAN Controller CAPWAP DoS (cisco-sa-wlc-capwap-dos-Y2sD9uEw) CVE-2020-3262 28 Jul 2020 7.5 (v3) High Pass Arista Networks EOS Control Plane Packet Handling DoS (SA0025) CVE-2016-6894 28 Feb 2018 7.5 (v3) High Pass macOS 10.14.x < 10.14.3 Multiple Vulnerabilities CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 CVE-2019-6200 CVE-2019-6202 CVE-2019-6205 CVE-2019-6208 CVE-2019-6209 CVE-2019-6210 CVE-2019-6211 CVE-2019-6213 CVE-2019-6214 CVE-2019-6218 CVE-2019-6219 CVE-2019-6220 CVE-201 25 Jan 2019 10 (v3) Critical Pass Arista Networks EOS MPBGP Denial of Service (SA0029) CVE-2017-8231 28 Feb 2018 4.3 (v3) Medium Pass Citrix NetScaler Authentication Bypass Vulnerability (CTX232199) CVE-2018-5314 05 Jul 2018 7.5 (v3) High Pass Cisco NX-OS SNMP DoS. CVE-2018-0456 26 Oct 2018 7.7 (v3) High Pass Fire fl y Media Server ws_getpostvars Function Content-Length Header HTTP Request Handling Over fl ow CVE-2008-1771 23 Apr 2008 7.5 (v2) High Pass Junos OS: FPC process crashes after J-Flow processes a malformed packet (JSA10914) CVE-2019-0014 11 Jan 2019 7.5 (v3) High Pass Juniper Junos vMX Predictable IP ID Sequence Numbers (JSA10903) CVE-2019-0007 11 Jan 2019 10 (v3) Critical Pass Junos OS: Kernel crash after processing speci fi c incoming packet to the out of band management interface (JSA10911) CVE-2019-0011 16 Jan 2019 6.5 (v3) Medium Pass Junos OS: Deleted dynamic VPN users are allowed to establish VPN connections until reboot (JSA10915) CVE-2019-0015 07 Feb 2019 5.4 (v3) Medium Pass Cisco Prime Collaboration Provisioning Unauthorized Password Change Denial of Service Vulnerability (cisco-sa-20180801-pcp-dos CVE-2018-0391 01 Apr 2019 6.5 (v3) Medium Pass Axis 2400 Network Camera Multiple Vulnerabilities CVE-2003-1386 01 Mar 2003 6.4 (v2) Medium Pass Junos OS: EX2300 and EX3400 series: Certain stateless fi rewall fi lter rules might not take e ff ect (JSA10901) CVE-2019-0002 25 Jan 2019 9.8 (v3) Critical Pass Junos OS: EX2300 and EX3400 series: High disk I/O operations may disrupt the communication between RE and PFE (JSA10909) CVE-2019-0009 25 Jan 2019 5.5 (v3) Medium Pass Palo Alto Networks < 7.1.23 / 8.0.x < 8.0.16 / 8.1.x < 8.1.7 Denial of Service vulnerability (PAN-SA-2019-0007) CVE-2018-18065 02 Apr 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Unauthorized Directory Access Vulnerability CVE-2019-1600 24 May 2019 4.4 (v3) Medium Pass Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities CVE-2019-1597 CVE-2019-1598 24 May 2019 7.5 (v3) High Pass Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability CVE-2019-1596 30 Jul 2019 7.8 (v3) High Pass Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability CVE-2019-1601 30 Jul 2019 7.8 (v3) High Pass Cisco MDS 9700 Series Multilayer Directors and Nexus 7000/7700 Series Switches Software Patch Signature Veri fi cation Vulnerability CVE-2019-1808 07 Jun 2019 4.4 (v3) Medium Pass Jenkins < 2.235.5 LTS / 2.243 Information Disclosure Vulnerability CVE-2019-17638 21 Aug 2020 9.4 (v3) Critical Pass Juniper JSA10938 CVE-2019-0046 26 Jul 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Fabric Services over IP Denial of Service Vulnerability (CVE-2019-1962) CVE-2019-1962 11 Sep 2019 7.5 (v3) High Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791) CVE-2019-1791 22 Aug 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability CVE-2019-1963 12 Sep 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Command Injection Vulnerability (cisco-sa-20190925-nxos-vman-cmd-inj) CVE-2019-12717 04 Oct 2019 7.8 (v3) High Pass Adobe ColdFusion Unsupported Version Detection 22 Jan 2014 10 (v3) Critical Pass Citrix and NetScaler SD-WAN Center Unauthenticated Directory Traversal File Write CVE-2019-12990 18 Dec 2019 9.8 (v3) Critical Pass Alcatel ADSL Modem Unpassworded Access CVE-2001-1424 08 Oct 2000 7.5 (v2) High Pass Cisco Catalyst Web Interface Remote Command Execution CVE-2000-0945 10 Nov 2000 10 (v2) Critical Pass Exchange Malformed MIME Header Handling DoS CVE-2000-1006 27 Nov 2000 6.4 (v2) Medium Pass Cisco NX-OS Software Simple Network Management Protocol DoS (cisco-sa-20190515-nxos-snmp-dos) CVE-2019-1858 18 Dec 2019 8.6 (v3) High Pass IBM BigFix Server 9.1.x < 9.1.1275.0 Multiple XSS CVE-2016-0269 CVE-2016-0293 30 Aug 2016 6.1 (v3) Medium Pass HP Universal Con fi guration Management Database Server Authentication Bypass CVE-2014-7883 18 Mar 2015 5 (v2) Medium Pass Cisco IOS Multiple OpenSSL Vulnerabilities (CSCut46130) CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 14 Apr 2016 7.5 (v2) High Pass ProFTPD mod_copy Information Disclosure CVE-2015-3306 16 Jun 2015 9.8 (v3) Critical Pass IBM Lotus Domino Banner Nonexistent .pl File Request Path Disclosure CVE-2002-0245 CVE-2002-0408 08 Jun 2002 5 (v2) Medium Pass Lotus Domino /./ Request Database Locking DoS CVE-2001-0954 11 Jun 2003 5 (v2) Medium Pass MyServer <= 0.4.2 Multiple Remote DoS 23 Jun 2003 5 (v2) Medium Pass IBM DB2 JDBC Applet Server Detection 25 Sep 2006 None Pass eLDAPo index.php Plaintext Password Disclosure 18 Jun 2003 5 (v2) Medium Pass macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-3619 CVE-2016-4688 CVE-2016-5387 CVE-2016-5636 CVE-2016-7056 CVE-2016-7585 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7 31 Mar 2017 9.8 (v3) Critical Pass Cisco IOS Multicast Routing Multiple DoS (cisco-sa-20160928-msdp) CVE-2016-6382 CVE-2016-6392 07 Oct 2016 7.5 (v3) High Pass Microsoft Windows Server 2003 Unsupported Installation Detection 14 Jul 2015 10 (v3) Critical Pass Foreman Smart-Proxy TFTP Remote Command Injection CVE-2014-0007 17 Jul 2014 8.8 (v3) High Pass HP SiteScope getFileInternal Arbitrary File Download 14 Sep 2012 7.8 (v2) High Pass Cisco Email Security Appliance Filter Bypass Vulnerability CVE-2017-12353 14 Dec 2017 5.8 (v3) Medium Pass Microsoft Exchange Server Unsupported Version Detection (Uncredentialed) 03 Apr 2018 10 (v3) Critical Pass IBM Tivoli Storage Manager FastBack Mount 6.1.x < 6.1.11.1 Multiple Vulnerabilities CVE-2015-0120 CVE-2015-1896 CVE-2015-1898 08 May 2015 10 (v2) Critical Pass Cisco TelePresence IP VCR Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass Cisco NX-OS Software Arbitrary File Overwrite Vulnerability CVE-2019-1729 02 Sep 2019 6 (v3) Medium Pass VMware ESX / ESXi Remotely Accessible Method Object Browser API 24 Jan 2019 10 (v3) Critical Pass Cisco NX-OS Software SNMP Access Control List Con fi guration Name Bypass Vulnerability (CVE-2019-1969) CVE-2019-1969 13 Sep 2019 5.3 (v3) Medium Pass Symantec Messaging Gateway 10.x < 10.7.3 Multiple Vulnerabilities (SYMSA1501) CVE-2019-18377 CVE-2019-18378 CVE-2019-18379 18 Dec 2019 7.3 (v3) High Pass ASG-Sentry File Check Utility /snmx-cgi/fcheck.exe Arbitrary File Overwrite CVE-2008-1322 14 Oct 2008 7.8 (v2) High Pass Microsoft Windows 8 Unsupported Installation Detection 03 Feb 2016 10 (v2) Critical Pass Cisco Hyper fl ex HX-Series Software Weak Storage (cisco-sa-HYP-WSV-yT3j5hSB) CVE-2020-3389 25 Aug 2020 4.4 (v3) Medium Pass Check_MK Internal Server Error XSS CVE-2017-11507 14 Dec 2017 6.1 (v3) Medium Pass OpenSSL 1.0.1 < 1.0.1o ASN.1 Encoder Negative Zero Value Handling RCE CVE-2016-2108 04 May 2016 9.8 (v3) Critical Pass IBM DB2 10.1 < Fix Pack 5 Multiple Vulnerabilities (Bar Mitzvah) CVE-2014-0919 CVE-2014-3094 CVE-2014-3095 CVE-2014-6159 CVE-2014-6209 CVE-2014-6210 CVE-2014-8901 CVE-2014-8910 CVE-2015-0138 CVE-2015-0157 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-1 18 Jul 2015 9.8 (v3) Critical Pass ProFTPD TELNET IAC Escape Sequence Remote Bu ff er Over fl ow CVE-2010-4221 15 Oct 2013 9.8 (v3) Critical Pass Xerox WorkCentre Unspeci fi ed Remote Protocol Authorization Bypass (XRX13-008) 28 Oct 2013 10 (v2) Critical Pass Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Remote Over fl ow (MS03-051 / 813360) CVE-2003-0822 CVE-2003-0824 12 Nov 2003 7.5 (v2) High Pass TCP/IP Multicast Address Handling Remote DoS (spank.c) 22 Oct 2003 6.5 (v3) Medium Pass EZsite Forum Discloses Passwords to Remote Users 04 Sep 2003 5 (v2) Medium Pass Elasticsearch ESA-2017-03 CVE-2017-8449 22 Aug 2018 5.9 (v3) Medium Pass Bitvise SSH Server < 7.41 Multiple Vulnerabilities (remote) 01 Jun 2018 5.3 (v3) Medium Pass PHP < 4.3.3 Multiple Vulnerabilities CVE-2002-1396 CVE-2003-0442 CVE-2003-0860 CVE-2003-0861 24 Sep 2003 7.5 (v2) High Pass ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check) CVE-2009-3560 CVE-2009-3720 CVE-2010-0405 CVE-2010-1634 CVE-2010-2089 CVE-2011-1521 CVE-2012-1518 13 Nov 2013 8.3 (v2) High Pass Elasticsearch ESA-2018-10 CVE-2018-3826 22 Aug 2018 6.5 (v3) Medium Pass Elasticsearch ESA-2017-09 CVE-2017-8441 22 Aug 2018 4.3 (v3) Medium Pass Apache Hadoop YARN ResourceManager Unauthenticated RCE (Remote) (Xbash) 20 Sep 2018 10 (v3) Critical Pass PHP 7.2.x < 7.2.10 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass Icecast list.cgi User-Agent XSS CVE-2004-0781 27 Aug 2004 4.3 (v2) Medium Pass Bytes Interactive Web Shopper shopper.cgi Traversal Arbitrary File Access CVE-2000-0922 10 Oct 2000 5 (v2) Medium Pass Logstash ESA-2014-02 CVE-2014-4326 06 Dec 2018 7.3 (v3) High Pass Logstash ESA-2015-04 CVE-2015-4152 06 Dec 2018 6.5 (v3) Medium Pass AlienVault OSSIM get_fqdn() RCE 24 May 2017 9.8 (v3) Critical Pass EMC Cloud Tiering Appliance User Interface Default Credentials 07 Apr 2014 10 (v2) Critical Pass PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access CVE-2001-1204 17 Jan 2002 5 (v2) Medium Pass SSL Certi fi cate Validity - Duration 08 Jan 2019 4.8 (v3) Medium Pass Adobe Connect <= 9.8.1 Session Token Exposure Vulnerability (ASPB19-05) CVE-2018-19718 11 Jan 2019 5.3 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Apr 2019 CPU) CVE-2019-2588 CVE-2019-2595 CVE-2019-2601 CVE-2019-2616 18 Apr 2019 8.2 (v3) High Pass Kibana ESA-2018-03 CVE-2018-3819 14 Jan 2019 6.1 (v3) Medium Pass Joomla! Extension 'JCK Suite' - 'jckeditor' =< 6.4.4 Privilege Escalation 21 Jan 2019 8.3 (v3) High Pass Pulse Connect Secure Multiple Vulnerabilities (SA44101) CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16513 CVE-2018-18284 CVE-2019-11507 CVE-2019-11508 CVE-2019-11509 CVE-2019-11510 CVE-2019-11538 CVE-2019-11539 CVE-2019-11540 CVE-2019-11541 CVE-2019-11542 CVE-2019-1 10 May 2019 10 (v3) Critical Pass ClusterLabs Pacemaker PCS Daemon Default Password CVE-2015-1842 07 May 2015 10 (v2) Critical Pass Juniper Junos Network Topology Loop DoS (JSA10719) CVE-2016-1260 22 Jan 2016 5 (v2) Medium Pass Juniper Junos HTTP Request Handling J-Web DoS (JSA10720) CVE-2016-1258 22 Jan 2016 5 (v2) Medium Pass Juniper Junos RTSP Packet Handling fl owd DoS (JSA10721) CVE-2016-1262 22 Jan 2016 4.3 (v2) Medium Pass Cisco Wireless LAN Controller Unauthorized Access Vulnerability CVE-2015-6314 22 Jan 2016 9.8 (v3) Critical Pass Oracle GlassFish Server URL normalization Denial of Service 19 Jun 2018 7.5 (v3) High Pass Cisco Nexus 9000 Series APIC Access Control Vulnerability (CSCut12998) CVE-2016-1302 12 Feb 2016 8.8 (v3) High Pass OpenSSL 1.1.1 < 1.1.1a Multiple Vulnerabilities CVE-2018-0734 CVE-2018-0735 25 Jan 2019 5.9 (v3) Medium Pass WordPress Plugin 'LearnDash' < 3.1.6 SQLi CVE-2020-6009 04 May 2020 9.8 (v3) Critical Pass Appointments Plugin for WordPress < 2.2.2 PHP Object Injection 05 Dec 2017 8.3 (v3) High Pass BuddyPress Plugin for WordPress < 2.9.2 Information Disclosure 18 Dec 2017 5.8 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2n Multiple Vulnerabilities CVE-2017-3737 CVE-2017-3738 15 Dec 2017 5.9 (v3) Medium Pass OpenSSL 1.1.0 < 1.1.0h AVX2 Montgomery Multiplication Private Key Derivation Weakness CVE-2017-3738 CVE-2018-0739 15 Dec 2017 5.9 (v3) Medium Pass Apple TV < 11.2 Multiple Vulnerabilities CVE-2017-7154 CVE-2017-7156 CVE-2017-7157 CVE-2017-7160 CVE-2017-7162 CVE-2017-13833 CVE-2017-13855 CVE-2017-13856 CVE-2017-13861 CVE-2017-13862 CVE-2017-13865 CVE-2017-13866 CVE-2017-13867 CVE-2017-13868 CVE-2017-13869 05 Jan 2018 7.8 (v3) High Pass Cisco Wireless LAN Controller Client Disconnection DoS CVE-2015-6341 22 Jan 2016 5 (v2) Medium Pass IBM Tivoli Provisioning Manager for OS Deployment TFTPD Malformed PRQ Request DoS CVE-2007-3268 19 Jul 2007 5 (v2) Medium Pass Western Digital MyCloud Unauthenticated File Upload CVE-2017-17560 10 Jan 2018 9.8 (v3) Critical Pass pfSense < 2.1.3 Remote Denial of Service Vulnerability (SA-14_05) CVE-2014-3000 31 Jan 2018 8.2 (v3) High Pass pfSense < 2.1.4 Multiple Vulnerabilities (SA-14_08 - SA-14_12) CVE-2014-4687 CVE-2014-4688 CVE-2014-4689 CVE-2014-4690 CVE-2014-4691 CVE-2014-4692 31 Jan 2018 6.5 (v3) Medium Pass Nortel Meridian Integrated RAN Default Admin Credentials 24 Feb 2014 10 (v2) Critical Pass Cisco Prime Data Center Network Manager File Upload RCE (cisco-sa-20180502-prime-upload) CVE-2018-0258 13 Jun 2018 9.8 (v3) Critical 22

Pass Juniper Junos SRX Series FTP ALG ftps-extension TCP Port Exposure (JSA10706) CVE-2015-5361 26 Oct 2015 6.4 (v2) Medium Pass Juniper Junos Corrupt pam.conf Security Bypass (JSA10707) CVE-2015-7751 26 Oct 2015 6.9 (v2) Medium Pass NUUO NVRMini2 Multiple Vulnerabilities CVE-2018-1149 CVE-2018-1150 17 Sep 2018 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0 < Fix Pack 5 CVE-2009-0899 CVE-2009-1195 CVE-2009-1898 CVE-2009-1899 CVE-2009-1900 CVE-2009-1901 CVE-2009-2085 CVE-2009-2087 CVE-2009-2088 CVE-2009-2089 CVE-2009-0899 CVE-2009-2090 CVE-2009-2091 CVE-2009-2092 31 Aug 2009 6.8 (v2) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jul 2017 CPU) CVE-2016-3092 CVE-2017-10024 CVE-2017-10025 CVE-2017-10028 CVE-2017-10029 CVE-2017-10030 CVE-2017-10035 CVE-2017-10041 CVE-2017-10043 CVE-2017-10058 CVE-2017-10059 CVE-2017-10156 CVE-2017-10157 04 Jul 2019 8.2 (v3) High Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jul 2019 CPU) CVE-2015-9251 CVE-2019-2742 CVE-2019-2767 CVE-2019-2768 CVE-2019-2771 17 Jul 2019 8.2 (v3) High Pass Cisco NX-OS Software IPv6 Denial of Service Vulnerability (cisco-sa-20190828-nxos-ipv6-dos) CVE-2019-1964 10 Jan 2020 7.5 (v3) High Pass PHP-Fusion extract() Global Variable Overwriting CVE-2006-4673 08 Sep 2006 2.6 (v2) Low Pass WP Smart Security Plugin for WordPress PHP Object Injection 08 Dec 2017 8.3 (v3) High Pass HP Operations Orchestration 10.x < 10.51 Java Object Deserialization RCE CVE-2016-1997 23 Mar 2016 9.8 (v3) Critical Pass Operating System Unsupported Version Detection in banner reporting (PCI-DSS check) 22 Feb 2019 10 (v3) Critical Pass Apple TV < 9.1.1 Multiple Vulnerabilities CVE-2015-7995 CVE-2016-1717 CVE-2016-1719 CVE-2016-1720 CVE-2016-1721 CVE-2016-1722 CVE-2016-1724 CVE-2016-1727 27 Jan 2016 8.8 (v3) High Pass MySQL 8.0.x < 8.0.17 Multiple Vulnerabilities (July 2019 CPU) CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2741 CVE-2019-2752 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2780 CVE-2019-2784 CVE-2019-2785 CVE-2019-2789 CVE-2019-2791 CVE-2019-2 18 Jul 2019 7.5 (v3) High Pass OpenSSL 1.0.2 < 1.0.2g Multiple Vulnerabilities (DROWN) CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 02 Mar 2016 9.8 (v3) Critical Pass VMware ESX sudo Package Multiple Vulnerabilities (VMSA-2013-0007) (remote check) CVE-2012-2337 CVE-2012-3440 04 Mar 2016 7.2 (v2) High Pass NFX Series: Insecure sshd con fi guration in Juniper Device Manager (JDM) and host OS (JSA10878) CVE-2018-0044 05 Jul 2019 8.1 (v3) High Pass pfSense < 2.1.5 Multiple Vulnerabilities (SA-14_15 - SA-14_17) 31 Jan 2018 9.8 (v3) Critical Pass OpenSSL 0.9.8 < 0.9.8zd Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 16 Jan 2015 5 (v2) Medium Pass Cisco HyperFlex Software Unauthenticated Root Access (cisco-sa-20190220-chn-root-access) CVE-2019-1664 25 Aug 2020 7.8 (v3) High Pass pfSense 2.3.x < 2.3.5-p1 / 2.4.x < 2.4.2-p1 Multiple Vulnerabilities (SA-17_10 / SA-17_11) CVE-2017-3737 CVE-2017-3738 31 Jan 2018 5.9 (v3) Medium Pass EMC Data Protection Advisor < 6.4.110 Database Hardcoded Password Vulnerability CVE-2018-1206 16 Mar 2018 7.8 (v3) High Pass Cisco HyperFlex Software Command Injection (cisco-sa-20190220-hyper fl ex-injection) CVE-2018-15380 25 Aug 2020 8.8 (v3) High Pass Web Form Sending Credentials Using GET (PCI-DSS check) 03 Apr 2018 5.3 (v3) Medium Pass OpenSSL 0.9.8 < 0.9.8zf Multiple Vulnerabilities CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass SonicWALL Global Management System (GMS) / Analyzer sgms Webapp File Deletion 04 May 2018 7.3 (v3) High Pass Splunk Enterprise < 5.0.19 / 6.0.15 / 6.1.14 / 6.2.14 / 6.3.11 Error Message Spoo fi ng 16 Jun 2017 4.3 (v3) Medium Pass Cisco TelePresence TC and TE Software Multiple Vulnerabilities (cisco-sa-20150513-tc) CVE-2014-2174 CVE-2015-0722 20 May 2015 8.3 (v2) High Pass Microsoft IIS IDC Extension XSS 24 Oct 2002 4.3 (v2) Medium Pass Linksys Smart Wi-Fi Router CGI Scripts Information Disclosure 19 Jul 2017 5.3 (v3) Medium Pass MS04-031: Vulnerability NetDDE Could Allow Code Execution (841533) (uncredentialed check) CVE-2004-0206 27 Oct 2004 10 (v2) Critical Pass BlackBoard Internet Newsboard System checkdb.inc.php libpath Parameter Remote File Inclusion CVE-2004-1582 11 Oct 2004 7.5 (v2) High Pass SolarWinds Orion Multiple SQLi Vulnerabilities CVE-2014-9566 27 May 2015 7.5 (v2) High Pass Observium PHP Object Unserialization Remote File Writing Vulnerability 29 Nov 2016 9.8 (v3) Critical Pass ONVIF Username and Password leak 31 Oct 2017 5.3 (v3) Medium Pass SonicWALL Global Management System (GMS) 8.x < 8.2 Multiple Vulnerabilities 05 Jan 2017 8.3 (v3) High Pass Cisco Data Center Network Manager SQL Injection (cisco-sa-dcnm-sql-inject-8hk6PwmF) CVE-2020-3462 11 Aug 2020 6.3 (v3) Medium Pass Trend Micro InterScan VirusWall /interscan/cgi-bin/FtpSave.dll Unauthenticated Remote Con fi guration Manipulation CVE-2001-0432 23 Aug 2001 10 (v2) Critical Pass IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12 Multiple Vulnerabilities CVE-2015-1923 CVE-2015-1924 CVE-2015-1925 CVE-2015-1929 CVE-2015-1930 CVE-2015-1938 CVE-2015-1941 CVE-2015-1942 CVE-2015-1948 CVE-2015-1949 CVE-2015-1953 CVE-2015-1954 CVE-2015-1962 CVE-2015-1963 CVE-2015-1964 CVE-2015-1 07 Jul 2015 9.8 (v3) Critical Pass McAfee ePolicy Orchestrator Agent < 5.0.4.449 Log Viewer DoS CVE-2017-3896 16 Feb 2017 5.9 (v3) Medium Pass NetIQ Sentinel Java Object Deserialization RCE 20 Apr 2016 9.8 (v3) Critical Pass Trend Micro Control Manager download.php File Disclosure 17 Feb 2017 7.5 (v3) High Pass Cisco Data Center Network Manager Improper Authorization (cisco-sa-dcnm-improper-auth-7Krd9TDT) CVE-2020-3386 11 Aug 2020 8.8 (v3) High Pass Cisco Data Center Network Manager Information Disclosure (cisco-sa-dcnm-info-disclosure-tFX3KerC) CVE-2020-3461 12 Aug 2020 5.3 (v3) Medium Pass NetGain Enterprise Manager Command Injection 10 Mar 2017 9.8 (v3) Critical Pass Microsoft IIS 6.0 Unsupported Version Detection 17 Apr 2017 10 (v3) Critical Pass MySQL 8.0.x < 8.0.18 Multiple Vulnerabilities (Oct 2019 CPU) CVE-2019-2911 CVE-2019-2914 CVE-2019-2938 CVE-2019-2946 CVE-2019-2957 CVE-2019-2960 CVE-2019-2963 CVE-2019-2966 CVE-2019-2967 CVE-2019-2968 CVE-2019-2974 CVE-2019-2982 CVE-2019-2991 CVE-2019-2993 CVE-2019-2997 CVE-2019-2 18 Oct 2019 7.8 (v3) High Pass Sophos Web Protection Appliance Multiple Vulnerabilities CVE-2013-4983 CVE-2013-4984 26 Sep 2013 10 (v3) Critical Pass Microsoft DNS Server Inverse Query Bu ff er Over-Read CVE-2016-82007 24 Mar 2016 4 (v2) Medium Pass MailEnable Webmail Malformed Encoded Quoted-printable Email DoS (CVE-2006-1338) CVE-2006-1338 22 Mar 2006 5 (v2) Medium Pass Cisco TelePresence Server Malformed STUN Packet Processing DoS (cisco-sa-20160406-cts2) CVE-2015-6312 15 Apr 2016 7.5 (v3) High Pass ESXi 6.5 / 6.7 XSS (VMSA-2020-0008) CVE-2020-3955 15 Jul 2020 9.3 (v3) Critical Pass Core FTP Server < 1.2 Build 588 32-bit Unspeci fi ed Over fl ow Vulnerability 27 Apr 2016 10 (v2) Critical Pass WP Mobile Detector Plugin for WordPress File Upload RCE 19 Jul 2016 7.5 (v2) High Pass SolarWinds Server & Application Monitor (SAM) Alert Handling Local Privilege Escalation 03 Jun 2016 6.8 (v2) Medium Pass IBM Domino 8.5.x < 8.5.3 FP 5 Multiple Vulnerabilities CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0401 CVE-2013-0402 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0 04 Nov 2013 10 (v2) Critical Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.1 Multiple Vulnerabilities CVE-2012-2098 CVE-2013-0460 CVE-2013-0464 CVE-2013-0467 CVE-2013-0599 CVE-2013-1862 CVE-2013-1896 CVE-2013-3029 CVE-2013-4004 CVE-2013-4005 CVE-2013-4006 CVE-2013-4052 CVE-2013-4053 CVE-2013-5414 CVE-2013-5417 CVE-2013-5 05 Dec 2013 6.8 (v2) Medium Pass Sonatype Nexus Repository Manager Java Object Deserialization RCE 20 Jul 2016 10 (v2) Critical Pass Synology DiskStation Manager (DSM) Web Administration Interface Default Credentials 16 Sep 2016 9.8 (v3) Critical Pass Cisco IOS XR Software BGP EVPN DoS (cisco-sa-20200122-ios-xr-evpn) CVE-2019-16019 CVE-2019-16020 CVE-2019-16021 CVE-2019-16022 CVE-2019-16023 31 Jan 2020 8.6 (v3) High Pass pfSense 2.3.x < 2.3.5-p2 / 2.4.x < 2.4.3-p1 Multiple Vulnerabilities (SA-18_04 / SA-18_05) CVE-2018-6920 CVE-2018-6921 CVE-2018-8897 27 Dec 2018 7.8 (v3) High Pass CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO87569) CVE-2007-1785 CVE-2007-2139 25 Apr 2007 10 (v2) Critical Pass ManageEngine Desktop Central Tools Execution Status Update RCE (intrusive check) 21 Oct 2015 10 (v2) Critical Pass Symantec Reporting Server < 1.0.224.0 Multiple Vulnerabilities CVE-2007-3021 CVE-2007-3022 CVE-2007-3095 08 Jun 2007 9 (v2) High Pass ServerView Servername Parameter Arbitrary Command Execution CVE-2007-3011 06 Jul 2007 7.5 (v2) High Pass OpenSSL 0.9.8 < 0.9.8za Multiple Vulnerabilities CVE-2014-0076 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 06 Jun 2014 6.8 (v2) Medium Pass ESXi 5.0 < Build 3086167 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check) CVE-2015-6933 15 Jan 2016 6.3 (v3) Medium Pass Cisco IOS Smart Install Packet Image List Parameter Handling DoS (cisco-sa-20160323-smi) CVE-2016-1349 06 Apr 2016 7.5 (v3) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 8 Multiple Vulnerabilities CVE-2013-0460 CVE-2013-4052 CVE-2013-4053 CVE-2013-5372 CVE-2013-5414 CVE-2013-5417 CVE-2013-5418 CVE-2013-5780 CVE-2013-5803 CVE-2013-6325 CVE-2013-6725 20 Jan 2014 6.8 (v2) Medium Pass Lexmark Markvision Enterprise Java Object Deserialization RCE CVE-2016-1487 17 Feb 2016 10 (v2) Critical Pass Apple TV < 11.3 Multiple Vulnerabilities CVE-2018-4101 CVE-2018-4104 CVE-2018-4113 CVE-2018-4114 CVE-2018-4115 CVE-2018-4118 CVE-2018-4119 CVE-2018-4120 CVE-2018-4121 CVE-2018-4122 CVE-2018-4125 CVE-2018-4127 CVE-2018-4128 CVE-2018-4129 CVE-2018-4130 CVE-2018-4 16 Apr 2018 7.8 (v3) High Pass Microsoft IIS webhits.dll Hit-Highlighting Authentication Bypass CVE-2007-2815 25 Mar 2008 4.3 (v2) Medium Pass Seditio plug.php pag_sub Parameter SQL Injection CVE-2007-6202 02 Dec 2007 6.8 (v2) Medium Pass ESXi 5.0 < Build 1749766 Multiple Vulnerabilities (remote check) CVE-2013-5211 CVE-2014-8370 29 Jan 2015 6.4 (v2) Medium Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0004) (remote check) CVE-2008-3916 CVE-2008-4316 CVE-2008-4552 CVE-2009-0115 CVE-2009-0590 CVE-2009-1189 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-2695 CVE-2009-2849 CVE-2009-2904 CVE-2009-2905 CVE-2009-2 08 Mar 2016 9.3 (v2) High Pass Cisco NX-OS Software Data Management Engine Remote Code Execution (cisco-sa-nxos-dme-rce-cbE3nhZS) CVE-2020-3415 02 Sep 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.1 Out-of-Sequence Packet Firewall Bypass 17 Jun 2016 5 (v2) Medium Pass Citrix SD-WAN Center Command Injection CVE-2019-10883 11 Apr 2019 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.4 Multiple Vulnerabilities (POODLE) CVE-2013-5704 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3021 CVE-2014-3566 CVE-2014-4770 CVE-2014-4816 CVE-2014-6164 CVE-2014-6166 CVE-2014-6167 CVE-2014-6174 CVE-2014-8890 07 Jan 2015 6.8 (v2) Medium Pass ESXi 6.0 / 6.5 / 6.7 Out-of-Bounds Read Vulnerability (VMSA-2018-0026) (Remote Check) CVE-2018-6974 26 Oct 2018 8.8 (v3) High Pass OpenDocMan Access Control Bypass 26 Jul 2004 4.3 (v2) Medium Pass Cisco Data Center Network Manager Authorization Bypass (cisco-sa-dcnm-auth-bypass-MYeFpFcF) CVE-2020-3522 01 Sep 2020 6.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.4 RCE (6258333) CVE-2020-4589 27 Aug 2020 9.8 (v3) Critical Pass VMware Security Updates for vCenter Server (VMSA-2015-0001) (POODLE) CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 03 Feb 2015 4.3 (v2) Medium Pass Apple TV < 11 Multiple Vulnerabilities CVE-2017-7080 CVE-2017-7081 CVE-2017-7083 CVE-2017-7086 CVE-2017-7087 CVE-2017-7090 CVE-2017-7091 CVE-2017-7092 CVE-2017-7093 CVE-2017-7094 CVE-2017-7095 CVE-2017-7096 CVE-2017-7098 CVE-2017-7099 CVE-2017-7100 CVE-2017-7 22 Sep 2017 9.8 (v3) Critical Pass IBM BigFix Platform 9.5.x < 9.5.12 Multiple Vulnerabilities CVE-2012-5883 CVE-2012-6708 CVE-2015-9251 CVE-2018-5407 CVE-2019-4013 03 May 2019 9.9 (v3) Critical Pass Apache Tomcat 8.5.x < 8.5.58 / 9.0.x < 9.0.38 HTTP/2 Request Mix-Up CVE-2020-13943 14 Oct 2020 4.3 (v3) Medium Pass Apple iTunes for Windows < 12.9.5 Multiple Vulnerabilities (uncredentialed check) CVE-2019-6237 CVE-2019-8571 CVE-2019-8577 CVE-2019-8583 CVE-2019-8584 CVE-2019-8586 CVE-2019-8587 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8598 CVE-2019-8600 CVE-2019-8601 CVE-2019-8602 CVE-2019-8 04 Jul 2019 9.8 (v3) Critical Pass Cisco Data Center Network Manager Path Traversal (cisco-sa-dcnm-patrav-pW9RkhyW) CVE-2020-3519 01 Sep 2020 8.1 (v3) High Pass ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check) CVE-2017-4903 CVE-2017-4904 CVE-2017-4905 31 Mar 2017 8.8 (v3) High Pass SSL/TLS EXPORT_DHE <= 512-bit Export Cipher Suites Supported (Logjam) CVE-2015-4000 21 May 2015 3.7 (v3) Low Pass Cisco Prime Infrastructure Cross-Site Scripting (cisco-sa-20191002-pi-xss-12713) CVE-2019-12713 02 Sep 2020 6.1 (v3) Medium Pass Marvell QConvergeConsole (QCC) FlashValidatorServiceImpl decryptFile Path Traversal RCE CVE-2020-15639 02 Sep 2020 9.8 (v3) Critical Pass ManageEngine Applications Manager DowntimeSchedulerServlet 'TASKID' Blind SQLi 17 Jun 2015 10 (v2) Critical Pass ManageEngine Applications Manager IT360UtilitiesServlet SQLi 17 Jun 2015 10 (v2) Critical Pass Apple iTunes < 10.7 Multiple Vulnerabilities (uncredentialed check) CVE-2011-3016 CVE-2011-3021 CVE-2011-3027 CVE-2011-3032 CVE-2011-3034 CVE-2011-3035 CVE-2011-3036 CVE-2011-3037 CVE-2011-3038 CVE-2011-3039 CVE-2011-3040 CVE-2011-3041 CVE-2011-3042 CVE-2011-3043 CVE-2011-3044 CVE-2011-3 13 Sep 2012 10 (v2) Critical Pass MS16-047: Security Update for SAM and LSAD Remote Protocols (3148527) (Badlock) (uncredentialed check) CVE-2016-0128 13 Apr 2016 6.8 (v3) Medium Pass ESXi 5.5 / 6.0 / 6.5 / Hypervisor-Assisted Guest Remediation for Speculative Execution (VMSA-2018-0004) (Spectre) (remote check) CVE-2017-5715 12 Jan 2018 5.6 (v3) Medium Pass VMware vCenter Server 5.0.x < 5.0u3g / 5.1.x < 5.1u3d / 5.5.x < 5.5u2d Re fl ected XSS (VMSA-2016-0009) CVE-2015-6931 20 Jun 2016 6.1 (v3) Medium Pass HP Onboard Administrator Multiple Vulnerabilities CVE-2012-0128 CVE-2012-0129 CVE-2012-0130 26 Sep 2013 7.6 (v2) High Pass Puppet Unauthenticated Remote Code Execution CVE-2013-3567 28 Oct 2013 7.5 (v2) High Pass WarFTPd dir Command Traversal Arbitrary Directory Listing CVE-2001-0295 22 Jan 2003 5 (v2) Medium Pass Juniper Junos EmbedThis AppWeb error Parameter XSS 15 Nov 2013 4.3 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1d Multiple Vulnerabilities CVE-2012-2686 CVE-2013-0166 CVE-2013-0169 09 Feb 2013 2.6 (v2) Low Pass vBulletin upgrade.php Accessible 05 Nov 2013 7.5 (v2) High Pass Cisco Prime Infrastructure Cross-Site Scripting (cisco-sa-20191002-pi-xss-12712) CVE-2019-12712 02 Sep 2020 6.1 (v3) Medium Pass SolarWinds Virtualization Manager Java Object Deserialization RCE CVE-2016-3642 13 Jul 2016 9.8 (v3) Critical Pass Oracle GlassFish Server 3.0.1.x < 3.0.1.14 Multiple Vulnerabilities (July 2016 CPU) CVE-2015-3237 CVE-2016-3607 CVE-2016-3608 CVE-2016-5477 20 Jul 2016 9.8 (v3) Critical Pass Pages Pro fi lenote Parameter Traversal Arbitrary File Modi fi cation 06 Feb 2003 9.7 (v2) High Pass Synology DiskStation Manager < 4.3-3776 Update 2 Multiple Vulnerabilities 05 Feb 2014 7.1 (v2) High Pass Novell ZENworks Con fi guration Management < 11.2.3a Monthly Update 1 Multiple Vulnerabilities (credentialed check) CVE-2013-1093 CVE-2013-1094 CVE-2013-1095 CVE-2013-1097 18 Jun 2013 5.8 (v2) Medium Pass Apple TV < 10 Multiple Vulnerabilities CVE-2016-4611 CVE-2016-4658 CVE-2016-4702 CVE-2016-4708 CVE-2016-4712 CVE-2016-4718 CVE-2016-4725 CVE-2016-4726 CVE-2016-4728 CVE-2016-4730 CVE-2016-4733 CVE-2016-4734 CVE-2016-4735 CVE-2016-4737 CVE-2016-4738 CVE-2016-4 28 Sep 2016 9.8 (v3) Critical Pass HP Network Automation RMI Registry Java Object Deserialization RCE CVE-2016-4385 04 Oct 2016 7.3 (v3) High 23

Pass Apple TV < 10.0.1 Multiple Vulnerabilities CVE-2016-4613 CVE-2016-4660 CVE-2016-4664 CVE-2016-4665 CVE-2016-4666 CVE-2016-4669 CVE-2016-4673 CVE-2016-4675 CVE-2016-4677 CVE-2016-4679 CVE-2016-4680 CVE-2016-4688 CVE-2016-7578 CVE-2016-7579 CVE-2016-7584 CVE-2016-7 27 Oct 2016 7.8 (v3) High Pass MySQL User-De fi ned Functions Multiple Vulnerabilities CVE-2005-2572 18 Nov 2011 8.5 (v2) High Pass MS12-017: Vulnerability in DNS Server Could Allow Denial of Service (2647170) (uncredentialed check) CVE-2012-0006 05 Mar 2014 5 (v2) Medium Pass HP Integrated Lights-Out (iLO) Default Credentials 07 Mar 2014 10 (v2) Critical Pass NAT-PMP Detection (remote network) 20 Mar 2014 7.3 (v3) High Pass Cisco Prime Infrastructure Virtual Domain Privilege Escalation (cisco-sa-20190619-prime-privescal) CVE-2019-1906 04 Sep 2020 6.5 (v3) Medium Pass EMC Cloud Tiering Appliance XML External Entity (XXE) Arbitrary File Disclosure CVE-2014-0644 07 Apr 2014 7.8 (v2) High Pass Cisco TelePresence TC Software Parameter Authentication Bypass (CSCuv00604) CVE-2015-4271 10 Sep 2015 6.4 (v2) Medium Pass Cisco ONS 15454 Controller Card DoS (CSCug97348) CVE-2014-2140 10 Apr 2014 5 (v2) Medium Pass VMware vCenter Multiple Vulnerabilities (VMSA-2015-0007) CVE-2015-1047 CVE-2015-2342 02 Oct 2015 10 (v2) Critical Pass IceWarp webmail/basic/index.html _c Parameter Directory Traversal 09 Dec 2010 5 (v2) Medium Pass Oracle Identity Analytics / Sun Role Manager Unspeci fi ed Remote Vulnerability (April 2014 CPU) CVE-2014-2411 28 Apr 2014 6.5 (v2) Medium Pass Cisco NX-OS Software Border Gateway Protocol Multicast VPN DoS (cisco-sa-nxosbgp-nlri-dos-458rG2OQ) CVE-2020-3397 02 Sep 2020 8.6 (v3) High Pass VMware vCenter Server Arbitrary File Upload (VMSA-2021-0020) CVE-2021-22005 06 Oct 2021 9.8 (v3) Critical Pass Atlassian Jira Unauthenticated User Enumeration (CVE-2020-36289) CVE-2020-36289 13 Oct 2021 5.3 (v3) Medium Pass Zope Malformed XML RPC Request Path Disclosure 17 Feb 2003 5 (v2) Medium Pass Caldera '/costview3/xmlrpc_server/xmlrpc.php' XMLRPC Request Remote Command Execution CVE-2014-2935 05 Jun 2014 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < 6.1.0.35 Multiple Vulnerabilities CVE-2010-0783 CVE-2010-0785 CVE-2011-0315 CVE-2011-0316 CVE-2011-1310 CVE-2011-1313 CVE-2011-1319 CVE-2011-1320 13 Jan 2011 4.3 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1s Multiple Vulnerabilities (DROWN) CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 02 Mar 2016 9.8 (v3) Critical Pass VMware ESX / ESXi VMCI Privilege Escalation (VMSA-2013-0002) (remote check) CVE-2013-1406 04 Mar 2016 7.2 (v2) High Pass Trend Micro ServerProtect Authentication Bypass Vulnerability (CVE-2021-36745) CVE-2021-36745 22 Oct 2021 9.8 (v3) Critical Pass Juniper Junos Privilege Escalation Vulnerability (JSA10977) CVE-2019-0070 09 Sep 2020 8.8 (v3) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 17 Multiple Vulnerabilities CVE-2011-1209 CVE-2011-1683 17 Jun 2011 6.8 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.39 Multiple Vulnerabilities CVE-2011-1209 CVE-2011-1355 CVE-2011-1356 22 Jul 2011 5.8 (v2) Medium Pass Halon Security Router < 3.2r2 Multiple Vulnerabilities 11 Aug 2014 4.3 (v2) Medium Pass Computer Associates ARCserve D2D homepageServlet Servlet Information Disclosure CVE-2011-3011 28 Jul 2011 10 (v2) Critical Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.5 Multiple Vulnerabilities 07 Jul 2016 10 (v2) Critical Pass OpenSSL < 0.9.8p / 1.0.0e Double Free Vulnerability CVE-2010-2939 04 Jan 2012 4.3 (v2) Medium Pass OpenSSL < 0.9.8s Multiple Vulnerabilities CVE-2011-1945 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 09 Jan 2012 9.3 (v2) High Pass ESXi 5.1 < Build 1743201 Multiple Vulnerabilities (remote check) CVE-2013-5211 CVE-2014-8370 CVE-2015-1044 29 Jan 2015 6.4 (v2) Medium Pass OpenSSL < 0.9.8k Multiple Vulnerabilities CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-5146 04 Jan 2012 5 (v2) Medium Pass Cisco Content Security Management Appliance (SMA) Information Disclosure (cisco-sa-sma-wsa-esa-info-dis-vsvPzOHP) CVE-2020-3547 08 Sep 2020 6.5 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.14 / 9.0.x <= 9.0.0.9 XSS (729547) CVE-2018-1767 10 Sep 2020 6.1 (v3) Medium Pass RealNetworks Helix Server 14.x < 14.3.x Multiple Vulnerabilities CVE-2012-0942 CVE-2012-1923 CVE-2012-1984 CVE-2012-1985 CVE-2012-2267 CVE-2012-2268 12 Apr 2012 10 (v2) Critical Pass Oracle Enterprise Data Quality Multiple Vulnerabilities (October 2014 CPU) CVE-2014-0114 CVE-2014-0119 30 Oct 2014 7.5 (v2) High Pass HP SiteScope SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE) CVE-2014-3566 04 Dec 2014 4.3 (v2) Medium Pass Oracle GlassFish Server Multiple Vulnerabilities (April 2015 CPU) (POODLE) CVE-2013-4545 CVE-2014-1568 CVE-2014-3566 20 Apr 2015 7.5 (v2) High Pass DUPortal/DUPortal Pro Multiple Scripts SQL Injection (1) CVE-2005-1224 CVE-2005-1236 22 Apr 2005 7.5 (v2) High Pass WaveMaker < 6.4.6 Security Bypass 19 Jul 2012 7.5 (v2) High Pass EMail Security Virtual Appliance learn-msg.cgi Remote Code Execution 06 Sep 2012 7.5 (v2) High Pass OpenSSL 1.0.0 < 1.0.0s Multiple Vulnerabilities CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 12 Jun 2015 6.8 (v2) Medium Pass Apache mod_ssl ssl_hook_Access Error Handling DoS CVE-2005-3357 10 Jan 2006 5.9 (v3) Medium Pass SAP Host Control SOAP Web Service 'Database/Name' Command Execution (SAP Note 1341333) 25 Sep 2012 10 (v2) Critical Pass Apple iTunes < 10.5.1 Update Authenticity Veri fi cation Weakness (uncredentialed check) CVE-2008-3434 18 Nov 2011 6.8 (v2) Medium Pass WANem index-advanced.php XSS 29 Oct 2012 4.3 (v2) Medium Pass ManageEngine OpStor availability730.do days Parameter XSS 01 Nov 2012 4.3 (v2) Medium Pass Novell eDirectory 8.8.x Multiple Security Vulnerabilities CVE-2012-0428 CVE-2012-0429 CVE-2012-0430 CVE-2012-0432 27 Dec 2012 10 (v2) Critical Pass Trend Micro O ffi ceScan 7.3 Multiple Vulnerabilities CVE-2006-5157 CVE-2006-5211 CVE-2006-5212 CVE-2006-6178 CVE-2006-6179 14 Jul 2006 7.5 (v2) High Pass WordPress Poll Plugin 'poll_id' Parameter SQL Injection CVE-2013-1400 26 Feb 2013 7.5 (v2) High Pass Apache 2.4.x < 2.4.16 Multiple Vulnerabilities CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 23 Jul 2015 5.3 (v3) Medium Pass Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check) CVE-2011-3102 CVE-2012-0841 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-5134 CVE-2013-1024 CVE-2013-1037 CVE-2013-1038 CVE-2013-1039 CVE-2013-1040 CVE-2013-1041 CVE-2013-1042 CVE-2013-1043 CVE-2013-1 24 Oct 2013 7.5 (v2) High Pass airVision NVR path Parameter Traversal Arbitrary File Access 04 Mar 2013 5 (v2) Medium Pass Novell ZENworks Con fi guration Management < 11.2.4 Multiple Vulnerabilities CVE-2013-1084 CVE-2013-6344 CVE-2013-6345 CVE-2013-6346 CVE-2013-6347 01 Nov 2013 10 (v2) Critical Pass ESXi 5.0 < Build 702118 Multiple Vulnerabilities (remote check) CVE-2012-2448 CVE-2012-2449 CVE-2012-2450 13 Nov 2013 9 (v2) High Pass W3 Total Cache Plugin for WordPress Multiple Insecure PHP Code Inclusion Macros Remote Code Execution CVE-2013-2010 03 May 2013 8.8 (v3) High Pass Monitorix Built-in HTTP Server Remote Command Execution CVE-2013-7070 04 Dec 2013 10 (v2) Critical Pass Cerb Multiple Vulnerabilities 03 Apr 2013 4.3 (v2) Medium Pass HP Intelligent Management Center BIMS Module Information Disclosure CVE-2013-4823 09 Jan 2014 5 (v2) Medium Pass SSL Null Cipher Suites Supported 10 Jun 2013 5.3 (v3) Medium Pass CommuniGate Pro WebMail < 5.2.15 XSS 29 Jul 2009 4.3 (v2) Medium Pass Landing Pages Plugin for WordPress 'wp-admin/edit.php' 'post' Parameter SQL Injection CVE-2013-6243 27 Jan 2014 7.5 (v2) High Pass IceWarp /rpc/gw.html XML External Entity Arbitrary File Disclosure 19 Jul 2013 5 (v2) Medium Pass Cisco Prime Network / Wireless Control System Health Monitor Re fl ected XSS CVE-2012-5990 25 Jul 2013 4.3 (v2) Medium Pass HP SiteScope Multiple Unspeci fi ed Remote Code Execution Vulnerabilities CVE-2013-2367 CVE-2013-4835 CVE-2013-6207 02 Aug 2013 10 (v2) Critical Pass WP Online Store Plugin for WordPress Multiple Parameter File Disclosure 30 Aug 2013 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.3 Command Injection CVE-2020-2037 11 Sep 2020 7.2 (v3) High Pass Artica < 1.4.101900 mailattach Parameter Directory Traversal 25 Oct 2010 7.8 (v2) High Pass Multiple Vulnerabilities in Cisco Security Agent (cisco-sa-20100217-csa) CVE-2010-0146 CVE-2010-0147 CVE-2010-0148 18 Sep 2013 6.8 (v2) Medium Pass FileZilla Server < 0.9.44 OpenSSL Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 21 Apr 2014 7.5 (v3) High Pass Palo Alto Networks PAN-OS 10.0.x < 10.0.1 Bu ff er Over fl ow CVE-2020-2042 11 Sep 2020 7.2 (v3) High Pass Serv-U < 10.3.0.1 SFTP Authentication Bypass 19 Nov 2010 6.8 (v2) Medium Pass Atmail Webmail 4.x < 4.6.1 (4.61) 'Global.pm' XSS CVE-2006-6702 18 Apr 2014 6.8 (v2) Medium Pass jRSS Widget Plugin for WordPress proxy.php 'url' Parameter Arbitrary File Access 12 Nov 2010 5 (v2) Medium Pass CGI Generic Command Execution (time-based, intrusive) 14 Jan 2011 7.5 (v2) High Pass Cisco Small Business Series Switch Detection 12 Nov 2021 None Pass Altiris Deployment Solution Server < 6.9.430 Multiple Vulnerabilities (SYM09-011) CVE-2009-3107 CVE-2009-3108 CVE-2009-3109 CVE-2009-3110 08 Jan 2010 7.9 (v2) High Pass Crystal Reports Server InfoView logonAction Parameter XSS 28 Jan 2011 4.3 (v2) Medium Pass F-Secure Internet Gatekeeper for Linux Log Disclosure (FSC-2011-1) CVE-2011-0453 18 Feb 2011 5 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1h Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2015-0292 06 Jun 2014 7.5 (v2) High Pass Check Point Endpoint Security Server Information Disclosure 17 Feb 2011 5.3 (v3) Medium Pass IBM Lotus Sametime Server stconf.nsf messageString Parameter XSS CVE-2011-1038 14 Mar 2011 5.8 (v2) Medium Pass TaskFreak! loadByKey() SQL Injection CVE-2010-1583 04 May 2010 7.5 (v2) High Pass IBM Lotus Domino iCalendar Email Address ORGANIZER:mailto Header Remote Over fl ow CVE-2010-3407 22 Apr 2011 9.3 (v2) High Pass Courier Mail Server < 0.50.1 DNS SPF Record Lookup Failure Memory Corruption DoS CVE-2005-2151 06 Jul 2005 2.6 (v2) Low Pass NNTP Service STARTTLS Plaintext Command Injection CVE-2012-3523 09 May 2011 4 (v2) Medium Pass ManageEngine SupportCenter Plus Default Administrator Credentials 28 Jun 2011 7.5 (v2) High Pass ACAP Service STARTTLS Plaintext Command Injection 27 May 2011 4 (v2) Medium Pass Adobe RoboHelp FlashHelp Unspeci fi ed XSS (APSB11-09) (uncredentialed check) CVE-2011-0613 20 May 2011 5.8 (v2) Medium Pass Apple iTunes < 10.5 Multiple Vulnerabilities (uncredentialed check) CVE-2010-1823 CVE-2011-0164 CVE-2011-0200 CVE-2011-0204 CVE-2011-0215 CVE-2011-0218 CVE-2011-0221 CVE-2011-0222 CVE-2011-0223 CVE-2011-0225 CVE-2011-0232 CVE-2011-0233 CVE-2011-0234 CVE-2011-0235 CVE-2011-0237 CVE-2011-0 12 Oct 2011 9.3 (v2) High Pass HP Intelligent Management Center Branch Intelligent Management Module 7.x < 7.0-E0201P02 Multiple Vulnerabilities CVE-2014-2618 CVE-2014-2619 CVE-2014-2620 CVE-2014-2621 CVE-2014-2622 21 Jul 2014 8.5 (v2) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 1 Multiple Vulnerabilities CVE-2011-1355 CVE-2011-1356 CVE-2011-1359 CVE-2011-1368 CVE-2011-1411 CVE-2011-3192 30 Sep 2011 7.8 (v2) High Pass NNTP Service Cleartext Login Permitted 19 Dec 2011 2.6 (v2) Low Pass Ipswitch WS_FTP Server Manager /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass CVE-2008-5692 08 Feb 2008 5 (v2) Medium Pass Puppet Enterprise 3.3.0 Bundled Oracle Java Vulnerabilities CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4247 CVE-2014-4252 CVE-2014-4262 CVE-2014-4 20 Aug 2014 10 (v2) Critical Pass BasiliX Webmail Content-Type Header XSS 09 Aug 2004 4.3 (v2) Medium Pass Oracle GlassFish Server 3.0.1 / 3.1.1 < 3.0.1.5 / 3.1.1.3 Administration Component Unspeci fi ed Vulnerability CVE-2012-0104 02 Feb 2012 5 (v2) Medium Pass HP Data Protector Media Operations DBServer opcode 0x10 Traversal Arbitrary File Access 19 Mar 2012 5 (v2) Medium Pass Symantec Endpoint Protection Manager TestConnection.jsp 'Msg' Parameter XSS (SYM11-009 & SYM12-001) CVE-2011-0550 01 Feb 2012 4.3 (v2) Medium Pass MySQL Enterprise Monitor < 2.1.2 Multiple XSRF Vulnerabilities 07 Jun 2010 6.8 (v2) Medium Pass HP OpenView Network Node Manager Multiple Code Execution Vulnerabilities (HPSBMU02712 SSRT100649) CVE-2011-3165 CVE-2011-3166 CVE-2011-3167 28 Mar 2012 10 (v2) Critical Pass Oracle Primavera P6 Enterprise Project Portfolio Management Multiple Vulnerabilities (Jul 2020 CPU) CVE-2017-12610 CVE-2018-1288 CVE-2018-17196 CVE-2020-10683 CVE-2020-14653 CVE-2020-14706 15 Jul 2020 9.8 (v3) Critical Pass Lenovo ThinkManagement Console RunAMTCommand Operation -PutUpdateFileCore Command Parsing Arbitrary File Upload CVE-2012-1195 10 Apr 2012 10 (v2) Critical Pass TIBCO Spot fi re Analytics Server Web Application Multiple Vulnerabilities CVE-2011-3132 CVE-2011-3133 CVE-2011-3134 13 Oct 2014 7.5 (v2) High Pass OpenSSL 1.0.0 < 1.0.0i ASN.1 asn1_d2i_read_bio Memory Corruption CVE-2012-2110 19 Apr 2012 7.5 (v2) High Pass OpenSSL 0.9.8 < 0.9.8x DTLS CBC Denial of Service CVE-2012-2333 11 May 2012 5 (v2) Medium Pass HP OpenView Network Node Manager Multiple Services Remote Over fl ow CVE-2005-1056 15 Sep 2005 10 (v2) Critical Pass Sharebar Plugin for WordPress 'sharebar-admin.php' 'status' Parameter XSS 30 May 2012 4.3 (v2) Medium Pass DNSSEC NSEC Records 12 Jul 2012 5 (v2) Medium Pass Oracle iPlanet Web Server 7.0.x < 7.0.15 Multiple Vulnerabilities CVE-2012-0516 CVE-2012-1738 27 Jun 2012 6.8 (v2) Medium Pass OpenSSH < 4.5 Multiple Vulnerabilities CVE-2006-4925 CVE-2006-5794 CVE-2007-0726 04 Oct 2011 7.5 (v2) High Pass Ipswitch WS_FTP Server < 6.1.1 Multiple Vulnerabilities (uncredentialed check) CVE-2008-0590 CVE-2008-0608 CVE-2008-5692 CVE-2008-5693 24 Aug 2009 9 (v2) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20-h1 / 9.0.x < 9.0.14-h3 / 9.1.x < 9.1.11-h2 / 10.0.x < 10.0.8 / 10.1.x < 10.1.3 Vulnerability CVE-2021-3061 18 Nov 2021 7.2 (v3) High 24

Pass Samsung / Dell Printer SNMP Backdoor CVE-2012-4964 03 Dec 2012 7.5 (v2) High Pass NetIQ Privileged User Manager ldapagnt_eval() Function Remote Code Execution (version check) CVE-2012-5932 07 Dec 2012 10 (v2) Critical Pass Trapeze Service Shell - Admin Service Accessible 22 Oct 2009 7.5 (v2) High Pass OpenSSL < 0.9.8y Multiple Vulnerabilities CVE-2013-0166 CVE-2013-0169 09 Feb 2013 2.6 (v2) Low Pass OpenX install.php / install-plugin.php Admin Authentication Bypass CVE-2009-4830 12 Jan 2010 7.5 (v2) High Pass Prizm Content Connect default.aspx document Parameter Remote File Inclusion CVE-2012-5190 19 Feb 2013 7.5 (v2) High Pass ManageEngine Log360 < Build 5235 Database Con fi guration Overwrite RCE CVE-2021-20136 19 Nov 2021 9.8 (v3) Critical Pass SilverNews < 2.0.4 Multiple Vulnerabilities CVE-2005-2478 08 Aug 2005 7.5 (v2) High Pass Cisco TelePresence CVE-2013-3378 Software Malformed SIP Packet Handling Remote DoS CVE-2013-3378 24 Jul 2013 7.8 (v2) High Pass OpenSSH With OpenPAM DoS CVE-2006-0883 04 Oct 2011 5 (v2) Medium Pass OCS Inventory NG Server Administration Console header.php login Parameter SQL Injection 04 Feb 2010 7.5 (v2) High Pass McAfee ePolicy Orchestrator < 4.6.7 Multiple XSS CVE-2013-4883 17 Jul 2013 4.3 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.13 Multiple Vulnerabilities CVE-2007-5798 CVE-2007-5799 CVE-2007-6679 05 Apr 2010 10 (v2) Critical Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5 Multiple Vulnerabilities CVE-2013-0169 CVE-2013-0482 CVE-2013-0597 CVE-2013-1768 CVE-2013-2967 CVE-2013-2975 CVE-2013-2976 CVE-2013-3024 23 Jul 2013 7.5 (v2) High Pass CGI Generic XML Injection 30 Apr 2010 6.8 (v2) Medium Pass TaskFreak! Default Credentials 03 May 2010 7.5 (v2) High Pass toendaCMS < 0.6.2.1 Multiple Vulnerabilities CVE-2005-3550 CVE-2005-3551 CVE-2005-4422 08 Nov 2005 6.5 (v2) Medium Pass Dell OpenManage Server Administrator 'HelpViewer' Redirect 26 May 2010 4.7 (v3) Medium Pass Novell Teaming Default Credentials 20 Jul 2010 7.5 (v2) High Pass Yahoo Messenger Detection 14 Jan 2004 None Pass Citrix NetScaler Authentication Bypass Vulnerability (CTX227928) CVE-2017-14602 26 Sep 2017 7.2 (v3) High Pass D-Link DCC Protocol Security Bypass 06 Jul 2010 8.3 (v2) High Pass HP Systems Insight Manager log fi le Parameter Arbitrary File Download CVE-2010-3286 26 Oct 2010 7.8 (v2) High Pass Unprotected QNX qconn Service 17 Aug 2010 10 (v2) Critical Pass CGI Generic On Site Request Forgery (OSRF) 26 Jul 2010 4.3 (v2) Medium Pass Quote of the Day (QOTD) Service Detection CVE-1999-0103 30 Nov 1999 6.5 (v3) Medium Pass Adobe ColdFusion login.cfm Query String XSS (APSB11-04) CVE-2011-0580 11 Feb 2011 4.3 (v2) Medium Pass Nagios XI < 2009R1.3B Multiple Unspeci fi ed XSS 06 Oct 2010 4.3 (v2) Medium Pass OpenSSH < 2.1.1 UseLogin Local Privilege Escalation CVE-2000-0525 10 Jun 2000 7.2 (v2) High Pass Default Password (changeme) for SHOUTcast Server Service Port 18 Feb 2008 7.5 (v2) High Pass OpenSSH 2.5.x - 2.9 Multiple Vulnerabilities CVE-2001-0816 CVE-2001-1380 28 Sep 2001 7.5 (v2) High Pass MikroTik RouterOS with Blank Password (telnet check) CVE-1999-0508 11 Feb 2008 10 (v2) Critical Pass Mura CMS link Parameter XSS 30 Sep 2010 4.3 (v2) Medium Pass Novell eDirectory eMBox Utility Unauthorized Access (uncredentialed check) CVE-2008-0926 11 Apr 2008 8.8 (v2) High Pass Asterisk IAX2 Multiple Method Handshake Spoo fi ng DoS CVE-2008-1897 CVE-2008-1923 06 May 2008 5 (v2) Medium Pass IBM WebSphere Application Server < 6.1.0.29 Multiple Vulnerabilities CVE-2009-2746 CVE-2009-2747 CVE-2009-2748 31 Oct 2011 6.8 (v2) Medium Pass Resin view fi le Servlet fi le Parameter XSS CVE-2008-2462 30 Jun 2008 4.3 (v2) Medium Pass op5 Monitor Persistent Session Cookie CVE-2012-0264 17 Jan 2012 5 (v2) Medium Pass Dropbear SSH Server Channel Concurrency Use-after-free Remote Code Execution CVE-2012-0920 01 Mar 2012 7.1 (v2) High Pass Novell eDirectory < 8.7.3 SP10 FTF1 Multiple Vulnerabilities CVE-2008-4478 CVE-2008-4479 CVE-2008-4480 07 Oct 2008 10 (v2) Critical Pass Simple PHP Blog con fi g/users.php Arbitrary User Password Hash Disclosure 08 Sep 2008 5 (v2) Medium Pass Web Server Uses Basic Authentication Without HTTPS 21 Nov 2008 2.6 (v2) Low Pass IBM Tivoli Storage Manager Client Multiple Vulnerabilities (swg21268775) CVE-2007-4880 CVE-2007-5022 25 Sep 2007 10 (v2) Critical Pass OpenSSL < 0.9.8u Multiple Vulnerabilities CVE-2006-7250 CVE-2011-4619 CVE-2012-0884 CVE-2012-1165 02 Apr 2012 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 21 Multiple Vulnerabilities CVE-2011-1376 CVE-2011-1377 CVE-2011-4889 04 Apr 2012 4.6 (v2) Medium Pass Apache Log4j Message Lookup Substitution RCE (Log4Shell) (Direct Check) CVE-2021-44228 10 Dec 2021 10 (v3) Critical Pass Oracle GlassFish Server 3.1.1 < 3.1.1.3 Multiple Vulnerabilities (April 2012 CPU) CVE-2012-0550 CVE-2012-0551 24 Apr 2012 9.3 (v2) High Pass Novell GroupWise MTA Web Console Accessible 21 Feb 2009 7.5 (v2) High Pass SIP Script Remote Command Execution via log4shell CVE-2021-44228 12 Dec 2021 10 (v3) Critical Pass VMware vCenter Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028) CVE-2021-44228 13 Dec 2021 10 (v3) Critical Pass SLMail HELO Command Remote Over fl ow CVE-1999-0284 22 Jun 1999 7.5 (v2) High Pass EMC RepliStor < 6.2 SP5/6.3 SP2 Multiple Heap Over fl ows CVE-2009-1119 29 Apr 2009 10 (v2) Critical Pass Apache Log4Shell RCE detection via Raw Socket Logging (Direct Check) CVE-2021-44228 14 Dec 2021 10 (v3) Critical Pass MS09-053: Microsoft IIS FTPd NLST Command Remote Bu ff er Over fl ow (975191) (uncredentialed check) CVE-2009-3023 13 Oct 2009 10 (v2) Critical Pass MS09-050: Microsoft Windows SMB2 _Smb2ValidateProviderCallback() Vulnerability (975497) (EDUCATEDSCHOLAR) (uncredentialed check) CVE-2009-2532 CVE-2009-3103 08 Sep 2009 9.8 (v3) Critical Pass VICIDIAL Call Center Suite Default Administrative Credentials 26 May 2009 7.5 (v2) High Pass CGI Generic Header Injection 19 Jun 2009 4.3 (v2) Medium Pass CGI Generic Command Execution 19 Jun 2009 7.5 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check FTP) CVE-2021-44228 16 Dec 2021 10 (v3) Critical Pass Apache Log4Shell RCE detection via callback correlation (Direct Check SMTP) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass Apache Log4Shell RCE detection via callback correlation (Direct Check Telnet) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass IBM WebSphere Application Server 7.0 < Fix Pack 7 CVE-2009-2746 CVE-2009-2747 CVE-2009-2748 CVE-2009-3106 13 Nov 2009 5.8 (v2) Medium Pass NTP ntpd Mode 7 Error Response Packet Loop Remote DoS CVE-2009-3563 14 Dec 2009 6.4 (v2) Medium Pass Kuang2 the Virus Detection 17 Feb 2000 10 (v2) Critical Pass NTMail3 Arbitrary Mail Relay 22 Jun 1999 7.5 (v3) High Pass OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking CVE-2008-3259 04 Oct 2011 1.2 (v2) Low Pass Sendmail Redirection Relaying Allowed 25 Aug 1999 5.3 (v3) Medium Pass IRIX webdist.cgi Arbitrary Command Execution CVE-1999-0039 22 Jun 1999 7.5 (v2) High Pass Gauntlet CyberPatrol Content Monitoring System Over fl ow CVE-2000-0437 25 May 2000 10 (v2) Critical Pass AnalogX SimpleServer:WWW /cgi-bin/ Long GET Request DoS CVE-2000-0473 22 Jun 2000 7.5 (v2) High Pass IBM WebSphere Application Server 6.1 < 6.1.0.9 Cross-session Information Disclosure CVE-2007-3397 05 Apr 2010 5 (v2) Medium Pass Virtual Visions FTP ftp.pl dir Parameter Traversal Arbitrary File Access CVE-2000-0674 15 Jul 2000 5 (v2) Medium Pass Apache Log4Shell CVE-2021-45046 Bypass Remote Code Execution CVE-2021-45046 17 Dec 2021 9 (v3) Critical Pass Web Server HTTP Dangerous Method Detection 30 Aug 2000 7.3 (v3) High Pass Matt Kruse calendar_admin.pl Shell Metacharacter Arbitrary Command Execution CVE-2000-0432 10 Sep 2000 7.5 (v2) High Pass ProFTPD STAT Command Remote DoS 16 Mar 2001 7.1 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check DNS) CVE-2021-44228 23 Dec 2021 10 (v3) Critical Pass Cold Fusion Administration Page Over fl ow DoS CVE-2000-0538 19 Dec 2000 5 (v2) Medium Pass wwwwais QUERY_STRING Parameter Remote Over fl ow CVE-2001-0223 19 Jan 2001 7.5 (v2) High Pass Way-board way-board.cgi db Parameter Arbitrary File Access CVE-2001-0214 13 Feb 2001 5 (v2) Medium Pass zml.cgi Directory Traversal CVE-2001-1209 17 Jan 2002 5 (v2) Medium Pass ISC BIND < 8.3.4 Multiple Remote Vulnerabilities CVE-2002-1219 CVE-2002-1220 CVE-2002-1221 08 Mar 2002 9.3 (v2) High Pass OpenSSH Kerberos TGT/AFS Token Passing Remote Over fl ow CVE-2002-0575 12 May 2002 7.5 (v2) High Pass Advanced Guestbook index.php entry Parameter SQL Injection CVE-2005-1548 10 May 2005 7.5 (v2) High Pass Apache JServ Nonexistent JSP Request XSS 22 May 2002 4.3 (v2) Medium Pass Apache Log4Shell RCE detection via callback correlation (Direct Check NTP) CVE-2021-44228 23 Dec 2021 10 (v3) Critical Pass Novell NetWare ncp Service NDS Object Enumeration 04 Jun 2002 5.3 (v3) Medium Pass Compaq Web-enabled Management Software HTTP Server Arbitrary Tra ffi c Proxy CVE-2001-0374 22 May 2002 7.5 (v2) High Pass Multiple Vendor Embedded FTP Service Any Username Authentication Bypass 05 Jun 2002 5 (v2) Medium Pass Cisco Devices Multiple SSH Information Disclosure Vulnerabilities CVE-2001-0361 CVE-2001-0572 05 Jun 2002 7.5 (v2) High Pass Shiva LanRover Blank Password CVE-1999-0508 05 Jun 2002 10 (v2) Critical Pass Titan FTP Server quote stat Command Traversal Arbitrary Directory Listing 03 Sep 2004 5 (v2) Medium Pass JRun Web Server (JWS) GET Request Traversal Arbitrary File Access CVE-2001-1544 05 Jun 2002 5 (v2) Medium Pass AlienForm2 alienform.cgi Traversal Arbitrary File Manipulation CVE-2002-0934 11 Jun 2002 6.4 (v2) Medium Pass Jigsaw Webserver MS/DOS Device Request Remote DoS CVE-2002-1052 17 Jul 2002 5 (v2) Medium Pass SMC 2652W AP Malformed HTTP Request Remote DoS 13 Oct 2002 5 (v2) Medium Pass NEC SOCKS4 Module Username Handling Remote Over fl ow CVE-2002-2368 25 Nov 2002 10 (v2) Critical Pass News Server (NNTP) Information Disclosure 28 Jun 2002 None Pass QMTP/QMQP Server Detection 22 Sep 2002 None Pass phpAdsNew helperfunction.php Remote File Inclusion CVE-2001-1054 22 Aug 2002 8.3 (v3) High Pass DB4Web Server Debug Mode TCP Port Scanning Proxy CVE-2002-1484 02 Dec 2002 5 (v2) Medium Pass Nortel Baystack Default Password 07 Mar 2003 7.8 (v2) High Pass Inframail FTP Server NLST Command Remote Over fl ow CVE-2005-2085 29 Jun 2005 9 (v2) High Pass ISMail Multiple Command Domain Name Handling Remote Over fl ow CVE-2003-1382 27 Feb 2003 7.5 (v2) High Pass CVS Malformed Directory Request Double-free Privilege Escalation CVE-2003-0015 14 Mar 2003 9 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check UPnP) CVE-2021-44228 29 Dec 2021 10 (v3) Critical Pass Webmin ' miniserv.pl ' Base-64 String Metacharacter Handling Session Spoo fi ng CVE-2003-0101 28 Feb 2003 10 (v2) Critical Pass 3com RAS 1500 Con fi guration Disclosure 26 Mar 2003 5 (v2) Medium Pass MultiTech Proxy Server Default Null Password CVE-2002-1629 30 Mar 2003 10 (v2) Critical Pass Ubiquiti UniFi Network Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 31 Dec 2021 10 (v3) Critical Pass Ecartis HTML Field Manipulation Arbitrary User Password Reset CVE-2003-0162 30 Mar 2003 5.5 (v2) Medium Pass Vignette StoryServer TCL Server Crash Information Disclosure CVE-2002-0385 08 Apr 2003 5 (v2) Medium 25

Pass osTicket open.php Support Address Crafted Mail Loop Remote DoS 30 Jul 2004 7.8 (v2) High Pass IlohaMail Forged GET/POST Arbitrary Contacts Deletion 02 Sep 2004 5 (v2) Medium Pass PHP Topsites counter.php count_log_ fi le Parameter Arbitrary File Overwrite 09 May 2003 5 (v2) Medium Pass 12Planet Chat Server Error Message Path Disclosure 07 May 2003 5 (v2) Medium Pass Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential (cisco-sa-rv110w-static-cred-BMTWBWTy) CVE-2020-3330 21 Aug 2020 9.8 (v3) Critical Pass Apache OFBiz Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 05 Jan 2022 10 (v3) Critical Pass Helix Servers View Source Plug-in RTSP Parser Over fl ow CVE-2003-0725 21 May 2003 10 (v2) Critical Pass MAILsweeper for SMTP PowerPoint Document Processing DoS CVE-2003-1477 27 May 2003 7.8 (v2) High Pass Crob FTP Server user Field Remote Format String 02 Jun 2003 9.8 (v3) Critical Pass SMC2804WBR Router Default Password (smcadmin) 22 Feb 2004 7.5 (v2) High Pass P-News p-news.php Name Field Privilege Escalation 29 May 2003 6.5 (v2) Medium Pass CVSTrac chdir() chroot Jail Escape 17 Aug 2004 6.4 (v2) Medium Pass Leif Wright Web Blog blog.cgi ViewFile Request fi le Parameter Arbitrary Command Execution CVE-2004-2347 02 Feb 2004 7.5 (v2) High Pass iWebNegar Multiple Scripts SQL Injection CVE-2004-1402 15 Dec 2004 7.5 (v2) High Pass FTGate <= 4.4.002 Multiple Remote Vulnerabilities (OF, FS, XSS) CVE-2005-4567 CVE-2005-4568 CVE-2005-4569 21 Dec 2005 7.5 (v2) High Pass CVSTrac Malformed URI In fi nite Loop DoS 17 Aug 2004 5 (v2) Medium Pass Apache Log4Shell RCE detection via callback correlation (Direct Check RPCBIND) CVE-2021-44228 07 Jan 2022 10 (v3) Critical Pass Retrospect Backup Client Multiple Vulnerabilities (ESA-08-009) CVE-2008-3287 CVE-2008-3289 CVE-2008-3290 23 Jul 2008 5 (v2) Medium Pass AntiBoard antiboard.php Multiple Parameter SQL Injection CVE-2004-2062 CVE-2004-2063 02 Aug 2004 4.3 (v2) Medium Pass Kerio MailServer < 6.0.1 Embedded HTTP Server Unspeci fi ed Issue 16 Aug 2004 10 (v2) Critical Pass Xedus Webserver Multiple XSS CVE-2004-1645 03 Sep 2004 5 (v2) Medium Pass WS_FTP Server Multiple Vulnerabilities (OF, DoS, Cmd Exec) CVE-2004-1848 CVE-2004-1883 CVE-2004-1884 CVE-2004-1885 01 Sep 2004 10 (v2) Critical Pass IlohaMail Email Header XSS 02 Sep 2004 4.3 (v2) Medium Pass GeoHttpServer Unauthorized Image Access Vulnerability CVE-2005-1552 10 May 2005 5 (v2) Medium Pass bBlog rss.php p Parameter SQL Injection CVE-2004-1570 13 Oct 2004 7.5 (v2) High Pass MailMarshal Spam Quarantine Management (SQM) Multiple Component XSS CVE-2008-2831 03 Oct 2008 3.5 (v2) Low Pass PHP rfc1867.c $_FILES Array Crafted MIME Header Arbitrary File Upload CVE-2004-0959 17 Sep 2004 2.1 (v2) Low Pass Cherokee Web Server Port Bind Privilege Drop Weakness CVE-2001-1433 04 Nov 2004 7.5 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check MSRPC) CVE-2021-44228 12 Jan 2022 10 (v3) Critical Pass Ipswitch IMail IMAP Service DELETE Command Remote Over fl ow CVE-2004-1520 19 Nov 2004 4.6 (v2) Medium Pass JanaServer < 2.4.5 Multiple Remote DoS 30 Nov 2004 7.8 (v2) High Pass Microsoft IE FRAME/IFRAME/EMBED Tag Over fl ow (Bofra Worm Detection) CVE-2004-1050 17 Nov 2004 10 (v2) Critical Pass IBProArcade index.php Arcade Module gameid Parameter SQL Injection CVE-2004-1430 02 Jan 2005 7.5 (v2) High Pass Hydra: LDAP 01 Dec 2004 7.5 (v2) High Pass NFS Share User Mountable 16 Dec 2004 7.3 (v3) High Pass IlohaMail < 0.8.14RC1 Unspeci fi ed Vulnerability CVE-2004-2500 11 Dec 2004 10 (v2) Critical Pass CVSTrac < 1.1.5 Multiple XSS CVE-2004-1146 19 Dec 2004 4.3 (v2) Medium Pass MPM Guestbook Pro top.php Traversal Arbitrary File Access 14 Jan 2005 5 (v2) Medium Pass SunShop Shopping Cart index.php search Parameter XSS 08 Feb 2005 4.3 (v2) Medium Pass Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution (cisco-sa-rv-rce-AQKREqp) CVE-2020-3323 18 Aug 2020 9.8 (v3) Critical Pass Cisco Data Center Network Manager Command Injection (cisco-sa-20200102-dcnm-comm-inject) CVE-2019-15978 CVE-2019-15979 17 Sep 2020 7.2 (v3) High Pass Atmail WebMail <= 5.6.1 (5.61) webadmin/admin.php Multiple Parameter XSS CVE-2009-2455 30 Apr 2009 4.3 (v2) Medium Pass OpenSSH < 3.4p1 scp Traversal Arbitrary File Overwrite CVE-2004-0175 18 Nov 2011 4.3 (v2) Medium Pass TikiWiki File Upload temp Directory Arbitrary Script Execution CVE-2005-0200 24 Jan 2005 7.5 (v2) High Pass IBM WebSphere Commerce ResetPassword Servlet Caching Information Disclosure 16 Mar 2005 2.6 (v2) Low Pass OPIE w/ OpenSSH Account Enumeration CVE-2007-2768 18 Nov 2011 4.3 (v2) Medium Pass Oracle WebLogic JSP Pages Unspeci fi ed Information Disclosure (CVE-2008-2580) CVE-2008-2580 30 Nov 2011 5 (v2) Medium Pass Red Hat Enterprise Linux OpenSSH ChrootDirectory Local Privilege Escalation CVE-2009-2904 18 Nov 2011 6.8 (v2) Medium Pass OpenSSL < 0.9.6m / 0.9.7d Denial of Service CVE-2004-0079 CVE-2004-0112 04 Jan 2012 5 (v2) Medium Pass OpenSSL < 0.9.8i Denial of Service CVE-2009-1386 04 Jan 2012 5 (v2) Medium Pass macOS 10.12.x < 10.12.3 Multiple Vulnerabilities CVE-2016-1248 CVE-2016-8670 CVE-2016-8687 CVE-2016-9933 CVE-2016-9934 CVE-2017-2353 CVE-2017-2357 CVE-2017-2358 CVE-2017-2360 CVE-2017-2361 CVE-2017-2370 CVE-2017-2371 24 Jan 2017 7.8 (v3) High Pass Xerox WorkCentre MicroServer Multiple Vulnerabilities (XRX05-005) CVE-2005-0703 CVE-2005-1179 09 May 2005 7.5 (v2) High Pass PunBB pro fi le.php id Parameter SQL Injection CVE-2005-1051 08 Apr 2005 6.5 (v2) Medium Pass Apache Druid Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 14 Jan 2022 10 (v3) Critical Pass Rendezvous < 7.5.1 HTTP Admin Interface Remote Over fl ow CVE-2006-2830 10 Jun 2006 7.5 (v2) High Pass CVS < 1.11.20 / 1.12.12 Multiple Unspeci fi ed Vulnerabilities CVE-2005-0753 20 Apr 2005 10 (v2) Critical Pass Woltlab Burning Board verify_email Function SQL Injection CVE-2005-1642 17 May 2005 7.5 (v2) High Pass NetWin DMail Server Multiple Remote Vulnerabilities CVE-2005-1478 CVE-2005-1516 05 May 2005 6 (v2) Medium Pass Microsoft Windows SMB Guest Account Local User Access CVE-1999-0505 04 Oct 2007 7.5 (v2) High Pass Cisco Prime Infrastructure Multiple Vulnerabilities (cisco-sa-20190515-pi-rce) CVE-2019-1821 CVE-2019-1822 CVE-2019-1823 05 Nov 2019 9.8 (v3) Critical Pass BEA WebLogic <= 8.1 SP4 Multiple Vulnerabilities (XSS, DoS, ID, more) CVE-2005-1380 CVE-2005-1742 CVE-2005-1743 CVE-2005-1744 CVE-2005-1745 CVE-2005-1746 CVE-2005-1747 CVE-2005-1748 CVE-2005-1749 24 May 2005 7.5 (v2) High Pass Hummingbird InetD FTP Component (ftpdw.exe) Command Over fl ow CVE-2005-1815 30 May 2005 7.5 (v2) High Pass VMware vRealize Operations Manager Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028) CVE-2021-44228 21 Jan 2022 10 (v3) Critical Pass Cisco VG248 Unpassworded Account 04 Aug 2005 10 (v2) Critical Pass Yaws Web Server .yaws Script Null Byte Request Source Code Disclosure CVE-2005-2008 17 Jun 2005 5 (v2) Medium Pass PHP-Nuke Gallery Add-on modules.php include Parameter Traversal Arbitrary File Access CVE-2001-0900 25 Nov 2001 5 (v2) Medium Pass CA eTrust Intrusion Detection CPImportKey Function Over fl ow DoS CVE-2005-0968 21 Jun 2005 5 (v2) Medium Pass Inframail SMTP MAIL FROM Command Remote Over fl ow DoS CVE-2005-2085 29 Jun 2005 7.5 (v2) High Pass GoCD < 21.3.0 Path Traversal (Direct) 25 Jan 2022 10 (v3) Critical Pass Qpopper .qpopper-options Username Handling Over fl ow CVE-2001-1046 02 May 2002 10 (v2) Critical Pass SSH 3 AllowedAuthentications Remote Bypass CVE-2002-1646 24 May 2002 3.5 (v2) Low Pass Cisco IOS XSS and XSRF Vulnerabilities CVE-2008-3821 CVE-2009-0470 11 Jan 2012 4.3 (v2) Medium Pass TYPSoft FTP Server Malformed STOR / RETR Command DoS CVE-2001-1156 21 Aug 2002 5 (v2) Medium Pass Microsoft Data Access Components RDS Data Stub Remote Over fl ow CVE-2002-1142 22 Nov 2002 7.5 (v2) High Pass Red Hat Interchange INET Mode Detection CVE-2002-0874 21 Sep 2002 5 (v2) Medium Pass Ipswitch WhatsUp Gold <= 8.04 Multiple Vulnerabilities 12 Sep 2005 5 (v2) Medium Pass Sendmail 8.8.8 - 8.12.7 Multiple Vulnerabilities (Bypass, OF) CVE-2002-1165 CVE-2002-1337 05 Mar 2003 10 (v2) Critical Pass PHP-Nuke Detection CVE-2001-0292 CVE-2001-0320 CVE-2001-0854 CVE-2001-0911 CVE-2001-1025 CVE-2002-0206 CVE-2002-0483 CVE-2002-1242 CVE-2003-1400 CVE-2003-1435 17 Feb 2003 7.5 (v2) High Pass SaveWebPortal <= 3.4 Multiple Vulnerabilities 09 Sep 2005 7.5 (v2) High Pass Qpopper pop_msg() Macroname Remote Over fl ow CVE-2003-0143 13 Mar 2003 6.5 (v2) Medium Pass SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure CVE-2000-0525 CVE-2000-1169 CVE-2001-0361 CVE-2001-0529 CVE-2001-0572 CVE-2001-0816 CVE-2001-0872 CVE-2001-1380 CVE-2001-1382 CVE-2001-1459 CVE-2001-1507 CVE-2001-1585 CVE-2002-0083 CVE-2002-0575 CVE-2002-0639 CVE-2002-0 29 Aug 2011 10 (v2) Critical Pass Snitz Forums 2000 3.4.03 Multiple Vulnerabilities CVE-2003-0492 CVE-2003-0494 07 May 2003 6.8 (v2) Medium Pass WebWasher < 4.4.1 Build 1613 Multiple XSS 06 Oct 2005 4.3 (v2) Medium Pass Mobius DocumentDirect ddicgi.exe Long GET Request Over fl ow CVE-2000-0826 11 Jun 2003 10 (v2) Critical Pass BEA WebLogic FileServlet Source Code Disclosure CVE-2000-0682 11 Jun 2003 5 (v2) Medium Pass Mac OS X 10.6.x < 10.6.2 Multiple Vulnerabilities CVE-2009-0023 CVE-2009-1191 CVE-2009-1195 CVE-2009-1574 CVE-2009-1632 CVE-2009-1890 CVE-2009-1891 CVE-2009-1955 CVE-2009-1956 CVE-2009-2202 CVE-2009-2203 CVE-2009-2285 CVE-2009-2408 CVE-2009-2409 CVE-2009-2411 CVE-2009-2 09 Nov 2009 10 (v2) Critical Pass Cisco IOS L2TP Parsing DoS (cisco-sa-20170322-l2tp) CVE-2017-3857 28 Mar 2017 7.5 (v3) High Pass Reachable IPv6 address 02 Apr 2010 None Pass Microsoft Windows 2000 Unsupported Installation Detection 13 Jul 2010 10 (v2) Critical Pass Usermin Null Byte Filtering Information Disclosure CVE-2006-4542 16 Sep 2014 6.8 (v2) Medium Pass ManageEngine SupportCenter Plus HomePage.do fromCustomer Parameter XSS 01 Nov 2012 4.3 (v2) Medium Pass Internet Key Exchange (IKE) Aggressive Mode with Pre-Shared Key CVE-2002-1623 24 Oct 2012 5.3 (v3) Medium Pass NetIQ Privileged User Manager ldapagnt_eval() Function Remote Code Execution (intrusive check) CVE-2012-5932 21 Nov 2012 9.8 (v3) Critical Pass Apache Tomcat 9.0.35 < 9.0.58 multiple vulnerabilities CVE-2022-23181 26 Jan 2022 7 (v3) High Pass ManageEngine ADSelfService Plus Default Administrator Credentials 14 Oct 2011 7.5 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 23 Multiple Vulnerabilities CVE-2011-1377 CVE-2012-0193 CVE-2012-0716 CVE-2012-0717 CVE-2012-0720 CVE-2012-2170 27 Jun 2012 10 (v2) Critical Pass Tra ffi c Analyzer Plugin for WordPress 'ta_loaded.js.php' 'aoid' Parameter XSS CVE-2013-3526 22 Apr 2013 4.3 (v2) Medium Pass IBM Lotus Domino 8.5.x < 8.5.3 Multiple Vulnerabilities CVE-2011-0914 CVE-2011-0915 CVE-2011-0916 CVE-2011-0917 CVE-2011-0920 CVE-2011-3575 26 Apr 2013 10 (v2) Critical Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.8 Multiple Vulnerabilities (PAN-SA-2016-0008 / PAN-SA-2016-0009) CVE-2016-2219 12 Aug 2016 5.3 (v3) Medium Pass Puppet Unsafe YAML Unserialization CVE-2013-1655 26 Apr 2013 7.5 (v2) High Pass Skype for Windows < 6.3.0.105 Multiple Vulnerabilities (uncredentialed check) 30 May 2013 10 (v2) Critical Pass IBM WebSphere Application Server < 6.1.0.15 Multiple Vulnerabilities CVE-2008-0740 CVE-2008-7274 05 Apr 2010 7.5 (v2) High Pass SolusVM Default Administrator Credentials 24 Jun 2013 7.5 (v2) High Pass Cisco TelePresence TC and TE Software Multiple Vulnerabilities (cisco-sa-20140430-tcte) CVE-2014-2162 CVE-2014-2163 CVE-2014-2164 CVE-2014-2165 CVE-2014-2166 CVE-2014-2167 CVE-2014-2168 CVE-2014-2169 CVE-2014-2170 CVE-2014-2171 CVE-2014-2172 CVE-2014-2173 CVE-2014-2175 08 May 2014 10 (v2) Critical Pass Cisco Prime Collaboration Provisioning < 12.1 Multiple Vulnerabilities (cisco-sa-20170517-pcp1 - cisco-sa-20170517-pcp3) CVE-2017-6621 CVE-2017-6622 CVE-2017-6635 22 May 2017 9.8 (v3) Critical Pass macOS < 10.12 Multiple Vulnerabilities CVE-2016-0755 CVE-2016-4617 CVE-2016-4658 CVE-2016-4682 CVE-2016-4694 CVE-2016-4696 CVE-2016-4697 CVE-2016-4698 CVE-2016-4699 CVE-2016-4700 CVE-2016-4701 CVE-2016-4702 CVE-2016-4703 CVE-2016-4706 CVE-2016-4707 CVE-2016-4 23 Sep 2016 9.8 (v3) Critical Pass Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check) CVE-2009-1726 CVE-2010-0544 CVE-2010-1119 CVE-2010-1387 CVE-2010-1390 CVE-2010-1392 CVE-2010-1393 CVE-2010-1395 CVE-2010-1396 CVE-2010-1397 CVE-2010-1398 CVE-2010-1399 CVE-2010-1400 CVE-2010-1401 CVE-2010-1402 CVE-2010-1 17 Jun 2010 9.3 (v2) High Pass BackWPup for WordPress Plugin Remote File Inclusion 29 Mar 2011 7.5 (v2) High Pass XMPP Service STARTTLS Plaintext Command Injection 27 May 2011 4 (v2) Medium Pass IBM Tivoli Management Framework Endpoint addr URL Default Credentials 07 Jun 2011 7.5 (v2) High Pass IBM Storwize Authenticated Information Disclosure CVE-2013-6737 03 Jul 2014 4 (v2) Medium Pass Apache 2.2.x < 2.2.8 Multiple Vulnerabilities (XSS, DoS) CVE-2007-5000 CVE-2007-6203 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 20 Feb 2008 5.3 (v3) Medium 26

Pass IBM GCM16 / GCM32 Global Console Manager KVM Switch Firmware Version < 1.20.20.23447 Multiple Vulnerabilities CVE-2014-3080 CVE-2014-3081 CVE-2014-3085 05 Aug 2014 7.1 (v2) High Pass NGINX Unit 0.x > 0.3 / 1.x < 1.7.1 Heap Bu ff er Over fl ow (CVE-2019-7401) CVE-2019-7401 26 Apr 2019 9.8 (v3) Critical Pass MODx < 2.0.3-pl modahsh Parameter XSS CVE-2010-4883 20 Oct 2011 2.6 (v2) Low Pass Cisco Wireless LAN Controller Multiple Vulnerabilities CVE-2016-6375 CVE-2016-6376 18 Oct 2016 6.5 (v3) Medium Pass Cisco NX-OS SSH Connection Negotiation Remote Command Execution (cisco-sa-20161005-nxaaa) CVE-2015-0721 14 Oct 2016 8 (v3) High Pass Atlassian JIRA Unsupported Version Detection 24 Apr 2018 10 (v3) Critical Pass Apache < 2.0.55 Multiple Vulnerabilities CVE-2005-1268 CVE-2005-2088 CVE-2005-2491 CVE-2005-2700 CVE-2005-2728 CVE-2005-2970 26 Mar 2008 7.3 (v3) High Pass Juniper Junos User Authentication Bypass (JSA10802) CVE-2017-10601 31 Jul 2017 9.8 (v3) Critical Pass Apple iTunes < 10.6 Multiple Vulnerabilities (uncredentialed check) CVE-2011-2825 CVE-2011-2833 CVE-2011-2846 CVE-2011-2847 CVE-2011-2854 CVE-2011-2855 CVE-2011-2857 CVE-2011-2860 CVE-2011-2866 CVE-2011-2867 CVE-2011-2868 CVE-2011-2869 CVE-2011-2870 CVE-2011-2871 CVE-2011-2872 CVE-2011-2 12 Mar 2012 9.3 (v2) High Pass Gallery PostNuke Integration Access Validation Privilege Escalation CVE-2005-2596 12 Aug 2005 4.6 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1a ASN.1 asn1_d2i_read_bio Memory Corruption CVE-2012-2110 19 Apr 2012 7.5 (v2) High Pass OpenSSL 1.0.1 < 1.0.1j Multiple Vulnerabilities (POODLE) CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 17 Oct 2014 4.3 (v2) Medium Pass Juniper Junos IPv6 Packet Handling Remote DoS (JSA10762) CVE-2016-4922 27 Oct 2016 7.5 (v3) High Pass GNU Mailutils imap4d Search Command Remote Format String CVE-2005-2878 09 Sep 2005 6.5 (v2) Medium Pass Attachmate Re fl ection for Secure IT UNIX server < 7.0 SP1 Multiple Vulnerabilities CVE-2006-2937 CVE-2006-2940 CVE-2007-3108 CVE-2008-1483 CVE-2008-1657 CVE-2008-6021 20 Aug 2008 10 (v3) Critical Pass SolarWinds Storage Manager Server LoginServlet loginName Parameter SQL Injection 16 May 2012 7.5 (v2) High Pass VMware Security Updates for vCenter Server (VMSA-2014-0008) CVE-2013-4322 CVE-2013-4590 CVE-2013-6629 CVE-2013-6954 CVE-2014-0050 CVE-2014-0114 CVE-2014-0429 CVE-2014-0432 CVE-2014-0446 CVE-2014-0449 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0 17 Sep 2014 10 (v2) Critical Pass Atlassian Crowd 2.1.x < 3.0.5 / 3.1.x < 3.1.6 / 3.2.x < 3.2.8 / 3.3.x < 3.3.5 / 3.4.x < 3.4.4 RCE (direct check) CVE-2019-11580 16 Jul 2020 9.8 (v3) Critical Pass OpenSSL 1.0.0 < 1.0.0h Multiple Vulnerabilities CVE-2006-7250 CVE-2011-4619 CVE-2012-0884 CVE-2012-1165 02 Apr 2012 5 (v2) Medium Pass Presto! PageManager Network Group Service Packet Network Request Parsing Arbitrary File Access 16 May 2012 7.8 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 1 CVE-2009-0504 CVE-2008-5411 CVE-2008-5412 CVE-2008-5413 CVE-2008-5414 CVE-2009-0434 CVE-2009-0438 10 Dec 2008 5.1 (v2) Medium Pass IBM WebSphere Application Server < 6.0.2.33 Multiple Vulnerabilities CVE-2009-0891 CVE-2009-0506 10 Apr 2009 7.5 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 29 Multiple Vulnerabilities CVE-2013-0169 CVE-2013-0482 CVE-2013-0541 CVE-2013-0542 CVE-2013-0543 CVE-2013-0544 CVE-2013-0597 CVE-2013-1768 CVE-2013-2967 CVE-2013-2976 CVE-2013-3029 19 Jul 2013 7.5 (v2) High Pass Web Server Directory Traversal Arbitrary File Access CVE-2000-0920 CVE-2007-6483 CVE-2008-5315 CVE-2010-1571 CVE-2010-3459 CVE-2010-3460 CVE-2010-3487 CVE-2010-3488 CVE-2010-3743 CVE-2010-4181 CVE-2011-1900 CVE-2011-2524 CVE-2011-4788 CVE-2012-0697 CVE-2012-1464 CVE-2012-5 05 Nov 1999 10 (v2) Critical Pass VMware vCenter Update Manager XSS CVE-2009-1524 29 Jul 2010 4.3 (v2) Medium Pass Symantec SecurityExpressions Audit and Compliance Server Multiple XSS CVE-2009-3029 CVE-2009-3030 09 Oct 2009 4.3 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.31 Multiple Vulnerabilities CVE-2010-0768 CVE-2010-0769 CVE-2010-0770 CVE-2010-0774 CVE-2010-0775 CVE-2010-0776 CVE-2010-0777 CVE-2010-1650 CVE-2010-1651 CVE-2011-1312 06 Apr 2010 4.3 (v2) Medium Pass JRun Multiple Sample Files Remote Information Disclosure CVE-2000-0539 CVE-2000-0540 05 Jun 2002 6.8 (v2) Medium Pass macOS 10.12.x < 10.12.2 Multiple Vulnerabilities CVE-2016-1777 CVE-2016-1823 CVE-2016-4688 CVE-2016-4691 CVE-2016-4693 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6303 CVE-2016-6304 CVE-2016-7141 CVE-2016-7167 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7 16 Dec 2016 7.8 (v3) High Pass IBM WebSphere Application Server < 6.0.2.31 Multiple Vulnerabilities CVE-2008-4111 CVE-2008-4678 CVE-2008-4679 CVE-2009-0434 27 Oct 2008 6.4 (v2) Medium Pass PHProjekt setup.php Authentication Bypass Arbitrary Code Execution CVE-2004-2739 05 Dec 2004 7.5 (v2) High Pass Apple iTunes < 12.10.4 Multiple Vulnerabilities (uncredentialed check) CVE-2020-3825 CVE-2020-3826 CVE-2020-3846 CVE-2020-3861 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 05 Mar 2020 8.8 (v3) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 3 CVE-2009-0508 CVE-2009-0892 CVE-2009-0903 CVE-2009-1172 CVE-2009-1173 CVE-2009-1174 10 Apr 2009 7.5 (v2) High Pass CuteNews <= 1.3.6 Multiple XSS CVE-2005-0645 CVE-2005-2393 02 Mar 2005 1.9 (v2) Low Pass EMC Avamar ADS / AVE 7.3.0.x < 7.3.0 Hot fi x 268253 / 7.3.1.x < 7.3.1 Hot fi x 272363 Incorrect File Ownership Local Privilege Escalation (ESA-2016-146) CVE-2016-8214 02 Feb 2017 6.7 (v3) Medium Pass Calendarix Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1865 CVE-2005-1866 02 Jun 2005 7.5 (v2) High Pass Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003) CVE-2007-0719 CVE-2007-0467 CVE-2007-0720 CVE-2007-0721 CVE-2007-0722 CVE-2006-6061 CVE-2006-6062 CVE-2006-5679 CVE-2007-0229 CVE-2007-0267 CVE-2007-0299 CVE-2007-0723 CVE-2006-5330 CVE-2006-0300 CVE-2006-6097 CVE-2007-0 13 Mar 2007 10 (v2) Critical Pass Jenkins < 2.204.2 LTS / 2.219 Multiple Vulnerabilities CVE-2020-2100 CVE-2020-2101 CVE-2020-2102 CVE-2020-2103 CVE-2020-2104 CVE-2020-2105 CVE-2020-2106 06 Feb 2020 5.4 (v3) Medium Pass Arista Networks EOS/vEOS SegmentSmack TCP DoS (SA0036) CVE-2018-5390 17 Feb 2020 7.5 (v3) High Pass Portable SDK for UPnP Devices (libupnp) < 1.6.18 Multiple Stack-based Bu ff er Over fl ows RCE CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2012-5961 CVE-2012-5962 CVE-2012-5963 CVE-2012-5964 CVE-2012-5965 01 Feb 2013 9.8 (v3) Critical Pass macOS 10.15.x < 10.15.1 / 10.14.x < 10.14.6 Security Update 2019-001 / 10.13.x < 10.13.6 Security Update 2019-006 CVE-2017-7152 CVE-2018-12152 CVE-2018-12153 CVE-2018-12154 CVE-2019-8509 CVE-2019-8592 CVE-2019-8705 CVE-2019-8706 CVE-2019-8708 CVE-2019-8709 CVE-2019-8715 CVE-2019-8716 CVE-2019-8717 CVE-2019-8736 CVE-2019-8737 CVE-201 13 Nov 2019 9.8 (v3) Critical Pass Apache Tomcat 8.5.0 < 8.5.40 Remote Code Execution Vulnerability (Windows) CVE-2019-0221 CVE-2019-0232 16 Apr 2019 8.1 (v3) High Pass Arista Networks EOS 4.17 Multiple Vulnerabilities (SA0024) (SWEET32) CVE-2016-2178 CVE-2016-2183 CVE-2016-6304 28 Feb 2018 7.5 (v3) High Pass Trend Micro Worry-Free Business Security (WFBS) Directory Traversal Vulnerability (1122250) CVE-2019-9489 06 Mar 2020 7.5 (v3) High Pass Arista Networks EOS kernel DoS (SA0040) CVE-2013-7470 06 Mar 2020 5.9 (v3) Medium Pass Arista Networks EOS Multiple Vulnerabilities (SA0018) (DROWN) CVE-2015-3197 CVE-2016-0703 CVE-2016-0800 28 Feb 2018 5.9 (v3) Medium Pass Arista Networks EOS ASN.1 Encoder RCE (SA0020) CVE-2016-2108 28 Feb 2018 9.8 (v3) Critical Pass Apple iTunes < 12.10.5 Multiple Vulnerabilities (uncredentialed check) (HT211105) CVE-2020-3885 CVE-2020-3887 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-3909 CVE-2020-3910 CVE-2020-3911 CVE-2020-9783 31 Mar 2020 9.8 (v3) Critical Pass Atlassian JIRA < 7.13.12 / 8.x < 8.5.4 / 8.6.x < 8.6.1 'Atlassian Application Links' Plugin Privilege Escalation CVE-2019-20105 20 Mar 2020 4.9 (v3) Medium Pass DNS Server Cache Snooping Remote Information Disclosure 27 Apr 2004 5.3 (v3) Medium Pass EMC RSA Authentication Manager < 8.4 P10 Multiple Vulnerabilites (DSA-2020-052) CVE-2020-5339 02 Apr 2020 4.8 (v3) Medium Pass ManageEngine Desktop Central < 10 Build 10.0.515 Information Disclosure CVE-2020-8509 03 Apr 2020 7.5 (v3) High Pass MikroTik RouterOS Winbox Unauthenticated Arbitrary File Read/Write Vulnerability CVE-2018-14847 06 Sep 2018 10 (v3) Critical Pass MySQL 5.6.x < 5.6.44 Multiple Vulnerabilities (Apr 2019 CPU) CVE-2019-1559 CVE-2019-2683 CVE-2019-2627 CVE-2019-2614 18 Apr 2019 5.9 (v3) Medium Pass IBM Spectrum Protect Plus username Command Injection CVE-2020-4213 21 Apr 2020 9.8 (v3) Critical Pass Apple TV < 13.4 Multiple Vulnerabilities CVE-2020-3883 CVE-2020-3885 CVE-2020-3887 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-3909 CVE-2020-3910 CVE-2020-3911 CVE-2020-3914 CVE-2020-3917 CVE-2020-3 21 Apr 2020 9.8 (v3) Critical Pass SSL Certi fi cate Chain Contains RSA Keys Less Than 2048 bits (PCI DSS) 10 Apr 2014 5.3 (v3) Medium Pass Dell EMC Data Protection Central 1.0, 1.0.1, 18.1, 18.2, 19.1 Improper Certi fi cate Chain of Trust (DSA-2019-135) CVE-2019-3762 16 Apr 2020 7.5 (v3) High Pass Apache 2.2.x < 2.2.12 Multiple Vulnerabilities CVE-2009-0023 CVE-2009-1191 CVE-2009-1195 CVE-2009-1890 CVE-2009-1891 CVE-2009-1955 CVE-2009-1956 02 Aug 2009 8.2 (v3) High Pass Cisco NX-OS Cisco Fabric Services Multiple Vulnerabilities. CVE-2018-0304 CVE-2018-0305 CVE-2018-0308 CVE-2018-0310 CVE-2018-0311 CVE-2018-0312 CVE-2018-0314 25 Jun 2018 9.8 (v3) Critical Pass SSL Certi fi cate Cannot Be Trusted 15 Dec 2010 6.5 (v3) Medium Pass Windows Deployment Services TFTP Server Remote Code Execution Vulnerability CVE-2019-0603 19 Mar 2019 7.5 (v3) High Pass SSL/TLS Services Support RC4 (PCI DSS) CVE-2013-2566 CVE-2015-2808 29 Jan 2018 5.9 (v3) Medium Pass WinShell Trojan Detection 06 Feb 2018 9.8 (v3) Critical Pass Multi-Threaded HTTP Server v1.1 for Zimbra 15 Mar 2018 5.3 (v3) Medium Pass Trend Micro Control Manager GetPassword() SQLi CVE-2018-3604 28 Jun 2018 7.3 (v3) High Pass pfSense < 2.3.1 Multiple Vulnerabilities (SA-16_03 / SA-16-04) CVE-2016-1886 CVE-2016-1887 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 31 Jan 2018 7.8 (v3) High Pass Cisco Email Security Appliance Multiple DoS Vulnerabilities (cisco-sa-20190109-esa-dos / cisco-sa-20190109-esa-url-dos) CVE-2018-15453 CVE-2018-15460 18 Jan 2019 8.6 (v3) High Pass Apache Server ETag Header Information Disclosure CVE-2003-1418 22 Jan 2016 5.3 (v3) Medium Pass jspwebshell Backdoor Detection 18 Dec 2015 7.5 (v2) High Pass Synology DiskStation Manager < 4.3-3810 Update 3 Multiple FileBrowser Component Directory Traversal Vulnerabilities CVE-2013-6987 05 Feb 2014 7.5 (v2) High Pass OpenSSL 1.1.1 < 1.1.1e-dev Procedure Over fl ow Vulnerability CVE-2019-1551 09 Jan 2020 5.3 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2u Procedure Over fl ow Vulnerability CVE-2019-1551 09 Jan 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 9.1.x < 9.1.2 Vulnerability CVE-2020-1995 21 May 2020 4.9 (v3) Medium Pass PHP 7.3.x < 7.3.17 Out of Bounds Read Vulnerability CVE-2020-7067 23 Apr 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2014 22 May 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.13 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Vulnerability CVE-2020-1994 22 May 2020 4.4 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x / 8.0.x / 8.1.x < 8.1.14 Bu ff er Over fl ow CVE-2020-2006 22 May 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2010 22 May 2020 7.2 (v3) High Pass MariaDB 10.3.0 < 10.3.9 Multiple Vulnerabilities CVE-2018-3058 CVE-2018-3060 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 05 Jun 2019 7.1 (v3) High Pass Plex Media Server Detection 05 Jun 2020 None Pass Cisco UCS Director for Role-Based Access Control (cisco-sa-ucsd-Ar6BAguz) CVE-2020-3329 04 Jun 2020 4.3 (v3) Medium Pass Atlassian JIRA 6.0 < 8.5.5 / 8.6 < 8.8.1 XSS (JRASERVER-70923) CVE-2020-4021 03 Jun 2020 5.4 (v3) Medium Pass Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability (cisco-sa-20190501-aci-hw-clock-util) CVE-2019-1592 03 Jun 2020 7.8 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability (cisco-sa-20190501-nexus9k-sshkey) CVE-2019-1804 03 Jun 2020 9.8 (v3) Critical Pass Plex Media Server < 1.18.2 Privilege Escalation CVE-2020-5740 11 Jun 2020 7.8 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability (cisco-sa-20190501-nexus9k-rpe) CVE-2019-1803 03 Jun 2020 6.7 (v3) Medium Pass Oracle 9iAS Nonexistent .jsp File Request Error Message Path Disclosure CVE-2001-1372 11 Feb 2003 5 (v2) Medium Pass EMC VMAX VASA Provider Virtual Appliance < 8.4.0 File Upload RCE CVE-2017-4997 28 Jul 2017 9.8 (v3) Critical Pass Cisco Prime Security Manager OpenSSL Alternative Chains Certi fi cate Forgery (cisco-sa-20150710-openssl) CVE-2015-1793 23 Sep 2015 6.5 (v3) Medium Pass EMC VMAX VASA Provider Virtual Appliance < 8.4.0.512 Authentication Bypass Vulnerability CVE-2017-14375 03 Nov 2017 9.8 (v3) Critical Pass Netref cat_for_gen.php Arbitrary PHP Command Injection CVE-2005-1222 23 May 2005 7.5 (v2) High Pass Cisco Uni fi ed MeetingPlace Multiple Session Weaknesses CVE-2013-1168 CVE-2013-1169 23 Sep 2013 9.3 (v2) High Pass MailEnable HTTPMail Service Content-Length Header Over fl ow 03 Sep 2004 10 (v2) Critical Pass VMware VRealize Operations Manager 6.x Oracle JRE JMX Deserialization RCE (VMSA-2016-0005) CVE-2016-3427 26 May 2016 9 (v3) Critical Pass VMware vRealize Log Insight 2.x / 3.x < 3.6.0 Directory Traversal File Disclosure (VMSA-2016-0011) CVE-2016-5332 19 Aug 2016 5.3 (v3) Medium Pass OmniHTTPd Encoded Space Request Script Source Disclosure CVE-2001-0778 13 Aug 2001 5 (v2) Medium Pass VisNetic / Merak Mail Server Multiple Remote Vulnerabilities CVE-2005-4556 CVE-2005-4557 CVE-2005-4558 CVE-2005-4559 28 Dec 2005 7.3 (v3) High Pass PolarSSL Weak Signature Algorithm Negotiation CVE-2014-8627 07 Jan 2015 5.3 (v3) Medium Pass Multiple Server Crafted Request WEB-INF Directory Information Disclosure CVE-2002-1855 CVE-2002-1856 CVE-2002-1857 CVE-2002-1858 CVE-2002-1859 CVE-2002-1860 CVE-2002-1861 01 Jul 2002 5 (v2) Medium Pass Microsoft Outlook Web Access (OWA) owalogon.asp Redirection Account Enumeration CVE-2005-0420 28 Mar 2005 4.3 (v2) Medium Pass Nagios XI < 2011R3.0 Multiple XSS Vulnerabilities 23 Jul 2012 4.3 (v2) Medium Pass JGS-Portal for WoltLab Burning Board Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1633 CVE-2005-1634 17 May 2005 7.5 (v2) High Pass Linksys Multiple Vulnerabilities (OF, DoS, more) CVE-2005-2799 CVE-2005-2912 CVE-2005-2914 CVE-2005-2915 CVE-2005-2916 28 Oct 2005 10 (v2) Critical Pass Cisco ASA / IOS IKE Fragmentation Vulnerability CVE-2016-1287 CVE-2016-1344 29 Feb 2016 9.8 (v3) Critical Pass Oracle Application Express (Apex) CVE-2008-4005 CVE-2008-4005 20 Feb 2013 4.3 (v2) Medium Pass Oracle Application Express (Apex) Unspeci fi ed Issues (pre 3.1) 20 Feb 2013 10 (v2) Critical Pass POP3 Service STLS Plaintext Command Injection CVE-2011-0411 10 Mar 2011 4 (v2) Medium Pass OpenSSH MaxAuthTries Bypass CVE-2015-5600 24 Sep 2015 8.2 (v3) High Pass IBM Tivoli Directory Server TLS NULL Cipher (uncredentialed check) CVE-2012-0726 17 Oct 2012 6.4 (v2) Medium Pass OpenCA Multiple Signature Validation Bypass CVE-2003-0960 13 Sep 2004 7.5 (v2) High Pass CGI Generic Unseen Parameters Discovery 25 Jan 2010 6.8 (v2) Medium 27

Pass CGI Generic SQL Injection Detection (potential, 2nd order, 2nd pass) 30 Aug 2010 7.5 (v2) High Pass CGIWrap Charset Speci fi cation Weakness Error Message XSS CVE-2008-2852 30 Jun 2008 4.3 (v2) Medium Pass Atlassian Jira 8.0 < 8.9.1 XSS in Quick Search (JRASERVER-71205) CVE-2020-14169 21 Sep 2020 6.1 (v3) Medium Pass CodeMeter < 6.90 License forging Vulnerability CVE-2020-14515 21 Sep 2020 7.5 (v3) High Pass CodeMeter < 7.10 Information Ex fi ltration Vulnerability CVE-2020-16233 21 Sep 2020 7.5 (v3) High Pass Cisco DCNM Authentication Bypass (CVE-2019-15977) CVE-2019-15977 20 Jan 2020 7.5 (v3) High Pass Cisco Data Center Network Manager Authentication Bypass (cisco-sa-dcnm-auth-bypass-JkubGpu3) CVE-2020-3376 12 Aug 2020 9.8 (v3) Critical Pass Cisco Data Center Network Manager Authorization Bypass (cisco-sa-dcnm-bypass-auth-mVDR6ygT) CVE-2020-3540 25 Aug 2020 6.3 (v3) Medium Pass Cisco Data Center Network Manager Command Injection (cisco-sa-devmgr-cmd-inj-Umc8RHNh) CVE-2020-3377 11 Aug 2020 8.8 (v3) High Pass Cisco Data Center Network Manager XSS (cisco-sa-dcnm-xss-5TdMJRB3) CVE-2020-3523 25 Aug 2020 5.4 (v3) Medium Pass Cisco Data Center Network Manager XSS (cisco-sa-dcnm-xss-JnHSWG5C) CVE-2020-3518 01 Sep 2020 5.4 (v3) Medium Pass Cisco NX-OS Software IPv6 Protocol Independent Multicast DoS (cisco-sa-nxos-pim-memleak-dos-tC8eP7uw) CVE-2020-3338 28 Aug 2020 7.5 (v3) High Pass Cisco Data Center Network Manager Information Disclosure (cisco-sa-dcnm-infordisc-DOAXVvFV) CVE-2020-3520 01 Sep 2020 5.5 (v3) Medium Pass Juniper Junos MX Malformed Packet - DOS (JSA10900) CVE-2019-0001 07 Feb 2019 7.5 (v3) High Pass Cisco Data Center Network Manager Privilege Escalation (cisco-sa-20200219-dcnm-priv-esc) CVE-2020-3112 22 Sep 2020 8.8 (v3) High Pass Atlassian JIRA < 7.13.16 / 8.0.x < 8.5.7 / 8.6.x < 8.9.2 / 8.10.x < 8.10.1 Insecure Direct Object References (IDOR) (JRASERVER-71275) CVE-2020-14174 22 Jul 2020 4.3 (v3) Medium Pass Cisco ASA Remote Code Execution and Denial of Service Vulnerability (cisco-sa-20180129-asa1) (destructive check) CVE-2018-0101 26 Feb 2018 10 (v3) Critical Pass Barco/AWiND WePresent Command Port Detection 09 Apr 2019 None Pass Cisco TelePresence VCS < 14.0.5 Multiple Vulnerabilities (cisco-sa-expressway- fi lewrite-87Q5YRk) CVE-2022-20754 CVE-2022-20755 07 Mar 2022 7.2 (v3) High Pass SaltStack Salt Master Detection 20 May 2020 None Pass PALS Library System WebPALS pals-cgi Multiple Vulnerabilities CVE-2001-0216 CVE-2001-0217 13 Feb 2001 7.8 (v2) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.17 / 9.0.x <= 9.0.5.4 RCE (6255074) CVE-2020-4534 09 Sep 2020 8.8 (v3) High Pass Juniper JSA11002 CVE-2020-1619 03 Jun 2020 6.7 (v3) Medium Pass Tenable Nessus < 8.11.0 Stored XSS (TNS-2020-05) CVE-2020-5765 16 Jul 2020 5.4 (v3) Medium Pass Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation (cisco-sa-n3n9k-priv-escal-3QhXJBC) CVE-2020-3394 01 Sep 2020 7.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.13 / 9.0.x < 9.0.7 Bu ff er Over fl ow CVE-2020-2027 01 Jul 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 / 9.1.x < 9.1.1 Vulnerability CVE-2020-2003 02 Jul 2020 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2016 02 Jul 2020 7 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2005 02 Jul 2020 6.1 (v3) Medium Pass Juniper JSA11000 CVE-2020-1617 19 May 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 OS Command Injection CVE-2020-2029 01 Jul 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.13 / 9.0.x < 9.0.7 OS Command Injection CVE-2020-2028 01 Jul 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.9 Vulnerability CVE-2020-1996 22 May 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2009 22 May 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 / 9.1.x < 9.1.1 Vulnerability CVE-2020-2015 22 May 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 Vulnerability CVE-2020-2008 22 May 2020 7.2 (v3) High Pass Juniper Junos OpenSSL Security Advisory (JSA11025) CVE-2019-1551 24 Jul 2020 5.3 (v3) Medium Pass Juniper Junos MX Series PFE DoS (JSA11038) CVE-2020-1651 24 Jul 2020 6.5 (v3) Medium Pass Juniper Junos DoS (JSA11006) CVE-2020-1627 29 Jul 2020 7.5 (v3) High Pass Junos OS: SRX Series: Uni fi ed Access Control (UAC) bypass vulnerability (JSA11018) CVE-2020-1637 29 Jul 2020 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2017 02 Jul 2020 6.1 (v3) Medium Pass Juniper Junos DoS (JSA11020) CVE-2020-1639 29 Jul 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.4 / 10.0.x < 10.0.1 DoS CVE-2020-2039 11 Sep 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 8.0.x / 8.1.x < 8.1.16 DoS CVE-2020-2041 11 Sep 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 9.0.x < 9.0.10 / 9.1.x < 9.1.4 / 10.0.x < 10.0.1 Command Injection CVE-2020-2038 11 Sep 2020 7.2 (v3) High Pass TYPO3 8.5.x < 8.7.27 / 9.x < 9.5.8 Session Hijacking (TYPO3-CORE-SA-2019-018) 17 Jul 2020 3.6 (v3) Low Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2007 22 May 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.13 Vulnerability CVE-2020-1981 19 Mar 2020 7.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.0.14 Open Redirection CVE-2020-1997 22 May 2020 6.1 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2011 22 May 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.8 Session Fixation CVE-2020-1993 22 May 2020 5.4 (v3) Medium Pass Junos OS Firewall Filters Failure Vulnerability (JSA10942) CVE-2019-0048 25 Mar 2020 5.8 (v3) Medium Pass Juniper Junos Privilege Escalation (JSA10978) CVE-2019-0071 23 Sep 2020 7.8 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x / 9.0.x / 9.1.x / 10.0.x Improper Input Validation CVE-2020-2035 09 Oct 2020 3 (v3) Low Pass SSL Certi fi cate Null Character Spoo fi ng Weakness 06 Oct 2009 8.3 (v2) High Pass Cisco Small Business Router SNMP Detection 12 Feb 2019 None Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.13 Vulnerability CVE-2020-1980 19 Mar 2020 7.8 (v3) High Pass IBM WebSphere Application Server 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.10 / 9.0.x < 9.0.0.1 DoS (CVE-2016-2960) CVE-2016-2960 30 Oct 2020 3.7 (v3) Low Pass Cisco Small Business RV Series Routers Information Disclosure (cisco-sa-rv-routers-Rj5JRfF8) CVE-2020-3150 28 Jul 2020 5.9 (v3) Medium Pass Cisco RV110W, RV130W, and RV215W Routers Syslog HTTP Access Information Disclosure Vulnerability (cisco-sa-20190619-rv- fi leaccess) CVE-2019-1898 19 Jun 2019 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1 < 7.1.25 / 8.0 < 8.0.20 / 8.1 < 8.1.8 / 9.0 < 9.0.2 OpenSSL Vulnerability CVE-2019-1559 06 Mar 2020 5.9 (v3) Medium Pass IBM Spectrum Protect Plus File Upload RCE CVE-2020-4703 15 Oct 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5.x < 8.5.5.16 / 9.0.x < 9.0.5.0 XSS (CVE-2019-4271) CVE-2019-4271 15 Oct 2020 3.5 (v3) Low Pass Juniper JSA10970 CVE-2019-0047 CVE-2019-0050 CVE-2019-0054 CVE-2019-0055 CVE-2019-0057 CVE-2019-0058 CVE-2019-0059 CVE-2019-0060 CVE-2019-0062 CVE-2019-0063 CVE-2019-0064 CVE-2019-0066 CVE-2019-0067 CVE-2019-0068 CVE-2019-0073 CVE-2019-0 29 Jan 2020 8.8 (v3) High Pass Juniper Stateless IP Firewall Bypass Vulnerability (JSA10983) CVE-2020-1604 17 Feb 2020 5.3 (v3) Medium Pass Juniper JSA10979 CVE-2020-1600 CVE-2020-1601 CVE-2020-1602 CVE-2020-1603 CVE-2020-1604 CVE-2020-1605 CVE-2020-1607 CVE-2020-1608 CVE-2020-1609 25 Feb 2020 8.8 (v3) High Pass Apache Multiviews Arbitrary Directory Listing CVE-2001-0731 16 Feb 2016 5.3 (v3) Medium Pass Juniper Junos OS: DoS Vulnerability (JSA11068) CVE-2020-1671 22 Oct 2020 7.5 (v3) High Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.11 / 9.0.x < 9.0.0.2 Information Disclosure (CVE-2016-9736) CVE-2016-9736 20 Oct 2020 5.3 (v3) Medium Pass Cogent DataHub < 6.4.7 Incoming DDE Connection Handling Remote DoS 15 Jun 2016 5 (v2) Medium Pass PHP 5.4.x < 5.4.16 Multiple Vulnerabilities CVE-2013-2110 CVE-2013-4635 CVE-2013-4636 07 Jun 2013 5 (v2) Medium Pass IBM WebSphere Application Server 9.0.x < 9.0.5.3 DoS (CVE-2019-12406) CVE-2019-12406 20 Oct 2020 6.5 (v3) Medium Pass uStorekeeper ustorekeeper.pl fi le Parameter Traversal Arbitrary File Access CVE-2001-0466 03 Apr 2001 5 (v2) Medium Pass HIS AUktion auktion.cgi Traversal Arbitrary Command Execution CVE-2001-0212 25 Mar 2001 7.5 (v2) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 File Traversal (CVE-2019-4268) CVE-2019-4268 19 Oct 2020 5.3 (v3) Medium Pass MySQL Enterprise Monitor 8.0.x < 8.0.22.1262 DoS (Oct 2020 CPU) CVE-2020-13935 23 Oct 2020 7.5 (v3) High Pass Atlassian JIRA < 8.5.9 / 8.6.x < 8.12.3 / 8.13.x < 8.13.1 XSS (JRASERVER-71652) CVE-2020-14184 23 Oct 2020 5.4 (v3) Medium Pass Junos OS: Broadband Edge Service Denial of Service (DoS) Vulnerability (JSA10987) CVE-2020-1608 21 Jan 2020 7.5 (v3) High Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.14 / 8.5.x < 8.5.5.12 / 9.0.x < 9.0.0.5 Weak Security Bindings (CVE-2017-1501) CVE-2017-1501 23 Oct 2020 5.9 (v3) Medium Pass SuperMicro Device Uses Default SSL Certi fi cate 19 Dec 2013 5.8 (v2) Medium Pass SSL Certi fi cate Contains Weak RSA Key (In fi neon TPM / ROCA) CVE-2017-15361 17 Oct 2017 5.9 (v3) Medium Pass APT1-Related SSL Certi fi cate Detected 19 Feb 2013 10 (v2) Critical Pass SSL Certi fi cate Signed with the Revoked DigiNotar Certi fi cate Authority 01 Sep 2011 6.4 (v2) Medium Pass Cisco Adaptive Security Appliance Software Web Services DoS (cisco-sa-asaftd-webdos-fBzM5Ynw) CVE-2020-3304 23 Oct 2020 8.6 (v3) High Pass IBM WebSphere Application Server 7.0.0.x < 7.0.0.45 / 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 Information Disclosure (CVE-2017-1681) CVE-2017-1681 23 Oct 2020 3.3 (v3) Low Pass miniBB bb_func_usernfo.php Website Name Field XSS 01 Jan 2004 4.3 (v2) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 Beanutils Vulnerability (CVE-2019-10086) CVE-2019-10086 23 Oct 2020 7.3 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information Disclosure (CVE-2017-1743) CVE-2017-1743 27 Oct 2020 4.3 (v3) Medium Pass Junos OS Multiple vulnerabilities (JSA11075) CVE-2020-1678 26 Oct 2020 6.5 (v3) Medium Pass Cisco IOS XE Software Consent Token Bypass (cisco-sa-iosxe-ctbypass-7QHAfHkK) CVE-2020-3404 29 Oct 2020 7.8 (v3) High Pass Thunderstone Software TEXIS Nonexistent File Request Path Disclosure CVE-2002-0266 15 Mar 2003 5.3 (v3) Medium Pass PHP Mail Function Header Spoo fi ng CVE-2002-0985 CVE-2002-0986 23 Mar 2003 5 (v2) Medium Pass PHP < 7.3.24 Multiple Vulnerabilities 06 Nov 2020 7.5 (v3) High Pass Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass (cisco-sa-ftd-bypass-3eCfd24j) CVE-2020-3299 30 Oct 2020 5.8 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.11 / 8.5.x < 8.5.5.6 XSS (CVE-2014-8917) CVE-2014-8917 30 Oct 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.x < 9.0.0.10 Security Bypass (CVE-2014-7810) CVE-2014-7810 30 Oct 2020 5.3 (v3) Medium Pass 3Com 3CServer/3CDaemon FTP Server Multiple Vulnerabilities (OF, FS, PD, DoS) CVE-2005-0276 CVE-2005-0277 CVE-2005-0278 CVE-2005-0419 08 Feb 2005 10 (v2) Critical Pass VMware vCenter Server 6.5 / 6.7 / 7.0 DoS (VMSA-2020-0018) CVE-2020-3976 28 Aug 2020 5.3 (v3) Medium Pass Horde IMP status.php3 script Parameter XSS CVE-2002-0181 03 Nov 2004 4.3 (v2) Medium Pass Cisco NX-OS Software Cisco Fabric Services DoS (cisco-sa-fxos-nxos-cfs-dos-dAmnymbd) CVE-2020-3517 04 Nov 2020 8.6 (v3) High Pass Tenable Nessus < 8.12.1 Privilege Escalation Vulnerability (TNS-2020-08) CVE-2020-5793 30 Oct 2020 7.8 (v3) High Pass Cisco Application Policy Infrastructure Controller Linux Kernel IP Fragment Reassembly DoS CVE-2018-5391 27 Mar 2019 7.5 (v3) High Pass Cisco Application Policy Infrastructure Controller Custom Binary Privilege Escalation Vulnerability CVE-2017-6768 25 Aug 2017 7.8 (v3) High Pass Cisco Integrated Management Controller Authorization Bypass (cisco-sa-cimc-auth-zWkppJxL) CVE-2020-26063 06 Nov 2020 5.4 (v3) Medium Pass Juniper Junos OS Command Injection (JSA11108) CVE-2021-0218 14 Jan 2021 7.8 (v3) High Pass Cisco TelePresence Collaboration Endpoint Software Information Disclosure (cisco-sa-tele-info-DrEGLpDQ) CVE-2020-26086 12 Nov 2020 4.3 (v3) Medium Pass Apache Cassandra CQL Shell Service Detection 03 Nov 2020 None Pass Dell OpenManage Server Administrator Path Traversal (DSA-2020-172) CVE-2020-5377 06 Nov 2020 9.1 (v3) Critical Pass Cisco Uni fi ed Communications Manager IM and Presence Service DoS (cisco-sa-imp-dos-uTx2dqu2) CVE-2020-27121 06 Nov 2020 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.4 / 10.0.x < 10.0.1 Command Injection Vulnerability CVE-2020-2000 13 Nov 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.2 Information Exposure Vulnerability CVE-2020-2048 13 Nov 2020 3.3 (v3) Low Pass Juniper Junos EX4300 Series DoS (JSA11067) CVE-2020-1670 01 Dec 2020 6.5 (v3) Medium 28

Pass Cisco IOS XE Software IOx Application Hosting Privilege Escalation (cisco-sa-iosxe-iox-app-host-mcZcnsBt) CVE-2020-3393 13 Nov 2020 7.8 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.4 Information Exposure CVE-2020-2043 14 Sep 2020 3.3 (v3) Low Pass Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check) CVE-2008-0166 15 May 2008 10 (v2) Critical Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.17 / 8.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.5 Vulnerability CVE-2020-1999 13 Nov 2020 5.3 (v3) Medium Pass SMTP Service Cleartext Login Permitted 19 May 2011 2.6 (v2) Low Pass Cisco Security Manager < 4.22 Static Credential Usage (cisco-sa-csm-rce-8gjUz9fW) CVE-2020-27125 17 Nov 2020 9.8 (v3) Critical Pass PHP-Calendar Multiple Script phpc_root_path Parameter Remote File Inclusion CVE-2004-1423 29 Dec 2004 8.3 (v3) High Pass Coppermine Photo Gallery album Password Cookie SQL Injection CVE-2007-3558 25 Feb 2008 7.5 (v2) High Pass Rockwell Automation MicroLogix 1100 PLC Default Credentials 07 Jul 2015 8.3 (v2) High Pass MyBB <= 1.00 RC4 Multiple SQL Injection Vulnerabilities CVE-2005-2580 CVE-2005-2697 CVE-2005-2778 30 Aug 2005 7.5 (v2) High Pass Cisco IoT Field Network Director SOAP API Authorization Bypass Vulnerability (cisco-sa-FND-AUTH-vEypBmmR) CVE-2020-26072 24 Nov 2020 8.7 (v3) High Pass Multiple Web Server printenv CGI Information Disclosure 16 Jul 2010 5 (v2) Medium Pass Cisco IOS XE SD-WAN Software Packet Filtering Bypass (cisco-sa-cedge- fi lt-bypass-Y6wZMqm4) CVE-2020-3444 20 Nov 2020 7.5 (v3) High Pass Cisco IOS Access Points DoS (cisco-sa-20190717-aironet-dos) CVE-2019-1920 20 Nov 2020 7.4 (v3) High Pass IBM WebSphere Application Server 7.0.0.x through 7.0.0.45 / 8.0.0.x through 8.0.0.15 / 8.5.x through to 8.5.5.17 / 9.0.x through to 9.0.5.5 XXE (CVE-2020-4643) CVE-2020-4643 25 Sep 2020 7.5 (v3) High Pass ASP.NET DEBUG Method Enabled 27 Jun 2008 4.3 (v3) Medium Pass SAP Gateway 10Kblaze Remote Code Execution Vulnerability. 19 Jun 2019 9.4 (v3) Critical Pass Juniper Junos OS EX4300 / EX4600 / QFX5 Series DoS (JSA11084) CVE-2020-1687 25 Nov 2020 6.5 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.7 Information Disclosure (715271) CVE-2018-1621 10 Sep 2020 6.7 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.6 XSS (CVE-2020-4578) CVE-2020-4578 15 Oct 2020 5.4 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 Multiple Vulnerabilities (296865) CVE-2011-4343 CVE-2017-1583 20 Oct 2020 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.11 / 9.0.x < 9.0.0.1 FileUpload DoS (CVE-2016-3092) CVE-2017-1503 23 Oct 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information Disclosure (CVE-2012-5783) CVE-2012-5783 27 Oct 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.39 / 8.0.0.x < 8.0.0.12 / 8.5.x < 8.5.5.8 HTTP Response Splitting (CVE-2015-2017) CVE-2015-2017 03 Nov 2020 4.3 (v3) Medium Pass Cisco IoT Field Network Director Unauthenticated REST API (cisco-sa-FND-BCK-GHkPNZ5F) CVE-2020-3531 24 Nov 2020 9.8 (v3) Critical Pass Junos OS malformed IPv6 packet DoS (JSA11083) CVE-2020-1686 01 Dec 2020 7.5 (v3) High Pass Cisco DNA Spaces Connector Web Detection. 01 Dec 2020 None Pass Cisco IOS Software Internet Key Exchange Denial of Service Vulnerability CVE-2017-12237 06 Oct 2017 7.5 (v3) High Pass Cisco DNA Spaces Connector Command Injection Vulnerability (cisco-sa-dna-cmd-injection-rrAYzOwc) CVE-2020-3586 02 Dec 2020 9.8 (v3) Critical Pass PostNuke <= 0.760 RC4b Multiple Vulnerabilities CVE-2005-2689 CVE-2005-2690 30 Aug 2005 4.6 (v2) Medium Pass FTP Daemon Long Command XSRF 17 Jun 2010 5.3 (v3) Medium Pass VMware Workspace ONE Access HTTP Detection 08 Dec 2020 None Pass Netopia Router Crafted SNMP Request Remote Admin Password Disclosure 20 Sep 2006 10 (v2) Critical Pass Remote Help Default Credentials 24 Mar 2010 10 (v2) Critical Pass CMS Made Simple admin/lang.php nls Parameter Remote File Inclusion CVE-2005-2846 01 Sep 2005 6.8 (v2) Medium Pass Phorum register.php Username Field XSS CVE-2005-2836 06 Sep 2005 4.3 (v2) Medium Pass Web Server PROPFIND Method Internal IP Disclosure CVE-2002-0422 18 Mar 2004 2.6 (v2) Low Pass JBoss Administration Console Default Credentials 14 Jul 2010 7.5 (v2) High Pass X11 Server Unauthenticated Access CVE-1999-0526 10 Oct 2005 10 (v2) Critical Pass AttachmateWRQ Re fl ection for Secure IT Server SFTP Format String CVE-2006-0705 14 Feb 2006 5 (v2) Medium Pass Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password (cisco-sa-20181003-cpcp-password) CVE-2018-15389 21 Dec 2020 9.8 (v3) Critical Pass PHP-Fusion < 6.00.108 BBCode Nested URL Tag XSS CVE-2005-2783 08 Sep 2005 4.3 (v2) Medium Pass AMember Multiple Script con fi g[root_dir] Parameter Remote File Inclusion CVE-2005-2865 08 Sep 2005 6.8 (v2) Medium Pass Tetrinet server detection 11 Sep 2005 None Pass Apache mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String CVE-2004-0700 16 Jul 2004 7.5 (v2) High Pass Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family WLAN Local Pro fi ling DoS (cisco-sa-dclass-dos-VKh9D8k3) CVE-2020-3428 21 Dec 2020 6.5 (v3) Medium Pass Zorum <= 3.5 Multiple Remote Vulnerabilities CVE-2005-0675 CVE-2005-0676 CVE-2005-0677 CVE-2005-2651 CVE-2005-4619 CVE-2006-3332 11 Mar 2005 7.5 (v2) High Pass VMware ESX / ESXi Tools Folder Incorrect ACL Privilege Escalation (VMSA-2012-0007) (remote check) CVE-2012-1518 03 Mar 2016 8.3 (v2) High Pass VMware ESX / ESXi Tools Update Privilege Escalation (VMSA-2010-0018) (remote check) CVE-2010-4297 08 Mar 2016 7.2 (v2) High Pass Dada Mail Archived Message XSS CVE-2005-2595 12 Sep 2005 4.3 (v2) Medium Pass Cisco TelePresence Conductor Default Credentials (Web UI) 26 Nov 2014 7.5 (v2) High Pass Trend Micro Worry-Free Business Security Path Traversal Authentication Bypass (000245572) CVE-2020-8600 18 Aug 2020 9.8 (v3) Critical Pass WordPress Plugin 'Email Subscribers & Newsletters' < 4.5.6 Email Forgery/Spoo fi ng Vulnerability. CVE-2020-5780 14 Sep 2020 5.3 (v3) Medium Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0006) (remote check) CVE-2011-2482 CVE-2011-3191 CVE-2011-4348 CVE-2011-4862 CVE-2012-1515 03 Mar 2016 10 (v2) Critical Pass Trend Micro Apex One Management Web Console Detection 03 May 2022 None Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0013) (remote check) CVE-2008-7270 CVE-2010-1321 CVE-2010-2054 CVE-2010-3170 CVE-2010-3173 CVE-2010-3541 CVE-2010-3548 CVE-2010-3549 CVE-2010-3550 CVE-2010-3551 CVE-2010-3552 CVE-2010-3553 CVE-2010-3554 CVE-2010-3555 CVE-2010-3556 CVE-2010-3 04 Mar 2016 10 (v2) Critical Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0012) (remote check) CVE-2010-0296 CVE-2010-1083 CVE-2010-1323 CVE-2010-2492 CVE-2010-2798 CVE-2010-2938 CVE-2010-2942 CVE-2010-2943 CVE-2010-3015 CVE-2010-3066 CVE-2010-3067 CVE-2010-3078 CVE-2010-3086 CVE-2010-3296 CVE-2010-3432 CVE-2010-3 04 Mar 2016 7.9 (v2) High Pass VMware ESX Third-Party Libraries and Components Multiple Vulnerabilities (VMSA-2010-0006) (remote check) CVE-2009-0798 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 08 Mar 2016 6 (v2) Medium Pass VMware ESXi Tools Guest OS Privilege Escalation (VMSA-2014-0005) CVE-2014-3793 30 Dec 2015 5.8 (v2) Medium Pass VMware ESX / ESXi vSphere Client RCE (VMSA-2014-0003) CVE-2014-1209 30 Dec 2015 9.3 (v2) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check) CVE-2011-4940 CVE-2011-4944 CVE-2012-0441 CVE-2012-0876 CVE-2012-1033 CVE-2012-1148 CVE-2012-1150 CVE-2012-1667 CVE-2012-3817 CVE-2012-5703 29 Feb 2016 8.5 (v2) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0014) (remote check) CVE-2007-6063 CVE-2008-0598 CVE-2008-2086 CVE-2008-2136 CVE-2008-2812 CVE-2008-3275 CVE-2008-3525 CVE-2008-4210 CVE-2008-5339 CVE-2008-5340 CVE-2008-5341 CVE-2008-5342 CVE-2008-5343 CVE-2008-5344 CVE-2008-5345 CVE-2008-5 03 Mar 2016 10 (v2) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check) CVE-2007-2052 CVE-2007-4965 CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-5966 CVE-2007-6286 CVE-2008-0002 CVE-2008-1232 CVE-2008-1721 CVE-2008-1887 CVE-2008-1947 CVE-2008-2315 CVE-2008-2370 CVE-2008-3142 CVE-2008-3 03 Mar 2016 10 (v2) Critical Pass VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0006) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 30 Dec 2015 5.8 (v2) Medium Pass VMware ESX Multiple Vulnerabilities (VMSA-2009-0008) (remote check) CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 03 Mar 2016 10 (v2) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2014-0002) CVE-2013-4332 CVE-2013-5211 30 Dec 2015 5 (v2) Medium Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0007) (remote check) CVE-2010-1323 CVE-2010-1324 CVE-2010-2240 CVE-2010-4020 CVE-2010-4021 CVE-2011-1785 CVE-2011-1786 04 Mar 2016 7.2 (v2) High Pass VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check) CVE-2006-6304 CVE-2007-4567 CVE-2009-0590 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1384 CVE-2009-1386 CVE-2009-1387 CVE-2009-2409 CVE-2009-2695 CVE-2009-2908 CVE-2009-2910 CVE-2009-3080 CVE-2009-3228 CVE-2009-3 08 Mar 2016 10 (v2) Critical Pass VMware ESXi Multiple DoS (VMSA-2014-0008) CVE-2013-0242 CVE-2013-1914 30 Dec 2015 5 (v2) Medium Pass VMware ESX / ESXi libxml2 Multiple Vulnerabilities (VMSA-2012-0012) (remote check) CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 CVE-2011-3905 CVE-2011-3919 CVE-2012-0841 29 Feb 2016 9.3 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check) CVE-2005-4889 CVE-2010-2059 CVE-2010-2199 CVE-2010-3316 CVE-2010-3435 CVE-2010-3609 CVE-2010-3613 CVE-2010-3614 CVE-2010-3762 CVE-2010-3853 04 Mar 2016 7.2 (v2) High Pass VMware ESXi Multiple Vulnerabilities (VMSA-2014-0012) CVE-2013-1752 CVE-2013-2877 CVE-2013-4238 CVE-2014-0015 CVE-2014-0138 CVE-2014-0191 30 Dec 2015 6.4 (v2) Medium Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0008) (remote check) CVE-2011-0426 CVE-2011-1788 CVE-2011-1789 04 Mar 2016 5 (v2) Medium Pass VMware ESX / ESXi Multiple DoS (VMSA-2014-0001) CVE-2014-1207 CVE-2014-1208 30 Dec 2015 4.3 (v2) Medium Pass VMware ESX Multiple Vulnerabilities (VMSA-2009-0004) (remote check) CVE-2007-2953 CVE-2008-2712 CVE-2008-3432 CVE-2008-4101 CVE-2008-5077 CVE-2009-0025 03 Mar 2016 9.3 (v2) High Pass VMware ESX / ESXi Service Console and Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0001) (remote check) CVE-2009-3560 CVE-2009-3720 CVE-2010-0547 CVE-2010-0787 CVE-2010-1634 CVE-2010-2059 CVE-2010-2089 CVE-2010-3493 CVE-2010-4649 CVE-2011-0695 CVE-2011-0711 CVE-2011-0726 CVE-2011-1015 CVE-2011-1044 CVE-2011-1078 CVE-2011-1 03 Mar 2016 9.3 (v2) High Pass VMware ESX Multiple Vulnerabilities (VMSA-2009-0009) (remote check) CVE-2009-0034 CVE-2009-0037 CVE-2009-1185 03 Mar 2016 7.2 (v2) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0011) (remote check) CVE-2012-3288 CVE-2012-3289 29 Feb 2016 9.3 (v2) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0009) (remote check) CVE-2009-3080 CVE-2009-4536 CVE-2010-1188 CVE-2010-2240 CVE-2011-1787 CVE-2011-2145 CVE-2011-2146 CVE-2011-2217 04 Mar 2016 9.3 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check) CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2010-2761 CVE-2010-4180 CVE-2010-4252 CVE-2010-4410 CVE-2011-0014 CVE-2011-1020 CVE-2011-1089 CVE-2011-1833 CVE-2011-2484 CVE-2011-2496 CVE-2011-2699 CVE-2011-3188 CVE-2011-3 29 Feb 2016 9.3 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check) CVE-2008-0085 CVE-2008-0086 CVE-2008-0106 CVE-2008-0107 CVE-2008-3825 CVE-2008-5416 CVE-2009-1384 CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-3548 CVE-2009-3555 CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0 04 Mar 2016 7.8 (v3) High Pass VMware ESX Java Runtime Environment (JRE) Multiple Vulnerabilities (VMSA-2010-0002) (remote check) CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1103 CVE-2009-1104 CVE-2009-1105 CVE-2009-1106 CVE-2009-1107 CVE-2009-2 08 Mar 2016 10 (v2) Critical Pass ManageEngine Applications Manager REST API SQLi CVE-2020-15394 07 Jan 2021 9.8 (v3) Critical Pass Juniper Junos OS DoS (JSA11107) CVE-2021-0217 13 Jan 2021 7.4 (v3) High Pass OpenSSL 1.0.2 < 1.0.2zd Vulnerability CVE-2022-0778 16 Mar 2022 7.5 (v3) High Pass Cisco IOS DHCP Multiple Vulnerabilities CVE-2018-0172 CVE-2018-0173 CVE-2018-0174 17 Apr 2018 8.6 (v3) High Pass PHP 7.3.x < 7.3.26 / 7.4.x < 7.4.14 / 8.x < 8.0.1 Input Validation Error CVE-2020-7071 14 Jan 2021 5.3 (v3) Medium Pass SolarWinds Orion Platform 2019.4 HF5 / 2020.2.x < 2020.2.1 SUNBURST Malware Backdoor 14 Dec 2020 8.1 (v3) High Pass Juniper Junos OS Denial of Service (JSA11105) CVE-2021-0215 14 Jan 2021 6.5 (v3) Medium Pass X Server Unauthenticated Access: Screenshot CVE-1999-0526 08 May 2013 10 (v2) Critical Pass OS Identi fi cation : RDP 17 Oct 2007 None Pass OpenSSL 3.0.0 < 3.0.2 Vulnerability CVE-2022-0778 16 Mar 2022 7.5 (v3) High Pass HP Power Manager Default Credentials 17 Nov 2009 7.5 (v2) High Pass Sawmill < 7.1.14 GET Request Query String XSS CVE-2005-2950 12 Sep 2005 4.3 (v2) Medium Pass CMSimple index.php search Function XSS CVE-2005-2392 14 Sep 2005 4.3 (v2) Medium Pass AVEVA InduSoft Web Studio / InTouch Edge HMI UniSoft.dll wcscpy() Stack Over fl ow CVE-2018-17916 31 Oct 2018 9.8 (v3) Critical Pass Schneider Electric IGSS Data Server Path Traversal (CVE-2022-24312) CVE-2022-24312 17 Mar 2022 9.8 (v3) Critical Pass Jumi Component for Joomla! ' fi leid' Parameter SQLi CVE-2009-2102 16 Nov 2009 7.3 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 Information Disclosure (6339255) CVE-2020-4629 19 Jan 2021 3.3 (v3) Low Pass OSSIM 'host/draw_tree.php' Access Restriction Weakness Information Disclosure CVE-2009-3441 02 Nov 2009 5 (v2) Medium Pass 4D WebSTAR Tomcat Plugin Remote Bu ff er Over fl ow CVE-2005-1507 09 May 2005 5.1 (v2) Medium Pass Aprox PHP Portal index.php Arbitrary File View CVE-2004-0237 02 Feb 2004 5 (v2) Medium Pass HP OpenView Network Node Manager webappmon.exe Command Injection (c01661610) CVE-2008-4559 12 Feb 2009 7.5 (v2) High Pass CodeThatShoppingCart Multiple Remote Vulnerabilities (SQLi, XSS, ID) CVE-2005-1593 CVE-2005-1594 CVE-2005-1595 14 May 2005 7.5 (v2) High Pass Novell iManager < 2.7.6 Patch 1 Multiple Vulnerabilities CVE-2013-1088 CVE-2013-3268 19 Apr 2013 10 (v2) Critical Pass Puppet Multiple Vulnerabilities (2013/03/12) CVE-2013-1640 CVE-2013-1652 CVE-2013-1654 CVE-2013-2275 26 Apr 2013 9 (v2) High Pass McAfee ePolicy Orchestrator 4.6.x Multiple Vulnerabilities (SB10042) CVE-2013-0140 CVE-2013-0141 04 May 2013 7.9 (v2) High Pass IBM Multiple Products login.php Query String XSS CVE-2010-0714 15 Mar 2010 4.3 (v2) Medium Pass OSSIM download.php Directory Traversal 17 Mar 2010 5 (v2) Medium Pass VMware ESX WebAccess Context Data XSS (VMSA-2010-0005) CVE-2009-2277 05 Apr 2010 4.3 (v2) Medium Pass Apache Tomcat 4.1 XSS CVE-2002-1567 14 Jul 2010 5.3 (v3) Medium Pass NetSupport Manager Gateway HTTP Protocol Information Disclosure CVE-2010-4184 10 Nov 2010 4.3 (v2) Medium 29

Pass NextGEN Smooth Gallery Plugin for WordPress 'galleryID' Parameter SQL Injection 07 Sep 2010 6.8 (v2) Medium Pass Ektron CMS400.NET Default Credentials 30 Apr 2010 7.5 (v2) High Pass Syncrify < 2.1 Build 420 Multiple Security Bypass Vulnerabilities 23 Sep 2010 7.5 (v2) High Pass Community Link Pro login.cgi fi le Parameter Arbitrary Command Execution CVE-2005-2111 27 Jul 2005 7.5 (v2) High Pass Land Down Under <= 800 Multiple Vulnerabilities CVE-2005-2674 CVE-2005-2675 CVE-2005-2780 06 Sep 2005 6.8 (v2) Medium Pass Red Hat Administration Server (redhat-ds-admin) Multiple Remote Vulnerabilities CVE-2008-0892 CVE-2008-0893 23 Apr 2008 9 (v2) High Pass MODx < 2.0.3-pl class_key Parameter Local File Inclusion CVE-2010-5278 20 Oct 2011 6.8 (v2) Medium Pass ManageEngine Desktop Central < 10.1.2137.9 Authentication Bypass (uncredentialed check) CVE-2021-44757 24 Mar 2022 9.1 (v3) Critical Pass Ipswitch WhatsUp Professional Crafted Header Authentication Bypass CVE-2006-2531 18 May 2006 7.5 (v2) High Pass Emulive Server4 Authentication Bypass CVE-2004-1695 CVE-2004-1696 23 Sep 2004 7.5 (v2) High Pass PHPSurveyor Multiple SQL Injections CVE-2005-4586 03 Jan 2006 7.5 (v2) High Pass McAfee WebShield UI Authentication Bypass (SB10026) CVE-2012-4595 16 May 2012 7.5 (v2) High Pass Pretty Link Plugin for WordPress 'pretty-bar.php' 'url' Parameter XSS CVE-2011-4595 06 Jun 2012 4.3 (v2) Medium Pass Woltlab Burning Board Multiple SQL Injections CVE-2005-3369 CVE-2006-1094 08 Mar 2006 7.5 (v2) High Pass Symantec Message Filter Multiple Vulnerabilities (SYM12-010) CVE-2012-0300 CVE-2012-0301 CVE-2012-0302 CVE-2012-0303 03 Jul 2012 6.8 (v2) Medium Pass Symantec Reporting Server Improper URL Handling Exposure CVE-2009-1432 01 May 2009 4.3 (v2) Medium Pass Adobe ColdFusion On Apache Double Encoded NULL Byte Request File Content Disclosure CVE-2009-1876 21 Aug 2009 5.3 (v3) Medium Pass WaveMaker Studio Requires No Authentication 19 Jul 2012 7.5 (v2) High Pass CoolForum Multiple Vulnerabilities (SQLi, XSS) CVE-2005-0857 CVE-2005-0858 22 Mar 2005 5.1 (v2) Medium Pass AXIGEN Webmail < 7.1.0 HTML Body Script Insertion CVE-2009-1484 27 May 2009 4.3 (v2) Medium Pass Oracle Secure Backup Administration Server Authentication Bypass CVE-2009-1977 14 Sep 2009 10 (v2) Critical Pass ASG-Sentry CGI Default Credentials 14 Oct 2008 7.5 (v2) High Pass Sun Java System Directory Server Online Help Feature Information Disclosure CVE-2009-1332 04 Jun 2009 5 (v2) Medium Pass McAfee Common Management Agent < 3.6.0.603 FrameworkService.exe AVClient DoS CVE-2008-1855 23 Nov 2009 5.3 (v3) Medium Pass BASE < 1.2.5 readRoleCookie() Auth Bypass 26 Jun 2009 7.5 (v2) High Pass WordPress Pingback File Information Disclosure CVE-2007-0541 25 Jan 2007 5 (v2) Medium Pass GOsa Multiple Script plugin Parameter Remote File Inclusion CVE-2003-1412 27 Feb 2003 8.3 (v3) High Pass CockroachDB < 2.1.12 / 19.x < 19.1.8 / 19.2.x < 19.2.4 Broken Access Control Direct Check (A42567) 04 Apr 2022 9.1 (v3) Critical Pass Microsoft IIS Translate f: ASP/ASA Source Disclosure CVE-2000-0778 23 Aug 2000 5 (v2) Medium Pass Directory Pro Traversal Arbitrary File Access CVE-2001-0780 29 May 2001 5 (v2) Medium Pass ht://Dig htsearch Multiple Vulnerabilities CVE-2001-0834 17 Oct 2001 5.8 (v2) Medium Pass HP Operations Orchestration 10.x < 10.22.001 XSRF CVE-2015-5451 02 Dec 2015 6.8 (v2) Medium Pass Novell 'modulemanager' Servlet Arbitrary File Upload (safe check) CVE-2010-0284 01 Jul 2010 10 (v2) Critical Pass LiteSpeed Web Server MIME Type Injection Null Byte Script Source Code Disclosure CVE-2007-5654 23 Oct 2007 5 (v2) Medium Pass Woppoware PostMaster <= 4.2.2 Multiple Vulnerabilities CVE-2005-1650 CVE-2005-1651 CVE-2005-1652 CVE-2005-1653 12 May 2005 5 (v2) Medium Pass Apache Tomcat Catalina org.apache.catalina.servlets.DefaultServlet Source Code Disclosure CVE-2002-1148 CVE-2002-1394 28 Nov 2002 5.3 (v3) Medium Pass TWiki 'rev' Parameter Arbitrary Command Execution CVE-2005-2877 15 Sep 2005 8.8 (v3) High Pass Spring Framework Spring4Shell (CVE-2022-22965) CVE-2022-22965 06 Apr 2022 9.8 (v3) Critical Pass WordPress < 1.5.1.3 XMLRPC SQL Injection CVE-2005-2108 01 Jul 2005 7.5 (v2) High Pass HP OpenView Network Node Manager Multiple CGI Remote Over fl ows CVE-2007-6204 07 Dec 2007 7.5 (v2) High Pass Site@School slideshow_full.php album_name Parameter SQL Injection CVE-2008-0129 04 Jan 2008 6.8 (v2) Medium Pass VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0011) CVE-2022-22954 CVE-2022-22955 CVE-2022-22956 CVE-2022-22957 CVE-2022-22958 CVE-2022-22959 CVE-2022-22960 CVE-2022-22961 06 Apr 2022 9.8 (v3) Critical Pass Vignette Application Portal Diagnostic Utility Information Disclosure CVE-2004-0917 29 Sep 2004 5 (v2) Medium Pass Alexandria-dev Multiple Script Upload Spoo fi ng Arbitrary File Access 28 Mar 2003 4 (v2) Medium Pass Mambo Site Server MD5 Hash Session ID Privilege Escalation CVE-2003-1245 12 Mar 2003 10 (v2) Critical Pass MPC SoftWeb Guestbook Multiple Vulnerabilities 07 May 2003 5 (v2) Medium Pass phPay admin/phpinfo.php Information Disclosure 14 Apr 2003 6.4 (v2) Medium Pass eZ Publish settings/site.ini Con fi guration Disclosure 15 Apr 2003 5 (v2) Medium Pass MultiHTML multihtml.pl Traversal Arbitrary File Access CVE-2000-0912 16 Sep 2000 5 (v2) Medium Pass HappyMall Multiple Script Arbitrary Command Execution CVE-2003-0243 08 May 2003 10 (v2) Critical Pass ttCMS 2.2 Multiple Vulnerabilities CVE-2003-1458 CVE-2003-1459 19 May 2003 7.3 (v3) High Pass Symantec LiveUpdate Administrator < 2.3.2.110 Multiple Vulnerabilities (SYM14-005) CVE-2014-1644 CVE-2014-1645 31 Mar 2014 7.5 (v2) High Pass ATutor < 1.5.1-pl1 Multiple Remote Vulnerabilities (XSS, RFI, Command Exe) CVE-2005-3403 CVE-2005-3404 CVE-2005-3405 27 Oct 2005 7.5 (v2) High Pass GD Star Rating Plugin for WordPress 'export.php' Authentication Bypass Information Disclosure 27 Mar 2013 5 (v2) Medium Pass WF-Chat User Account Disclosure CVE-2003-1540 02 Jun 2003 5 (v2) Medium Pass IRCXPro Default Admin Password 03 Jun 2003 6.4 (v2) Medium Pass SquirrelMail Multiple Remote Vulnerabilities 18 Jun 2003 7.5 (v2) High Pass CGI Generic SQL Injection (2nd pass) 12 Nov 2009 7.5 (v2) High Pass PHPCatalog id Parameter SQL Injection 31 Dec 2003 7.5 (v2) High Pass Smart Publisher index.php fi ledata Parameter Arbitrary Command Execution CVE-2008-0503 29 Jan 2008 8.8 (v3) High Pass Ocean12 ASP Calendar Administrative Access CVE-2004-1400 15 Dec 2004 7.5 (v2) High Pass Puppet Enterprise < 3.0.1 Multiple Vulnerabilities CVE-2013-4073 CVE-2013-4761 CVE-2013-4762 CVE-2013-4955 CVE-2013-4956 CVE-2013-4958 CVE-2013-4959 CVE-2013-4961 CVE-2013-4962 CVE-2013-4963 CVE-2013-4964 CVE-2013-4967 CVE-2013-4968 28 Oct 2013 6.9 (v2) Medium Pass HP Web JetAdmin <=7.0 Multiple Vulnerabilities (XSS, Code Exe, DoS, more) 05 May 2004 10 (v2) Critical Pass Novell iManager < 2.7 SP1 Property Book Pages Arbitrary Plug-in Studio Deletion CVE-2008-3488 12 Aug 2008 5 (v2) Medium Pass JBoss Enterprise Application Platform (EAP) Status Servlet Request Remote Information Disclosure CVE-2008-3273 CVE-2010-1429 13 Aug 2008 5 (v2) Medium Pass cformsII Plugin for WordPress 'rs' Parameter XSS CVE-2010-3977 08 Nov 2010 4.3 (v2) Medium Pass ELOG Web Logbook < 2.5.7 Multiple Remote Vulnerabilities (OF, Traversal) CVE-2005-0439 CVE-2005-0440 16 Feb 2005 7.5 (v2) High Pass Puppet Enterprise 3.x < 3.2.0 Multiple Vulnerabilities CVE-2013-4966 CVE-2013-4971 CVE-2014-0060 CVE-2014-0082 21 Mar 2014 6.4 (v2) Medium Pass CuteNews show_archives.php archive Parameter XSS 20 Aug 2004 4.7 (v3) Medium Pass Microsoft IIS global.asa Remote Information Disclosure 05 Jun 2002 1.9 (v2) Low Pass ManageEngine ServiceDesk Plus FileDownload.jsp FILENAME Parameter Traversal Arbitrary File Access CVE-2011-2755 CVE-2011-2756 CVE-2011-2757 28 Jun 2011 5 (v2) Medium Pass PerlDesk pdesk.cgi lang Parameter Traversal Arbitrary File Access CVE-2004-1678 15 Sep 2004 5 (v2) Medium Pass Dell KACE K2000 Web Backdoor Account CVE-2011-4046 09 Nov 2011 7.5 (v2) High Pass WordPress < 1.2.2 Multiple XSS CVE-2004-1559 28 Sep 2004 4.3 (v2) Medium Pass Symantec Web Gateway timer.php XSS (SYM12-006) CVE-2012-0296 15 May 2012 4.3 (v2) Medium Pass ocPortal index.php req_path Parameter Remote File Inclusion CVE-2004-1592 13 Oct 2004 8.3 (v3) High Pass Limbo CMS Multiple Vulnerabilities CVE-2005-4317 CVE-2005-4318 CVE-2005-4319 CVE-2005-4320 30 Jan 2006 7.5 (v2) High Pass paNews admin_setup.php Multiple Parameter Arbitrary PHP Code Injection CVE-2005-0647 23 Feb 2005 7.3 (v3) High Pass OpenConnect WebConnect < 6.5.1 Multiple Vulnerabilities CVE-2004-0465 CVE-2004-0466 24 Feb 2005 5 (v2) Medium Pass UBB.threads ubbthreads.php debug Parameter XSS CVE-2006-2755 31 May 2006 4.3 (v2) Medium Pass Greymatter 1.3 Multiple Vulnerabilities 08 Jan 2005 4.3 (v2) Medium Pass IBM Websphere Commerce Database Update Information Disclosure 15 Jan 2005 2.6 (v2) Low Pass Novell 'modulemanager' Servlet Arbitrary File Upload (intrusive check) CVE-2010-0284 01 Jul 2010 10 (v2) Critical Pass SmarterTools SmarterMail Attachment Upload XSS 31 Jan 2005 4.3 (v2) Medium Pass TYPO3 Default Credentials 22 Jan 2010 7.5 (v2) High Pass WebCalendar login.php webcalendar_session Cookie SQL Injection CVE-2005-0474 18 Feb 2005 7.3 (v3) High Pass Claroline add_course.php Multiple Parameter XSS 08 Feb 2005 4.3 (v2) Medium Pass Microsoft Outlook Web Access (OWA) Anonymous Access CVE-2001-0660 10 Oct 2001 5 (v2) Medium Pass CProxy 3.3.x - 3.4.4 Multiple Vulnerabilities CVE-2005-0657 05 Mar 2005 7.8 (v2) High Pass zFeeder admin.php Direct Request Admin Authentication Bypass CVE-2009-0807 09 Mar 2009 7.5 (v2) High Pass VICIDIAL Call Center Suite admin.php SQL Injection CVE-2009-2234 26 May 2009 6.8 (v2) Medium Pass Redhat Stronghold status / info Request Information Disclosure CVE-2001-0868 25 Nov 2001 5 (v2) Medium Pass Nuked-Klan 1.2b Multiple Vulnerabilities CVE-2003-1238 CVE-2003-1370 CVE-2003-1371 28 Feb 2003 5.8 (v2) Medium Pass PHP 5.6.x < 5.6.12 Multiple Vulnerabilities CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-8867 CVE-2015-8874 CVE-2015-8879 11 Aug 2015 7.3 (v3) High Pass HotNews Multiple Script Remote File Inclusion CVE-2004-1796 05 Jan 2004 8.3 (v3) High Pass Basilix Webmail Attachment Crafted POST Arbitrary File Access CVE-2002-1710 09 Aug 2004 5 (v2) Medium Pass Coppermine Photo Gallery init.inc.php X-Forwarded-For XSS CVE-2005-1172 18 Apr 2005 3.5 (v2) Low Pass Splunk Enterprise < 5.0.14 / 6.0.10 / 6.1.9 / 6.2.5 or Splunk Light < 6.2.5 Multiple Vulnerabilities CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1793 21 Aug 2015 6.8 (v2) Medium Pass MetaCart E-Shop productsByCategory.ASP Multiple Vulnerabilities CVE-2005-1361 CVE-2005-1363 CVE-2005-1622 17 May 2005 7.5 (v2) High Pass WP Symposium Plugin for WordPress forum_functions.php 'topic_id' Parameter SQLi 25 Aug 2015 7.5 (v2) High Pass ProductCart Multiple Input Validation Vulnerabilities CVE-2005-0994 CVE-2005-0995 06 Apr 2005 7.5 (v2) High Pass Splunk Enterprise 6.2.x < 6.2.6 / Splunk Light 6.2.x < 6.2.6 Splunk Web XSS 16 Sep 2015 4.3 (v2) Medium Pass WebHints hints.pl Arbitrary Command Execution CVE-2005-1950 13 Jun 2005 7.5 (v2) High Pass ezUpload <= 2.2 Multiple Remote Vulnerabilities (SQLi, RFI, LFI) CVE-2005-2616 CVE-2005-4308 CVE-2005-4309 10 Aug 2005 7.5 (v2) High Pass ManageEngine ServiceDesk Plus User and Domain Enumeration 20 Oct 2015 5 (v2) Medium Pass MercuryBoard User-Agent SQL Injection CVE-2005-2028 21 Jun 2005 6.5 (v2) Medium Pass DUclassmate Multiple Scripts SQL Injection CVE-2005-2049 28 Jun 2005 7.5 (v2) High Pass DUpaypal Pro Multiple Scripts SQL Injection CVE-2005-2047 CVE-2006-6365 28 Jun 2005 7.5 (v2) High Pass IBM InfoSphere Data Replication Dashboard User Enumeration CVE-2013-0584 10 Apr 2013 5 (v2) Medium Pass Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed Plus Line Cards DoS (cisco-sa-lsplus-Z6AQEOjk) CVE-2022-20714 22 Apr 2022 8.6 (v3) High Pass ManageEngine ServiceDesk Plus Multiple Vulnerabilities 16 Nov 2015 5 (v2) Medium Pass Gossamer Threads Links < 3.0.4 Multiple Script XSS 20 Jul 2005 4.7 (v3) Medium 30

Pass ModernBill <= 4.3.0 Multiple Vulnerabilities CVE-2005-1053 CVE-2005-1054 11 Apr 2005 6.8 (v2) Medium Pass paFileDB auth.php pa fi ledbcookie Cookie SQL Injection CVE-2005-2723 25 Aug 2005 5.1 (v2) Medium Pass Gravity Board X <= 1.1 Multiple Vulnerabilities (SQLi, XSS, PD, Cmd Exe) CVE-2005-2562 CVE-2005-2563 CVE-2005-2564 CVE-2005-2565 08 Aug 2005 7.5 (v2) High Pass Limbo CMS index.php Itemid Parameter Arbitrary Command Execution CVE-2006-1662 03 Mar 2006 7.5 (v2) High Pass AutoLinks Pro 'al_initialize.php alpath Parameter Remote File Inclusion CVE-2005-2782 29 Aug 2005 6.8 (v2) Medium Pass VMware Workspace One Access / VMware Identity Manager Server-side Template Injection RCE (CVE-2022-22954) CVE-2022-22954 25 Apr 2022 9.8 (v3) Critical Pass SolarWinds Orion NPM < 10.7 Multiple Vulnerabilities CVE-2014-3459 12 May 2014 6.8 (v2) Medium Pass WebGUI < 6.7.3 Multiple Command Execution Vulnerabilities CVE-2005-2837 06 Sep 2005 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA69503) CVE-2022-22193 25 Apr 2022 5.5 (v3) Medium Pass Fortinet FortiAuthenticator Default Credentials 16 Feb 2015 10 (v2) Critical Pass RaidenHTTPD check.php SoftParserFileXml Parameter Remote File Inclusion CVE-2006-4723 11 Sep 2006 5.1 (v2) Medium Pass paFileDB pa fi ledb.php id Parameter XSS CVE-2002-1931 CVE-2005-0952 26 Mar 2003 4.3 (v2) Medium Pass WP Super Cache Plugin for WordPress Multiple Insecure PHP Code Inclusion Macros Remote Code Execution CVE-2013-2009 CVE-2013-2011 03 May 2013 8.8 (v3) High Pass GNUMP3d < 2.9.6 Multiple Remote Vulnerabilities (XSS, Traversal) CVE-2005-3123 CVE-2005-3424 CVE-2005-3425 31 Oct 2005 5 (v2) Medium Pass phpMyDirectory review.php subcat Parameter XSS CVE-2005-0896 25 Mar 2005 4.3 (v2) Medium Pass phpAdsNew XML-RPC Library Remote Code Injection CVE-2005-1921 11 Nov 2005 7.3 (v3) High Pass Citrix Access Gateway 5.x < 5.0.4.223524 Unspeci fi ed Security Bypass CVE-2013-2263 12 Apr 2013 5 (v2) Medium Pass MyBB ratethread.php 'rating' Parameter SQLi CVE-2005-4200 17 Sep 2005 7.5 (v2) High Pass NetworkActiv Web Server Crafted Filename Request Script Source Disclosure CVE-2006-0815 27 Mar 2006 5 (v2) Medium Pass WebCalendar includes/functions.php noSet Variable Overwrite CVE-2007-1343 07 Mar 2007 7.5 (v2) High Pass Visual Mining NetCharts Server Default Credentials (Web UI) 17 Dec 2014 7.5 (v2) High Pass Philboard /database/philboard.mdb Direct Request Database Disclosure 02 Jun 2003 5 (v2) Medium Pass Symantec Web Gateway < 5.2.2 Authenticated OS Command Injection (SYM14-016) CVE-2014-7285 19 Dec 2014 6.5 (v2) Medium Pass Alibaba tst.bat Arbitrary Command Execution CVE-1999-0885 04 Nov 1999 5 (v2) Medium Pass Link-Local Multicast Name Resolution (LLMNR) Service Detection 28 Apr 2022 None Pass ColdFusion Web Server User-Agent HTTP Header Error Message XSS CVE-2007-0817 06 Feb 2007 4.3 (v2) Medium Pass ALCASAR 'index.php' Crafted HTTP Header RCE 20 Jan 2015 7.5 (v2) High Pass ManageEngine Password Manager Pro 6.5 < 7.1 Build 7105 Blind SQL Injection CVE-2014-8499 23 Jan 2015 6.3 (v3) Medium Pass ManageEngine Password Manager Pro < 7.0 Build 7003 SQL Injection CVE-2014-3996 CVE-2014-3997 23 Jan 2015 7.3 (v3) High Pass rot13sj.cgi Arbitrary File Access 03 Jun 2003 7.5 (v2) High Pass Fortinet FortiAuthenticator 'operation' Parameter XSS CVE-2015-1455 CVE-2015-1456 CVE-2015-1457 CVE-2015-1458 CVE-2015-1459 16 Feb 2015 7.5 (v2) High Pass Adobe ColdFusion Authentication Bypass (APSB13-13) CVE-2013-1389 14 May 2013 10 (v2) Critical Pass ManageEngine OpManager Default Credentials CVE-2015-7765 16 Feb 2015 9 (v2) High Pass ManageEngine OpManager 'probeName' SQL Injection Vulnerability CVE-2014-7867 16 Feb 2015 7.5 (v2) High Pass Symantec Data Center Security Server 'environment.jsp' Information Disclosure (SYM15-001) CVE-2014-9225 26 Feb 2015 4 (v2) Medium Pass wwwcount Count.cgi Remote Over fl ow CVE-1999-0021 22 Jun 1999 7.5 (v2) High Pass Symantec Data Center Security Server 'SSO-Error.jsp' XSS (SYM15-001) CVE-2014-9224 26 Feb 2015 3.5 (v2) Low Pass Symantec Data Center Security Server SQLi (SYM15-001) CVE-2014-7289 26 Feb 2015 6.5 (v2) Medium Pass ManageEngine Desktop Central NativeAppServlet UDID JSON RCE CVE-2014-9371 09 Mar 2015 10 (v2) Critical Pass NETGEAR SOAP Request Handling Remote Authentication Bypass 12 Mar 2015 8.8 (v3) High Pass HP Operations Orchestration 10.x Remote Information Disclosure CVE-2015-2108 12 May 2015 3.5 (v2) Low Pass Websense TRITON Unauthorized File Disclosure CVE-2015-2748 21 May 2015 5 (v2) Medium Pass SPIP < 1.8.2-g Multiple Vulnerabilities CVE-2006-0517 CVE-2006-0518 CVE-2006-0519 25 Feb 2006 7.5 (v2) High Pass Scrutinizer < 9.5.2 Multiple Vulnerabilities CVE-2012-2626 CVE-2012-2627 CVE-2012-3848 23 Aug 2012 9.4 (v2) High Pass alpha_auth_check() Function Remote Authentication Bypass CVE-2013-6026 15 Oct 2013 10 (v2) Critical Pass IBM DB2 Content Manager eClient < 8.4.1.1 Unspeci fi ed Security Vulnerability CVE-2009-1231 23 Sep 2013 10 (v2) Critical Pass phpMoAdmin saveObject Remote Command Execution CVE-2015-2208 16 Jun 2015 7.5 (v2) High Pass Western Digital Arkeia Virtual Appliance Unsupported Version Detection 28 May 2014 10 (v2) Critical Pass Western Digital Arkeia 10.1.x < 10.1.19 / 10.2.x < 10.2.9 Multiple Vulnerabilities (Heartbleed) CVE-2014-0160 CVE-2014-2846 02 Jun 2014 7.5 (v3) High Pass Splunk < 5.0.6 Unspeci fi ed XSS CVE-2013-6870 27 Nov 2013 4.3 (v2) Medium Pass Huawei Multiple Device Authentication Bypass CVE-2013-6031 24 Mar 2014 4.3 (v2) Medium Pass Oracle Containers for J2EE Component Unspeci fi ed XSS CVE-2013-5773 10 Jan 2014 4.3 (v2) Medium Pass Sophos Web Protection Appliance patience.cgi 'id' Parameter Directory Traversal CVE-2013-2641 09 Apr 2013 5.3 (v3) Medium Pass IBM Rational Focal Point Login Servlet File Disclosure CVE-2013-5397 06 Mar 2014 3.3 (v2) Low Pass Oracle Containers for J2EE Multiple Unspeci fi ed HTTP Vulnerabilities (April 2014 CPU) CVE-2014-0413 CVE-2014-0414 CVE-2014-0426 21 May 2014 5 (v2) Medium Pass Blackboard Learning System <= 8.0 SP6 Unspeci fi ed XSS CVE-2014-0811 13 Jun 2014 4.3 (v2) Medium Pass In fi nite Mobile Delivery Webmail Multiple Vulnerabilities (XSS, PD) CVE-2005-0323 CVE-2005-0324 31 Jan 2005 4.3 (v2) Medium Pass HP AutoPass License Server Remote Code Execution (HPSBMU03045) CVE-2013-6221 27 Jun 2014 10 (v2) Critical Pass ionCube loader-wizard.php Remote Information Disclosure 04 Apr 2014 5 (v2) Medium Pass Halon Security Router User Interface Default Credentials 11 Aug 2014 10 (v2) Critical Pass Riverbed SteelApp (Stingray) Tra ffi c Manager < 9.7 Multiple XSS CVE-2014-5264 CVE-2014-5348 15 Sep 2014 4.3 (v2) Medium Pass Usermin ' miniserv.pl ' Arbitrary File Disclosure CVE-2006-3392 16 Sep 2014 5 (v2) Medium Pass Elasticsearch Groovy Script RCE CVE-2015-1427 13 Mar 2015 7.5 (v2) High Pass PHP 5.6.0 Multiple Vulnerabilities CVE-2013-6712 CVE-2013-7226 CVE-2013-7327 CVE-2013-7345 CVE-2014-0185 CVE-2014-0207 CVE-2014-0236 CVE-2014-0237 CVE-2014-0238 CVE-2014-1943 CVE-2014-2270 CVE-2014-2497 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3 17 Oct 2014 7.3 (v3) High Pass Novell GroupWise WebAccess User.interface XSS CVE-2012-0410 19 Jul 2012 5 (v2) Medium Pass ArGoSoft Mail Server Pro <= 1.8.7.6 Multiple Vulnerabilities (XSS, Traversal, Priv Esc) CVE-2005-1282 CVE-2005-1283 CVE-2005-1284 26 Apr 2005 5 (v2) Medium Pass Nagios XI < 2011R1.9 login.php XSS 06 Aug 2012 4.3 (v2) Medium Pass RabidHamster R4 left_console.html cmd Parameter load fi le() Function Traversal Arbitrary File Access 09 Aug 2012 4.3 (v2) Medium Pass McAfee Agent 4.6.x < 4.8.0.1938 / 5.0.x < 5.0.1 Log View Clickjacking (SB10094) CVE-2015-2053 02 Jun 2015 4.7 (v3) Medium Pass West Wind Web Connection Unprotected Con fi guration Editor Application 19 Sep 2012 10 (v2) Critical Pass Splunk 4.3.x < 4.3.6 Unspeci fi ed XSS CVE-2013-2766 19 Apr 2013 4.3 (v2) Medium Pass NetIQ Privileged User Manager Password Change Authentication Bypass (intrusive check) CVE-2012-5930 21 Nov 2012 6.4 (v2) Medium Pass IceWarp Webmail raw.php Information Disclosure 19 Dec 2012 5 (v2) Medium Pass Advanced Custom Fields Plugin for WordPress 'acf_abspath' Parameter Remote File Inclusion 21 Dec 2012 7.5 (v2) High Pass Trend Micro Threat Intelligence Manager sampleReporting.php 'fakename' Parameter File Disclosure CVE-2014-2204 22 Jul 2015 7.8 (v2) High Pass WebYaST Host Modi fi cation MiTM CVE-2012-0435 25 Jan 2013 5.8 (v2) Medium Pass HP Diagnostics Server Default Credentials 05 Feb 2013 7.5 (v2) High Pass EMC Data Protection Advisor Web UI Directory Traversal CVE-2012-4616 20 Feb 2013 5 (v2) Medium Pass WP Symposium Plugin for WordPress 'symposium_groups_functions.php' 'gid' Parameter SQL Injection 26 Feb 2013 7.5 (v2) High Pass cPanel <= 9.1.0 Multiple Vulnerabilities CVE-2004-1769 CVE-2004-1770 CVE-2004-2308 14 Mar 2004 10 (v2) Critical Pass Adobe InDesign Server RunScript Arbitrary Command Execution 08 Mar 2013 7.5 (v2) High Pass Mambo Open Source Multiple Vulnerabilities CVE-2006-0871 CVE-2006-1794 27 Mar 2006 5.1 (v2) Medium Pass Git Repository Served by Web Server 27 Mar 2013 5 (v2) Medium Pass Apache Solr < 4.3.1 XML External Entity Injection CVE-2013-6408 07 Jan 2014 6.4 (v2) Medium Pass WordPress check_ajax_referer() Function SQL Injection CVE-2007-2821 23 May 2007 7.5 (v2) High Pass TalentSoft Web+ webplus CGI Traversal Arbitrary File Access CVE-2000-0282 12 Apr 2000 5 (v2) Medium Pass Sybase EAServer 6.x < 6.3.1 ESD#3 Multiple Code Execution Vulnerabilities 03 Jul 2013 10 (v2) Critical Pass OpenSSL 1.0.2 < 1.0.2ze Vulnerability CVE-2022-1292 04 May 2022 9.8 (v3) Critical Pass OSSIM tele_compress.php Directory Traversal CVE-2013-6056 18 Jun 2014 7.8 (v2) High Pass Splunk < 5.0.4 X-FRAME-OPTIONS Clickjacking Vulnerability 09 Aug 2013 5.8 (v2) Medium Pass HP LaserJet Pro /dev/save_restore.xml Administrative Password Disclosure CVE-2013-4807 09 Aug 2013 7.8 (v2) High Pass Blue Coat ICAP Patience Page XSS CVE-2008-4485 22 Aug 2013 4.3 (v2) Medium Pass FreeNAS 'exec_raw.php' Arbitrary Command Execution 08 Nov 2010 10 (v2) Critical Pass eclime index.php ref Parameter SQL Injection CVE-2010-4851 13 Dec 2010 7.5 (v2) High Pass SEO Tools Plugin for WordPress ' fi le' Parameter Arbitrary File Access 17 Nov 2010 5 (v2) Medium Pass Server Message Block (SMB) Protocol Version Detection 04 May 2022 None Pass Pandora FMS Console Default Credentials 06 Dec 2010 7.5 (v2) High Pass CGI Generic XSS (persistent, 2nd pass) 14 Jan 2011 4.3 (v2) Medium Pass Netscape PSCOErrPage.htm errPagePath Parameter Traversal Arbitrary File Access CVE-2000-1196 12 Apr 2000 5 (v2) Medium Pass HP OpenView Network Node Manager Remote Execution of Arbitrary Code (HPSBMA02621 SSRT100352) CVE-2010-2703 CVE-2011-0261 CVE-2011-0262 CVE-2011-0263 CVE-2011-0264 CVE-2011-0265 CVE-2011-0266 CVE-2011-0267 CVE-2011-0268 CVE-2011-0269 CVE-2011-0270 CVE-2011-0271 21 Jan 2011 10 (v2) Critical Pass ManageEngine Desktop Central statusUpdate Arbitrary File Upload RCE (intrusive check) CVE-2014-5005 25 Mar 2015 7.5 (v2) High Pass WoltLab Burning Board search.php Multiple Parameter SQL Injection CVE-2007-0388 18 Jan 2007 7.5 (v2) High Pass Miva htmlscript Traversal Arbitrary File Access CVE-1999-0264 22 Jun 1999 7.8 (v2) High Pass MDaemon WorldClient < 12.0.3 Summary Page Email Subject XSS 20 May 2011 4.3 (v2) Medium Pass Veri-NAC Appliance unauthenticated URL Directory Traversal 09 Jun 2011 5.3 (v3) Medium Pass Symantec Web Gateway forget.php Blind SQL Injection (SYM11-008) CVE-2011-0549 20 Jul 2011 7.5 (v2) High Pass IceWarp Multiple Script Remote File Inclusion CVE-2006-0817 CVE-2006-0818 20 Jul 2006 5 (v2) Medium Pass Trend Micro O ffi ceScan Server CGI Modules Multiple Vulnerabilities CVE-2007-3454 CVE-2007-3455 29 Jun 2007 10 (v2) Critical Pass SAP DB / MaxDB Web Server DBM_INTERN_TEST Event Bu ff er Over fl ow CVE-2007-3614 10 Jul 2007 7.5 (v2) High Pass op5 Portal Arbitrary Command Execution CVE-2012-0261 17 Jan 2012 10 (v2) Critical Pass RunCMS xoopsOption Parameter Local File Inclusion 26 Nov 2007 5.1 (v2) Medium Pass ManageEngine DeviceExpert Default Administrator Credentials 22 Mar 2012 7.5 (v2) High 31

Pass PBLang 4.65 Multiple Vulnerabilities CVE-2005-2892 CVE-2005-2893 CVE-2005-2894 CVE-2005-2895 08 Sep 2005 7.5 (v2) High Pass CiscoWorks Common Services HTTP Response Splitting CVE-2011-4237 01 May 2012 4.3 (v2) Medium Pass MS15-087: Vulnerability in UDDI Services Could Allow Elevation of Privilege (3082459) (uncredentialed check) CVE-2015-2475 13 Aug 2015 4.3 (v2) Medium Pass Symantec Message Filter Management Interface Default Credentials 03 Jul 2012 7.5 (v2) High Pass Symantec Web Gateway Multiple Script Shell Command Execution (SYM12-011) CVE-2012-2957 CVE-2012-2976 06 Aug 2012 10 (v2) Critical Pass osCommerce fi le_manager.php Arbitrary PHP Code Injection (intrusive check) 03 Nov 2009 8.8 (v3) High Pass Sun Secure Global Desktop / Tarantella < 4.20.983 Multiple XSS CVE-2006-4958 CVE-2006-4959 03 Oct 2006 6.8 (v2) Medium Pass McAfee WebShield UI ProcessTextFile bodyStyle Parameter XSS (SB10020) CVE-2012-4580 03 Apr 2012 4.3 (v2) Medium Pass op5 Monitor < 6.1.0 Information Disclosure and Security Bypass Vulnerabilities 27 Jun 2013 5 (v2) Medium Pass CGI Generic Local File Inclusion (2nd pass) 19 Nov 2009 6.8 (v2) Medium Pass GitLab < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Multiple Vulnerabilities CVE-2022-1124 CVE-2022-1428 06 May 2022 4.3 (v3) Medium Pass MS10-072: Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048) (remote check) CVE-2010-3243 CVE-2010-3324 18 Oct 2010 4.3 (v2) Medium Pass SAP BusinessObjects viewError.jsp 'error' Parameter XSS 01 Feb 2010 4.3 (v2) Medium Pass VMware Host Agent Directory Traversal (VMSA-2009-0015) CVE-2009-3733 17 Feb 2010 5 (v2) Medium Pass GroundWork Monitor Enterprise Foundation Webapp Admin Arbitrary File Access CVE-2013-3500 28 Jun 2013 7.5 (v2) High Pass NetIQ Access Manager 4.0 < 4.0 SP1 Hot fi x 3 Multiple Vulnerabilities CVE-2014-5214 CVE-2014-5215 CVE-2014-5216 CVE-2014-5217 18 Feb 2015 6.8 (v2) Medium Pass AjaXplorer checkInstall.php Arbitrary Command Injection 12 Apr 2010 7.5 (v2) High Pass CuteNews Multiple Script Traversal Privilege Escalation CVE-2005-3507 04 Nov 2005 7.5 (v2) High Pass Contact Form 7 Plugin for WordPress CAPTCHA Validation Bypass CVE-2014-2265 20 Jun 2014 5 (v2) Medium Pass NolaPro Default Credentials 24 May 2010 7.5 (v2) High Pass TaskFreak! logout.php tznMessage Parameter XSS CVE-2010-1520 30 Jun 2010 4.3 (v2) Medium Pass Microsoft IIS / Site Server showcode.asp source Parameter Traversal Arbitrary File Access CVE-1999-0736 08 Jul 1999 7.8 (v2) High Pass Simple:Press Plugin for WordPress 'value' parameter SQL Injection 08 Jul 2010 7.5 (v2) High Pass Splunk Default Administrator Credentials (Splunk Web) 01 Sep 2010 7.5 (v2) High Pass phpMyAdmin error.php BBcode Tag XSS (PMASA-2010-9) CVE-2010-4480 06 Jan 2011 4.3 (v2) Medium Pass FireStats window-add-excluded-ip.php 'edit' parameter XSS 16 Jul 2010 4.3 (v2) Medium Pass WordPress AdServe 'adclick.php' 'id' Parameter SQL Injection CVE-2008-0507 30 Jan 2008 7.5 (v2) High Pass ManageEngine OpManager Multiple Directory Traversal Vulnerabilities CVE-2014-6034 CVE-2014-6035 CVE-2014-6036 16 Feb 2015 7.5 (v2) High Pass Centreon GetXMLTrapsForVendor.php 'mnftr_id' Parameter SQLi CVE-2014-3828 23 Dec 2014 10 (v2) Critical Pass Apache Hadoop Jetty XSS CVE-2009-1524 24 Aug 2011 4.3 (v2) Medium Pass Splunk Enterprise 6.2.x < 6.2.2 Multiple Vulnerabilities (FREAK) CVE-2014-3572 CVE-2015-0204 13 Mar 2015 5 (v2) Medium Pass ISS ICEcap Default Password CVE-2000-0350 18 May 2000 5 (v2) Medium Pass Symantec Backup Exec System Recovery Manager Traversal Arbitrary File Access CVE-2008-2512 29 May 2008 5 (v2) Medium Pass Apache Tomcat 10.1.0.M1 < 10.1.0.M15 vulnerability CVE-2022-29885 10 May 2022 7.5 (v3) High Pass Basilix Webmail .class / .inc Direct Request Remote Information Disclosure CVE-2001-1044 25 Jan 2001 5 (v2) Medium Pass w-Agora 4.1.6a Multiple Input Validation Vulnerabilities CVE-2004-1562 CVE-2004-1563 CVE-2004-1564 CVE-2004-1565 01 Oct 2004 7.5 (v2) High Pass DokuWiki con fi g_cascade Parameter Remote File Inclusion CVE-2009-1960 27 May 2009 6.8 (v2) Medium Pass Alt-N WebAdmin Multiple Remote Vulnerabilities (XSS, Bypass Access) CVE-2005-0317 CVE-2005-0318 CVE-2005-0319 28 Jan 2005 6 (v2) Medium Pass Puppet Enterprise 3.x < 3.1.1 Multiple Vulnerabilities CVE-2013-4164 CVE-2013-4363 CVE-2013-4491 CVE-2013-4969 CVE-2013-6414 CVE-2013-6415 CVE-2013-6417 21 Mar 2014 6.8 (v2) Medium Pass Jetty CookieDump.java Sample Application Persistent XSS CVE-2009-3579 13 Nov 2009 4.3 (v2) Medium Pass Symantec Messaging Gateway 9.5.x Multiple Vulnerabilities (SYM12-013) CVE-2012-0307 CVE-2012-0308 CVE-2012-3579 CVE-2012-3580 CVE-2012-3581 CVE-2012-4347 07 Sep 2012 7.9 (v2) High Pass Sambar Server /session/sendmail Arbitrary Mail Relay 25 May 2000 5 (v2) Medium Pass Mini SQL CGI content-length Field Remote Over fl ow CVE-2000-0012 03 Jan 2000 10 (v2) Critical Pass Sojourn Search Engine sojourn.cgi cat Parameter Traversal Arbitrary File Access CVE-2000-0180 17 Mar 2000 5 (v2) Medium Pass Sawmill Weak Password Encryption Scheme Information Disclosure CVE-2000-0589 27 Jun 2000 7.5 (v2) High Pass WebsitePro Remote Request Over fl ow CVE-2000-0623 22 Jul 2000 7.5 (v2) High Pass Anaconda Foundation Directory apexec.pl template Parameter Traversal Arbitrary File Retrieval CVE-2000-0975 14 Oct 2000 5 (v2) Medium Pass Verity UltraSeek 3.1.x Malformed URL Remote DoS CVE-2000-1019 01 Nov 2000 5 (v2) Medium Pass Master Index search.cgi Traversal Arbitrary File/Directory Access CVE-2000-0924 28 Nov 2000 5 (v2) Medium Pass SiteScope Web Service Unpassworded Access CVE-1999-0508 28 Sep 2001 10 (v2) Critical Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.23 / 9.0.x < 9.0.16 / 9.1.x < 9.1.13 / 10.0.x < 10.0.10 / 10.1.x < 10.1.5 Vulnerability CVE-2022-0024 11 May 2022 7.2 (v3) High Pass csSearch csSearch.cgi setup Parameter Arbitrary Command Execution CVE-2002-0495 27 Mar 2002 7.5 (v2) High Pass Tivoli Provisioning Manager Express for Software Distribution Multiple SQL Injections CVE-2012-0199 29 Mar 2012 7.5 (v2) High Pass PHP 5.2 < 5.2.15 Multiple Vulnerabilities CVE-2010-3436 CVE-2010-3709 CVE-2010-4150 CVE-2010-4697 CVE-2010-4698 CVE-2011-0752 13 Dec 2010 6.8 (v2) Medium Pass PHP < 4.2.x mail Function CRLF Injection CVE-2002-0986 22 Jul 2002 7.5 (v2) High Pass Symantec Web Gateway < 5.0.3 Multiple Vulnerabilities (SYM12-006) (version check) CVE-2012-0296 CVE-2012-0297 CVE-2012-0298 CVE-2012-0299 21 May 2012 10 (v2) Critical Pass MondoSearch MsmMask.exe Arbitrary Script Source Disclosure CVE-2002-1528 25 Nov 2002 5 (v2) Medium Pass Oracle Database Secure Enterprise Search search/query/search search_p_groups Parameter XSS CVE-2009-1968 11 Aug 2009 4.3 (v2) Medium Pass N/X Web Content Management Multiple Script Remote File Inclusion CVE-2003-1251 17 Feb 2003 8.3 (v3) High Pass cPanel guestbook.cgi template Parameter Arbitrary Command Execution CVE-2003-1425 28 Feb 2003 7.5 (v2) High Pass GTcatalog index.php custom Parameter Remote File Inclusion 04 Mar 2003 10 (v3) Critical Pass WebWho+ whois.pl time Parameter Arbitrary Command Execution CVE-2000-0010 09 Mar 2003 7.5 (v2) High Pass Wordit Logbook logbook.pl fi le Parameter Arbitrary File Access 12 Mar 2003 5 (v2) Medium Pass Cross-Referencing Linux (lxr) CGI v Parameter Traversal Arbitrary File Access CVE-2003-0156 12 Mar 2003 5 (v2) Medium Pass VPOPMail for SquirrelMail vpopmail.php Arbitrary Command Execution 15 Mar 2003 7.5 (v2) High Pass Instaboard index.cfm Multiple Parameter SQL Injection 14 Apr 2003 7.5 (v2) High Pass OpenBB index.php CID Parameter SQL Injection 26 Apr 2003 7.5 (v2) High Pass StockMan Shopping Cart shop.plx page Parameter Arbitrary Command Execution 05 May 2003 7.5 (v2) High Pass webERP Con fi guration File Remote Access CVE-2003-1383 20 May 2003 7.5 (v2) High Pass D-Link 704p Web Interface syslog.htm Malformed Query Remote DoS 27 May 2003 7.8 (v2) High Pass ImageFolio Default Password 05 Jun 2003 7.5 (v2) High Pass NetWin CWmail.exe Item Parameter Remote Over fl ow CVE-2002-0273 11 Jun 2003 4.6 (v2) Medium Pass ION ion-p.exe page Parameter Traversal Arbitrary File Retrieval CVE-2002-1559 11 Jun 2003 5 (v2) Medium Pass AspUpload Test11.asp Arbitrary File Upload CVE-2001-0938 17 Jun 2003 7.5 (v2) High Pass iXmail Multiple Script Arbitrary File Manipulation 27 Jun 2003 6.5 (v2) Medium Pass paFileDB <= 3.1 Multiple Vulnerabilities (1) CVE-2004-1219 CVE-2004-1551 CVE-2004-1975 CVE-2005-0326 CVE-2005-0327 CVE-2005-0723 CVE-2005-0724 CVE-2005-0781 CVE-2005-0782 24 Jul 2003 7.5 (v2) High Pass AtomicBoard Multiple Remote Vulnerabilities (Traversal, Path Disc) 21 Jul 2003 5 (v2) Medium Pass ATutor Password Reminder SQL Injection CVE-2005-2954 20 Sep 2005 7.5 (v2) High Pass QuikStore Shopping Cart quikstore.cgi template Parameter Traversal Arbitrary File Access 01 Jan 2004 5 (v2) Medium Pass PHPix index.phtml Multiple Parameter Arbitrary Command Execution 20 Jan 2004 7.5 (v2) High Pass Aztek Forum Multiple Script XSS CVE-2004-2725 22 Nov 2004 4.3 (v2) Medium Pass Java (.java / .class) Source Code Disclosure 20 May 2004 5 (v2) Medium Pass osTicket setup.php Accessibility 14 Jul 2004 6.4 (v2) Medium Pass MyServer 0.6.2 math_sum.mscgi Multiple Vulnerabilities 02 Aug 2004 7.5 (v2) High Pass Simple Form Multiple Parameter Arbitrary Mail Relaying 17 Aug 2004 5 (v2) Medium Pass CVSTrac fi ledi ff Arbitrary Remote Code Execution CVE-2004-1456 09 Aug 2004 7.5 (v2) High Pass WackoWiki TextSearch phrase Parameter XSS CVE-2004-2624 09 Aug 2004 4.3 (v2) Medium Pass CVSTrac CVSROOT/passwd Arbitrary Account Deletion 17 Aug 2004 6.4 (v2) Medium Pass CVSTrac history.c history_update Function Over fl ow 17 Aug 2004 7.5 (v2) High Pass Basilix Webmail tmp Directory Permission Weakness Attachment Disclosure CVE-2002-1711 09 Aug 2004 2.1 (v2) Low Pass Cerberus Helpdesk GUI Agent < 2.7.1 Multiple Remote Vulnerabilities (SQLi, XSS) CVE-2005-4427 CVE-2005-4428 29 Dec 2005 7.5 (v2) High Pass Apache Tomcat 8.5.0 < 8.5.76 vulnerability CVE-2022-25762 13 May 2022 8.6 (v3) High Pass ColdFusion / JRun on IIS Double Encoded NULL Byte Request File Content Disclosure CVE-2006-5858 08 Feb 2007 5.3 (v3) Medium Pass IlohaMail Unspeci fi ed Database Password Disclosure Weakness 02 Sep 2004 5 (v2) Medium Pass Help Center Live Multiple Vulnerabilities (SQLi, XSS, CSRF) CVE-2005-1672 CVE-2005-1673 CVE-2005-1674 18 May 2005 6.8 (v2) Medium Pass Sawmill < 7.1.6 Multiple Vulnerabilities CVE-2005-1900 CVE-2005-1901 17 Jun 2005 6.5 (v2) Medium Pass Interchange < 5.0.2 / 5.2.1 Multiple Vulnerabilities (SQLi, Code Exe) CVE-2005-3072 CVE-2005-3073 26 Sep 2005 7.5 (v2) High Pass IceWarp Web Mail Multiple Flaws (1) CVE-2004-1669 CVE-2004-1670 CVE-2004-1671 CVE-2004-1672 CVE-2004-1673 CVE-2004-1674 13 Oct 2004 7.5 (v2) High Pass UBB.threads dosearch.php SQL injection CVE-2004-1622 25 Oct 2004 7.5 (v2) High Pass ELOG < 2.6.1 Multiple Remote Vulnerabilities (Traversal, FS) CVE-2006-0347 CVE-2006-0348 20 Jan 2006 5 (v2) Medium Pass KorWeblog < 1.6.2 Multiple Vulnerabilities CVE-2004-1426 CVE-2004-1427 CVE-2004-1543 24 Nov 2004 4.4 (v2) Medium Pass PunBB IMG Tag Client Side Scripting XSS 13 Dec 2004 4.3 (v2) Medium Pass PunBB URL Quote Tag XSS 13 Dec 2004 4.3 (v2) Medium Pass Symantec Messaging Gateway 10.x < 10.5.2 Management Console XSS (SYM14-006) CVE-2014-1648 24 Apr 2014 4.3 (v2) Medium Pass ManageEngine Password Manager Pro REST API Restriction Bypass (CVE-2022-29081) CVE-2022-29081 13 May 2022 9.8 (v3) Critical Pass PHPWind Board faq.php skin Parameter Remote File Inclusion 10 Jan 2005 7.5 (v2) High Pass Cisco Firepower Management Center < 6.6.1 sftunnel MitM (cisco-sa-ftdfmc-sft-mitm-tc8AzFs2) CVE-2020-3549 13 May 2022 8.1 (v3) High Pass Minis minis.php month Parameter Traversal Arbitrary File Access CVE-2005-0293 17 Jan 2005 5 (v2) Medium Pass Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.10 / 2.332.2.6 Multiple Vulnerabilities (CloudBees Security Advisory 2022-04-12) CVE-2022-29036 CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 CVE-2022-29047 CVE-2022-29048 CVE-2022-29049 CVE-2022-2 16 May 2022 8.8 (v3) High Pass McAfee Common Management Agent < 3.6.0.546 Multiple Vulnerabilities CVE-2006-5271 CVE-2006-5272 CVE-2006-5273 CVE-2006-5274 10 Jul 2007 8.1 (v3) High Pass PunBB include/common.php language Parameter Local File Inclusion CVE-2006-5735 03 Nov 2006 7.3 (v3) High Pass BizMail bizmail.cgi Arbitrary Mail Relay CVE-2005-0493 22 Feb 2005 5 (v2) Medium 32

Pass paNews comment.php showpost Parameter XSS CVE-2005-0485 16 Feb 2005 4.3 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA69494) CVE-2022-22186 16 May 2022 6.5 (v3) Medium Pass UBB.threads editpost.php Number Parameter SQL Injection CVE-2005-0726 12 Mar 2005 7.5 (v2) High Pass Zeroboard < 4.1pl6 Multiple XSS CVE-2005-0495 23 Feb 2005 4.3 (v2) Medium Pass ASP PortalApp Multiple SQL Injection CVE-2005-0948 CVE-2005-0949 30 Mar 2005 7.5 (v2) High Pass MaxWebPortal <= 1.33 Multiple Vulnerabilities CVE-2005-1016 CVE-2005-1017 CVE-2005-1417 02 Apr 2005 7.5 (v2) High Pass Matt Wright FormHandler.cgi Arbitrary File Access CVE-1999-1050 13 Dec 1999 5.3 (v3) Medium Pass Microsoft IIS idq.dll Traversal Arbitrary File Access CVE-2000-0126 08 Feb 2000 5 (v2) Medium Pass Juniper Junos OS FPC Crash (JSA11229) CVE-2021-31367 18 May 2022 6.5 (v3) Medium Pass XAMPP < 1.4.14 Multiple Vulnerabilities CVE-2005-1077 CVE-2005-1078 CVE-2005-2043 13 Apr 2005 5.1 (v2) Medium Pass Lyris ListManager Multiple XSS 25 Sep 2009 4.3 (v2) Medium Pass PHP < 4.3.11 / 5.0.3 Multiple Unspeci fi ed Vulnerabilities 13 Apr 2005 7.5 (v2) High Pass RSA Security RSA Authentication Agent For Web For IIS XSS CVE-2005-1118 09 May 2005 4.3 (v2) Medium Pass NETFile FTP/Web Server Directory Traversal Arbitrary File Access 14 May 2005 6 (v2) Medium Pass OpenBB < 1.0.9 Multiple Vulnerabilities CVE-2005-1612 CVE-2005-1613 14 May 2005 7.5 (v2) High Pass GitLab 8.12 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure CVE-2022-1406 18 May 2022 6.5 (v3) Medium Pass mvnForum Search Parameter XSS CVE-2005-1183 23 May 2005 4.3 (v2) Medium Pass Episodex Guestbook Multiple Vulnerabilities (Auth Bypass, XSS) CVE-2005-1684 CVE-2005-1685 24 May 2005 7.5 (v2) High Pass Listserv < 14.3-2005a Multiple Vulnerabilities CVE-2005-1773 27 May 2005 7.5 (v2) High Pass Exhibit Engine list.php Multiple Parameter SQL Injection CVE-2005-1875 06 Jun 2005 7.5 (v2) High Pass ProductCart Multiple Scripts SQL Injection CVE-2005-1967 CVE-2005-2445 08 Jun 2005 7.5 (v2) High Pass Jinzora Multiple Script include_path Parameter Remote File Inclusion (2) CVE-2005-2249 08 Jul 2005 6.8 (v2) Medium Pass JBoss org.jboss.web.WebServer Class Multiple Vulnerabilities (Source Disc, ID) CVE-2005-2006 CVE-2006-0656 18 Jun 2005 5 (v2) Medium Pass i-Gallery <= 3.3 Multiple Vulnerabilities CVE-2005-2033 CVE-2005-2034 21 Jun 2005 5 (v2) Medium Pass webadmin.php show Parameter Arbitrary File Access 29 Jun 2005 7.8 (v2) High Pass WebCalendar assistant_edit.php Unauthorized Access CVE-2005-2320 28 Jun 2005 7.5 (v2) High Pass Juniper Junos OS Evolved DoS (JSA69516) CVE-2022-22183 18 May 2022 7.5 (v3) High Pass Mailreader 2.3.30 - 2.3.31 Multiple Vulnerabilities CVE-2002-1581 CVE-2002-1582 26 Jun 2003 5 (v2) Medium Pass Atomic Photo Album apa_phpinclude.inc.php apa_module_basedir Parameter Remote File Inclusion CVE-2005-2413 25 Jul 2005 7.5 (v2) High Pass Checkbox Survey 6.12 <= 6.18 RCE CVE-2021-27852 18 May 2022 9.8 (v3) Critical Pass Advanced Guestbook User-Agent Header HTML Injection 27 Jul 2005 4.3 (v2) Medium Pass VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0014) CVE-2022-22972 CVE-2022-22973 18 May 2022 9.8 (v3) Critical Pass SysCP < 1.2.11 Multiple Script Command Execution Vulnerabilities CVE-2005-2568 CVE-2005-2567 10 Aug 2005 7.5 (v2) High Pass PHP Surveyor Multiple Vulnerabilities CVE-2005-2380 CVE-2005-2381 CVE-2005-2398 CVE-2005-2399 24 Aug 2005 7.5 (v2) High Pass PHP 5.6.x < 5.6.4 'process_nested_data' RCE CVE-2014-8142 02 Jan 2015 7.5 (v2) High Pass phpLDAPadmin Anonymous Bind Security Bypass Vulnerability CVE-2005-2654 31 Aug 2005 4.3 (v2) Medium Pass PBLang < 4.66z Multiple Vulnerabilities 08 Sep 2005 7.5 (v2) High Pass Microsoft IIS Translate f: ASP/ASA Source Disclosure (IIS 5.1) CVE-2000-0778 08 Sep 2005 5 (v2) Medium Pass Sendcard sendcard.php id Parameter SQL Injection CVE-2005-2404 19 Sep 2005 7.5 (v2) High Pass Truegalerie admin.php loggedin Parameter Admin Authentication Bypass CVE-2003-1488 06 May 2003 6.8 (v2) Medium Pass Cisco IOS Software Web Services DoS (cisco-sa-http-dos-svOdkdBS) CVE-2022-20697 19 May 2022 8.6 (v3) High Pass Winmail Server <= 4.2 Build 0824 Multiple Vulnerabilities CVE-2005-3692 CVE-2005-3811 20 Nov 2005 5 (v2) Medium Pass IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.5 Identity Spoo fi ng (6586734) CVE-2022-22475 19 May 2022 6.5 (v3) Medium Pass Apple iTunes < 12.12.4 Multiple Vulnerabilities (uncredentialed check) CVE-2022-26711 CVE-2022-26717 CVE-2022-26751 CVE-2022-26773 CVE-2022-26774 19 May 2022 9.8 (v3) Critical Pass Open WebMail vacation.pl Arbitrary Command Execution CVE-2004-2284 06 Jul 2004 7.5 (v2) High Pass AppServ appserv/main.php appserv_root Parameter Remote File Inclusion CVE-2006-0125 10 Jan 2006 5 (v2) Medium Pass Listserv < 14.5 Multiple Bu ff er Over fl ows CVE-2006-1044 06 Mar 2006 7.5 (v2) High Pass NeoMail Session ID Weakness neomail-prefs.pl Arbitrary Mail-folder Manipulation CVE-2006-0711 16 Feb 2006 5 (v2) Medium Pass ArGoSoft Mail Server Pro Webmail viewheaders Multiple Field XSS CVE-2006-0978 28 Feb 2006 4.3 (v2) Medium Pass CuteNews inc/function.php archive Parameter Arbitrary File Access CVE-2006-1339 22 Mar 2006 5 (v2) Medium Pass Citrix NetScaler Unspeci fi ed Remote Code Execution (CTX200206) CVE-2014-7140 06 Nov 2014 7.5 (v2) High Pass Winmail Server Webmail Unspeci fi ed Vulnerability CVE-2006-1250 14 Apr 2006 10 (v2) Critical Pass Simple PHP Blog install05.php blog_language Parameter Local File Inclusion CVE-2006-1243 15 Mar 2006 7.5 (v2) High Pass IBM Rational License Key Server Administration and Reporting Tool 8.1.4.x < 8.1.4.4 Multiple Vulnerabilities CVE-2014-0909 CVE-2014-3079 CVE-2014-4756 16 Sep 2014 5 (v2) Medium Pass Symantec AntiVirus Scan Engine Web Interface Multiple Remote Vulnerabilities CVE-2006-0230 CVE-2006-0231 CVE-2006-0232 24 Apr 2006 10 (v2) Critical Pass Ruby on Rails Routing Code URL Code Evaluation DoS CVE-2006-4112 14 Aug 2006 7.5 (v2) High Pass WEBalbum skin2 Cookie Parameter Traversal Local File Inclusion CVE-2006-1480 03 May 2006 5.1 (v2) Medium Pass phpMyAgenda rootagenda Parameter File Include Vulnerability CVE-2006-2009 03 May 2006 7.5 (v2) High Pass SugarCRM <= 4.2.0a Multiple Script sugarEntry Parameter Remote File Inclusion CVE-2006-2460 16 May 2006 6.4 (v2) Medium Pass ManageEngine PAM360 REST API Restriction Bypass (CVE-2022-29081) CVE-2022-29081 23 May 2022 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.8 / 2.303.x < 2.303.30.0.7 / 2.332.1.5 Multiple Vulnerabilities (CloudBees Security Advisory 2022-03-15) CVE-2022-27195 CVE-2022-27196 CVE-2022-27197 CVE-2022-27198 CVE-2022-27199 CVE-2022-27200 CVE-2022-27201 CVE-2022-27202 CVE-2022-27203 CVE-2022-27204 CVE-2022-27205 CVE-2022-27206 CVE-2022-27207 CVE-2022-27208 CVE-2022-2 23 May 2022 8.8 (v3) High Pass BDPDT for DotNetNuke (.net nuke) upload fi lepopup.aspx File Upload Privilege Escalation CVE-2006-3601 23 Jun 2006 10 (v2) Critical Pass Synology DiskStation Manager uistrings.cgi lang Parameter Directory Traversal 05 Feb 2014 5 (v2) Medium Pass Easy Address Book Web Server Query Remote Format String CVE-2006-4654 05 Sep 2006 5.1 (v2) Medium Pass Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3567 CVE-2014-5466 04 Dec 2014 4.3 (v2) Medium Pass Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.13 / 2.332.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-05-17) CVE-2022-30945 CVE-2022-30946 CVE-2022-30947 CVE-2022-30948 CVE-2022-30949 CVE-2022-30950 CVE-2022-30951 CVE-2022-30952 CVE-2022-30953 CVE-2022-30954 CVE-2022-30955 CVE-2022-30956 CVE-2022-30957 CVE-2022-30958 CVE-2022-3 24 May 2022 10 (v3) Critical Pass Apache 2.4.x < 2.4.52 mod_lua Bu ff er Over fl ow CVE-2021-44790 24 May 2022 9.8 (v3) Critical Pass SWAT Unauthenticated Access (Demo Mode) 05 Oct 2007 7.5 (v2) High Pass CuteNews 1.4.5 Multiple Script XSS 07 Dec 2006 4.3 (v2) Medium Pass ColdFusion MX Null Byte Tag XSS Protection Bypass CVE-2006-6483 06 Feb 2007 4.3 (v2) Medium Pass Open fi re Admin Console Remote Privilege Escalation CVE-2007-2975 29 May 2007 7.5 (v2) High Pass Kaspersky Anti-Spam Control Center Web Con fi g aslic_status.cgi Directory Listing CVE-2007-3502 29 Jun 2007 7.5 (v2) High Pass Adobe Connect Enterprise Server Information Disclosure CVE-2007-4651 12 Sep 2007 5 (v2) Medium Pass Apache Tomcat Sample App cal2.jsp 'time' Parameter XSS (CVE-2006-7196) CVE-2006-7196 24 Sep 2007 5.3 (v3) Medium Pass Calendar Express Multiple Vulnerabilities (SQLi, XSS) CVE-2007-3627 19 Sep 2005 7.5 (v2) High Pass HP OpenView Client Con fi guration Manager Default Credentials 07 Nov 2007 7.5 (v2) High Pass Web Server Malicious JavaScript Link Detection 08 Jan 2008 10 (v2) Critical Pass phpBB up.php Arbitrary File Upload CVE-2005-1047 11 Apr 2005 7.5 (v2) High Pass McAfee Web Gateway < 7.1.0.5 / 7.1.5.2 XSS 18 Jun 2014 4.3 (v2) Medium Pass Monkey HTTP Daemon (monkeyd) < 0.9.1 Multiple Vulnerabilities CVE-2005-1122 CVE-2005-1123 15 Apr 2005 7.5 (v2) High Pass Blue Coat ProxyAV 3.5.1.1 - 3.5.1.6 Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 16 May 2014 7.5 (v3) High Pass Western Digital ShareSpace WEB GUI Information Disclosure 18 Jul 2012 5 (v2) Medium Pass SquidClamav clwarn.cgi url Parameter XSS CVE-2012-4667 10 Sep 2012 4.3 (v2) Medium Pass SolarWinds Log and Event Manager < 6.2.0 Multiple Remote Command Execution Vulnerabilities CVE-2015-7839 CVE-2015-7840 19 Oct 2015 7.5 (v2) High Pass Foscam 11.37.2.x < 11.37.2.49 Directory Traversal CVE-2013-2560 24 Mar 2013 7.8 (v2) High Pass Puppet 2.7.x / 3.2.x < 2.7.23 / 3.2.4 and Enterprise 2.8.x / 3.0.x < 2.8.3 / 3.0.1 Multiple Vulnerabilities CVE-2013-4761 CVE-2013-4956 28 Oct 2013 5.1 (v2) Medium Pass IBM WebSphere Portal Dojo Module Arbitrary File Download CVE-2012-4834 29 Nov 2012 5 (v2) Medium Pass Informix SQL Web DataBlade Module Traversal Arbitrary File Access CVE-2001-0924 25 Nov 2001 5 (v2) Medium Pass Dell KACE K1000 < 5.5 Multiple SQL Injection Vulnerabilities CVE-2014-1671 07 Feb 2014 6.5 (v2) Medium Pass Participants Database Plugin for WordPress < 1.5.4.9 'query' Parameter SQL Injection CVE-2014-3961 16 Jun 2014 7.5 (v2) High Pass Adobe ColdFusion HTTP Response Splitting (APSB12-15) CVE-2012-2041 26 Jun 2012 4.3 (v2) Medium Pass HP Smart Update Manager 6.x < 6.4.1 Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-2608 CVE-2014-3470 24 Jul 2014 6.8 (v2) Medium Pass SolarWinds Log and Event Manager < 6.0.1 HyperSQL Remote Code Execution CVE-2014-5504 07 Nov 2014 7.5 (v2) High Pass Cisco IOS XR Software Health Check Open Port (cisco-sa-iosxr-redis-ABJyE5xK) CVE-2022-20821 26 May 2022 6.5 (v3) Medium Pass Moodle Multiple XSS CVE-2014-3548 CVE-2014-3551 30 Sep 2014 4.3 (v2) Medium Pass Oracle GlassFish Server Administration Console GET Request Authentication Bypass CVE-2011-0807 17 Aug 2011 10 (v3) Critical Pass Forums Plugin for WordPress 'url' Parameter Arbitrary File Disclosure CVE-2012-4920 25 Jan 2013 5.3 (v3) Medium Pass Symantec Web Gateway < 5.1.1 Multiple Vulnerabilities (SYM13-008) CVE-2013-1616 CVE-2013-1617 CVE-2013-4670 CVE-2013-4671 CVE-2013-4672 CVE-2013-4673 01 Aug 2013 8.3 (v2) High Pass PHP 5.3.x < 5.3.22 Multiple Vulnerabilities CVE-2013-1635 CVE-2013-1643 04 Mar 2013 7.5 (v2) High Pass Splunk Enterprise 5.0.x < 5.0.10 / 6.1.x < 6.1.4 Multiple Vulnerabilities CVE-2014-3511 CVE-2014-8301 CVE-2014-8302 CVE-2014-8303 04 Dec 2014 4.3 (v2) Medium Pass MySQL Enterprise Monitor 3.0.x < 3.0.11 Multiple Vulnerabilities CVE-2014-0050 CVE-2014-0094 CVE-2014-0112 CVE-2014-0113 CVE-2014-0116 08 May 2015 7.5 (v2) High Pass HP Power Manager < 4.2.10 CVE-2009-2685 CVE-2009-3999 CVE-2009-4000 21 Jan 2010 10 (v2) Critical Pass phpMyAdmin 3.4.x < 3.4.10.1 XSS (PMASA-2012-1) CVE-2012-1190 22 Feb 2012 4.3 (v2) Medium Pass Cisco Expressway Series / TelePresence VCS Multiple Vulnerabilities (cisco-sa-expressway- fi lewrite-bsFVwueV) CVE-2022-20806 CVE-2022-20807 CVE-2022-20809 27 May 2022 5.5 (v3) Medium Pass Tenable Nessus 10.x < 10.2.0 Third-Party Vulnerabilities (TNS-2022-11) CVE-2018-25032 CVE-2021-41182 CVE-2021-41183 CVE-2021-41184 CVE-2022-23852 CVE-2022-23990 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 27 May 2022 9.8 (v3) Critical Pass Apache Tomcat Implicit Objects XSS CVE-2006-7195 09 Jul 2010 5.3 (v3) Medium Pass SandSurfer < 1.7.1 XSS CVE-2004-2550 04 Mar 2004 4.3 (v2) Medium Pass GIT gitweb git_snapshot / git_object Shell Metacharacter Arbitrary Command Execution CVE-2008-5517 21 Feb 2010 7.5 (v2) High Pass TikiWiki < 1.8.2 Multiple Input Validation Vulnerabilities CVE-2004-1923 CVE-2004-1924 CVE-2004-1925 CVE-2004-1926 CVE-2004-1927 CVE-2004-1928 24 Aug 2004 7.5 (v2) High Pass MyDMS < 1.4.3 Multiple Vulnerabilities CVE-2004-1732 CVE-2004-1733 22 Aug 2004 7.5 (v2) High Pass Apache Tomcat allowLinking UTF-8 Traversal Arbitrary File Access CVE-2008-2938 12 Aug 2008 5.3 (v3) Medium Pass Home Free search.cgi Traversal Arbitrary File Access CVE-2000-0054 09 Jan 2000 5 (v2) Medium 33

Pass PHPix album Parameter Encoded Traversal Arbitrary File/Directory Access CVE-2000-0919 11 Dec 2000 5 (v2) Medium Pass A1Stats Multiple Script Traversal Arbitrary File Access CVE-2001-0561 14 May 2001 5 (v2) Medium Pass DeluxeBB Multiple Scripts SQL Injection CVE-2005-2989 19 Sep 2005 7.5 (v2) High Pass ManageEngine Security Manager Plus 'f' Directory Traversal Arbitrary File Access 10 Dec 2012 5 (v2) Medium Pass Sambar Server Multiple CGI Environment Variable Disclosure CVE-2003-1284 25 Jun 2003 5 (v2) Medium Pass Icecast MP3 Client HTTP GET Request Remote Over fl ow CVE-2002-0177 01 Oct 2004 7.5 (v2) High Pass WHM AutoPilot < 2.5.20 Multiple Remote Vulnerabilities CVE-2004-1420 CVE-2004-1421 CVE-2004-1422 28 Dec 2004 7.3 (v3) High Pass bBlog <= 0.7.4 Multiple Vulnerabilities (SQLi, XSS) CVE-2004-1570 CVE-2004-1865 CVE-2005-1309 CVE-2005-1310 03 May 2005 7.5 (v2) High Pass FUDforum < 2.7.1 Avatar Upload Extension Validation Weakness Arbitrary Code Execution CVE-2005-2781 29 Aug 2005 6.5 (v2) Medium Pass PunBB < 1.2.7 Multiple Vulnerabilities CVE-2005-4665 15 Sep 2005 4.3 (v2) Medium Pass Trend Micro ControlManager < 3.0 SP5 Multiple Vulnerabilities CVE-2005-1929 13 Jan 2006 7.5 (v2) High Pass ViRobot Linux Server fi lescan Authentication Bypass CVE-2006-0864 22 Feb 2006 10 (v2) Critical Pass UBB.threads doeditcon fi g Arbitrary Command Injection CVE-2006-5137 30 Sep 2006 8.8 (v3) High Pass Splunk 4.0.x < 4.0.11 / 4.1.x < 4.1.2 Directory Traversal CVE-2010-2502 07 Jul 2010 9 (v2) High Pass Eucalyptus Walrus REST Interface Key Veri fi cation Authentication Bypass (ESA-03) CVE-2012-3240 21 Aug 2012 7.5 (v2) High Pass PHP 5.x < 5.2 Multiple Vulnerabilities CVE-2006-1015 CVE-2006-1549 CVE-2006-2660 CVE-2006-4486 CVE-2006-4625 CVE-2006-4812 CVE-2006-5465 CVE-2006-5706 CVE-2006-7205 CVE-2007-0448 CVE-2007-1381 CVE-2007-1584 CVE-2007-1888 CVE-2007-2844 CVE-2007-5424 25 Mar 2008 7.5 (v2) High Pass Discuz! <= 4.0.0 rc4 Arbitrary File Upload CVE-2005-2614 19 Sep 2005 4.6 (v2) Medium Pass Greymatter Comment Name Field Control Panel Log XSS CVE-2005-2816 19 Sep 2005 4.3 (v2) Medium Pass phpGroupWare < 0.9.16 Addressbook Unspeci fi ed Vulnerability 19 Sep 2005 None Pass phpGroupWare Main Screen Message Body XSS CVE-2005-2761 19 Sep 2005 4.3 (v2) Medium Pass Tofu Server Detection 19 Sep 2005 None Pass vBulletin <= 3.0.9 Multiple Vulnerabilities CVE-2005-3019 CVE-2005-3020 CVE-2005-3024 CVE-2005-3025 19 Sep 2005 8.3 (v3) High Pass Lotus Domino Multiple Script Src / BaseTarget XSS CVE-2005-3015 20 Sep 2005 4.3 (v2) Medium Pass PHP Advanced Transfer Manager <= 1.30 Multiple Vulnerabilities 21 Sep 2005 5 (v2) Medium Pass Digital Scribe login.php SQL Injection CVE-2005-2987 21 Sep 2005 7.5 (v2) High Pass phpMyFAQ < 1.5.2 Multiple Vulnerabilities CVE-2005-3049 26 Sep 2005 6.8 (v2) Medium Pass WEBppliance ocw_login_username Parameter XSS CVE-2005-3014 27 Sep 2005 4.3 (v2) Medium Pass IceWarp Web Mail Multiple Flaws (4) CVE-2005-3131 CVE-2005-3132 CVE-2005-3133 30 Sep 2005 9.7 (v2) High Pass GuppY < 4.5.6a Multiple Vulnerabilities CVE-2005-2853 CVE-2005-3156 06 Oct 2005 4.3 (v2) Medium Pass HP iNode Management Center Detection 19 Aug 2011 None Pass phpMyAdmin grab_globals.lib.php subform Parameter Traversal Local File Inclusion CVE-2005-3299 11 Oct 2005 5.1 (v2) Medium Pass phpWebSite index.php Search Module SQL Injection CVE-2005-4792 14 Oct 2005 7.5 (v2) High Pass PunBB search.php old_searches Parameter SQL Injection CVE-2005-3518 17 Oct 2005 4.3 (v2) Medium Pass Splunk Enterprise 8.1.x < 8.1.6 MFA Bypass CVE-2021-26253 31 May 2022 8.1 (v3) High Pass Gallery main.php g2_itemId Parameter Traversal Arbitrary File Access CVE-2005-3251 18 Oct 2005 5 (v2) Medium Pass Terminal Services Encryption Level is Medium or Low 25 Jan 2012 4.3 (v2) Medium Pass w-Agora <= 4.2.0 Multiple Vulnerabilities 20 Oct 2005 7.5 (v2) High Pass Xerver < 4.20 Multiple Vulnerabilities CVE-2005-3293 CVE-2005-4774 20 Oct 2005 5 (v2) Medium Pass e107 resetcore.php user Field SQL Injection CVE-2005-3521 21 Oct 2005 7.5 (v2) High Pass phpMyAdmin < 2.6.4-pl3 Multiple Vulnerabilities CVE-2005-3300 CVE-2005-3301 26 Oct 2005 5.1 (v2) Medium Pass HP LaserJet Web Server Unspeci fi ed Admin Component Traversal Arbitrary File Access CVE-2008-4419 10 Apr 2009 7.8 (v2) High Pass PHP iCalendar index.php phpicalendar Parameter Remote File Inclusion CVE-2005-3366 27 Oct 2005 6.8 (v2) Medium Pass YIFF Sound Server Detection 27 Oct 2005 None Pass Mantis < 0.19.3 Multiple Vulnerabilities CVE-2005-3091 CVE-2005-3335 CVE-2005-3336 CVE-2005-3337 CVE-2005-3338 CVE-2005-3339 27 Oct 2005 6.8 (v2) Medium Pass PHP < 4.4.1 / 5.0.6 Multiple Vulnerabilities CVE-2002-0229 CVE-2005-2491 CVE-2005-3388 CVE-2005-3389 CVE-2005-3390 01 Nov 2005 7.5 (v2) High Pass Invision Gallery index.php st Parameter SQL Injection CVE-2005-3395 01 Nov 2005 7.5 (v2) High Pass Comersus BackO ffi ce comersus_backo ffi ce_menu.asp Multiple Parameter SQL Injection 02 Nov 2005 7.5 (v2) High Pass phpBB <= 2.0.17 Multiple Vulnerabilities CVE-2005-3415 CVE-2005-3416 CVE-2005-3417 CVE-2005-3418 CVE-2005-3419 CVE-2005-3420 CVE-2005-3536 CVE-2005-3537 02 Nov 2005 7.5 (v2) High Pass vCard de fi ne.inc.php match Parameter Remote File Inclusion CVE-2005-3332 02 Nov 2005 7.3 (v3) High Pass VERITAS NetBackup Agent Detection 07 Nov 2005 None Pass Cheops NG Agent Detection 08 Nov 2005 None Pass PHPFM Arbitrary File Upload CVE-2005-4423 08 Nov 2005 8.8 (v3) High Pass Horde Admin Account Default Password CVE-2005-3344 08 Nov 2005 10 (v2) Critical Pass MailWatch authenticate() Function SQL Injection CVE-2005-3470 10 Nov 2005 6.8 (v2) Medium Pass GO-Global for Windows _USERSA_ Remote Over fl ow CVE-2005-3483 10 Nov 2005 10 (v2) Critical Pass VERITAS NetBackup Volume Manager Daemon Bu ff er Over fl ow CVE-2005-3116 11 Nov 2005 10 (v2) Critical Pass SolarWinds Dameware Mini Remote Control Client Public Key Bu ff er Over-read CVE-2019-3956 27 Jun 2019 7.4 (v3) High Pass TikiWiki < 1.8.6 / 1.9.1 Multiple Vulnerabilities CVE-2005-1925 14 Nov 2005 6.4 (v2) Medium Pass StreamSets Data Collector Web Detection 10 Jul 2019 None Pass Sonatype Nexus Repository Manager Missing Access Controls RCE CVE-2019-7238 26 Jul 2019 9.8 (v3) Critical Pass Xerox WorkCentre Multiple Vulnerabilities (XRX19-016) (URGENT/11) CVE-2019-12255 CVE-2019-12256 CVE-2019-12257 CVE-2019-12258 CVE-2019-12259 CVE-2019-12260 CVE-2019-12261 CVE-2019-12262 CVE-2019-12263 CVE-2019-12264 CVE-2019-12265 29 Jul 2019 9.8 (v3) Critical Pass OpenSSL 1.1.1 < 1.1.1m Vulnerability CVE-2021-4160 28 Jan 2022 5.9 (v3) Medium Pass Moodle < 1.5.3 Multiple SQL Injection Vulnerabilities CVE-2005-3648 16 Nov 2005 7.5 (v2) High Pass Exponent CMS < 0.96.4 Multiple Remote Vulnerabilities (XSS, SQLi, Code Exe, Disc) CVE-2005-3762 CVE-2005-3763 CVE-2005-3764 CVE-2005-3765 CVE-2005-3766 CVE-2005-3767 16 Nov 2005 10 (v2) Critical Pass XOOPS xoopsCon fi g[language] Parameter Local File Inclusion (XOOPS_WFd205_xpl) CVE-2005-3680 16 Nov 2005 6.4 (v2) Medium Pass CodeGrrl Applications Remote File Inclusion Vulnerabilities CVE-2005-3571 16 Nov 2005 5 (v2) Medium Pass phpSysInfo < 2.4.1 Multiple Vulnerabilities CVE-2003-0536 CVE-2005-0870 CVE-2005-3347 CVE-2005-3348 16 Nov 2005 6.8 (v2) Medium Pass phpwcms 1.2.5 Multiple Vulnerabilities CVE-2005-3789 16 Nov 2005 5 (v2) Medium Pass Mambo Open Source / Joomla! GLOBALS Variable Remote File Include CVE-2005-3738 17 Nov 2005 8.1 (v3) High Pass Help Center Live module.php fi le Parameter Local File Inclusion CVE-2005-3639 18 Nov 2005 7.5 (v2) High Pass PHP Doc System index.php show Parameter Local File Inclusion CVE-2005-3878 29 Nov 2005 6.4 (v2) Medium Pass GuppY <= 4.5.9 Multiple Remote Vulnerabilities (Traversal, Code Exec) CVE-2005-3926 CVE-2005-3927 29 Nov 2005 8.8 (v3) High Pass PHPX admin/index.php username Parameter SQL Injection CVE-2005-3968 02 Dec 2005 7.5 (v2) High Pass Trac Ticket Query Module group Parameter SQL Injection CVE-2005-3980 02 Dec 2005 7.5 (v2) High Pass DUware Multiple Products type.asp iType Parameter SQL Injection CVE-2005-3976 CVE-2006-6354 CVE-2006-6367 02 Dec 2005 7.5 (v2) High Pass MediaWiki Language Option eval() Function Arbitrary PHP Code Execution CVE-2005-4031 05 Dec 2005 7.5 (v2) High Pass SugarCRM <= 4.0 beta acceptDecline.php Remote File Inclusion CVE-2005-4086 CVE-2005-4087 10 Dec 2005 7.5 (v2) High Pass Contenido contenido/classes/class.inuse.php Multiple Parameter Remote File Inclusion CVE-2005-4132 12 Dec 2005 7.5 (v2) High Pass FlatNuke index.php id Parameter Traversal Arbitrary File Access CVE-2005-2813 CVE-2005-4208 12 Dec 2005 5 (v2) Medium Pass The Includer includer.cgi Arbitrary Command Execution CVE-2005-0689 12 Dec 2005 7.5 (v2) High Pass phpCOIN < 1.2.2 2005-12-13 Fix-File Multiple Vulnerabilities CVE-2005-4211 CVE-2005-4212 CVE-2005-4213 14 Dec 2005 7.5 (v2) High Pass VMware ESX/GSX Server detection 14 Dec 2005 None Pass SimpleBBS topics.php name Parameter Arbitrary Command Execution CVE-2005-4135 14 Dec 2005 8.8 (v3) High Pass vTiger < 4.5a2 Multiple Vulnerabilities CVE-2005-3818 CVE-2005-3819 CVE-2005-3820 CVE-2005-3821 CVE-2005-3822 CVE-2005-3823 CVE-2005-3824 16 Dec 2005 7.5 (v2) High Pass ELOG Remote Bu ff er Over fl ow Vulnerabilities CVE-2005-4439 19 Dec 2005 7.8 (v2) High Pass Plogger plog-admin-functions.php con fi g Parameter Remote File Inclusion CVE-2005-4573 21 Dec 2005 7.5 (v2) High Pass PhpGedView PGV_BASE_DIRECTORY Parameter Remote File Inclusion CVE-2005-4467 CVE-2005-4468 CVE-2005-4469 21 Dec 2005 7.5 (v2) High Pass Network Block Device (NBD) Server Request Handling Remote Over fl ow CVE-2005-3534 24 Dec 2005 7.5 (v2) High Pass MyBB calendar.php 'month' Parameter SQLi CVE-2005-4199 CVE-2005-4200 24 Dec 2005 10 (v2) Critical Pass Cerberus Support Center Multiple Remote Vulnerabilities (SQLi, XSS) CVE-2005-4427 CVE-2005-4428 29 Dec 2005 7.5 (v2) High Pass phpDocumentor <= 1.3.0 RC4 Local And Remote File Inclusion CVE-2005-4593 02 Jan 2006 7.5 (v2) High Pass Web Wiz check_user.asp txtUserName Parameter SQL Injection CVE-2005-4606 03 Jan 2006 7.5 (v2) High Pass PHP Support Tickets index.php Multiple Parameter SQL Injection CVE-2005-4264 04 Jan 2006 7.5 (v2) High Pass ADOdb server.php sql Parameter SQL Injection CVE-2006-0146 10 Jan 2006 7.5 (v2) High Pass Juniper NetScreen Security Manager (NSM) guiSrv/devSrv Crafted String Remote DoS CVE-2005-4587 10 Jan 2006 7.8 (v2) High Pass Eudora Internet Mail Server Admin Server Detection 16 Jan 2006 None Pass RCBlog index.php post Parameter Traversal Arbitrary File Access CVE-2006-0370 CVE-2006-0371 30 Jan 2006 5 (v2) Medium Pass Snitz Forums 2000 post.asp type Parameter XSS CVE-2005-3411 01 Feb 2006 4.3 (v2) Medium Pass Invision Power Board Dragoran Portal Module index.php site Parameter SQL Injection CVE-2006-0520 01 Feb 2006 7.5 (v2) High Pass MyBB index.php 'referrer' Parameter SQLi CVE-2006-1974 02 Feb 2006 7.5 (v2) High Pass Website Baker Admin Login SQL Injection CVE-2005-4140 02 Feb 2006 7.5 (v2) High Pass Grandstream Networks UCM6200 Series SQLi (Web UI) CVE-2020-5722 05 May 2022 9.8 (v3) Critical Pass Loudblog backend_settings.php Multiple Parameter Remote File Inclusion CVE-2006-0565 05 Feb 2006 7.5 (v2) High Pass PHP iCalendar Multiple Script Remote File Inclusion CVE-2006-0648 09 Feb 2006 5 (v2) Medium Pass PHP Xdebug Module Unauthenticated RCE (exploit) 31 Aug 2018 9.8 (v3) Critical Pass AXIS Multiple Vulnerabilities (ACV-128401) CVE-2018-10658 CVE-2018-10659 CVE-2018-10660 CVE-2018-10661 CVE-2018-10662 CVE-2018-10663 CVE-2018-10664 02 Oct 2018 9.8 (v3) Critical Pass Supermicro IPMI Baseboard Management Controller Default Credentials 05 Oct 2018 9.8 (v3) Critical Pass Rockwell Automation RSLinx Classic ENGINE.dll Stack Bu ff er Over fl ow CVE-2018-14829 28 Nov 2018 9.8 (v3) Critical Pass Rockwell Automation RSLinx Classic ENGINE.dll Stack Bu ff er Over fl ow (CVE-2019-6553) CVE-2019-6553 22 Mar 2019 9.8 (v3) Critical Pass AVEVA InduSoft Web Studio / InTouch Edge HMI TCP/IP Server Detection 22 Jan 2018 None Pass CyberArk Password Vault Web Access Detection 10 Apr 2018 None Pass GE Multilin UR / URPlus / B95Plus Protection Relay Cryptographic Algorithm Weakness Information Disclosure (UR-2017-0001) CVE-2017-7905 26 May 2017 9.8 (v3) Critical 34

Pass Comelit Intercom Detection 21 Apr 2017 None Pass ManageEngine Firewall Analyzer Detection 13 Apr 2016 None Pass Allen-Bradley MicroLogix 1400 Multiple Vulnerabilities CVE-2012-4690 CVE-2012-6435 CVE-2012-6436 CVE-2012-6437 CVE-2012-6438 CVE-2012-6439 CVE-2012-6440 CVE-2012-6441 CVE-2012-6442 27 May 2016 10 (v2) Critical Pass MicroLogix 1400 PLC Web Server Multiple Vulnerabilities CVE-2015-6486 CVE-2015-6488 CVE-2015-6491 CVE-2015-6492 31 May 2016 7.5 (v3) High Pass MicroLogix 1400 PLC Web Server Request Handling RCE CVE-2015-6490 31 May 2016 9.8 (v3) Critical Pass TeamSpeak 3 Server Detection 12 Sep 2016 None Pass OMRON FINS TCP Protocol Detection 27 Oct 2016 None Pass X2Engine Detection 23 Feb 2015 None Pass Siemens SIMATIC S7-1200 PLC < 4.1 Open Redirection CVE-2015-1048 02 Mar 2015 4.3 (v2) Medium Pass Honeywell XL Web Controller FTP Directory Traversal CVE-2015-0984 26 Mar 2015 10 (v2) Critical Pass Modbus/TCP Device Identi fi cation 10 May 2015 5.8 (v3) Medium Pass HP WebInspect REST API Unauthorized Access 15 Jun 2015 7.5 (v2) High Pass Rockwell Automation MicroLogix 1100 PLC < Series B FRN 13.0 Multiple Vulnerabilities CVE-2012-6435 CVE-2012-6436 CVE-2012-6437 CVE-2012-6438 CVE-2012-6439 CVE-2012-6441 CVE-2012-6442 07 Jul 2015 10 (v2) Critical Pass Rockwell Automation MicroLogix 1100 PLC < FRN 10.0 Authentication Mechanism DoS CVE-2009-3739 07 Jul 2015 10 (v2) Critical Pass HP LaserJet Printers Multiple Vulnerabilities CVE-2013-4828 CVE-2013-4829 16 Oct 2013 4.3 (v2) Medium Pass eScan Agent Detection 24 May 2007 None Pass MikroTik Neighbor Discovery Protocol Detection 25 Nov 2013 None Pass MikroTik MAC Telnet Protocol Detection 03 Dec 2013 None Pass Emerson Network Power Avocent MergePoint Unity KVM Switch Detection 05 Feb 2014 None Pass F5 Networks BIG-IQ Detection 09 May 2014 None Pass Advantech WebAccess Default Credential Check 14 Apr 2014 7.5 (v2) High Pass Oracle Identity Analytics Detection 28 Apr 2014 None Pass Cisco Network Registrar Web UI Detection 29 Apr 2014 None Pass Cisco TelePresence Supervisor Detection 18 Jun 2014 None Pass Palo Alto Networks PAN-OS < 5.0.15 / 5.1.x < 5.1.10 / 6.0.x < 6.0.6 / 6.1.x < 6.1.1 Bash Shell Remote Code Execution (Shellshock) CVE-2014-6271 CVE-2014-7169 20 Oct 2014 10 (v2) Critical Pass Cisco NX-OS GNU Bash Environment Variable Command Injection Vulnerability (cisco-sa-20140926-bash) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 27 Oct 2014 10 (v2) Critical Pass Honeywell Excel (XL) Web Controller Detection 25 Aug 2014 None Pass McAfee Web Gateway GNU Bash Code Injection (SB10085) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 12 Nov 2014 10 (v2) Critical Pass Cisco TelePresence Conductor Detection 26 Nov 2014 None Pass Sielco Sistemi Winlog Arbitrary File Disclosure CVE-2012-4356 10 Aug 2012 4.3 (v2) Medium Pass Novell File Reporter Agent VOL Tag Remote Code Execution (uncredentialed check) 10 Sep 2012 10 (v2) Critical Pass Magnum MNS-6K Hardcoded Admin Account CVE-2012-3014 05 Oct 2012 7.7 (v2) High Pass HP LaserJet Pro Printers Unauthorized Data Access CVE-2012-5215 19 Mar 2013 8.8 (v2) High Pass VNC Server Unauthenticated Access: Screenshot 22 Apr 2013 7.5 (v2) High Pass HP LaserJet Pro Printers Unauthorized Data Access (April 2013) CVE-2012-5221 09 May 2013 5 (v2) Medium Pass HP Data Protector Components Version Detection 01 Jul 2013 None Pass Tridium Niagara AX Web Server Multiple Vulnerabilities CVE-2012-3024 CVE-2012-3025 CVE-2012-4027 CVE-2012-4028 03 Jul 2013 7.8 (v2) High Pass IPMI Cipher Suites Supported 17 Jul 2013 None Pass HP LaserJet Pro Printers Multiple Information Disclosures (July 2013) CVE-2013-4807 09 Aug 2013 7.8 (v2) High Pass iSCSI Unauthenticated Target Detection 23 Dec 2010 7.5 (v2) High Pass Movicon TcpUploadServer Data Leakage (remote check) 25 Mar 2011 5 (v2) Medium Pass Samsung Data Management Server < 1.4.3 verifyUser Method SQL Injection CVE-2010-4284 11 May 2011 7.5 (v2) High Pass H3C / HP Intelligent Management Center Detection 08 Jun 2011 None Pass Novell File Reporter Engine RECORD Element Tag Parsing Over fl ow (uncredentialed check) CVE-2011-2220 08 Jul 2011 9.7 (v2) High Pass Symantec Veritas Enterprise Administrator Service (vxsvc) Detection 20 Sep 2011 None Pass MS11-082: Vulnerabilities in Host Integration Server Could Allow Denial of Service (2607670) (uncredentialed check) CVE-2011-2007 CVE-2011-2008 25 Oct 2011 5 (v2) Medium Pass Novell Messenger Server Process Memory Remote Information Disclosure CVE-2011-3179 14 Nov 2011 5 (v2) Medium Pass GE D20 Default Credentials 19 Jan 2012 7.5 (v2) High Pass MicroLogix 1100 PLC Default Credentials 19 Jan 2012 6.4 (v2) Medium Pass SEL Controller Default Credentials 19 Jan 2012 7.5 (v2) High Pass Sensitive information can be obtained from the GE D20 Remote Terminal Unit via TFTP 19 Jan 2012 9.4 (v2) High Pass Multiple Cisco Products brstart sm_read_string_length Remote Code Execution CVE-2011-2738 17 Feb 2012 10 (v2) Critical Pass Terminal Services Doesn't Use Network Level Authentication (NLA) Only 23 Mar 2012 4 (v3) Medium Pass Measuresoft ScadaPro < 4.0.1.0 service.exe RF Command Arbitrary File Disclosure CVE-2011-3495 18 Jun 2012 10 (v2) Critical Pass IBM AIX TCP Large Send Denial of Service Vulnerability CVE-2012-0194 11 Jul 2012 7.1 (v2) High Pass Wyse Thin Client hagent.exe Unspeci fi ed Bu ff er Over fl ow 02 Sep 2009 10 (v2) Critical Pass Alert Standard Format / Remote Management and Control Protocol Detection 16 Apr 2010 None Pass Cisco CiscoWorks Internetwork Performance Monitor Remote Command Execution CVE-2008-1157 19 Aug 2008 10 (v2) Critical Pass CiscoWorks Server Common Services Login Page XSS CVE-2007-5582 19 Aug 2008 4.3 (v2) Medium Noise UDP Scanner 04 Feb 2009 None Pass Symantec Backup Exec for Windows Multiple Vulnerabilities CVE-2008-5407 CVE-2008-5408 20 Nov 2008 10 (v2) Critical Pass IBM Baseboard Management Controller Default Credentials 11 Jun 2009 10 (v2) Critical Pass DNP3 Binary Inputs Access Remote Information Disclosure 11 Dec 2006 5 (v2) Medium Pass ICCP/COTP (ISO 8073) Protocol Detection 11 Dec 2006 7.4 (v3) High Pass Tamarack IEC 61850 Server Detection 11 Dec 2006 None Pass Modbus/TCP Coil Access 11 Dec 2006 9.1 (v3) Critical Pass Modbus/TCP Discrete Input Access 11 Dec 2006 5 (v2) Medium Pass Modicon Modbus/TCP Programming Function Code Access 11 Dec 2006 6.5 (v3) Medium Pass Modicon PLC Embedded HTTP Server Detection 11 Dec 2006 5 (v2) Medium Pass Modicon PLC Modbus Slave Mode SNMP Request Modbus Mode Remote Disclosure 11 Dec 2006 5 (v2) Medium Pass iSCSI Target Detection 23 Dec 2010 None Pass Citrix SD-WAN Center Detection 11 Apr 2019 None Pass Symantec Management Center Web Detection 08 May 2019 None Pass Rockwell Automation MicroLogix 1100/1400 and CompactLogix 5370 Controllers Open Redirection Vulnerability CVE-2019-10955 21 May 2019 6.1 (v3) Medium Pass Commvault Web Console Detection 07 Jun 2019 None Pass Cisco Energy Management Web Detection 09 Sep 2019 None Pass Cisco Integrated Management Controller Detection 13 Oct 2014 None Pass Hyper-V Virtual Machine Detection 09 Jun 2015 None Pass Adobe Experience Manager Web Detection 15 Jan 2020 None Pass Bu ff alo TeraStation Web detection 16 Jul 2018 None Pass PostgreSQL Unauthenticated Version Detection 10 Jul 2018 None Pass Isilon OneFS FTP Detection 14 Aug 2018 None Pass Isilon OneFS Web Interface Detection 14 Aug 2018 None Pass Isilon OneFS NTP Detection 14 Aug 2018 None Pass Isilon OneFS uname Detection 14 Aug 2018 None Pass Ansible Tower WebUI Detection 31 Aug 2018 None Pass Zinwave Series 3000 DAS Web Interface Detection 13 Sep 2018 None Pass AXIS FTP Server Detection 02 Oct 2018 None Pass HPE Intelligent Management Center dbman Detection 10 Oct 2018 None Pass DNP3 Detection of Device attributes 02 Nov 2018 None Pass Detect PROFINET targets listening on the Network Layer. 08 Jan 2019 None Pass Oracle WebLogic Web Services Test Client Detection 28 Jan 2019 None Pass Kubernetes Web API Detection 30 Jan 2019 None Pass ShareFile Storage Zones Controller Web Detection 02 Jun 2020 None Pass Trading Technologies Messaging (ttm_cmd) Detection 03 Jun 2020 None Pass IBM Storwize V7000 Uni fi ed 1.3.x < 1.4.3.5 / 1.5.x < 1.5.0.4 Multiple Vulnerabilities (Shellshock) CVE-2014-6271 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2014-6277 CVE-2014-6278 25 Aug 2015 10 (v2) Critical Pass Trend Micro Control Manager Detection (uncredentialed) 17 Feb 2017 None Pass Unitrends Backup Detection 04 May 2017 None Pass Cisco APIC-EM WebUI Detection 05 Feb 2016 None Pass Tenable SecurityCenter Unsupported Version Detection 16 Dec 2013 9.8 (v3) Critical Pass OpenSSL 1.0.1 < 1.0.1g Multiple Vulnerabilities (Heartbleed) CVE-2014-0076 CVE-2014-0160 08 Apr 2014 7.5 (v3) High Pass OpenVPN Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 14 Apr 2014 7.5 (v3) High Pass HP System Management Homepage OpenSSL Multiple Vulnerabilities (Heartbleed) CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2014-0160 18 Apr 2014 7.5 (v3) High Pass HP LaserJet Pro Printers OpenSSL Heartbeat Information Disclosure (HPSBPI03014) (Heartbleed) CVE-2014-0160 01 May 2014 7.5 (v3) High Pass VMware Horizon Workspace 1.8 < 1.8.1 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed) CVE-2014-0076 CVE-2014-0160 06 May 2014 7.5 (v3) High Pass ESXi 5.5 < Build 1746974 / 5.5 Update 1 < Build 1746018 OpenSSL Library Multiple Vulnerabilities (remote check) (Heartbleed) CVE-2014-0076 CVE-2014-0160 08 May 2014 7.5 (v3) High Pass Western Digital Arkeia Virtual Appliance Detection 28 May 2014 None Pass Caldera Detection 05 Jun 2014 None Pass Kerio Connect 8.2.x < 8.2.4 Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 08 Jul 2014 7.5 (v3) High Pass Oracle E-Business (January 2014 CPU) CVE-2013-5874 CVE-2013-5890 CVE-2014-0366 CVE-2014-0398 17 Jan 2014 5.5 (v2) Medium Pass Ipswitch IMail Server 11.x / 12.x < 12.4.1.15 Multiple Vulnerabilities (Heartbleed) CVE-2014-0076 CVE-2014-0160 CVE-2014-3878 14 Jul 2014 7.5 (v3) High Pass Patch Management: Host information from VMware Go (deprecated) 06 Dec 2011 None 35

Pass Juniper Junos OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed) CVE-2014-0160 18 Apr 2014 7.5 (v3) High Pass IBM Spectrum Protect Operations Center Detection 19 Nov 2020 None Pass Atlassian Con fl uence 7.4.x < 7.4.17 / 7.13.x < 7.13.7 / 7.14.x < 7.14.3 / 7.15.x < 7.15.2 / 7.16.x < 7.16.4 / 7.17.x < 7.17.4 / 7.18.x < 7.18.1 (CONFSERVER-79017) 06 Jun 2022 None Pass VMware Cloud Foundation Web Detection 06 Jun 2022 None Pass Oracle E-Business (July 2013 CPU) CVE-2013-3747 CVE-2013-3749 CVE-2013-3756 CVE-2013-3767 CVE-2013-3777 CVE-2013-3778 CVE-2013-3788 27 Sep 2013 5.5 (v2) Medium Pass Oracle E-Business Multiple Vulnerabilities (October 2014 CPU) CVE-2014-4278 CVE-2014-4281 CVE-2014-4285 CVE-2014-6471 CVE-2014-6472 CVE-2014-6479 CVE-2014-6523 CVE-2014-6539 CVE-2014-6550 CVE-2014-6561 17 Oct 2014 7.5 (v2) High Pass HP Data Protector < A.06.20 Multiple Vulnerabilities CVE-2011-1728 CVE-2011-1729 CVE-2011-1730 CVE-2011-1731 CVE-2011-1732 CVE-2011-1733 CVE-2011-1734 CVE-2011-1735 CVE-2011-1736 CVE-2011-2399 10 May 2011 10 (v2) Critical Pass Symantec pcAnywhere Unsupported 08 Feb 2012 10 (v3) Critical Pass HP Data Protector Unsupported 05 Feb 2013 10 (v2) Critical Pass Cisco Uni fi ed Communications Manager SIP DoS (CSCub85597) CVE-2013-3461 24 Sep 2013 7.1 (v2) High Pass Cisco Uni fi ed Communications Manager UDP Memory Leak DoS (CSCub85597) CVE-2013-3460 24 Sep 2013 7.8 (v2) High Pass Cisco Uni fi ed Communications Manager Remote Bu ff er Over fl ow (CSCud54358) CVE-2013-3462 24 Sep 2013 8.5 (v2) High Pass Cisco Uni fi ed Communications Manager Registration Messages DoS (CSCuf93466) CVE-2013-3459 24 Sep 2013 7.8 (v2) High Pass Cisco Uni fi ed Communications Manager Multiple DoS Vulnerabilities (cisco-sa-20130227-cucm) CVE-2013-1133 CVE-2013-1134 25 Sep 2013 7.8 (v2) High Pass Juniper NSM Servers < 2012.2R5 Multiple Vulnerabilities CVE-2012-0022 CVE-2012-5568 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2013 5 (v2) Medium Pass NAS4Free Version 14 Apr 2014 None Pass Cisco Uni fi ed Communications Manager Multiple Re fl ected XSS CVE-2014-3372 CVE-2014-3373 CVE-2014-3374 06 Nov 2014 4.3 (v2) Medium Pass CUCM IM and Presence Service GNU Bash Environment Variable Handling Command Injection (CSCur05454) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 11 Nov 2014 10 (v2) Critical Pass Cisco Uni fi ed Communications Manager SSLv3 Information Disclosure (cisco-sa-20141015-poodle) (POODLE) CVE-2014-3566 12 Nov 2014 4.3 (v2) Medium Pass Cisco TelePresence Conductor Bash Remote Code Execution (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 26 Nov 2014 10 (v2) Critical Pass Cisco Uni fi ed Communications Manager TLS SAN Field MitM (CSCuq86376) CVE-2014-7991 29 Dec 2014 4.3 (v2) Medium Pass Cisco Uni fi ed Communications Manager Remote Bu ff er Over fl ow (CSCus66650) (GHOST) CVE-2015-0235 26 Feb 2015 10 (v2) Critical Pass Cisco TelePresence Conductor Login Security Bypass Vulnerability CVE-2015-0653 20 Mar 2015 10 (v2) Critical Pass Cisco Uni fi ed Communications Manager SQL Injection (CSCut33447 / CSCut33608) CVE-2015-0715 14 May 2015 6.5 (v2) Medium Pass Cisco Uni fi ed Communications Manager SIP Memory Leak DoS (CSCuv39370) CVE-2016-1350 01 Apr 2016 7.5 (v3) High Pass Delta Electronics DIAEnergie Blind SQLi (CVE-2021-38391) CVE-2021-38391 06 Jun 2022 9.8 (v3) Critical Pass Delta Electronics DIAEnergie Detection 06 Jun 2022 None Pass HP Data Protector 7.0x < 7.03 build 108 / 8.1x < 8.15 / 9.0x < 9.06 Multiple Vulnerabilities (HPSBGN03580) (Bar Mitzvah) CVE-2015-2808 CVE-2016-2004 CVE-2016-2005 CVE-2016-2006 CVE-2016-2007 CVE-2016-2008 29 Apr 2016 9.8 (v3) Critical Pass Cisco Uni fi ed Communications Manager Java Object Deserialization RCE (CSCux34835) CVE-2015-6420 10 Oct 2016 9.8 (v3) Critical Pass IBM Domino Unsupported Version Detection 17 Apr 2017 10 (v3) Critical Pass Cisco Uni fi ed Communications Manager SIP UDP Throttling DoS (CSCuz72455) CVE-2017-3808 27 Apr 2017 7.5 (v3) High Pass Cisco Uni fi ed Communications Manager XSS (cisco-sa-20170517-ucm) CVE-2017-6654 25 May 2017 6.1 (v3) Medium Pass HP Data Protector 8.x < 8.17 / 9.x < 9.09 Multiple Vulnerabilities (HPSBGN03732) CVE-2017-5807 CVE-2017-5808 CVE-2017-5809 11 Aug 2017 9.8 (v3) Critical Pass Cisco Uni fi ed Communication Manager HTTP Interface Information Disclosure Vulnerability (CSCvf20218) CVE-2018-0266 27 Apr 2018 4.3 (v3) Medium Pass Ansible Tower 3.1.x < 3.1.8 / 3.2.x < 3.2.6 CSRF vulnerability CVE-2018-10884 31 Aug 2018 8.8 (v3) High Pass Ansible Tower Unsupported Version 31 Aug 2018 10 (v3) Critical Pass Cisco Uni fi ed Communication Manager Apache Struts RCE (CSCvm14042) CVE-2018-11776 05 Sep 2018 8.1 (v3) High Pass IBM Spectrum Protect 7.1.x < 7.1.9.300 / 8.1.x < 8.1.8 Multiple Vulnerabilities CVE-2018-1922 CVE-2018-1923 CVE-2018-1936 CVE-2018-1978 CVE-2018-1980 CVE-2019-4014 CVE-2019-4015 CVE-2019-4016 CVE-2019-4094 24 Jul 2019 7.8 (v3) High Pass Ansible Tower 3.6.x < 3.6.1 Information Disclosure CVE-2019-14890 06 Dec 2019 8.8 (v3) High Pass Dell iDRAC Improper Authorization (DSA-2019-137) CVE-2019-3764 06 Dec 2019 4.3 (v3) Medium Pass DNN (DotNetNuke) 6.0.0 <= 9.3.2 Multiple Vulnerabilities 06 Dec 2019 6.1 (v3) Medium Pass Citrix SD-WAN Center trace_route Unauthenticated Remote Command Injection CVE-2019-12986 18 Dec 2019 9.8 (v3) Critical Pass Oracle E-Business (July 2014 CPU) CVE-2014-0224 CVE-2014-2482 CVE-2014-4213 CVE-2014-4235 CVE-2014-4248 18 Jul 2014 5.8 (v2) Medium Pass Ansible Tower 3.5.x < 3.5.4 / 3.6.x < 3.6.2 Multiple Vulnerabilities CVE-2019-14864 CVE-2019-19340 CVE-2019-19341 CVE-2019-19342 20 Dec 2019 8.2 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.49 Privilege Escalation CVE-2019-12418 27 Dec 2019 7 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.50 Privilege Escalation Vulnerability CVE-2019-17563 27 Dec 2019 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.30 Privilege Escalation Vulnerability CVE-2019-17563 27 Dec 2019 7.5 (v3) High Pass Atlassian JIRA < 7.7.1 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-67108) CVE-2017-18102 06 Jan 2020 5.4 (v3) Medium Pass Atlassian JIRA 6.2.1 < 7.4.4 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-66719) CVE-2017-18039 06 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.4.2 XSS vulnerability (JRASERVER-66624) CVE-2017-16864 07 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.13.6 / 8.x < 8.4.0 XSS (JRASERVER-69795) CVE-2019-8450 09 Jan 2020 4.8 (v3) Medium Pass Atlassian JIRA < 7.13.3 / 8.x < 8.1 XSS vulnerability (JRASERVER-68855) CVE-2018-20239 09 Jan 2020 5.4 (v3) Medium Pass Atlassian JIRA < 7.13.9 / 8.x < 8.3.3 XSS (JRASERVER-69790) CVE-2019-14996 09 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.13.12 / 8.x < 8.4.3 / 8.5.x < 8.5.2 Authorization Bypass (JRASERVER-70405) CVE-2019-15013 09 Jan 2020 4.3 (v3) Medium Pass Atlassian JIRA < 7.6.1 CSRF vulnerability (JRASERVER-66643) CVE-2017-18033 09 Jan 2020 6.5 (v3) Medium Pass nginx 0.8.x < 0.8.33 / 0.7.x < 0.7.65 Windows Filename Pseudonyms (CORE-2010-0121) 13 Jan 2020 3.7 (v3) Low Pass Microsoft Open Management Infrastructure RCE (CVE-2021-38647) CVE-2021-38647 20 Sep 2021 9.8 (v3) Critical Pass Flexera FlexNet Publisher lmadmin < 11.16.5.1 Multiple Vulnerabilities CVE-2019-8960 CVE-2019-8961 20 Jan 2020 7.5 (v3) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Jan 2020 CPU) CVE-2020-2566 CVE-2020-2582 CVE-2020-2586 CVE-2020-2587 CVE-2020-2591 CVE-2020-2596 CVE-2020-2597 CVE-2020-2603 CVE-2020-2651 CVE-2020-2652 CVE-2020-2653 CVE-2020-2657 CVE-2020-2658 CVE-2020-2661 CVE-2020-2662 CVE-2020-2 24 Jan 2020 9.9 (v3) Critical Pass Redis EVAL Lua Sandbox Escape 30 Apr 2018 9 (v3) Critical Pass PostgreSQL STARTTLS Support 19 Oct 2018 None Pass IBM Spectrum Protect Server 7.1.x < 7.1.9.100 / 8.1.x < 8.1.6 Information Disclosure Vulnerability CVE-2018-1788 08 Nov 2018 4.4 (v3) Medium Pass Tenable Nessus < 8.2.2 Stored XSS Vulnerability (TNS-2019-01) CVE-2019-3923 06 Feb 2019 5.4 (v3) Medium Pass HPE Intelligent Management Center dbman Command 10018 Multiple Vulnerabilities CVE-2019-5390 CVE-2019-5391 11 Feb 2020 9.8 (v3) Critical Pass Atlassian Jira 8.2.x < 8.6.0 Improper Authorization on Project Titles Information Disclosure Vulnerability (JRASERVER_70569) CVE-2019-20404 30 Mar 2020 4.3 (v3) Medium Pass Atlassian Jira 8.2 < 8.5.4 Support Files Improper Authorization Vulnerability (JRASERVER-70564) CVE-2019-20402 30 Mar 2020 4.9 (v3) Medium Pass Ansible Tower 3.4.x < 3.4.6 / 3.5.x < 3.5.6 / 3.6.x < 3.6.4 Denial of Service Vulnerability CVE-2020-10697 02 Apr 2020 4.4 (v3) Medium Pass Jenkins < (2.204.6 / 2.222.1) LTS / 2.228 Multiple Vulnerabilities CVE-2020-2160 CVE-2020-2161 CVE-2020-2162 CVE-2020-2163 02 Apr 2020 8.8 (v3) High Pass Dell iDRAC Bu ff er Over fl ow Vulnerability (CVE-2020-5344) CVE-2020-5344 03 Apr 2020 9.8 (v3) Critical Pass Atlassian Jira 7.13 < 8.5.5 Jira Project Key Information Disclosure (JRASERVER-70565) CVE-2019-20403 06 Apr 2020 5.3 (v3) Medium Pass Atlassian Jira < 7.1.9 Role Name XSS (JRASERVER-61861) CVE-2016-4318 08 Apr 2020 4.8 (v3) Medium Pass Apache 2.4.x < 2.4.42 Multiple Vulnerabilities CVE-2020-1927 CVE-2020-1934 10 Apr 2020 6.1 (v3) Medium Pass Pulse Connect Secure XSS (SA3877) CVE-2018-20808 17 Apr 2020 6.1 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2020 CPU) CVE-2020-2594 CVE-2020-2706 17 Apr 2020 6.5 (v3) Medium Pass Atlassian Jira 7.6 < 8.5.2 XSRF (JRASERVER-70406) CVE-2019-20401 21 Apr 2020 6.5 (v3) Medium Pass MongoDB 2.x, 3.0.x < 3.0.15, 3.1.x < 3.2.14, 3.3.x < 3.3.14 Mongo Shell Information Disclosure Vulnerability (SERVER-25335) CVE-2016-6494 23 Apr 2020 5.5 (v3) Medium Pass PHP 7.2.x < 7.2.30 Multiple Vulnerabilities CVE-2020-7067 23 Apr 2020 7.5 (v3) High Pass PHP 7.4.x < 7.4.5 urldecode OOB Read CVE-2020-7067 24 Apr 2020 7.5 (v3) High Pass ManageEngine PAM360 Detection 23 May 2022 None Pass Jenkins plugins Multiple Vulnerabilities (2022-04-12) CVE-2022-29036 CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 CVE-2022-29047 CVE-2022-29048 CVE-2022-29049 CVE-2022-2 23 May 2022 8.8 (v3) High Pass Cisco UCS Director JavaScript Cross-Site Scripting Vulnerability CVE-2022-20765 23 May 2022 4.8 (v3) Medium Pass Jenkins Security Advisory 2019-01-08 Multiple Vulnerabilities CVE-2019-1003000 CVE-2019-1003001 CVE-2019-1003002 24 Sep 2019 8.8 (v3) High Pass PHP 7.3.x < 7.3.10 Heap-Based Bu ff er Over fl ow Vulnerability. 04 Oct 2019 8.1 (v3) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Oct 2019 CPU) CVE-2019-2925 CVE-2019-2930 CVE-2019-2942 CVE-2019-2990 CVE-2019-2994 CVE-2019-2995 CVE-2019-3000 CVE-2019-3022 CVE-2019-3024 CVE-2019-3027 18 Oct 2019 8.2 (v3) High Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (Oct 2019 CPU) CVE-2017-12626 CVE-2019-11358 CVE-2019-12086 CVE-2019-14379 CVE-2019-14439 21 Oct 2019 9.8 (v3) Critical Pass Default Password ('scpuser') for 'scpuser' Account 21 Oct 2019 9.8 (v3) Critical Pass vBulletin 'widget_php' Command Execution CVE-2019-16759 23 Oct 2019 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway 12.5.x < 12.5.4 XSS CVE-2019-12705 25 Oct 2019 6.1 (v3) Medium Pass PHP < 7.1.33 / 7.2.x < 7.2.24 / 7.3.x < 7.3.11 Remote Code Execution Vulnerability. CVE-2019-11043 25 Oct 2019 9.8 (v3) Critical Pass Citrix SD-WAN Center and NetScaler SD-WAN Center addModifyZTDProxy Unauthenticated Remote Command Injection CVE-2019-12988 29 Oct 2019 9.8 (v3) Critical Pass Tenable Nessus < 8.7.0 DoS (TNS-2019-06) CVE-2019-3982 01 Nov 2019 6.5 (v3) Medium Pass HP Data Protector Backup Agent RCE CVE-2006-4201 14 Aug 2006 7.5 (v2) High Pass HP Data Protector OmniInet.exe MSG_PROTOCOL Command RCE CVE-2007-2280 05 Jan 2010 10 (v2) Critical Pass jQuery UI Detection 31 Dec 2021 None Pass IBM Spectrum Protect 7.1.x < 7.1.10.100 / 8.1.x < 8.1.9.300 Stack-based Bu ff er Over fl ow CVE-2020-4415 13 May 2020 9.8 (v3) Critical Pass vBulletin 'getIndexableContent' SQL Injection (direct check) CVE-2020-12720 15 May 2020 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.31 / 7.3.x < 7.3.18, 7.4.x < 7.4.6 Denial of Service (DoS) CVE-2019-11048 21 May 2020 5.3 (v3) Medium Pass Cisco IOS XE Software Web UI REST API Authentication Bypass Vulnerability CVE-2017-12229 02 Oct 2017 9.8 (v3) Critical Pass Oracle WebCenter Content Unspeci fi ed Vulnerability (April 2018 CPU) CVE-2018-2828 22 May 2020 8.2 (v3) High Pass Cisco IOS XE Software Plug-and-Play PKI API Certi fi cate Validation Vulnerability CVE-2017-12228 06 Oct 2017 5.9 (v3) Medium Pass Atlassian JIRA < 8.7.0 SSRF (JRASERVER-71204) CVE-2019-20408 09 Jul 2020 5.3 (v3) Medium Pass Atlassian Jira < 7.13.14 / 8.5.x < 8.5.5 / 8.8.x < 8.8.2 / 8.9.0 < 8.9.1 MitM (JRASERVER-71198) CVE-2020-14168 09 Jul 2020 5.9 (v3) Medium Pass Atlassian JIRA < 7.13.14 / 8.5.x < 8.5.5 / 8.8.x < 8.8.2 / 8.9.x < 8.9.1 DoS (JRASERVER-71197) CVE-2020-14167 10 Jul 2020 7.5 (v3) High Pass TYPO3 10.4.x < 10.4.2 Information Disclosure (TYPO3-CORE-SA-2020-001) CVE-2020-11063 13 Jul 2020 3.7 (v3) Low Pass Atlassian JIRA < 8.4.2 Information disclosure in Application links plugin CVE-2019-15011 CVE-2019-15013 20 Dec 2019 4.3 (v3) Medium Pass Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass Vulnerability (cisco-sa-c2960L-DpWA9Re4) CVE-2020-3231 26 Jun 2020 4.7 (v3) Medium Pass Oracle Oracle E-Business Suite (Jul 2020 CPU) CVE-2020-14534 CVE-2020-14554 CVE-2020-14555 CVE-2020-14582 CVE-2020-14590 CVE-2020-14596 CVE-2020-14598 CVE-2020-14599 CVE-2020-14610 CVE-2020-14635 CVE-2020-14657 CVE-2020-14658 CVE-2020-14659 CVE-2020-14660 CVE-2020-1 15 Jul 2020 9.1 (v3) Critical Pass Cisco IOS XE Software Static Credential Vulnerability CVE-2018-0150 29 Mar 2018 9.8 (v3) Critical Pass SolarWinds Web Help Desk - Web Detection 24 Mar 2022 None Pass SolarWinds Orion Platform 2020.2.0 < 2020.2.6 HF1 Multiple Vulnerabilities XSS CVE-2021-35219 CVE-2021-35220 CVE-2021-35221 CVE-2021-35222 CVE-2021-35238 CVE-2021-35239 CVE-2021-35240 17 Nov 2021 9.6 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11138) CVE-2021-0245 15 Apr 2021 7.8 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11175) CVE-2021-0255 CVE-2021-0256 15 Apr 2021 7.8 (v3) High 36

Pass Juniper Junos OS Vulnerability (JSA11129) CVE-2021-0234 15 Apr 2021 5.8 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11151) CVE-2021-0260 15 Apr 2021 7.3 (v3) High Pass Juniper Junos OS Vulnerability (JSA11133) CVE-2021-0238 15 Apr 2021 5.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11146) CVE-2021-0253 15 Apr 2021 7.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11130) CVE-2021-0235 15 Apr 2021 7.3 (v3) High Pass Cisco Catalyst 9200 Series Switches Jumbo Frame DoS (cisco-sa-JP-DOS-g5FfGm8y) CVE-2020-3527 23 Apr 2021 8.6 (v3) High Pass Cisco NX-OS Precision Time Protocol (PTP) Denial of Service Vulnerability CVE-2018-0378 17 Sep 2019 8.6 (v3) High Pass Cisco NX-OS Software Call Home Command Injection (cisco-sa-callhome-cmdinj-zkxzSCY) CVE-2020-3454 03 Sep 2020 7.2 (v3) High Pass Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability CVE-2019-1594 10 Jul 2019 7.4 (v3) High Pass WordPress Plugin Detection 20 Jul 2017 None Pass Jenkins Enterprise and Operations Center < 2.249.33.0.1 / 2.277.42.0.1 / 2.303.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2021-10-06) CVE-2014-3577 CVE-2021-21682 CVE-2021-21683 CVE-2021-21684 22 Nov 2021 6.5 (v3) Medium Pass ThinkPHP < 5.0.24 RCE CVE-2019-9082 10 Dec 2021 8.8 (v3) High Pass Cisco IOS XE Software Errdisable Vulnerabilities (cisco-sa-20180926-errdisable) CVE-2018-0480 05 Oct 2018 6.1 (v3) Medium Pass Cisco IOS XE Software IPsec DoS Vulnerability (cisco-sa-20180926-ipsec) CVE-2018-0472 05 Oct 2018 8.6 (v3) High Pass Cisco IOS XE Software IPv6 Hop-by-Hop DoS Vulnerability (cisco-sa-20180926-ipv6hbh) CVE-2018-0467 05 Oct 2018 8.6 (v3) High Pass Cisco IOS XE Software Command Injection Vulnerabilities (cisco-sa-20180926-iosxe-cmdinj) CVE-2018-0477 CVE-2018-0481 05 Oct 2018 6.7 (v3) Medium Pass VMware vCenter Server Virtual SAN Health Check plug-in RCE (CVE-2021-21985) (direct check) CVE-2021-21985 03 Jun 2021 9.8 (v3) Critical Pass GitLab SSRF (CVE-2021-22214) CVE-2021-22214 11 Aug 2021 8.6 (v3) High Pass Nagios XI < 5.8.5 Multiple Vulnerabilities CVE-2021-33177 CVE-2021-33179 CVE-2021-36363 CVE-2021-36364 CVE-2021-36365 CVE-2021-36366 CVE-2021-37343 CVE-2021-37345 CVE-2021-37347 CVE-2021-37348 CVE-2021-37349 CVE-2021-37350 CVE-2021-37351 CVE-2021-37352 24 Sep 2021 9.8 (v3) Critical Pass ManageEngine EventLog Analyzer < Build 12201 REST API Restriction Bypass RCE CVE-2021-40539 04 Oct 2021 9.8 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (January 2015 CPU) CVE-2014-6525 CVE-2014-6556 CVE-2014-6572 CVE-2014-6581 CVE-2014-6582 CVE-2014-6583 CVE-2015-0380 CVE-2015-0393 CVE-2015-0404 CVE-2015-0415 23 Jan 2015 6.4 (v2) Medium Pass Apache Log4Shell RCE detection via Path Enumeration (Direct Check HTTP) CVE-2021-44228 12 Dec 2021 10 (v3) Critical Pass Apache Log4Shell RCE detection via callback correlation (Direct Check IMAP) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass VMware Horizon Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028) CVE-2021-44228 07 Jan 2022 10 (v3) Critical Pass Cisco Small Business Wireless Access Point Web Detection 10 Jan 2022 None Pass Oracle E-Business Multiple Vulnerabilities (April 2015 CPU) CVE-2015-0447 CVE-2015-0504 CVE-2015-2565 16 Apr 2015 4.3 (v2) Medium Pass Atlassian Jira < 8.19.0 Broken Access Control (JRASERVER-72737) CVE-2021-39119 27 Jan 2022 5.3 (v3) Medium Pass Microsoft Windows 10 Version 20H2 Unsupported Version Detection 07 Jun 2022 10 (v3) Critical Pass Tenable Nessus 10.x < 10.1.1 / 8.x < 8.15.3 Third-Party Vulnerabilities (TNS-2022-05) CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-23852 CVE-2022-23990 08 Feb 2022 9.8 (v3) Critical Pass Western Digital MyCloud Web Interface Detection 10 Jan 2018 None Pass Oracle GoldenGate Manager Version Detection 05 Jun 2017 None Pass Splunk Enterprise 8.1.x < 8.1.7.2 / 8.2.x < 8.2.3.3 Log4j CVE-2021-44228 CVE-2021-45046 25 Feb 2022 10 (v3) Critical Pass ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2022-0004) CVE-2021-22040 CVE-2021-22041 CVE-2021-22042 CVE-2021-22043 CVE-2021-22050 01 Mar 2022 7.8 (v3) High Pass Symantec pcAnywhere Default Accounts 17 Apr 2018 9.8 (v3) Critical Pass Huawei Versatile Routing Platform Version Detection 25 Jul 2014 None Pass Cisco Application Policy Infrastructure Controller Arbitrary File Read and Write (cisco-sa-capic-frw-Nt3RYxR2) CVE-2021-1577 10 Feb 2022 9.1 (v3) Critical Pass Cisco NX-OS Software MPLS OAM DoS (cisco-sa-nxos-mpls-oam-dos-sGO9x5GM) CVE-2021-1588 11 Feb 2022 8.6 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (April 2016 CPU) CVE-2016-0697 CVE-2016-3434 CVE-2016-3436 CVE-2016-3437 CVE-2016-3439 CVE-2016-3447 CVE-2016-3466 20 Apr 2016 9.1 (v3) Critical Pass Apache APISIX HTTP Detection 20 Apr 2022 None Pass GitLab < 14.3.6 / 14.4.x < 14.4.4 / 14.5.x < 14.5.2 Invalid Authorization CVE-2022-0549 14 Mar 2022 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11189) CVE-2021-0287 15 Mar 2022 6.5 (v3) Medium Pass SSL Certi fi cate Signed Using Weak Hashing Algorithm (Known CA) CVE-2004-2761 08 Dec 2016 None Pass MySQL Enterprise Monitor (MEM) Web Detection 07 Jun 2010 None Pass Juniper Junos OS Bu ff er Over fl ow (JSA11142) CVE-2021-0249 24 May 2021 9.8 (v3) Critical Pass SSL Certi fi cate Signed Using Weak Hashing Algorithm CVE-2004-2761 05 Jan 2009 7.5 (v3) High Pass mDNS Detection (Remote Network) 28 Apr 2004 5 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11164) CVE-2021-0273 15 Apr 2021 5.3 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11140) CVE-2021-0247 15 Apr 2021 5.5 (v3) Medium Pass IBM DB2 Unsupported Version Detection 26 Jul 2011 10 (v2) Critical Pass Cisco IOS XE Version 10 Jul 2013 None Pass IBM WebSphere Java Object Deserialization RCE CVE-2015-7450 02 Dec 2015 9.8 (v3) Critical Pass Nessus Unsupported Version Detection 16 Dec 2013 10 (v2) Critical Pass Apple iTunes < 12.11.3 Multiple Vulnerabilities (uncredentialed check) CVE-2020-7463 CVE-2021-1811 CVE-2021-1825 CVE-2021-1857 27 Apr 2021 6.5 (v3) Medium Pass Rockwell Automation MicroLogix 1400 PLC Default Credentials 20 Apr 2016 10 (v2) Critical Pass Cisco IOS XE Software IP Detail Record DoS (cisco-sa-20160928-ipdr) CVE-2016-6379 12 Nov 2019 7.5 (v3) High Pass Emerson SM-Ethernet Web Interface Default Credentials 01 Dec 2015 7.5 (v2) High Pass Cisco NX-OS Software IPv6 Netstack DoS (cisco-sa-nxos-ipv6-netstack-edXPGV7K) CVE-2021-1387 06 May 2021 8.6 (v3) High Pass Juniper Junos OS Information Disclosure (JSA11126) CVE-2021-0231 13 May 2021 6.5 (v3) Medium Pass Cisco Telepresence Management Suite Web Detection 10 Jul 2019 None Pass Cisco NX-OS Software IPv6 Access Control List Bypass (cisco-sa-ipv6-acl-CHgdYk8j) CVE-2021-1389 12 Feb 2021 6.5 (v3) Medium Pass FNET TCP/IP Stack - HTTP Detection 14 May 2021 None Pass Keil TCPnet TCP/IP Stack - HTTP Detection 14 May 2021 None Pass Sybase ASE Login Possible 16 Dec 2019 None Pass uIP/Contiki TCP/IP Stack - HTTP Detection 14 May 2021 None Pass Nut/Net TCP/IP Stack - HTTP Detection 14 May 2021 None Pass lwIP TCP/IP Stack - HTTP Detection 14 May 2021 None Pass emNet TCP/IP Stack - HTTP Detection 14 May 2021 None Pass Cisco Application Services Engine (ASE) Detection 14 May 2021 None Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access (cisco-sa-n9kaci-unauth-access-5PWzDx2w) CVE-2021-1228 11 May 2021 6.5 (v3) Medium Pass CMX-TCP/IP Stack - HTTP Detection 17 May 2021 None Pass NicheStack TCP/IP Stack - HTTP Detection 17 May 2021 None Pass emNet TCP/IP Stack - FTP Detection 18 May 2021 None Pass CMX-TCP/IP Stack - FTP Detection 18 May 2021 None Pass Keil TCPnet TCP/IP Stack - FTP Detection 18 May 2021 None Pass Juniper Junos OS DoS (JSA11131) CVE-2021-0236 20 May 2021 6.5 (v3) Medium Pass Juniper Junos OS DoS (JSA11125) CVE-2021-0230 20 May 2021 7.5 (v3) High Pass Cisco Web Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-gY2AEz2H) CVE-2021-1516 21 May 2021 6.5 (v3) Medium Pass Cisco Email Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-gY2AEz2H) CVE-2021-1516 21 May 2021 6.5 (v3) Medium Pass Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol DoS (cisco-sa-20180620-nxos-cdp) CVE-2018-0331 09 Jul 2020 6.5 (v3) Medium Pass iLO 3 < 1.65 / iLO 4 < 1.32 Multiple Vulnerabilities CVE-2013-4842 CVE-2013-4843 14 Feb 2019 6.1 (v3) Medium Pass Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution (cisco-sa-20180620-fxnxos-dos) CVE-2018-0303 09 Jul 2020 8.8 (v3) High Pass Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution (cisco-sa-20180620-fxnxos-dos) CVE-2018-0303 09 Jul 2020 8.8 (v3) High Pass Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol DoS (cisco-sa-20180620-nxos-cdp) CVE-2018-0331 09 Jul 2020 6.5 (v3) Medium Pass iLO 3 < 1.50 / iLO 4 < 1.13 Information Disclosure Vulnerability CVE-2012-3271 14 Feb 2019 7.5 (v3) High Pass Cisco NX-OS Software Role-Based Access Control Elevated Privileges (cisco-sa-20180620-nxosrbac) CVE-2018-0293 09 Jul 2020 8.8 (v3) High Pass iLO 3 < 1.85 / iLO 4 < 2.22 Denial of Service Vulnerability CVE-2015-5435 14 Feb 2019 5.3 (v3) Medium Pass CoDeSys Unprotected Gateway Service 11 Mar 2013 7.5 (v2) High Pass Cisco IOS XE Software Privilege Escalation (cisco-sa-XE-FSM-Yj8qJbJc) CVE-2021-1391 29 Mar 2021 6.7 (v3) Medium Pass Cisco IOS Software for Industrial Routers Virtual LPWA Unauthorized Access (cisco-sa-ios-lpwa-access-cXsD7PRA) CVE-2020-3426 02 Apr 2021 9.1 (v3) Critical Pass iLO 5 < 1.40 Cross Site Scripting (XSS) Vulnerability CVE-2018-7117 17 Apr 2019 6.1 (v3) Medium Pass iLO 3 < 1.90 / iLO 4 < 2.61 / iLO 5 < 1.35 Remote Code Execution Vulnerability (HPESBHF03866) CVE-2018-7105 27 Mar 2020 7.2 (v3) High Pass Cisco NX-OS Software CLI Arbitrary Command Execution (cisco-sa-20180620-nx-os-cli-execution) CVE-2018-0306 09 Jul 2020 7.8 (v3) High Pass OS Identi fi cation : SSH 21 May 2007 None Pass iLO 4 < 2.60 / iLO 5 < 1.30 Multiple Vulnerabilities CVE-2018-7078 CVE-2018-7101 08 Feb 2019 7.2 (v3) High Pass HP iLO 4 <= 2.52 RCE CVE-2017-12542 28 Aug 2017 10 (v3) Critical Pass MySQL 8.0.x < 8.0.16 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU) CVE-2019-1559 CVE-2019-2566 CVE-2019-2580 CVE-2019-2581 CVE-2019-2584 CVE-2019-2585 CVE-2019-2587 CVE-2019-2589 CVE-2019-2592 CVE-2019-2593 CVE-2019-2596 CVE-2019-2606 CVE-2019-2607 CVE-2019-2614 CVE-2019-2617 CVE-2019-2 18 Apr 2019 9.8 (v3) Critical Pass HSTS Missing From HTTPS Server (RFC 6797) 17 Nov 2020 6.5 (v3) Medium Pass Cisco Web Security Appliance XSS (cisco-sa-wsa-xss-mVjOWchB) CVE-2021-1490 13 May 2021 6.1 (v3) Medium Pass iLO 2 <= 2.23 Denial of Service Vulnerability CVE-2014-2601 18 Feb 2019 7.5 (v3) High Pass Cisco Firepower Threat Defense Software IP Fragment Memory Leak (cisco-sa-asaftd-frag-memleak-mCtqdP9n) CVE-2020-3373 24 May 2021 8.6 (v3) High Pass Schneider Electric C-Gate Detection 26 May 2021 None Pass Juniper Junos OS Multiple DoS Vulnerabilities (JSA11167) CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 26 May 2021 7.5 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation DoS (cisco-sa-n9kaci-bgp-De9dPKSK) CVE-2021-1230 26 May 2021 7.5 (v3) High Pass Nagios XI < 5.7.5 Multiple Vulnerabilities CVE-2020-28648 CVE-2020-28906 28 May 2021 8.8 (v3) High Pass Nagios XI < 5.7 Code Injection CVE-2021-3273 28 May 2021 7.2 (v3) High Pass Nagios XI < 5.8 Privilege Escalatioon CVE-2020-28910 28 May 2021 9.8 (v3) Critical Pass EMC RSA Archer < 6.6.0.6 and < 6.7.0.3 authorization bypass CVE-2020-5333 21 Aug 2020 4.3 (v3) Medium Pass EMC RSA Archer < 6.5.0.7, < 6.6.0.6 and < 6.7.0.1 Multiple Vulnerabilities CVE-2020-5336 CVE-2020-5337 21 Aug 2020 6.1 (v3) Medium Pass EMC RSA Archer < 6.7.0.3 Multiple Vulnerabilities CVE-2020-5331 CVE-2020-5332 08 May 2020 7.2 (v3) High Pass EMC RSA Archer < 6.5.0.7, < 6.6.0.6 and < 6.7.0.2 Multiple Vulnerabilities CVE-2020-5334 CVE-2020-5335 21 Aug 2020 8.8 (v3) High Pass EMC RSA Archer 6.8 < 6.8.0.4 / 6.9 < 6.9.0.1 URL Injection CVE-2020-26884 02 Dec 2020 6.1 (v3) Medium Pass VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0004) (Heartbleed) CVE-2014-0076 CVE-2014-0160 30 Dec 2015 7.5 (v3) High 37

Pass Oracle E-Business Multiple Vulnerabilities (July 2015 CPU) CVE-2014-3571 CVE-2015-1926 CVE-2015-2610 CVE-2015-2615 CVE-2015-2618 CVE-2015-2630 CVE-2015-2645 CVE-2015-2652 CVE-2015-4728 CVE-2015-4739 CVE-2015-4741 CVE-2015-4743 CVE-2015-4765 15 Jul 2015 5.5 (v2) Medium Pass Oracle E-Business Multiple Vulnerabilities (October 2015 CPU) CVE-2015-4762 CVE-2015-4798 CVE-2015-4839 CVE-2015-4845 CVE-2015-4846 CVE-2015-4849 CVE-2015-4851 CVE-2015-4854 CVE-2015-4865 CVE-2015-4884 CVE-2015-4886 CVE-2015-4898 21 Oct 2015 10 (v2) Critical Pass Oracle E-Business Multiple Vulnerabilities (October 2016 CPU) CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 CVE-2016-5489 CVE-2016-5517 CVE-2016-5532 CVE-2016-5557 CVE-2016-5562 CVE-2016-5567 CVE-2016-5570 CVE-2016-5571 CVE-2016-5575 CVE-2016-5581 CVE-2016-5 20 Oct 2016 8.2 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (July 2018 CPU) CVE-2018-2934 CVE-2018-2953 CVE-2018-2988 CVE-2018-2991 CVE-2018-2993 CVE-2018-2994 CVE-2018-2995 CVE-2018-2996 CVE-2018-2997 CVE-2018-3008 CVE-2018-3012 CVE-2018-3017 CVE-2018-3018 20 Jul 2018 8.2 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (Jan 2019 CPU) CVE-2019-2396 CVE-2019-2400 CVE-2019-2440 CVE-2019-2445 CVE-2019-2447 CVE-2019-2453 CVE-2019-2470 CVE-2019-2485 CVE-2019-2488 CVE-2019-2489 CVE-2019-2491 CVE-2019-2492 CVE-2019-2496 CVE-2019-2497 CVE-2019-2498 CVE-2019-2 18 Jan 2019 9.1 (v3) Critical Pass DNP3 Outstation Unsolicited Messaging Support 11 Dec 2006 5 (v2) Medium Pass Juniper Junos OS Spoo fi ng (JSA11240) CVE-2021-31375 25 Mar 2022 5.3 (v3) Medium Pass ArubaOS-CX < 10.04.2000 Memory Corruption (ARUBA-PSA-2020-009) CVE-2020-7122 01 Jun 2021 7.5 (v3) High Pass ArubaOS-CX < 10.04.3031 Memory Corruption (ARUBA-PSA-2020-009) CVE-2020-7121 01 Jun 2021 7.5 (v3) High Pass Sybase EAServer 6.3.1 < 6.3.1.07 Build 63107 / 6.2 < 6.2.0.12 Build 62012 Multiple Vulnerabilities 27 Jun 2013 10 (v2) Critical Pass Multiple Web Server Encoded Space (%20) Request ASP Source Disclosure CVE-2001-1248 CVE-2007-3407 14 Aug 2002 5.3 (v3) Medium Pass Cisco Email Security Appliance MP3 Content Filter Bypass (cisco-sa-20191120-esa-mp3-bypass) CVE-2019-15971 29 Jul 2020 4.3 (v3) Medium Pass Sybase EAServer XML External Entity (XXE) Arbitrary File Disclosure 31 Jul 2013 7.8 (v2) High Pass CA iTechnology iGateway Service Content-Length Bu ff er Over fl ow CVE-2005-3653 24 Jan 2006 10 (v2) Critical Pass Cisco UCS Director Authentication Bypass (cisco-sa-20190821-imcs-ucs-authby) CVE-2019-1937 26 Aug 2019 9.8 (v3) Critical Pass Adobe Connect < 11.0.5 XSS (ASPB20-69) CVE-2020-24442 CVE-2020-24443 12 Nov 2020 6.1 (v3) Medium Pass ManageEngine Desktop Central 10 < Build 100282 Remote Privilege Escalation CVE-2018-13411 CVE-2018-13412 21 Sep 2018 8.8 (v3) High Pass ManageEngine Desktop Central < 10 Build 10.0.533 Integer Over fl ow CVE-2020-15588 06 Aug 2020 9.8 (v3) Critical Pass ISC BIND Zone Update Vulnerability (cve-2020-8624) CVE-2020-8624 27 Aug 2020 4.3 (v3) Medium Pass ISC BIND 9.x < 9.11.22, 9.12.x < 9.16.6, 9.17.x < 9.17.4 DoS CVE-2020-8622 27 Aug 2020 6.5 (v3) Medium Pass Juniper Junos BGP DoS (JSA11024) CVE-2020-1640 10 Sep 2020 7.5 (v3) High Pass Cisco UCS Director Authentication Bypass (cisco-sa-20190821-imcs-ucs-authbypass) CVE-2019-1974 09 Jun 2020 9.8 (v3) Critical Pass Juniper Junos MX Series PFE Large Packet DoS (JSA11041) CVE-2020-1655 24 Jul 2020 5.3 (v3) Medium Pass Juniper Junos Denial of Service (DoS) JSA11030 CVE-2020-1643 17 Jul 2020 5.5 (v3) Medium Pass Juniper Junos RPD Crash DoS (JSA11032) CVE-2020-1644 24 Jul 2020 7.5 (v3) High Pass Juniper Junos Kernel Crash (vmcore) or FPC Crash (JSA11040) CVE-2020-1653 24 Jul 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.19 / 8.0.x < 8.0.12 / 8.1.x < 8.1.3 Vulnerability CVE-2019-1579 19 Jul 2019 8.1 (v3) High Pass Cisco Email Security Appliance URL Filtering Bypass (cisco-sa-esa-url-bypass-zZtugtg3) CVE-2020-3568 09 Oct 2020 5.8 (v3) Medium Pass Juniper Junos MX/EX9200 Series: DDoS Vulnerability (JSA11062) CVE-2020-1665 23 Oct 2020 5.3 (v3) Medium Pass Juniper Junos SNMP DoS (JSA11080) CVE-2020-1683 23 Oct 2020 7.5 (v3) High Pass Juniper Junos NFX350 Series Readable Password Hashes Vulnerability (JSA11066) CVE-2020-1669 22 Oct 2020 6.3 (v3) Medium Pass Juniper Junos OS PTX/QFX Series: Unexpected Packet Forwarding Vulnerability (JSA11076) CVE-2020-1679 23 Oct 2020 7.5 (v3) High Pass Juniper Junos OS SRX Series: High CPU Load Utilization Vulnerability (JSA11081) CVE-2020-1684 23 Oct 2020 7.5 (v3) High Pass IBM MQ 8.0 < 8.0.0.15 / 8.1 < 8.1.0.5 HPE/ 9.1 < 9.1.0.5 LTS / 9.1 < 9.2 CD DoS CVE-2020-4376 02 Sep 2020 6.5 (v3) Medium Pass Juniper Junos OS Privilege Escalation (JSA11237) CVE-2021-31372 29 Mar 2022 8.8 (v3) High Pass Juniper Junos OS DoS (JSA11239) CVE-2021-31374 29 Mar 2022 7.5 (v3) High Pass Oracle Containers for J2EE Detection 21 May 2014 None Pass Juniper JSA11147 CVE-2021-0254 13 May 2021 9.8 (v3) Critical Pass Cisco TANDBERG MXP < 9.0 SNMP Packet Handling DoS 10 Sep 2013 7.8 (v2) High Pass Cisco Email Security Appliance Zip Content Filter Bypass (cisco-sa-esa-zip-bypass-gbU4gtTg) CVE-2020-26082 21 May 2021 5.8 (v3) Medium Pass Nagios Fusion < 4.1.9 Multiple Vulnerabilities CVE-2020-28900 CVE-2020-28901 CVE-2020-28902 CVE-2020-28903 CVE-2020-28904 CVE-2020-28905 CVE-2020-28906 CVE-2020-28907 CVE-2020-28908 CVE-2020-28909 CVE-2020-28911 28 May 2021 9.8 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (July 2017 CPU) (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6305 CVE-2016-6306 CVE-2016-6307 CVE-2016-6308 CVE-2016-6309 CVE-2016-7 20 Jul 2017 9.8 (v3) Critical Pass ArubaOS-Switch 16.08 < 16.08.0009 / 16.09 < 16.09.0007 / 16.10 < 16.10.0003 (ARUBA-PSA-2020-001) CVE-2019-5322 01 Jun 2021 7.5 (v3) High Pass ManageEngine SupportCenter Plus < 7.9 Build 7917 attach Parameter Directory Traversal 03 Feb 2014 7.7 (v3) High Pass CockroachDB 19.2 < 19.2.12 / 20.1 < 20.1.11 / 20.2 < 20.2.4 DoS (A58932) CVE-2021-3121 04 Apr 2022 8.6 (v3) High Pass Juniper Junos OS Blocking Unexpected Tra ffi c (JSA11095) CVE-2021-0205 02 Jun 2021 5.8 (v3) Medium Pass Symantec Messaging Gateway 9.5.x Multiple Vulnerabilities (SYM12-018) 27 Nov 2012 4.3 (v2) Medium Pass nginx ngx_http_proxy_module.c Memory Disclosure CVE-2013-2070 29 May 2013 6.5 (v3) Medium Pass Juniper Junos OS Privilege Escalation in J-Web (JSA11100) CVE-2021-0210 04 Feb 2021 6.8 (v3) Medium Pass Pivotal RabbitMQ Management Plugin 3.4.x / 3.5.x / 3.6.x < 3.6.9 Multiple Vulnerabilities CVE-2017-4965 CVE-2017-4966 CVE-2017-4967 19 May 2017 6.1 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.6 Directory Traversal (CVE-2021-20354) CVE-2021-20354 25 Feb 2021 7.5 (v3) High Pass Cisco Content Security Management Appliance Information Disclosure (cisco-sa-esa-sma-info-disclo-VOu2GHbZ) CVE-2021-1425 05 Mar 2021 4.3 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.13 / 9.0.x < 9.0.7 RCE CVE-2020-1990 16 Apr 2020 7.2 (v3) High Pass Cisco Email Security Appliance Information Disclosure (cisco-sa-esa-sma-info-disclo-VOu2GHbZ) (deprecated) CVE-2021-1425 05 Mar 2021 4.3 (v3) Medium Pass Artifactory Detect 12 Mar 2014 None Pass Cisco IOS XE Software Denial of Service (cisco-sa-ewlc-dos-AnvKvMxR) CVE-2020-3206 18 Jun 2020 4.7 (v3) Medium Pass OS Security Patch Assessment Checks Not Supported 26 Jun 2018 None Pass Trend Micro SafeSync for Enterprise (SSFE) Detection 05 Jun 2017 None Pass Kibana Detection 21 May 2018 None Pass ManageEngine SupportCenter Plus < 7.9 Build 7905 Multiple Vulnerabilities 03 May 2012 7.4 (v3) High Pass MacOS root Authentication Bypass Direct check over VNC Server (unauthenticated) 30 Nov 2017 9.8 (v3) Critical Pass CoDeSys Unauthenticated Command-line Access CVE-2012-6068 02 Nov 2012 9.8 (v3) Critical Pass nginx < 1.0.14 / 1.1.17 HTTP Header Response Memory Disclosure CVE-2012-1180 21 Mar 2012 5.3 (v3) Medium Pass Apache Druid Detection 30 Mar 2021 None Pass nginx HTTP Request Multiple Vulnerabilities CVE-2009-2629 CVE-2009-3896 24 Sep 2009 7.3 (v3) High Pass HP O ffi ceJet Printer Detection 02 Jun 2014 None Noise SYN Scanner 04 Feb 2009 None Pass Adobe Connect <11.2.2 Privilege Escalation (ASPB21-36) CVE-2021-28579 10 Jun 2021 4.3 (v3) Medium Pass Oracle Database Unsupported Version Detection 09 Aug 2011 10 (v2) Critical Pass DTLS Service Detection 14 Sep 2020 None Pass Adobe Experience Manager 6.3 < 6.4.8.4 / 6.5 < 6.5.8.0 Multiple Vulnerabilities (APSB21-15) CVE-2021-21083 CVE-2021-21084 12 May 2021 6.1 (v3) Medium Pass Citrix SD-WAN Center 10.2.x < 10.2.8 / 11.1.x < 11.1.2b / 11.2.x < 11.2.2 Multiple Vulnerabilities (CTX285061) CVE-2020-8271 CVE-2020-8272 CVE-2020-8273 13 Nov 2020 9.8 (v3) Critical Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M6 vulnerability CVE-2020-11996 21 Jun 2021 7.5 (v3) High Pass VMware vCenter Server 6.5 / 6.7 Session Hijack (VMSA-2020-0023) CVE-2020-3994 24 Jun 2021 7.4 (v3) High Pass ArubaOS-Switch Multiple Vulnerabilities (ARUBA-PSA-2020-007) CVE-2019-5320 CVE-2019-5321 24 Jun 2021 8.8 (v3) High Pass Apache on Windows mod_alias URL Validation Canonicalization CGI Source Information Disclosure CVE-2006-4110 18 Nov 2011 5.6 (v3) Medium Pass Cisco IOS XE Software Web UI Privilege Escalation Vulnerability CVE-2017-12230 02 Oct 2017 8.8 (v3) High Pass Cisco IOS XE Software HTTP DoS Vulnerability (cisco-sa-20180926-webdos) CVE-2018-0470 05 Oct 2018 8.6 (v3) High Pass Cisco Application Services Engine Unauthorized Access Vulnerabilities (cisco-sa-case-mvuln-dYrDPC6w) CVE-2021-1393 CVE-2021-1396 28 Jun 2021 9.8 (v3) Critical Pass VMware Carbon Black App Control Web Console Detection 29 Jun 2021 None Pass Easy WP SMTP Plugin for WordPress < 1.4.4 Sensitive Information Disclosure 30 Jun 2021 7.4 (v3) High Pass IBM Spectrum Protect Plus OpenSSH Remote Command Injection CVE-2020-15778 30 Jun 2021 7.8 (v3) High Pass Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability CVE-2018-0151 29 Mar 2018 9.8 (v3) Critical Pass Cisco IOS XE Software Linux Kernel IP Fragment DoS (cisco-sa-20180824-linux-ip-fragment) CVE-2018-5391 29 Mar 2019 7.5 (v3) High Pass Cisco IOS XE Software Link Layer Discovery Protocol Bu ff er Over fl ow Vulnerabilities (cisco-sa-20180328-lldp) CVE-2018-0167 CVE-2018-0175 06 Apr 2018 8.8 (v3) High Pass Cisco IOS XE Software IP Fragment Reassembly DoS (cisco-sa-20160928-frag) CVE-2016-6386 14 Nov 2019 7.5 (v3) High Pass Tenable Nessus 8.x.x < 8.14.0 Privilege Escalation (TNS-2021-07) CVE-2021-20079 05 May 2021 6.7 (v3) Medium Pass ArubaOS-Switch Memory Corruption Vulnerability (ARUBA-PSA-2021-003) CVE-2020-27337 14 Jun 2021 7.3 (v3) High Pass ArubaOS-CX < 10.3.0001 (ARUBA-PSA-2020-010) CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 31 May 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11119) CVE-2021-0224 15 Apr 2021 6.5 (v3) Medium Pass Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass (cisco-sa-mso-authbyp-bb5GmBQv) CVE-2021-1388 28 Jun 2021 10 (v3) Critical Pass Cisco IOS XE Software SD WAN Arbitrary Command Execution (cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3) CVE-2021-1432 06 Jul 2021 7.3 (v3) High Pass GitLab < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.9.2 Multiple Vulnerabilities CVE-2022-1099 CVE-2022-1120 CVE-2022-1121 CVE-2022-1157 18 Apr 2022 6.5 (v3) Medium Pass GitLab 12.2.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Information Disclosure CVE-2022-1189 18 Apr 2022 4.3 (v3) Medium Pass GitLab 13.7.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 DoS CVE-2022-1174 18 Apr 2022 7.5 (v3) High Pass Netscape NSS Library SSLv2 Challenge Over fl ow CVE-2004-0826 24 Aug 2004 7.5 (v2) High Pass Cisco Integrated Management Controller Username Enumeration (cisco-sa-cimc-enum-CyheP3B7) CVE-2020-26062 09 Jul 2021 5.3 (v3) Medium Pass GitLab 13.1.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 DoS CVE-2022-1100 18 Apr 2022 4.3 (v3) Medium Pass GitLab 12.1.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 SSRF CVE-2022-1188 18 Apr 2022 5.3 (v3) Medium Pass GitLab 7.8.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Improper Authorization CVE-2022-0740 18 Apr 2022 4.3 (v3) Medium Pass GitLab 10.7.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Improper Access Control CVE-2022-1193 18 Apr 2022 4.3 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11194) (deprecated) 14 Jul 2021 7.5 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port DoS (cisco-sa-apic-lldap-dos-WerV9CFj) CVE-2021-1231 07 Jul 2021 4.7 (v3) Medium Pass Apache Shiro HTTP Detection 18 Apr 2022 None Pass Cisco Small Business Routers RV016, RV042, RV042G, and RV082 Arbitrary Command Execution (cisco-sa-20191106-sbrv-cmd-x) CVE-2019-15271 08 Jul 2021 8.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11208) 14 Jul 2021 7.5 (v3) High Pass Siemens SCALANCE X-200 Authentication Bypass CVE-2013-5944 21 Oct 2013 10 (v2) Critical Pass Apache APISIX 1.2 <= 1.5 Information Disclosure CVE-2020-13945 20 Apr 2022 6.5 (v3) Medium Pass ForgeRock Access Management Detection 02 Jul 2021 None Pass GitLab 12.10.0 < 14.2.6 / 13.0.0 < 14.3.4 / 13.1.0 < 14.4.1 Improper Access Control CVE-2021-39904 20 Apr 2022 4.3 (v3) Medium Pass GitLab 13.7.0 < 14.2.6 / 13.8.0 < 14.3.4 / 13.9.0 < 14.4.1 Information Disclosure CVE-2021-39911 20 Apr 2022 4.3 (v3) Medium Pass GitLab 11.9.x < 13.8.8 / 13.9.0 < 13.9.6 / 13.10.0 < 13.10.3 Remote Code Execution CVE-2021-22205 20 Apr 2022 10 (v3) Critical 38

Pass Linux/Cdorked.A Backdoor 13 May 2013 10 (v2) Critical Pass GitLab 0.8.0 < 14.4.1 Code Injection CVE-2021-39908 20 Apr 2022 7.5 (v3) High Pass GitLab 13.7.0 < 14.2.6 / 14.3.0 < 14.3.4 / 14.4.0 < 14.4.1 Denial of Service CVE-2021-39912 20 Apr 2022 5.3 (v3) Medium Pass GitLab 13.7.0 < 14.2.6 / 14.3.0 < 14.3.4 / 14.4.0 < 14.4.1 Denial Of Service CVE-2021-39907 20 Apr 2022 5.3 (v3) Medium Pass Cisco Web Security Appliance Privilege Escalation (cisco-sa-scr-web-priv-esc-k3HCGJZ) CVE-2021-1359 15 Jul 2021 8.8 (v3) High Pass StruxureWare SCADA Expert ClearSCADA Remote Security Bypass CVE-2014-5412 05 Jan 2015 5 (v2) Medium Pass HPE Edgeline Infrastructure Manager Detection 24 Feb 2021 None Pass SolarWinds Orion Web Performance Monitor (WPM) Remote Detection 01 Mar 2021 None Pass Apache Tomcat 9.0.0.M1 < 9.0.43 Multiple Vulnerabilities CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 05 Mar 2021 7.5 (v3) High Pass Symantec Veritas Enterprise Administrator Service (vxsvc) Multiple Integer Over fl ows CVE-2011-0547 20 Sep 2011 10 (v2) Critical Pass PRTG Network Monitor < 20.1.57.1745 Information Disclosure (direct check) CVE-2020-11547 04 Mar 2021 5.3 (v3) Medium Pass Atlassian Bitbucket Detection 28 Jun 2018 None Pass Oracle WebLogic IIOP JNDI Lookup RCE Direct Check CVE-2020-2551 15 Jul 2020 9.8 (v3) Critical Pass JBoss Remoting Detection 31 Jan 2019 None Pass Samhain SRP Protocol Implementation Authentication Bypass CVE-2009-4810 17 Mar 2009 5.8 (v2) Medium Pass DNP3 Link Layer Brute Force Addressing Disclosure 11 Dec 2006 5 (v2) Medium Pass DrayTek Vigor Detection 22 Oct 2020 None Pass OS Security Patch Assessment Failed 23 Jun 2006 None Pass Cisco IOS SYNful Knock Implant 25 Sep 2015 10 (v2) Critical Pass Janitza Multiple UMG Devices Remote Debug Interface RCE CVE-2015-3971 13 Jan 2016 7.3 (v3) High Pass Skype Stack Version Detection 11 Apr 2006 None Pass GitLab 12.0 < 14.3.6 / 14.4.0 < 14.4.4 / 14.5.0 < 14.5.2 DoS CVE-2021-39942 20 Apr 2022 6.5 (v3) Medium Pass GitLab 8.4 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.3 Incorrect Port Validation CVE-2021-39927 20 Apr 2022 4.3 (v3) Medium Pass GitLab 12.10 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 DoS CVE-2022-0151 20 Apr 2022 4.9 (v3) Medium Pass ProRat Detection 04 May 2016 10 (v2) Critical Pass GitLab 13.10 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 Unauthorized Access CVE-2022-0152 20 Apr 2022 6.5 (v3) Medium Pass GitLab 13.2 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 IP Restriction Bypass CVE-2022-0172 20 Apr 2022 6.5 (v3) Medium Pass WordPress Plugin LearnDash Detection 04 May 2020 None Pass GitLab < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.1 Expired Credentials CVE-2022-0093 20 Apr 2022 4.3 (v3) Medium Pass Cisco UCS Director Detection 31 Oct 2014 None Pass Cisco ADE-OS Prime Collaboration Provisioning Detection 29 Sep 2015 None Pass GitLab < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.1 Bad Input Validation CVE-2022-0124 20 Apr 2022 4.3 (v3) Medium Pass GitLab 7.7.x < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 CSRF CVE-2022-0154 20 Apr 2022 8 (v3) High Pass Cogent DataHub < 6.4.3 OPC Client Reconnection Saturation Remote DoS 15 Jun 2016 5 (v2) Medium Pass HP LoadRunner 11.52 Bu ff er Over fl ow RCE (uncredentialed check) CVE-2015-2110 04 Jun 2015 10 (v2) Critical Pass CoDeSys Authentication Bypass Directory Traversal CVE-2012-6068 CVE-2012-6069 02 Nov 2012 10 (v2) Critical Pass Siemens SIMATIC S7-1200 PLC < 4.1.3 XSRF CVE-2015-5698 08 Sep 2015 7.5 (v2) High Pass Solaris XDR RPC Request Handling RCE (April 2017 CPU) (EBBISLAND / EBBSHAVE) CVE-2017-3623 28 Sep 2017 10 (v3) Critical Pass Citrix SD-WAN Detection 25 Jan 2019 None Pass StruxureWare SCADA Expert ClearSCADA Weak Hashing Algorithm CVE-2014-5413 28 Jan 2015 5 (v2) Medium Pass Schneider Electric Accutech Manager 'RFManagerService' SQL Injection 15 Nov 2013 10 (v2) Critical Pass IGSS Data Server Directory Traversal Arbitrary File Access CVE-2011-1565 24 Mar 2011 5 (v2) Medium Pass Schneider Electric InduSoft Web Studio / InTouch Machine Edition < 8.1 RCE CVE-2017-14024 22 Jan 2018 9.8 (v3) Critical Pass AVEVA InduSoft Web Studio / InTouch Edge HMI Command 66 RCE CVE-2019-6543 CVE-2019-6545 14 Feb 2019 9.8 (v3) Critical Pass Cisco IOS XE Software NETCONF Over SSH DoS (cisco-sa-ncossh-dos-ZAkfOdq8) CVE-2022-20692 21 Apr 2022 6.5 (v3) Medium Pass Juniper Junos OS DoS (JSA69493) CVE-2022-22185 22 Apr 2022 7.5 (v3) High Pass Oracle E-Business Suite (Apr 2022 CPU) CVE-2022-21468 CVE-2022-21477 22 Apr 2022 6.1 (v3) Medium Pass Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities (cisco-sa-cdb-cmicr-vulns-KJjFtNb) CVE-2022-20661 CVE-2022-20731 22 Apr 2022 6.8 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA69519) CVE-2022-22182 22 Apr 2022 6.1 (v3) Medium Pass Apache APISIX < 2.10.4 / 2.11.x < 2.12.1 RCE CVE-2022-24112 26 Apr 2022 9.8 (v3) Critical Pass WSO2 Multiple Products File Upload Remote Command Execution (CVE-2022-29464) CVE-2022-29464 26 Apr 2022 9.8 (v3) Critical Pass Advantech WebAccess Webeye ActiveX Control Stack Based Bu ff er Over fl ow Vulnerability CVE-2014-8388 12 Mar 2015 7.2 (v2) High Pass Cisco Uni fi ed Communications Products XSS (cisco-sa-cucm-xss-6MCe4kPF) CVE-2022-20788 27 Apr 2022 6.1 (v3) Medium Pass Apache APISIX Dashboard < 2.10.1 Authentication Bypass CVE-2021-45232 28 Apr 2022 9.8 (v3) Critical Pass Cisco Uni fi ed Communications Products Arbitrary File Write (cisco-sa-cucm-arb-write-74QzruUU) CVE-2022-20789 29 Apr 2022 6.5 (v3) Medium Pass Cisco Uni fi ed Communications Products Arbitrary File Read (cisco-sa-ucm- fi le-read-h8h4HEJ3) CVE-2022-20790 29 Apr 2022 6.5 (v3) Medium Pass Cisco Adaptive Security Appliance Software Software WebVPN Portal Access Rule Bypass (cisco-sa-asaftd-rule-bypass-P73ABNWQ) CVE-2020-3578 02 May 2022 6.5 (v3) Medium Pass Cisco Firepower Threat Defense Software WebVPN Portal Access Rule Bypass Vulnerability Vulnerability (cisco-sa-asaftd-rule-bypass-P73ABNWQ) CVE-2020-3578 02 May 2022 6.5 (v3) Medium Pass McAfee Web Gateway Detection 21 Mar 2014 None Pass Juniper Junos OS Vulnerability (JSA11190) 14 Jul 2021 7.5 (v3) High Pass OpenSSL 3.0.0 < 3.0.3 Multiple Vulnerabilities CVE-2022-1292 CVE-2022-1343 CVE-2022-1434 CVE-2022-1473 03 May 2022 9.8 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11182) 14 Jul 2021 8.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11192) 14 Jul 2021 6.2 (v3) Medium Pass Juniper Junos OS Multiple Vulnerabilities (JSA11200) CVE-2021-0283 CVE-2021-0284 14 Jul 2021 7.5 (v3) High Pass Visualware MyConnection Server Remote Agent Default Password 02 Apr 2015 7.5 (v2) High Pass Dell OpenManage Server Administrator Authentication Bypass (DSA-2021-040) CVE-2021-21513 20 Apr 2021 9.8 (v3) Critical Pass SCADA Engine BACnet OPC Server < 2.1.371.24 Multiple Vulnerabilities CVE-2015-0979 CVE-2015-0980 CVE-2015-0981 09 Apr 2015 9 (v2) High Pass QNAP Photo Station WebUI Detection 03 Oct 2018 None Pass Open Access Management Detection 29 Jul 2021 None Pass Grandstream Networks UCM6200 Series SQLi (Phone Web UI) CVE-2020-5722 05 May 2022 9.8 (v3) Critical Pass Grandstream Networks UCM6200 Series SQLi (SIP) CVE-2020-5722 05 May 2022 9.8 (v3) Critical Pass Java JMX Agent Insecure Con fi guration 10 Oct 2018 7.3 (v3) High Pass ManageEngine SharePoint Manager Plus < 4329 Multiple Vulnerabilities CVE-2022-24305 CVE-2022-24306 05 May 2022 9.8 (v3) Critical Pass Serv-U FTP Server <= 15.2.3 Hot fi x 1 Memory Escape Vulnerability CVE-2021-35211 15 Jul 2021 10 (v3) Critical Pass Atlassian Jira < 7.2.15 OAuth Plugin IconUriServlet Internal Network Resource Disclosure CSRF CVE-2017-9506 28 Jun 2018 6.1 (v3) Medium Pass Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.23 Content-Length HTTP Request Smuggling CVE-2005-2090 18 Nov 2011 5.3 (v3) Medium Pass Atlassian Crowd < 2.11.2 OAuth Plugin IconUriServlet Internal Network Resource Disclosure CSRF CVE-2017-9506 28 Jun 2018 6.1 (v3) Medium Pass Apache Tomcat RequestDispatcher Directory Traversal Arbitrary File Access CVE-2008-5515 18 Jun 2009 5.3 (v3) Medium Pass Atlassian Bitbucket < 4.14.4 OAuth Plugin IconUriServlet Internal Network Resource Disclosure CSRF CVE-2017-9506 28 Jun 2018 6.1 (v3) Medium Pass Kubernetes unprivileged API access 28 Jun 2018 8.8 (v3) High Pass Apache Tomcat 5.x < 5.5.21 Multiple Vulnerabilities CVE-2007-1358 CVE-2008-0128 CVE-2008-4308 11 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat 6.x < 6.0.9 Information Disclosure CVE-2008-0128 11 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat 4.x < 4.1.37 Multiple Vulnerabilities CVE-2005-3164 CVE-2007-1355 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3383 CVE-2007-3385 CVE-2007-5333 CVE-2007-5461 16 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat < 6.0.18 Multiple Vulnerabilities CVE-2008-1232 CVE-2008-1947 CVE-2008-2370 01 Jul 2010 5.3 (v3) Medium Pass Cisco IOS Version 27 Jul 2010 None Pass Apache Tomcat 6.0.x < 6.0.30 Multiple Vulnerabilities CVE-2010-3718 CVE-2010-4172 CVE-2010-4312 CVE-2011-0013 14 Feb 2011 6.5 (v3) Medium Pass Apache Tomcat 7.x < 7.0.6 Manager Interface XSS CVE-2011-0013 14 Feb 2011 5.3 (v3) Medium Pass Apache Tomcat 7.0.12 / 7.0.13 Security Constraint Bypass CVE-2011-1582 18 May 2011 5.6 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (July 2011 CPU) CVE-2011-0811 CVE-2011-0816 CVE-2011-0822 CVE-2011-0830 CVE-2011-0831 CVE-2011-0832 CVE-2011-0835 CVE-2011-0838 CVE-2011-0848 CVE-2011-0852 CVE-2011-0870 CVE-2011-0875 CVE-2011-0876 CVE-2011-0877 CVE-2011-0879 CVE-2011-0 20 Jul 2011 7.1 (v2) High Pass Oracle Database Multiple Vulnerabilities (October 2005 CPU) CVE-2005-3202 CVE-2005-3203 CVE-2005-3204 CVE-2005-3205 CVE-2005-3206 CVE-2005-3207 16 Nov 2011 6.8 (v2) Medium Pass Oracle Database Multiple Vulnerabilities (July 2006 CPU) CVE-2006-3698 CVE-2006-3699 CVE-2006-3700 CVE-2006-3701 CVE-2006-3702 CVE-2006-3703 CVE-2006-3704 CVE-2006-3705 16 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (October 2006 CPU) CVE-2006-5332 CVE-2006-5333 CVE-2006-5334 CVE-2006-5335 CVE-2006-5336 CVE-2006-5337 CVE-2006-5338 CVE-2006-5339 CVE-2006-5340 CVE-2006-5341 CVE-2006-5342 CVE-2006-5343 CVE-2006-5344 CVE-2006-5345 16 Nov 2011 8.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2007 CPU) CVE-2007-0268 CVE-2007-0269 CVE-2007-0270 CVE-2007-0271 CVE-2007-0272 CVE-2007-0273 CVE-2007-0274 CVE-2007-0275 CVE-2007-0276 CVE-2007-0277 CVE-2007-0278 16 Nov 2011 8.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (July 2007 CPU) CVE-2007-3853 CVE-2007-3854 CVE-2007-3855 CVE-2007-3856 CVE-2007-3857 CVE-2007-3858 CVE-2007-3859 16 Nov 2011 9 (v2) High Pass Oracle Database Multiple Vulnerabilities (July 2008 CPU) CVE-2008-2587 CVE-2008-2590 CVE-2008-2591 CVE-2008-2592 CVE-2008-2600 CVE-2008-2602 CVE-2008-2603 CVE-2008-2604 CVE-2008-2605 CVE-2008-2607 CVE-2008-2608 CVE-2008-2611 CVE-2008-2613 16 Nov 2011 6.5 (v2) Medium Pass Oracle Database Multiple Vulnerabilities (October 2008 CPU) CVE-2008-2624 CVE-2008-2625 CVE-2008-3976 CVE-2008-3980 CVE-2008-3982 CVE-2008-3983 CVE-2008-3984 CVE-2008-3989 CVE-2008-3990 CVE-2008-3991 CVE-2008-3992 CVE-2008-3994 CVE-2008-3995 CVE-2008-3996 CVE-2008-4005 16 Nov 2011 6.5 (v2) Medium Pass Oracle Database Multiple Vulnerabilities (January 2009 CPU) CVE-2008-3973 CVE-2008-3974 CVE-2008-3978 CVE-2008-3979 CVE-2008-3997 CVE-2008-3999 CVE-2008-4015 CVE-2008-5436 CVE-2008-5437 CVE-2008-5439 16 Nov 2011 6.5 (v2) Medium Pass Oracle Database Multiple Vulnerabilities (April 2009 CPU) CVE-2009-0972 CVE-2009-0973 CVE-2009-0975 CVE-2009-0976 CVE-2009-0977 CVE-2009-0978 CVE-2009-0979 CVE-2009-0980 CVE-2009-0981 CVE-2009-0984 CVE-2009-0985 CVE-2009-0986 CVE-2009-0988 CVE-2009-0991 CVE-2009-0992 CVE-2009-0 16 Nov 2011 8.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (July 2009 CPU) CVE-2009-0987 CVE-2009-1015 CVE-2009-1019 CVE-2009-1020 CVE-2009-1021 CVE-2009-1963 CVE-2009-1966 CVE-2009-1967 CVE-2009-1968 CVE-2009-1969 CVE-2009-1970 CVE-2009-1973 16 Nov 2011 9 (v2) High Pass Apache Tomcat 7.x < 7.0.22 Multiple Vulnerabilities CVE-2011-3375 CVE-2011-3376 12 Dec 2011 5.3 (v3) Medium Pass Apache Tomcat 7.x < 7.0.23 Hash Collision DoS CVE-2011-4858 CVE-2012-0022 13 Jan 2012 5.3 (v3) Medium Pass Apache Tomcat 9.0.0 < 9.0.10 Multiple Vulnerabilites CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 24 Jul 2018 9.8 (v3) Critical Pass Apache Tomcat 8.5.0 < 8.5.32 Multiple Vulnerabilities CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 13 Jul 2018 9.8 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (April 2012 CPU) CVE-2012-0510 CVE-2012-0511 CVE-2012-0512 CVE-2012-0519 CVE-2012-0520 CVE-2012-0525 CVE-2012-0526 CVE-2012-0527 CVE-2012-0528 CVE-2012-0534 CVE-2012-0552 CVE-2012-1708 19 Apr 2012 9 (v2) High Pass Apache Tomcat 8.0.0 < 8.0.53 Security Constraint Weakness CVE-2018-8014 CVE-2018-8034 13 Jul 2018 9.8 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (July 2012 CPU) CVE-2012-1737 CVE-2012-1745 CVE-2012-1746 CVE-2012-1747 CVE-2012-3132 CVE-2012-3134 19 Jul 2012 6.8 (v2) Medium Pass Apache Tomcat 7.0.41 < 7.0.90 Multiple Vulnerabilities CVE-2018-8014 CVE-2018-8034 24 Jul 2018 9.8 (v3) Critical Pass Apache Tomcat 7.0.x < 7.0.28 Multiple DoS CVE-2012-2733 CVE-2012-4534 21 Nov 2012 5.3 (v3) Medium Pass Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities CVE-2012-2733 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2012 5.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (April 2013 CPU) CVE-2013-1534 CVE-2013-1538 CVE-2013-1554 17 Apr 2013 10 (v2) Critical Pass Default Password 'admin123' for 'admin' Account 17 Jul 2018 9.8 (v3) Critical Pass SNMP Version 3 Authentication Vulnerabilities (cisco-sa-20080610-snmpv3) CVE-2008-0960 14 Dec 2013 10 (v2) Critical 39

Pass Cisco IOS XR Software Multiprotocol Label Switching Packet Vulnerability (cisco-sa-20100324-ldp) CVE-2010-0576 14 Dec 2013 7.8 (v2) High Pass Cisco IOS XR Software Route Processor Denial of Service Vulnerability (cisco-sa-20120530-iosxr) CVE-2012-2488 14 Dec 2013 7.8 (v2) High Pass Cisco IOS XR Software Malformed Border Gateway Protocol Attribute Vulnerability (cisco-sa-20120926-bgp) CVE-2012-4617 14 Dec 2013 7.1 (v2) High Pass Cisco IOS XR Software Route Processor Denial of Service Vulnerability (cisco-sa-20131023-iosxr) CVE-2013-5549 14 Dec 2013 7.1 (v2) High Pass Apache Tomcat 6.0.x < 6.0.39 Multiple Vulnerabilities CVE-2013-1571 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 25 Feb 2014 4.8 (v3) Medium Pass Apache Tomcat 8.0.x < 8.0.3 Content-Type DoS CVE-2014-0050 25 Feb 2014 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.54 XML Parser Information Disclosure CVE-2014-0119 30 May 2014 6.5 (v3) Medium Pass Apache Tomcat 8.0.x < 8.0.6 XML Parser Information Disclosure CVE-2014-0119 30 May 2014 6.5 (v3) Medium Pass Cisco IOS XR Typhoon-based Line Cards and Network Processor (NP) Chip DoS CVE-2014-3322 29 Jul 2014 6.1 (v2) Medium Pass Cisco IOS XR GNU C Library (glibc) Bu ff er Over fl ow (GHOST) CVE-2015-0235 02 Mar 2015 10 (v2) Critical Pass Apache Tomcat 6.0.x < 6.0.44 Multiple Vulnerabilities (FREAK) CVE-2014-0230 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-7810 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0 15 May 2015 7.5 (v3) High Pass Cisco IOS XR Typhoon-based Line Cards and Network Processor (NP) Chip DoS CVE-2015-0695 24 Apr 2015 7.8 (v2) High Pass Tenable SecurityCenter Multiple Apache Vulnerabilities (TNS-2015-11) CVE-2015-3183 CVE-2015-3185 25 Aug 2015 5.8 (v3) Medium Pass Cisco IOS Software IKEv1 State Machine DoS (CSCuw08236) CVE-2015-6429 08 Jan 2016 5.3 (v3) Medium Pass Cisco IOS DHCPv6 Relay Message Handling DoS (cisco-sa-20160323-dhcpv6) CVE-2016-1348 06 Apr 2016 7.5 (v3) High Pass PHP 7.3.0 [alpha|beta] < 7.3.0 Multiple vulnerabilities CVE-2018-19518 CVE-2018-19935 CVE-2018-20783 20 Jul 2018 7.5 (v3) High Pass Cisco IOS Malformed LISP Packet DoS (CSCuu64279) CVE-2016-1351 01 Apr 2016 7.5 (v3) High Pass PHP 7.0.x < 7.0.31 Use After Free Arbitrary Code Execution in EXIF CVE-2018-12882 CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 20 Jul 2018 9.8 (v3) Critical Pass Cisco IOS SIP Memory Leak DoS (CSCuj23293) CVE-2016-1350 01 Apr 2016 7.5 (v3) High Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (July 2018 CPU) CVE-2018-2960 CVE-2018-2961 CVE-2018-2962 CVE-2018-2963 20 Jul 2018 6.1 (v3) Medium Pass PHP 7.1.x < 7.1.20 exif_thumbnail_extract() DoS CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 24 Jul 2018 7.5 (v3) High Pass PHP 5.6.x < 5.6.37 exif_thumbnail_extract() DoS CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 24 Jul 2018 7.5 (v3) High Pass AVEVA InduSoft Web Studio / InTouch Machine Edition Command 81 mbstowcs() Stack Over fl ow CVE-2018-10620 31 Jul 2018 9.8 (v3) Critical Pass Tenable SecurityCenter < 5.3.2 Multiple Vulnerabilities (TNS-2016-09) CVE-2016-3074 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 24 Jun 2016 9.8 (v3) Critical Pass Atlassian JIRA 7.6.7 / 7.7.x < 7.7.5 / 7.8.x < 7.8.5 / 7.9.x < 7.9.3 / 7.10.x < 7.10.2 XSS CVE-2018-13387 CVE-2018-13395 03 Aug 2018 6.1 (v3) Medium Pass Tenable SecurityCenter < 5.4.0 Multiple Vulnerabilities (TNS-2016-12) CVE-2016-0739 CVE-2016-0787 CVE-2016-4802 26 Jul 2016 7.8 (v3) High Pass Cisco IOS XE Software Border Gateway Protocol Message Processing DoS (cisco-sa-20160715-bgp) CVE-2016-1459 26 Aug 2016 5.3 (v3) Medium Pass Dell iDRAC Products Multiple Vulnerabilities (June 2018) CVE-2018-1212 CVE-2018-1243 CVE-2018-1244 CVE-2018-1249 09 Aug 2018 8.8 (v3) High Pass Cisco IOS XR Software Command-Line Interface Privilege Escalation (cisco-sa-20161005-iosxr) CVE-2016-6428 28 Oct 2016 7.8 (v3) High Pass Mail Transfer Agent and Mail Delivery Agent Remote Command Execution via Shellshock CVE-2014-6271 CVE-2014-7169 28 Oct 2014 10 (v2) Critical Pass Jenkins < 2.121.2 / 2.133 Multiple Vulnerabilities CVE-2018-1999001 CVE-2018-1999002 CVE-2018-1999003 CVE-2018-1999004 CVE-2018-1999005 CVE-2018-1999006 CVE-2018-1999007 09 Aug 2018 7.5 (v3) High Pass Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Multiple Vulnerabilities (cisco-sa-rv340-cmdinj-rcedos-pY8J3qfy) CVE-2021-1609 CVE-2021-1610 04 Aug 2021 9.8 (v3) Critical Pass Cisco Small Business RV160 and RV260 Series VPN Routers RCE (cisco-sa-rv-code-execution-9UVJr7k4) CVE-2021-1602 04 Aug 2021 9.8 (v3) Critical Pass MySQL 5.6.x < 5.6.41 Multiple Vulnerabilities (July 2018 CPU) 20 Jul 2018 7.1 (v3) High Pass MySQL 5.5.x < 5.5.61 Multiple Vulnerabilities (July 2018 CPU) CVE-2018-2767 CVE-2018-3058 CVE-2018-3063 CVE-2018-3066 CVE-2018-3070 CVE-2018-3081 20 Jul 2018 5 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Admin Console Directory Traversal Vulnerability (CVE-2018-1770) CVE-2018-1770 14 Dec 2018 6.5 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.0.x < 9.0.0.9 Installation Veri fi cation Tool Cross-site Scripting (XSS) Vulnerability (CVE-2018-1643) CVE-2018-1643 14 Dec 2018 6.1 (v3) Medium Pass nginx < 0.7.64 / 0.8.x < 0.8.23 Multiple Vulnerabilities CVE-2009-3555 CVE-2009-4487 09 Mar 2018 6.5 (v3) Medium Pass nginx < 0.7.63 / 0.8.x < 0.8.17 Directory Traversal CVE-2009-3898 09 Mar 2018 5.4 (v3) Medium Pass Oracle WebLogic Server Deserialization RCE (CVE-2018-2893) CVE-2018-2893 13 Aug 2018 9.8 (v3) Critical Pass MikroTik RouterOS < 6.40.9 / 6.42.7 / 6.43 multiple vulnerabilities. CVE-2018-1156 CVE-2018-1157 CVE-2018-1158 CVE-2018-1159 24 Aug 2018 8.8 (v3) High Pass CODESYS V3 Runtime Service Detection 26 Feb 2019 None Pass Cisco Small Business RV Series Arbitrary Code Execution (cisco-sa-code-exec-wH3BNFb) CVE-2020-3331 28 Jul 2020 9.8 (v3) Critical Pass Symantec Encryption Management Server < 3.4.2 MP1 Denial of Service Vulnerability (SYMSA1458) CVE-2018-5243 28 Aug 2018 7.5 (v3) High Pass Apache ActiveMQ 5.x < 5.15.5 Multiple Vulnerabilities CVE-2012-0881 CVE-2014-0114 CVE-2015-5182 CVE-2016-3092 CVE-2016-5425 CVE-2016-6325 CVE-2016-8735 CVE-2018-7489 CVE-2018-8006 30 Aug 2018 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway < 8.11 DoS CVE-2018-0409 31 Aug 2018 7.5 (v3) High Pass Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway DoS (cisco-sa-alg-dos-hbBS7SZE) CVE-2021-1446 02 Aug 2021 7.5 (v3) High Pass Jenkins < 2.121.3 / 2.138 Multiple Vulnerabilities CVE-2018-1999042 CVE-2018-1999043 CVE-2018-1999044 CVE-2018-1999045 CVE-2018-1999046 CVE-2018-1999047 06 Sep 2018 5.4 (v3) Medium Pass Atlassian JIRA Pro fi leLinkUserFormat Information Disclosure Vulnerability CVE-2018-13391 07 Sep 2018 5.3 (v3) Medium Pass PHP 7.0.x < 7.0.32 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.x <= 7.0.0.45 / 8.x <= 8.0.0.15 / 8.5.x < 8.5.5.21 / 9.x < 9.0.5.11 DoS CVE-2021-38951 13 Jan 2022 7.5 (v3) High Pass VMware Harbor Information Disclosure (CVE-2019-19030) CVE-2019-19030 10 Aug 2021 5.3 (v3) Medium Pass Cisco Firepower Device Manager On-Box Software RCE (cisco-sa-fdm-rce-Rx6vVurq) CVE-2021-1518 12 Aug 2021 8.8 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.5 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 3.7 (v3) Low Pass Microsoft Azure CycleCloud Privilege Escalation (CVE-2021-36943) CVE-2021-36943 13 Aug 2021 7.8 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.12 Open Redirect Weakness CVE-2018-11784 10 Oct 2018 4.3 (v3) Medium Pass Apache Tomcat 8.5.x < 8.5.34 Open Redirect Weakness CVE-2018-11784 10 Oct 2018 4.3 (v3) Medium Pass Citrix NetScaler Management and Analytics System Default Administrator Credentials 12 Oct 2018 7.3 (v3) High Pass Apple iTunes < 12.11.4 Multiple Vulnerabilities (uncredentialed check) CVE-2021-30779 CVE-2021-30785 23 Aug 2021 7.8 (v3) High Pass nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability CVE-2016-4450 16 Oct 2018 7.5 (v3) High Pass Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities CVE-2018-1000406 CVE-2018-1000407 CVE-2018-1000408 CVE-2018-1000409 CVE-2018-1000410 CVE-2018-1000997 CVE-2018-1999043 16 Oct 2018 6.5 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (October 2018 CPU) CVE-2018-3241 CVE-2018-3281 CVE-2018-11039 18 Oct 2018 6.1 (v3) Medium Pass Tenable Nessus < 8.0.0 Multiple Vulnerabilities (TNS-2018-14) CVE-2018-0732 CVE-2018-0737 26 Oct 2018 5.9 (v3) Medium Pass nginx 1.x < 1.14.1 / 1.15.x < 1.15.6 Multiple Vulnerabilities CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 14 Nov 2018 6.1 (v3) Medium Pass VMware Harbor User Enumeration (CVE-2020-13794) CVE-2020-13794 19 Aug 2021 4.3 (v3) Medium Pass Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20140305-wlc) CVE-2014-0701 CVE-2014-0703 CVE-2014-0704 CVE-2014-0705 CVE-2014-0706 CVE-2014-0707 14 Mar 2014 7.8 (v2) High Pass IBM Spectrum Protect Plus vsnap Static Credential Vulnerability CVE-2020-4854 18 Feb 2021 9.8 (v3) Critical Pass ManageEngine ADSelfService Plus < Build 6102 RCE CVE-2021-28958 19 Aug 2021 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.19 / 9.0.x < 9.0.14 / 9.1.x < 9.1.10 Vulnerability CVE-2021-3045 12 Aug 2021 4.9 (v3) Medium Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0605P06 Multiple Vulnerabilities CVE-2018-7114 CVE-2018-7115 CVE-2018-7116 10 Dec 2018 9.8 (v3) Critical Pass Cisco Evolved Programmable Network Manager Information Disclosure (cisco-sa-epnm-info-disc-PjTZ5r6C) CVE-2021-34707 13 Aug 2021 6.5 (v3) Medium Pass OpenSSL 1.1.1 < 1.1.1l Vulnerability CVE-2021-3711 CVE-2021-3712 24 Aug 2021 9.8 (v3) Critical Pass Atlassian JIRA < 8.5.14 / 8.6.x < 8.13.6 / 8.14.x < 8.16.1 XSS (JRASERVER-72392) CVE-2021-26078 26 Aug 2021 6.1 (v3) Medium Pass OpenSSL 1.1.1 < 1.1.1k Multiple Vulnerabilities CVE-2021-3449 CVE-2021-3450 25 Mar 2021 7.4 (v3) High Pass Cisco IOS Software Plug-and-Play PKI API Certi fi cate Validation Vulnerability CVE-2017-12228 06 Oct 2017 5.9 (v3) Medium Pass Juniper Junos OS Improper Certi fi cate Validation (JSA11264) CVE-2022-22156 18 Mar 2022 7.4 (v3) High Pass Cisco Energy Management Suite Default PostgreSQL Password Vulnerability CVE-2018-0468 20 Aug 2021 7.8 (v3) High Pass Tenable SecurityCenter PHP < 5.6.27 Multiple Vulnerabilities CVE-2016-9137 26 Jun 2017 9.8 (v3) Critical Pass Dell iDRAC Products Multiple Vulnerabilities (December 2018) CVE-2018-15774 CVE-2018-15776 21 Dec 2018 8.8 (v3) High Pass Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2n Multiple Vulnerabilities CVE-2017-3737 CVE-2017-3738 CVE-2018-0733 CVE-2018-0739 02 Feb 2018 5.9 (v3) Medium Pass Cisco IOS XR Software Event Management Service gRPC Handling DoS (cisco-sa-20170503-ios-xr) CVE-2017-3876 04 May 2017 7.5 (v3) High Pass nginx < 1.13.3 Integer Over fl ow Vulnerability CVE-2017-7529 18 Dec 2017 7.5 (v3) High Pass Tenable SecurityCenter PHP < 5.6.26 Multiple Vulnerabilities CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 26 Jun 2017 9.8 (v3) Critical Pass Tenable SecurityCenter Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (TNS-2017-04) (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 26 Jun 2017 7.5 (v3) High Pass Tenable SecurityCenter OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 26 Jun 2017 9.8 (v3) Critical Pass Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities (TNS-2017-04) CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 26 Jun 2017 5.9 (v3) Medium Pass Tenable SecurityCenter PHP < 5.6.25 Multiple Vulnerabilities (TNS-2016-09) CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 26 Jun 2017 9.8 (v3) Critical Pass Cisco Integrated Management Controller User Session Hijacking Vulnerability CVE-2017-6617 10 Aug 2017 5.4 (v3) Medium Pass Cisco Integrated Management Controller Remote Code Execution Vulnerability CVE-2017-6616 10 Aug 2017 8.8 (v3) High Pass Cisco Integrated Management Controller Privilege Escalation Vulnerability CVE-2017-6619 10 Aug 2017 8.8 (v3) High Pass Cisco Integrated Management Controller Cross-Site Scripting Vulnerability CVE-2017-6618 10 Aug 2017 5.4 (v3) Medium Pass Apache Tomcat 8.0.0.RC1 < 8.0.45 Cache Poisoning CVE-2017-7674 18 Aug 2017 4.3 (v3) Medium Pass Apache Tomcat 9.0.0M1 < 9.0.0.M22 Multiple Vulnerabilities CVE-2017-7674 CVE-2017-7675 18 Aug 2017 7.5 (v3) High Pass Tenable SecurityCenter PHP < 5.6.31 Multiple Vulnerabilities (TNS-2017-12 CVE-2017-6004 CVE-2017-7890 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 CVE-2017-11142 CVE-2017-11143 CVE-2017-11144 CVE-2017-11145 CVE-2017-11628 CVE-2017-12933 12 Sep 2017 9.8 (v3) Critical Pass Cisco Uni fi ed Communications Manager SQL Injection Vulnerability CVE-2017-3886 27 Sep 2017 4.9 (v3) Medium Pass Cisco Uni fi ed Communications Manager Cross-Site Scripting Vulnerability CVE-2017-3888 27 Sep 2017 5.4 (v3) Medium Pass Cisco Uni fi ed Communications Manager Denial of Service Vulnerability CVE-2017-3808 27 Sep 2017 7.5 (v3) High Pass Apache Tomcat 7.0.x < 7.0.82 Multiple Vulnerabilities CVE-2017-12617 11 Oct 2017 8.1 (v3) High Pass Oracle Database Multiple Vulnerabilities (October 2017 CPU) CVE-2016-6814 CVE-2016-8735 CVE-2017-10190 CVE-2017-10261 CVE-2017-10292 CVE-2017-10321 19 Oct 2017 9.8 (v3) Critical Pass Tenable SecurityCenter 5.5.0 <= 5.5.2 SQLi (TNS-2017-13) CVE-2017-11508 02 Nov 2017 8.8 (v3) High Pass Junos OS 12.1X46 SRX 210, 240, 650 series fi rewalls (KRACK) CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 08 Jan 2018 6.8 (v3) Medium Pass MySQL 5.5.x < 5.5.59 Multiple Vulnerabilities (January 2018 CPU) CVE-2018-2562 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 17 Jan 2018 7.1 (v3) High Pass MySQL 5.7.x < 5.7.21 Multiple Vulnerabilities (January 2018 CPU) CVE-2017-3737 CVE-2018-2562 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2591 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2 17 Jan 2018 5.5 (v3) Medium Pass Apache Tomcat 8.0.45 < 8.0.48 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 3.7 (v3) Low Pass Apache Tomcat 7.0.0 < 7.0.85 Security Constraint Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 5.9 (v3) Medium Pass IBM WebSphere Application Server 9.0.0.0 < 9.0.0.8 Spoof Attack Vulnerability CVE-2017-1788 30 Mar 2018 5.3 (v3) Medium Pass Cisco IOS Software Smart Install Remote Code Execution Vulnerability CVE-2018-0171 29 Mar 2018 9.8 (v3) Critical Pass Cisco IOS XR Software Link Layer Discovery Protocol Bu ff er Over fl ow Vulnerabilities (cisco-sa-20180328-lldp) CVE-2018-0167 06 Apr 2018 8.8 (v3) High Pass Apache Struts XStream Handler REST Plugin XML Request Handling Remote DoS (S2-056) CVE-2018-1327 30 Mar 2018 7.5 (v3) High Pass Cisco IOS Software DNS Forwarder Denial of Service Vulnerability (cisco-sa-20160928-dns) CVE-2016-6380 10 Apr 2018 8.1 (v3) High Pass MySQL 5.5.x < 5.5.60 Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2755 CVE-2018-2758 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2805 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 19 Apr 2018 5.5 (v3) Medium Pass MySQL 5.6.x < 5.6.40 Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2755 CVE-2018-2758 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2805 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 19 Apr 2018 5.5 (v3) Medium 40

Pass MySQL 5.7.x < 5.7.22 Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762 CVE-2018-2766 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 CVE-2018-2780 CVE-2018-2 19 Apr 2018 5.5 (v3) Medium Pass Cisco IOS SNMP Community string write privileges. 18 Apr 2018 None Pass Cisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability (cisco-sa-20180418-iosxr) CVE-2018-0241 27 Apr 2018 7.4 (v3) High Pass Atlassian JIRA < 4.2.1 Multiple Vulnerabilities 24 Apr 2018 6.3 (v3) Medium Pass Pulse Connect Secure Multiple Vulnerabilities (SA43730) CVE-2007-5846 CVE-2016-2125 CVE-2016-2126 CVE-2016-10142 CVE-2018-9849 18 May 2018 6.5 (v3) Medium Pass Apache Struts 2.0.x < 2.0.9 RCE (S2-001) 10 Sep 2018 9.8 (v3) Critical Pass Oracle Database Server CVE-2018-3110 CVE-2018-3110 14 Aug 2018 9.9 (v3) Critical Pass D-Link DIR Router Authenication Bypass 11 Oct 2017 8.3 (v3) High Pass Cisco Prime Collaboration Provisioning Hard-Coded Password Vulnerability (cisco-sa-20180307-cpcp CVE-2018-0141 09 Mar 2018 8.4 (v3) High Pass Cisco Prime Collaboration Provisioning XSS (cisco-sa-prime-collab-xss-fQMDE5GO) CVE-2021-34732 03 Sep 2021 6.1 (v3) Medium Pass Cisco Prime Collaboration Provisioning Information Disclosure (cisco-sa-prim-collab-disclo-FAnX4DKB) CVE-2020-3193 19 Mar 2020 5.3 (v3) Medium Pass Cisco Uni fi ed Communications Products Vulnerabilities (cisco-sa-imp-trav-inj-dM687ZD6) CVE-2021-1282 05 Feb 2021 4.9 (v3) Medium Pass Apache Struts 2.x < 2.3.14.2 Multiple Vulnerabilities (S2-014) CVE-2013-1966 CVE-2013-2115 10 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.2.1 OGNL RCE (S2-005) CVE-2010-1870 10 Sep 2018 5.3 (v3) Medium Pass Apache Struts 2.x < 2.3.15.1 Multiple Vulnerabilities (S2-016) (S2-017) CVE-2013-2248 CVE-2013-2251 10 Sep 2018 9.8 (v3) Critical Pass Cisco IOS Software Cluster Management Protocol DoS Vulnerability (cisco-sa-20180926-cmp) CVE-2018-0475 05 Oct 2018 7.4 (v3) High Pass Apache Struts 2.x < 2.2.3 Multiple XSS (S2-006) CVE-2011-1772 10 Sep 2018 4.3 (v3) Medium Pass Apache Struts 2.0.x < 2.2.1 Security Bypass Vulnerability (S2-003) 10 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.15.3 Broken Access Control Vulnerability (S2-018) CVE-2013-4310 10 Sep 2018 6.5 (v3) Medium Pass Apache Struts 2.x < 2.3.16.2 Multiple Vulnerabilities (S2-020) CVE-2014-0050 CVE-2014-0094 10 Sep 2018 7.3 (v3) High Pass Apache Struts 2.x < 2.3.15.2 Dynamic Method Invocation Multiple Vulnerabilities (S2-019) CVE-2013-4316 11 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.1.2 RCE (S2-009) CVE-2011-3923 11 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.20 Multiple ClassLoader Manipulation Vulnerabilities (S2-021) CVE-2014-0112 CVE-2014-0113 12 Sep 2018 7.3 (v3) High Pass Cisco IOS Software IPv6 Hop-by-Hop DoS Vulnerability (cisco-sa-20180926-ipv6hbh) CVE-2018-0467 05 Oct 2018 8.6 (v3) High Pass Cisco IOS Software OSPFv3 DoS Vulnerability (cisco-sa-20180926-ospfv3-dos) CVE-2018-0466 05 Oct 2018 6.5 (v3) Medium Pass Apache Tomcat 9.0.0.M1 < 9.0.8 Denial of Service Vulnerability CVE-2018-1336 27 Feb 2019 7.5 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod Multi-Site TCP DoS (cisco-sa-n9kaci-tcp-dos-YXukt6gM) CVE-2021-1586 21 Feb 2022 8.6 (v3) High Pass F5 BIG-IP RCE (CVE-2022-1388) CVE-2022-1388 09 May 2022 9.8 (v3) Critical Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (October 2018 CPU) CVE-2017-5645 CVE-2018-3204 CVE-2018-8013 03 Jan 2019 9.8 (v3) Critical Pass nginx <= 1.3.13 Insecure Log Permissions CVE-2013-0337 05 Mar 2019 7.3 (v3) High Pass Atlassian JIRA < 7.6.7 / 7.7.x < 7.11.0 Information Disclosure CVE-2017-18104 05 Mar 2019 5.9 (v3) Medium Pass Atlassian JIRA < 7.5.3 Cross-Site Scripting CVE-2017-16863 05 Mar 2019 6.1 (v3) Medium Pass Atlassian JIRA < 7.6.1 Multiple Vulnerabilities CVE-2017-16865 CVE-2017-18097 CVE-2017-18098 05 Mar 2019 6.1 (v3) Medium Pass Atlassian JIRA < 7.6.2 Cross-Site Request Forgery CVE-2017-16862 05 Mar 2019 4.3 (v3) Medium Pass Atlassian JIRA < 7.6.5 / 7.7.x < 7.7.3 / 7.8.x < 7.8.3 Limited Authentication Bypass CVE-2017-18101 05 Mar 2019 6.5 (v3) Medium Pass Palo Alto Networks < 7.1.23 / 8.0.x < 8.0.16 / 8.1.x < 8.1.7 Integer Over fl ow Vulnerability (PAN-SA-2019-0006) CVE-2018-14634 25 Mar 2019 7.8 (v3) High Pass Cisco IOS Software Hot Standby Router Protocol Information Leak Vulnerability CVE-2019-1761 05 Apr 2019 4.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 Admin Console Denial of Service (DoS) Vulnerability (CVE-2019-4080) CVE-2019-4080 12 Apr 2019 6.5 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 Information Disclosure Vulnerability (CVE-2018-1996) CVE-2018-1996 12 Apr 2019 5.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 / Liberty < 19.0.0.4 Request Header Denial of Service (DoS) Vulnerability (CVE-2019-4046) CVE-2019-4046 12 Apr 2019 7.5 (v3) High Pass Tenable Nessus < 8.1.1 Multiple Vulnerabilities (TNS-2018-16) CVE-2018-0734 CVE-2018-5407 02 Jan 2019 5.9 (v3) Medium Pass 3S CODESYS Runtime 3.x < 3.5.14.0 Insu ffi cient Access Control Vulnerability CVE-2018-10612 CVE-2018-20025 CVE-2018-20026 03 Jan 2019 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 Form Login Spoo fi ng Vulnerability (CVE-2018-1695) CVE-2018-1695 03 May 2019 5.6 (v3) Medium Pass Juniper JSA10936 CVE-2019-0044 10 May 2019 7.5 (v3) High Pass Atlassian JIRA Server-Side Request Forgery (SSRF) Vulnerability (JRASERVER-68527) CVE-2018-13404 10 May 2019 4.1 (v3) Medium Pass Atlassian JIRA Cross-Site Scripting (XSS) Vulnerability (JRASERVER-68614) CVE-2018-20232 10 May 2019 5.4 (v3) Medium Pass IBM Spectrum Protect Client 7.1.x < 7.1.8.4 / 8.1.x < 8.1.6.1 Denial of Service Vulnerability (CVE-2018-1786) CVE-2018-1786 03 Jan 2019 7.5 (v3) High Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.9 TLS Downgrade Vulnerability (CVE-2018-1719) CVE-2018-1719 30 May 2019 5.9 (v3) Medium Pass IBM WebSphere Application Server Virtual Enterprise 7.0.x / Network Deployment 8.5.x < 8.5.5.16 / Network Deployment 9.0.0.x <= 9.0.0.11 Remote Code Execution Vulnerability (CVE-2019-4279) CVE-2019-4279 31 May 2019 9.8 (v3) Critical Pass Juniper JSA10889 CVE-2018-0055 07 Jun 2019 5.3 (v3) Medium Pass Apache Tomcat 9.0.0.M1 < 9.0.16 DoS CVE-2019-0199 27 Jun 2019 7.5 (v3) High Pass MySQL 5.6.x < 5.6.45 Multiple Vulnerabilities (Jul 2019 CPU) CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2805 CVE-2019-2819 CVE-2019-2969 18 Jul 2019 6.2 (v3) Medium Pass Cisco Uni fi ed Communications Manager Session Initiation Protocol Denial of Service Vulnerability CVE-2019-1887 12 Jul 2019 7.5 (v3) High Pass Cisco IOS Software Network Plug-and-Play Agent Certi fi cate Validation Vulnerability CVE-2019-1748 26 Jul 2019 7.4 (v3) High Pass Cisco IOS Software Information Disclosure Vulnerability (cisco-sa-20190327-info) CVE-2019-1762 29 Jul 2019 4.4 (v3) Medium Pass Atlassian JIRA worklog Information Disclosure CVE-2019-8445 29 Aug 2019 5.3 (v3) Medium Pass Atlassian JIRA < 7.13.4 / 8.0.x < 8.1.0 Epic Name DoS (SB19-182) CVE-2019-11583 29 Aug 2019 6.5 (v3) Medium Pass Atlassian JIRA Authentication Bypass Vulnerability (JRASERVER-69239) CVE-2018-20826 03 Sep 2019 4.3 (v3) Medium Pass Atlassian JIRA Information Disclosure Vulnerability (JRASERVER-69797) CVE-2019-8448 03 Sep 2019 5.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Information Disclosure (CVE-2019-4477) CVE-2019-4477 20 Sep 2019 6.5 (v3) Medium Pass Atlassian JIRA 7.7.x < 7.13.1 XSS vulnerability (JRASERVER-69238) CVE-2018-20824 25 Sep 2019 6.1 (v3) Medium Pass Cisco Uni fi ed Communications Manager Cross-Site Scripting (XSS) Vulnerability CVE-2019-12715 25 Oct 2019 6.1 (v3) Medium Pass Cisco IOS Denial of Service Vulnerability (cisco-sa-20190925-sip-dos) CVE-2019-12654 08 Oct 2019 7.5 (v3) High Pass Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability (cisco-sa-20190925-ios-gos-auth) CVE-2019-12648 08 Oct 2019 8.8 (v3) High Pass Cisco IOS ISDN Interface Denial of Service Vulnerability CVE-2019-1752 11 Oct 2019 7.5 (v3) High Pass Cisco Uni fi ed Communications Manager Cross-Site Scripting (XSS) Vulnerability CVE-2019-12716 11 Oct 2019 6.1 (v3) Medium Pass Cisco IOS XR gRPC Software Denial of Service Vulnerability CVE-2019-12647 18 Oct 2019 7.5 (v3) High Pass Cisco Wireless LAN Controller Secure Shell (SSH) Denial of Service Vulnerability (cisco-sa-20191016-wlc-ssh-dos) CVE-2019-15262 25 Oct 2019 7.5 (v3) High Pass MySQL 5.6.x < 5.6.46 Multiple Vulnerabilities (Oct 2019 CPU) CVE-2019-2910 CVE-2019-2911 CVE-2019-2922 CVE-2019-2923 CVE-2019-2924 CVE-2019-2974 18 Oct 2019 5.3 (v3) Medium Pass Cisco IOS Software IP Service Level Agreement Denial of Service Vulnerability CVE-2019-1737 21 Oct 2019 8.6 (v3) High Pass Atlassian Jira 7.6.x < 7.6.13, 7.7.0 < 7.13.3, 8.x < 8.1.1 Information Disclosure Vulnerability CVE-2019-3401 25 Oct 2019 5.3 (v3) Medium Pass Atlassian Jira 7.13.x < 7.13.3 / 8.0.x < 8.0.4 / 8.1.x < 8.1.1 Information Disclosure Vulnerability CVE-2019-3403 25 Oct 2019 5.3 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (April 2016 CPU) CVE-2014-3576 CVE-2016-0468 CVE-2016-0479 25 Oct 2019 6.1 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jul 2016 CPU) CVE-2016-3432 CVE-2016-3433 CVE-2016-3446 CVE-2016-3474 CVE-2016-3544 25 Oct 2019 8.3 (v3) High Pass Cisco Uni fi ed Communications Manager SQLi (cisco-sa-20191002-cuc-inject) CVE-2019-12710 30 Oct 2019 4.9 (v3) Medium Pass Junos OS: Clear Text Authentication Credentials (JSA10969) CVE-2019-0069 01 Nov 2019 5.5 (v3) Medium Pass Juniper JSA10956 CVE-2019-0058 01 Nov 2019 7.8 (v3) High Pass Cisco Uni fi ed Communications Manager XSS (cisco-sa-20191002-cuc-xss) CVE-2019-12707 31 Oct 2019 6.1 (v3) Medium Pass Atlassian Jira 7.13.x < 7.13.4, 8.x < 8.2.2 CSRF vulnerability (JRASERVER-69858) CVE-2019-14999 05 Nov 2019 4.3 (v3) Medium Pass Cisco IOS IP Detail Record DoS (cisco-sa-20160928-ipdr) CVE-2016-6379 12 Nov 2019 7.5 (v3) High Pass Cisco Uni fi ed Communications Manager Cross-Site Request Forgery (XSRF) Vulnerability (cisco-sa-20191002-cucm-csrf) CVE-2019-1915 07 Nov 2019 6.5 (v3) Medium Pass Cisco IOS H.323 Message Validation DoS (cisco-sa-20160928-h323) CVE-2016-6384 12 Nov 2019 7.5 (v3) High Pass Cisco IOS Smart Install Memory Leak (cisco-sa-20160928-smi) CVE-2016-6385 12 Nov 2019 7.5 (v3) High Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1735) CVE-2019-1735 13 Nov 2019 7.8 (v3) High Pass Cisco NX-OS Software Multiple Vulnerabilities (cisco-sa-20190515-nxos-cmdinj-1774-1775) CVE-2019-1774 CVE-2019-1775 13 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1770) CVE-2019-1770 14 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1790) CVE-2019-1790 14 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1783) CVE-2019-1783 14 Nov 2019 6.7 (v3) Medium Pass Cisco IOS Autonomic Control Plane Channel Information Disclosure (cisco-sa-20170726-aniacp) CVE-2017-6665 18 Nov 2019 6.5 (v3) Medium Pass Cisco IOS AAA Login DoS (cisco-sa-20160928-aaados) CVE-2016-6393 21 Nov 2019 7.5 (v3) High Pass Cisco NX-OS Software NX-API Denial of Service Vulnerability CVE-2020-3170 05 Mar 2020 5.3 (v3) Medium Pass Cisco IOS Autonomic Networking Infrastructure DoS (cisco-sa-20170726-anidos) CVE-2017-6663 22 Nov 2019 6.5 (v3) Medium Pass Cisco IOS Software Smart Install DoS (cisco-sa-20180328-smi) CVE-2018-0156 27 Nov 2019 7.5 (v3) High Pass Cisco IOS Software Internet Key Exchange Memory Leak (cisco-sa-20180328-ike) CVE-2018-0158 27 Nov 2019 8.6 (v3) High Pass Cisco IOS Software Secure Shell Connection on VRF (cisco-sa-20190109-ios-ssh-vrf) CVE-2018-0484 06 Dec 2019 6.5 (v3) Medium Pass Cisco NX-OS Software OSPF LSA Manipulation (cisco-sa-20170727-ospf) CVE-2017-6770 27 Nov 2019 4.2 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1795) CVE-2019-1795 04 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190306-nxos-cmdinj-1611) CVE-2019-1611 04 Dec 2019 6.7 (v3) Medium Pass Junos OS: processing of speci fi c transit IP packets in fl owd, leading to Denial of Service (JSA10959) CVE-2019-0060 16 Dec 2019 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Directory Traversal Vulnerability CVE-2019-4442 06 Dec 2019 4.3 (v3) Medium Pass Cisco IOS Software Software Plug and Play Agent Memory Leak(cisco-sa-20180926-pnp-memleak) CVE-2018-15377 13 Dec 2019 8.6 (v3) High Pass nginx < 1.17.7 Information Disclosure CVE-2019-20372 05 Mar 2020 5.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information Disclosure (CVE-2019-4441) CVE-2019-4441 16 Dec 2019 5.3 (v3) Medium Pass Cisco NX-OS Software Privilege Escalation Vulnerability CVE-2019-1602 18 Dec 2019 7.8 (v3) High Pass Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability CVE-2020-3175 05 Mar 2020 8.6 (v3) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (Cisco-Sa-20190306-Nxos-Cmdinj-1609) CVE-2019-1609 27 Dec 2019 6.7 (v3) Medium Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Information Disclosure (CVE-2018-1614) CVE-2018-1614 28 Jan 2020 7.5 (v3) High Pass SSL/TLS Deprecated Ciphers Unsupported 06 Jan 2020 None Pass SSLv2-Only Open Ports Unsupported 06 Jan 2020 None Pass Cisco Data Center Network Manager < 11.3(1) Multiple Vulnerabilities CVE-2019-15975 CVE-2019-15976 CVE-2019-15977 CVE-2019-15978 CVE-2019-15979 CVE-2019-15980 CVE-2019-15981 CVE-2019-15982 CVE-2019-15983 CVE-2019-15984 CVE-2019-15985 CVE-2019-15999 09 Jan 2020 9.8 (v3) Critical Pass Cisco IOS Software NAT64 Denial of Service Vulnerability CVE-2019-1751 09 Jan 2020 7.5 (v3) High Pass MySQL 5.6.x < 5.6.47 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-1547 CVE-2020-2574 CVE-2020-2579 16 Jan 2020 4.7 (v3) Medium 41

Pass Cisco IOS Web UI Cross-Site Request Forgery (cisco-sa-20200108-ios-csrf) CVE-2019-16009 16 Jan 2020 8.8 (v3) High Pass MySQL 8.0.x < 8.0.19 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-1547 CVE-2019-5482 CVE-2019-16168 CVE-2020-2570 CVE-2020-2572 CVE-2020-2573 CVE-2020-2574 CVE-2020-2577 CVE-2020-2579 CVE-2020-2584 CVE-2020-2588 CVE-2020-2627 CVE-2020-2660 CVE-2020-2679 CVE-2020-2686 CVE-2020- 16 Jan 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1840) CVE-2018-1840 28 Jan 2020 8.1 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Remote Code Execution (CVE-2018-1567) CVE-2018-1567 28 Jan 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 9.0.x < 9.0.5.0 Information Disclosure (CVE-2019-4269) CVE-2019-4269 28 Jan 2020 7.5 (v3) High Pass IBM WebSphere Application Server Virtual Enterprise 7.0.x <= 7.0.0.6 / Virtual Enterprise 8.0.x / 8.5.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 Information Disclosure (CVE-2019-4505) CVE-2019-4505 30 Jan 2020 5.3 (v3) Medium Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Cross-Site Request Forgery (CVE-2018-1926) CVE-2018-1926 28 Jan 2020 8.8 (v3) High Pass Cisco Uni fi ed Communications Manager Cross-Site Request Forgery Vulnerability (cisco-sa-20200122-cuc-info-disclosure) CVE-2019-15963 31 Jan 2020 6.5 (v3) Medium Pass Cisco Uni fi ed Communications Manager Cross-Site Request Forgery Vulnerability (cisco-sa-ucm-csrf-NbhZTxL) CVE-2020-3135 31 Jan 2020 8.8 (v3) High Pass Cisco IOS SM-1T3/E3 Service Module DoS (cisco-sa-20180926-sm1t3e3) CVE-2018-0485 05 Feb 2020 8.6 (v3) High Pass Cisco IOS XR Software Cisco Discovery Protocol Denial of Service Vulnerability (cisco-sa-20200205-fxnxos-iosxr-cdp-dos) CVE-2020-3120 14 Feb 2020 6.5 (v3) Medium Pass Cisco NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability (cisco-sa-20200205-fxnxos-iosxr-cdp-dos) CVE-2020-3120 14 Feb 2020 6.5 (v3) Medium Pass Cisco Aggregation Services Router 9000 Series IPv6 Fragment Header DoS (cisco-sa-20180131-ipv6) CVE-2018-0136 21 Feb 2020 8.6 (v3) High Pass Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability (cisco-sa-20190515-iosxr-evpn-dos) CVE-2019-1849 18 Feb 2020 6.5 (v3) Medium Pass Junos OS Multiple vulnerabilities (JSA10981) CVE-2020-1602 CVE-2020-1605 CVE-2020-1609 24 Feb 2020 8.8 (v3) High Pass Atlassian JIRA 8.5.x / 8.6.x 'Atlassian Application Links' Plugin CSRF CVE-2019-20100 21 Feb 2020 4.7 (v3) Medium Pass Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation (cisco-sa-20190925-xr-asr9k-privesc) CVE-2019-12709 28 Feb 2020 6.7 (v3) Medium Pass Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability (cisco-sa-20200226-nxos-arp) CVE-2020-3174 06 Mar 2020 4.7 (v3) Medium Pass Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass (cisco-sa-20191120-iosxr-ssh-bypass) CVE-2019-15998 28 Feb 2020 5.3 (v3) Medium Pass Cisco IOS XR Software Secure Shell Authentication Vulnerability (cisco-sa-20190605-iosxr-ssh) CVE-2019-1842 02 Mar 2020 5.4 (v3) Medium Pass Cisco NX-OS Software Authenticated Simple Network Management Protocol DoS (cisco-sa-20180620-nxossnmp) CVE-2018-0291 05 Mar 2020 6.5 (v3) Medium Pass Cisco NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and DoS (cisco-sa-20200226-fxos-nxos-cdp) CVE-2020-3172 06 Mar 2020 8.8 (v3) High Pass Cisco IOS XR Software IPsec Packet Processor DoS (cisco-sa-iosxr-ipsec-dos-q8UPX6m) CVE-2020-3190 13 Mar 2020 5.8 (v3) Medium Pass Cisco Nexus 1000V Switch for VMware vSphere Secure Login Enhancements Denial of Service Vulnerability CVE-2020-3168 11 Mar 2020 7.5 (v3) High Pass Cisco IOS XR Software Intermediate System-to-Intermediate System DoS (cisco-sa-20200122-ios-xr-dos) CVE-2019-16027 13 Mar 2020 6.5 (v3) Medium Pass Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability (cisco-sa-prime-collab-xss-RjRCe9n7) CVE-2020-3192 19 Mar 2020 6.1 (v3) Medium Pass Cisco IOS XR Software BGP EVPN Operational Routes DoS (cisco-sa-20200122-ios-xr-routes) CVE-2019-16018 13 Apr 2020 6.5 (v3) Medium Pass Cisco Uni fi ed Computing System Fabric Interconnect Root Privilege Escalation (cisco-sa-20190828-ucs-privescalation) CVE-2019-1966 16 Apr 2020 7.8 (v3) High Pass Junos OS Default Credentials Vulnerability (JSA10998) CVE-2020-1615 16 Apr 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 Cross-Site Scripting Vulnerability CVE-2018-1798 30 Apr 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.15 / 9.0.0.0 <= 9.0.0.10 Connection Spoo fi ng Vulnerability CVE-2018-1902 20 Apr 2020 4.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.x < 9.0.0.10 XSS (CVE-2018-1794) CVE-2018-1794 21 Apr 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.17 / 9.0.0.0 <= 9.0.5.3 Privilege Escalation (CVE-2020-4362) CVE-2020-4362 17 Apr 2020 8.8 (v3) High Pass IBM WebSphere Application Server 7.x / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 Directory Traversal Vulnerability CVE-2018-1797 30 Apr 2020 5.5 (v3) Medium Pass IBM WebSphere Application Server 7.0 < 7.0.0.46 / 8.0 < 8.0.0.16 / 8.5 < 8.5.5.18 / 9.0 < 9.0.5.4 / Liberty 17.0.0.3 < 20.0.0.5 Information Disclosure CVE-2020-4329 08 May 2020 4.3 (v3) Medium Pass Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability (cisco-sa-20190515-nxos-rpm-injec) CVE-2019-1732 12 May 2020 6.4 (v3) Medium Pass Cisco NX-OS Software Sensitive File Read Information Disclosure Vulnerability (cisco-sa-20190515-nxos-fxos-info) CVE-2019-1734 12 May 2020 5.5 (v3) Medium Pass Junos OS Invalid BGP Update Termination Denial Of Service Vulnerability (JSA11013) CVE-2020-1632 25 May 2020 8.6 (v3) High Pass IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSS CVE-2018-1793 27 May 2020 6.1 (v3) Medium Pass Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Inter-VM Channel Command Injection (cisco-sa-ios-iot-udp-vds-inj-f2D5Jzrt) CVE-2020-3205 05 Jun 2020 8.8 (v3) High Pass Juniper Junos RCE (JSA10871) CVE-2018-0037 02 Jun 2020 9.8 (v3) Critical Pass Cisco IOS Software Simple Network Management Protocol DoS (cisco-sa-snmp-dos-USxSyTk5) CVE-2020-3235 05 Jun 2020 7.7 (v3) High Pass IBM WebSphere Application Server 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (CVE-2020-4450) CVE-2020-4450 12 Jun 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 Remote Code Execution (CVE-2020-4448) CVE-2020-4448 12 Jun 2020 9.8 (v3) Critical Pass Cisco IOS Tcl DoS (cisco-sa-tcl-dos-MAZQUnMF) CVE-2020-3201 17 Jun 2020 6 (v3) Medium Pass Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability (cisco-sa-sxp-68TEVzR) CVE-2020-3228 19 Jun 2020 8.6 (v3) High Pass Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution (cisco-sa-tcl-ace-C9KuVKmm) CVE-2020-3204 18 Jun 2020 6.7 (v3) Medium Pass Cisco Data Center Network Manager Multiple Stored Cross-Site Scripting Vulnerablities (June 2020) CVE-2020-3354 CVE-2020-3355 CVE-2020-3356 26 Jun 2020 6.1 (v3) Medium Pass Cisco IOS Software One Platform Kit Remote Code Execution Vulnerability (cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC) CVE-2020-3217 01 Jul 2020 8.8 (v3) High Pass Cisco NX-OS Software One Platform Kit Remote Code Execution Vulnerability (cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC) CVE-2020-3217 01 Jul 2020 8.8 (v3) High Pass Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service (cisco-sa-cipdos-hkfTZXEx) CVE-2020-3225 01 Jul 2020 8.6 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 Information Disclosure (CVE-2020-4449) CVE-2020-4449 03 Jul 2020 7.5 (v3) High Pass Cisco NX-OS Software Cisco Fabric Services Arbitrary Code Execution (cisco-sa-20180620-fxnxos-ace) CVE-2018-0304 14 Jul 2020 9.8 (v3) Critical Pass MySQL Denial of Service (Jul 2020 CPU) CVE-2020-14567 16 Jul 2020 4.9 (v3) Medium Pass Cisco Uni fi ed Communications Manager Cross-Site Scripting (cisco-sa-cucm-cuc-imp-xss-OWuSYAp) CVE-2020-3282 31 Jul 2020 6.1 (v3) Medium Pass MySQL 5.7.x < 5.7.31 Multiple Vulnerabilities (Jul 2020 CPU) CVE-2020-1967 CVE-2020-14539 CVE-2020-14540 CVE-2020-14547 CVE-2020-14550 CVE-2020-14553 CVE-2020-14559 CVE-2020-14576 CVE-2021-2001 CVE-2021-2160 17 Jul 2020 4.3 (v3) Medium Pass MySQL 5.6.x < 5.6.49 Multiple Vulnerabilities (Jul 2020 CPU) CVE-2020-1967 CVE-2020-14539 CVE-2020-14550 CVE-2020-14559 17 Jul 2020 4.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (6250059) CVE-2020-4464 23 Jul 2020 8.8 (v3) High Pass Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Multiple Vulnerabilities (cisco-sa-ios-iot-gos-vuln-s9qS8kYL) CVE-2020-3199 CVE-2020-3257 28 Jul 2020 8.8 (v3) High Pass IBM WebSphere Application Server 8.5.x < 8.5.5.18 Server-side Request Forgery (6209099) CVE-2020-4365 29 Jul 2020 4.3 (v3) Medium Pass Cisco Small Business RV Series RCE (cisco-sa-rv-rce-m4FEEGWX) CVE-2020-3145 CVE-2020-3146 29 Jul 2020 8.8 (v3) High Pass Cisco UCS Director Stored Cross-Site Scripting Vulnerability (cisco-sa-ucs-director-xss-O7T8ORYR) CVE-2020-3464 07 Aug 2020 4.8 (v3) Medium Pass Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities (cisco-sa-ios-iot-rce-xYRSeMNH) CVE-2020-3198 CVE-2020-3258 17 Aug 2020 9.8 (v3) Critical Pass Cisco NX-OS Directory Traversal (cisco-sa-20190501-fabric-traversal) CVE-2019-1836 25 Aug 2020 7.1 (v3) High Pass Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials (cisco-sa-ios-iot-vds-cred-uPMp9zbY) CVE-2020-3234 28 Aug 2020 8.8 (v3) High Pass Cisco IOS Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW) CVE-2020-3408 05 Oct 2020 8.6 (v3) High Pass Cisco IOS Software ISDN Q.931 DoS (cisco-sa-iosxe-isdn-q931-dos-67eUZBTf) CVE-2020-3511 12 Oct 2020 7.4 (v3) High Pass Cisco IOS Software MP BGP EVPN DoS (cisco-sa-ios-bgp-evpn-dos-LNfYJxfF) CVE-2020-3479 07 Oct 2020 7.5 (v3) High Pass MySQL 5.6.x < 5.6.50 Multiple Vulnerabilities (Oct 2020 CPU) CVE-2020-14672 CVE-2020-14765 CVE-2020-14769 CVE-2020-14793 CVE-2020-14812 CVE-2020-14867 22 Oct 2020 6.5 (v3) Medium Pass Cisco IOS Software PROFINET DoS (cisco-sa-pro fi net-J9QMCHPB) CVE-2020-3409 05 Nov 2020 7.4 (v3) High Pass Cisco IOS XR Software for ASR 9000 Series Slow Path Forwarding DoS (cisco-sa-xr-cp-dos-ej8VB9QY) CVE-2020-26070 13 Nov 2020 8.6 (v3) High Pass OpenSSL 1.0.2 < 1.0.2x Null Pointer Dereference Vulnerability CVE-2020-1971 10 Dec 2020 5.9 (v3) Medium Pass SolarWinds Orion Platform < 2020.2.1 HF2 Multiple Vulnerabilities CVE-2019-11358 CVE-2020-14005 CVE-2020-27869 CVE-2020-27870 CVE-2020-27871 18 Dec 2020 8.8 (v3) High Pass MySQL 5.6.x < 5.6.51 Multiple Vulnerabilities (Jan 2021 CPU) CVE-2021-2001 CVE-2021-2010 CVE-2021-2022 CVE-2021-2060 22 Jan 2021 4.2 (v3) Medium Pass MySQL 5.7.x < 5.7.33 Multiple Vulnerabilities (Jan 2021 CPU) CVE-2020-1971 CVE-2021-2010 CVE-2021-2011 CVE-2021-2014 CVE-2021-2022 CVE-2021-2032 CVE-2021-2060 CVE-2021-2178 CVE-2021-2202 22 Jan 2021 4.3 (v3) Medium Pass Cisco IOS XR Software Unauthorized Information Disclosure (cisco-sa-ios-infodisc-4mtm9Gyt) CVE-2021-1128 05 Feb 2021 5.5 (v3) Medium Pass Cisco IOS XR Software IPv6 Access Control List Bypass (cisco-sa-ipv6-acl-CHgdYk8j) CVE-2021-1389 12 Feb 2021 6.5 (v3) Medium Pass Cisco IOS XR Software for 8000 Series Routers Network Convergence System 540 Series Routers Privilege Escalation (cisco-sa-iosxr-pe-QpzCAePe) CVE-2021-1370 16 Mar 2021 7.8 (v3) High Pass MySQL 5.7.x < 5.7.34 Multiple Vulnerabilities (Apr 2021 CPU) CVE-2021-2146 CVE-2021-2154 CVE-2021-2162 CVE-2021-2166 CVE-2021-2169 CVE-2021-2171 CVE-2021-2174 CVE-2021-2179 CVE-2021-2180 CVE-2021-2194 CVE-2021-2226 CVE-2021-2307 CVE-2021-3449 CVE-2021-23841 22 Apr 2021 6.1 (v3) Medium Pass MySQL 8.0.x < 8.0.24 Multiple Vulnerabilities (Apr 2021 CPU) CVE-2020-28196 CVE-2021-2146 CVE-2021-2162 CVE-2021-2164 CVE-2021-2166 CVE-2021-2169 CVE-2021-2170 CVE-2021-2171 CVE-2021-2172 CVE-2021-2174 CVE-2021-2179 CVE-2021-2180 CVE-2021-2193 CVE-2021-2194 CVE-2021-2196 CVE-2021- 22 Apr 2021 6.1 (v3) Medium Pass Atlassian Con fl uence < 6.13.23 / 6.14 < 7.4.11 / 7.5 < 7.11.6 / 7.12 < 7.12.5 Webwork OGNL Injection (CONFSERVER-67940) CVE-2021-26084 26 Aug 2021 9.8 (v3) Critical Pass Cisco NX-OS Software VXLAN OAM DoS (cisco-sa-nxos-ngoam-dos-LTDb9Hv) CVE-2021-1587 27 Aug 2021 8.6 (v3) High Pass Cisco Application Policy Infrastructure Controller App Privilege Escalation (cisco-sa-capic-chvul-CKfGYBh8) CVE-2021-1579 02 Sep 2021 8.8 (v3) High Pass Cisco IOS Software IOx Application Environment Path Traversal (cisco-sa-iox-pt-hWGcPf7g) CVE-2021-1385 08 Sep 2021 6.5 (v3) Medium Pass Trend Micro Apex Central Management Web Console Detection 19 Apr 2022 None Pass Cisco IOS XR Software Unauthorized Information Disclosure (cisco-sa-iosxr-infodisc-CjLdGMc5) CVE-2021-34771 10 Sep 2021 5.5 (v3) Medium Pass Cisco IOS XR Software Authenticated User Privilege Escalation (cisco-sa-iosxr-privescal-dZYMrKf) CVE-2021-34719 CVE-2021-34728 10 Sep 2021 7.8 (v3) High Pass Cisco IOS XR Software IP Service Level Agreements Two Way Active Measurement Protocol DoS (cisco-sa-ipsla-ZA3SRrpP) CVE-2021-34720 10 Sep 2021 8.6 (v3) High Pass Cisco IOS XR Software Arbitrary File Read and Write (cisco-sa-iosxr-scp-inject-QwZOCv2) CVE-2021-34718 10 Sep 2021 8.1 (v3) High Pass Cisco IOS XR Software Command Injection (cisco-sa-iosxr-cmd-inj-wbZKvPxc) CVE-2021-34721 CVE-2021-34722 10 Sep 2021 6.7 (v3) Medium Pass Cisco TelePresence Video Communication Server GNU glibc gethostbyname Function Bu ff er Over fl ow Vulnerability (GHOST) CVE-2015-0235 18 Feb 2015 10 (v3) Critical Pass Cisco IOS XR Software Command Injection (cisco-sa-xr-cmdinj-vsKGherc) CVE-2021-1485 13 Apr 2021 7.8 (v3) High Pass Cisco TelePresence Video Communication Server SIP DoS CVE-2014-0662 28 Jan 2014 7.5 (v3) High Pass Kaseya VSA < 9.5.7a Multiple Vulnerabilities CVE-2021-30116 CVE-2021-30119 CVE-2021-30120 12 Jul 2021 9.8 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11211) CVE-2021-0297 13 Oct 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11218) CVE-2021-31353 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11215) CVE-2021-31350 13 Oct 2021 8.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11251) CVE-2021-31383 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11230) CVE-2021-31368 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11232) CVE-2021-31370 13 Oct 2021 6.5 (v3) Medium Pass LiveZilla < 5.1.2.1 Multiple Vulnerabilities CVE-2013-7003 CVE-2013-7032 CVE-2013-7033 CVE-2013-7034 18 Dec 2013 7.5 (v2) High Pass Nagios XI < 2012R2.4 tfPassword Parameter SQL Injection CVE-2013-6875 26 Dec 2013 7.5 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check SNMP) CVE-2021-44228 23 Dec 2021 10 (v3) Critical Pass HP Intelligent Management Center APM Module < 7.0 E0101 SQL Injection CVE-2013-4827 09 Jan 2014 7.5 (v2) High Pass IBM Domino 8.5.x < 8.5.3 FP6 iNotes Multiple XSS (uncredentialed check) CVE-2013-4063 CVE-2013-4064 CVE-2013-4065 08 Jan 2014 4.3 (v2) Medium Pass Serv-U FTP Server < 15.0.0.0 Multiple Security Vulnerabilities 08 Jan 2014 5 (v2) Medium Pass HP Intelligent Management Center < 7.0 E0102 DES / ECB Weak Decryption Key CVE-2013-4825 09 Jan 2014 7.5 (v2) High Pass Apache JSPWiki Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 07 Jan 2022 10 (v3) Critical Pass HP Intelligent Management Center Branch Intelligent Management Module Multiple Vulnerabilities CVE-2013-4822 CVE-2013-4823 09 Jan 2014 10 (v2) Critical Pass HP Intelligent Management Center SOM Module < 7.0 E0101 Multiple Vulnerabilities CVE-2013-4824 CVE-2013-4826 09 Jan 2014 7.5 (v2) High Pass Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003) (exploit) CVE-2019-6340 27 Feb 2019 8.1 (v3) High Pass GPON ONT Home Gateway Authenticated Remote Command Execution (CVE-2019-3920) CVE-2019-3920 28 Mar 2019 8.8 (v3) High 42

Pass Oracle XDB Default Accounts 23 May 2018 9.8 (v3) Critical Pass Oracle Integrated Lights Out Manager Default Credentials 23 Aug 2012 9.8 (v3) Critical Pass Siemens SIMATIC Logon Authentication Bypass CVE-2017-2684 10 Mar 2017 9 (v3) Critical Pass Samba 'AndX' Request Heap-Based Bu ff er Over fl ow CVE-2012-0870 13 Mar 2012 10 (v2) Critical Pass HP Network Node Manager Detection 28 Mar 2012 None Pass IBM iSeries Default Password 06 Feb 2012 9.8 (v3) Critical Pass Modicon PLC IO Scan Status SNMP Request Scan Status Remote Disclosure 11 Dec 2006 5 (v2) Medium Pass Siemens SIMATIC WinCC Default Password Authentication Bypass CVE-2010-2772 16 Jul 2010 7.5 (v2) High Pass MS09-001: Microsoft Windows SMB Vulnerabilities Remote Code Execution (958687) (uncredentialed check) CVE-2008-4834 CVE-2008-4835 CVE-2008-4114 13 Jan 2009 10 (v2) Critical Pass Microsoft Windows 10 Version 1511 Unsupported Version Detection 17 Oct 2017 10 (v3) Critical Pass Microsoft Windows 10 Version 1703 Unsupported Version Detection 02 Nov 2018 10 (v3) Critical Pass Cisco IOS XE Software ARP Resource Management Exhaustion Denial of Service (cisco-sa-arp-mtfhBfjE) CVE-2021-1377 30 Mar 2021 5.8 (v3) Medium Pass Microsoft Windows Version 1709 Unsupported Version Detection 17 Apr 2019 10 (v3) Critical Pass Joomla! Extension Detection 21 Jan 2019 None Pass Microsoft Windows 10 Version 1809 Unsupported Version Detection 14 Jan 2021 10 (v3) Critical Pass Cisco IOS Software ARP Resource Management Exhaustion Denial of Service (cisco-sa-arp-mtfhBfjE) CVE-2021-1377 30 Mar 2021 5.8 (v3) Medium Pass PHP 5.4.x < 5.4.24 Multiple Vulnerabilities CVE-2013-6712 13 Jan 2014 5 (v2) Medium Pass Apache Tomcat < 9.0.0.M3 Multiple Vulnerabilities CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 11 Jan 2019 8.8 (v3) High Pass Apache Tomcat < 8.0.30 Directory Disclosure CVE-2015-5345 11 Jan 2019 5.3 (v3) Medium Pass Apache Tomcat < 8.0.0-RC10 Multiple Vulnerabilities CVE-2013-4322 CVE-2013-4590 11 Jan 2019 3.7 (v3) Low Pass Apache Tomcat 7.0.x < 7.0.88 Denial of Service CVE-2018-1336 11 Jan 2019 7.5 (v3) High Pass Apache Tomcat 7.0.x < 7.0.76 / 8.0.x < 8.0.42 / 8.5.x < 8.5.12 / 9.0.x < 9.0.0.M18 Improper Access Control CVE-2017-5648 11 Jan 2019 9.1 (v3) Critical Pass Cisco Prime Security Manager GNU Bash Environment Variable Handling Command Injection (cisco-sa-20140926-bash) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 03 Nov 2014 10 (v2) Critical Pass HP LoadRunner < 11.52 SSL Connection Handling Stack Bu ff er Over fl ow RCE CVE-2013-4800 15 Aug 2013 9.3 (v2) High Pass Rocket Software UniRPC Version Detection 19 Jan 2011 None Pass Apache Tomcat 7.0.x < 7.0.70 / 8.0.x < 8.0.36 / 8.5.x < 8.5.3 / 9.0.x < 9.0.0.M8 Denial of Service CVE-2016-3092 11 Jan 2019 7.5 (v3) High Pass Apache Tomcat < 7.0.67 Session Fixation CVE-2015-5346 11 Jan 2019 8.1 (v3) High Pass Apache Tomcat 7.0.x < 7.0.65 / 8.0.x < 8.0.27 Directory Traversal CVE-2015-5174 11 Jan 2019 4.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.47 / 8.0.x < 8.0.0-RC3 Information Disclosure CVE-2013-4286 11 Jan 2019 6.5 (v3) Medium Pass Apache Tomcat < 7.0.2 Denial of Service and Information Disclosure CVE-2010-2227 11 Jan 2019 6.5 (v3) Medium Pass Novell File Reporter Engine Detection 08 Jul 2011 None Pass GPON ONT Home Gateway Router is vulnerable to authentication bypass (CVE-2018-10561) CVE-2018-10561 19 Dec 2018 9.8 (v3) Critical Pass Apache Tomcat < 6.0.14 Multiple Vulnerabilities CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3385 CVE-2007-3386 11 Jan 2019 4.3 (v3) Medium Pass Apache Tomcat < 6.0.10 Directory Traversal CVE-2007-0450 11 Jan 2019 5.3 (v3) Medium Pass PHP 7.2.x < 7.2.13 Multiple vulnerabilities CVE-2018-19518 CVE-2018-20783 19 Dec 2018 7.5 (v3) High Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-0732 CVE-2018-0737 CVE-2019-2512 18 Jan 2019 5.9 (v3) Medium Pass PHP 5.5.x < 5.5.8 Multiple Vulnerabilities CVE-2013-6712 13 Jan 2014 5 (v2) Medium Pass PHP 7.1.x < 7.1.25 Multiple vulnerabilities CVE-2018-19518 CVE-2018-20783 19 Dec 2018 7.5 (v3) High Pass memcached < 1.4.17 Multiple Vulnerabilities CVE-2013-7239 CVE-2013-7290 CVE-2013-7291 30 Jan 2014 4.8 (v2) Medium Pass memcached SASL Authentication Security Bypass CVE-2013-7239 30 Jan 2014 4.8 (v2) Medium Pass Jenkins LTS < 2.289.2 / Jenkins weekly < 2.300 Multiple Vulnerabilities CVE-2021-21670 CVE-2021-21671 CVE-2021-21672 CVE-2021-21673 CVE-2021-21674 30 Jun 2021 7.5 (v3) High Pass Adobe Connect < 11.2.3 Privilege Escalation (ASPB21-66) CVE-2021-36061 CVE-2021-36062 CVE-2021-36063 11 Aug 2021 6.1 (v3) Medium Pass Patch Report 08 Jul 2013 None Pass Adobe Experience Manager 6.5.0.0 < 6.5.10.0 Multiple Vulnerabilities (APSB21-82) CVE-2021-40711 CVE-2021-40712 CVE-2021-40713 CVE-2021-40714 15 Sep 2021 6.1 (v3) Medium Pass Cisco TelePresence Video Communication Server Expressway Default SSL Certi fi cate CVE-2014-0675 01 Feb 2014 6.5 (v3) Medium Pass Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service (cisco-sa-ewlc-ipv6-dos-NMYeCnZv) CVE-2021-34767 22 Sep 2021 7.4 (v3) High Pass Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution (cisco-sa-ewlc-capwap-rce-LYgj8Kf) CVE-2021-34770 22 Sep 2021 7.2 (v3) High Pass Jenkins Enterprise and Operations Center < 2.249.32.0.2 / 2.277.41.0.2 / 2.303.1.6 Multiple Vulnerabilities (CloudBees Security Advisory 2021-08-31) CVE-2021-21677 CVE-2021-21678 CVE-2021-21679 CVE-2021-21680 CVE-2021-21681 06 Oct 2021 8.8 (v3) High Pass Jenkins Enterprise and Operations Center < 2.249.31.0.6 / 2.277.40.0.1 / 2.289.2.2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-06-30) CVE-2021-21670 CVE-2021-21671 11 Oct 2021 7.5 (v3) High Pass Adobe Connect < 11.2.3 Multiple Vulnerabilities (ASPB21-91) CVE-2021-40719 CVE-2021-40721 14 Oct 2021 9.8 (v3) Critical Pass H2 Database JNDI Lookup RCE (CVE-2021-42392) CVE-2021-42392 22 Feb 2022 9.8 (v3) Critical Pass Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface DoS (cisco-sa-smb-switches-web-dos-xMyFFkt8) CVE-2021-40127 12 Nov 2021 5.3 (v3) Medium Pass D-Link DIR-825 R1 Device < 3.0.2 RCE (CVE-2020-29557) CVE-2020-29557 12 Nov 2021 9.8 (v3) Critical Pass Schneider Electric ISGG dc.exe File Upload RCE (CVE-2021-22803) CVE-2021-22803 12 Nov 2021 9.8 (v3) Critical Pass Nucleus Net TCP/IP Stack - FTP Detection 18 May 2021 None Pass WordPress Plugin 'SRS Simple Hits Counter' Information Disclosure (direct check) CVE-2020-5766 28 Jun 2021 7.5 (v3) High Pass Oracle Primavera Uni fi er (Oct 2021 CPU) CVE-2021-23337 CVE-2021-28657 CVE-2021-36090 CVE-2021-36374 20 Oct 2021 7.2 (v3) High Pass MySQL 5.7.x < 5.7.36 Multiple Vulnerabilities (Oct 2021 CPU) CVE-2021-3711 CVE-2021-22926 CVE-2021-35604 CVE-2021-35624 20 Oct 2021 9.8 (v3) Critical Pass Oracle MySQL Enterprise Monitor (Oct 2021 CPU) CVE-2021-3712 CVE-2021-22112 CVE-2021-22118 CVE-2021-29425 CVE-2021-33037 20 Oct 2021 8.8 (v3) High Pass Kaseya VSA < 9.3.0.35 / 9.4 < 9.4.0.36 / 9.5 < 9.5.0.5 RCE CVE-2018-20753 10 May 2022 9.8 (v3) Critical Pass Apache Tomcat 8.5.38 < 8.5.79 vulnerability CVE-2022-29885 10 May 2022 7.5 (v3) High Pass Apache Tomcat 10.0.0.M1 < 10.0.21 vulnerability CVE-2022-29885 10 May 2022 7.5 (v3) High Pass Apache Tomcat 9.0.13 < 9.0.63 vulnerability CVE-2022-29885 10 May 2022 7.5 (v3) High Pass Apache 2.4.x < 2.4.38 Multiple Vulnerabilities CVE-2018-17189 CVE-2018-17199 CVE-2019-0190 24 Jan 2019 7.5 (v3) High Pass Jenkins < 2.150.2 LTS / 2.160 Multiple Vulnerabilities CVE-2019-1003003 CVE-2019-1003004 23 Jan 2019 7.2 (v3) High Pass PHP 5.6.x < 5.6.40 Multiple vulnerabilities. CVE-2016-10166 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9023 CVE-2019-9024 06 Feb 2019 9.8 (v3) Critical Pass ThinkPHP Multiple Parameter RCE CVE-2018-20062 CVE-2019-9082 06 Feb 2019 9.8 (v3) Critical Pass Apache 2.4.x < 2.4.33 Multiple Vulnerabilities CVE-2017-15710 CVE-2017-15715 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 08 Feb 2019 9.8 (v3) Critical Pass ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check) (PCI-DSS check) CVE-2017-4902 CVE-2017-4903 28 Mar 2022 8.8 (v3) High Pass SonicWall NSv Next-Gen Virtual Firewall SSL VPN 28 Mar 2022 None Pass MongoDB 2.6.x < 2.6.9, 3.0.x < 3.0.14, 3.2.x < 3.2.8 mongod CVE-2014-2917 CVE-2014-3971 CVE-2014-8964 CVE-2015-2705 CVE-2017-12926 15 Feb 2019 7.2 (v3) High Pass PHP 7.2.x < 7.2.0 Heap-based Bu ff er Over fl ow Vulnerability CVE-2017-12932 01 Mar 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.9 Heap-based Bu ff er Over fl ow Vulnerability CVE-2017-12932 01 Mar 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.8 Denial of Service Vulnerability CVE-2017-11143 01 Mar 2019 7.5 (v3) High Pass PHP 7.1.x < 7.1.3 Denial of Service Vulnerability CVE-2017-11142 01 Mar 2019 7.5 (v3) High Pass PHP 7.1.x < 7.1.0 Multiple Vulnerabilities. CVE-2016-9933 CVE-2016-9934 CVE-2016-9936 01 Mar 2019 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.23 Heap-based Bu ff er Over fl ow Vulnerability CVE-2017-12932 01 Mar 2019 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.22 Denial of Service Vulnerability CVE-2017-11143 01 Mar 2019 7.5 (v3) High Pass Oracle Application Express (APEX) / REST Data Services Listener Installation Detection 07 Oct 2014 None Pass Oracle Default SID 19 Jul 2006 None Pass Apache Log4Shell RCE detection via callback correlation (Direct Check SSH) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass PHP 7.0.x < 7.0.17 Denial of Service Vulnerability CVE-2017-11142 01 Mar 2019 7.5 (v3) High Pass Apache Struts CVE-2018-11776 Results With No Namespace Remote Code Execution (S2-057) (remote) CVE-2018-11776 23 Aug 2018 8.1 (v3) High Pass Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability (cisco-sa-20190123-rv-info) (remote check) CVE-2019-1653 25 Jan 2019 7.5 (v3) High Pass Drupal Remote Code Execution Vulnerability (SA-CORE-2018-002) (exploit) CVE-2018-7600 13 Apr 2018 9.8 (v3) Critical Pass DNN (DotNetNuke) 5.2.0 < 9.1.1 Multiple Vulnerabilities CVE-2017-9822 12 Jul 2017 8.8 (v3) High Pass Symantec Messaging Gateway 10.x < 10.6.3-267 Multiple Vulnerabilities (SYM17-006) CVE-2017-6327 CVE-2017-6328 16 Aug 2017 8.8 (v3) High Pass Apache Struts 2 REST Plugin XStream XML Request Deserialization RCE CVE-2017-9805 06 Sep 2017 8.1 (v3) High Pass Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta Multipart Parser RCE (remote) CVE-2017-5638 08 Mar 2017 10 (v3) Critical Pass Microsoft Windows Server 2003 IIS 6.0 WebDAV PROPFIND Request Handling RCE (EXPLODINGCAN) CVE-2017-7269 20 Apr 2017 9.8 (v3) Critical Pass Trend Micro ServerProtect for Windows (SpntSvc.exe) StRpcSrv.dll Arbitrary Remote Code Execution CVE-2007-6507 18 Dec 2007 10 (v2) Critical Pass Oracle WebLogic Java Object Deserialization RCE CVE-2015-4852 23 Nov 2015 9.8 (v3) Critical Pass Oracle Reports Servlet Remote File Access CVE-2012-3152 20 Mar 2014 6.4 (v2) Medium Pass Atlassian Con fl uence < 6.6.12 / 6.7.x < 6.12.3 / 6.13.x < 6.13.3 / 6.14.x < 6.14.2 Template Injection CVE-2019-3396 11 Apr 2019 9.8 (v3) Critical Pass Advantech WebAccess webvrpcs.exe Arbitrary File Download CVE-2019-3941 26 Apr 2019 7.5 (v3) High Pass Cisco Small Business RV320 and RV325 Routers Multiple Vulnerabilities (cisco-sa-20190123-rv-inject, cisco-sa-20190123-rv-info) CVE-2019-1652 CVE-2019-1653 15 Apr 2019 7.5 (v3) High Pass Atlassian Crowd 2.1.x < 3.0.5 / 3.1.x < 3.1.6 / 3.2.x < 3.2.8 / 3.3.x < 3.3.5 / 3.4.x < 3.4.4 RCE Vulnerability CVE-2019-11580 28 May 2019 9.8 (v3) Critical Pass Pulse Secure Pulse Connect Secure SSL VPN Unauthenticated Path Traversal (CVE-2019-11510) CVE-2019-11510 16 Aug 2019 10 (v3) Critical Pass Unsupported Cisco Operating System 19 Feb 2014 10 (v3) Critical Pass Apache Solr < 8.4.0 Remote Code Execution CVE-2019-17558 02 Jan 2020 7.5 (v3) High Pass SSL/TLS Deprecated Ciphers (deprecated) 26 Nov 2019 None Pass ManageEngine Desktop Central 10 < Build 100479 Remote Code Execution (direct check) CVE-2020-10189 10 Apr 2020 9.8 (v3) Critical Pass WordPress Plugin 'Duplicator' < 1.3.28 Unauthenticated Arbitrary File Download CVE-2020-11738 21 Feb 2020 7.5 (v3) High Pass Microsoft DNS Server Remote Code Execution (SIGRed) CVE-2020-1350 16 Jul 2020 10 (v3) Critical Pass PHP 7.0.x < 7.0.0 Multiple Vulnerabilities CVE-2014-9767 CVE-2015-8867 CVE-2015-8874 CVE-2015-8879 01 Mar 2019 7.5 (v3) High Pass Nacos Detection 26 Oct 2021 None Pass PHP 5.4.x < 5.4.0 Multiple Vulnerabilities CVE-2011-2483 CVE-2011-3389 CVE-2011-4153 04 Mar 2019 7.5 (v3) High Pass Trend Micro Control Manager CmdProcessor.exe Remote Bu ff er Over fl ow (uncredentialed check) CVE-2011-5001 24 Jan 2012 10 (v2) Critical Pass PHP 7.3.x < 7.3.2 Information Disclosure. CVE-2019-9022 11 Mar 2019 7.5 (v3) High Pass vBulletin CVE-2019-16759 Bypass Remote Code Execution (CVE-2020-17496) (direct check) CVE-2019-16759 CVE-2020-17496 10 Aug 2020 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.33 Multiple vulnerabilities CVE-2018-19518 CVE-2018-20783 13 Mar 2019 7.5 (v3) High Pass HP Printer Firmware Signing Disabled CVE-2011-4161 01 Mar 2012 10 (v2) Critical 43

Pass Symantec pcAnywhere awhost32 Remote Code Execution CVE-2011-3478 22 Feb 2012 10 (v2) Critical Pass Firewall Detection (2) (deprecated) 26 Oct 2007 None Pass PHP 5.6.x < 5.6.35 Security Bypass Vulnerability CVE-2018-10545 04 Mar 2019 4.7 (v3) Medium Pass Pulse Policy Secure < 9.1R8.2 (SA44588) CVE-2020-8238 CVE-2020-8243 CVE-2020-8256 09 Oct 2020 7.2 (v3) High Pass Selligent Message Studio Struts Code Execution (CVE-2017-5638) CVE-2017-5638 20 Oct 2020 10 (v3) Critical Pass Pulse Connect Secure < 9.1R9 (SA44601) CVE-2015-9251 CVE-2019-11358 CVE-2020-8255 CVE-2020-8260 CVE-2020-8261 CVE-2020-8262 CVE-2020-8263 CVE-2020-15352 30 Oct 2020 7.2 (v3) High Pass Oracle WebLogic Server RCE (CVE-2020-14882) CVE-2020-14750 CVE-2020-14882 06 Nov 2020 9.8 (v3) Critical Pass SolarWinds Orion Platform < 2019.4 HF6 / 2020.2 < 2020.2.1 HF2 Authentication Bypass (SUPERNOVA) CVE-2020-10148 28 Dec 2020 9.8 (v3) Critical Pass SAP BusinessObjects Business Intelligence Platform SSRF Vulnerability (direct check) CVE-2020-6308 08 Feb 2021 5.3 (v3) Medium Pass SSH Weak Key Exchange Algorithms Enabled 13 Oct 2021 3.7 (v3) Low Pass SSH Host Keys < 2048 Bits Considered Weak 13 Oct 2021 3.7 (v3) Low Pass Cisco IOS XE Software Smart Install Remote Code Execution Vulnerability CVE-2018-0171 29 Mar 2018 9.8 (v3) Critical Pass Comelit Intercom Master Detection 21 Apr 2017 None Pass VMware vRealize Operations Manager Web UI Detection 26 May 2016 None Pass Trend Micro O ffi ceScan Multiple Vulnerabilities (000263632) CVE-2020-24557 CVE-2020-24558 29 Apr 2021 7.8 (v3) High Pass Trend Micro Apex One Multiple Vulnerabilities (000263632) CVE-2020-24556 CVE-2020-24557 CVE-2020-24558 CVE-2020-24562 30 Apr 2021 7.8 (v3) High Pass Advantech WebAccess < 8.0.2015.08.16 Unspeci fi ed DLL String Handling Arbitrary Code Execution CVE-2014-9202 17 Nov 2015 6.9 (v2) Medium Pass HPE Intelligent Management Center dbman Command 10001 Information Disclosure CVE-2019-5392 10 Oct 2018 5.3 (v3) Medium Pass Kibana ESA-2019-01, ESA-2019-02, ESA-2019-03 CVE-2019-7608 CVE-2019-7609 CVE-2019-7610 04 Mar 2019 10 (v3) Critical Pass HP Universal Con fi guration Management Database Server Detection 18 Mar 2015 None Pass Siemens SIMATIC Logon Detection 10 Mar 2017 None Pass RuggedCom RuggedOS Known Hardcoded SSL RSA Private Key CVE-2012-4698 16 Oct 2012 4.3 (v2) Medium Pass Websense TRITON Detection 21 May 2015 None Pass Advantech / BroadWin WebAccess webvrpcs.exe Service Remote Code Execution (uncredentialed check) (deprecated) CVE-2011-4041 02 Dec 2011 10 (v2) Critical Pass IBM iSeries Server Detection 06 Feb 2012 None Pass Magento Detection 11 May 2015 None Pass EtherNet/IP CIP List of Active Object Classes 14 May 2015 None Pass EtherNet/IP CIP Device Identi fi cation 14 May 2015 None Pass Inductive Automation Ignition Detection 02 Jun 2015 None Pass MS12-020: Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) (uncredentialed check) CVE-2012-0002 CVE-2012-0152 22 Mar 2012 9.3 (v2) High Pass MS08-067: Vulnerability in Server Service Could Allow Remote Code Execution (958644) (ECLIPSEDWING) (uncredentialed check / IPS) CVE-2008-4250 21 Nov 2008 9.8 (v3) Critical Pass LDAP Server NULL Bind Connection Information Disclosure 13 Aug 2001 5.3 (v3) Medium Pass 3S CoDeSys Runtime Toolkit NULL Pointer Dereference (uncredentialed check) CVE-2014-0757 18 Feb 2014 5 (v2) Medium Pass Ubiquiti airCam Detection 19 Feb 2014 None Pass McAfee Web Gateway User Interface Detection 21 Feb 2014 None Pass A10 Networks Advanced Core OS Device Detection 03 Apr 2014 None Pass RuggedCom RuggedOS SNMP Protocol Unspeci fi ed DoS CVE-2014-1966 15 Apr 2014 7.8 (v2) High Pass Exim deliver_message() Function Remote Command Execution Vulnerability (Remote) CVE-2019-10149 29 Jul 2019 9.8 (v3) Critical Pass Microsoft RDP RCE (CVE-2019-0708) (BlueKeep) (uncredentialed check) CVE-2019-0708 22 May 2019 9.8 (v3) Critical Pass GPON ONT Home Gateway Router Detection 19 Dec 2018 None Pass Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027) (Direct Check) CVE-2019-19781 09 Jan 2020 9.8 (v3) Critical Pass Microsoft Remote Desktop Gateway Multiple RCE Vulnerabilities (uncredentialed check) CVE-2020-0609 CVE-2020-0610 CVE-2020-0612 29 Jan 2020 9.8 (v3) Critical Pass Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02) CVE-2016-4055 CVE-2017-18214 CVE-2019-1559 28 Mar 2019 5.9 (v3) Medium Pass F5 Networks BIG-IP : TMUI RCE (CVE-2020-5902) (Direct Check) CVE-2020-5902 06 Jul 2020 9.8 (v3) Critical Pass Tenable Nessus < 7.1.0 Multiple Vulnerabilities (TNS-2018-05) CVE-2018-1147 CVE-2018-1148 24 May 2018 6.5 (v3) Medium Pass EMC AutoStart ftAgent Version Detection 02 Aug 2012 None Pass JoomGallery for Joomla! < 3.3.4 SQL Injection 02 Jan 2018 6.6 (v3) Medium Pass CoDeSys Gateway Service Detection 11 Mar 2013 None Pass CA ARCserve Backup Remote Code Execution (CA20121018) (uncredentialed check) CVE-2012-2971 04 Dec 2012 10 (v3) Critical Pass VMware Workspace One Access / VMware Identity Manager Command Injection Vulnerability (VMSA-2020-0027) CVE-2020-4006 08 Dec 2020 9.1 (v3) Critical Pass Novell Privileged User Manager Daemon Detection 02 Sep 2009 None Pass EMC Replication Manager irccd.exe RunProgram Message Handling Arbitrary Command Execution 02 Sep 2009 10 (v2) Critical Pass EMC Replication Manager Client Detection 02 Sep 2009 None Pass EMC Replication Manager Server Detection 02 Sep 2009 None Pass Cisco ASA 5500 Series Adaptive Security Appliance NTLMv1 Authentication Bypass (cisco-sa-20100217-asa) CVE-2010-0568 01 Mar 2010 7.8 (v2) High Pass Wyse Device Manager HAgent Service Detection 02 Sep 2009 None Pass Web Application Firewall Detection 10 Dec 2009 None Pass Mac OS X AFP Shared Folders Unauthenticated Access (Security Update 2010-006) (uncredentialed check) CVE-2010-1820 21 Sep 2010 7.5 (v2) High Pass Cisco Secure Access Control Server Detection 19 Aug 2008 None Pass Atlassian JIRA Detection 20 Apr 2010 None Pass PHP 5.6.x < 5.6.33 Multiple Vulnerabilities CVE-2018-5711 CVE-2018-5712 12 Jan 2018 6.1 (v3) Medium Pass PHP 7.0.x < 7.0.27 Multiple Vulnerabilities CVE-2018-5711 CVE-2018-5712 CVE-2018-14884 12 Jan 2018 6.1 (v3) Medium Pass PHP 7.1.x < 7.1.13 Multiple Vulnerabilities CVE-2018-5711 CVE-2018-5712 CVE-2018-14884 12 Jan 2018 6.1 (v3) Medium Pass Atlassian JIRA Plugins Detection 23 Sep 2019 None Pass PHP 7.2.x < 7.2.1 Multiple Vulnerabilities CVE-2018-5711 CVE-2018-5712 CVE-2018-14884 12 Jan 2018 6.1 (v3) Medium Pass Oracle Primavera Uni fi er Platform Component Unspeci fi ed Remote Issue (January 2018 CPU) CVE-2018-2620 19 Jan 2018 8.1 (v3) High Pass VMware vCenter Server 6.5 / 6.7 / 7.0 Information Disclosure (VMSA-2022-0009) CVE-2022-22948 29 Mar 2022 6.5 (v3) Medium Pass SSH Multiple Device Default Credentials 30 Jan 2018 9.8 (v3) Critical Pass Default Password 'St0r@ge!' for 'administrator' Account 08 Mar 2018 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.34 Stack Bu ff er Over fl ow CVE-2018-7584 08 Mar 2018 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.28 Stack Bu ff er Over fl ow CVE-2018-7584 08 Mar 2018 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.15 Stack Bu ff er Over fl ow CVE-2018-7584 08 Mar 2018 9.8 (v3) Critical Pass ManageEngine EventLog Analyzer XSS Vulnerability CVE-2018-8721 24 Mar 2018 6.1 (v3) Medium Pass MikroTik RouterOS < 6.40.7 or 6.41.x < 6.41.3 SMB Bu ff er Over fl ow CVE-2018-7445 22 Mar 2018 9.8 (v3) Critical Pass SSH Multiple Device Default Credentials (PCI) 03 Apr 2018 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.3 Stack Bu ff er Over fl ow CVE-2018-7584 08 Mar 2018 9.8 (v3) Critical Pass nginx < 0.7.66 / 0.8.x < 0.8.40 Information Disclosure CVE-2010-2263 09 Mar 2018 5.3 (v3) Medium Pass nginx < 0.7.67 / 0.8.x < 0.8.41 DoS CVE-2010-2266 09 Mar 2018 5.3 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2849 19 Apr 2018 7.7 (v3) High Pass Dell iDRAC Products Multiple Vulnerabilities (Mar 2018) CVE-2018-1207 CVE-2018-1211 CVE-2018-1000116 20 Apr 2018 9.8 (v3) Critical Pass Schneider Electric InduSoft Web Studio / InTouch Machine Edition Opcode 50 mbstowcs() Stack Over fl ow CVE-2018-8840 23 Apr 2018 9.8 (v3) Critical Pass CKEditor 4.5.11 < 4.9.2 Enhanced Image Plugin XSS CVE-2018-9861 27 Apr 2018 6.1 (v3) Medium Pass Oracle WebLogic Server Deserialization RCE (CVE-2018-2628) CVE-2018-2628 30 Apr 2018 9.8 (v3) Critical Pass Jenkins < 2.107.2 / 2.116 Multiple Vulnerabilities CVE-2018-1000169 CVE-2018-1000170 03 May 2018 5.3 (v3) Medium Pass PHP 5.6.x < 5.6.36 Multiple Vulnerabilities CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 04 May 2018 8.8 (v3) High Pass PHP 7.0.x < 7.0.30 Multiple Vulnerabilities CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 04 May 2018 8.8 (v3) High Pass PHP 7.1.x < 7.1.17 Multiple Vulnerabilities CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 04 May 2018 8.8 (v3) High Pass HP Service Manager 9.30.x / 9.31.x / 9.32.x / 9.33.x / 9.34.x / 9.35.x < 9.35.6007 / 9.40.x / 9.41.x < 9.41.6000 / 9.50.x / 9.51.x Remote SQL Injection CVE-2018-6494 18 May 2018 5.4 (v3) Medium Pass PHP 7.1.x < 7.1.5 Multiple Vulnerabilities CVE-2017-8923 CVE-2017-9119 25 May 2017 9.8 (v3) Critical Pass HP O ffi ceJet Pro and PageWide Pro PJL Interface Directory Traversal RCE CVE-2017-2741 26 May 2017 9.8 (v3) Critical Pass Mount iSCSI Targets with 'None' Authentication 31 May 2017 5.3 (v3) Medium Pass Oracle Primavera Uni fi er (Jan 2022 CPU) CVE-2020-8908 CVE-2021-2351 CVE-2021-29425 CVE-2021-37714 CVE-2021-38153 CVE-2021-42575 CVE-2021-44832 19 Jan 2022 9.8 (v3) Critical Pass Oracle GoldenGate Manager < 12.2.0.1.1 OBEY Command ggserr.log File Handling RCE 05 Jun 2017 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.39 Multiple vulnerabilities CVE-2018-19518 CVE-2018-19935 CVE-2018-20783 19 Dec 2018 7.5 (v3) High Pass Advantech WebAccess Authentication Bypass CVE-2017-5152 30 Jan 2017 9.1 (v3) Critical Pass NUUO NVR Web Interface Detection 18 Oct 2017 None Pass AVTech Web Interface Detection 23 Oct 2017 None Pass Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543) CVE-2017-8543 22 Aug 2017 9.8 (v3) Critical Pass Advantech WebAccess webvprcs IOCTL 70603 Stack Over fl ow CVE-2019-3975 24 Sep 2019 9.8 (v3) Critical Pass FreeBSD TCP/IP Stack - HTTP Detection 17 May 2021 None Pass Pivotal RabbitMQ Management Plugin Detection 19 May 2017 None Pass Belkin Web Interface Detection 10 Jul 2017 None Pass GPON ONT Home Gateway Authenticated Remote Command Execution (CVE-2019-3919) CVE-2019-3919 25 Mar 2019 8.8 (v3) High Pass SonicWall Secure Remote Access (SRA) Pre-Authentication SQLi (CVE-2019-7481) CVE-2019-7481 11 Jun 2021 7.5 (v3) High Pass Johnson Controls exacqVision Web Service Detection 30 Jun 2021 None Pass Johnson Controls exacqVision Web Service Information Disclosure (JCI-PSA-2021-03) CVE-2021-27656 30 Jun 2021 7.5 (v3) High Pass Serendipity < 2.1.1 Multiple Vulnerabilities CVE-2016-9681 CVE-2016-10082 CVE-2017-5474 CVE-2017-5475 CVE-2017-5476 14 Jun 2017 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.20 Multiple Vulnerabilities 15 Jun 2017 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.6 Multiple Vulnerabilities 15 Jun 2017 9.8 (v3) Critical Pass Veritas NetBackup Appliance 2.7.x / 3.0.x Remote Command Execution (VTS17-005) (exploit) CVE-2017-8859 22 May 2017 9.8 (v3) Critical Pass DNN (DotNetNuke) 3.0.0 < 9.1.0 SWF File Handling XSS 12 Jul 2017 4.7 (v3) Medium Pass Apache 2.4.x < 2.4.27 Multiple Vulnerabilities CVE-2017-9788 CVE-2017-9789 18 Jul 2017 9.1 (v3) Critical 44

Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (July 2017 CPU) CVE-2016-5019 CVE-2017-10038 CVE-2017-10046 CVE-2017-10131 CVE-2017-10160 21 Jul 2017 9.8 (v3) Critical Pass Apache Shiro Default Cipher Key (CVE-2016-4437) CVE-2016-4437 30 Mar 2022 8.1 (v3) High Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (July 2017 CPU) CVE-2017-10149 CVE-2017-10150 21 Jul 2017 4.8 (v3) Medium Pass Zabbix 3.2.x < 3.2.7 Multiple Vulnerabilities 15 Aug 2017 9.8 (v3) Critical Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0506 Multiple Vulnerabilities CVE-2017-12487 CVE-2017-12488 CVE-2017-12489 CVE-2017-12490 CVE-2017-12491 CVE-2017-12492 CVE-2017-12493 CVE-2017-12494 CVE-2017-12495 CVE-2017-12496 CVE-2017-12497 CVE-2017-12498 CVE-2017-12499 CVE-2017-12500 CVE-2017-1 15 Aug 2017 8.8 (v3) High Pass Default Password '5SaP9I26' for 'remotessh' Account CVE-2017-14115 01 Sep 2017 8.1 (v3) High Pass Apache Struts 2.3.x Struts 1 plugin RCE (remote) CVE-2017-9791 01 Sep 2017 9.8 (v3) Critical Pass HP System Management Homepage < 7.6.1 Multiple Vulnerabilities (HPSBMU03753) CVE-2016-8743 CVE-2017-12544 CVE-2017-12545 CVE-2017-12546 CVE-2017-12547 CVE-2017-12548 CVE-2017-12549 CVE-2017-12550 CVE-2017-12551 CVE-2017-12552 CVE-2017-12553 28 Sep 2017 5.6 (v3) Medium Pass Cisco IOS XE Software Interface Queue Wedge DoS (cisco-sa-quewedge-69BsHUBW) CVE-2021-1621 18 Oct 2021 7.4 (v3) High Pass Wind River VxWorks <= 6.8 RCE CVE-2021-29999 27 Oct 2021 9.8 (v3) Critical Pass Citrix Gateway HTTP Detection 30 Mar 2022 None Pass H3C / HPE Intelligent Management Center PLAT <= 7.3 E0501P01 Multiple Vulnerabilities CVE-2017-12555 11 Oct 2017 6.5 (v3) Medium Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0506P03 Multiple RCE CVE-2017-8958 CVE-2017-8961 CVE-2017-8962 CVE-2017-8963 CVE-2017-8964 CVE-2017-8965 CVE-2017-8966 CVE-2017-8967 11 Oct 2017 8.8 (v3) High Pass MikroTik RouterOS < 6.39.3 / 6.40.4 / 6.41rc (KRACK) CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13083 CVE-2017-13084 CVE-2017-13085 CVE-2017-13086 CVE-2017-13087 16 Oct 2017 8.1 (v3) High Pass IBM OpenAdmin Tool welcomeService.php Remote Code Execution CVE-2017-1092 23 Oct 2017 9.8 (v3) Critical Pass PHP 7.4.x < 7.4.24 Arbitrary File Write CVE-2021-21706 28 Oct 2021 6.5 (v3) Medium Pass Nacos < 1.4.1 Authentication Bypass (CVE-2021-29441) CVE-2021-29441 26 Oct 2021 9.8 (v3) Critical Pass Apache HTTP Server 2.4.49 & 2.4.50 Path Traversal (CVE-2021-42013) CVE-2021-42013 18 Nov 2021 9.8 (v3) Critical Pass Liferay Portal 6.2.x < 6.2.5 / 7.0.x < 7.0.6 / 7.1.x < 7.1.3 / 7.2.x < 7.2.1 RCE CVE-2020-7961 23 Nov 2021 9.8 (v3) Critical Pass CODESYS V3 Web Server Heap-based Bu ff er Over fl ow (CVE-2021-33485) CVE-2021-33485 08 Dec 2021 9.8 (v3) Critical Pass Jenkins < 2.73.3 / 2.89 Multiple Vulnerabilities CVE-2017-1000391 CVE-2017-1000392 16 Nov 2017 7.3 (v3) High Pass Vanilla Forums Detection 17 Nov 2017 None Pass Zabbix 3.0.x < 3.0.13 / 3.2.x < 3.2.10 / 3.4.x < 3.4.4 Multiple Vulnerabilities 17 Nov 2017 7.3 (v3) High Pass Default Password (CenturyL1nk) for 'admin' Account 01 Dec 2017 9.8 (v3) Critical Pass Microsoft Windows 10 Version 1909 Unsupported Version Detection 11 May 2021 10 (v3) Critical Pass PHP 5.6.x < 5.6.29 Multiple Vulnerabilities CVE-2016-9935 15 Dec 2016 9.8 (v3) Critical Pass Apple TV < 14.6 Multiple Vulnerabilities CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30677 CVE-2021-30682 CVE-2021-30685 CVE-2021-30686 CVE-2021-30687 CVE-2021-30689 CVE-2021-30697 CVE-2021-30700 CVE-2021-30701 CVE-2021-30704 CVE-2021-30705 CVE-2021-3 27 May 2021 8.8 (v3) High Pass Cisco ADE-OS Local File Inclusion (cisco-sa-ade-xcvAQEOZ) CVE-2021-1306 27 May 2021 3.4 (v3) Low Pass ForgeRock Access Management < 7.0 RCE CVE-2021-35464 02 Jul 2021 9.8 (v3) Critical Pass Cisco ASA Software and FTD Software Web Services Interface XSS (cisco-sa-asaftd-xss-multiple-FCB3vPZe) (Direct Check) CVE-2020-3580 07 Jul 2021 6.1 (v3) Medium Pass PHP 7.0.x < 7.0.14 Multiple Vulnerabilities CVE-2016-9935 CVE-2016-9936 15 Dec 2016 9.8 (v3) Critical Pass NetIQ Sentinel Java Object Deserialization RCE 13 Jan 2017 9.8 (v3) Critical Pass Bu ff alo Routers Multiple Vulnerabilities (TRA-2021-13) CVE-2021-20090 CVE-2021-20091 CVE-2021-20092 04 Aug 2021 9.8 (v3) Critical Pass Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta Multipart Parser RCE (S2-045) (S2-046) CVE-2017-5638 07 Mar 2017 10 (v3) Critical Pass Cisco IOS XR Software Cisco Discovery Protocol Remote Code Execution Vulnerability (cisco-sa-20200205-iosxr-cdp-rce) CVE-2020-3118 10 Feb 2020 8.8 (v3) High Pass Microsoft Windows 10 Version 1803 Unsupported Version Detection 24 Jun 2020 10 (v3) Critical Pass ManageEngine ServiceDesk Plus < 10.0 Build 10012 Arbitrary File Upload CVE-2019-8394 09 Dec 2020 6.5 (v3) Medium Pass ManageEngine ADSelfService Plus < build 6114 REST API Authentication Bypass CVE-2021-40539 08 Sep 2021 9.8 (v3) Critical Pass Cisco IOS XE Software SD WAN Arbitrary File Overwrite (cisco-sa-sd-wan-GjR5pGOm) CVE-2021-1612 22 Sep 2021 7.1 (v3) High Pass Juniper Junos OS Vulnerability (JSA11225) CVE-2021-31363 13 Oct 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11231) CVE-2021-31369 13 Oct 2021 5.3 (v3) Medium Pass Serv-U FTP Server < 15.3 Improper Input Validation CVE-2021-35247 20 Jan 2022 5.3 (v3) Medium Pass Cisco IOS XE Software Multiple Products CLI Command Injection (cisco-sa-cli-cmdinj-4MttWZPB) CVE-2022-20655 20 Jan 2022 8.8 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11222) CVE-2021-31359 CVE-2021-31360 13 Oct 2021 7.8 (v3) High Pass Oracle Primavera P6 Enterprise Project Portfolio Management (Jan 2022 CPU) CVE-2021-2351 CVE-2021-44832 20 Jan 2022 7.5 (v3) High Pass Oracle Primavera Gateway (Jan 2022 CPU) CVE-2021-44832 20 Jan 2022 6.6 (v3) Medium Pass PHP 7.4.x < 7.4.25 CVE-2021-21703 22 Oct 2021 7 (v3) High Pass PHP 7.3.x < 7.3.32 CVE-2021-21703 28 Oct 2021 7 (v3) High Pass Advantech WebAccess < 7.2-2013.11.14 Multiple Vulnerabilities CVE-2014-0763 CVE-2014-0764 CVE-2014-0765 CVE-2014-0766 CVE-2014-0767 CVE-2014-0768 CVE-2014-0770 CVE-2014-0771 CVE-2014-0772 CVE-2014-0773 17 Aug 2015 7.5 (v2) High Pass Tenable Nessus <= 8.15.2 Local Privilege Escalation (TNS-2021-18) CVE-2021-20135 01 Nov 2021 6.7 (v3) Medium Pass Cisco Uni fi ed Communications Manager Path Traversal (cisco-sa-cucm-path-trav-dKCvktvO) CVE-2021-34701 05 Nov 2021 4.3 (v3) Medium Pass Cisco Small Business RV Series Routers Command Injection (cisco-sa-sbrv-cmdinjection-Z5cWFdK) CVE-2021-40120 05 Nov 2021 7.2 (v3) High Pass ManageEngine ADSelfServicePlus Authentication Bypass (CVE-2021-40539) CVE-2021-40539 08 Nov 2021 9.8 (v3) Critical Pass Nagios XI < 5.6.6 RCE CVE-2019-15949 05 Nov 2021 8.8 (v3) High Pass Sonatype Nexus Repository Manager 3.x < 3.21.2 RCE CVE-2020-10199 08 Nov 2021 8.8 (v3) High Pass Checkbox Survey Web Detection 16 May 2022 None Pass Bu ff alo Router Path Traversal (CVE-2021-20090) CVE-2021-20090 09 Nov 2021 9.8 (v3) Critical Pass Cisco Prime Infrastructure Stored XSS (cisco-sa-pi-epnm-xss-U2JK537j) CVE-2021-34784 10 Nov 2021 5.4 (v3) Medium Pass Advantech WebAccess < 8.1-2015.12.30 Multiple Vulnerabilities CVE-2015-3943 CVE-2015-3946 CVE-2015-3947 CVE-2015-3948 CVE-2015-6467 CVE-2016-0851 CVE-2016-0852 CVE-2016-0853 CVE-2016-0854 CVE-2016-0855 CVE-2016-0856 CVE-2016-0857 CVE-2016-0858 CVE-2016-0859 CVE-2016-0860 03 Mar 2016 7.5 (v3) High Pass WMI IIS ISAPI Extension Enumeration 20 Dec 2013 None Pass Zimbra Collaboration Server Web Detection 19 Feb 2014 None Pass Canon PIXMA Printer HTTP Detection 07 Apr 2014 None Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX330728) CVE-2021-22955 CVE-2021-22956 18 Nov 2021 7.5 (v3) High Pass Jenkins Enterprise and Operations Center < 2.249.31.0.1 / 2.277.3.1 DoS (CloudBees Security Advisory 2021-04-20) CVE-2021-28165 18 Nov 2021 7.5 (v3) High Pass Jenkins Enterprise and Operations Center < 2.222.43.0.4 / 2.249.30.0.4 / 2.277.2.3 Multiple Vulnerabilities (CloudBees Security Advisory 2021-04-07) CVE-2021-21639 CVE-2021-21640 CVE-2021-21641 CVE-2021-22510 CVE-2021-22511 CVE-2021-22512 CVE-2021-22513 18 Nov 2021 6.5 (v3) Medium Pass Advantech WebAccess Stored Cross-Site Scripting CVE-2013-2299 14 Apr 2014 3.5 (v2) Low Pass Jenkins Enterprise and Operations Center < 2.249.31.0.1-2 / 2.277.3.1-2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-04-21) CVE-2021-21642 CVE-2021-21643 CVE-2021-21644 CVE-2021-21645 CVE-2021-21646 CVE-2021-21647 19 Nov 2021 8.8 (v3) High Pass Jenkins Enterprise and Operations Center < 2.277.43.0.2 / 2.303.3.3 Multiple Vulnerabilities (CloudBees Security Advisory 2021-11-04) CVE-2021-21685 CVE-2021-21686 CVE-2021-21687 CVE-2021-21688 CVE-2021-21689 CVE-2021-21690 CVE-2021-21691 CVE-2021-21692 CVE-2021-21693 CVE-2021-21694 CVE-2021-21695 CVE-2021-21696 CVE-2021-21697 CVE-2021-21698 19 Nov 2021 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center < 2.222.43.0.2 rev3 / 2.249.30.0.2 rev3 / 2.263.4.1 rev2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-02-24) CVE-2021-21616 CVE-2021-21617 CVE-2021-21618 CVE-2021-21619 CVE-2021-21620 CVE-2021-21621 CVE-2021-21622 19 Nov 2021 8.8 (v3) High Pass Advantech WebAccess Web Administration Interface Detection 14 Apr 2014 None Pass Jenkins Enterprise and Operations Center < 2.222.43.0.3 rev2 / 2.249.30.0.3 rev2 / 2.277.1.2 rev2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-03-18) CVE-2021-21623 CVE-2021-21624 CVE-2021-21625 CVE-2021-21626 CVE-2021-21627 19 Nov 2021 8.8 (v3) High Pass PHP 5.6.x < 5.6.30 Multiple DoS CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10167 CVE-2016-10168 CVE-2017-11147 26 Jan 2017 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.15 Multiple Vulnerabilities CVE-2015-2787 CVE-2016-7479 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10162 CVE-2016-10167 CVE-2016-10168 CVE-2017-5340 CVE-2017-11147 26 Jan 2017 9.8 (v3) Critical Pass Cisco Secure ACS Unauthorized Password Change CVE-2011-0951 11 Apr 2013 5 (v2) Medium Pass Cisco Small Business RV Series Routers RCE (cisco-sa-sbrv-rce-OYLQbL9u) CVE-2022-20753 12 May 2022 7.2 (v3) High Pass IPMI Cipher Suite Zero Authentication Bypass CVE-2013-4782 CVE-2013-4783 CVE-2013-4784 CVE-2014-2955 16 Jul 2013 10 (v3) Critical Pass JBoss Enterprise Application Platform '/jmx-console' Authentication Bypass CVE-2010-0738 08 Apr 2011 5 (v2) Medium Pass Samsung Data Management Server Default Password (rkwjsdusrnth) for 'root' Account 11 May 2011 10 (v2) Critical Pass MS11-048: Vulnerability in SMB Server Could Allow Denial of Service (2536275) (remote check) CVE-2011-1267 21 Jun 2011 7.5 (v3) High Pass Modicon Quantum TFTP Arbitrary File Upload 19 Jan 2012 9 (v2) High Pass PHP 7.1.x < 7.1.1 Multiple Vulnerabilities CVE-2016-7479 CVE-2016-10158 CVE-2016-10161 CVE-2016-10162 CVE-2016-10167 CVE-2016-10168 CVE-2017-5340 CVE-2017-11147 26 Jan 2017 9.8 (v3) Critical Pass Tenable Nessus 6.x < 6.9.3 Multiple Stored XSS CVE-2017-5179 27 Jan 2017 5.4 (v3) Medium Pass PHP 7.0.x < 7.0.16 Multiple Vulnerabilities 23 Feb 2017 9.8 (v3) Critical Pass JBoss Enterprise Application Platform '/web-console' Authentication Bypass CVE-2010-1428 29 Apr 2010 5 (v2) Medium Pass Cisco Secure Access Control Server UCP service Detection 19 Aug 2008 None Pass PHP 7.1.x < 7.1.2 Multiple Vulnerabilities 23 Feb 2017 9.8 (v3) Critical Pass Modicon Modbus/TCP UnityPro Programming Function Code Access 28 Feb 2017 6.5 (v3) Medium Pass IBM Spectrum Protect Server 7.1.1.0 - 7.1.7.0 SELECT Command RCE CVE-2016-8998 03 Mar 2017 7.2 (v3) High Pass Jenkins < 2.44 / 2.32.x < 2.32.2, Jenkins Operations Center < 1.625.22.1 / 2.7.22.0.1 / 2.32.2.1, and Jenkins Enterprise < 1.651.22.1 / 2.7.22.0.1 / 2.32.2.1 Multiple Vulnerabilities CVE-2011-4969 CVE-2015-0886 CVE-2016-9887 CVE-2017-2598 CVE-2017-2599 CVE-2017-2600 CVE-2017-2601 CVE-2017-2602 CVE-2017-2603 CVE-2017-2604 CVE-2017-2606 CVE-2017-2607 CVE-2017-2608 CVE-2017-2609 CVE-2017-2610 CVE-2017-2 08 Mar 2017 8.8 (v3) High Pass HPE Intelligent Management Center 7.2 E0403P06 Multiple Vulnerabilities CVE-2017-5791 CVE-2017-5793 CVE-2017-5794 CVE-2017-5795 28 Mar 2017 9.8 (v3) Critical Pass Default Password 'adminIWSS85' for 'root' Account CVE-1999-0502 07 Apr 2017 9.8 (v3) Critical Pass Apache ActiveMQ 5.x < 5.14.5 ControlCommand DoS CVE-2015-7559 25 Apr 2017 4.9 (v3) Medium Pass H3C / HPE Intelligent Management Center RMI Java Object Deserialization RCE CVE-2017-5792 28 Apr 2017 9.8 (v3) Critical Pass Spring Cloud Function SPEL Expression Injection (direct check) CVE-2022-22963 31 Mar 2022 9.8 (v3) Critical Pass Tenable Nessus 10.x < 10.1.2 / 8.x < 8.15.4 Third-Party Vulnerability (TNS-2022-06) CVE-2022-0778 31 Mar 2022 7.5 (v3) High Pass Cisco Security Manager Java Object Deserialization RCE (CSCux34671) CVE-2015-6420 02 May 2017 9.8 (v3) Critical Pass DNN (DotNetNuke) 6.2.x < 9.0.2 User Pro fi le Information Disclosure 01 May 2017 5.3 (v3) Medium Pass MikroTik RouterOS HTTP Server Arbitrary Write RCE (ChimayRed) 01 May 2017 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.33 Multiple Vulnerabilities CVE-2016-3141 CVE-2016-3142 17 Mar 2016 9.8 (v3) Critical Pass Cisco Small Business RV Series Routers Command Injection Vulnerability (cisco-sa-smb-rv-cmd-inj-8Pv9JMJD) CVE-2022-20799 CVE-2022-20801 12 May 2022 7.2 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.21 vulnerability CVE-2022-25762 13 May 2022 8.6 (v3) High Pass PHP 8.0.x < 8.0.12 CVE-2021-21703 21 Oct 2021 7 (v3) High Pass Oracle Primavera Gateway (Oct 2021 CPU) CVE-2021-2351 CVE-2021-23337 CVE-2021-29425 CVE-2021-36090 CVE-2021-36374 21 Oct 2021 7.5 (v3) High Pass Trend Micro O ffi ceScan Client Version 22 Jun 2006 None Pass Advantech WebAccess webvrpcs.exe 0x138bd IOCTL RCE CVE-2018-7499 03 May 2019 9.8 (v3) Critical Pass Microsoft Windows SMB NULL Session Authentication CVE-1999-0519 CVE-1999-0520 CVE-2002-1117 04 Oct 2007 7.3 (v3) High Pass Apache Pluto Web Interface Detection 18 Jul 2019 None Pass Apache Ni fi Web Interface Detection 14 Aug 2019 None Pass macOS 10.14.3 Supplemental Update CVE-2019-6223 CVE-2019-7286 CVE-2019-7288 01 Mar 2019 9.8 (v3) Critical Pass Atlassian JIRA < 8.5.15 / 8.6.x < 8.13.7 / 8.14.x < 8.17.0 Unauth User Enum (JRASERVER-71559) CVE-2020-36289 13 Oct 2021 5.3 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11220) CVE-2021-31355 13 Oct 2021 5.4 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11245) CVE-2020-25659 13 Oct 2021 5.9 (v3) Medium 45

Pass Juniper Junos OS Vulnerability (JSA11228) CVE-2021-31366 13 Oct 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11236) CVE-2021-31371 13 Oct 2021 5.3 (v3) Medium Pass Apache Tomcat 8.5.60 < 8.5.72 vulnerability CVE-2021-42340 14 Oct 2021 7.5 (v3) High Pass Apache Tomcat 10.0.0.M10 < 10.0.12 vulnerability CVE-2021-42340 14 Oct 2021 7.5 (v3) High Pass Apache Tomcat 9.0.40 < 9.0.54 vulnerability CVE-2021-42340 14 Oct 2021 7.5 (v3) High Pass PHP 5.6.x < 5.6.19 Multiple Vulnerabilities CVE-2016-3141 CVE-2016-3142 17 Mar 2016 9.8 (v3) Critical Pass Jenkins LTS < 2.319.2 / Jenkins weekly < 2.330 Multiple Vulnerabilities CVE-2022-20612 CVE-2022-20613 CVE-2022-20614 CVE-2022-20615 CVE-2022-20616 CVE-2022-20617 CVE-2022-20618 CVE-2022-20619 CVE-2022-20620 CVE-2022-20621 CVE-2022-23105 CVE-2022-23106 CVE-2022-23107 CVE-2022-23108 CVE-2022-2 21 Jan 2022 8.8 (v3) High Pass MobileIron Core Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 21 Jan 2022 10 (v3) Critical Pass PHP 7.0.x < 7.0.4 Multiple Vulnerabilities CVE-2016-3185 CVE-2016-4344 CVE-2016-4345 CVE-2016-4346 17 Mar 2016 9.8 (v3) Critical Pass Apache ActiveMQ Web Console Missing X-Frame-Options Clickjacking CVE-2016-0734 18 Mar 2016 6.1 (v3) Medium Pass WordPress User Enumeration 21 Mar 2016 5 (v2) Medium Pass DNN (DotNetNuke) < 8.0.1 Multiple Vulnerabilities 25 Mar 2016 6.8 (v2) Medium Pass Apache Jetspeed Portal URI Path Re fl ected XSS CVE-2016-0712 28 Mar 2016 6.1 (v3) Medium Pass HP System Management Homepage < 7.2.6 Multiple Vulnerabilities (FREAK) CVE-2014-0015 CVE-2014-0138 CVE-2014-0139 CVE-2014-2522 CVE-2014-2641 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0207 CVE-2015-0208 CVE-2015-0 29 Mar 2016 7.5 (v2) High Pass PHP 5.5.x < 5.5.34 Multiple Vulnerabilities CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 06 Apr 2016 9.8 (v3) Critical Pass Cisco SPA ATA Web Interface Detection 17 Oct 2019 None Pass Adobe ColdFusion File Upload (APSB18-33) (CVE-2018-15961) CVE-2018-15961 25 Oct 2019 9.8 (v3) Critical Pass 3S CODESYS V3 CmpWebServer Multiple Vulnerabilities CVE-2019-13532 CVE-2019-13548 30 Sep 2019 9.8 (v3) Critical Pass Arista Networks Device Detection 28 Feb 2018 None Pass CODESYS Gateway V3 DoS CVE-2019-9012 31 Oct 2019 7.5 (v3) High Pass macOS 10.14.x < 10.14.1 Multiple Vulnerabilities CVE-2018-3640 CVE-2018-4340 CVE-2018-4342 CVE-2018-4368 CVE-2018-4369 CVE-2018-4371 CVE-2018-4389 CVE-2018-4398 CVE-2018-4400 CVE-2018-4402 CVE-2018-4403 CVE-2018-4410 CVE-2018-4413 CVE-2018-4415 CVE-2018-4419 CVE-2018-4 31 Oct 2018 7.8 (v3) High Pass SolarWinds Dameware Mini Remote Control Unauthenticated RCE CVE-2019-3980 01 Nov 2019 9.8 (v3) Critical Pass Siemens SINEMA Remote Connect Server Detection 02 Dec 2019 None Pass Microsoft Windows 10 Version 1607 Unsupported Version Detection 02 Nov 2018 10 (v3) Critical Pass macOS 10.14.x < 10.14.2 Multiple Vulnerabilities CVE-2018-4303 CVE-2018-4431 CVE-2018-4434 CVE-2018-4435 CVE-2018-4447 CVE-2018-4449 CVE-2018-4450 CVE-2018-4460 CVE-2018-4461 CVE-2018-4462 CVE-2018-4463 CVE-2018-4465 21 Dec 2018 7.8 (v3) High Pass Apache Tomcat AJP Connector Request Injection (Ghostcat) CVE-2020-1745 CVE-2020-1938 24 Mar 2020 9.8 (v3) Critical Pass Atlassian JIRA global-translations.jsp XSS (JRASERVER-61888) CVE-2016-6285 16 Jan 2020 6.1 (v3) Medium Pass SaltStack < 2019.2.4 / 3000.x < 3000.2 Authentication Bypass (CVE-2020-11651) CVE-2020-11651 08 May 2020 9.8 (v3) Critical Pass ShareFile Documents Unauthenticated Access (CVE-2020-7473) CVE-2020-7473 CVE-2020-8982 CVE-2020-8983 02 Jun 2020 7.5 (v3) High Pass Trend Micro Worry-Free Business Security Detection 18 Aug 2020 None Pass WordPress Plugin 'Duplicator' Directory Traversal (CVE-2020-11738) CVE-2020-11738 02 Sep 2020 7.5 (v3) High Pass WordPress Plugin 'File Manager' elFinder Remote Code Execution 10 Sep 2020 10 (v3) Critical Pass PHP 5.6.x < 5.6.20 Multiple Vulnerabilities CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 06 Apr 2016 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.5 Multiple Vulnerabilities CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 06 Apr 2016 9.8 (v3) Critical Pass Apache Tomcat 8.x < 8.5.78 Spring4Shell (CVE-2022-22965) Mitigations 01 Apr 2022 None Pass Apache Tomcat 10.x < 10.0.20 Spring4Shell (CVE-2022-22965) Mitigations 01 Apr 2022 None Pass Apache Tomcat 9.x < 9.0.62 Spring4Shell (CVE-2022-22965) Mitigations 01 Apr 2022 None Pass Open Source Point Of Sale Default Credentials 07 Apr 2016 7.3 (v3) High Pass ManageEngine Firewall Analyzer Default Credentials 13 Apr 2016 7.5 (v2) High Pass Piwik < 2.16.0 Unspeci fi ed XSS 15 Apr 2016 4.3 (v2) Medium Pass Piwik < 2.16.1-rc1 Multiple Vulnerabilities 15 Apr 2016 10 (v2) Critical Pass HP System Management Homepage (SMH) AddXECert Remote DoS 21 Apr 2016 2.6 (v2) Low Pass HP Device Manager Unauthenticated 'HPDM Server RMI' SQLi (CVE-2020-6926) (remote) CVE-2020-6926 09 Oct 2020 10 (v3) Critical Pass Cisco Security Manager < 4.23 Path Traversal Vulnerability (direct check) CVE-2020-27130 24 Nov 2020 9.1 (v3) Critical Pass SaltStack Unauthenticated RCE (direct check) CVE-2020-16846 CVE-2020-25592 15 Feb 2021 9.8 (v3) Critical Pass Liferay Portal Remote Code Execution (direct check) CVE-2020-7961 25 Feb 2021 9.8 (v3) Critical Pass Citrix SD-WAN Center Remote Code Execution (direct check) CVE-2020-8271 26 Mar 2021 9.8 (v3) Critical Pass JetBrains TeamCity Web Interface Detection 30 Mar 2021 None Pass Tenable Nessus 6.0.x < 6.6 Multiple Vulnerabilities CVE-2016-82012 CVE-2016-82013 28 Apr 2016 6.5 (v3) Medium Pass Trend Micro InterScan Web Security Virtual Appliance (IWSVA) DecryptPasswd Stack-based Bu ff er Over fl ow CVE-2020-28578 06 Apr 2021 9.8 (v3) Critical Pass IBM Net.Commerce orderdspc.d2w order_rn Option SQL Injection CVE-2001-0319 08 Jun 2002 7.5 (v2) High Pass PHP-Nuke Network Tools Add-On Arbitrary Command Execution CVE-2001-0899 22 Aug 2002 7.5 (v2) High Pass WebLogic Servlets Multiple Vulnerabilities CVE-2003-0151 CVE-2003-1095 27 Mar 2003 7.5 (v2) High Pass SquirrelMail decodeHeader Arbitrary HTML Injection CVE-2004-1036 13 Nov 2004 6.8 (v2) Medium Pass macOS 10.15.x < 10.15.4 / 10.14.x < 10.14.6 Security Update 2020-002 / 10.13.x < 10.13.6 Security Update 2020-002 CVE-2019-8853 CVE-2019-14615 CVE-2019-19232 CVE-2020-3851 CVE-2020-3881 CVE-2020-3883 CVE-2020-3884 CVE-2020-3889 CVE-2020-3892 CVE-2020-3893 CVE-2020-3898 CVE-2020-3903 CVE-2020-3904 CVE-2020-3905 CVE-2020-3906 CVE-2020 27 Mar 2020 9.8 (v3) Critical Pass Splunk Information Disclosure Vulnerability (SP-CAAAP5E) CVE-2018-11409 14 Jan 2019 5.3 (v3) Medium Pass Splunk Information Exposure (SP-CAAAP5E CVE-2018-11409 14 Jan 2019 5.3 (v3) Medium Pass HPE Intelligent Management Center dbman Opcode 10008 Command Injection CVE-2017-5816 19 Jun 2017 9.8 (v3) Critical Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Detection 21 Jul 2017 None Pass ISC BIND Denial of Service CVE-2020-8617 22 May 2020 7.5 (v3) High Pass Patch Management: Red Hat Satellite Server Get Managed Servers 17 Jun 2015 None Pass ManageEngine ServiceDesk Plus 9.2.0 < Build 9228 Multiple Vulnerabilities CVE-2016-4888 CVE-2016-4890 27 Oct 2016 5.3 (v3) Medium Pass ManageEngine ServiceDesk Plus 9.1.0 < Build 9103 Multiple Vulnerabilities 24 Aug 2015 7.3 (v3) High Pass Oracle Oracle E-Business Suite (Apr 2020 CPU) CVE-2020-2750 CVE-2020-2753 CVE-2020-2772 CVE-2020-2789 CVE-2020-2794 CVE-2020-2796 CVE-2020-2807 CVE-2020-2808 CVE-2020-2809 CVE-2020-2810 CVE-2020-2813 CVE-2020-2815 CVE-2020-2817 CVE-2020-2818 CVE-2020-2819 CVE-2020-2 15 Apr 2020 8.6 (v3) High Pass Patch Management: Patch Schedule From Red Hat Satellite Server 17 Jun 2015 None Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2013-0337 CVE-2016-4450 22 May 2020 7.5 (v3) High Pass Patch Management: Red Hat Satellite Server Get System Information 17 Jun 2015 None Pass TURCK BL20/BL67 Hardcoded Admin Account CVE-2012-4697 10 Feb 2014 9.8 (v3) Critical Pass Patch Management: Red Hat Satellite Get Installed Packages 17 Jun 2015 None Pass TYPO3 8.x < 8.7.30 / 9.x < 9.5.12 / 10.x < 10.2.2 Multiple Vulnerabilities CVE-2019-19848 CVE-2019-19849 CVE-2019-19850 15 Jul 2020 8.8 (v3) High Pass EA Need For Speed Underground Detection 01 Mar 2011 None Pass TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities CVE-2020-11064 CVE-2020-11066 CVE-2020-11067 CVE-2020-11069 13 Jul 2020 10 (v3) Critical Pass ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2020-0026) CVE-2020-4004 CVE-2020-4005 24 Nov 2020 8.2 (v3) High Pass Adobe Experience Manager 6.2 <= 6.2 SP1-CFP20 / 6.3 <= 6.3.3.8 / 6.4 < 6.4.8.3 / 6.5 < 6.5.7.0 Multiple Vulnerabilities (APSB20-01) CVE-2020-24444 CVE-2020-24445 10 Dec 2020 9 (v3) Critical Pass Oracle Primavera Uni fi er (Oct 2020 CPU) CVE-2015-1832 CVE-2017-9096 CVE-2018-17196 CVE-2019-17558 CVE-2020-9488 CVE-2020-9489 21 Oct 2020 9.1 (v3) Critical Pass ManageEngine ServiceDesk Plus 8.0.0 < Build 8015 Multiple XSS Vulnerabilities 22 Dec 2011 6.1 (v3) Medium Pass IBM Tivoli Directory Server SASL Bind Request Bu ff er Over fl ow (uncredentialed check) CVE-2011-1206 01 Jun 2011 10 (v2) Critical Pass GitLab 13.11.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Improper Access Control CVE-2022-1105 18 Apr 2022 4.3 (v3) Medium Pass Web Application Default Username ('super'/'1502') / Password ('super'/'1502') - deprecated CVE-2004-1920 13 Apr 2004 9 (v2) High Pass Oracle Database Detection 19 Jul 2006 None Pass Palo Alto Networks PAN-OS Version Detection 05 Mar 2014 None Pass Cisco Data Center Network Manager SQL Injection Vulnerabilities (cisco-sa-dcnm-sql-inj-OAQOObP) CVE-2021-1247 CVE-2021-1248 28 Jan 2021 8.8 (v3) High Pass Splashtop Streamer remote detection 04 Feb 2019 None Pass Apple TV < 14.3 Multiple Vulnerabilities CVE-2020-15969 CVE-2020-27943 CVE-2020-27944 CVE-2020-27946 CVE-2020-27948 CVE-2020-29611 CVE-2020-29617 CVE-2020-29618 CVE-2020-29619 CVE-2020-29624 12 Feb 2021 8.8 (v3) High Pass ManageEngine ServiceDesk Plus < 11.2 Build 11200 Unauthenticated Stored XSS CVE-2021-20080 12 Apr 2021 6.1 (v3) Medium Pass VMware vCenter REST API Data Collection 25 Jan 2021 None Pass F5 BIG-IP RCE (CVE-2021-22986) CVE-2021-22986 24 Mar 2021 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.0.21 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Multiple Vulnerabilities CVE-2018-20685 CVE-2019-6109 CVE-2019-6111 25 Mar 2021 6.8 (v3) Medium Pass Juniper Junos OS Multiple Vulnerabilities (JSA11169) CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 15 Apr 2021 7.8 (v3) High Pass Jenkins LTS < 2.277.2 / Jenkins weekly < 2.287 Multiple Vulnerabilities CVE-2021-21639 CVE-2021-21640 CVE-2021-21641 CVE-2021-22510 CVE-2021-22511 CVE-2021-22512 CVE-2021-22513 09 Apr 2021 6.5 (v3) Medium Pass Pulse Connect Secure < 9.1R11.4 (SA44784) CVE-2021-22893 CVE-2021-22894 CVE-2021-22899 CVE-2021-22900 20 Apr 2021 10 (v3) Critical Pass DNN (DotNetNuke) 9.2 <= 9.2.2 Weak Encryption Algorithm Vulnerability CVE-2018-15811 CVE-2018-18325 29 Oct 2021 7.5 (v3) High Pass Sophos XG Firewall User Portal and Webadmin Authentication Bypass (CVE-2022-1040) CVE-2022-1040 13 May 2022 9.8 (v3) Critical Pass Cisco Firepower Threat Defense Software < 6.6.1 sftunnel MitM (cisco-sa-ftdfmc-sft-mitm-tc8AzFs2) CVE-2020-3549 13 May 2022 8.1 (v3) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check NetBIOS) CVE-2021-44228 20 Dec 2021 10 (v3) Critical Pass Adobe Connect <= 11.3 Arbitrary File System Write Vulnerability (APSB21-112) CVE-2021-43014 20 Dec 2021 None Pass GitLab 14.4.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 XSS CVE-2022-1175 18 Apr 2022 6.1 (v3) Medium Pass PHP 5.5.x < 5.5.35 Multiple Vulnerabilities CVE-2016-3074 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 05 May 2016 9.8 (v3) Critical Pass GitLab 11.5.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Improper Authorization CVE-2022-1148 18 Apr 2022 6.5 (v3) Medium Pass GitLab 10.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 DoS CVE-2022-1185 18 Apr 2022 6.5 (v3) Medium Pass GitLab 8.3.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 XSS CVE-2022-1190 18 Apr 2022 5.4 (v3) Medium Pass SolarWinds Orion Platform 2020.2.6 < 2020.2.6 HF3 SQLI CVE-2021-35234 20 Dec 2021 8.8 (v3) High Pass SMB Server DOUBLEPULSAR Backdoor / Implant Detection (EternalRocks) CVE-2017-0144 18 Apr 2017 8.1 (v3) High Pass Advantech WebAccess webvrpcs.exe Path Traversal RCE CVE-2017-16720 10 Sep 2018 9.8 (v3) Critical Pass MobileIron Core 10.3.0.x < 10.3.0.4-19 / 10.4.0.x < 10.4.0.4-22 / 10.5.1.1 < 10.5.1.1-22 / 10.5.2.1 < 10.5.2.1-14 / 10.6.0.1 < 10.6.0.1-19 / 10.7.0.0 < 10.7.0.0-28 CVE-2020-15505 CVE-2020-15506 CVE-2020-15507 12 Oct 2020 9.8 (v3) Critical Pass Citrix SD-WAN WANOP 10.2.x Multiple Vulnerabilities (CTX276688) CVE-2020-8191 CVE-2020-8193 CVE-2020-8194 CVE-2020-8195 CVE-2020-8196 CVE-2020-8198 02 Sep 2020 6.5 (v3) Medium Pass Pulse Policy Secure < 9.1R9 (SA44601) CVE-2015-9251 CVE-2019-11358 CVE-2020-8255 CVE-2020-8260 CVE-2020-8261 CVE-2020-8262 CVE-2020-8263 CVE-2020-15352 30 Oct 2020 7.2 (v3) High Pass Cisco Adaptive Security Device Manager (ASDM) Detection 21 Jan 2022 None Pass Cisco IOS XR Software for ASR 9000 Series Routers DoS (cisco-sa-npspin-QYpwdhFD) CVE-2021-34713 21 Jan 2022 7.4 (v3) High Pass Cisco ASDM Information Disclosure (cisco-sa-asdm-logging-jnLOY422) CVE-2022-20651 21 Jan 2022 5.5 (v3) Medium Pass VMware vRealize Operations Manager 7.5.x / 8.x Multiple Vulnerabilities (VMSA-2021-0004) CVE-2021-21975 CVE-2021-21983 31 Mar 2021 7.5 (v3) High Pass Oracle MySQL Enterprise Monitor Multiple Vulnerabilities (Apr 2021 CPU) CVE-2020-17527 CVE-2020-17530 CVE-2021-3450 CVE-2021-23841 CVE-2021-25122 26 Apr 2021 9.8 (v3) Critical 46

Pass GitLab 14.7.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Default Password CVE-2022-1162 18 Apr 2022 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.21 Multiple Vulnerabilities CVE-2016-3074 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 05 May 2016 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.6 Multiple Vulnerabilities CVE-2016-3074 CVE-2016-3078 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 05 May 2016 9.8 (v3) Critical Pass Citrix SD-WAN Cookie Command Injection CVE-2017-6316 25 Jan 2019 9.8 (v3) Critical Pass Advantech WebAccess webvrpcs.exe IOCTL 70022 Stack Over fl ow CVE-2018-18999 21 Dec 2018 7.3 (v3) High Pass Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspeci fi ed Vulnerability (January 2018 CPU) CVE-2015-7501 CVE-2015-7940 CVE-2016-0635 CVE-2016-1182 CVE-2016-2107 CVE-2016-2179 CVE-2017-3732 CVE-2017-5645 CVE-2017-9798 CVE-2017-10068 CVE-2017-10262 CVE-2017-10273 CVE-2017-10352 CVE-2017-12617 CVE-2018-2561 CVE-2 25 Jan 2018 9.8 (v3) Critical Pass ManageEngine Firewall Analyzer < 12.0 Multiple Vulnerabilities 13 Apr 2016 6.5 (v2) Medium Pass NETGEAR Multiple Model PHP Remote Command Injection CVE-2016-1555 22 May 2017 9.8 (v3) Critical Pass Cisco IOS Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp) (destructive check) CVE-2017-3881 11 Oct 2017 9.8 (v3) Critical Pass VMware ESX / ESXi NFC and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0003) (remote check) CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-2110 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5 04 Mar 2016 9.8 (v3) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2013-0012) (remote check) CVE-2013-1500 CVE-2013-1571 CVE-2013-2400 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2 04 Mar 2016 10 (v2) Critical Pass IBM Endpoint Manager Mobile Device Management Component Unauthenticated Remote Code Execution (swg21691701) CVE-2014-6140 20 Jan 2015 9.3 (v2) High Pass Cisco Prime Data Center Network Manager < 7.1(1) Directory Traversal Vulnerability CVE-2015-0666 13 Apr 2015 7.5 (v3) High Pass MySQL Enterprise Monitor < 2.3.14 Apache Struts Multiple Vulnerabilities CVE-2013-2251 CVE-2013-4316 08 May 2015 10 (v2) Critical Pass Apache Tomcat / JBoss EJBInvokerServlet / JMXInvokerServlet Multiple Vulnerabilities CVE-2007-1036 CVE-2012-0874 CVE-2013-4810 14 Oct 2013 10 (v2) Critical Pass VMware Security Updates for vCenter Server (VMSA-2013-0012) CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2 25 Oct 2013 10 (v2) Critical Pass Apache PHP-CGI Remote Code Execution CVE-2012-1823 CVE-2012-2311 CVE-2012-2335 CVE-2012-2336 01 Nov 2013 8.8 (v3) High Pass IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (uncredentialed check) CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0401 CVE-2013-0402 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0 08 Jan 2014 10 (v2) Critical Pass QNAP QTS/QES/QuTS hero - Web Detection 29 Nov 2021 None Pass ManageEngine ADAudit Plus Detection 29 Nov 2021 None Pass Elasticsearch 'source' Parameter RCE CVE-2014-3120 17 Jul 2014 6.8 (v2) Medium Pass Apache Archiva 1.2.x <= 1.2.2 / 1.3.x <= 1.3.6 Multiple Vulnerabilities CVE-2013-2187 CVE-2013-2251 29 Apr 2014 9.3 (v2) High Pass Vulnerability in TLS Could Allow Information Disclosure (2655992) (uncredentialed check) CVE-2012-1870 18 Jul 2012 5.3 (v3) Medium Pass Plesk Panel Apache Arbitrary PHP Code Injection CVE-2012-1823 CVE-2013-4878 07 Jun 2013 7.5 (v2) High Pass Exim string_format Function Remote Over fl ow CVE-2010-4344 15 Dec 2010 8.8 (v3) High Pass Apache Struts 2 'action:' Parameter Arbitrary Remote Command Execution CVE-2013-2251 19 Jul 2013 10 (v3) Critical Pass HP iNode Management Center Bu ff er Over fl ow (HPSB3C02687) (remote check) CVE-2011-1867 19 Aug 2011 10 (v2) Critical Pass Adobe ColdFusion 'locale' Parameter Directory Traversal CVE-2010-2861 16 Aug 2010 7.5 (v2) High Pass HP OpenView Network Node Manager Multiple Scripts Remote Command Execution CVE-2005-2773 01 Sep 2005 7.5 (v2) High Pass phpMyAdmin setup.php save Action Arbitrary PHP Code Injection (PMASA-2009-3) CVE-2009-1151 16 Apr 2009 7.5 (v2) High Pass Citrix SD-WAN Appliance < 10.2.3 Unauthenticated Blind SQL Injection CVE-2019-12989 CVE-2019-12991 03 Jul 2019 9.8 (v3) Critical Pass Cisco Small Business RV132W and RV134W Remote Code Execution (cisco-sa-20180207-rv13x) CVE-2018-0125 10 Oct 2019 9.8 (v3) Critical Pass Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST) CVE-2011-3026 CVE-2011-3048 CVE-2011-3368 CVE-2011-3389 CVE-2011-3607 CVE-2011-4313 CVE-2011-4317 CVE-2011-4599 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0643 CVE-2012-0652 CVE-2012-0668 CVE-2012-0670 CVE-2012-0 20 Sep 2012 10 (v2) Critical Pass Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities CVE-2011-4313 CVE-2012-0831 CVE-2012-1172 CVE-2012-1667 CVE-2012-1823 CVE-2012-2143 CVE-2012-2311 CVE-2012-2386 CVE-2012-2688 CVE-2012-3718 CVE-2012-3720 20 Sep 2012 10 (v2) Critical Pass Cisco IOS Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp) CVE-2017-3881 27 Mar 2017 9.8 (v3) Critical Pass PHP 7.4.x < 7.4.0 Multiple Vulnerabilities. CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 06 Dec 2019 9.8 (v3) Critical Pass Oracle Solaris PAM parse_user_name() bu ff er over fl ow (CVE-2020-14871) CVE-2020-14871 11 Nov 2020 10 (v3) Critical Pass PHP 5.5.x < 5.5.36 Multiple Vulnerabilities CVE-2013-7456 CVE-2016-4343 CVE-2016-5093 CVE-2016-5094 CVE-2016-5096 02 Jun 2016 8.6 (v3) High Pass PHP 5.6.x < 5.6.22 Multiple Vulnerabilities CVE-2013-7456 CVE-2016-5093 CVE-2016-5094 CVE-2016-5096 02 Jun 2016 8.6 (v3) High Pass HP LaserJet Printers Unspeci fi ed Denial of Service (HPSBPI02938) CVE-2013-6193 17 Dec 2013 5 (v2) Medium Pass IPMI Versions Supported 21 Jan 2014 None Pass StruxureWare SCADA Expert ClearSCADA < 2013 R2 Remote DoS CVE-2013-6142 29 Jan 2014 4.3 (v2) Medium Pass PHP 7.0.x < 7.0.7 Multiple Vulnerabilities CVE-2013-7456 CVE-2016-5093 02 Jun 2016 8.6 (v3) High Pass Apache Struts 2 REST Plugin OGNL Expression Handling RCE CVE-2016-4438 24 Jun 2016 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.37 Multiple Vulnerabilities CVE-2015-8874 CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 01 Jul 2016 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.8 Multiple Vulnerabilities CVE-2016-4473 CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 01 Jul 2016 9.8 (v3) Critical Pass Default Password (ucspe) for 'ucspe' Account 06 Jul 2016 9.8 (v3) Critical Pass HPE LoadRunner Shared Memory Name Construction RCE CVE-2016-4359 07 Jul 2016 9.8 (v3) Critical Pass Tenable Nessus 6.x < 6.8 Multiple Vulnerabilities CVE-2016-0718 CVE-2016-1000028 CVE-2016-1000029 20 Jul 2016 9.8 (v3) Critical Pass VMware vCenter Server 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2021-0010) CVE-2021-21985 CVE-2021-21986 25 May 2021 9.8 (v3) Critical Pass Apache Log4Shell RCE detection via callback correlation (Direct Check SMB) CVE-2021-44228 21 Dec 2021 10 (v3) Critical Pass HTTP_PROXY Environment Variable Namespace Collision Vulnerability (httpoxy) CVE-2016-5385 CVE-2016-5386 CVE-2016-5387 CVE-2016-5388 CVE-2016-1000109 CVE-2016-1000110 25 Jul 2016 8.1 (v3) High Pass PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy) CVE-2016-5385 CVE-2016-5399 CVE-2016-6207 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6293 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 26 Jul 2016 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy) CVE-2016-5385 CVE-2016-5399 CVE-2016-6207 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6293 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 26 Jul 2016 9.8 (v3) Critical Pass Oracle WebLogic Server Java Object Deserialization RCE (July 2016 CPU) CVE-2016-3510 28 Jul 2016 9.8 (v3) Critical Pass Pgbouncer 1.6 Invalid User Authentication Bypass CVE-2015-6817 17 Aug 2016 8.1 (v3) High Pass PHP 7.0.x < 7.0.10 Multiple Vulnerabilities CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7133 CVE-2016-7134 23 Aug 2016 9.8 (v3) Critical Pass Cisco Firepower Threat Defense Software Web Services Interface Multiple Vulnerabilities (cisco-sa-asaftd-xss-multiple-FCB3vPZe) CVE-2020-3580 CVE-2020-3581 CVE-2020-3582 CVE-2020-3583 24 Jun 2021 6.1 (v3) Medium Pass Plex Media Server < 1.25.0.5282 Privilege Escalation CVE-2021-42835 29 Dec 2021 7 (v3) High Pass Python Information Disclosure in PyDoc (CVE-2021-3426) CVE-2021-3426 27 Aug 2021 5.7 (v3) Medium Pass Cisco IOS Software IKEv2 AutoReconnect Feature DoS (cisco-sa-ikev2-ebFrwMPr) CVE-2021-1620 30 Nov 2021 7.7 (v3) High Pass Liferay Portal 7.3.2 < 7.3.6 XSS CVE-2021-29045 30 Nov 2021 6.1 (v3) Medium Pass Cisco IOS XE Software IKEv2 AutoReconnect Feature DoS (cisco-sa-ikev2-ebFrwMPr) CVE-2021-1620 30 Nov 2021 7.7 (v3) High Pass Wind River VxWorks < 7 Build 21.03 DoS CVE-2021-29997 30 Nov 2021 5.3 (v3) Medium Pass Apache Struts CVE-2018-11776 Results With No Namespace Possible Remote Code Execution (S2-057) CVE-2018-11776 22 Aug 2018 8.1 (v3) High Pass Jenkins Plugins Multiple Vulnerabilities (Jenkins Security Advisory 2021-03-30) CVE-2021-21628 CVE-2021-21629 CVE-2021-21630 CVE-2021-21631 CVE-2021-21632 CVE-2021-21633 CVE-2021-21634 CVE-2021-21635 CVE-2021-21636 CVE-2021-21637 CVE-2021-21638 30 Nov 2021 8.8 (v3) High Pass Teradata Database Detection 05 Dec 2019 None Pass Apache Solr 8.1.1, 8.2.0 Remote JMX RMI Deserialization Vulnerability CVE-2019-12409 19 Dec 2019 9.8 (v3) Critical Pass Xerox Printer SNMP Detection 16 Jan 2020 None Pass Palo Alto Expedition Web Detection 02 Jan 2020 None Pass Trend Micro O ffi ceScan Directory Traversal Vulnerability (000151730) CVE-2019-18187 28 Jan 2020 7.5 (v3) High Pass NetApp SANtricity Web Services Proxy Detection 06 Jul 2018 None Pass RedLion Crimson Protocol Detection 17 Jul 2018 None Pass ASUSTOR Data Master (ADM) Detection 24 Jul 2018 None Pass Juniper Junos OS Vulnerability (JSA11242) CVE-2021-31377 13 Oct 2021 5.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11224) CVE-2021-31362 13 Oct 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11254) CVE-2021-31386 13 Oct 2021 5.9 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11219) CVE-2021-31354 13 Oct 2021 8.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11241) CVE-2021-31376 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11223) CVE-2021-31361 13 Oct 2021 5.3 (v3) Medium Pass SolarWinds Orion Platform < 2020.2.1 XSS CVE-2020-13169 17 Dec 2020 9 (v3) Critical Pass Oracle WebLogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.3 Java Object Deserialization RCE (CVE-2018-3191) CVE-2018-3191 25 Feb 2019 9.8 (v3) Critical Pass SolarWinds Orion Platform < 2020.2.5 Multiple Vulnerabilities CVE-2020-35856 CVE-2021-3109 26 Mar 2021 8.8 (v3) High Pass Pulse Connect Secure < 9.1R12.1 DoS (SA44899) CVE-2021-22965 27 Oct 2021 7.5 (v3) High Pass Apache Tomcat 9.x < 9.0.40 Information Disclosure CVE-2020-17527 CVE-2021-24122 10 Dec 2020 7.5 (v3) High Pass PostgreSQL 9.5.x < 9.5.24 / 9.6.x < 9.6.20 / 10.x < 10.15 / 11.x < 11.10 / 12.x < 12.5 / 13.x < 13.1 Multiple Vulnerabilities CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 10 Dec 2020 8.8 (v3) High Pass Dell iDRAC XSS (DSA-2020-268) CVE-2020-26198 06 Jan 2021 6.1 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (Jan 2021 CPU) CVE-2020-5421 22 Jan 2021 6.5 (v3) Medium Pass Atlassian JIRA < 8.5.11 / 8.6.x < 8.13.3 / 8.14.x < 8.14.1 Information Disclosure (JRASERVER-72000) CVE-2020-29451 19 Feb 2021 4.3 (v3) Medium Pass Atlassian JIRA < 8.13.2 / 8.14.x < 8.14.1 Information Disclosure (JRASERVER-71950) CVE-2020-36235 19 Feb 2021 5.3 (v3) Medium Pass Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers RCE (cisco-sa-sb-rv34x-rce-8bfG2h6b) CVE-2021-1413 CVE-2021-1414 CVE-2021-1415 16 Apr 2021 6.3 (v3) Medium Pass Atlassian Jira < 8.5.11 / 8.13.3 / 8.15.0 Arbitrary File Read (JRASERVER-72014) CVE-2020-29453 25 Feb 2021 5.3 (v3) Medium Pass Zabbix 5.4.x < 5.4.9 Multiple Vulnerabilities CVE-2022-23131 CVE-2022-23132 CVE-2022-23133 CVE-2022-23134 28 Feb 2022 9.8 (v3) Critical Pass DNN (DotNetNuke) < 8.0.4 Multiple Vulnerabilities 29 Aug 2016 4.3 (v3) Medium Pass Centreon GetXmlTree.php 'sid' Parameter SQLi CVE-2015-1560 31 Aug 2016 7.3 (v3) High Pass PHP 5.6.x < 5.6.26 Multiple Vulnerabilities CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 22 Sep 2016 9.8 (v3) Critical Pass ManageEngine ADManager Plus < 7111 RCE CVE-2021-37539 CVE-2021-37741 CVE-2021-37761 CVE-2021-37762 CVE-2021-37918 CVE-2021-37922 CVE-2021-37926 CVE-2021-37928 CVE-2021-37929 CVE-2021-37930 CVE-2021-37931 09 Sep 2021 9.8 (v3) Critical Pass VMware vCenter Server 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2021-0027) CVE-2021-21980 CVE-2021-22049 02 Dec 2021 9.8 (v3) Critical Pass ManageEngine ServiceDesk Plus < 11.3 Build 11306 / ManageEngine ServiceDesk Plus MSP < 10.5 Build 10530 RCE CVE-2021-44077 06 Dec 2021 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.11 Multiple Vulnerabilities CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 22 Sep 2016 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.27 Multiple Vulnerabilities 18 Oct 2016 9.8 (v3) Critical Pass D-Link DIR Router Web Interface Detection 11 Sep 2017 None Noise Web Application Cookies Are Expired 07 Jun 2017 None Pass Grandstream Networking Solutions Device Web Detection 28 Mar 2019 None Pass Sophos XG Firewall Detection 04 Jan 2017 None Pass Checkpoint Gaia Portal WebUI Detection 22 Nov 2017 None Pass CA Uni fi ed Management Portal (UMP) Detection 09 Dec 2016 None Pass Micro Focus Network Automation Detection 25 Mar 2016 None Pass McAfee ESM SIEM Detection 07 Oct 2015 None Pass iniNet SpiderControl SCADA Web Server Detection 27 Jan 2016 None Pass Oracle Real User Experience Insight Detection 26 Jan 2015 None Pass Visualware MyConnection Server Web Default Credentials 02 Apr 2015 7.5 (v2) High 47

Pass Siemens SCALANCE S612 Firewall Detection 06 May 2015 None Pass VMware vCenter Operations Manager Web UI Detection 10 Apr 2015 None Pass Atlassian Con fl uence < 6.13.18 / 6.14 < 7.4.6 / 7.5 < 7.8.3 Arbitrary File Read (CONFSERVER-60469) CVE-2020-29448 26 Feb 2021 5.3 (v3) Medium Pass Citrix ADC and Citrix NetScaler Gateway Re fl ected Code Injection (CTX276688) (Direct Check) CVE-2020-8194 02 Mar 2021 6.5 (v3) Medium Pass Oracle Secure Global Desktop Administration Console Detection 01 Nov 2013 None Pass Oracle Portal Detection 22 Nov 2013 None Pass Tenable SecurityCenter Detection 02 Dec 2013 None Pass Web Site Hosting Malicious Binaries 21 Nov 2013 8.3 (v3) High Pass ManageEngine Desktop Central Detection 04 Dec 2013 None Pass HP AutoPass License Server Detection 27 Jun 2014 None Pass Ericom AccessNow Server Detection 30 Jun 2014 None Pass F5 Networks ARX Data Manager Web Interface Detection 01 Jul 2014 None Pass Silver Peak VX Detection 25 Sep 2014 None Pass Oracle MapViewer Detection 08 Oct 2014 None Pass Cisco Integrated Management Controller WebUI Detection 13 Oct 2014 None Pass Apache Log4Shell RCE detection via callback correlation (Direct Check POP3) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass TIBCO Spot fi re Server Detection 13 Oct 2014 None Pass Oracle Endeca Information Discovery Studio Detection 21 Oct 2014 None Pass Novell GroupWise Internet Agent Request Content-Length Header Parsing Remote Over fl ow CVE-2012-0271 02 Oct 2012 10 (v2) Critical Pass Clorius Controls ISC SCADA Detection 14 May 2013 None Pass JBossWS Endpoint Uses Unsafe Encryption CVE-2011-1096 23 Apr 2013 5 (v2) Medium Pass Tridium Niagara AX Web Server Detection 03 Jul 2013 None Pass Tridium Niagara AX Web Server Directory Traversal 'con fi g.bog' Disclosure Remote Compromise CVE-2012-4701 03 Jul 2013 9.3 (v2) High Pass Clorius Controls ISC SCADA Information Disclosure 14 May 2013 5 (v2) Medium Pass HTTP Cookie 'secure' Property Transport Mismatch 10 Sep 2013 None Pass MS10-075: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679) (uncredentialed check) CVE-2010-3225 18 Oct 2010 9.3 (v2) High Pass Patch Management: VMware Go Server Settings (deprecated) 06 Dec 2011 None Pass MS11-100: ASP.NET Could Allow Denial of Service (2638420) (uncredentialed check) CVE-2011-3414 16 Jan 2012 5 (v2) Medium Pass Patch Management: Missing updates from VMware Go (deprecated) 06 Dec 2011 None Pass EMC SMARTS Application Server Detection 17 Feb 2012 None Pass Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances (cisco-sa-20100217-asa) CVE-2010-0149 CVE-2010-0150 CVE-2010-0151 CVE-2010-0565 CVE-2010-0566 CVE-2010-0567 CVE-2010-0568 CVE-2010-0569 25 Feb 2010 9.4 (v2) High Pass Splunk Management API Detection 01 Sep 2010 None Pass Cisco Secure Access Control Server (ACS) CSuserCGI.exe Multiple Remote Over fl ows CVE-2008-0532 19 Aug 2008 10 (v2) Critical Pass Cisco Secure Access Control Server (ACS) CSUserCGI.exe Help Facility XSS CVE-2008-0533 19 Aug 2008 4.3 (v2) Medium Pass Oracle WebLogic Server Java Object Deserialization RCE (CVE-2020-2883) CVE-2020-2883 02 Jul 2020 9.8 (v3) Critical Pass Apache Tomcat 8.0.0.RC1 < 8.0.47 Multiple Vulnerabilities CVE-2017-12617 06 Oct 2017 8.1 (v3) High Pass Apache Tomcat 6.0.x < 6.0.24 Multiple Vulnerabilities CVE-2017-5647 CVE-2017-5664 CVE-2017-12615 CVE-2017-12617 02 Nov 2017 8.1 (v3) High Pass Atlassian JIRA < 8.5.11 / 8.6.x < 8.13.3 / 8.14.x < 8.15.0 Multiple XSS CVE-2020-36234 CVE-2020-36236 12 Mar 2021 6.1 (v3) Medium Pass Tenable Nessus 8.9.0 < 8.13.2 Multiple Vulnerabilities (TNS-2021-05) CVE-2021-3449 CVE-2021-3450 02 Apr 2021 7.4 (v3) High Pass Juniper Junos Local File Include Vulnerability (JSA11021) CVE-2020-1631 01 May 2020 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 8.0.x < 8.1.15 / 8.1.x < 8.1.15 / 9.0.x < 9.0.9 / 9.1.x < 9.1.3 Authentication Bypass in SAML Authentication (CVE-2020-2021) CVE-2020-2021 29 Jun 2020 10 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (July 2016 CPU) CVE-2016-3491 CVE-2016-3512 CVE-2016-3520 CVE-2016-3522 CVE-2016-3523 CVE-2016-3524 CVE-2016-3525 CVE-2016-3528 CVE-2016-3532 CVE-2016-3533 CVE-2016-3534 CVE-2016-3535 CVE-2016-3536 CVE-2016-3541 CVE-2016-3542 CVE-2016-3 20 Jul 2016 9.1 (v3) Critical Pass Oracle Primavera Uni fi er (Apr 2021 CPU) CVE-2020-11022 CVE-2020-11023 CVE-2020-13956 CVE-2020-17521 22 Apr 2021 6.1 (v3) Medium Pass Oracle E-Business Suite (Jan 2022 CPU) CVE-2019-10086 CVE-2020-6950 CVE-2022-21250 CVE-2022-21251 CVE-2022-21255 CVE-2022-21273 CVE-2022-21274 CVE-2022-21354 CVE-2022-21373 20 Jan 2022 8.1 (v3) High Pass Dell iDRAC XSS (DSA-2021-073) CVE-2021-21542 23 Apr 2021 4.8 (v3) Medium Pass Dell iDRAC Multiple Vulnerabilities (DSA-2021-073) CVE-2021-21539 CVE-2021-21540 CVE-2021-21541 CVE-2021-21543 CVE-2021-21544 23 Apr 2021 8.1 (v3) High Pass Cisco Uni fi ed Communications Manager RCE (cisco-sa-cucm-rce-pqVYwyb) CVE-2021-1362 23 Apr 2021 8.8 (v3) High Pass Johnson Controls exacqVision Web Service Information Disclosure (JCI-PSA-2021-16) CVE-2021-27664 02 Nov 2021 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.12 Multiple Vulnerabilities 18 Oct 2016 9.8 (v3) Critical Pass Default Password '888888' for '888888' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'password' for 'admin1' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1111111' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1234' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '12345' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '123456' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Apache Tomcat 8.5.55 < 8.5.75 multiple vulnerabilities CVE-2022-23181 26 Jan 2022 7 (v3) High Pass Default Password '4321' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '54321' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '7ujMko0admin' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'admin1234' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'meinsm' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'pass' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'smcadmin' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1234' for 'administrator' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'meinsm' for 'Administrator' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'f****r' for 'mother' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '00000000' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1111' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1234' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '12345' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '123456' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '54321' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass CodeMeter Runtime Bu ff er Over-read (WIBU-210423-01) CVE-2021-20093 23 Jun 2021 9.1 (v3) Critical Pass Default Password '7ujMko0admin' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '7ujMko0vizxv' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '888888' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'Zte521' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'anko' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'dreambox' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'hi3518' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'ikwb' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'juantech' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'jvbzd' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass ManageEngine ADAudit Plus < Build 7006 File Upload RCE CVE-2021-42847 29 Nov 2021 9.8 (v3) Critical Pass Default Password 'klv1234' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'pass' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'realtek' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'system' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass HP PageWide Printer Web Interface Detection 06 Dec 2021 None Pass Modicon Quantum HTTP Server 'formTest' 'name' Parameter XSS CVE-2018-7810 26 Nov 2018 6.1 (v3) Medium Pass TP-Link Unauthenticated CGI Cross-Site Request Forgery (Remote) CVE-2018-11714 CVE-2018-15702 01 Oct 2018 9.8 (v3) Critical Pass Default Password 'user' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'vizxv' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass SQLi scanner 04 Mar 2019 8.3 (v3) High Pass Default Password 'xmhdipc' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass NetApp OnTAP Web Detection 06 Jun 2018 None Pass Default Password 'zlxx.' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'service' for 'service' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'tech' for 'tech' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'ubnt' for 'ubnt' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Hikvision IP Camera Web Interface Detection 28 Feb 2018 None Pass Trend Micro Smart Protection Server Detection 08 Mar 2018 None Pass Oracle WebLogic Server Java Object Deserialization RCE (October 2016 CPU) CVE-2016-5535 03 Nov 2016 9.8 (v3) Critical Pass JBoss Enterprise Application Platform doFilter() Method Insecure Deserialization RCE CVE-2017-12149 24 Apr 2018 9.8 (v3) Critical Pass Western Digital TV Web Interface Detection 08 Sep 2017 None Pass Open Network Video Interface Forum (ONVIF) Protocol Detection 17 Oct 2017 None Pass Pulse Policy Secure Detection 08 Sep 2017 None Pass Brother Printer Debut Embedded HTTP Server Detection 30 Nov 2017 None Pass HP System Management Homepage < 7.6 Multiple Vulnerabilities (HPSBMU03653) (httpoxy) CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-3739 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4342 CVE-2016-4343 CVE-2016-4393 CVE-2016-4394 CVE-2016-4395 CVE-2016-4396 CVE-2016-4537 CVE-2016-4 09 Nov 2016 8.8 (v3) High Pass Bitrix Product and Modules Detection 02 May 2017 None Pass Open Source Point Of Sale Detection 07 Apr 2016 None Pass Rockwell Automation MicroLogix 1400 PLC Web Server Detection 20 Apr 2016 None 48

Pass Acme thttpd Detection 14 Feb 2017 None Pass Default Password 'P@ssw0rd' for 'admin' Account CVE-1999-0502 10 Nov 2016 9.8 (v3) Critical Pass PowerFolder Server Detection 24 Jun 2016 None Pass BlackBerry Enterprise Service (BES) Management Console Detection 03 Jun 2016 None Pass Cisco UCS Central Software Web UI Detection 25 Aug 2016 None Pass Advantech WebAccess < 7.0-2011.08.27 Multiple ActiveX RCE 19 Aug 2015 6.8 (v2) Medium Pass Veritas NetBackup Appliance 2.6.0.x / 2.6.1.x / 2.7.x RCE (VTS16-002) CVE-2016-7399 10 Nov 2016 9.8 (v3) Critical Pass IBM Network Security Protection XGS Remote Code Execution (swg21690823) (credentialed attack) CVE-2014-6183 02 Jan 2015 4 (v2) Medium Pass IBM Network Security Protection XGS WebUI Detection 02 Jan 2015 None Pass Graylog2 Web Interface Detection 10 Feb 2015 None Pass Fortinet FortiAuthenticator Appliance Web Interface Detection 16 Feb 2015 None Pass .bash_history Files Disclosed via Web Server 12 May 2015 5.3 (v3) Medium Pass Siemens SCALANCE S612 Firewall > 2.1 and < 2.3.0.3 Multiple Vulnerabilities (SSA-268149) CVE-2012-1799 CVE-2012-1800 06 May 2015 10 (v2) Critical Pass Rockwell Automation MicroLogix 1100 PLC Web Server Detection 07 Jul 2015 None Pass Patch Management: Red Hat Satellite Server Settings 17 Jun 2015 None Pass Schneider Electric InduSoft Web Studio Detection 18 Jun 2015 None Pass Trend Micro Threat Intelligence Manager Web Console Detection 22 Jul 2015 None Pass XEROX ColorQube Device Detection 10 Oct 2013 None Pass ClearSCADA Web Server Remote Denial of Service 15 Oct 2013 7.8 (v2) High Pass Zimbra Collaboration Server Aspell Spell Check Service Detection 24 Feb 2014 None Pass Oracle WebCenter Sites Detection 03 Mar 2014 None Pass F5 Networks BIG-IQ Con fi guration Utility Login Page Detection 09 May 2014 None Pass Usermin Detection 16 Sep 2014 None Pass Novell GroupWise Administration Console Detection 02 Sep 2014 None Pass Novell File Reporter Agent XML Parsing Remote Code Execution CVE-2011-0994 10 Sep 2012 10 (v2) Critical Pass RuggedCom RuggedOS < 3.12.1 Web UI Multiple Security Vulnerabilities 06 Feb 2013 10 (v2) Critical Pass Patch Management: HCL BigFix Get Installed Packages 27 Mar 2013 None Pass Apple OS X Pro fi le Manager Device Management Private Interface Managed Device Enumeration CVE-2012-3721 25 Mar 2013 5 (v2) Medium Pass Novell File Reporter Agent Detection 09 May 2011 None Pass Adobe Flex SDK Cross-Site Scripting (APSB11-25) (deprecated) CVE-2011-2461 01 Dec 2011 4.3 (v2) Medium Pass Do not scan printers 01 Dec 2003 None Pass Modicon Quantum HTTP Server Default Credentials 11 Dec 2006 7.5 (v2) High Pass Web mirroring 04 May 2001 None Pass Symantec Content Analysis Web Detection 21 May 2019 None Pass Jenkins Plugins Detection 20 Sep 2019 None Pass Drupal PHPUnit/Mailchimp Code Execution Vulnerability CVE-2017-9841 06 Sep 2019 9.8 (v3) Critical Pass Siemens SIMATIC S7-1200 PLC UDP Denial of Service (CVE-2019-10936) CVE-2019-10936 06 Dec 2019 7.5 (v3) High Pass Rancher Web Interface Detection 13 Dec 2018 None Pass Lenel OnGuard License Administrator 29 Jan 2019 None Pass Cisco Small Business Router Web UI Detection 23 Jul 2020 None Pass SAP NetWeaver : Authentication Bypass (CVE-2020-6287) (Direct Check) CVE-2020-6287 20 Jul 2020 10 (v3) Critical Pass Trend Micro InterScan Web Security Virtual Appliance Detection 28 Jul 2020 None Pass Apache Struts 2.x < 2.5.26 RCE (S2-061) (direct check) CVE-2020-17530 17 Dec 2020 9.8 (v3) Critical Pass Selligent Message Studio Struts Code Execution (CVE-2013-2251) CVE-2013-2251 05 Nov 2020 10 (v3) Critical Pass SonicWall Secure Mobile Access (SMA) Web Detection 03 Feb 2021 None Pass SAP Solution Manager Web Detection 26 Jan 2021 None Pass Apache Flink local fi le inclusion Vulnerability (direct check) CVE-2020-17519 09 Feb 2021 7.5 (v3) High Pass Apache Druid < 0.20.1 RCE (Direct Check) CVE-2021-25646 30 Mar 2021 8.8 (v3) High Pass SonicWall Email Security Web Interface Detected 26 Apr 2021 None Pass Trend Micro ServerProtect Information Server Detection 22 Oct 2021 None Pass Cisco Integrated Management Controller GUI DoS (cisco-sa-imc-gui-dos-TZjrFyZh) CVE-2021-34736 22 Oct 2021 7.5 (v3) High Pass Cisco IOS XE Software SD WAN Command Injection (cisco-sa-sd-wan-rhpbE34A) CVE-2021-1529 22 Oct 2021 7.8 (v3) High Pass PHP 5.4.x < 5.4.44 Multiple Vulnerabilities CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-8867 11 Aug 2015 7.3 (v3) High Pass Apache ActiveMQ Blob Message Directory Traversal CVE-2015-1830 21 Aug 2015 5 (v2) Medium Pass Cisco TelePresence VCS Expressway 8.5.3 XML External Entity (XXE) Injection CVE-2015-4315 26 Aug 2015 6.4 (v3) Medium Pass PHP 5.6.x < 5.6.28 Multiple Vulnerabilities CVE-2016-7478 CVE-2016-9933 CVE-2016-9934 18 Nov 2016 7.5 (v3) High Pass Cisco TelePresence VCS Expressway Series 8.5.1 Information Disclosure CVE-2015-4314 26 Aug 2015 4.3 (v3) Medium Pass Cisco TelePresence VCS Expressway Series 8.5.2 Multiple Vulnerabilities CVE-2015-4303 CVE-2015-4316 CVE-2015-4317 CVE-2015-4318 CVE-2015-4319 CVE-2015-4320 26 Aug 2015 6.3 (v3) Medium Pass CockroachDB < 2.1.10 / 19.x < 19.1.6 / 19.2.x < 19.2.2 Information Disclosure Direct Check (A44348) 04 Apr 2022 5.3 (v3) Medium Pass CockroachDB < 2.1.12 / 19.x < 19.1.8 / 19.2 < 19.2.4 Information Disclosure (A44348) 04 Apr 2022 5.3 (v3) Medium Pass CockroachDB < 2.1.10 / 19.1.x < 19.1.16 / 19.2.x < 19.2.2 Broken Access Control Vulnerability (A42567) 04 Apr 2022 9.1 (v3) Critical Pass PHP 5.4.x < 5.4.45 Multiple Vulnerabilities CVE-2014-9767 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 10 Sep 2015 7.3 (v3) High Pass PHP 5.5.x < 5.5.29 Multiple Vulnerabilities CVE-2014-9767 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 10 Sep 2015 7.3 (v3) High Pass PHP 5.6.x < 5.6.13 Multiple Vulnerabilities CVE-2014-9767 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 10 Sep 2015 7.3 (v3) High Pass Persistent Systems Radia Client Automation Agent Command Injection 25 Sep 2015 10 (v2) Critical Pass TLS Version 1.1 Protocol Deprecated 04 Apr 2022 6.5 (v3) Medium Pass PHP 5.5.x < 5.5.30 Multiple Vulnerabilities CVE-2015-7803 CVE-2015-7804 06 Oct 2015 8.6 (v3) High Pass OpenSSH PCI Disputed Vulnerabilities. CVE-2016-20012 CVE-2020-15778 CVE-2021-36368 04 Apr 2022 7.8 (v3) High Pass PHP 5.6.x < 5.6.14 Multiple Vulnerabilities CVE-2015-7803 CVE-2015-7804 06 Oct 2015 8.6 (v3) High Pass VISAM Automation Base (VBASE) Web-Remote Path Traversal (CVE-2020-7008) CVE-2020-7008 01 Mar 2022 7.5 (v3) High Pass VISAM Automation Base (VBASE) Web-Remote Detection 01 Mar 2022 None Pass Persistent Systems Radia Client Automation Agent Command Injection CVE-2015-1497 19 Oct 2015 10 (v2) Critical Pass DNN (DotNetNuke) < 7.4.2 Multiple Vulnerabilities 20 Oct 2015 4.3 (v2) Medium Pass Cisco TelePresence VCS Expressway 8.5.1 / 8.5.2 request-xconfdump Symbolic Link Local File Manipulation (cisco-sa-20141007-vcs) CVE-2015-6318 22 Oct 2015 9.3 (v3) Critical Pass 3S CODESYS Runtime Toolkit < 2.4.7.48 PLCWinNT DoS CVE-2015-6482 23 Oct 2015 5 (v2) Medium Pass Atlassian Bamboo 2.2.x < 5.8.5 / 5.9.x < 5.9.7 Unspeci fi ed Resource Deserialization RCE CVE-2015-6576 04 Nov 2015 8.8 (v3) High Pass nginx 1.9.x < 1.9.6 HTTPv2 PRI Double-Free DoS 16 Nov 2015 7.5 (v3) High Pass Jenkins < 1.638 / 1.625.2 Java Object Deserialization RCE CVE-2015-8103 17 Nov 2015 7.5 (v2) High Pass Crestron QM-RMC Service Detection 22 Dec 2015 None Pass PHP 7.0.x < 7.0.1 Multiple Vulnerabilities CVE-2015-8616 CVE-2015-8617 22 Dec 2015 9.8 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (January 2016 CPU) CVE-2015-3195 CVE-2015-4926 CVE-2016-0454 CVE-2016-0456 CVE-2016-0457 CVE-2016-0459 CVE-2016-0507 CVE-2016-0509 CVE-2016-0510 CVE-2016-0511 CVE-2016-0512 CVE-2016-0513 CVE-2016-0514 CVE-2016-0515 CVE-2016-0516 CVE-2016-0 21 Jan 2016 6.4 (v2) Medium Pass Cisco TelePresence VCS 8.5.1 Unspeci fi ed XSRF (cisco-sa-20151120-tvcs) CVE-2015-6376 02 Feb 2016 7.3 (v3) High Pass PHP prior to 5.5.x < 5.5.31 / 5.6.x < 5.6.17 Multiple Vulnerabilities CVE-2016-1903 CVE-2016-5114 10 Feb 2016 9.1 (v3) Critical Pass PHP 7.x < 7.0.2 Multiple Vulnerabilities CVE-2016-1903 CVE-2016-1904 CVE-2016-5114 10 Feb 2016 7.3 (v3) High Pass PHP 5.6.x < 5.6.18 Multiple Vulnerabilities CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 CVE-2016-2554 CVE-2016-4342 CVE-2016-4343 CVE-2016-10712 11 Feb 2016 9.8 (v3) Critical Pass Symantec Encryption Management Server 3.3.2 < 3.3.2 MP12 Multiple Vulnerabilities (SYM16-002) CVE-2015-8148 CVE-2015-8149 CVE-2015-8150 CVE-2015-8151 23 Feb 2016 7.8 (v3) High Pass Tenable Nessus < 6.5.5 Host Details Scan Results XSS CVE-2016-82000 23 Feb 2016 3.4 (v3) Low Pass Jenkins < 1.642.2 / 1.650 Java Object Deserialization RCE CVE-2016-0792 29 Feb 2016 8.8 (v3) High Pass Jenkins < 1.642.2 / 1.650 Java Object Deserialization RCE CVE-2016-0788 07 Mar 2016 9.8 (v3) Critical Pass Centreon Default Administrator Password 23 Dec 2014 7.5 (v2) High Pass PHP 5.4.x < 5.4.36 'process_nested_data' RCE CVE-2014-8142 02 Jan 2015 7.5 (v2) High Pass PHP 5.5.x < 5.5.20 'process_nested_data' RCE CVE-2014-8142 02 Jan 2015 7.5 (v2) High Pass Centreon 'insertLog()' Function RCE 05 Jan 2015 7.5 (v2) High Pass Dell iDRAC Products IPMI Arbitrary Command Injection Vulnerability CVE-2014-8272 09 Jan 2015 5 (v2) Medium Pass IBM Endpoint Manager Enrollment and Apple iOS Management Extender Detection 20 Jan 2015 None Pass IBM Tivoli Storage Manager Server 6.2 < 6.2.7 / 6.3 < 6.3.5 / 7.1 < 7.1.1 GSKit X.509 Certi fi cate Chain DoS CVE-2013-6747 13 Jan 2015 7.1 (v2) High Pass Oracle OpenSSO SAML Multiple Vulnerabilities (January 2015 CPU) CVE-2014-6592 CVE-2015-0389 27 Jan 2015 3.5 (v2) Low Pass QNAP QTS / QuTS Hero Arbitrary Code Execution (QSA-21-57) 05 Apr 2022 9.8 (v3) Critical Pass Cisco IOS XR Software Border Gateway Protocol DoS (cisco-sa-20090818-bgp) CVE-2009-1154 CVE-2009-2055 CVE-2009-2056 05 Apr 2022 5.9 (v3) Medium Pass PHP 5.4.x < 5.4.37 Multiple Vulnerabilities CVE-2014-9427 CVE-2014-9652 CVE-2015-0231 CVE-2015-0232 29 Jan 2015 7.3 (v3) High Pass PHP 5.5.x < 5.5.21 Multiple Vulnerabilities CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 29 Jan 2015 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.5 Multiple Vulnerabilities CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 29 Jan 2015 9.8 (v3) Critical Pass Cisco Catalyst PON Series Web Detection 15 Nov 2021 None Pass Apache 2.4.x < 2.4.12 Multiple Vulnerabilities CVE-2013-5704 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 02 Feb 2015 5.3 (v3) Medium Pass Pandora FMS <= 5.0 SP2 SQLi 03 Feb 2015 7.5 (v2) High Pass Default Password (changeme) for 'splunkadmin' Account CVE-1999-0502 04 Feb 2015 9.8 (v3) Critical Pass Symantec Encryption Management Server < 3.3.2 MP7 Multiple Vulnerabilities CVE-2014-7287 CVE-2014-7288 05 Feb 2015 9 (v2) High Pass Atmail Webmail Unsupported Version Detection 05 Feb 2015 10 (v2) Critical Pass Atmail Webmail 7.x < 7.2.2 Multiple Vulnerabilities 05 Feb 2015 6.8 (v2) Medium Pass FreePBX /recordings/index.php 'ari_auth' Cookie Authentication Bypass CVE-2014-7235 05 Feb 2015 10 (v2) Critical Pass DNN (DotNetNuke) < 7.4.0 Unspeci fi ed Persistent XSS CVE-2015-1566 12 Feb 2015 4.3 (v2) Medium Pass Apache ActiveMQ Web Console Default Credentials 16 Feb 2015 7.5 (v2) High 49

Pass ManageEngine EventLog Analyzer 'agentHandler' Information Disclosure CVE-2014-6038 CVE-2014-6039 18 Feb 2015 5 (v2) Medium Pass Tivoli Storage Manager Server Unauthorized Access Vulnerability CVE-2012-5944 24 Feb 2015 4.6 (v2) Medium Pass PHP 5.4.x < 5.4.38 Multiple Vulnerabilities (GHOST) CVE-2014-9705 CVE-2015-0235 CVE-2015-0273 25 Feb 2015 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.22 Multiple Vulnerabilities (GHOST) CVE-2014-9705 CVE-2015-0235 CVE-2015-0273 CVE-2015-2301 CVE-2015-8866 25 Feb 2015 9.8 (v3) Critical Pass SSH SHA-1 HMAC Algorithms Enabled (PCI DSS) 05 Apr 2022 3.7 (v3) Low Pass PHP 5.6.x < 5.6.6 Multiple Vulnerabilities (GHOST) CVE-2014-9705 CVE-2015-0235 CVE-2015-0273 CVE-2015-2301 CVE-2015-8866 25 Feb 2015 9.8 (v3) Critical Pass TYPO3 Anchor-only Links Remote Spoo fi ng Vulnerability CVE-2014-9508 27 Feb 2015 4.7 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE) CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 05 Mar 2015 7.3 (v3) High Pass ManageEngine NetFlow Analyzer Multiple Path Traversal and File Access CVE-2014-5445 CVE-2014-5446 16 Mar 2015 5 (v2) Medium Pass Cisco TelePresence VCS / Expressway Series < 8.2 SDP Media Description Vulnerability CVE-2015-0652 19 Mar 2015 7.5 (v3) High Pass Cisco TelePresence VCS / Expressway Series < 7.2.4 / 8.1.2 / 8.2.2 Login Security Bypass Vulnerability CVE-2015-0653 20 Mar 2015 9.8 (v3) Critical Pass PHP 5.4.x < 5.4.39 Multiple Vulnerabilities CVE-2015-0231 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-4147 CVE-2015-4148 24 Mar 2015 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.23 Multiple Vulnerabilities CVE-2015-0231 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-4147 CVE-2015-4148 24 Mar 2015 9.8 (v3) Critical Pass QNAP QTS / QuTS hero Information Disclosure (QSA-21-53) CVE-2021-34347 06 Apr 2022 7.5 (v3) High Pass SSL Certi fi cate with no Common Name 06 Apr 2022 None Pass SSL Certi fi cate with no Subject 06 Apr 2022 None Pass SSL/TLS Recommended Cipher Suites (PCI DSS) 06 Apr 2022 4.8 (v3) Medium Pass Oracle E-Business Multiple Vulnerabilities (October 2017 CPU) CVE-2017-3444 CVE-2017-3445 CVE-2017-3446 CVE-2017-10066 CVE-2017-10077 CVE-2017-10303 CVE-2017-10322 CVE-2017-10323 CVE-2017-10324 CVE-2017-10325 CVE-2017-10326 CVE-2017-10328 CVE-2017-10329 CVE-2017-10330 CVE-2017-1033 20 Oct 2017 9.1 (v3) Critical Pass Apache 2.4.x < 2.4.39 Multiple Vulnerabilities CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 02 Apr 2019 7.8 (v3) High Pass pfSense Web Interface Detection 19 Jan 2018 None Pass Web Site Accepts Credit Card Data 06 Apr 2022 None Pass Web Site Accepts Credit Card Data over cleartext HTTP 06 Apr 2022 4.8 (v3) Medium Pass Nokia VitalQIP Web Client Detection 09 Feb 2018 None Pass HPE Moonshot Provisioning Manager Detection 29 Jan 2018 None Pass PHP 5.6.x < 5.6.7 Multiple Vulnerabilities CVE-2015-0231 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-4147 CVE-2015-4148 24 Mar 2015 9.8 (v3) Critical Pass Riverbed SteelHead CX WAN Tra ffi c Manager Web UI Detection 26 Feb 2018 None Pass Oracle Enterprise Manager Database Express (EM Express) Detection 19 Mar 2018 None Pass IBM BigFix Compliance Detection 09 Jun 2017 None Pass HooToo TripMate Web Interface Detection 29 Jun 2017 None Pass Check_MK Server WebUI Detection 28 Jun 2017 None Pass GNU Bash Incomplete Fix Remote Code Injection (Shellshock) CVE-2014-6278 06 Apr 2015 9.8 (v3) Critical Pass Grandstream Phone Web Interface Detection 27 Sep 2017 None Pass Sonatype Nexus Repository Manager Detection 20 Jul 2016 None Pass QlikView Server Web UI Detection 23 Jun 2016 None Pass VMware vRealize Log Insight Web UI Detection 10 Aug 2016 None Pass SonicWALL Universal Management Suite Detection 15 Aug 2016 None Pass Symantec Protection Engine Detection 07 Sep 2016 None Pass EMC vApp Manager Detection 03 Nov 2016 None Pass Veritas NetBackup Appliance Web Console Detection 10 Nov 2016 None Pass Adobe Connect Detection 14 Nov 2016 None Pass IBM DB2 10.5 < Fix Pack 5 Multiple DoS Vulnerabilities CVE-2014-6209 CVE-2014-6210 CVE-2014-8901 16 Apr 2015 4.3 (v3) Medium Pass Accellion Secure File Transfer Appliance Detection 27 Jul 2015 None Pass Oracle iPlanet Web Server Detection 07 Aug 2015 None Pass Microsoft UDDI Services Detection 13 Aug 2015 None Pass IBM BigFix Web Reports Detection 18 Nov 2016 None Pass Schneider Electric InduSoft Web Studio < 7.1.3.5 Local Plaintext Password Information Disclosure (SEVD-2015-100-01) CVE-2015-1009 14 Aug 2015 1.7 (v2) Low Pass Advantech WebAccess < 7.0-2009.06.29 Multiple Vulnerabilities CVE-2011-4521 CVE-2011-4522 CVE-2011-4523 CVE-2011-4524 CVE-2011-4525 CVE-2011-4526 CVE-2012-0233 CVE-2012-0234 CVE-2012-0235 CVE-2012-0236 CVE-2012-0237 CVE-2012-0238 CVE-2012-0239 CVE-2012-0240 CVE-2012-0241 CVE-2012-0 28 Aug 2015 10 (v2) Critical Pass Siemens SIMATIC S7-1200 PLC Web Server Detection 02 Mar 2015 None Pass Symantec Data Center Security Web Administration Interface Detection 26 Feb 2015 None Pass Loxone Smart Home Miniserver Web Server Version Detection 13 Mar 2015 None Pass WordPress Plugin 'Social Warfare' < 3.5.3 XSS CVE-2019-9978 07 Apr 2022 6.1 (v3) Medium Pass LiveZilla Detection 14 Dec 2013 None Pass QNAP QTS / QuTS hero Out-of-Bounds Read (QSA-21-40) CVE-2021-3712 07 Apr 2022 7.4 (v3) High Pass ManageEngine Access Manager Plus Detection 07 Apr 2022 None Pass Quantum vmPRO Web Administration Interface Detection 24 Mar 2014 None Pass QNAP QTS / QuTS hero Out-of-Bounds Read (QSA-21-27) CVE-2021-20254 07 Apr 2022 6.8 (v3) Medium Pass ManageEngine Access Manager Plus Authentication Bypass (CVE-2021-44676) CVE-2021-44676 07 Apr 2022 9.8 (v3) Critical Pass trixbox Web Detection 15 Apr 2014 None Pass Post fi x Admin Detection 30 Apr 2014 None Pass VMware Horizon Workspace Detection 06 May 2014 None Pass QNAP QTS / QuTS hero Multiple Bu ff er Over fl ow Vulnerabilities (QSA-21-33) CVE-2021-28816 CVE-2021-34343 07 Apr 2022 8.8 (v3) High Pass McAfee VirusScan Enterprise for Linux User Interface Detection 03 May 2014 None Pass WebTitan Detect 18 Jul 2014 None Pass Symantec Data Insight Management Console Detection 03 Jul 2014 None Pass Foreman Smart-Proxy TFTP Detection 17 Jul 2014 None Pass HP Smart Update Manager Detection 24 Jul 2014 None Pass Barco ClickShare Device Detect 19 Aug 2014 None Pass Web Server Generic XSS CVE-2002-1060 CVE-2002-1700 CVE-2003-1543 CVE-2005-2453 CVE-2006-1681 CVE-2012-3382 30 Nov 2001 6.1 (v3) Medium Pass Oracle Enterprise Data Quality Dashboard Detection 30 Oct 2014 None Pass Oracle Enterprise Data Quality Director Detection 30 Oct 2014 None Pass Oracle Business Transaction Management Detection 31 Oct 2014 None Pass Goverlan Agent Remote Detection 12 Feb 2019 None Pass Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027) CVE-2019-19781 24 Dec 2019 9.8 (v3) Critical Pass Trend Micro O ffi ceScan Multiple Vulnerabilities (000245571) CVE-2020-8467 CVE-2020-8468 CVE-2020-8470 CVE-2020-8598 CVE-2020-8599 18 Mar 2020 9.8 (v3) Critical Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX276688) CVE-2019-18177 CVE-2020-8187 CVE-2020-8190 CVE-2020-8191 CVE-2020-8193 CVE-2020-8194 CVE-2020-8195 CVE-2020-8196 CVE-2020-8197 CVE-2020-8198 CVE-2020-8199 08 Jul 2020 8.8 (v3) High Pass MySQL Enterprise Monitor 3.4.x < 3.4.10 / 4.x < 4.0.7 / 8.x < 8.0.3 Multiple Vulnerabilities (Oct 2018 CPU) CVE-2018-1258 CVE-2018-8014 CVE-2018-11776 24 Jul 2020 9.8 (v3) Critical Pass HPE Edgeline Infrastructure Manager Authentication Bypass CVE-2020-7199 24 Feb 2021 9.8 (v3) Critical Pass Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal (cisco-sa-asaftd-ro-path-KJuQhB86) CVE-2020-3452 29 Jul 2020 7.5 (v3) High Pass Python Unsupported Version Detection 07 Apr 2021 10 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2804 CVE-2018-2864 CVE-2018-2865 CVE-2018-2866 CVE-2018-2867 CVE-2018-2868 CVE-2018-2869 CVE-2018-2870 CVE-2018-2871 CVE-2018-2872 CVE-2018-2873 CVE-2018-2874 20 Apr 2018 9.1 (v3) Critical Pass SonicWall Email Security 10.0.x < 10.0.9.6173 / 6177 Multiple Vulnerabilities CVE-2021-20021 CVE-2021-20022 CVE-2021-20023 28 Apr 2021 9.8 (v3) Critical Pass Juniper NSM < 2012.2R11 Multiple OpenSSL Vulnerabilities (JSA10679) (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 21 Apr 2015 5 (v2) Medium Pass PHP 5.4.x < 5.4.40 Multiple Vulnerabilities CVE-2014-9709 CVE-2015-1352 CVE-2015-2301 CVE-2015-2783 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4 23 Apr 2015 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.24 Multiple Vulnerabilities CVE-2015-1351 CVE-2015-1352 CVE-2015-2783 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605 23 Apr 2015 9.8 (v3) Critical Pass PCI DSS Compliance : Point-of-Sale (POS) Software Using Default Credentials 07 Apr 2022 4.8 (v3) Medium Pass PHP 5.6.x < 5.6.8 Multiple Vulnerabilities CVE-2015-1351 CVE-2015-1352 CVE-2015-2783 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605 23 Apr 2015 9.8 (v3) Critical Pass Magento Mage_Adminhtml_Block_Report_Search_Grid Class 'popularity' Parameter SQLi CVE-2015-1397 11 May 2015 6.5 (v2) Medium Pass Magento XML-RPC XXE Arbitrary File Disclosure CVE-2012-6091 12 May 2015 5 (v2) Medium Pass EMC AutoStart < 5.5.0 HF4 ftAgent Remote Code Execution CVE-2015-0538 14 May 2015 9.3 (v2) High Pass GPON ONT Home Gateway Router is vulnerable to authenticated remote command execution (CVE-2018-10562) CVE-2018-10562 19 Dec 2018 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.26 Multiple vulnerabilities. CVE-2016-10166 CVE-2018-19935 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 31 Jan 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.11 Multiple Vulnerabilities CVE-2016-1283 CVE-2017-16642 16 Nov 2017 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway < 8.8.2 Received Packet Parser DoS CVE-2017-3790 22 Feb 2017 8.6 (v3) High Pass PowerFolder Java Object Deserialization RCE 24 Jun 2016 10 (v2) Critical Pass Default Password 'xc3511' for 'root' Account CVE-1999-0502 CVE-2016-1000245 28 Oct 2016 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.11 awk Magic Parsing BEGIN DoS CVE-2013-7345 08 Apr 2014 5 (v2) Medium Pass IBM Domino 8.5.x < 8.5.3 Fix Pack 5 Interim Fix 1 iNotes Bu ff er Over fl ow CVE-2013-4068 28 May 2014 7.1 (v2) High Pass PHP 5.3.x < 5.3.15 Multiple Vulnerabilities CVE-2012-2688 CVE-2012-3365 20 Jul 2012 10 (v2) Critical Pass PHP 5.3.x < 5.3.29 Multiple Vulnerabilities CVE-2013-6712 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049 CVE-2014-4721 20 Aug 2014 7.3 (v3) High Pass eLouai's Force Download Script fi le Parameter File Disclosure 08 Nov 2010 5 (v2) Medium Pass Default Password (merlin) for 'mg3500' Account CVE-1999-0502 CVE-2010-4233 15 Nov 2010 9.8 (v3) Critical Pass HP Intelligent Management Center Multiple Vulnerabilities CVE-2011-1848 CVE-2011-1849 CVE-2011-1850 CVE-2011-1851 CVE-2011-1852 CVE-2011-1853 CVE-2011-1854 08 Jun 2011 10 (v2) Critical Pass Milter Detection 26 Jan 2008 None Pass DNN (DotNetNuke) Language Flag Selector Culture XSS 21 May 2013 4.3 (v2) Medium Pass HP Data Protector Local Privilege Escalation CVE-2012-5220 24 Jun 2013 7.2 (v2) High Pass Acajoom Component for Joomla! 'mailingid' Parameter SQLi CVE-2008-1427 19 Mar 2008 7.3 (v3) High Pass SmarterMail Subject Field XSS CVE-2008-0872 07 Apr 2008 4.3 (v2) Medium Pass dotCMS search-results.dot search_query Parameter XSS CVE-2008-2397 04 Jun 2008 4.3 (v2) Medium Pass Adobe Flex 3 History Management historyFrame.html XSS CVE-2008-2640 18 Jun 2008 4.3 (v2) Medium Pass Sun GlassFish Enterprise < 2.1 Patch 02 Denial of Service 09 Jun 2009 2.1 (v2) Low Pass CGI Generic Path Traversal 19 Jun 2009 5.3 (v3) Medium Pass Basic Analysis and Security Engine Authentication Check 26 Jun 2009 5 (v2) Medium 50

Pass Microsoft SQL Server Default Credentials 13 Feb 2002 9.8 (v3) Critical Pass ViewCVS viewcvs.cgi Multiple Parameter XSS CVE-2002-0771 27 Sep 2004 4.3 (v2) Medium Pass Cayman DSL Router Single Character String Authentication Bypass. CVE-2001-1430 13 Aug 2001 7.5 (v2) High Pass MDaemon File Creation Local Privilege Escalation CVE-2004-2504 24 Nov 2004 7.2 (v2) High Pass SquirrelMail S/MIME Plug-in Remote Command Execution CVE-2005-0239 03 Mar 2005 6.5 (v2) Medium Pass SimpGB guestbook.php quote Parameter SQL Injection CVE-2005-0786 15 Mar 2005 7.5 (v2) High Pass Netquery <= 3.11 nquser.php host Parameter Arbitrary Command Execution CVE-2005-2684 25 Aug 2005 7.5 (v2) High Pass MyBB misc.php Multiple SQL Injection Vulnerabilities CVE-2005-2888 17 Sep 2005 7.5 (v2) High Pass SSL Version 2 and 3 Protocol Detection 12 Oct 2005 9.8 (v3) Critical Pass Comersus Cart /comersus/database/comersus.mdb Direct Request Datbase Disclosure 02 Nov 2005 5 (v2) Medium Pass phpWebThings Multiple Scripts SQL Injection CVE-2005-3585 CVE-2005-4218 08 Nov 2005 7.5 (v2) High Pass Zen Cart password_forgotten.php admin_email Parameter SQL Injection CVE-2005-3996 03 Dec 2005 5.1 (v2) Medium Pass dotProject docs/ Directory Multiple Script Information Disclosure CVE-2006-0756 15 Feb 2006 5 (v2) Medium Pass MODx < 0.9.1a Multiple Vulnerabilities CVE-2006-1820 CVE-2006-1821 17 Apr 2006 6.4 (v2) Medium Pass X7 Chat help/index.php help_ fi le Parameter Local File Inclusion CVE-2006-2156 03 May 2006 6.4 (v2) Medium Pass eFiction < 2.0.2 Multiple Remote Vulnerabilities (SQLi, XSS, Disc) CVE-2005-4167 CVE-2005-4168 CVE-2005-4169 CVE-2005-4170 CVE-2005-4171 CVE-2005-4172 CVE-2005-4173 CVE-2005-4174 29 Dec 2005 7.5 (v2) High Pass Loudblog index.php id Parameter SQL Injection CVE-2006-3832 25 Jul 2006 7.5 (v2) High Pass IBM Lotus Domino IMAP Service Mailbox Name Over fl ow CVE-2007-3510 24 Oct 2007 9 (v2) High Pass Plogger plog-rss.php id Parameter SQL Injection CVE-2007-6587 23 Dec 2007 7.5 (v2) High Pass mvnForum activatemember Multiple Parameter XSS CVE-2006-3245 27 Jun 2006 2.6 (v2) Low Pass PHP 5.4.x < 5.4.41 Multiple Vulnerabilities CVE-2006-7243 CVE-2015-2325 CVE-2015-2326 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 18 May 2015 9.8 (v3) Critical Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Oct 2019 CPU) CVE-2017-12626 CVE-2019-2976 CVE-2019-3020 18 Oct 2019 9.3 (v3) Critical Pass CMS Made Simple modules/TinyMCE/content_css.php templateid Parameter SQL Injection CVE-2007-6656 02 Jan 2008 7.5 (v2) High Pass Apache Tomcat 9.0.0 < 9.0.35 Remote Code Execution CVE-2020-9484 22 May 2020 7 (v3) High Pass Dotnetnuke 5.0.x < 9.6.1 (09.06.01) 12 Jun 2020 6.1 (v3) Medium Pass Oracle E-Business Suite Multiple Vulnerabilities (April 2021 CPU) CVE-2017-14735 CVE-2019-10086 CVE-2020-1967 CVE-2020-9488 CVE-2021-2150 CVE-2021-2153 CVE-2021-2155 CVE-2021-2156 CVE-2021-2181 CVE-2021-2182 CVE-2021-2183 CVE-2021-2184 CVE-2021-2185 CVE-2021-2186 CVE-2021-2187 CVE-2021 23 Apr 2021 9.1 (v3) Critical Pass TYPO3 9.5.12 < 9.5.17 / 10.2 < 10.4.2 XSS (TYPO3-CORE-SA-2020-003) CVE-2020-11065 13 Jul 2020 5.4 (v3) Medium Pass PHP 5.5.x < 5.5.25 Multiple Vulnerabilities CVE-2006-7243 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 18 May 2015 7.5 (v3) High Pass PHP 5.6.x < 5.6.9 Multiple Vulnerabilities CVE-2006-7243 CVE-2015-2325 CVE-2015-2326 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 18 May 2015 9.8 (v3) Critical Pass eFront < 3.6.15.4 Build 18023 Multiple Vulnerabilities 26 May 2015 6.5 (v2) Medium Pass SSL/TLS Di ffi e-Hellman Modulus <= 1024 Bits (Logjam) CVE-2015-4000 28 May 2015 3.7 (v3) Low Pass Jenkins < 1.565.3 / 1.586 Multiple Vulnerabilities CVE-2014-9634 CVE-2014-9635 03 Jun 2015 5.3 (v3) Medium Pass Dell NetVault Backup 10.0.x < 10.0.5 RCE CVE-2015-4067 CVE-2015-5696 05 Jun 2015 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (July 2013 CPU) CVE-2013-3751 CVE-2013-3758 CVE-2013-3774 CVE-2013-3760 CVE-2013-3771 CVE-2013-3789 CVE-2013-3790 17 Jul 2013 9.9 (v3) Critical Pass SSL/TLS Recommended Cipher Suites 20 Jan 2022 None Pass IBM WebSphere Application Server Admin Console 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSS CVE-2018-1777 27 May 2020 5.4 (v3) Medium Pass SSH SHA-1 HMAC Algorithms Enabled 23 Sep 2021 None Pass Jenkins plugins Multiple Vulnerabilities (2022-03-29) CVE-2022-28133 CVE-2022-28134 CVE-2022-28135 CVE-2022-28136 CVE-2022-28137 CVE-2022-28138 CVE-2022-28139 CVE-2022-28140 CVE-2022-28141 CVE-2022-28142 CVE-2022-28143 CVE-2022-28144 CVE-2022-28145 CVE-2022-28146 CVE-2022-2 31 Mar 2022 8.8 (v3) High Pass SonicWall Secure Mobile Access (SMA) SQLi (SNWLID-2021-0017) CVE-2021-20028 04 Apr 2022 9.8 (v3) Critical Pass Cisco IOS XR Software Border Gateway Protocol DoS (cisco-sa-20100827-bgp) CVE-2010-3035 05 Apr 2022 7.5 (v3) High Pass IBM WebSphere Application Server 9.x < 9.0.5.12 Clickjacking CVE-2021-39038 03 Mar 2022 5.4 (v3) Medium Pass GitLab 12.10.x < 14.6.5 / 14.7.x < 14.7.4 / 14.8.x < 14.8.2 Multiple Vulnerabilities CVE-2022-0735 CVE-2022-0741 CVE-2022-0751 03 Mar 2022 9.8 (v3) Critical Pass PHP 5.4.x < 5.4.42 Multiple Vulnerabilities CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644 24 Jun 2015 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.26 Multiple Vulnerabilities CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644 24 Jun 2015 9.8 (v3) Critical Pass Jenkins LTS < 2.303.3 / Jenkins weekly < 2.319 Multiple Vulnerabilities CVE-2021-21685 CVE-2021-21686 CVE-2021-21687 CVE-2021-21688 CVE-2021-21689 CVE-2021-21690 CVE-2021-21691 CVE-2021-21692 CVE-2021-21693 CVE-2021-21694 CVE-2021-21695 CVE-2021-21696 CVE-2021-21697 CVE-2021-21698 04 Nov 2021 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.10 Multiple Vulnerabilities CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644 24 Jun 2015 9.8 (v3) Critical Pass PHP 5.4.x < 5.4.43 Multiple Vulnerabilities (BACKRONYM) CVE-2015-3152 CVE-2015-5589 CVE-2015-5590 CVE-2015-8838 10 Jul 2015 9.8 (v3) Critical Pass Dell EMC iDRAC8 < 2.83.83.83 (DSA-2022-069) CVE-2022-24423 11 Apr 2022 7.5 (v3) High Pass PHP 5.5.x < 5.5.27 Multiple Vulnerabilities (BACKRONYM) CVE-2015-3152 CVE-2015-5589 CVE-2015-5590 CVE-2015-8838 10 Jul 2015 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.11 Multiple Vulnerabilities (BACKRONYM) CVE-2015-3152 CVE-2015-5589 CVE-2015-5590 CVE-2015-8838 10 Jul 2015 9.8 (v3) Critical Pass IBM DB2 10.5 <= Fix Pack 5 Multiple Vulnerabilities CVE-2014-8910 CVE-2015-0157 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 18 Jul 2015 9.8 (v3) Critical Pass HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK) CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8142 CVE-2014-8275 CVE-2014-9427 CVE-2014-9652 CVE-2014-9653 CVE-2014-9705 CVE-2015-0204 CVE-2015-0 22 Jul 2015 7.5 (v2) High Pass Moodle 'external.php' 'badge' Parameter XSS CVE-2013-5674 20 Sep 2013 4.3 (v2) Medium Pass Polycom HDX < 3.1.1.2 Multiple Vulnerabilities 23 Sep 2013 10 (v2) Critical Pass Cisco IronPort PostX < 6.2.9.1 Multiple Vulnerabilities CVE-2010-0143 CVE-2010-0144 CVE-2010-0145 23 Sep 2013 10 (v2) Critical Pass ManageEngine ADSelfService Plus < build 6121 XSS CVE-2022-24681 13 Apr 2022 6.1 (v3) Medium Pass Cisco IOS XE Software Tool Command Language Privilege Escalation (cisco-sa-iosxe-priv-esc-grbtubU) CVE-2022-20676 13 Apr 2022 6.7 (v3) Medium Pass Cisco IOS XE Software for Catalyst 9000 Family Switches Catalyst 9000 Family Wireless Controllers Privilege Escalation (cisco-sa-ewlc-priv-esc-ybvHKO5) CVE-2022-20681 13 Apr 2022 7.8 (v3) High Pass HP System Management Homepage ginkgosnmp.inc Command Injection CVE-2013-3576 25 Sep 2013 9 (v2) High Pass Apache Struts 2 'action:' Parameter Pre fi x Security Constraint Bypass CVE-2013-4310 CVE-2013-4316 27 Sep 2013 6.5 (v3) Medium Pass Dell iDRAC6 / iDRAC7 Login Page 'ErrorMsg' Parameter XSS CVE-2013-3589 13 Oct 2013 4.3 (v2) Medium Pass IBM DB2 10.1 < Fix Pack 3 Multiple Vulnerabilities CVE-2013-3475 CVE-2013-4032 CVE-2013-4033 16 Oct 2013 8.8 (v3) High Pass AjaXplorer < 5.0.1 Multiple Command Execution Vulnerabilities CVE-2013-4267 18 Oct 2013 6.5 (v2) Medium Pass Schneider Electric C-Gate < 2.11.6 Multiple Vulnerabilities CVE-2021-22717 CVE-2021-22719 CVE-2021-22720 26 May 2021 8.8 (v3) High Pass Cogent DataHub < 7.3.0 Multiple Vulnerabilities CVE-2013-0680 CVE-2013-0681 CVE-2013-0682 CVE-2013-0683 22 Oct 2013 7.5 (v2) High Pass Default Password (netoptics) for 'admin' Account CVE-1999-0502 23 Oct 2013 9.8 (v3) Critical Pass Net Optics Director Default Credentials 23 Oct 2013 7.5 (v2) High Pass Zabbix Web Interface Default Administrator Credentials 11 Nov 2013 7.5 (v2) High Pass Drupal Google Site Search Module API Data Handling XSS CVE-2013-4384 15 Nov 2013 4.3 (v2) Medium Pass Oracle JavaServer Faces Multiple Partial Directory Traversals CVE-2013-3827 19 Nov 2013 5 (v2) Medium Pass PineApp Mail-SeCure admin/confnetworking.html Multiple Parameter Remote Command Injection CVE-2013-6829 CVE-2013-6830 22 Nov 2013 8.8 (v3) High Pass nginx < 1.4.4 / 1.5.7 ngx_parse_http Security Bypass CVE-2013-4547 27 Nov 2013 7.3 (v3) High Pass Nagios Looking Glass Addon for Nagios server/s3_download.php File Disclosure 02 Dec 2013 5 (v2) Medium Pass IBM Domino Web Administrator Multiple Vulnerabilities CVE-2013-4050 CVE-2013-4051 CVE-2013-4055 03 Dec 2013 6 (v2) Medium Pass Jenkins Accessible without Credentials 04 Dec 2013 7.5 (v2) High Pass PHP 5.3.x < 5.3.28 Multiple OpenSSL Vulnerabilities CVE-2013-4073 CVE-2013-4248 CVE-2013-6420 14 Dec 2013 7.3 (v3) High Pass ThoughtWorks GoCD Default Administrator Access 25 Jan 2022 9.8 (v3) Critical Pass Microsoft Windows Server Version 2004 Unsupported Version Detection 25 Jan 2022 10 (v3) Critical Pass Microsoft Windows 10 Version 2004 Unsupported Version Detection 25 Jan 2022 10 (v3) Critical Pass GoCD < 21.3.0 Path Traversal 25 Jan 2022 10 (v3) Critical Pass ThoughtWorks GoCD Web interface detection 25 Jan 2022 None Pass PHP 5.4.x < 5.4.23 OpenSSL openssl_x509_parse() Memory Corruption CVE-2013-6420 14 Dec 2013 7.5 (v2) High Pass PHP 5.5.x < 5.5.7 OpenSSL openssl_x509_parse() Memory Corruption CVE-2013-6420 14 Dec 2013 7.5 (v2) High Pass LiveZilla 'mobile/php/translation/index.php' 'g_language' Parameter Local File Inclusion CVE-2013-6225 14 Dec 2013 7.5 (v2) High Pass LiveZilla < 5.1.1.0 Multiple Vulnerabilities CVE-2013-6223 CVE-2013-6224 CVE-2013-6225 CVE-2013-7002 14 Dec 2013 4.3 (v2) Medium Pass Cisco Data Center Network Manager Authorization Bypass Vulnerabilities (cisco-sa-dcnm-authbypass-OHBPbxu) CVE-2021-1269 CVE-2021-1270 01 Jul 2021 6.5 (v3) Medium Pass Tenable Passive Vulnerability Scanner Unsupported Version Detection (remote check) 16 Dec 2013 10 (v2) Critical Pass MySQL 8.0.x < 8.0.26 Multiple Vulnerabilities (Jul 2021 CPU) CVE-2019-17543 CVE-2021-2339 CVE-2021-2340 CVE-2021-2342 CVE-2021-2352 CVE-2021-2354 CVE-2021-2356 CVE-2021-2357 CVE-2021-2367 CVE-2021-2370 CVE-2021-2372 CVE-2021-2374 CVE-2021-2383 CVE-2021-2384 CVE-2021-2385 CVE-2021- 22 Jul 2021 8.1 (v3) High Pass Oracle Database Server Multiple Vulnerabilities (Jul 2021 CPU) CVE-2018-21010 CVE-2019-12415 CVE-2019-12973 CVE-2019-17545 CVE-2019-17566 CVE-2020-7760 CVE-2020-8908 CVE-2020-10543 CVE-2020-10878 CVE-2020-11987 CVE-2020-11988 CVE-2020-12723 CVE-2020-13956 CVE-2020-15389 CVE-2020-256 23 Jul 2021 9.8 (v3) Critical Pass Oracle Primavera Gateway (Jul 2021 CPU) CVE-2019-17195 CVE-2020-8203 CVE-2020-25649 CVE-2020-36189 CVE-2021-21290 CVE-2021-21409 22 Jul 2021 9.8 (v3) Critical Pass Oracle E-Business Suite Multiple Vulnerabilities (July 2021 CPU) CVE-2021-2343 CVE-2021-2355 CVE-2021-2359 CVE-2021-2360 CVE-2021-2361 CVE-2021-2362 CVE-2021-2363 CVE-2021-2364 CVE-2021-2365 CVE-2021-2380 CVE-2021-2393 CVE-2021-2398 CVE-2021-2405 CVE-2021-2406 CVE-2021-2415 CVE-2021-2 23 Jul 2021 9.1 (v3) Critical Pass VMware vRealize Operations Manager 7.5.x / 8.x Multiple Vulnerabilities (VMSA-2021-0018) CVE-2021-22022 CVE-2021-22023 CVE-2021-22024 CVE-2021-22025 CVE-2021-22026 CVE-2021-22027 27 Aug 2021 7.5 (v3) High Pass Cisco Application Policy Infrastructure Controller Multiple Vulnerabilities (cisco-sa-capic-mdvul-HBsJBuvW) CVE-2021-1580 CVE-2021-1581 01 Sep 2021 9.1 (v3) Critical Pass MySQL 8.0.x < 8.0.21 Multiple Vulnerabilities (Jul 2020 CPU) CVE-2019-1551 CVE-2020-1967 CVE-2020-5258 CVE-2020-14539 CVE-2020-14540 CVE-2020-14547 CVE-2020-14550 CVE-2020-14553 CVE-2020-14559 CVE-2020-14568 CVE-2020-14575 CVE-2020-14576 CVE-2020-14586 CVE-2020-14591 CVE-2020-1459 16 Jul 2020 7.5 (v3) High Pass MySQL 5.7.x < 5.7.32 Multiple Vulnerabilities (Oct 2020 CPU) CVE-2020-14672 CVE-2020-14760 CVE-2020-14765 CVE-2020-14769 CVE-2020-14771 CVE-2020-14775 CVE-2020-14776 CVE-2020-14789 CVE-2020-14790 CVE-2020-14793 CVE-2020-14812 CVE-2020-14827 CVE-2020-14867 CVE-2020-14869 22 Oct 2020 6.5 (v3) Medium Pass ManageEngine NCM < 12.5.465 SQLi CVE-2021-41081 01 Feb 2022 9.8 (v3) Critical Pass ManageEngine Network Con fi guration Manager (NCM) Detection 01 Feb 2022 None Pass VMware vCenter Server < 6.7 Multiple Vulnerabilities (VMSA-2021-0020) CVE-2021-21991 CVE-2021-21992 CVE-2021-21993 CVE-2021-22005 CVE-2021-22006 CVE-2021-22007 CVE-2021-22008 CVE-2021-22009 CVE-2021-22010 CVE-2021-22011 CVE-2021-22014 CVE-2021-22015 CVE-2021-22016 CVE-2021-22017 CVE-2021-2 22 Sep 2021 9.8 (v3) Critical Pass VMware vCenter Server < 7.0 U2c Multiple Vulnerabilities (VMSA-2021-0020) CVE-2021-21991 CVE-2021-21992 CVE-2021-21993 CVE-2021-22005 CVE-2021-22006 CVE-2021-22007 CVE-2021-22008 CVE-2021-22009 CVE-2021-22010 CVE-2021-22014 CVE-2021-22015 CVE-2021-22019 CVE-2021-22020 22 Sep 2021 9.8 (v3) Critical Pass VMware vCenter Server < 6.5 U3q Multiple Vulnerabilities (VMSA-2021-0020) CVE-2021-21991 CVE-2021-21992 CVE-2021-21993 CVE-2021-22008 CVE-2021-22009 CVE-2021-22011 CVE-2021-22012 CVE-2021-22013 CVE-2021-22014 CVE-2021-22015 CVE-2021-22017 CVE-2021-22019 22 Sep 2021 7.8 (v3) High Pass Apache Tra ffi c Server Version 04 Apr 2012 None Pass PolarSSL 'asn1_get_sequence_of' Function Uninitialized Pointer RCE CVE-2015-1182 28 Jan 2015 10 (v3) Critical Pass LDAP NULL BASE Search Access 13 Aug 2001 5 (v2) Medium Pass Apache Tra ffi c Server - HTTP Smuggling and Cache poisoning CVE-2018-8004 28 May 2020 6.5 (v3) Medium Pass Atlassian Jira < 8.21.0 Broken Access Control (JRASERVER-73071) CVE-2021-43946 27 Jan 2022 6.5 (v3) Medium Pass Jenkins LTS < 2.303.2 / Jenkins weekly < 2.315 Multiple Vulnerabilities CVE-2014-3577 CVE-2021-21682 CVE-2021-21683 CVE-2021-21684 13 Oct 2021 6.5 (v3) Medium Pass SolarWinds Orion Platform < 2020.2.6 HF1 Multiple Vulnerabilities CVE-2021-35219 CVE-2021-35220 CVE-2021-35221 CVE-2021-35222 CVE-2021-35238 CVE-2021-35239 CVE-2021-35240 22 Oct 2021 9.6 (v3) Critical Pass EtherNet/IP CIP EDS Metadata 27 May 2016 None Pass Cisco UCS Platform Emulator Web UI Detection 06 Jul 2016 None Pass Citrix XenDesktop Director Detection 04 Nov 2013 None Pass HP Data Protector 8.x Arbitrary Command Execution (HPSBMU03072) CVE-2014-2623 21 Jul 2014 10 (v2) Critical Pass SonicWall SonicOS Firewall Multiple Management Vulnerabilities (URGENT/11) CVE-2019-12255 CVE-2019-12256 CVE-2019-12257 CVE-2019-12258 CVE-2019-12259 CVE-2019-12260 CVE-2019-12261 CVE-2019-12262 CVE-2019-12263 CVE-2019-12264 CVE-2019-12265 29 Jul 2019 9.8 (v3) Critical 51

Pass Pulse Connect Secure Arbitrary File Read Vulnerability (CVE-2019-11510) CVE-2019-11510 16 Aug 2019 10 (v3) Critical Pass Apple AirPlay Web Detection 14 Aug 2019 None Pass Jenkins Enterprise and Operations Center < 2.249.31.0.4 / 2.277.4.3 Multiple Vulnerabilities (CloudBees Security Advisory 2021-05-11) CVE-2021-21648 CVE-2021-21649 CVE-2021-21650 CVE-2021-21651 CVE-2021-21652 CVE-2021-21653 CVE-2021-21654 CVE-2021-21655 CVE-2021-21656 08 Nov 2021 7.1 (v3) High Pass QNAP QTS / QuTS hero Multiple Vulnerabilities in Samba (QSA-22-03) CVE-2021-44141 CVE-2021-44142 CVE-2022-0336 05 Apr 2022 8.8 (v3) High Pass QNAP QTS / QuTS Hero DEADBOLT Ransomware (QSA-22-02) 05 Apr 2022 9.8 (v3) Critical Pass QNAP QTS / QuTS hero Insu ffi cient HTTP Security Headers (QSA-21-03) CVE-2018-19957 07 Apr 2022 6.1 (v3) Medium Pass QNAP QTS / QuTS hero Command Injection (QSA-21-05) CVE-2020-2509 19 Apr 2022 9.8 (v3) Critical Pass Oracle MySQL Enterprise Monitor (Apr 2022 CPU) CVE-2021-41184 CVE-2021-42340 CVE-2021-44832 CVE-2022-0778 CVE-2022-22965 CVE-2022-23181 CVE-2022-23305 20 Apr 2022 9.8 (v3) Critical Pass Cisco IOS XE Software IOx Application Hosting Environment (cisco-sa-iox-yuXQ6hFj) CVE-2022-20677 CVE-2022-20718 CVE-2022-20719 CVE-2022-20720 CVE-2022-20721 CVE-2022-20722 CVE-2022-20723 CVE-2022-20724 CVE-2022-20725 CVE-2022-20727 22 Apr 2022 7.5 (v3) High Pass OpenSSL 1.1.1 < 1.1.1o Vulnerability CVE-2022-1292 03 May 2022 9.8 (v3) Critical Pass GitLab 1.0.2 < 14.8.6 Multiple Vulnerabilities CVE-2022-1413 CVE-2022-1416 CVE-2022-1423 06 May 2022 8.8 (v3) High Pass ManageEngine Access Manager Plus REST API Restriction Bypass (CVE-2022-29081) CVE-2022-29081 09 May 2022 9.8 (v3) Critical Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M5 vulnerability CVE-2020-9484 22 Jun 2021 7 (v3) High Pass Apache Struts Unsupported Version Detection 13 Sep 2018 10 (v3) Critical Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge DoS (cisco-sa-n9kaci-queue-wedge-cLDDEfKF) CVE-2021-1523 21 Feb 2022 8.6 (v3) High Pass ManageEngine ADManager Plus < Build 7115 RCE CVE-2021-42002 25 Feb 2022 9.8 (v3) Critical Pass Cisco NX-OS Software NX-API Command Injection (cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2) CVE-2022-20650 03 Mar 2022 8.8 (v3) High Pass Cisco NX-OS Software Cisco Fabric Services Over IP DoS (cisco-sa-cfsoip-dos-tpykyDr) CVE-2022-20624 03 Mar 2022 7.5 (v3) High Pass Cisco TelePresence Video Communication Server Bash Remote Code Execution (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 21 Oct 2014 10 (v2) Critical Pass Intel Management Engine Insecure Read / Write Operations RCE (INTEL-SA-00075) (remote check) CVE-2017-5689 03 May 2017 9.8 (v3) Critical Pass Pgbouncer Service Detection 17 Aug 2016 None Pass VMware ESX Multiple Bash Vulnerabilities (VMSA-2014-0010) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 30 Dec 2015 10 (v2) Critical Pass Visual Mining NetCharts Server Web UI Detection 02 Dec 2014 None Pass GNU Bash Local Environment Variable Handling Command Injection via Telnet (CVE-2014-7169) (Shellshock) CVE-2014-7169 25 Sep 2014 10 (v2) Critical Pass Gurock TestRail Detection 21 Aug 2014 None Pass EMC Documentum D2 Detection (credentialed) 21 Aug 2014 None Pass VMware Workspace Portal Multiple Bash Shell Vulnerabilities (VMSA-2014-0010) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 04 Nov 2014 10 (v2) Critical Pass Cisco Wireless LAN Controller Multiple Vulnerabilities CVE-2018-0417 CVE-2018-0441 CVE-2018-0442 CVE-2018-0443 26 Oct 2018 7.5 (v3) High Pass Apache Solr Con fi g API Velocity Template RCE (Direct Check) CVE-2019-17558 06 Dec 2019 7.5 (v3) High Pass Cisco Small Business RV Series Routers Multiple Vulnerabilities (cisco-sa-sb-rv-bypass-inject-Rbhgvfdx) CVE-2021-1472 CVE-2021-1473 15 Apr 2021 9.8 (v3) Critical Pass VMware vCenter Server RCE (direct check) CVE-2021-21972 25 Feb 2021 9.8 (v3) Critical Pass Trend Micro ServerProtect Static Credential (CVE-2022-25329) CVE-2022-25329 07 Mar 2022 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.6 / 2.303.x < 2.303.30.0.5 / 2.319.3.3 Multiple DoS (CloudBees Security Advisory 2022-02-09) CVE-2021-43859 CVE-2022-0538 07 Mar 2022 7.5 (v3) High Pass IBM WebSphere Application Server 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.20 / 9.0.x < 9.0.5.8 Multiple Vulnerabilities CVE-2011-1498 CVE-2012-6153 CVE-2014-3577 CVE-2015-5262 20 May 2021 8.1 (v3) High Pass Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST) CVE-2011-3389 07 Feb 2014 4.3 (v2) Medium Pass Citrix SD-WAN Center Test Build Network DoS (CTX297155) CVE-2020-8299 18 Jun 2021 6.5 (v3) Medium Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX297155) CVE-2020-8299 CVE-2020-8300 18 Jun 2021 6.5 (v3) Medium Pass PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities CVE-2013-7226 CVE-2013-7327 CVE-2013-7328 CVE-2014-2020 14 Feb 2014 6.8 (v2) Medium Pass Symantec Encryption Management Server < 3.3.2 Information Disclosure CVE-2014-1643 14 Feb 2014 4 (v2) Medium Pass JForum jforum.page start Parameter XSS CVE-2012-5337 14 Feb 2014 4.3 (v2) Medium Pass MediaWiki thumb.php 'w' Parameter Remote Shell Command Injection CVE-2014-1610 21 Feb 2014 8.8 (v3) High Pass Serv-U FTP Server < 15.0.1.20 DoS 24 Feb 2014 5 (v2) Medium Pass PostgreSQL 8.4 < 8.4.20 / 9.0 < 9.0.16 / 9.1 < 9.1.12 / 9.2 < 9.2.7 / 9.3 < 9.3.3 Multiple Vulnerabilities CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-2669 24 Feb 2014 9.8 (v3) Critical Pass Cisco IOS HTTP Client Information Disclosure Vulnerability (cisco-sa-20190925-http-client) CVE-2019-12665 10 Oct 2019 7.4 (v3) High Pass Cisco IOS XR Software for Cisco 8000 and NCS 540 Routers Image Veri fi cation Vulnerabilities (cisco-sa-ioxr-l-zNhcGCBt) CVE-2021-1136 CVE-2021-1244 11 Mar 2021 6.7 (v3) Medium Pass MailEnable IMAP Server SEARCH Command Remote DoS CVE-2004-2194 17 Oct 2004 5 (v2) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.11 / 10.0.x < 10.0.7 / 10.1.x < 10.1.2 Vulnerability CVE-2021-3054 08 Sep 2021 6.6 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.10 / 10.0.x < 10.0.6 Vulnerability CVE-2021-3055 08 Sep 2021 6.5 (v3) Medium Pass Serendipity Multiple Script HTTP Response Splitting CVE-2004-1620 21 Oct 2004 4.3 (v2) Medium Pass Juniper Junos OS DoS (JSA11185) CVE-2021-0281 14 Sep 2021 7.5 (v3) High Pass Cisco Small Business RV Series Routers Link Layer Discovery Protocol Multiple Vulnerabilities (cisco-sa-rv-multi-lldp-u7e4chCe) CVE-2021-1251 CVE-2021-1308 CVE-2021-1309 14 Sep 2021 8.8 (v3) High Pass SquirrelMail < 1.2.11 Multiple Script XSS CVE-2004-0639 06 Aug 2004 4.3 (v2) Medium Pass IBM WebSphere Application Server Information Disclosure (6489485) CVE-2021-29842 23 Sep 2021 5.3 (v3) Medium Pass Moodle 'post.php' 'reply' Parameter XSS CVE-2004-1711 11 Aug 2004 4.3 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11226) CVE-2021-0283 CVE-2021-31364 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS DoS (JSA11285) CVE-2022-22179 18 Jan 2022 6.5 (v3) Medium Pass phpMyFAQ index.php action Parameter Local File Inclusion CVE-2004-2255 11 Aug 2004 5 (v2) Medium Pass WowBB <= 1.61 Multiple Vulnerabilities CVE-2004-2180 CVE-2004-2181 25 Oct 2004 7.5 (v2) High Pass PostNuke Trojaned Distribution 26 Oct 2004 7.5 (v2) High Pass Unpassworded 'bash' Backdoor Account CVE-1999-0502 30 Oct 2004 9.8 (v3) Critical Pass Web Server SSL Port HTTP Tra ffi c Detection 01 Nov 2004 None Pass YaPiG < 0.92.2 Multiple Scripts Arbitrary Command Execution 13 Aug 2004 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA11196) CVE-2021-0294 19 Nov 2021 5.3 (v3) Medium Pass Adobe Experience Manager 6.5.0.0 < 6.5.11.0 Multiple Vulnerabilities (APSB21-103) CVE-2021-40711 CVE-2021-40712 CVE-2021-40722 CVE-2021-42725 CVE-2021-43761 CVE-2021-43762 CVE-2021-43764 CVE-2021-43765 CVE-2021-44176 CVE-2021-44177 CVE-2021-44178 14 Dec 2021 9.8 (v3) Critical Pass Jenkins < 1.551 / 1.532.2 and Jenkins Enterprise 1.509.x / 1.532.x < 1.509.5.1 / 1.532.2.2 Multiple Vulnerabilities CVE-2013-5573 CVE-2013-7285 CVE-2013-7330 CVE-2014-2058 CVE-2014-2060 CVE-2014-2061 CVE-2014-2062 CVE-2014-2063 CVE-2014-2064 CVE-2014-2065 CVE-2014-2066 CVE-2014-2068 25 Feb 2014 7.5 (v2) High Pass Jenkins < 1.545 Subversion Plugin Information Disclosure CVE-2013-6372 28 Feb 2014 2.1 (v2) Low Pass Grails resources plug-in WEB-INF / META-INF File Disclosure CVE-2014-0053 CVE-2014-2857 CVE-2014-2858 01 Mar 2014 5 (v2) Medium Pass Oracle WebCenter Sites Default Credentials Check 03 Mar 2014 7.5 (v2) High Pass IBM Domino < 8.5.3 FP 6 IF 1 / 9.0.1 IF 2 DoS CVE-2014-0822 04 Mar 2014 7.8 (v2) High Pass IBM Rational Focal Point Default Credentials 06 Mar 2014 7.5 (v2) High Pass Horde Application Framework Help Window Multiple Parameter XSS CVE-2004-2741 02 Nov 2004 4.3 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11262) CVE-2022-22154 12 Jan 2022 6.8 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11272) CVE-2022-22164 12 Jan 2022 5.3 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11283) CVE-2022-22177 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11265) CVE-2022-22157 CVE-2022-22167 12 Jan 2022 9.8 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11269) CVE-2022-22161 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11261) CVE-2022-22153 12 Jan 2022 7.5 (v3) High Pass Moodle < 1.4.3 Multiple Vulnerabilities CVE-2004-1424 CVE-2004-1425 CVE-2004-2232 06 Nov 2004 7.5 (v2) High Pass PHP 5.4.x < 5.4.26 Multiple Vulnerabilities CVE-2014-1943 CVE-2014-2270 07 Mar 2014 5 (v2) Medium Pass PHP 5.5.x < 5.5.10 Multiple Vulnerabilities CVE-2014-1943 CVE-2014-2270 07 Mar 2014 5 (v2) Medium Pass HP System Management Homepage < 7.3 Multiple Vulnerabilities CVE-2013-4846 CVE-2013-6188 12 Mar 2014 6.8 (v2) Medium Pass phpGroupWare index.php Addressbook XSS CVE-2003-0504 17 Aug 2004 4.3 (v2) Medium Pass Apache 2.4.x < 2.4.8 Multiple Vulnerabilities CVE-2013-6438 CVE-2014-0098 18 Mar 2014 5.3 (v3) Medium Pass Oracle Reports Servlet Parsequery Function Remote Database Credentials Exposure CVE-2012-3153 20 Mar 2014 6.4 (v2) Medium Pass Oracle BI Publisher Default Credentials Check 20 Mar 2014 7.5 (v2) High Pass IceWarp Web Mail Multiple Flaws (2) 06 Nov 2004 4.3 (v2) Medium Pass Oracle Business Intelligence Publisher (October 2012 CPU) CVE-2012-3193 CVE-2012-3194 20 Mar 2014 4.3 (v2) Medium Pass DNN (DotNetNuke) < 7.2.2 Unspeci fi ed XSS 24 Mar 2014 3.5 (v2) Low Pass phpGroupWare Admin/Setup Password Plaintext Cookie Storage CVE-2004-2578 17 Aug 2004 5 (v2) Medium Pass Apache Struts 2 'class' Parameter ClassLoader Manipulation CVE-2014-0094 26 Mar 2014 5.3 (v3) Medium Pass PHP PHP_RSHUTDOWN_FUNCTION Security Bypass CVE-2012-1171 01 Apr 2014 5 (v2) Medium Pass Default Password (ironport) for 'enablediag' Account CVE-1999-0502 02 Apr 2014 9.8 (v3) Critical Pass Jenkins HP Application Automation Tools Plugin Password Encryption Security Weakness 02 Apr 2014 5 (v2) Medium Pass PHP 5.4.x < 5.4.27 awk Magic Parsing BEGIN DoS CVE-2013-7345 04 Apr 2014 5 (v2) Medium Pass Default Password (rain) for 'root' Account CVE-1999-0502 07 Apr 2014 9.8 (v3) Critical Pass HP LeftHand OS Unmanaged Host Detection 10 Apr 2014 10 (v2) Critical Pass RuggedCom RuggedOS HTTP Tra ffi c Handling Remote DoS CVE-2014-2590 15 Apr 2014 5 (v2) Medium Pass phpGroupWare Calendar Module Holiday File Save Extension Feature Arbitrary File Execution CVE-2004-0016 17 Aug 2004 7.5 (v2) High Pass nginx < 1.4.7 / 1.5.12 SPDY Heap Bu ff er Over fl ow CVE-2014-0133 15 Apr 2014 5.6 (v3) Medium Pass Liferay Portal 6.2.0 CE GA1 Multiple XSS 15 Apr 2014 4.3 (v2) Medium Pass phpGroupWare Multiple Module SQL Injection CVE-2004-0017 17 Aug 2004 7.5 (v2) High Pass CommonSpot < 7.0.2 / 8.0.3 / 9.0.0 Multiple Vulnerabilities CVE-2014-2859 CVE-2014-2860 CVE-2014-2861 CVE-2014-2862 CVE-2014-2863 CVE-2014-2864 CVE-2014-2865 CVE-2014-2866 CVE-2014-2867 CVE-2014-2868 CVE-2014-2869 CVE-2014-2870 CVE-2014-2871 CVE-2014-2872 CVE-2014-2873 CVE-2014-2 18 Apr 2014 10 (v2) Critical Pass Atmail Webmail 3.x < 3.6.4 (3.64) Multiple Vulnerabilities 18 Apr 2014 6.8 (v2) Medium Pass Atmail Webmail 4.5.1 (4.51) / 5.x < 5.0.3 (5.03) util.pl Cross-Site Request Forgery CVE-2006-6701 18 Apr 2014 7.5 (v2) High Pass Atmail Webmail < 5.4.2 (5.42) Multiple Information Disclosure Vulnerabilities CVE-2008-3395 CVE-2008-3579 18 Apr 2014 7.8 (v2) High Pass Atmail Webmail < 6.3.5 Multiple XSS Vulnerabilities 18 Apr 2014 4.3 (v2) Medium Pass Atmail Webmail < 6.6.2 Exim Bu ff er Over fl ow CVE-2012-5671 18 Apr 2014 6.8 (v2) Medium Pass Atmail Webmail 6.6.x < 6.6.3 / 7.x < 7.0.3 File Name Parameter XSS CVE-2013-2585 18 Apr 2014 4.3 (v2) Medium Pass Default Password (nas4free) for 'root' Account CVE-1999-0502 14 Apr 2014 9.8 (v3) Critical Pass Trend Micro Scanmail for Domino nsf File Information Disclosure CVE-2004-1003 19 Aug 2004 6.4 (v2) Medium Pass ZixForum ZixForum.mdb DIrect Request Database Disclosure CVE-2007-0543 22 Aug 2004 5 (v2) Medium Pass Oracle OpenSSO Multiple Vulnerabilities (April 2014 CPU) CVE-2014-0465 CVE-2014-2425 CVE-2014-2426 28 Apr 2014 4.9 (v2) Medium 52

Pass phpGroupWare phpgw.inc.php phpgw_info Parameter Remote File Inclusion CVE-2001-0043 13 Nov 2004 10 (v2) Critical Pass ManageEngine ServiceDesk Plus Multiple Versions Authentication Bypass CVE-2021-37415 04 Feb 2022 9.8 (v3) Critical Pass Nagios NRPE Command Argument Processing Enabled CVE-2014-2913 29 Apr 2014 7.5 (v2) High Pass Apache Struts 2 ClassLoader Manipulation Incomplete Fix for Security Bypass CVE-2014-0112 CVE-2014-0113 29 Apr 2014 7.5 (v2) High Pass Nortel Multiple Default Accounts 13 Nov 2004 7.5 (v3) High Pass PHP 5.4.x < 5.4.28 FPM Unix Socket Insecure Permission Escalation CVE-2014-0185 05 May 2014 7.2 (v2) High Pass PHP 5.5.x < 5.5.12 FPM Unix Socket Insecure Permission Escalation CVE-2014-0185 05 May 2014 7.2 (v2) High Pass Apache Struts ClassLoader Manipulation CVE-2014-0114 08 May 2014 7.5 (v2) High Pass IBM Domino 9.x < 9.0.1 Fix Pack 1 Multiple Vulnerabilities (uncredentialed check) CVE-2013-0408 CVE-2013-3829 CVE-2013-4002 CVE-2013-4041 CVE-2013-5372 CVE-2013-5375 CVE-2013-5456 CVE-2013-5457 CVE-2013-5458 CVE-2013-5772 CVE-2013-5774 CVE-2013-5776 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5 12 May 2014 10 (v2) Critical Pass IBM Domino 8.5.3 FP6 / 9.0.1 < 8.5.3 FP6 IF2 / 9.0.1 FP1 iNotes XSS CVE-2014-0913 19 May 2014 4.3 (v2) Medium Pass Juniper NSM Remote Code Execution (JSA10625) CVE-2014-3411 22 May 2014 10 (v2) Critical Pass Open Web Analytics owa_email_address SQL Injection CVE-2014-1206 27 May 2014 7.5 (v2) High Pass Western Digital Arkeia Virtual Appliance Blank Password 28 May 2014 7.5 (v2) High Pass IBM Domino 9.0 < 9.0.0 Interim Fix 4 iNotes Bu ff er Over fl ow CVE-2013-4068 28 May 2014 7.1 (v2) High Pass PHP 5.4.x < 5.4.29 'src/cdf.c' Multiple Vulnerabilities CVE-2014-0237 CVE-2014-0238 03 Jun 2014 5 (v2) Medium Pass PHP 5.5.x < 5.5.13 'src/cdf.c' Multiple Vulnerabilities CVE-2014-0237 CVE-2014-0238 03 Jun 2014 5 (v2) Medium Pass IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities CVE-2013-0169 CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 18 Jun 2014 7.5 (v3) High Pass IBM DB2 10.5 < Fix Pack 3a Multiple Vulnerabilities CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 18 Jun 2014 7.5 (v3) High Pass IBM DB2 9.5 <= Fix Pack 9 or 10 Multiple Vulnerabilities CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 18 Jun 2014 7.5 (v3) High Pass IBM DB2 9.7 < Fix Pack 9a Multiple Vulnerabilities CVE-2013-6744 CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 18 Jun 2014 7.5 (v3) High Pass IBM DB2 9.8 <= Fix Pack 5 Multiple Vulnerabilities CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 CVE-2014-8910 CVE-2015-0157 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 18 Jun 2014 9.8 (v3) Critical Pass IBM DB2 Stored Procedure Infrastructure Privilege Escalation Vulnerability CVE-2013-6744 18 Jun 2014 8.8 (v3) High Pass AWStats rawlog.pm log fi le Parameter Arbitrary Command Execution 23 Aug 2004 7.5 (v2) High Pass AlienVault OSSIM 'av-centerd' Remote Code Execution CVE-2014-3805 23 Jun 2014 10 (v2) Critical Pass AlienVault OSSIM 'av-centerd' get_ fi le() Information Disclosure CVE-2014-4153 25 Jun 2014 7.8 (v2) High Pass Revive Adserver < 3.0.5 Multiple CSRF Vulnerabilities CVE-2013-5954 26 Jun 2014 6.8 (v2) Medium Pass Revive Adserver 'www/delivery/axmlrpc.php' 'what' Parameter SQL Injection CVE-2013-7149 26 Jun 2014 8.8 (v3) High Pass PHP 5.4.x < 5.4.30 Multiple Vulnerabilities CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049 CVE-2014-4721 27 Jun 2014 7.5 (v2) High Pass PHP 5.5.x < 5.5.14 Multiple Vulnerabilities CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049 CVE-2014-4721 27 Jun 2014 7.5 (v2) High Pass Ericom AccessNow Server < 3.3.1.4095 Stack-Based Bu ff er Over fl ow CVE-2014-3913 30 Jun 2014 10 (v2) Critical Pass OpenX Source Unsupported Software Detection 30 Jun 2014 10 (v2) Critical Pass PHP-Fusion Database Backup Disclosure CVE-2004-1724 23 Aug 2004 5 (v2) Medium Pass Apache 2.4.x < 2.4.10 Multiple Vulnerabilities CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 21 Jul 2014 7.3 (v3) High Pass HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 02 Jul 2014 6.8 (v2) Medium Pass PHP 5.5.x < 5.5.15 Multiple Vulnerabilities CVE-2014-4670 CVE-2014-4698 25 Jul 2014 4.6 (v2) Medium Pass PHP 5.4.x < 5.4.31 CLI Server 'header' DoS 25 Jul 2014 2.6 (v2) Low Pass HP StoreVirtual 4000 and StoreVirtual VSA Software < 11.5 Multiple Vulnerabilities CVE-2014-2605 CVE-2014-2606 30 Jul 2014 9 (v2) High Pass IBM Tivoli Storage Manager Server 5.5.x Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2013-0169 11 Aug 2014 2.6 (v2) Low Pass IBM Tivoli Storage Manager Server 6.1.x Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2013-0169 11 Aug 2014 2.6 (v2) Low Pass IBM Tivoli Storage Manager Server 6.2.x < 6.2.6.0 Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2013-0169 11 Aug 2014 2.6 (v2) Low Pass IBM Tivoli Storage Manager Server 6.3.x < 6.3.4.200 Information Disclosure CVE-2013-0169 11 Aug 2014 2.6 (v2) Low Pass Oracle Business Intelligence Publisher April 2012 Critical Patch Update CVE-2012-0543 15 Aug 2014 4.3 (v2) Medium Pass Gurock TestRail < 3.1.3 XSS CVE-2014-4857 21 Aug 2014 4.3 (v2) Medium Pass TikiWiki Unauthorized Page Access 23 Aug 2004 5 (v2) Medium Pass phpScheduleIt 1.0.0 RC1 Multiple XSS CVE-2004-1651 01 Sep 2004 4.3 (v2) Medium Pass Oracle Database Multiple Remote Vulnerabilities (Mar 2005) CVE-2004-0637 CVE-2004-0638 CVE-2004-1362 CVE-2004-1363 CVE-2004-1364 CVE-2004-1365 CVE-2004-1366 CVE-2004-1367 CVE-2004-1368 CVE-2004-1369 CVE-2004-1370 CVE-2004-1371 02 Sep 2004 7.5 (v2) High Pass MailEnable Professional HTTPMail GET Request Remote Over fl ow CVE-2004-2727 03 Sep 2004 4.3 (v2) Medium Pass Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642) CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2012-0031 CVE-2012-0053 CVE-2012-5081 CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 CVE-2013-1537 CVE-2013-2407 CVE-2013-2451 CVE-2013-2457 CVE-2013-2461 CVE-2013-4002 CVE-2013-5 22 Aug 2014 10 (v2) Critical Pass PHP 5.4.x < 5.4.32 Multiple Vulnerabilities CVE-2014-2497 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670 CVE-2014-4698 CVE-2014-5120 27 Aug 2014 6.8 (v2) Medium Pass PHP 5.5.x < 5.5.16 Multiple Vulnerabilities CVE-2014-2497 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-5120 27 Aug 2014 6.8 (v2) Medium Pass Apache Tomcat 8.0.x < 8.0.11 Multiple OpenSSL Vulnerabilities CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 02 Sep 2014 9.3 (v3) Critical Pass Ipswitch IMail Server < 8.13 Multiple Remote DoS CVE-2004-2422 CVE-2004-2423 08 Sep 2004 5 (v2) Medium Pass phpGroupWare Wiki Module XSS CVE-2004-0875 13 Sep 2004 4.3 (v2) Medium Pass ManageEngine EventLog Analyzer 'j_username' XSS CVE-2014-5103 02 Sep 2014 4.3 (v2) Medium Pass IBM DB2 10.5 < Fix Pack 4 Multiple Vulnerabilities CVE-2013-6371 CVE-2014-3094 CVE-2014-3095 CVE-2014-4805 09 Sep 2014 8.8 (v3) High Pass MailEnable SMTP Connector Service DNS MX Response DoS 13 Sep 2004 5 (v2) Medium Pass IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check) CVE-2013-6629 CVE-2013-6954 CVE-2014-0429 CVE-2014-0446 CVE-2014-0448 CVE-2014-0449 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0 23 Sep 2014 10 (v2) Critical Pass GNU Bash Environment Variable Handling Code Injection (Shellshock) CVE-2014-6271 24 Sep 2014 9.8 (v3) Critical Pass Post fi x Script Remote Command Execution via Shellshock CVE-2014-6271 CVE-2014-7169 29 Sep 2014 10 (v2) Critical Pass Qmail Remote Command Execution via Shellshock CVE-2014-6271 CVE-2014-7169 29 Sep 2014 10 (v2) Critical Pass Cisco VPN 3000 Concentrator Multiple Service Banner System Information Disclosure (CSCdu35577 HTTP Check) CVE-2002-1094 14 Sep 2004 5 (v2) Medium Pass HP System Management Homepage < 7.4 Multiple Vulnerabilities CVE-2013-4545 CVE-2013-6420 CVE-2013-6422 CVE-2013-6712 CVE-2014-2640 CVE-2014-2641 CVE-2014-2642 08 Oct 2014 7.5 (v2) High Pass nginx < 1.6.2 / 1.7.5 SSL Session Reuse CVE-2014-3616 13 Oct 2014 5.3 (v3) Medium Pass Drupal Database Abstraction API SQLi CVE-2014-3704 16 Oct 2014 7.5 (v2) High Pass PHP 5.4.x < 5.4.34 Multiple Vulnerabilities CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 17 Oct 2014 7.5 (v2) High Pass PHP 5.5.x < 5.5.18 Multiple Vulnerabilities CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 17 Oct 2014 7.5 (v2) High Pass PHP 5.6.x < 5.6.2 Multiple Vulnerabilities CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 17 Oct 2014 7.5 (v2) High Pass Cisco TelePresence VCS / Expressway Series < 8.2 Multiple DoS Vulnerabilities CVE-2014-3368 CVE-2014-3369 CVE-2014-3370 22 Oct 2014 7.5 (v3) High Pass Cisco UCS Director Default Credentials (Web UI) 31 Oct 2014 7.5 (v2) High Pass SIP Script Remote Command Execution via Shellshock CVE-2014-6271 03 Nov 2014 9.8 (v3) Critical Pass Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple Vulnerabilities CVE-2013-2186 CVE-2014-1869 CVE-2014-3661 CVE-2014-3662 CVE-2014-3663 CVE-2014-3664 CVE-2014-3666 CVE-2014-3667 CVE-2014-3678 CVE-2014-3679 CVE-2014-3680 CVE-2014-3681 04 Nov 2014 9.8 (v3) Critical Pass Default Password (password) for 'cmc' Account CVE-1999-0502 07 Nov 2014 9.8 (v3) Critical Pass PHP 5.4.x < 5.4.35 'donote' DoS CVE-2014-3710 14 Nov 2014 5 (v2) Medium Pass PHP 5.5.x < 5.5.19 'donote' DoS CVE-2014-3710 14 Nov 2014 5 (v2) Medium Pass LiveZilla < 5.3.0.8 XSS 21 Nov 2014 4.3 (v2) Medium Pass Default Password (TANDBERG) for 'root' Account CVE-1999-0502 26 Nov 2014 9.8 (v3) Critical Pass LogAnalyzer < 3.6.6 index.php / detail.php 'hostname' Parameter XSS CVE-2014-6070 05 Dec 2014 4.3 (v2) Medium Pass Eudora WorldMail Unsupported 18 Jul 2012 10 (v2) Critical Pass PHP 5.4.x < 5.4.5 _php_stream_scandir Over fl ow CVE-2012-2688 20 Jul 2012 10 (v2) Critical Pass Apache Struts struts-examples upload-submit.do 'theText' Parameter XSS CVE-2012-1007 23 Jul 2012 4.3 (v2) Medium Pass Apache Struts 2 struts2-rest-showcase orders 'clientName' Parameter Persistent XSS CVE-2012-1006 23 Jul 2012 4.3 (v2) Medium Pass Apache Struts 2 struts2-showcase edit-person.action Persistent XSS CVE-2012-1006 23 Jul 2012 4.3 (v2) Medium Pass Serendipity comment.php url Parameter SQL Injection CVE-2012-2762 23 Jul 2012 7.5 (v2) High Pass IBM DB2 9.1 < Fix Pack 12 Multiple Vulnerabilities CVE-2012-0711 CVE-2012-2194 CVE-2012-2196 CVE-2012-2197 23 Jul 2012 7.3 (v3) High Pass nginx on Windows Directory Aliases Access Restriction Bypass CVE-2011-4963 02 Aug 2012 5.3 (v3) Medium Pass Atmail Email Server WebAdmin Control Panel dbcon fi g.ini Information Disclosure 06 Aug 2012 5.3 (v3) Medium Pass Horde Kronolith js/kronolith.js Multiple View XSS CVE-2012-6620 07 Aug 2012 4.3 (v2) Medium Pass WebLogic < 8.1 SP3 Multiple Vulnerabilities CVE-2004-2320 14 Sep 2004 7.8 (v2) High Pass PostNuke News Module article.php sid Parameter XSS 15 Sep 2004 4.3 (v2) Medium Pass EMC AutoStart ftAgent Multiple Remote Code Execution Vulnerabilities (ESA-2012-020) CVE-2012-0409 10 Aug 2012 7.5 (v2) High Pass Umbraco codeEditorSave.asmx SaveDLRScript Operation Traversal File Upload Arbitrary Command Execution 13 Aug 2012 7.5 (v2) High Pass TUTOS < 1.2 Multiple Input Validation Vulnerabilities CVE-2003-0481 CVE-2004-2161 CVE-2004-2162 21 Sep 2004 7.5 (v2) High Pass vBulletin authorize.php x_invoice_num Parameter SQL Injection CVE-2004-2695 21 Sep 2004 7.5 (v2) High Pass phpMyBackupPro < 1.0.0 Unspeci fi ed Input Validation Issues 21 Sep 2004 7.5 (v2) High Pass LogAnalyzer index.php ' fi lter' Parameter XSS 17 Sep 2012 4.3 (v2) Medium Pass LogAnalyzer index.php 'highlight' Parameter XSS CVE-2012-3790 17 Sep 2012 4.3 (v2) Medium Pass phpMyAdmin server_sync.php Backdoor (PMASA-2012-5) CVE-2012-5159 26 Sep 2012 8.8 (v3) High Pass Advanced Message Queuing Protocol Detection 27 Sep 2012 None Pass HP SAN/iQ <= 10.0 Root Shell Command Injection CVE-2012-2986 21 Aug 2012 7.7 (v2) High Pass TikiWiki unserialize() Function Arbitrary Code Execution CVE-2012-0911 30 Aug 2012 8.8 (v3) High Pass Erlang Port Mapper Daemon Detection 27 Sep 2012 None Pass MediaWiki index.php 'uselang' Parameter XSS CVE-2012-2698 28 Sep 2012 4.3 (v2) Medium Pass IBM DB2 10.1 < Fix Pack 1 Multiple Vulnerabilities CVE-2012-2194 CVE-2012-2196 CVE-2012-2197 CVE-2012-3324 28 Sep 2012 9.9 (v3) Critical Pass Poweradmin index.php XSS 01 Oct 2012 4.3 (v2) Medium Pass IBM DB2 9.5 < Fix Pack 10 Multiple Vulnerabilities CVE-2012-0713 CVE-2012-2194 CVE-2012-2196 CVE-2012-2197 18 Oct 2012 7.5 (v3) High Pass vBulletin newreply.php WYSIWYG_HTML Parameter XSS CVE-2004-0620 22 Sep 2004 4.3 (v2) Medium Pass IBM DB2 9.7 < Fix Pack 7 Multiple Vulnerabilities CVE-2012-2194 CVE-2012-2196 CVE-2012-2197 CVE-2012-4826 25 Oct 2012 8.8 (v3) High Pass Mutiny < 4.5-1.12 Unspeci fi ed Network Interface Menu Remote Command Injection CVE-2012-3001 26 Oct 2012 8.5 (v2) High Pass Zabbix Web Interface popup_bitem.php itemid Parameter SQL Injection CVE-2012-3435 30 Oct 2012 7.5 (v2) High Pass Temenos T24 Detection 31 Oct 2012 None Pass Symphony Password Retrieval Script XSS 05 Nov 2012 4.3 (v2) Medium Pass TUTOS < 1.1.20040412 Multiple Input Validation Issues 22 Sep 2004 7.5 (v2) High 53

Pass Traq admincp/common.php authenticate() Function Authentication Bypass Remote Code Execution 12 Nov 2012 8.8 (v3) High Pass HP LoadRunner < 11.00 Patch 4 Code Execution (intrusive check) CVE-2011-4789 13 Nov 2012 10 (v2) Critical Pass Liferay Portal 6.1.0 / 6.1.10 Arbitrary File Deletion 15 Nov 2012 5.5 (v2) Medium Pass Freestyle Support Portal Component for Joomla! 'prodid' Parameter SQLi 16 Nov 2012 7.3 (v3) High Pass Freestyle Testimonials Component for Joomla! Unspeci fi ed SQLi 16 Nov 2012 7.3 (v3) High Pass Zenphoto Verisign_logon.php redirect Parameter XSS 28 Nov 2012 4.3 (v2) Medium Pass Piwik core/Loader.php Trojaned Distribution 28 Nov 2012 7.5 (v2) High Pass Narcissus backend.php release Parameter Remote Command Execution 30 Nov 2012 7.5 (v2) High Pass RWCards Component for Joomla! 'mosCon fi g_absolute_path' Parameter Remote File Include 10 Dec 2012 9.8 (v3) Critical Pass Ektron CMS XslCompiledTransform Class Request Parsing Remote Code Execution CVE-2012-5357 12 Dec 2012 9.8 (v3) Critical Pass HP Intelligent Management Center User Access Manager Datagram Parsing Code Execution CVE-2012-3274 14 Dec 2012 10 (v2) Critical Pass MDaemon < 6.5.2 Multiple Remote Bu ff er Over fl ows CVE-2004-1546 23 Sep 2004 7.5 (v2) High Pass Prado Framework sr Parameter Directory Traversal 11 Jan 2013 5 (v2) Medium Pass MoinMoin twikidraw.py Traversal File Upload Arbitrary File Overwrite CVE-2012-6081 CVE-2012-6495 21 Jan 2013 8.8 (v3) High Pass Horde IMP js/compose-dimp.js XSS CVE-2012-5565 21 Jan 2013 4.3 (v2) Medium Pass Movable Type mt-upgrade.cgi Remote Command Execution CVE-2013-0209 25 Jan 2013 8.8 (v3) High Pass Default Password (raspberry) for 'pi' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass Default Password (openelec) for 'root' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass Default Password (raspi) for 'root' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass ViArt Shop sips_response.php DATA Parameter Request Parsing Remote Shell Command Execution 30 Jan 2013 8.8 (v3) High Pass Incapsula Component for Joomla! 'token' Parameter Multiple XSS 06 Feb 2013 4.7 (v3) Medium Pass LogAnalyzer userchange.php 'viewid' Parameter XSS 06 Feb 2013 4.3 (v2) Medium Pass MantisBT search.php match_type Parameter XSS CVE-2013-0197 07 Feb 2013 4.3 (v2) Medium Pass php-Charts url.php Remote PHP Code Execution 11 Feb 2013 8.8 (v3) High Pass Microsoft ASP.NET MS-DOS Device Name DoS (PCI-DSS check) CVE-2007-2897 13 Feb 2013 5 (v2) Medium Pass HP LeftHand Virtual SAN Appliance < 10.0 hydra Service Multiple RCE CVE-2012-3282 CVE-2012-3283 CVE-2012-3284 CVE-2012-3285 CVE-2013-2343 14 Feb 2013 10 (v2) Critical Pass PostgreSQL 8.3 < 8.3.23 / 8.4 < 8.4.16 / 9.0 < 9.0.12 / 9.1 < 9.1.8 / 9.2 < 9.2.3 Denial of Service CVE-2013-0255 18 Feb 2013 5.3 (v3) Medium Pass ImpressPages cm_group Parameter Remote PHP Code Execution CVE-2011-4932 19 Feb 2013 7.5 (v2) High Pass EMC Data Protection Advisor CXML Service Detection 20 Feb 2013 None Pass Bugzilla show_bug.cgi id Parameter XSS CVE-2013-0785 25 Feb 2013 4.3 (v2) Medium Pass Apache 2.4.x < 2.4.4 Multiple XSS Vulnerabilities CVE-2012-3499 CVE-2012-4558 26 Feb 2013 5.9 (v3) Medium Pass MoinMoin rsslink() Function page_name Parameter XSS CVE-2012-6082 28 Feb 2013 4.3 (v2) Medium Pass PHP 5.4.x < 5.4.12 Information Disclosure CVE-2013-1824 04 Mar 2013 5.3 (v3) Medium Pass Jenkins < 1.498 / 1.480.2 and Jenkins Enterprise 1.447.x / 1.466.x < 1.447.6.1 / 1.466.12.1 Unspeci fi ed Master Cryptographic Key Information Disclosure CVE-2013-0158 06 Mar 2013 5.3 (v3) Medium Pass Jenkins < 1.502 / 1.480.3 and Jenkins Enterprise 1.447.x / 1.466.x / 1.480.x < 1.447.7.1 / 1.466.13.1 / 1.480.3.1 Multiple Vulnerabilities CVE-2013-0327 CVE-2013-0328 CVE-2013-0329 CVE-2013-0330 CVE-2013-0331 06 Mar 2013 7.5 (v2) High Pass CoDeSys Gateway Service < 2.3.9.27 Multiple Vulnerabilities CVE-2012-4704 CVE-2012-4705 CVE-2012-4706 CVE-2012-4707 CVE-2012-4708 11 Mar 2013 10 (v2) Critical Pass HP Intelligent Management Center < 5.2 E401 Multiple Vulnerabilities CVE-2012-5200 CVE-2012-5201 CVE-2012-5202 CVE-2012-5203 CVE-2012-5204 CVE-2012-5205 CVE-2012-5206 CVE-2012-5207 CVE-2012-5208 CVE-2012-5209 CVE-2012-5212 CVE-2012-5213 13 Mar 2013 10 (v2) Critical Pass PHP-Fusion Authenticate.class.php Multiple Cookie SQL Injection CVE-2013-7375 19 Mar 2013 7.5 (v2) High Pass PHP-Fusion forum/viewthread.php highlight Parameter XSS 19 Mar 2013 4.3 (v2) Medium Pass CKEditor sample_posteddata.php XSS 28 Mar 2013 4.3 (v2) Medium Pass NConf delete_attr.php id Parameter SQL Injection 28 Mar 2013 7.5 (v2) High Pass Piwigo install.php dl Parameter Traversal Arbitrary File Access CVE-2013-1469 02 Apr 2013 6.5 (v3) Medium Pass Default Password (facepunch) for 'chronos' Account CVE-1999-0502 03 Apr 2013 9.8 (v3) Critical Pass Git Protocol Detection 05 Apr 2013 None Pass Webman I-Mall i-mall.cgi Arbitrary Command Execution CVE-2004-2275 18 Nov 2004 10 (v2) Critical Pass PostgreSQL 8.4 < 8.4.17 / 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 Multiple Vulnerabilities CVE-2013-1902 CVE-2013-1903 08 Apr 2013 9.8 (v3) Critical Pass PostgreSQL 9.1 < 9.1.9 / 9.2 < 9.2.4 Denial of Service CVE-2013-1901 08 Apr 2013 4.3 (v3) Medium Pass MediaWiki mwdoc- fi lter.php Arbitrary File Access CVE-2013-1818 10 Apr 2013 5 (v2) Medium Pass mnoGoSearch search.cgi QUERY_STRING Parameter Parsing Arbitrary File Access 10 Apr 2013 5 (v2) Medium Pass IBM Lotus Domino 8.5.x Multiple Vulnerabilities CVE-2012-2159 CVE-2012-2161 CVE-2013-0488 CVE-2013-0489 26 Apr 2013 6 (v2) Medium Pass Android Emulator ADB Port on Remote Host 11 May 2013 7.5 (v2) High Pass Default Password (nsroot) for 'nsroot' Account CVE-1999-0502 13 May 2013 9.8 (v3) Critical Pass Citrix NetScaler Web Management Interface Default Administrator Credentials 13 May 2013 7.5 (v2) High Pass e107 content_preset.php URI XSS CVE-2013-2750 13 May 2013 4.3 (v2) Medium Pass Mutiny < 5.0-1.11 Multiple Directory Traversals CVE-2013-0136 17 May 2013 8.5 (v2) High Pass Securimage example_form.php XSS 22 May 2013 4.3 (v2) Medium Pass YaBB 1 Gold < 1.3.2 Multiple Input Validation Vulnerabilities CVE-2004-2139 CVE-2004-2140 23 Sep 2004 4.3 (v2) Medium Pass PHP 5.3.x < 5.3.23 Multiple Vulnerabilities CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 24 May 2013 7.3 (v3) High Pass PHP 5.4.x < 5.4.13 Information Disclosure CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 24 May 2013 7.3 (v3) High Pass Alt-N MDaemon < 13.0.4 Multiple Vulnerabilities 28 May 2013 9 (v2) High Pass nginx ngx_http_proxy_module.c Multiple Vulnerabilities CVE-2013-2028 CVE-2013-2070 29 May 2013 9.8 (v3) Critical Pass Default Password (openvpnas) for 'root' Account CVE-1999-0502 30 May 2013 9.8 (v3) Critical Pass Greenstone Password File Disclosure 31 May 2013 5 (v2) Medium Pass DNN (DotNetNuke) 7.0.x < 7.0.6 Unspeci fi ed Modal Window XSS 03 Jun 2013 4.3 (v2) Medium Pass CoDeSys Gateway Service < 2.3.9.28 Use-After-Free CVE-2013-2781 05 Jun 2013 10 (v2) Critical Pass PHP 5.3.x < 5.3.26 Multiple Vulnerabilities CVE-2013-2110 CVE-2013-4635 07 Jun 2013 5 (v2) Medium Pass HP Data Protector Multiple RCE Vulnerabilities CVE-2013-2324 CVE-2013-2325 CVE-2013-2326 CVE-2013-2327 CVE-2013-2328 CVE-2013-2329 CVE-2013-2330 CVE-2013-2331 CVE-2013-2332 CVE-2013-2333 CVE-2013-2334 CVE-2013-2335 10 Jun 2013 10 (v2) Critical Pass Plone PloneFormGen Unspeci fi ed Arbitrary Code Execution 11 Jun 2013 8.8 (v3) High Pass Apache Struts 2 OGNL Expression Handling Double Evaluation Error Remote Command Execution CVE-2013-2134 CVE-2013-2135 19 Jun 2013 8.1 (v3) High Pass Apache Struts 2 Crafted Parameter Arbitrary OGNL Expression Remote Command Execution CVE-2013-1965 CVE-2013-1966 CVE-2013-2115 19 Jun 2013 8.1 (v3) High Pass FreePBX Backup Module page.backup.php 'dir' Parameter RCE 26 Jun 2013 7.5 (v2) High Pass Default Password (badg3r5) for 'HPSupport' Account CVE-1999-0502 CVE-2013-2342 27 Jun 2013 9.8 (v3) Critical Pass Atlassian Crowd XML External Entity Request Handling Arbitrary File Disclosure CVE-2013-3925 03 Jul 2013 5.8 (v2) Medium Pass IBM Lotus Domino 8.5.x < 8.5.3 FP 4 Multiple Vulnerabilities CVE-2012-6277 CVE-2013-0486 CVE-2013-0487 05 Jul 2013 8.5 (v2) High Pass Citrix AGEE Logon Portal Unspeci fi ed XSS 06 Jul 2013 4.3 (v2) Medium Pass Plone spamProtect mailaddress Parameter XSS CVE-2013-4190 08 Jul 2013 4.3 (v2) Medium Pass PHP 5.3.x < 5.3.27 Multiple Vulnerabilities CVE-2013-4113 12 Jul 2013 6.8 (v2) Medium Pass PHP 5.4.x < 5.4.17 Bu ff er Over fl ow 12 Jul 2013 9.3 (v2) High Pass Dell iDRAC6 Multiple Vulnerabilities CVE-2013-4785 16 Jul 2013 10 (v2) Critical Pass Default password (dasdec1) for 'root' account CVE-1999-0502 CVE-2013-4735 18 Jul 2013 9.8 (v3) Critical Pass Apache 2.4.x < 2.4.5 Multiple Vulnerabilities CVE-2013-1896 CVE-2013-2249 23 Jul 2013 9.8 (v3) Critical Pass HP System Management Homepage < 7.2.1.0 Multiple Vulnerabilities (BEAST) CVE-2011-3389 CVE-2012-0883 CVE-2012-2110 CVE-2012-2311 CVE-2012-2329 CVE-2012-2335 CVE-2012-2336 CVE-2012-5217 CVE-2013-2355 CVE-2013-2356 CVE-2013-2357 CVE-2013-2358 CVE-2013-2359 CVE-2013-2360 CVE-2013-2361 CVE-2013-2 23 Jul 2013 7.5 (v2) High Pass Virtualizor < 2.3.2 PDNS Domain Deletion Security Bypass 24 Jul 2013 4 (v2) Medium Pass Apache OFBiz Nested Expression Arbitrary UEL Function Execution CVE-2013-2250 29 Jul 2013 10 (v2) Critical Pass OpenNetAdmin dcm.php options[desc] Parameter Arbitrary Remote PHP Code Execution 31 Jul 2013 8.8 (v3) High Pass PineApp Mail-SeCure Default Credentials 01 Aug 2013 7.5 (v2) High Pass PineApp Mail-SeCure test_li_connection.php Remote Command Injection 01 Aug 2013 8.8 (v3) High Pass Joomla! 'lang' Parameter XSS CVE-2013-5583 09 Aug 2013 4.7 (v3) Medium Pass Mac OS X Directory Service Bu ff er Over fl ow CVE-2013-0984 13 Aug 2013 9.3 (v2) High Pass Poison Ivy Detection 13 Aug 2013 None Pass PHP 5.5.x < 5.5.1 xml.c Bu ff er Over fl ow CVE-2013-4113 14 Aug 2013 6.8 (v2) Medium Pass OpenX fl owplayer-3.1.1.min.js Backdoor Remote Code Execution CVE-2013-4211 15 Aug 2013 8.8 (v3) High Pass DNN (DotNetNuke) __dnnVariable Parameter XSS CVE-2013-4649 16 Aug 2013 4.3 (v2) Medium Pass PHP 5.4.x < 5.4.19 Multiple Vulnerabilities CVE-2013-4113 CVE-2013-4248 21 Aug 2013 7.3 (v3) High Pass DNN (DotNetNuke) DNNArticle Module categoryid Parameter SQL Injection CVE-2013-5117 16 Aug 2013 7.5 (v2) High Pass Default Password (arcsight) for 'root' Account CVE-1999-0502 05 Aug 2013 9.8 (v3) Critical Pass HP LaserJet PJL Interface Directory Traversal (HPSBPI02575) CVE-2010-4107 20 Aug 2013 7.5 (v3) High Pass Microsoft SQL Server STARTTLS Support 04 Jul 2013 None Pass IBM DB2 10.5 < Fix Pack 1 Security Bypass CVE-2013-4033 06 Sep 2013 5 (v3) Medium Pass Juniper NSM Servers < 2012.1 Multiple Vulnerabilities CVE-2004-0230 CVE-2005-2798 CVE-2006-0225 CVE-2006-4924 CVE-2006-5051 CVE-2010-1169 CVE-2010-1170 CVE-2010-1447 CVE-2010-3433 CVE-2010-4015 13 Sep 2013 9.3 (v2) High Pass Juniper NSM Linux Kernel TCP Sequence Number Generation Issue (PSN-2012-08-688) CVE-2011-3188 13 Sep 2013 6.8 (v2) Medium Pass Juniper NSM Servers Multiple Java JDK/JRE Vulnerabilities (PSN-2012-08-689) CVE-2008-3103 CVE-2008-3104 CVE-2008-3105 CVE-2008-3106 CVE-2008-3107 CVE-2008-3108 CVE-2008-3109 CVE-2008-3110 CVE-2008-3111 CVE-2008-3112 CVE-2008-3113 CVE-2008-3114 CVE-2008-3115 CVE-2011-0786 CVE-2011-0802 CVE-2011-0 13 Sep 2013 10 (v2) Critical Pass Atlassian Fisheye for Windows < 4.4.6, 4.5.x < 4.5.3 Remote Code Execution Vulnerability CVE-2018-5223 04 Apr 2019 7.2 (v3) High Pass Ubuntu Drupal Theme - Brown images/layout/gradient.php File Disclosure 22 Oct 2010 5 (v2) Medium Pass Artica Default Credentials 25 Oct 2010 7.5 (v2) High Pass CGI Generic Padding Oracle CVE-2010-3332 29 Oct 2010 5 (v2) Medium Pass Symantec IM Manager whereClause Parameter SQL Injection (SYM10-010) CVE-2010-0112 01 Nov 2010 10 (v2) Critical Pass Atlassian FishEye Code Metrics Report Plugin XSS 02 Nov 2010 4.3 (v2) Medium Pass IBM DB2 9.7 < Fix Pack 3 Multiple Vulnerabilities CVE-2010-3474 CVE-2010-3475 CVE-2010-3731 CVE-2011-0731 02 Nov 2010 5.3 (v3) Medium Pass YUI charts.swf / swfstore.swf / uploader.swf XSS CVE-2010-4207 CVE-2010-4208 CVE-2010-4209 05 Nov 2010 4.3 (v2) Medium Pass Skype Extras Manager (skypePM.exe) skype-plugin: URI Arbitrary XML File Deletion (uncredentialed check) 15 Nov 2010 4.3 (v2) Medium Pass Bugzilla Response Splitting CVE-2010-3172 15 Nov 2010 5 (v2) Medium 54

Pass Default Password (m) for 'root' Account CVE-1999-0502 CVE-2010-4233 15 Nov 2010 9.8 (v3) Critical Pass BitTorrent Mainline DHT Detection 22 Nov 2010 None Pass Apache Tomcat Examples Web Root Path Disclosure CVE-2002-2007 23 Nov 2010 5.3 (v3) Medium Pass Sybase PowerDesigner Repository Proxy Detection 24 Nov 2010 None Pass vtiger CRM phprint.php lang_crm Parameter Local File Inclusion CVE-2010-3910 29 Nov 2010 6.8 (v2) Medium Pass RSForm! Component for Joomla! 'lang' Parameter Local File Include 29 Nov 2010 9.8 (v3) Critical Pass Pandora FMS Console Authentication Bypass CVE-2010-4279 01 Dec 2010 7.5 (v2) High Pass MODx login.php 'username' Parameter XSS 09 Dec 2010 4.3 (v2) Medium Pass aspWebCalendar calendar.asp SQL Injection CVE-2004-1552 24 Sep 2004 6.8 (v2) Medium Pass MantisBT 'db_type' Parameter Local File Inclusion CVE-2010-4350 22 Dec 2010 5.1 (v2) Medium Pass Git gitweb Multiple Parameter XSS CVE-2010-3906 23 Dec 2010 4.3 (v2) Medium Pass PHP 5.3 < 5.3.4 Multiple Vulnerabilities CVE-2006-7243 CVE-2010-2094 CVE-2010-2950 CVE-2010-3436 CVE-2010-3709 CVE-2010-3710 CVE-2010-3870 CVE-2010-4150 CVE-2010-4156 CVE-2010-4409 CVE-2010-4697 CVE-2010-4698 CVE-2010-4699 CVE-2010-4700 CVE-2011-0753 CVE-2011-0 13 Dec 2010 6.8 (v2) Medium Pass Pligg register.php reg_username Parameter XSS 07 Jan 2011 4.3 (v2) Medium Pass PhpGedView module.php pgvaction Parameter Traversal Local File Inclusion CVE-2011-0405 12 Jan 2011 7.5 (v2) High Pass vBulletin memberlist.php what Parameter XSS CVE-2004-1824 28 Sep 2004 4.3 (v2) Medium Pass BlogEngine.NET api/BlogImporter.asmx GetFile Function Unauthorized Access 18 Jan 2011 7.5 (v2) High Pass ExtCalendar 'cat_id' parameter SQL Injection 26 Jan 2011 7.5 (v2) High Pass IBM DB2 9.1 < Fix Pack 10 Multiple Vulnerabilities CVE-2010-3731 CVE-2011-0731 CVE-2011-0757 01 Feb 2011 9.8 (v3) Critical Pass PD9 MegaBBS Multiple Vulnerabilities 28 Sep 2004 7.5 (v2) High Pass Serendipity < 0.7.0beta3 Multiple Vulnerabilities CVE-2004-2157 CVE-2004-2158 28 Sep 2004 7.5 (v2) High Pass PHP-Fusion homepage address Parameter XSS 29 Sep 2004 4.3 (v2) Medium Pass IBM DB2 9.5 < Fix Pack 7 Multiple Vulnerabilities CVE-2011-0731 CVE-2011-1846 CVE-2011-1847 01 Feb 2011 9.8 (v3) Critical Pass Moodle 'PHPCOVERAGE_HOME' Parameter XSS 02 Feb 2011 4.3 (v2) Medium Pass OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Ciphersuite Disabled Cipher Issue CVE-2008-7270 07 Feb 2011 4.3 (v2) Medium Pass CGI Generic SQL Injection (Parameters Names) 14 Feb 2011 7.5 (v2) High Pass Bind Shell Backdoor Detection 15 Feb 2011 9.8 (v3) Critical Pass HP StorageWorks File Migration Agent Unauthorized Access 14 Mar 2011 6.4 (v2) Medium Pass Eric Cooperation Server Detection 25 Mar 2011 None Pass MediaWiki CSS Comments XSS CVE-2011-0047 16 Feb 2011 4.3 (v2) Medium Pass Web Common Credentials (HTML form) 16 Feb 2011 7.5 (v2) High Pass Mod_auth_mysql Multibyte Encoding SQL Injection CVE-2008-2384 22 Feb 2011 7.3 (v3) High Pass MyBB xmlhttp.php 'value' Parameter XSS 04 Apr 2011 4.3 (v2) Medium Pass Detect RPC over TCP 08 Apr 2011 None Pass Detect RPC over UDP 08 Apr 2011 None Pass EyeOS fi le Parameter Directory Traversal CVE-2011-1715 21 Apr 2011 5 (v2) Medium Pass Horde IMP HTML MIME Viewer Multiple XSS 29 Sep 2004 4.3 (v2) Medium Pass Unmanarc Remote Control Server (URCS) Detection 01 Oct 2004 10 (v2) Critical Pass NetworkActiv Web Server Encoded URL Request Remote DoS 05 Oct 2004 5 (v2) Medium Pass HP System Management Homepage < 6.3 Multiple Vulnerabilities CVE-2010-1917 CVE-2010-2531 CVE-2010-2939 CVE-2010-2950 CVE-2010-3709 CVE-2010-4008 CVE-2010-4156 CVE-2011-1540 CVE-2011-1541 22 Apr 2011 10 (v2) Critical Pass Plone Security Bypass CVE-2011-0720 25 Apr 2011 7.5 (v2) High Pass IBM DB2 9.7 < Fix Pack 4 Multiple Vulnerabilities CVE-2011-1846 CVE-2011-1847 25 Apr 2011 7.3 (v3) High Pass Symphony token Parameter SQL Injection 02 May 2011 7.5 (v2) High Pass Spreecommerce api/orders.json Search Function Arbitrary Command Execution 03 May 2011 8.8 (v3) High Pass Adobe Flash Media Server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11) CVE-2010-3864 CVE-2011-0612 13 May 2011 10 (v2) Critical Pass Multiple Vendor RPC portmapper Access Restriction Bypass CVE-2011-0321 CVE-2011-1210 19 May 2011 6.4 (v2) Medium Pass eFront js/scripts.php 'load' Parameter Remote File Inclusion 23 May 2011 7.5 (v2) High Pass HP Data Protector Remote Command Execution CVE-2011-0923 03 May 2011 10 (v2) Critical Pass Skype for Mac 5.x < 5.1.0.922 Unspeci fi ed Remote Code Execution (uncredentialed check) CVE-2011-2074 09 May 2011 5.1 (v2) Medium Pass phpMyAdmin url.php Redirect (PMASA-2011-4) CVE-2011-1941 24 May 2011 5.8 (v3) Medium Pass Movable Type mt-comments.cgi static Parameter XSS 27 May 2011 4.3 (v2) Medium Pass Apache Archiva < 1.3.5 Multiple Vulnerabilities CVE-2011-1026 CVE-2011-1077 05 Jun 2011 7.5 (v2) High Pass Movable Type User Registration Restriction Bypass 23 Jun 2011 4.3 (v2) Medium Pass HP Data Protector <= A.06.20 Multiple Vulnerabilities (uncredentialed check) CVE-2011-1514 CVE-2011-1515 CVE-2011-1864 CVE-2011-1865 CVE-2011-1866 06 Jul 2011 10 (v2) Critical Pass AllVideos Reloaded! Plugin for Joomla! 'divid' Parameter SQLi 19 Jul 2011 7.3 (v3) High Pass AlphaRegistration Component for Joomla! 'email' Parameter SQLi 25 Jul 2011 5.6 (v3) Medium Pass jCart 1.1 my-item-name POST Parameter XSS 08 Aug 2011 4.3 (v2) Medium Pass Adobe Flash Media Server < 3.5.7 / 4.0.3 Denial of Service (APSB11-20) CVE-2011-2132 10 Aug 2011 7.8 (v2) High Pass CGI Generic Script Injection (quick test) 04 Aug 2011 4.3 (v2) Medium Pass Invision Power Board Referer fi eld XSS CVE-2004-1578 06 Oct 2004 4.3 (v2) Medium Pass PHP 5.3 < 5.3.7 Multiple Vulnerabilities CVE-2011-1148 CVE-2011-1657 CVE-2011-1938 CVE-2011-2202 CVE-2011-2483 CVE-2011-3182 CVE-2011-3267 CVE-2011-3268 22 Aug 2011 10 (v2) Critical Pass PHP 5.3.7 crypt() MD5 Incorrect Return Value CVE-2011-3189 24 Aug 2011 7.5 (v2) High Pass Sitecore CMS 'default.aspx' XSS CVE-2009-2163 25 Aug 2011 4.3 (v2) Medium Pass Sitecore CMS < 6.4.1 rev.110720 'url' Parameter URI Redirection 25 Aug 2011 4.3 (v2) Medium Pass HP Client Automation radexecd.exe Remote Command Execution CVE-2011-0889 12 Sep 2011 10 (v2) Critical Pass OpenAdmin Tool for Informix informixserver Parameter XSS CVE-2011-3390 13 Sep 2011 4.3 (v2) Medium Pass phpMyAdmin 3.4.x < 3.4.5 XSS (PMASA-2011-14) 03 Oct 2011 4.3 (v2) Medium Pass MyBB 1.6.4 Backdoor PHP Remote Code Execution 14 Oct 2011 7.5 (v2) High Pass SonicWALL ViewPoint Server Default Credentials 26 Oct 2011 7.5 (v2) High Pass Dropbox Software Detection (uncredentialed check) 02 Nov 2011 None Pass phpLDAPadmin orderby Parameter Arbitrary PHP Code Execution CVE-2011-4075 03 Nov 2011 7.5 (v2) High Pass TimThumb Cache Directory 'src' Parameter Arbitrary PHP File Upload CVE-2011-4106 08 Nov 2011 7.5 (v2) High Pass IBM DB2 9.7 < Fix Pack 5 Multiple Denial of Service Vulnerabilities CVE-2010-4476 CVE-2011-1373 23 Nov 2011 5.3 (v3) Medium Pass SIP Username Enumeration 01 Dec 2011 5 (v2) Medium Pass Oracle WebLogic Server Web Services Security Policy not Enforced (CVE-2008-5459) CVE-2008-5459 07 Dec 2011 5 (v2) Medium Pass phpMyAdmin 3.4.x < 3.4.8 XSS (PMASA-2011-18) CVE-2011-4634 19 Dec 2011 4.3 (v2) Medium Pass FreeBSD 'telnetd' Daemon Remote Bu ff er Over fl ow CVE-2011-4862 09 Jan 2012 10 (v2) Critical Pass Plone Request Parsing Remote Command Execution CVE-2011-3587 20 Dec 2011 7.5 (v2) High Pass PHP < 5.3.9 Multiple Vulnerabilities CVE-2011-3379 CVE-2011-4566 CVE-2011-4885 CVE-2012-0057 CVE-2012-0781 CVE-2012-0788 CVE-2012-0789 13 Jan 2012 7.5 (v2) High Pass SimpleSAMLphp logout.php link_href Parameter XSS CVE-2012-0908 23 Jan 2012 4.3 (v2) Medium Pass MS12-007: Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664) (uncredentialed check) CVE-2012-0007 17 Jan 2012 5 (v2) Medium Pass Trend Micro Control Manager CmdProcessor.exe Detection 24 Jan 2012 None Pass PHP 5.3.9 'php_register_variable_ex()' Code Execution (banner check) CVE-2012-0830 03 Feb 2012 10 (v2) Critical Pass Skype for Windows < 5.8.0.154 Unspeci fi ed Vulnerability (uncredentialed check) 09 Feb 2012 9.3 (v2) High Pass Default Password (nasadmin) for 'root' Account CVE-1999-0502 13 Feb 2012 9.8 (v3) Critical Pass Default Password (nasadmin) for 'nasadmin' Account CVE-1999-0502 13 Feb 2012 9.8 (v3) Critical Pass Oracle WebCenter Content Default Administration Credentials 16 Feb 2012 7.5 (v2) High Pass Oracle WebCenter Content Help Component XSS CVE-2012-0085 16 Feb 2012 4.3 (v2) Medium Pass Oracle WebCenter Content 'GET_SEARCH_RESULTS' SQL Injection CVE-2012-0083 16 Feb 2012 6.4 (v2) Medium Pass Oracle WebCenter Content idc/idcplg Multiple Parameter XSS CVE-2012-0084 16 Feb 2012 4.3 (v2) Medium Pass Horde 3.3.12 open_calendar.js Backdoor CVE-2012-0209 17 Feb 2012 7.5 (v2) High Pass phpLDAPadmin lib/QueryRender.php base Parameter XSS CVE-2012-0834 20 Feb 2012 4.3 (v2) Medium Pass FreePBX gen_amp_conf.php Information Disclosure 22 Feb 2012 7.5 (v2) High Pass IBM solidDB 6.5 < 6.5.0.8 Multiple Denial of Service Vulnerabilities CVE-2010-4055 CVE-2010-4056 CVE-2010-4057 23 Feb 2012 5 (v2) Medium Pass DB2 9.5 < Fix Pack 9 Multiple Vulnerabilities CVE-2012-0709 CVE-2012-0710 CVE-2012-0711 CVE-2012-0712 CVE-2012-1796 CVE-2012-1797 08 Mar 2012 6.3 (v3) Medium Pass Java Debug Wire Protocol Detection 20 Mar 2012 7.5 (v2) High Pass WebGlimpse query Parameter Command Injection CVE-2012-1795 21 Mar 2012 7.5 (v2) High Pass nginx < 1.0.10 ngx_resolver_copy Function DNS Response Parsing Bu ff er Over fl ow CVE-2011-4315 21 Mar 2012 5.6 (v3) Medium Pass Zenphoto 404 Error Page XSS CVE-2012-0995 23 Mar 2012 4.3 (v2) Medium Pass Zenphoto viewer_size_image_saved Cookie Value eval() Call Remote PHP Code Execution CVE-2012-0993 23 Mar 2012 8.8 (v3) High Pass Microsoft ASP.NET ValidateRequest Filters Bypass CVE-2008-3842 CVE-2008-3843 05 Apr 2012 5.4 (v3) Medium Pass Dolibarr passwordforgotten.php theme Parameter Local File Inclusion 13 Apr 2012 6.8 (v2) Medium Pass Dolibarr 3.1.0 admin/company.php username Parameter XSS CVE-2011-4329 13 Apr 2012 4.3 (v2) Medium Pass SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST) CVE-2011-3389 16 Apr 2012 5.3 (v3) Medium Pass Apache 2.4.x < 2.4.2 'LD_LIBRARY_PATH' Insecure Library Loading CVE-2012-0883 19 Apr 2012 7 (v3) High Pass HP System Management Homepage < 7.0 Multiple Vulnerabilities CVE-2009-0037 CVE-2010-0734 CVE-2010-1452 CVE-2010-1623 CVE-2010-2068 CVE-2010-2791 CVE-2010-3436 CVE-2010-4409 CVE-2010-4645 CVE-2011-0014 CVE-2011-0195 CVE-2011-0419 CVE-2011-1148 CVE-2011-1153 CVE-2011-1464 CVE-2011-1 20 Apr 2012 10 (v2) Critical Pass phpBB Cash_Mod admin_cash.php Arbitrary Command Execution CVE-2004-1535 18 Nov 2004 8.3 (v3) High Pass IBM Tivoli Directory Server Web Administration Tool Unspeci fi ed XSS CVE-2012-0740 20 Apr 2012 4.3 (v2) Medium Pass Moodle MSA-11-0007 'coursetags_more.php' XSS 27 Apr 2012 4.3 (v2) Medium Pass PHP < 5.3.11 Multiple Vulnerabilities CVE-2011-1398 CVE-2012-0831 CVE-2012-1172 02 May 2012 6.8 (v2) Medium Pass PHP 5.4.x < 5.4.1 Multiple Vulnerabilities CVE-2012-1172 CVE-2012-4388 02 May 2012 5 (v2) Medium Pass PHP Unsupported Version Detection 04 May 2012 10 (v3) Critical Pass PHP 5.4.x < 5.4.3 Multiple Vulnerabilities CVE-2012-2311 CVE-2012-2329 CVE-2012-2335 CVE-2012-2336 09 May 2012 8.3 (v2) High 55

Pass PHP-Fusion 4.01 Multiple Vulnerabilities CVE-2004-2437 CVE-2004-2438 08 Oct 2004 6.5 (v2) Medium Pass Liferay Portal < 6.0.6 Multiple Vulnerabilities CVE-2011-1502 CVE-2011-1503 CVE-2011-1504 CVE-2011-1570 CVE-2011-1571 22 May 2012 9.3 (v2) High Pass Liferay Portal 6.0.5 / 6.0.6 Arbitrary File Download 22 May 2012 6.8 (v2) Medium Pass Liferay Portal 6.1.0 'addUser()' Security Bypass 22 May 2012 10 (v2) Critical Pass Apache OFBiz Default Credentials 23 May 2012 7.5 (v2) High Pass Apache OFBiz FlexibleStringExpander Remote Code Execution CVE-2012-1622 23 May 2012 9.8 (v3) Critical Pass Apache OFBiz Webslinger Component XSS CVE-2012-1621 23 May 2012 4.3 (v2) Medium Pass Liferay Portal 6.1.0 User Enumeration 04 Jun 2012 5 (v2) Medium Pass Liferay Portal 6.1.0 Forward Target Handling Security Bypass 04 Jun 2012 10 (v2) Critical Pass Liferay Portal upload_progress_poller.jsp XSS 04 Jun 2012 5.8 (v2) Medium Pass PHP 5.3.x < 5.3.14 Multiple Vulnerabilities CVE-2012-2143 CVE-2012-2386 CVE-2012-3450 CVE-2012-6113 15 Jun 2012 7.5 (v2) High Pass PHP 5.4.x < 5.4.4 Multiple Vulnerabilities CVE-2012-2143 CVE-2012-2386 CVE-2012-3450 15 Jun 2012 7.5 (v2) High Pass PHP php_variables.c Multiple Variable Open Bracket Memory Disclosure CVE-2004-0958 08 Oct 2004 5 (v2) Medium Pass MailEnable ForgottenPassword.aspx Username Parameter XSS CVE-2012-0389 19 Jun 2012 4.3 (v2) Medium Pass IBM DB2 9.1 < Fix Pack 11 Multiple DoS CVE-2010-4476 CVE-2012-0710 21 Jun 2012 5.3 (v3) Medium Pass Elgg index.php view Parameter XSS CVE-2012-6561 22 Jun 2012 4.3 (v2) Medium Pass MikroTik Winbox < 5.17 File Download DoS 27 Jun 2012 5 (v2) Medium Pass HP System Management Homepage < 7.1.1 Multiple Vulnerabilities CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-3379 CVE-2011-3607 CVE-2011-4078 CVE-2011-4108 CVE-2011-4153 CVE-2011-4317 CVE-2011-4415 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2011-4885 CVE-2012-0021 CVE-2012-0 05 Jul 2012 10 (v2) Critical Pass IBM Domino Password Protected DB Enumeration 05 Jul 2012 None Pass IBM DB2 9.7 < Fix Pack 6 Multiple Vulnerabilities CVE-2011-4061 CVE-2012-0709 CVE-2012-0711 CVE-2012-0712 CVE-2012-0713 CVE-2012-2180 10 Jul 2012 7.3 (v3) High Pass CubeCart index.php cat_id Parameter SQL Injection CVE-2004-1580 08 Oct 2004 7.5 (v2) High Pass Danware NetOp Host HELO Request Remote Information Disclosure CVE-2004-0950 19 Nov 2004 5 (v2) Medium Pass IBM DB2 9.8 < Fix Pack 5 Multiple Vulnerabilities CVE-2012-0712 CVE-2012-0713 CVE-2012-2180 10 Jul 2012 5.3 (v3) Medium Pass Ruby on Rails HTTP Digest Authentication Bypass CVE-2009-2422 21 Jul 2009 7.5 (v2) High Pass eAccelerator encoder.php File Backup CVE-2009-2353 22 Jul 2009 7.5 (v2) High Pass phpMyAdmin Installation Not Password Protected 23 Jul 2009 7.5 (v2) High Pass MODx con fi g.js.php Information Disclosure 28 Jul 2009 5 (v2) Medium Pass Snitz Forums 2000 <= 3.4.07 register.asp 'Email' Parameter SQL Injection CVE-2003-0286 03 Aug 2009 7.5 (v2) High Pass PHP-Kit <= 1.6.1 RC2 Multiple Vulnerabilities CVE-2004-1537 CVE-2004-1538 CVE-2005-2683 CVE-2005-2699 CVE-2005-3552 CVE-2005-3553 CVE-2005-3554 CVE-2005-4424 CVE-2006-0785 CVE-2006-0786 CVE-2006-1507 CVE-2006-1773 22 Nov 2004 7.5 (v2) High Pass TinyBrowser Multiple XSS 05 Aug 2009 4.7 (v3) Medium Pass IBM DB2 8.1 < Fix Pack 18 Multiple Vulnerabilities CVE-2009-2858 CVE-2009-2859 CVE-2009-2860 20 Aug 2009 5.3 (v3) Medium Pass FlexCMS Login Cookie SQL Injection 31 Aug 2009 7.5 (v2) High Pass Kayako SupportSuite Ticket Subject XSS CVE-2009-3427 04 Sep 2009 4.3 (v2) Medium Pass Zmanda Recovery Manager for MySQL socket-server.pl MYSQL_BINPATH Variable Command Execution CVE-2009-3102 07 Sep 2009 8.8 (v3) High Pass ChartDirector for .NET cacheId Parameter Arbitrary File Access 11 Sep 2009 5 (v2) Medium Pass Orion Application Server Web Examples Multiple XSS 15 Sep 2009 4.3 (v2) Medium Pass BF Survey Pro Component for Joomla! 'table' Parameter SQLi CVE-2009-4625 15 Sep 2009 7.3 (v3) High Pass PHP < 5.2.11 Multiple Vulnerabilities CVE-2009-3291 CVE-2009-3292 CVE-2009-3293 CVE-2009-3294 CVE-2009-4018 CVE-2009-5016 18 Sep 2009 7.5 (v2) High Pass Brio Unix odscgi HTMLFile Parameter Traversal Arbitrary File Access 30 Nov 2004 5 (v2) Medium Pass Interchange < 5.4.4 / 5.6.2 / 5.7.2 Search Request Information Disclosure 23 Sep 2009 5 (v2) Medium Pass Ektron CMS400.NET id Parameter XSS CVE-2009-4473 24 Sep 2009 4.3 (v2) Medium Pass Ability Mail Server < 2.70 IMAP4 FETCH DoS CVE-2009-3445 28 Sep 2009 4 (v2) Medium Pass IDoBlog Component for Joomla! 'userid' Parameter SQLi CVE-2009-3417 25 Sep 2009 7.3 (v3) High Pass Serv-U < 9.0.0.1 05 Oct 2009 4.3 (v2) Medium Pass IBM DB2 9.1 < Fix Pack 8 Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3472 CVE-2009-3473 06 Oct 2009 6.5 (v3) Medium Pass Default Password (sq!us3r) for 'dbadmin' Account CVE-1999-0502 CVE-2009-3710 15 Oct 2009 9.8 (v3) Critical Pass IBM Rational RequisitePro ReqWebHelp Multiple XSS CVE-2009-3730 20 Oct 2009 4.3 (v2) Medium Pass Default Password (infoblox) for 'admin' Account CVE-1999-0502 22 Oct 2009 9.8 (v3) Critical Pass Adobe ColdFusion <= 8.0.1 _logintowizard.cfm XSS CVE-2009-1872 CVE-2009-1875 02 Nov 2009 4.3 (v2) Medium Pass ViewVC Invalid Parameter Arbitrary HTML Injection 03 Nov 2009 4.3 (v2) Medium Pass CubeCart Admin Authentication Bypass CVE-2009-3904 03 Nov 2009 7.5 (v2) High Pass Default Password (alpine) for 'root' Account CVE-1999-0502 04 Nov 2009 9.8 (v3) Critical Pass Default Password (alpine) for 'mobile' Account CVE-1999-0502 04 Nov 2009 9.8 (v3) Critical Pass CubeCart 'admin.php' Authentication Bypass Information Disclosure 04 Nov 2009 5 (v2) Medium Pass CGI Generic SQL Injection (blind) 06 Nov 2009 7.5 (v2) High Pass MailEnable IMAP Server Multiple Remote Bu ff er Over fl ows CVE-2004-2501 30 Nov 2004 7.5 (v2) High Pass CGI Generic XSS (persistent) 06 Nov 2009 4.3 (v2) Medium Pass CGI Generic SQL Injection (HTTP Headers) 06 Nov 2009 7.5 (v2) High Pass Jumi Component for Joomla! <= 2.0.5 Backdoor Detection 16 Nov 2009 9.8 (v3) Critical Pass IBM Tivoli Storage Manager Client Multiple Vulnerabilities (swg21405562) CVE-2009-3853 CVE-2009-3854 CVE-2009-3855 16 Nov 2009 10 (v2) Critical Pass Movable Type mt-check.cgi System Information Disclosure 18 Nov 2009 5 (v2) Medium Pass PHP 5.3 < 5.3.1 Multiple Vulnerabilities CVE-2009-3557 CVE-2009-3559 CVE-2009-4017 CVE-2009-4018 CVE-2010-1128 20 Nov 2009 6.8 (v2) Medium Pass CubeCart includes/content/viewProd.inc.php productId Parameter SQL Injection CVE-2009-4060 24 Nov 2009 7.5 (v2) High Pass Squeezebox Server Detection 30 Nov 2009 None Pass Serv-U < 9.1.0.0 CVE-2009-4006 CVE-2009-4873 30 Nov 2009 9 (v2) High Pass GForge help/tracker.php helpname Parameter XSS CVE-2009-3303 01 Dec 2009 4.3 (v2) Medium Pass DNN (DotNetNuke) < 5.2.0 SearchResults.aspx XSS CVE-2009-4110 02 Dec 2009 4.3 (v2) Medium Pass AWStats < 6.95 awredir.pl Arbitrary Site Redirect 02 Dec 2009 4.7 (v3) Medium Pass Request Tracker Default Credentials 04 Dec 2009 7.5 (v2) High Pass Request Tracker Session Fixation Vulnerability CVE-2009-4151 04 Dec 2009 5.8 (v2) Medium Pass Pligg login.php return Parameter Arbitrary Site Redirect CVE-2009-4788 07 Dec 2009 4.7 (v3) Medium Pass LyftenBloggie Component for Joomla! 'author' Parameter SQLi CVE-2009-4104 07 Dec 2009 7.3 (v3) High Pass GCalendar Component for Joomla! 'gcid' Parameter SQLi CVE-2009-4099 09 Dec 2009 7.3 (v3) High Pass Zen Cart extras/curltest.php Information Disclosure CVE-2009-4321 10 Dec 2009 5 (v2) Medium Pass e107 submitnews.php XSS CVE-2009-4083 10 Dec 2009 4.3 (v2) Medium Pass TestLink login.php req Parameter XSS CVE-2009-4237 10 Dec 2009 4.3 (v2) Medium Noise HTTP Methods Allowed (per directory) 10 Dec 2009 None Pass phpShop Default Credentials 14 Dec 2009 7.5 (v2) High Pass phpShop shop/ fl ypage SQL Injection CVE-2008-0681 CVE-2009-4571 14 Dec 2009 6.8 (v2) Medium Pass CGI Generic SQL Injection (blind, time based) 14 Dec 2009 7.5 (v2) High Pass Invision Power Board < 3.0.5 Multiple Vulnerabilities 15 Dec 2009 6.8 (v2) Medium Pass IBM DB2 9.5 < Fix Pack 5 Multiple Unspeci fi ed Vulnerabilities CVE-2009-4325 CVE-2009-4326 CVE-2009-4327 CVE-2009-4328 CVE-2009-4329 CVE-2009-4330 CVE-2009-4331 CVE-2009-4332 CVE-2009-4333 CVE-2009-4334 CVE-2009-4335 CVE-2009-4438 CVE-2009-4439 16 Dec 2009 6.5 (v3) Medium Pass PHP < 5.2.12 Multiple Vulnerabilities CVE-2009-3557 CVE-2009-3558 CVE-2009-4017 CVE-2009-4142 CVE-2009-4143 18 Dec 2009 6.8 (v2) Medium Pass Oracle WebLogic Default Credentials 18 Dec 2009 9.8 (v3) Critical Pass Serv-U < 9.2.0.1 CVE-2009-4815 21 Dec 2009 4 (v2) Medium Pass Adobe Flash Media Server < 3.0.5 / 3.5.3 Multiple Vulnerabilities (APSB09-18) CVE-2009-3791 CVE-2009-3792 22 Dec 2009 10 (v2) Critical Pass ClarkConnect proxy.php url Parameter XSS 23 Dec 2009 4.3 (v2) Medium Pass phpLDAPadmin cmd.php cmd Parameter Local File Inclusion CVE-2009-4427 23 Dec 2009 6.8 (v2) Medium Pass daloRADIUS login.php error Parameter XSS CVE-2009-4347 23 Dec 2009 4.3 (v2) Medium Pass SQL-Ledger ' admin.pl ' Empty Credentials CVE-2009-4402 23 Dec 2009 7.5 (v2) High Pass Apache Tomcat Directory Traversal CVE-2007-0450 04 Jan 2010 5 (v2) Medium Pass Joomla! / Mambo Component Multiple Parameter Local File Include Vulnerabilities CVE-2010-0157 CVE-2010-0467 CVE-2010-0676 CVE-2010-0944 CVE-2010-0972 CVE-2010-1056 CVE-2010-1081 CVE-2010-1304 CVE-2010-1305 CVE-2010-1306 CVE-2010-1308 CVE-2010-1312 CVE-2010-1314 CVE-2010-1340 CVE-2010-1345 CVE-2010-1 04 Jan 2010 9.8 (v3) Critical Pass JS Jobs Component for Joomla! 'md' Parameter SQLi CVE-2009-4599 11 Jan 2010 7.3 (v3) High Pass CGI Generic Cookie Injection Scripting 25 Jan 2010 4.3 (v2) Medium Pass Mort Bay Jetty Multiple XSS CVE-2009-4612 26 Jan 2010 4.3 (v2) Medium Pass phpMyAdmin setup.php unserialize() Arbitrary PHP Code Execution (PMASA-2010-3) CVE-2009-4605 27 Jan 2010 7.5 (v2) High Pass SilverStripe Forums Module 'Search' Parameter XSS CVE-2010-1593 28 Jan 2010 4.3 (v2) Medium Pass TinyBrowser Component for Joomla! 'tinybrowser_lang' Cookie Local File Include 29 Jan 2010 9.8 (v3) Critical Pass MoinMoin 'sys.argv' Information Disclosure 02 Feb 2010 4.3 (v2) Medium Pass OCS Inventory NG Server Administration Console Detection 04 Feb 2010 None Pass Bugzilla Directory Access Information Disclosure CVE-2009-3989 10 Feb 2010 5 (v2) Medium Pass Scriptegrator Plugin for Joomla! ' fi les[]' Parameter Remote File Include CVE-2010-0759 20 Feb 2010 9.8 (v3) Critical Pass Joomla! JoomlaWorks AllVideos Plugin ' fi le' Parameter Directory Traversal CVE-2010-0696 23 Feb 2010 5.3 (v3) Medium Pass Asterisk Recording Interface (ARI) Default Administrator Credentials 23 Feb 2010 7.5 (v2) High Pass FreePBX / PBXcon fi g Default Credentials 23 Feb 2010 7.5 (v2) High Pass trixbox maint Web Interface Default Credentials 23 Feb 2010 7.5 (v2) High Pass trixbox Cisco Phone Services PhoneDirectory.php ID Parameter SQL Injection CVE-2010-0702 23 Feb 2010 7.5 (v2) High Pass PHP < 5.3.2 / 5.2.13 Multiple Vulnerabilities CVE-2010-1128 CVE-2010-1129 CVE-2010-1130 26 Feb 2010 6.4 (v2) Medium Pass PostNuke pnTresMailer codebrowserpntm.php Traversal Arbitrary File Access CVE-2004-1205 CVE-2004-1206 30 Nov 2004 5 (v2) Medium Pass SilverStripe debug_pro fi le Parameter Information Disclosure CVE-2010-5188 01 Mar 2010 5 (v2) Medium Pass eGroupWare spellchecker.php Arbitrary Shell Command Execution CVE-2010-3313 10 Mar 2010 7.5 (v2) High Pass Skype skype: URI Handling /Datapath Argument Injection Settings Manipulation (uncredentialed check) 15 Mar 2010 4.3 (v2) Medium 56

Pass Trouble Ticket Express fi d Parameter Arbitrary Remote Code Execution 17 Mar 2010 8.8 (v3) High Pass eFront 'langname' Parameter Traversal Local File Inclusion CVE-2010-1003 22 Mar 2010 6.8 (v2) Medium Pass DNN (DotNetNuke) < 5.3.0 SearchResults.aspx XSS 22 Mar 2010 4.3 (v2) Medium Pass Serv-U < 9.4.0.0 24 Mar 2010 6.5 (v2) Medium Pass SiteX photo.php albumid Parameter SQL Injection CVE-2010-1343 26 Mar 2010 7.5 (v2) High Pass ViewVC viewvc.cgi search Parameter XSS CVE-2010-0132 02 Apr 2010 2.6 (v2) Low Pass Logitech Touch Mouse Server Detection 07 Apr 2010 None Pass MediaWiki Login Cross-Site Request Forgery 07 Apr 2010 3.5 (v2) Low Pass Joomla! / Mambo Component 'view' Parameter Local File Include CVE-2010-1313 CVE-2010-1476 CVE-2010-1531 CVE-2010-1533 CVE-2010-1535 CVE-2010-1983 CVE-2010-2128 12 Apr 2010 9.8 (v3) Critical Pass Properties Component for Joomla! 'aid' Parameter SQLi CVE-2010-1874 13 Apr 2010 7.3 (v3) High Pass MS10-024: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) (uncredentialed check) CVE-2010-0024 CVE-2010-0025 13 Apr 2010 5 (v2) Medium Pass Apache ActiveMQ Web Console Test Pages Information Disclosure 16 Apr 2010 5 (v2) Medium Pass Iomega smbwebclient.php Unauthenticated Filesystem Access 19 Apr 2010 10 (v3) Critical Pass YaBB Shadow BBCode Tag XSS 30 Nov 2004 4.3 (v2) Medium Pass Atlassian JIRA 500page.jsp Referer XSS CVE-2010-1164 20 Apr 2010 4.3 (v2) Medium Pass ActiveMQ Double Slash Request Source Code Disclosure CVE-2010-1587 24 Apr 2010 5 (v2) Medium Pass Alt-N MDaemon < 11.0.1 Multiple Remote DoS 26 Apr 2010 7.8 (v2) High Pass Hydra: Cisco 01 Dec 2004 7.5 (v2) High Pass HP System Management Homepage < 6.0.0.96 / 6.0.0-95 Multiple Vulnerabilities CVE-2008-1468 CVE-2008-4226 CVE-2008-5557 CVE-2008-5814 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-4185 CVE-2010-1034 27 Apr 2010 10 (v2) Critical Pass IBM DB2 9.1 < Fix Pack 9 Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3555 CVE-2010-0462 CVE-2010-3193 CVE-2010-3194 CVE-2010-3195 28 Apr 2010 6.3 (v3) Medium Pass MODx SearchHighlight plugin XSS CVE-2010-1427 29 Apr 2010 4.3 (v2) Medium Pass CGI Generic Path Traversal (write test) 30 Apr 2010 6.4 (v2) Medium Pass CGI Generic Path Traversal (extended test) 30 Apr 2010 5 (v2) Medium Pass Hydra: Cisco enable 01 Dec 2004 7.5 (v2) High Pass Campsite TinyMCE plugin 'attachments.php' 'article_id' Parameter SQL Injection CVE-2010-1867 05 May 2010 7.5 (v2) High Pass Default Password (alien) for 'root' Account CVE-1999-0502 06 May 2010 9.8 (v3) Critical Pass HP Mercury LoadRunner Agent Remote Command Execution CVE-2010-1549 07 May 2010 10 (v3) Critical Pass Visitor Data Module for Joomla! X-Forwarded-For Header RCE 13 May 2010 9.8 (v3) Critical Pass RokModule Component for Joomla! 'moduleid' Parameter SQi CVE-2010-1479 15 May 2010 7.3 (v3) High Pass c99shell Backdoor Detection 14 May 2010 7.5 (v2) High Pass r57shell Backdoor Detection 14 May 2010 7.5 (v2) High Pass e107 BBCode Arbitrary PHP Code Execution CVE-2010-2099 21 May 2010 7.5 (v2) High Pass Hydra: FTP 01 Dec 2004 7.5 (v2) High Pass Hydra: HTTP 01 Dec 2004 7.5 (v2) High Pass Open-AudIT include_lang.php language Parameter Traversal Local File Inclusion 24 May 2010 7.5 (v2) High Pass TikiWiki tiki-lastchanges.php Empty sort_mode Parameter Information Disclosure CVE-2006-5702 27 May 2010 5 (v2) Medium Pass Apache Axis2 'xsd' Parameter Directory Traversal 27 May 2010 5 (v2) Medium Pass PHP expose_php Information Disclosure 03 Jun 2010 5 (v2) Medium Pass MoinMoin PageEditor.py template Parameter XSS CVE-2010-2487 07 Jun 2010 4.3 (v2) Medium Pass Symphony 2.0.6 mode Parameter Local File Inclusion CVE-2010-2143 07 Jun 2010 7.5 (v2) High Pass UnrealIRCd Backdoor Detection CVE-2010-2075 14 Jun 2010 10 (v2) Critical Pass Apache Tomcat JK Connector Content-Length Header Cross-User Information Disclosure CVE-2008-5519 14 Jun 2010 2.6 (v2) Low Pass Moodle < 1.9.6 / 1.8.10 Multiple Vulnerabilities 24 Jun 2010 6.8 (v2) Medium Pass eyeMax DVR Server Detection 25 Jun 2010 None Pass Kerio Connect < 7.0.0 Products Administration Console File Disclosure and Corruption Vulnerabilities 25 Jun 2010 8 (v2) High Pass Bugzilla 'time-tracking' fi elds Information Disclosure CVE-2010-0180 CVE-2010-1204 CVE-2010-2470 30 Jun 2010 5 (v2) Medium Pass IIS 5.x Alternate Data Stream Authentication Bypass CVE-2010-2731 05 Jul 2010 7.5 (v2) High Pass ArtForms Component for Joomla! 'viewform' Parameter SQLi CVE-2010-2847 12 Jul 2010 7.3 (v3) High Pass Ipswitch IMail Server < 11.02 Multiple Vulnerabilities 16 Jul 2010 10 (v2) Critical Pass Hydra: HTTP proxy 01 Dec 2004 7.5 (v2) High Pass Hydra: ICQ 01 Dec 2004 7.5 (v2) High Pass Hydra: IMAP 01 Dec 2004 7.5 (v2) High Pass Bitweaver wiki/rankings.php style Parameter Traversal Local File Inclusion 15 Jul 2010 7.5 (v2) High Pass Pligg search.php search Parameter XSS 20 Jul 2010 4.3 (v2) Medium Pass Hydra: MS SQL 01 Dec 2004 7.5 (v2) High Pass Hydra: SMTP AUTH 01 Dec 2004 7.5 (v2) High Pass Hydra: SNMP 01 Dec 2004 7.5 (v2) High Pass Hydra: telnet 01 Dec 2004 10 (v2) Critical Pass Timbuktu Detection (TCP) 01 Dec 2004 None Pass CGI Generic XSS (comprehensive test) 26 Jul 2010 4.3 (v2) Medium Pass Nessus Web Server XSS CVE-2010-2914 26 Jul 2010 4.7 (v3) Medium Pass MediaWiki pro fi leinfo.php ' fi lter' Parameter XSS CVE-2010-2788 29 Jul 2010 2.6 (v2) Low Pass Huru Helpdesk Component for Joomla! 'cid[0]' Parameter SQLi CVE-2010-2907 30 Jul 2010 7.3 (v3) High Pass TYPO3 Back-end 'index.php' 'redirect_url' Redirect 03 Aug 2010 4.3 (v2) Medium Pass PHP 5.2 < 5.2.14 Multiple Vulnerabilities CVE-2007-1581 CVE-2010-0397 CVE-2010-1860 CVE-2010-1862 CVE-2010-1864 CVE-2010-2097 CVE-2010-2100 CVE-2010-2101 CVE-2010-2190 CVE-2010-2191 CVE-2010-2225 CVE-2010-2484 CVE-2010-2531 CVE-2010-3065 04 Aug 2010 7.5 (v2) High Pass CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS CVE-2004-0558 03 Dec 2004 5 (v2) Medium Pass PHP 5.3 < 5.3.3 Multiple Vulnerabilities CVE-2007-1581 CVE-2010-0397 CVE-2010-1860 CVE-2010-1862 CVE-2010-1864 CVE-2010-1917 CVE-2010-2097 CVE-2010-2100 CVE-2010-2101 CVE-2010-2190 CVE-2010-2191 CVE-2010-2225 CVE-2010-2484 CVE-2010-2531 CVE-2010-3062 CVE-2010-3 04 Aug 2010 9.3 (v2) High Pass Atlassian JIRA Con fi gureReport.jspa 'reportKey' Information Disclosure 06 Aug 2010 5 (v2) Medium Pass Default Password (0p3nm35h) for 'root' Account CVE-1999-0502 09 Aug 2010 9.8 (v3) Critical Pass Adobe Flash Media Server < 3.0.6 / 3.5.4 Multiple Vulnerabilities (APSB10-19) CVE-2010-2217 CVE-2010-2218 CVE-2010-2219 CVE-2010-2220 11 Aug 2010 10 (v2) Critical Pass Bugzilla 'reporter' fi eld Information Disclosure CVE-2010-2756 12 Aug 2010 5.3 (v3) Medium Pass FuseTalk categories.aspx FTVAR_SORTORDER Parameter XSS 17 Aug 2010 4.3 (v2) Medium Pass FuseTalk usersearchresults.cfm keyword Parameter XSS 17 Aug 2010 4.3 (v2) Medium Pass QNX pdebug Service Detection 17 Aug 2010 10 (v2) Critical Pass Serv-U < 10.2.0.0 25 Aug 2010 5 (v2) Medium Pass phpMyAdmin setup.php Arbitrary PHP Code Execution (PMASA-2010-4) CVE-2010-3055 27 Aug 2010 7.5 (v2) High Pass CGI Generic 2nd Order SQL Injection Detection (potential) 30 Aug 2010 7.5 (v2) High Pass Splunk Default Administrator Credentials (splunkd) 01 Sep 2010 7.5 (v2) High Pass SnortReport nmap.php target Parameter Arbitrary Command Execution 02 Sep 2010 8.8 (v3) High Pass Horde util/icon_browser.php subdir Parameter XSS CVE-2010-3077 07 Sep 2010 4.3 (v2) Medium Pass phpMyAdmin setup.php Verbose Server Name XSS (PMASA-2010-7) CVE-2010-3263 08 Sep 2010 4.3 (v2) Medium Pass HP System Management Homepage < 6.2 Multiple Vulnerabilities CVE-2009-3555 CVE-2009-4017 CVE-2009-4018 CVE-2009-4143 CVE-2010-1586 CVE-2010-2068 CVE-2010-3009 CVE-2010-3011 CVE-2010-3012 CVE-2010-3283 CVE-2010-3284 17 Sep 2010 9 (v2) High Pass Linksys Router Debug Credentials (Gemtek / gemtekswd) CVE-2010-1573 22 Sep 2010 10 (v2) Critical Pass Atmail WebMail < 6.2.0 (6.20) 'MailType' Parameter XSS CVE-2010-4930 30 Sep 2010 4.3 (v2) Medium Pass Mura CMS FILEID Parameter Directory Traversal CVE-2010-3468 30 Sep 2010 5 (v2) Medium Pass TikiWiki 'tiki-edit_wiki_section.php' type Parameter XSS 04 Oct 2010 4.3 (v2) Medium Pass Zen Cart index.php type fi lter Parameter Traversal Local File Inclusion 04 Oct 2010 5 (v2) Medium Pass SurgeMail surgeweb XSS CVE-2010-3201 04 Oct 2010 4.3 (v2) Medium Pass mathTeX mathtex.cgi getdirective Function dpi Tag Arbitrary Code Execution CVE-2009-1383 06 Oct 2010 7.5 (v2) High Pass MantisBT nusoap/nusoap.php NuSOAP WSDL XSS CVE-2010-3070 07 Oct 2010 4.3 (v2) Medium Pass MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) (uncredentialed check) CVE-2010-3332 08 Oct 2010 5 (v2) Medium Pass FreePBX admin/cdr/call-comp.php 'dst' Parameter SQLi 18 Oct 2010 7.5 (v2) High Pass BitDefender Update Server HTTP Request Traversal Arbitrary File Access CVE-2008-0396 21 Jan 2008 7.8 (v2) High Pass Crystal Reports Central Management Server Detection 23 Jan 2008 None Pass boastMachine mail.php id Parameter SQL Injection CVE-2008-0422 23 Jan 2008 7.5 (v2) High Pass Kayako SupportSuite syncml/index.php Direct Request Remote Information Disclosure CVE-2008-0395 23 Jan 2008 5 (v2) Medium Pass YaBB SE Cookie Authentication Bypass 23 Jan 2008 7.5 (v2) High Pass MoinMoin MOIN_ID Cookie userform Action Traversal Arbitrary File Overwrite CVE-2008-0782 24 Jan 2008 7.5 (v2) High Pass nagios-statd Daemon Detection 26 Jan 2008 None Pass AXIMilter Detection 28 Jan 2008 None Pass CandyPress Store admin/utilities_Con fi gHelp.asp help fi eld Parameter SQL Injection CVE-2008-0737 28 Jan 2008 7.5 (v2) High Pass vTiger CRM Directory File Disclosure CVE-2008-3458 28 Jan 2008 5 (v2) Medium Pass SQLiteManager con fi rm.php spaw_root Parameter Remote File Inclusion CVE-2008-0516 30 Jan 2008 6.8 (v2) Medium Pass VNCviewer in Listen Mode Detection 04 Feb 2008 None Pass AkoGallery Component for Mambo / Joomla! 'id' Parameter SQLi CVE-2008-0561 04 Feb 2008 7.3 (v3) High Pass IBM DB2 < 8.1 Fix Pack 16 Multiple Vulnerabilities CVE-2007-3676 CVE-2007-5757 CVE-2008-0698 05 Feb 2008 9.8 (v3) Critical Pass WinComLPD LPD Monitoring Server Detection 06 Feb 2008 None Pass Skype Web Content Zone Multiple Field Remote Code Execution (uncredentialed check) CVE-2008-0454 CVE-2008-0582 CVE-2008-0583 07 Feb 2008 7.6 (v2) High Pass ExtremeZ-IP File and Print Server Zidget/HTTP Server Traversal Arbitrary File Access CVE-2008-0758 12 Feb 2008 5 (v2) Medium Pass osCommerce Customer Testimonials customer_testimonials.php testimonial_id Parameter SQL Injection CVE-2008-0719 13 Feb 2008 7.5 (v2) High Pass Joomla! 'mosCon fi g_absolute_path' Parameter Remote File Include CVE-2008-5671 15 Feb 2008 9.8 (v3) Critical Pass Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities CVE-2007-6148 CVE-2007-6149 CVE-2007-6431 15 Feb 2008 10 (v2) Critical 57

Pass Dokeos main/inc/lib/events.lib.inc.php Referer HTTP Header SQL Injection CVE-2008-0850 19 Feb 2008 7.5 (v2) High Pass ProjectPier index.php Multiple Parameter XSS CVE-2008-5584 19 Feb 2008 4.3 (v2) Medium Pass Kerio MailServer < 6.5.0 Multiple Vulnerabilities CVE-2008-0858 CVE-2008-0859 CVE-2008-0860 20 Feb 2008 10 (v2) Critical Pass BEA Plumtree portal/ server.pt name Parameter XSS 20 Feb 2008 4.3 (v2) Medium Pass SAPlpd < 6.29 Multiple Vulnerabilities CVE-2008-0620 CVE-2008-0621 20 Feb 2008 10 (v2) Critical Pass SMPP Server Detection 21 Feb 2008 None Pass OSSIM Framework session/login.php dest Parameter XSS CVE-2008-0919 22 Feb 2008 4.3 (v2) Medium Pass Hosting Controller hosting/addreseller.asp reseller Parameter Authentication Bypass CVE-2007-6494 27 Feb 2008 7.5 (v2) High Pass Nukedit utilities/login.asp email Parameter SQL Injection CVE-2008-5582 27 Feb 2008 7.5 (v2) High Pass Centreon include/doc/get_image.php 'img' Parameter Traversal Arbitrary File Access CVE-2008-1119 28 Feb 2008 5 (v2) Medium Pass netO ffi ce Dwins demoSession Parameter Authentication Bypass CVE-2008-2044 04 Mar 2008 8.8 (v3) High Pass MediaWiki JSON Callback Crafted API Request Information Disclosure CVE-2008-1318 04 Mar 2008 4.3 (v2) Medium Pass StarTeam Server Detection 05 Mar 2008 None Pass Versant Connection Services Daemon Detection 10 Mar 2008 None Pass IBM WebSphere MQ Listener Detection 10 Mar 2008 None Pass RAPI Manager Detection 11 Mar 2008 None Pass Reverse NAT/Intercepting Proxy Detection 12 Mar 2008 None Pass KiSS PC-Link Server Detection (TCP) 14 Mar 2008 None Pass Dovecot passdbs Argument Injection Authentication Bypass CVE-2008-1218 14 Mar 2008 5.8 (v2) Medium Pass XOOPS Dictionary Module print.php id Parameter SQL Injection 19 Mar 2008 7.5 (v2) High Pass PHPAuction Multiple Script include_path Parameter File Inclusion CVE-2008-1416 19 Mar 2008 7.5 (v2) High Pass MDaemon IMAP Server FETCH Command Remote Bu ff er Over fl ow CVE-2008-1358 21 Mar 2008 9 (v2) High Pass DNN (DotNetNuke) Upgrade Process ValidationKey Generation Weakness Privilege Escalation CVE-2008-6540 25 Mar 2008 7.5 (v2) High Pass Acronis Agent Detection (TCP) 25 Mar 2008 None Pass Custom Pages for Joomla! 'cpage' Parameter Local File Include CVE-2008-1505 25 Mar 2008 7.3 (v3) High Pass my_gallery Plugin for e107 dload.php fi le Parameter Arbitrary File PHP Source Disclosure CVE-2008-1702 26 Mar 2008 5 (v2) Medium Pass XSTUNT Server Detection 26 Mar 2008 None Pass eggBlog _lib/user.php eb_login Function Cookie Handling SQL Injection CVE-2008-1626 01 Apr 2008 6.8 (v2) Medium Pass Site Sift Listings detail.php id Parameter SQL Injection CVE-2008-1869 08 Apr 2008 7.5 (v2) High Pass Coppermine Photo Gallery bridge/coppermine.inc.php Bridge Wizard Session Cookie SQL Injection CVE-2008-1841 14 Apr 2008 7.5 (v2) High Pass ActualAnalyzer Lite style Parameter Traversal Local File Inclusion CVE-2008-2076 02 May 2008 6.8 (v2) Medium Pass PHP < 5.2.6 Multiple Vulnerabilities CVE-2007-4850 CVE-2007-6039 CVE-2008-0599 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051 02 May 2008 7.5 (v2) High Pass Webhosting Component for Joomla! 'catid' Parameter SQLi CVE-2008-6653 02 May 2008 7.3 (v3) High Pass SAP MaxDB Multiple Vulnerabilities CVE-2008-0244 CVE-2008-0306 CVE-2008-0307 09 May 2008 10 (v2) Critical Pass Firebird Default Credentials 14 May 2008 7.5 (v2) High Pass Firebird on Gentoo Linux /etc/conf.d/ fi rebird Invocation ISC_PASSWORD Authentication Bypass CVE-2008-1880 14 May 2008 7.5 (v2) High Pass DatsoGallery Component for Joomla! sub_votepic.php User-Agent HTTP Header SQLi CVE-2008-5208 14 May 2008 7.3 (v3) High Pass Web Site Cross-Domain Policy File Detection 15 May 2008 None Pass Mantis manage_user_create.php CSRF New User Creation CVE-2008-2276 15 May 2008 4.3 (v2) Medium Pass Site Documentation Module for Drupal Database Tables Access Content Permission Information Disclosure CVE-2008-2271 16 May 2008 7.5 (v2) High Pass IBM Lotus Domino < 8.0.1 / 7.0.3 FP1 Multiple Vulnerabilities CVE-2008-2240 CVE-2008-2410 23 May 2008 10 (v2) Critical Pass Xerox DocuShare dsweb Servlet Multiple XSS CVE-2008-5225 02 Jun 2008 4.3 (v2) Medium Pass AEC Subscription Manager Component for Mambo / Joomla! 'usage' Parameter SQLi 04 Jun 2008 7.3 (v3) High Pass PHP 7.3.x < 7.3.4 Multiple vulnerabilities. CVE-2019-11034 CVE-2019-11035 04 Apr 2019 9.1 (v3) Critical Pass PHP 7.2.x < 7.2.17 Multiple vulnerabilities. CVE-2019-11034 CVE-2019-11035 04 Apr 2019 9.1 (v3) Critical Pass PHP 7.1.x < 7.1.28 Multiple vulnerabilities. CVE-2019-11034 CVE-2019-11035 04 Apr 2019 9.1 (v3) Critical Pass LifeType for Drupal (pLog) index.php albumId Parameter SQL Injection CVE-2008-2629 06 Jun 2008 7.5 (v2) High Pass Skype fi le: URI Handling Security Bypass Arbitrary Code Execution (uncredentialed check) CVE-2008-1805 CVE-2008-2545 06 Jun 2008 9.3 (v2) High Pass IBM DB2 < 9 Fix Pack 5 Multiple Vulnerabilities CVE-2008-2154 CVE-2008-3852 CVE-2008-3854 CVE-2008-3855 CVE-2008-3856 CVE-2008-3857 CVE-2008-6821 10 Jun 2008 9.8 (v3) Critical Pass LISa Detection 17 Jun 2008 None Pass Ektron CMS400.NET WorkArea/ContentRatingGraph.aspx res Parameter SQL Injection CVE-2008-5122 26 Jun 2008 7.5 (v2) High Pass Trac quickjump Search Script q Parameter Arbitrary Site Redirect CVE-2008-2951 30 Jun 2008 5.4 (v3) Medium Pass nBill component for Joomla! 'cid' Parameter SQLi CVE-2008-3498 30 Jun 2008 7.3 (v3) High Pass TrailScout Module For Drupal Session Cookie SQL Injection CVE-2008-2850 30 Jun 2008 7.5 (v2) High Pass Call Of Duty Server Detection 30 Jun 2008 None Pass EMC AlphaStor Library Manager Detection 01 Jul 2008 None Pass EMC AlphaStor Device Manager Detection 01 Jul 2008 None Pass Sun Java System ASP Server Detection 08 Jul 2008 None Pass Sun Java System ASP < 4.0.3 Multiple Vulnerabilities CVE-2008-2401 CVE-2008-2402 CVE-2008-2403 CVE-2008-2404 CVE-2008-2405 08 Jul 2008 10 (v2) Critical Pass trixbox Dashboard user/index.php langChoice Parameter Local File Inclusion CVE-2008-6825 09 Jul 2008 7.5 (v2) High Pass Dolphin Multiple Scripts Remote File Inclusion CVE-2008-3166 CVE-2008-3167 09 Jul 2008 6.8 (v2) Medium Pass Xerox CentreWare Web < 4.6.46 Multiple Vulnerabilities (XRX08-008) CVE-2008-3121 CVE-2008-3122 11 Jul 2008 6.5 (v2) Medium Pass Maian Scripts Cookie Manipulation Authentication Bypass CVE-2008-3317 CVE-2008-3318 CVE-2008-3319 CVE-2008-3320 CVE-2008-3321 CVE-2008-3322 CVE-2008-7086 15 Jul 2008 7.5 (v2) High Pass CGI::Session File Driver CGISESSID Cookie Traversal Authentication Bypass 18 Jul 2008 5.1 (v2) Medium Pass fuzzylime (cms) comssrss.php fi les[] Parameter Traversal Local File Inclusion CVE-2008-6833 18 Jul 2008 7.5 (v2) High Pass HP System Management Homepage < 2.1.12 Unspeci fi ed XSS CVE-2008-1663 21 Jul 2008 4.3 (v2) Medium Pass Gregarius ajax.php rsargs[] Parameter Array SQL Injection CVE-2008-3374 29 Jul 2008 7.5 (v2) High Pass IBM DB2 < 9.5 Fix Pack 1 Multiple Vulnerabilities CVE-2008-1966 CVE-2008-1997 CVE-2008-1998 CVE-2008-3852 CVE-2008-3854 30 Jul 2008 9.8 (v3) Critical Pass Symphony sym_auth Cookie SQL Injection CVE-2008-3591 04 Aug 2008 7.5 (v2) High Pass PHP 7.3.x < 7.3.5 Heap-based Bu ff er Over fl ow Vulnerability. CVE-2019-11036 10 May 2019 9.1 (v3) Critical Pass Plogger plog-download.php checked[] Parameter SQL Injection CVE-2008-3563 06 Aug 2008 6.8 (v2) Medium Pass Pligg settemplate.php template Parameter Local File Inclusion CVE-2008-7090 08 Aug 2008 5.1 (v2) Medium Pass PHP < 4.4.9 Multiple Vulnerabilities CVE-2007-4850 CVE-2008-3658 CVE-2008-3659 CVE-2008-3660 CVE-2009-0754 08 Aug 2008 7.5 (v2) High Pass e107 download.php extract() Function Variable Overwrite 10 Aug 2008 8.8 (v3) High Pass RTH login.php uname Parameter SQL Injection 11 Aug 2008 6.8 (v2) Medium Pass Joomla! reset.php Reset Token Validation Forgery CVE-2008-3681 13 Aug 2008 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.18 Heap-based Bu ff er Over fl ow Vulnerability. CVE-2019-11036 10 May 2019 9.1 (v3) Critical Pass dotCMS Multiple Script id Parameter Traversal Local File Inclusion CVE-2008-3708 18 Aug 2008 5 (v2) Medium Pass Serv-U 7.x < 7.2.0.1 SFTP Directory Creation Logging DoS CVE-2008-3731 20 Aug 2008 5 (v2) Medium Pass Kayako SupportSuite < 3.30.01 Multiple Vulnerabilities CVE-2008-3700 CVE-2008-3701 22 Aug 2008 4.3 (v2) Medium Pass TWiki bin/con fi gure 'image' Parameter Traversal Arbitrary File Access/Execution CVE-2008-3195 23 Aug 2008 8.8 (v3) High Pass IBM DB2 9.5 < Fix Pack 2 Multiple Vulnerabilities CVE-2008-2154 CVE-2008-3852 CVE-2008-4692 CVE-2008-4693 CVE-2008-6821 28 Aug 2008 7.3 (v3) High Pass Unpassworded 'r00t' account CVE-1999-0502 04 Sep 2008 9.8 (v3) Critical Pass Moodle 'lib/kses.php' 'kses_bad_protocol_once' Function Arbitrary PHP Code Execution 05 Sep 2008 7.5 (v2) High Pass Zen Cart products_id[] Array SQL Injection CVE-2008-6986 08 Sep 2008 6.8 (v2) Medium Pass pluck < 4.5.3 Multiple Local File Include Vulnerabilities CVE-2008-3851 11 Sep 2008 6.8 (v2) Medium Pass IBM DB2 8 < Fix Pack 17 Multiple Vulnerabilities CVE-2008-2154 CVE-2008-3856 CVE-2008-3958 CVE-2008-3960 CVE-2008-6820 CVE-2008-6821 12 Sep 2008 9.8 (v3) Critical Pass Calendarix Basic cal_cat.php catview Parameter SQL Injection CVE-2008-2429 14 Sep 2008 7.5 (v2) High Pass Simple Machines Forum Validation Code Prediction Arbitrary Password Reset CVE-2008-6971 15 Sep 2008 7.5 (v2) High Pass BNC Detection 17 Sep 2008 None Pass ezbounce Detection 17 Sep 2008 None Pass Observer <= 0.3.2.1 Multiple Remote Command Execution Vulnerabilities 25 Sep 2008 7.5 (v2) High Pass Pluck update.php Remote Privilege Escalation 28 Sep 2008 6.4 (v2) Medium Pass Default Password (rootme) for 'root' Account CVE-1999-0502 01 Oct 2008 9.8 (v3) Critical Pass Dns2TCP Service Detection 02 Oct 2008 None Pass OpenNMS Web Console Detection 07 Oct 2008 None Pass TOM-Skype Detection 07 Oct 2008 None Pass Trend Micro O ffi ceScan Client Traversal Arbitrary File Access CVE-2008-2439 08 Oct 2008 5 (v2) Medium Pass Zebedee Server Detection 08 Oct 2008 None Pass echoServer Detection 09 Oct 2008 None Pass Openads Delivery Engine OA_Delivery_Cache_store() Function name Argument Arbitrary PHP Code Execution CVE-2008-0635 09 Oct 2008 7.5 (v2) High Pass OpenX ac.php bannerid Parameter SQL Injection CVE-2008-6163 09 Oct 2008 7.5 (v2) High Pass ASG-Sentry CGI Detection 14 Oct 2008 None Pass Serv-U 7.x < 7.3.0.1 Multiple Remote Vulnerabilities (DoS, Traversal) CVE-2008-4500 CVE-2008-4501 14 Oct 2008 9 (v2) High Pass GForge top/topusers.php o ff set Parameter SQL Injection CVE-2008-6189 14 Oct 2008 7.5 (v2) High Pass Default Password (gforge) for 'root' Account CVE-1999-0502 15 Oct 2008 9.8 (v3) Critical Pass Default Password (testpass123) for 'root' Account CVE-1999-0502 15 Oct 2008 9.8 (v3) Critical Pass PhpWebGallery comments.php sort_by Parameter SQL Injection CVE-2008-4645 15 Oct 2008 7.5 (v2) High Pass Ignite Gallery Component for Joomla! 'gallery' Parameter SQLi CVE-2008-6182 15 Oct 2008 7.3 (v3) High Pass Apache mod_proxy_ftp Directory Component Wildcard Character Globbing XSS CVE-2008-2939 16 Oct 2008 5.3 (v3) Medium Pass yappa-ng index.php album Parameter Local File Inclusion CVE-2008-4626 21 Oct 2008 6.8 (v2) Medium Pass HTTP CONNECT Proxy Detection 22 Oct 2008 None 58

Pass IBM DB2 9.1 < Fix Pack 6 Multiple Vulnerabilities CVE-2008-4691 CVE-2008-4692 CVE-2008-4693 22 Oct 2008 7.3 (v3) High Pass Condor Service Detection 04 Nov 2008 None Pass HP System Management Homepage < 2.1.15.210 Unspeci fi ed XSS CVE-2008-4411 04 Nov 2008 4.3 (v2) Medium Pass PHPWebAdmin for hMailServer Multiple File Inclusions 09 Nov 2008 6.8 (v2) Medium Pass Yosemite Backup Service Driver Detection 12 Nov 2008 None Pass Apache Struts 2 devMode Information Disclosure 24 Nov 2008 4.3 (v2) Medium Pass CMS Made Simple admin/login.php cms_language Cookie Local File Inclusion CVE-2008-5642 01 Dec 2008 6.8 (v2) Medium Pass OraMon con fi g/oramon.ini Information Disclosure 03 Dec 2008 5 (v2) Medium Pass Dell Remote Access Controller Default Password (calvin) for 'root' Account 03 Dec 2008 9.8 (v3) Critical Pass Oempro index.php FormValue_Email Parameter SQL Injection Authentication Bypass CVE-2008-3058 05 Dec 2008 7.5 (v2) High Pass PHP 5 < 5.2.7 Multiple Vulnerabilities CVE-2008-2371 CVE-2008-2665 CVE-2008-2666 CVE-2008-2829 CVE-2008-3658 CVE-2008-3659 CVE-2008-3660 CVE-2008-5557 CVE-2008-5624 CVE-2008-5625 CVE-2008-5658 CVE-2008-7068 CVE-2014-8626 05 Dec 2008 7.5 (v2) High Pass PHP < 5.2.8 Multiple Vulnerabilities CVE-2008-5814 CVE-2008-5844 09 Dec 2008 7.5 (v2) High Pass Moodle ' fi lter/tex/texed.php' 'pathname' Parameter Remote Command Execution 14 Dec 2008 5.1 (v2) Medium Pass Live Chat Component for Joomla! 'last' Parameter Multiple SQLi CVE-2008-6881 CVE-2008-6883 15 Dec 2008 7.3 (v3) High Pass Kerio MailServer < 6.6.2 Multiple XSS (KSEC-2008-12-16-01) CVE-2008-5760 CVE-2008-5769 22 Dec 2008 4.3 (v2) Medium Pass phpList cline Parameter Array Remote File Inclusion CVE-2008-5887 22 Dec 2008 7.5 (v2) High Pass OneOrZero Helpdesk tinfo.php Arbitrary File Upload 23 Dec 2008 7.5 (v2) High Pass Pligg evb/check_url.php url Parameter SQL Injection CVE-2008-5739 23 Dec 2008 6.8 (v2) Medium Pass RoundCube Webmail bin/html2text.php Post Request Remote PHP Code Execution CVE-2008-5619 26 Dec 2008 8.8 (v3) High Pass XOOPS xoopsCon fi g[language] Parameter Local File Inclusion (DSECRG-08-040) CVE-2008-6884 29 Dec 2008 6.8 (v2) Medium Pass IceWarp Merak Mail Server < 9.4.0 IMG Tag XSS CVE-2008-5734 30 Dec 2008 4.3 (v2) Medium Pass Apache Roller q Parameter XSS CVE-2008-6879 07 Jan 2009 4.3 (v2) Medium Pass TCL Shell (tclsh) Arbitrary Command Execution CVE-2009-0043 08 Jan 2009 8.8 (v3) High Pass XStandard Lite Plugin for Joomla! X_CMS_LIBRARY_PATH Header Directory Traversal CVE-2009-0113 08 Jan 2009 5.3 (v3) Medium Pass XOOPS Multiple Scripts mydirname Parameter Arbitrary Command Injection 09 Jan 2009 8.8 (v3) High Pass Serv-U 7.x < 7.4.0.0 Multiple Command Remote DoS 09 Jan 2009 4 (v2) Medium Pass HDHomeRun Control Service Detection 13 Jan 2009 None Pass phpList <= 2.10.8 Variable Overwriting 16 Jan 2009 7.5 (v2) High Pass Eventing Component for Joomla! 'catid' Parameter SQLi CVE-2009-0421 21 Jan 2009 7.3 (v3) High Pass Apache Jackrabbit 'q' Parameter XSS CVE-2009-0026 23 Jan 2009 4.3 (v2) Medium Pass PHP 7.1.x < 7.1.29 Heap-based Bu ff er Over fl ow Vulnerability. CVE-2019-11036 10 May 2019 9.1 (v3) Critical Pass gigCalendar Component for Joomla! 'gigcal_gigs_id' Parameter SQLi CVE-2009-0726 29 Jan 2009 5.6 (v3) Medium Pass Horde Horde_Image::factory driver Argument Local File Inclusion CVE-2009-0932 29 Jan 2009 7.5 (v2) High Pass OpenX fc.php MAX_type Parameter Traversal Local File Inclusion CVE-2009-0291 30 Jan 2009 7.5 (v2) High Pass phpSlash fi elds Parameter PHP Code Injection CVE-2009-0517 04 Feb 2009 8.8 (v3) High Pass Meeting Room Booking System (MRBS) month.php area Parameter SQL Injection CVE-2008-4620 05 Feb 2009 7.5 (v2) High Pass Jaws language Parameter Multiple Local File Includes CVE-2009-0645 06 Feb 2009 7.5 (v2) High Pass Sun OpenSSO / Java System Access Manager Login Module User Account Enumeration Weakness CVE-2009-0348 09 Feb 2009 5 (v2) Medium Pass TYPO3 'jumpUrl' Mechanism Information Disclosure CVE-2009-0815 12 Feb 2009 5 (v2) Medium Pass Default Password (password) for 'admin' Account CVE-1999-0501 CVE-1999-0502 12 Feb 2009 9.8 (v3) Critical Pass SquirrelMail HTTPS Session Cookie Secure Flag Weakness CVE-2008-3663 12 Feb 2009 5 (v2) Medium Pass Novell GroupWise < 7.03HP2 / 8.0HP1 WebAccess Multiple XSS CVE-2009-0273 21 Feb 2009 4.3 (v2) Medium Pass Moodle Forum 'post.php' Unauthorized Post Deletion CSRF CVE-2009-0499 27 Feb 2009 4.3 (v2) Medium Pass PHP < 5.2.9 Multiple Vulnerabilities CVE-2008-5498 CVE-2009-1271 CVE-2009-1272 27 Feb 2009 5 (v2) Medium Pass Drupal Theme System Template Local File Inclusion 28 Feb 2009 7.5 (v2) High Pass Default Password (toor) for 'root' Account CVE-1999-0502 05 Mar 2009 9.8 (v3) Critical Pass Zabbix Web Interface extlang[] Parameter Remote Code Execution 07 Mar 2009 8.8 (v3) High Pass OneOrZero Helpdesk default_language Local File Inclusion CVE-2009-0886 09 Mar 2009 6.8 (v2) Medium Pass AWStats ' awstats.pl ' Path Disclosure 20 Mar 2009 5 (v2) Medium Pass NextApp Echo XML Parsing Information Disclosure Vulnerability 26 Mar 2009 8.5 (v2) High Pass Serv-U < 8.0.0.1 Multiple Vulnerabilities (DoS, Traversal) CVE-2009-0967 CVE-2009-1031 27 Mar 2009 4 (v2) Medium Pass Moodle LaTeX Information Disclosure CVE-2009-1171 30 Mar 2009 4.3 (v2) Medium Pass SAP DB / MaxDB WebDBM Multiple Parameter XSS 01 Apr 2009 4.3 (v2) Medium Pass phpMyAdmin fi le_path Parameter Vulnerabilities (PMASA-2009-1) 03 Apr 2009 5 (v2) Medium Pass ZENworks Remote Management Agent Detection 06 Apr 2009 None Pass mod_perl Apache::Status URI XSS CVE-2009-0796 07 Apr 2009 2.6 (v2) Low Pass Jinzora name Parameter Local File Inclusion CVE-2009-2313 07 Apr 2009 6.8 (v2) Medium Pass Geeklog SEC_authenticate Function SQL Injection 13 Apr 2009 7.5 (v2) High Pass phpMyAdmin Setup Script Con fi guration Parameters Arbitrary PHP Code Injection (PMASA-2009-4) CVE-2009-1285 16 Apr 2009 7.5 (v2) High Pass Atlassian JIRA < 3.13.3 DWR 'c0-id' XSS 17 Apr 2009 4.3 (v2) Medium Pass Novell Teaming Login User Account Enumeration Weakness CVE-2009-1293 21 Apr 2009 5 (v2) Medium Pass IBM DB2 9.1 < Fix Pack 7 Multiple Vulnerabilities CVE-2009-1239 CVE-2009-1905 CVE-2009-1906 22 Apr 2009 5.3 (v3) Medium Pass Con fi cker P2P Service Detection 22 Apr 2009 10 (v2) Critical Pass Sun Java System Identity Manager Account Disclosure CVE-2009-1075 CVE-2009-1076 28 Apr 2009 5 (v2) Medium Pass Apache Struts 2 s:a / s:url Tag href Element XSS CVE-2008-6682 29 Apr 2009 3.7 (v3) Low Pass Intel Common Base Agent CreateProcessA() Function Remote Command Execution CVE-2009-1429 03 May 2009 10 (v2) Critical Pass OpenCart route Parameter Local File Inclusion CVE-2009-1621 03 May 2009 6.8 (v2) Medium Pass LimeSurvey sUser Parameter SQL Injection CVE-2009-1604 06 May 2009 7.5 (v2) High Pass Sun Java System Identity Manager ext Parameter Arbitrary File Retrieval CVE-2008-5116 06 May 2009 7.8 (v2) High Pass Adobe Flash Media Server RPC Privilege Escalation (APSB09-05) CVE-2009-1365 07 May 2009 7.5 (v2) High Pass IceWarp Merak WebMail Server < 9.4.2 Multiple Vulnerabilities CVE-2009-1467 CVE-2009-1468 CVE-2009-1469 08 May 2009 5.8 (v2) Medium Pass SquirrelMail contrib/decrypt_headers.php XSS CVE-2009-1578 15 May 2009 4.3 (v2) Medium Pass Flyspeck lang Parameter Local File Inclusion CVE-2009-1770 19 May 2009 6.8 (v2) Medium Pass HP System Management Homepage < 3.0.1.73 Multiple Flaws CVE-2008-5077 CVE-2008-5814 CVE-2009-1418 20 May 2009 5 (v2) Medium Pass Coppermine Photo Gallery GLOBALS[USER[lang] Parameter Local File Inclusion 25 May 2009 6.8 (v2) Medium Pass Novell GroupWise WebAccess Login Page User.lang Parameter XSS CVE-2009-1635 27 May 2009 4.3 (v2) Medium Pass DNN (DotNetNuke) ErrorPage.aspx XSS 27 May 2009 4.3 (v2) Medium Pass JVideo! Component for Joomla! 'user_id' Parameter SQLi CVE-2009-4938 01 Jun 2009 7.3 (v3) High Pass CactuShop 5.x Multiple Remote Vulnerabilities (XSS, SQLi) CVE-2004-1881 CVE-2004-1882 12 Oct 2004 7.5 (v2) High Pass IBM DB2 < 9.5 Fix Pack 4 Multiple Vulnerabilities CVE-2009-1905 CVE-2009-1906 CVE-2009-3471 CVE-2009-3472 03 Jun 2009 6.5 (v3) Medium Pass Joomla! < 1.5.11 JA_Purity Template Multiple XSS CVE-2009-1939 09 Jun 2009 4.7 (v3) Medium Pass Kerio MailServer < 6.6.2 Patch 3 / 6.7.0 Patch 1 XSS (KSEC-2009-06-08-01) CVE-2009-2636 11 Jun 2009 4.3 (v2) Medium Pass Drupal SA-CONTRIB-2009-036: Services Module Key-Based Access Bypass CVE-2009-2035 11 Jun 2009 6.4 (v2) Medium Pass CGI Generic XSS (quick test) 19 Jun 2009 4.3 (v2) Medium Pass PHP < 5.2.10 Multiple Vulnerabilities CVE-2009-2687 22 Jun 2009 5.1 (v2) Medium Pass Acajoom Component for Joomla! <= 3.2.6 Backdoor Detection 23 Jun 2009 7.3 (v3) High Pass Zen Cart password_forgotten.php Admin Access Bypass CVE-2009-2254 CVE-2009-2255 24 Jun 2009 7.5 (v2) High Pass Movable Type mt-wizard.cgi set_static_uri_to Parameter XSS CVE-2009-2480 26 Jun 2009 4.3 (v2) Medium Pass IBM Rational ClearQuest Multiple XSS Flaws CVE-2007-4592 02 Jul 2009 4.3 (v2) Medium Pass HP DDMI Web Interface Default Credentials 06 Jul 2009 7.5 (v2) High Pass FireStats < 1.6.2 Multiple Vulnerabilities CVE-2009-2143 CVE-2009-2144 07 Jul 2009 7.5 (v2) High Pass FCKeditor 'CurrentFolder' Arbitrary File Upload CVE-2009-2265 15 Jul 2009 8.8 (v3) High Pass BackOri fi ce Software Detection 29 Jul 1999 10 (v2) Critical Pass c fi ngerd Wildcard Argument Information Disclosure CVE-1999-0259 22 Jun 1999 5 (v2) Medium Pass CVS pserver Detection 12 Oct 1999 None Pass DeepThroat Backdoor Detection 08 Jul 1999 10 (v2) Critical Pass IBM Lotus Domino ?open Forced Directory Listing 09 Jul 1999 6.8 (v2) Medium Pass IBM Lotus Domino HTTP Server Filesystem Setup Disclosure CVE-2000-0021 21 Dec 1999 5 (v2) Medium Pass IBM Lotus Domino HTTP /cgi-bin Relative URL Request DoS CVE-2000-0023 21 Dec 1999 5 (v2) Medium Pass Microsoft FrontPage Extensions Check CVE-2000-0114 22 Aug 1999 5.3 (v3) Medium Pass GirlFriend Backdoor Detection 09 Jul 1999 10 (v2) Critical Pass HP LaserJet LCD Display Modi fi cation 22 Jun 1999 5 (v2) Medium Pass HP LaserJet Direct Print Filter Bypass CVE-1999-1062 22 Jun 1999 5 (v2) Medium Pass Microsoft IIS Traversal GET Request Remote DoS CVE-1999-0229 22 Jun 1999 5 (v2) Medium Pass Microsoft IIS perl.exe HTTP Path Disclosure CVE-1999-0450 22 Jun 1999 5 (v2) Medium Pass MS99-059: Microsoft SQL Server Crafted TCP Packet Remote DoS (uncredentialed check) CVE-1999-0999 22 Nov 1999 5.3 (v3) Medium Pass NetBus 1.x Software Detection CVE-2003-1475 18 Aug 1999 7.5 (v2) High Pass Netscape Server ?PageServices Request Forced Directory Listing CVE-1999-0269 22 Jun 1999 5 (v2) Medium Pass Netscape Enterprise Server SSL Handshake DoS CVE-1999-0752 07 Jul 1999 5 (v2) Medium Pass Netscape FastTrack get Command Forced Directory Listing CVE-1999-0239 22 Jun 1999 5 (v2) Medium Pass NCDSA HTTPd nph-test-cgi Arbitrary Directory Listing CVE-1999-0045 22 Jun 1999 5 (v2) Medium Pass Portal of Doom Backdoor Detection 09 Jul 1999 10 (v2) Critical 59

Pass rsh Service Detection CVE-1999-0651 22 Aug 1999 7.5 (v2) High Pass WebSite Pro Malformed URL Path Disclosure CVE-2000-0066 13 Jan 2000 5 (v2) Medium Pass Ipswitch IMail / SLMail VRFY Command Remote Over fl ow CVE-1999-0231 22 Jun 1999 5 (v2) Medium Pass Multiple Vendor test-cgi Arbitrary File Access CVE-1999-0070 22 Jun 1999 5 (v2) Medium Pass Trin00 Trojan Detection CVE-2000-0138 05 Feb 2000 10 (v2) Critical Pass Trin00 for Windows Trojan Detection CVE-2000-0138 28 Feb 2000 10 (v2) Critical Pass WinGate Proxy POP3 USER Over fl ow CVE-1999-0494 22 Jun 1999 5 (v2) Medium Pass Zeus Web Server Null Byte Request CGI Source Disclosure CVE-2000-0149 11 Feb 2000 5 (v2) Medium Pass Shaft Trojan Detection CVE-2000-0138 17 Mar 2000 10 (v2) Critical Pass Netscape Server ?wp-* Publishing Tags Forced Directory Listing CVE-2000-0236 22 Mar 2000 5 (v2) Medium Pass Microsoft IIS /iisadmin Unrestricted Access CVE-1999-1538 01 Apr 2000 2.1 (v2) Low Pass Microsoft IIS ASP::$DATA ASP Source Disclosure CVE-1999-0278 10 Apr 2000 5 (v2) Medium Pass AnalogX SimpleServer:WWW Short GET /cgi-bin Remote DoS CVE-2000-0243 12 Apr 2000 5 (v2) Medium Pass Microsoft IIS /iisadmpwd/aexp2.htr Password Policy Bypass CVE-1999-0407 CVE-2002-0421 15 Apr 2000 10 (v2) Critical Pass Microsoft FrontPage htimage.exe CGI Remote Over fl ow CVE-2000-0256 19 Apr 2000 7.5 (v2) High Pass RealServer Port 7070 Malformed Input DoS CVE-2000-0272 22 Apr 2000 5 (v2) Medium Pass mstream DDoS Agent Detection CVE-2000-0138 02 May 2000 5 (v2) Medium Pass PostgreSQL Default Unpassworded Account CVE-1999-0508 27 Jul 2000 7.5 (v2) High Pass MS00-006: Microsoft IIS IDA/IDQ Multiple Vulnerabilities (uncredentialed check) CVE-2000-0071 CVE-2000-0098 CVE-2000-0302 24 Aug 2000 5 (v2) Medium Pass Netwin Netauth netauth.cgi Traversal Arbitrary File Access CVE-2000-0782 24 Aug 2000 5 (v2) Medium Pass mstream DDoS Handler Detection CVE-2000-0138 02 May 2000 5 (v2) Medium Pass Standard & Poor's ComStock MultiCSP Detection CVE-2000-0109 25 May 2000 10 (v2) Critical Pass Axis Camera Default Password CVE-2001-1543 06 Sep 2000 7.5 (v2) High Pass YaBB YaBB.pl num Parameter Traversal Arbitrary File Access CVE-2000-0853 12 Sep 2000 5 (v2) Medium Pass Sambar Server ISAPI Search Utility search.dll Arbitrary Directory Listing CVE-2000-0835 16 Sep 2000 5 (v2) Medium Pass PHP Error Log Format String Command Injection CVE-2000-0967 14 Oct 2000 6.8 (v2) Medium Pass Netscape Messaging Server IMAP LIST Command Remote Over fl ow CVE-2000-0961 19 Dec 2000 10 (v2) Critical Pass Technote main.cgi fi lename Parameter Traversal Arbitrary File Access CVE-2001-0075 29 Dec 2000 7.8 (v2) High Pass Microsoft IIS Unicode Remote Command Execution CVE-2000-0884 18 Oct 2000 10 (v2) Critical Pass Samba Web Administration Tool (SWAT) Error Message Username Enumeration CVE-2000-0938 08 Jan 2001 5 (v2) Medium Pass Phorum common.php ForumLang Parameter Traversal Arbitrary File Access 09 Jan 2001 5 (v2) Medium Pass Oracle Application Server XSQL Stylesheet Arbitrary Java Code Execution CVE-2001-0126 22 Jan 2001 7.5 (v2) High Pass Pi3Web tstisap.dll Long URL Over fl ow CVE-2001-0302 CVE-2001-0303 20 Feb 2001 7.5 (v2) High Pass PHP < 4.0.4 IMAP Module imap_open() Function Over fl ow 08 Mar 2001 6.8 (v2) Medium Pass Microsoft IIS WebDAV Malformed PROPFIND Request Remote DoS CVE-2001-0151 08 Mar 2001 7.8 (v2) High Pass PHP-Nuke opendir.php Traversal Arbitrary File Read CVE-2001-0321 17 Apr 2001 5 (v2) Medium Pass MS01-023: Microsoft IIS 5.0 Malformed HTTP Printer Request Header Remote Bu ff er Over fl ow (953155) (uncredentialed check) CVE-2001-0241 01 May 2001 10 (v2) Critical Pass Microsoft IIS 5 .printer ISAPI Filter Enabled 03 May 2001 None Pass PHP3 Physical Path Disclosure via POST Requests 27 Feb 2015 5 (v2) Medium Pass MS01-026 / MS01-044: Microsoft IIS Remote Command Execution (uncredentialed check) CVE-2001-0333 CVE-2001-0507 15 May 2001 7.5 (v2) High Pass Microsoft SQL Server sa Account Default Blank Password CVE-2000-1209 25 May 2001 10 (v3) Critical Pass Microsoft IIS Source Fragment Disclosure CVE-2000-0457 CVE-2000-0630 29 May 2001 5 (v2) Medium Pass Netscape Messenging Server POP3 Error Message User Account Enumeration CVE-2000-0960 29 May 2001 5 (v2) Medium Pass Microsoft IIS ISAPI Filter Multiple Vulnerabilities (MS01-044) CVE-2001-0500 CVE-2001-0506 CVE-2001-0507 CVE-2001-0508 CVE-2001-0544 CVE-2001-0545 19 Jun 2001 10 (v2) Critical Pass Netscape Enterprise Web Publishing INDEX Command Arbitrary Directory Listing CVE-2001-0250 15 Jun 2001 5 (v2) Medium Pass Microsoft IIS .IDA ISAPI Filter Enabled 19 Jun 2001 None Pass WebLogic Server Double Dot GET Request Remote Over fl ow CVE-2001-0098 21 Jun 2001 10 (v2) Critical Pass PHP Safe Mode mail Function 5th Parameter Arbitrary Command Execution CVE-2001-1246 02 Jul 2001 4.6 (v2) Medium Pass Raptor Firewall 6.5 HTTP Proxy Detection 23 Aug 2001 5 (v2) Medium Pass PhpMyExplorer index.php chemin Parameter Encoded Traversal Arbitrary File Access CVE-2001-1168 07 Sep 2001 5 (v2) Medium Pass Apple Mac OS X Find-By-Content .DS_Store Web Directory Listing CVE-2001-1446 14 Sep 2001 5 (v2) Medium Pass Web Server HTTP Header Internal IP Disclosure CVE-2000-0649 14 Sep 2001 3.1 (v3) Low Pass Alcatel ADSL Modem Unrestricted Remote Access CVE-2001-1424 14 Sep 2001 7.5 (v2) High Pass Squid mkdir-only PUT Request Remote DoS CVE-2001-0843 26 Sep 2001 5 (v2) Medium Pass IBM HTTP Server on AS/400 Trailing Slash Source Code Disclosure 08 Nov 2001 5 (v2) Medium Pass Oracle Application Server Web Cache Multiple Remote DoS CVE-2002-0102 25 Nov 2001 4.3 (v2) Medium Pass Allaire JRun Encoded JSP Request Directory Listing CVE-2001-1510 16 Feb 2016 5 (v2) Medium Pass Apache Win32 ScriptAlias php.exe Arbitrary File Access CVE-2002-2029 25 Jan 2002 5 (v2) Medium Pass Oracle 9iAS mod_plsql Help Page Request Remote Over fl ow CVE-2001-1216 25 Jan 2002 7.5 (v2) High Pass Microsoft IIS ASP Redirection Function XSS CVE-2003-0223 05 Feb 2002 4.3 (v2) Medium Pass Oracle 9iAS DMS / JPM Pages Anonymous Access CVE-2002-0563 07 Feb 2002 5 (v2) Medium Pass Oracle 9iAS globals.jsa Database Credential Remote Disclosure CVE-2002-0562 07 Feb 2002 5 (v2) Medium Pass Oracle 9iAS Java Process Manager /oprocmgr-status Anonymous Process Manipulation CVE-2002-0563 07 Feb 2002 5 (v2) Medium Pass Oracle 9iAS _pages Directory Compiled JSP Source Disclosure CVE-2002-0565 07 Feb 2002 5 (v2) Medium Pass Oracle 9iAS mod_plsql Multiple Procedures XSS 07 Feb 2002 4.3 (v2) Medium Pass Oracle 9iAS mod_plsql Encoded Traversal Arbitrary File Access CVE-2001-1217 07 Feb 2002 5 (v2) Medium Pass PHP-Nuke sql_debug Information Disclosure CVE-2002-2032 07 Feb 2002 5 (v2) Medium Pass IBM DB2 Multiple CGI Single Byte Request Remote DoS CVE-2001-1143 06 Mar 2002 5 (v2) Medium Pass CVS (Web-Based) Entries File Information Disclosure 27 Mar 2002 5 (v2) Medium Pass Oracle JSP Apache/Jserv Path Translation Arbitrary JSP File Execution 27 Mar 2002 6.8 (v2) Medium Pass EFTP Multiple Command Traversal Arbitrary Directory Listing CVE-2001-1109 29 Mar 2002 4 (v2) Medium Pass Microsoft IIS Multiple Remote DoS (MS02-018 / Q319733) CVE-2000-0226 CVE-2002-0072 11 Apr 2002 5 (v2) Medium Pass MS02-018: Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS (319733) (intrusive check) CVE-2002-0224 20 Apr 2002 7.8 (v2) High Pass Microsoft IIS / Site Server codebrws.asp Arbitrary Source Disclosure CVE-1999-0739 22 May 2002 5 (v2) Medium Pass University of Washington imap Server (uw-imapd) BODY Request Remote Over fl ow CVE-2002-0379 29 May 2002 6.5 (v2) Medium Pass Microsoft ASP.NET Application Tracing trace.axd Information Disclosure 05 Jun 2002 5 (v2) Medium Pass Microsoft IIS Potentially Compromised Host Detection 05 Jun 2002 10 (v2) Critical Pass Apache on Windows php.exe Malformed Request Path Disclosure CVE-2002-0249 09 Jun 2002 5 (v2) Medium Pass IBM WebSphere Traversal Error Page XSS 08 Jun 2002 4.3 (v2) Medium Pass Cisco ATA-186 Password Circumvention / Recovery CVE-2002-0769 05 Jun 2002 10 (v2) Critical Pass eDonkey Detection 08 Jun 2002 None Pass Apache Tomcat /servlet Mapping XSS CVE-2002-0682 10 Jul 2002 4.3 (v2) Medium Pass Apache Tomcat TroubleShooter Servlet Information Disclosure CVE-2002-2006 15 Jul 2002 5 (v2) Medium Pass AWOL helperfunction.php includedir Parameter Remote File Inclusion CVE-2001-1048 22 Aug 2002 8.3 (v3) High Pass Gallery includedir Parameter Remote File Inclusion CVE-2001-1234 29 Aug 2002 8.3 (v3) High Pass phpMyAdmin sql.php Traversal Arbitrary File Access CVE-2001-0478 04 Sep 2002 5.1 (v2) Medium Pass mldonkey Detection (WWW) 17 Sep 2002 None Pass CGI Generic SQL Injection 23 Jul 2009 7.5 (v2) High Pass Netscape Enterprise Default Administrative Password CVE-1999-0502 22 Jan 2003 7.5 (v2) High Pass Oracle 9iAS soapdocs Directory Remote Information Disclosure 11 Feb 2003 5 (v2) Medium Pass Oracle 9iAS XSQLServlet soapCon fi g.xml Authentication Credentials Disclosure CVE-2002-0568 11 Feb 2003 5 (v2) Medium Pass Oracle 9iAS OWA_UTIL Stored Procedures Information Disclosure CVE-2002-0560 11 Feb 2003 5 (v2) Medium Pass Oracle 9iAS Default SOAP Con fi guration Unauthorized Application Deployment CVE-2001-1371 11 Feb 2003 7.5 (v2) High Pass PHP < 4.3.1 CGI Module Force Redirect Settings Bypass Arbitrary File Access CVE-2003-0097 CVE-2006-4812 18 Feb 2003 7.5 (v2) High Pass Unpassworded 'guest' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'EZsetup' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'demos' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded '4Dgifts' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'OutOfBox' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'lp' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'sync' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'date' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'backdoor' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'tutor' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'toor' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'hax0r' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'friday' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (root) for 'root' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (guest) for 'guest' Account CVE-1999-0501 CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (manager) for 'system' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (glftpd) for 'glftpd' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'StoogR' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical 60

Pass Default Password (wank) for 'wank' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (D13HH[) for 'root' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (D13hh[) for 'root' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (lrkr0x) for 'gamez' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (wh00t!) for 'root' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (satori) for 'rewt' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'jill' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Invision Power Board ipchat.php root_path Parameter Remote File Inclusion CVE-2003-1385 27 Feb 2003 8.3 (v3) High Pass Apple QuickTime/Darwin Streaming Server Multiple Remote Vulnerabilities CVE-2003-0050 CVE-2003-0051 CVE-2003-0052 CVE-2003-0053 CVE-2003-0054 CVE-2003-0055 CVE-2003-1414 28 Feb 2003 7.5 (v2) High Pass TYPO3 < 3.5.0 Multiple Vulnerabilities 28 Feb 2003 10 (v2) Critical Pass myphpPageTool /doc/admin/index.php ptinclude Parameter Remote File Inclusion CVE-2007-4947 02 Mar 2003 8.3 (v3) High Pass PHP-Ping index.php pingto Parameter Arbitrary Code Execution 06 Mar 2003 7.5 (v2) High Pass Kietu index.php Remote File Inclusion 07 Mar 2003 8.3 (v3) High Pass IBM Lotus Domino < 5.0.12 / 6.0.1 Multiple Vulnerabilities CVE-2001-1311 CVE-2003-0123 10 Mar 2003 7.5 (v2) High Pass IBM Lotus Domino Directory Traversal Arbitrary File Access CVE-2001-0009 10 Mar 2003 5 (v2) Medium Pass Upload Lite upload.cgi Arbitrary File Upload 12 Mar 2003 7.5 (v2) High Pass smb2www Proxy Bypass 14 Mar 2003 5 (v2) Medium Pass MySQL datadir/my.cnf Modi fi cation Privilege Escalation CVE-2003-0150 14 Mar 2003 9 (v2) High Pass IBM Domino nsf File Argument XSS CVE-2001-1161 15 Mar 2003 4.3 (v2) Medium Pass Microsoft IIS shtml.dll XSS CVE-2000-0746 15 Mar 2003 4.7 (v3) Medium Pass Sun ONE (iPlanet) Application Server Detection 16 Mar 2003 None Pass Microsoft IIS WebDAV ntdll.dll Remote Over fl ow (MS03-007) CVE-2003-0109 18 Mar 2003 7.5 (v2) High Pass SquirrelMail 1.2.9 / 1.2.10 read_body.php Multiple Parameter XSS CVE-2002-1341 19 Mar 2003 4.3 (v2) Medium Pass Web Server O ffi ce File Inventory 19 Mar 2003 None Pass Guestbook tr3.a Password Disclosure CVE-2003-1541 22 Mar 2003 7.5 (v2) High Pass MS00-019: Microsoft IIS ISAPI Virtual Directory UNC Mapping ASP Source Disclosure (uncredentialed check) CVE-2000-0246 23 Mar 2003 4.3 (v2) Medium Pass Nuked-Klan index.php Multiple Module Vulnerabilities CVE-2003-1238 CVE-2003-1371 23 Mar 2003 5.8 (v2) Medium Pass Oracle 9iAS PL/SQL Gateway Web Admin Interface Null Authentication CVE-2002-0561 24 Mar 2003 7.5 (v2) High Pass J Walk Application Server Encoded Directory Traversal Arbitrary File Access CVE-2003-1529 25 Mar 2003 5 (v2) Medium Pass PHP socket_iovec_alloc() Function Over fl ow CVE-2003-0166 25 Mar 2003 6.8 (v2) Medium Pass Nukestyles.com viewpage.php Addon for PHP-Nuke File Parameter Traversal Arbitrary File Access CVE-2003-1545 25 Mar 2003 7.8 (v2) High Pass PostNuke Members_List Module Information Disclosure 26 Mar 2003 5 (v2) Medium Pass apcnisd / apcupsd Detection 26 Mar 2003 None Pass Horde IMP mailbox.php3 Multiple Parameter SQL Injection CVE-2003-0025 27 Mar 2003 7.5 (v2) High Pass GTcatalog password.inc Direct Request Password Disclosure 03 Apr 2003 5 (v2) Medium Pass AutomatedShops webc.cgi Installation Detection 04 Apr 2003 None Pass XMB < 1.9.1 Multiple XSS CVE-2002-0316 CVE-2003-0375 CVE-2003-0483 08 Apr 2003 4.3 (v2) Medium Pass Web Wiz Site News / Compulsive Media CNU5 news.mdb Direct Request Database Disclosure 14 Apr 2003 5 (v2) Medium Pass Web Wiz Forums wwforum.mdb Direct Request Database Disclosure 17 Apr 2003 5 (v2) Medium Pass Oracle Net Services CREATE DATABASE LINK Query Over fl ow CVE-2003-0222 04 May 2003 9.9 (v3) Critical Pass CommuniGate Pro Referer Field Session Token Disclosure CVE-2003-1481 05 May 2003 5.8 (v2) Medium Pass MDaemon POP Server Multiple Command Remote Over fl ow DoS CVE-2002-1539 05 May 2003 4 (v2) Medium Pass MDaemon IMAP Server CREATE Command Mailbox Name Handling Over fl ow CVE-2003-1470 06 May 2003 9 (v2) High Pass XMB member.php Multiple Parameter SQL Injection 07 May 2003 5 (v2) Medium Pass YaBB SE < 1.5.2 Multiple Vulnerabilities CVE-2000-1176 07 May 2003 6.5 (v2) Medium Pass 12Planet Chat Server Administration Authentication Cleartext Credential Disclosure 07 May 2003 4.3 (v2) Medium Pass WebLogic Crafted GET Request Hostname Disclosure 08 May 2003 5 (v2) Medium Pass Apache 2.0.x < 2.0.46 on OS/2 fi lestat.c Device Name Request DoS CVE-2003-0134 08 May 2003 5.3 (v3) Medium Pass ttforum Multiple Vulnerabilities CVE-2003-1458 CVE-2003-1459 10 May 2003 7.3 (v3) High Pass Horde test.php Direct Reqest Information Disclosure 12 May 2003 5 (v2) Medium Pass Apple AirPort Base Station Authentication Credential Encryption Weakness CVE-2003-0270 12 May 2003 7.6 (v2) High Pass miniPortail admin.php Cookie Manipulation Security Bypass CVE-2003-0272 12 May 2003 10 (v2) Critical Pass SHOUTcast Server Admin Log File XSS 12 May 2003 4.3 (v2) Medium Pass Owl browse.php Authentication Bypass 14 May 2003 5 (v2) Medium Pass WebLogic Multiple Method Cleartext Password Disclosure CVE-2003-1224 CVE-2003-1225 CVE-2003-1226 14 May 2003 1.2 (v2) Low Pass phpMyAdmin < 2.6.0-pl2 Unspeci fi ed Arbitrary Command Execution CVE-2004-2630 17 Oct 2004 6 (v2) Medium Pass WebLogic SSL Certi fi cate Chain User Spoo fi ng 14 May 2003 6.4 (v2) Medium Pass Microsoft BizTalk Server Multiple Remote Vulnerabilities CVE-2003-0117 CVE-2003-0118 20 May 2003 7.5 (v2) High Pass OneOrZero Helpdesk tupdate.php sg Parameter SQL Injection CVE-2003-0303 21 May 2003 7.5 (v2) High Pass Sun ONE Application Server Upper Case Request JSP Source Disclosure CVE-2003-0411 28 May 2003 5 (v2) Medium Pass iisPROTECT Encoded URL Authentication Bypass CVE-2003-0317 28 May 2003 7.5 (v2) High Pass Apache 2.0.x < 2.0.46 Multiple DoS CVE-2003-0189 CVE-2003-0245 29 May 2003 5.3 (v3) Medium Pass PostNuke Sections Module Information Disclosure 29 May 2003 5 (v2) Medium Pass Geeklog <= 1.3.7sr1 Multiple Vulnerabilities (SQLi, XSS, Priv Esc) CVE-2002-0096 CVE-2002-0097 CVE-2002-0962 CVE-2003-1347 29 May 2003 7.5 (v2) High Pass Ultimate PHP Board admin_iplog.php Arbitrary Code Execution CVE-2003-0395 29 May 2003 10 (v2) Critical Pass Remote PC Access Server detection. 29 May 2003 5.8 (v2) Medium Pass Desktop Orbiter Server Detection 03 Jun 2003 7.5 (v2) High Pass WebStores 2000 browse_item_details.asp SQL Injection CVE-2004-0304 03 Jun 2003 7.5 (v2) High Pass Pi3Web Malformed GET Request Remote Over fl ow CVE-2003-0276 03 Jun 2003 5 (v2) Medium Pass Linux Kernel IP Stack ICMP Error Response Arbitrary Memory Information Disclosure CVE-2003-0418 09 Jun 2003 5 (v2) Medium Pass Lotus Domino SMTP Server Forged Localhost Mail Header DoS CVE-2000-1203 11 Jun 2003 5 (v2) Medium Pass PostNuke < 0.7.2.3 Multiple Script XSS 17 Jun 2003 4.3 (v2) Medium Pass CesarFTP Multiple Vulnerabilities (OF, File Access, more) CVE-2001-0826 CVE-2001-1335 CVE-2001-1336 CVE-2003-0329 CVE-2004-0298 CVE-2006-2961 18 Jun 2003 7.5 (v2) High Pass phpMyAdmin < 2.5.2 Multiple Vulnerabilities 18 Jun 2003 5 (v2) Medium Pass Kerio WebMail < 5.7.7 Multiple Vulnerabilities CVE-2002-1434 CVE-2003-0487 CVE-2003-0488 18 Jun 2003 7.5 (v2) High Pass phpBB viewtopic.php topic_id Parameter SQL Injection CVE-2003-0486 19 Jun 2003 7.5 (v2) High Pass e107 db.php User Database Disclosure 24 Jul 2003 5 (v2) Medium Pass PHP < 4.3.3 php_check_safe_mode_include_dir Function Safemode Bypass CVE-2003-0863 25 Jul 2003 5 (v2) Medium Pass Gallery search.php searchstring Parameter XSS CVE-2003-0614 28 Jul 2003 4.3 (v2) Medium Pass ePolicy Orchestrator Multiple Remote Vulnerabilities (OF, FS) CVE-2003-0148 CVE-2003-0149 CVE-2003-0616 31 Jul 2003 10 (v2) Critical Pass Horde IMP IMP_MIME_Viewer_html Class XSS 08 Aug 2003 4.3 (v2) Medium Pass iPlanet Web Server Enterprise Edition URL-encoded Host: Information Disclosure CVE-2001-0327 29 Sep 2003 5.3 (v3) Medium Pass Default Password (ibmdb2) for 'db2inst1' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (db2fenc1) for 'db2fenc1' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (ibmdb2) for 'db2fenc1' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (db2inst) for 'db2inst1' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (ibmdb2) for 'db2as' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (db2as) for 'db2as' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass SOCKS Server Detection 03 Oct 2003 None Pass Microsoft IIS 404 Response Service Pack Signature 09 Oct 2003 None Pass Gallery index.php GALLERY_BASEDIR Parameter Remote File Inclusion CVE-2003-1227 11 Oct 2003 8.3 (v3) High Pass Compaq Web-enabled Management Software Default Account 13 Oct 2003 7.5 (v2) High Pass NetInfo Daemon Detection 19 Oct 2003 None Pass Open Shortest Path First (OSPF) Agent Detection 25 Oct 2003 None Pass EGP Detection 25 Oct 2003 None Pass PostgreSQL to_ascii() Function Remote Over fl ows CVE-2003-0901 04 Nov 2003 7.5 (v2) High Pass Resin Status Page Information Disclosure 22 Nov 2003 5 (v2) Medium Pass phpBB < 2.0.7 Multiple Script SQL Injection CVE-2003-1215 CVE-2003-1216 04 Dec 2003 7.5 (v2) High Pass PHP-Ping php-ping.php count Parameter Arbitrary Command Execution 29 Dec 2003 7.5 (v2) High Pass vBulletin calendar.php eventid Parameter SQL Injection CVE-2004-0036 06 Jan 2004 7.5 (v2) High Pass PhpDig con fi g.php relative_script_path Parameter Remote File Inclusion CVE-2004-0068 15 Jan 2004 8.3 (v3) High Pass Gallery HTTP Global Variables File Inclusion CVE-2004-2124 29 Jan 2004 5.8 (v3) Medium Pass Serv-U SITE CHMOD Command Multiple Vulnerabilities CVE-2004-2111 CVE-2004-2533 02 Feb 2004 8.5 (v2) High Pass Photopost PHP Pro photo Parameter SQL Injection CVE-2004-0239 03 Feb 2004 7.5 (v2) High Pass phpMyAdmin export.php what Parameter Traversal Arbitrary File Access CVE-2004-0129 03 Feb 2004 5.1 (v2) Medium Pass Oracle Database 9i Multiple Functions Local Over fl ow CVE-2003-1208 06 Feb 2004 10 (v2) Critical Pass Oracle Multiple Products SOAP Message Crafted DTD Remote DoS CVE-2004-2244 21 Feb 2004 5 (v2) Medium Pass X-News Password MD5 Hash Authentication Bypass CVE-2002-1656 21 Feb 2004 7.5 (v2) High Pass phpBB < 2.0.7 Multiple XSS CVE-2004-1809 14 Mar 2004 4.3 (v2) Medium Pass Novell NetWare LDAP Server Anonymous Bind 15 Mar 2004 5 (v2) Medium Pass Unreal Tournament Server Detection 23 Mar 2004 None Pass Default Password (swift) for 'swift' Account CVE-1999-0502 24 Mar 2004 9.8 (v3) Critical 61

Pass HALO Network Server Detection 26 Mar 2004 None Pass IBM DB2 < 8 Fix Pack 7a Multiple Vulnerabilities CVE-2004-1372 CVE-2005-0417 CVE-2005-4863 CVE-2005-4864 CVE-2005-4865 CVE-2005-4866 CVE-2005-4867 CVE-2005-4868 CVE-2005-4869 CVE-2005-4870 CVE-2005-4871 17 Oct 2004 10 (v2) Critical Pass HP Web JetAdmin setinfo.hts setinclude Parameter Traversal Arbitrary File Access CVE-2004-1857 30 Mar 2004 2.1 (v2) Low Pass Firebird DB Remote Database Name Over fl ow CVE-2004-2043 25 May 2004 10 (v2) Critical Pass RealServer /admin/Docs/default.cfg Information Disclosure 26 May 2004 5 (v2) Medium Pass Subversion Server Detection 08 Jun 2004 None Pass IMP Content-Type Header XSS CVE-2004-0584 08 Jun 2004 4.3 (v2) Medium Pass Invision Power Board ssi.php f Parameter SQL Injection 11 Jun 2004 7.5 (v2) High Pass Gallery init.php Authentication Bypass CVE-2004-0522 15 Jun 2004 7.5 (v2) High Pass Squid ntlm_check_auth Function NTLM Authentication Helper Password Handling Remote Over fl ow CVE-2004-0541 30 Jun 2004 9.8 (v3) Critical Pass Cisco IOS and IOS XE Software Denial of Service Vulnerability (cisco-sa-20180328-bfd) CVE-2018-0155 23 Apr 2020 8.6 (v3) High Pass Treck TCP/IP stack multiple vulnerabilities. (Ripple20) CVE-2020-11896 CVE-2020-11897 CVE-2020-11898 CVE-2020-11899 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11904 CVE-2020-11905 CVE-2020-11906 CVE-2020-11907 CVE-2020-11908 CVE-2020-11909 CVE-2020-1 22 Jun 2020 10 (v3) Critical Pass VMware vCenter Server 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2021-0002) CVE-2021-21972 CVE-2021-21973 25 Feb 2021 9.8 (v3) Critical Pass UnrealIRCd IP Cloaking Weakness Information Disclosure CVE-2004-0679 05 Jul 2004 5 (v2) Medium Pass DistCC Detection 07 Jul 2004 7.5 (v2) High Pass PHP < 4.3.8 Multiple Vulnerabilities CVE-2004-0594 CVE-2004-0595 15 Jul 2004 6.8 (v2) Medium Pass phpBB < 2.0.9 Multiple Vulnerabilities 21 Jul 2004 7.5 (v2) High Pass phpBB < 2.0.10 Multiple XSS CVE-2004-0730 CVE-2004-2054 CVE-2004-2055 26 Jul 2004 4.3 (v2) Medium Pass Xitami testssi.ssi HTTP Header XSS 26 Jul 2004 4.3 (v2) Medium Pass Moodle < 1.3.3 'help.php' ' fi le' Parameter XSS CVE-2004-0725 26 Jul 2004 4.3 (v2) Medium Pass Horde IMP with MSIE MIME Viewer Email Message XSS CVE-2004-1443 30 Jul 2004 4.3 (v2) Medium Pass phpMyFAQ Image Upload Authentication Bypass CVE-2004-2257 02 Aug 2004 7.5 (v2) High Pass PostNuke Reviews Module title Parameter XSS 02 Aug 2004 4.3 (v2) Medium Pass PostNuke Install Script Admin Password Disclosure 02 Aug 2004 7.5 (v2) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Apr 2019 CPU) CVE-2018-0734 CVE-2019-2551 CVE-2019-2583 CVE-2019-2600 CVE-2019-2603 CVE-2019-2604 CVE-2019-2621 CVE-2019-2622 CVE-2019-2633 CVE-2019-2638 CVE-2019-2639 CVE-2019-2640 CVE-2019-2641 CVE-2019-2642 CVE-2019-2643 CVE-2019-2 17 Apr 2019 9.9 (v3) Critical Pass Jenkins < 2.164.2 LTS / 2.172 Multiple Vulnerabilities CVE-2019-1003049 CVE-2019-1003050 18 Apr 2019 8.1 (v3) High Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (Apr 2019 CPU) CVE-2016-1000031 CVE-2017-9798 CVE-2018-8034 CVE-2018-11763 CVE-2018-11784 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 19 Apr 2019 9.8 (v3) Critical Pass DNN (DotNetNuke) 7.0.0 < 9.3.1 Multiple Vulnerabilities 24 Apr 2019 6.1 (v3) Medium Pass Oracle WebLogic WLS9-async Remote Code Execution (remote check) CVE-2019-2725 26 Apr 2019 9.8 (v3) Critical Pass Jenkins < 2.176.3 LTS / 2.192 Multiple Vulnerabilities CVE-2019-10383 CVE-2019-10384 10 Oct 2019 8.8 (v3) High Pass Cisco SPA100 Series Multiple Vulnerabilities CVE-2019-12702 CVE-2019-12703 CVE-2019-12704 CVE-2019-15240 CVE-2019-15241 CVE-2019-15242 CVE-2019-15243 CVE-2019-15244 CVE-2019-15245 CVE-2019-15246 CVE-2019-15247 CVE-2019-15248 CVE-2019-15249 CVE-2019-15250 CVE-2019-1 17 Oct 2019 8 (v3) High Pass Atlassian Jira 7.13.x < 8.6.0 JMX monitoring fl ag CSRF Vulnerability (JRASERVER-70570) CVE-2019-20405 27 Mar 2020 4.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.100 / 8.5.x < 8.5.51 / 9.0.x < 9.0.31 Multiple Vulnerabilities CVE-2019-17569 CVE-2020-1935 CVE-2020-1938 21 Feb 2020 9.8 (v3) Critical Pass Cisco TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery Vulnerability CVE-2019-1872 05 Mar 2020 5.3 (v3) Medium Pass IBM Spectrum Protect Server and Storage Agent RCE 13 Mar 2020 9.8 (v3) Critical Pass Atlassian JIRA < 8.6.1 Information Disclosure CVE-2019-20407 20 Mar 2020 4.3 (v3) Medium Pass PHP 7.3.x < 7.3.16 Multiple Vulnerabilities CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 27 Mar 2020 8.8 (v3) High Pass Trading Technologies Messaging remove_park Stack Over fl ow 03 Jun 2020 9.8 (v3) Critical Pass Dotnetnuke 3.1.x < 9.6.0 / 5.0.x < 9.6.0 / 6.0.x < 9.6.0 / 7.0.x < 9.6.0 Multiple Vulnerabilities (09.06.00) CVE-2019-19790 03 Jun 2020 9.8 (v3) Critical Pass Dotnetnuke 7.0.x < 9.5.0 XSS 03 Jun 2020 9.8 (v3) Critical Pass Apache Tomcat 8.5.0 < 8.5.56 DoS CVE-2020-11996 03 Jul 2020 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.36 DoS CVE-2020-11996 03 Jul 2020 7.5 (v3) High Pass Jenkins < 2.263.2 LTS / 2.275 Multiple Vulnerabilities CVE-2021-21602 CVE-2021-21603 CVE-2021-21604 CVE-2021-21605 CVE-2021-21606 CVE-2021-21607 CVE-2021-21608 CVE-2021-21609 CVE-2021-21610 CVE-2021-21611 22 Jan 2021 8 (v3) High Pass Oracle Primavera Uni fi er (Jan 2021 CPU) CVE-2019-10086 CVE-2020-11979 CVE-2020-25020 CVE-2020-35460 29 Jan 2021 9.8 (v3) Critical Pass SonicWall Secure Mobile Access Remote Code Execution (SNWLID-2021-0001) CVE-2021-20016 03 Feb 2021 9.8 (v3) Critical Pass Atlassian JIRA < 8.5.10 / 8.6.x < 8.13.2 Information Disclosure (JRASERVER-72002) CVE-2020-36231 04 Feb 2021 4.3 (v3) Medium Pass Serv-U FTP Server < 15.2.2 Hot fi x 1 Arbitrary File Read/Write CVE-2021-25276 09 Feb 2021 7.1 (v3) High Pass PHP 7.3.x < 7.3.27 / 7.4.x < 7.4.15 / 8.x < 8.0.2 DoS CVE-2021-21702 09 Feb 2021 7.5 (v3) High Pass Atlassian JIRA < 8.5.13 / 8.6.x < 8.13.5 / 8.14.x < 8.15.1 Multiple Vulnerablities CVE-2020-36238 CVE-2020-36286 CVE-2021-26071 08 Apr 2021 5.3 (v3) Medium Pass Apache Tomcat 7.0.0 < 7.0.107 Information Disclosure CVE-2021-24122 09 Apr 2021 5.9 (v3) Medium Pass Cisco Uni fi ed Communications Manager Self Care Portal Authorization Bypass Vulnerability (cisco-sa-cucm-selfcare-VRWWWHgE) CVE-2021-1399 15 Apr 2021 4.3 (v3) Medium Pass Oracle E-Business (October 2013 CPU) CVE-2013-5792 17 Oct 2013 5 (v2) Medium Pass Oracle E-Business Multiple Vulnerabilities (January 2017 CPU) CVE-2016-8325 CVE-2017-3246 CVE-2017-3274 CVE-2017-3275 CVE-2017-3277 CVE-2017-3278 CVE-2017-3279 CVE-2017-3280 CVE-2017-3281 CVE-2017-3282 CVE-2017-3283 CVE-2017-3284 CVE-2017-3285 CVE-2017-3286 CVE-2017-3287 CVE-2017-3 18 Jan 2017 8.2 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (April 2017 CPU) CVE-2017-3337 CVE-2017-3393 CVE-2017-3432 CVE-2017-3515 CVE-2017-3528 CVE-2017-3549 CVE-2017-3550 CVE-2017-3555 CVE-2017-3556 CVE-2017-3557 CVE-2017-3592 19 Apr 2017 6.5 (v3) Medium Pass Apache 2.4.x < 2.4.47 Multiple Vulnerabilities CVE-2019-17567 CVE-2020-13938 CVE-2020-13950 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641 04 Jun 2021 9.8 (v3) Critical Pass SonicWall Secure Remote Access (SRA) Unsupported Version 11 Jun 2021 9.8 (v3) Critical Pass Tenable Nessus 8.x.x < 8.15.0 Multiple Vulnerabilities (TNS-2021-11) CVE-2018-20843 CVE-2019-15903 CVE-2019-16168 CVE-2021-20099 CVE-2021-20100 15 Jun 2021 6.7 (v3) Medium Pass Apache Tomcat 10.0.0-M1 < 10.0.2 multiple vulnerabilities CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 17 Jun 2021 7.5 (v3) High Pass Pulse Connect Secure < 9.1R11.5 (SA44800) CVE-2021-22908 21 Jun 2021 8.8 (v3) High Pass Liferay Portal 7.x <= 7.2.1 / 7.3 < 7.3.6 Multiple Vulnerabilities CVE-2021-29043 CVE-2021-29044 02 Jul 2021 6.1 (v3) Medium Pass Apache Tomcat 10.0.3 < 10.0.5 vulnerability CVE-2021-30639 12 Jul 2021 7.5 (v3) High Pass Apache Tomcat 7.0.x <= 7.0.108 / 8.5.x <= 8.5.65 / 9.0.x <= 9.0.45 / 10.0.x <= 10.0.5 vulnerability CVE-2021-30640 12 Jul 2021 6.5 (v3) Medium Pass Liferay Portal 7.2.x < 7.3.6 XSS CVE-2021-29051 13 Jul 2021 6.1 (v3) Medium Pass VMware Carbon Black App Control 8.0.x / 8.1.x / 8.5.x < 8.5.8 / 8.6.x < 8.6.2 Authentication Bypass (VMSA-2021-0012) CVE-2021-21998 23 Jul 2021 9.8 (v3) Critical Pass Apache Tomcat AJP12 Protocol Malformed Packet Remote DoS CVE-2005-0808 15 Mar 2005 5.3 (v3) Medium Pass Apache Tomcat 4.x < 4.1.36 Multiple Vulnerabilities CVE-2005-2090 CVE-2007-0450 CVE-2007-1358 18 Nov 2011 5.3 (v3) Medium Pass Apache Tomcat < 6.0.13 Multiple Vulnerabilities CVE-2005-2090 CVE-2007-1355 18 Nov 2011 5.3 (v3) Medium Pass Apache Tomcat Cross-Application File Manipulation CVE-2009-0783 22 Jun 2009 5.9 (v3) Medium Pass Apache Tomcat WAR Deployment Multiple Vulnerabilities CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 26 Jan 2010 5.4 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2010 CPU) CVE-2009-1996 CVE-2009-3410 CVE-2009-3411 CVE-2009-3412 CVE-2009-3413 CVE-2009-3414 CVE-2009-3415 CVE-2010-0071 CVE-2010-0072 26 Apr 2010 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (April 2010 CPU) CVE-2010-0851 CVE-2010-0852 CVE-2010-0854 CVE-2010-0860 CVE-2010-0866 CVE-2010-0867 26 Apr 2010 7.1 (v2) High Pass Apache Tomcat < 4.1.40 / 5.5.28 / 6.0.20 Multiple Vulnerabilities CVE-2008-5515 CVE-2009-0033 CVE-2009-0580 CVE-2009-0781 CVE-2009-0783 28 May 2010 5.3 (v3) Medium Pass Apache Tomcat 4.x < 4.1.39 Multiple Vulnerabilities CVE-2008-0128 CVE-2008-1232 CVE-2008-2370 11 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat 5.x < 5.5.1 Information Disclosure CVE-2008-3271 16 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat 4.x < 4.1.32 Multiple Vulnerabilities CVE-2005-3510 CVE-2005-4838 CVE-2006-3835 CVE-2006-7196 CVE-2007-1858 CVE-2008-3271 16 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat < 5.5.26 Multiple Vulnerabilities CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-6286 01 Jul 2010 6.5 (v3) Medium Pass Apache Tomcat < 6.0.16 Multiple Vulnerabilities CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-6286 CVE-2008-0002 01 Jul 2010 6.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (July 2010 CPU) CVE-2010-0892 CVE-2010-0900 CVE-2010-0901 CVE-2010-0902 CVE-2010-0903 CVE-2010-0911 14 Jul 2010 7.8 (v2) High Pass Apache Tomcat 5.5.x < 5.5.30 CVE-2010-1157 CVE-2010-2227 CVE-2010-3718 16 Jul 2010 6.5 (v3) Medium Pass Apache Tomcat 6.0 < 6.0.28 Multiple Vulnerabilities CVE-2010-1157 CVE-2010-2227 05 Aug 2010 6.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (April 2008 CPU) CVE-2008-1812 CVE-2008-1813 CVE-2008-1814 CVE-2008-1815 CVE-2008-1816 CVE-2008-1817 CVE-2008-1818 CVE-2008-1819 CVE-2008-1820 CVE-2008-1821 16 Nov 2011 8.5 (v2) High Pass Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.25 Multiple Vulnerabilities CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3385 CVE-2007-3386 07 Dec 2010 5.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2011 CPU) CVE-2010-3590 CVE-2010-3600 CVE-2010-4413 CVE-2010-4420 CVE-2010-4421 CVE-2010-4423 19 Jan 2011 7.5 (v2) High Pass Apache Tomcat 7.x < 7.0.4 SecurityManager Local Security Bypass CVE-2010-3718 11 Feb 2011 6.3 (v3) Medium Pass Apache Tomcat < 6.0.32 / 7.0.8 NIO Connector DoS CVE-2011-0534 15 Feb 2011 5.3 (v3) Medium Pass Apache Tomcat 7.x < 7.0.12 Multiple Vulnerabilities CVE-2011-1183 CVE-2011-1184 CVE-2011-1475 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 07 Apr 2011 6.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (April 2011 CPU) CVE-2009-3555 CVE-2011-0785 CVE-2011-0787 CVE-2011-0792 CVE-2011-0793 CVE-2011-0799 CVE-2011-0804 CVE-2011-0805 CVE-2011-0806 13 May 2011 7.5 (v2) High Pass Apache Tomcat 6.0.x < 6.0.33 Multiple Vulnerabilities CVE-2011-1184 CVE-2011-2204 CVE-2011-2526 CVE-2011-2729 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 30 Aug 2011 5.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2006 CPU) CVE-2006-0256 CVE-2006-0257 CVE-2006-0258 CVE-2006-0259 CVE-2006-0260 CVE-2006-0261 CVE-2006-0262 CVE-2006-0263 CVE-2006-0265 CVE-2006-0266 CVE-2006-0267 CVE-2006-0268 CVE-2006-0269 CVE-2006-0270 CVE-2006-0271 CVE-2006-0 16 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (April 2007 CPU) CVE-2007-2108 CVE-2007-2109 CVE-2007-2110 CVE-2007-2111 CVE-2007-2112 CVE-2007-2113 CVE-2007-2114 CVE-2007-2115 CVE-2007-2116 CVE-2007-2117 CVE-2007-2118 CVE-2007-2119 CVE-2007-2129 CVE-2007-2130 16 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (October 2007 CPU) CVE-2007-5504 CVE-2007-5505 CVE-2007-5506 CVE-2007-5507 CVE-2007-5508 CVE-2007-5509 CVE-2007-5510 CVE-2007-5511 CVE-2007-5512 CVE-2007-5513 CVE-2007-5514 CVE-2007-5515 CVE-2007-5520 CVE-2007-5530 CVE-2007-5531 CVE-2007-5 16 Nov 2011 9 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2008 CPU) CVE-2008-0339 CVE-2008-0340 CVE-2008-0341 CVE-2008-0342 CVE-2008-0343 CVE-2008-0344 CVE-2008-0345 CVE-2008-0346 CVE-2008-0347 16 Nov 2011 6 (v2) Medium Pass Apache Tomcat 5.5.x < 5.5.34 Multiple Vulnerabilities CVE-2011-1184 CVE-2011-2204 CVE-2011-2526 CVE-2011-2729 CVE-2011-3190 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 26 Sep 2011 7.3 (v3) High Pass Apache Tomcat 6.x < 6.0.35 Multiple Vulnerabilities CVE-2011-3190 CVE-2011-3375 CVE-2011-4858 CVE-2012-0022 12 Dec 2011 7.3 (v3) High Pass Apache Tomcat 5.x < 5.5.35 Hash Collision Denial of Service CVE-2011-4858 CVE-2012-0022 13 Jan 2012 5.3 (v3) Medium Pass Apache Tomcat 5.5.x < 5.5.36 DIGEST Authentication Multiple Security Weaknesses CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2012 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.30 Multiple Vulnerabilities CVE-2012-3544 CVE-2012-3546 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2012 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.32 XSRF Filter Bypass CVE-2012-4431 10 Dec 2012 7.3 (v3) High Pass Apache Tomcat 7.0.x < 7.0.33 Session Fixation CVE-2013-2067 15 May 2013 7.3 (v3) High Pass Oracle Database Multiple Vulnerabilities (October 2013 CPU) (BEAST) CVE-2011-3389 CVE-2013-0169 CVE-2013-3826 CVE-2013-5771 16 Oct 2013 6.4 (v2) Medium Pass Apache Tomcat 6.0.x < 6.0.40 Multiple Vulnerabilities CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 30 May 2014 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.53 Multiple Vulnerabilities CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 30 May 2014 5.3 (v3) Medium Pass Apache Tomcat 8.0.x < 8.0.4 Multiple Vulnerabilities CVE-2014-0075 CVE-2014-0095 CVE-2014-0096 CVE-2014-0099 30 May 2014 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.55 Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-0227 CVE-2014-0230 CVE-2014-3470 02 Sep 2014 9.3 (v3) Critical Pass Apache Tomcat 8.0.x < 8.0.9 Multiple DoS CVE-2014-0227 CVE-2014-0230 01 Mar 2015 6.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (July 2015 CPU) CVE-2015-0468 CVE-2015-2585 CVE-2015-2586 CVE-2015-2595 CVE-2015-2599 CVE-2015-2629 CVE-2015-2655 CVE-2015-4740 CVE-2015-4753 CVE-2015-4755 17 Jul 2015 9 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2016 CPU) CVE-2015-4921 CVE-2015-4923 CVE-2015-4925 CVE-2016-0461 CVE-2016-0467 CVE-2016-0472 CVE-2016-0499 25 Jan 2016 9 (v2) High Pass Apache Struts 2.x < 2.3.24.1 Multiple Vulnerabilities (S2-026) (S2-027) CVE-2015-5209 CVE-2016-3090 12 Feb 2016 8.8 (v3) High Pass Apache Tomcat 6.0.x < 6.0.45 Multiple Vulnerabilities CVE-2015-5174 CVE-2015-5345 CVE-2016-0706 CVE-2016-0714 24 Feb 2016 8.8 (v3) High Pass Apache Tomcat 7.0.x < 7.0.68 Multiple Vulnerabilities CVE-2015-5345 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 24 Feb 2016 8.8 (v3) High Pass Apache Tomcat 8.0.0.RC1 < 8.0.32 Multiple Vulnerabilities CVE-2015-5346 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 24 Feb 2016 8.8 (v3) High Pass Apache Struts 2.x < 2.3.28 Multiple Vulnerabilities (S2-028) (S2-029) (S2-030) (S2-034) CVE-2016-0785 CVE-2016-2162 CVE-2016-3093 CVE-2016-4003 24 Mar 2016 8.8 (v3) High 62

Pass Apache Struts 2.x < 2.3.28.1 Multiple Vulnerabilities CVE-2016-3081 CVE-2016-3082 CVE-2016-3087 28 Apr 2016 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.29 Multiple Vulnerabilities (S2-035 - S2-040) CVE-2016-0785 CVE-2016-4430 CVE-2016-4431 CVE-2016-4433 CVE-2016-4436 CVE-2016-4438 CVE-2016-4461 24 Jun 2016 8.8 (v3) High Pass Oracle Database Multiple Vulnerabilities (July 2016 CPU) (FREAK) CVE-2015-0204 CVE-2016-3448 CVE-2016-3467 CVE-2016-3479 CVE-2016-3484 CVE-2016-3488 CVE-2016-3489 CVE-2016-3506 CVE-2016-3609 22 Jul 2016 9 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (October 2016 CPU) CVE-2016-3562 CVE-2016-5497 CVE-2016-5498 CVE-2016-5499 CVE-2016-5505 CVE-2016-5516 CVE-2016-5555 CVE-2016-5572 21 Oct 2016 9.1 (v3) Critical Pass Apache Tomcat 6.0.x < 6.0.47 / 7.0.x < 7.0.72 / 8.0.x < 8.0.37 / 8.5.x < 8.5.5 / 9.0.x < 9.0.0.M10 Multiple Vulnerabilities CVE-2016-0762 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 04 Nov 2016 7.5 (v3) High Pass Apache Struts 2.5.x < 2.5.13 URLValidator Form Field Handling Remote DoS (S2-044) CVE-2016-8738 15 Dec 2016 5.9 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (October 2017 CPU) CVE-2015-5254 CVE-2017-10034 CVE-2017-10037 CVE-2017-10060 CVE-2017-10163 18 Oct 2017 9.8 (v3) Critical Pass Apache Tomcat 6.0.16 < 6.0.50 / 7.0.x < 7.0.75 / 8.0.x < 8.0.41 / 8.5.x < 8.5.9 / 9.0.x < 9.0.0.M15 NIO HTTP Connector Information Disclosure CVE-2016-8745 21 Dec 2016 7.5 (v3) High Pass Apache Tomcat 9.0.0.M11 < 9.0.0.M17 nextRequest Information Disclosure CVE-2016-8747 13 Apr 2017 7.5 (v3) High Pass Apache Tomcat 6.0.x < 6.0.53 / 7.0.x < 7.0.77 / 8.0.x < 8.0.43 Pipelined Requests Information Disclosure CVE-2017-5647 14 Apr 2017 7.5 (v3) High Pass Oracle Database Multiple Vulnerabilities (April 2017 CPU) CVE-2017-3486 CVE-2017-3567 19 Apr 2017 7.2 (v3) High Pass Atlassian JIRA 4.2.4 < 6.3.0 Multiple Vulnerabilities CVE-2017-5983 16 May 2017 9.8 (v3) Critical Pass Apache Tomcat 7.0.x < 7.0.78 / 8.0.x < 8.0.44 / 8.5.x < 8.5.15 / 9.0.x < 9.0.0.M21 Remote Error Page Manipulation CVE-2017-5664 08 Jun 2017 7.5 (v3) High Pass Apache Struts 2.5.x < 2.5.12 Multiple DoS (S2-047) (S2-049) CVE-2016-1000031 CVE-2017-7672 CVE-2017-9787 14 Jul 2017 9.8 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (July 2017 CPU) (POODLE) (SWEET32) CVE-2014-3566 CVE-2016-2183 CVE-2017-10120 CVE-2017-10202 20 Jul 2017 9.9 (v3) Critical Pass Apache Tomcat 7.0.41 < 7.0.79 Cache Poisoning Vulnerability CVE-2017-7674 18 Aug 2017 4.3 (v3) Medium Pass Apache Tomcat 8.5.x < 8.5.16 Multiple Vulnerabilities CVE-2017-7674 CVE-2017-7675 18 Aug 2017 7.5 (v3) High Pass Apache Struts 2.1.x >= 2.1.2 / 2.2.x / 2.3.x < 2.3.34 / 2.5.x < 2.5.13 Multiple Vulnerabilities (S2-050 - S2-053) CVE-2017-9793 CVE-2017-9804 CVE-2017-9805 CVE-2017-12611 05 Sep 2017 9.8 (v3) Critical Pass Apache Tomcat 7.0.x < 7.0.81 Multiple Vulnerabilities CVE-2017-12615 CVE-2017-12616 19 Sep 2017 8.1 (v3) High Pass Cisco Uni fi ed Communications Manager Cross-Site Scripting Vulnerability CVE-2017-6654 27 Sep 2017 6.1 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.82 / 8.5.x < 8.5.23 Multiple Vulnerabilities CVE-2017-12617 06 Oct 2017 8.1 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.1 Multiple Vulnerabilities CVE-2017-12617 06 Oct 2017 8.1 (v3) High Pass Atlassian JIRA < 4.2 Multiple Vulnerabilities 24 Apr 2018 5.3 (v3) Medium Pass Apache Struts 2.0.x < 2.2.1 and Tag XSS (S2-002) 10 Sep 2018 4.3 (v3) Medium Pass Apache Struts 2.x < 2.3.14.3 RCE (S2-015) CVE-2013-2134 CVE-2013-2135 10 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.2.3.1 RCE (S2-007) 10 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.14.2 Remote Code Execution Vulnerability (S2-013) CVE-2013-1966 11 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.18 Multiple Critical Vulnerabilities (S2-008) 11 Sep 2018 9.8 (v3) Critical Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (April 2018 CPU) CVE-2015-7501 CVE-2017-5662 28 Dec 2018 9.8 (v3) Critical Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (July 2018 CPU) CVE-2018-2900 CVE-2018-2925 CVE-2018-2958 28 Dec 2018 8.2 (v3) High Pass Atlassian JIRA Cross-Site Scripting (XSS) Vulnerability (JRASERVER-68526) CVE-2018-13403 10 May 2019 5.4 (v3) Medium Pass Atlassian JIRA Multiple Vulnerabilities (JRASERVER-69245) (JRASERVER-69246) CVE-2019-3399 CVE-2019-3400 10 May 2019 7.5 (v3) High Pass Pulse Connect Secure Insecure Cookie Handling (SA44114) CVE-2019-11213 31 May 2019 8.1 (v3) High Pass Atlassian Jira 7.13.x < 7.13.4, 8.0.x < 8.0.4, 8.1.x < 8.1.1 Multiple Vulnerabilities CVE-2019-8442 CVE-2019-8443 31 May 2019 8.1 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.41 DoS CVE-2019-0199 CVE-2019-10072 24 Jun 2019 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.20 DoS CVE-2019-0199 CVE-2019-10072 25 Jun 2019 7.5 (v3) High Pass Atlassian JIRA < 8.4.0 Multiple Vulnerabilities CVE-2019-8449 CVE-2019-8451 CVE-2019-14995 CVE-2019-14997 CVE-2019-14998 20 Sep 2019 6.5 (v3) Medium Pass Apache Struts 2.3.20 < 2.3.29 / 2.5.x < 2.5.13 Denial of Service Vulnerability (S2-041) CVE-2016-4465 26 Sep 2019 5.3 (v3) Medium Pass Atlassian JIRA 7.x >= 7.6 / 8.x < 8.5.4 / 8.6.x < 8.6.2 Multiple CSRF CVE-2019-20098 CVE-2019-20099 21 Feb 2020 4.3 (v3) Medium Pass Cisco Uni fi ed Communications Manager Stored Cross-Site Scripting (cisco-sa-cucm-xss-bLZw4Ctq) CVE-2020-3420 10 Jul 2020 5.4 (v3) Medium Pass Cisco Uni fi ed Communications Manager Cross-Site Scripting (cisco-sa-cucm-selfcare-drASc7sr) CVE-2020-3346 14 Aug 2020 6.1 (v3) Medium Pass Cisco Uni fi ed Communications Manager XSS (cisco-sa-cucm-cuc-imp-xss-XtpzfM5e) CVE-2020-3532 25 Aug 2020 6.3 (v3) Medium Pass Apache Tomcat 8.5.x < 8.5.60 Information Disclosure CVE-2020-17527 CVE-2021-24122 10 Dec 2020 7.5 (v3) High Pass Apache < 2.4.49 Multiple Vulnerabilities CVE-2021-40438 23 Sep 2021 9 (v3) Critical Pass Apache < 2.4.49 Multiple Vulnerabilities CVE-2021-34798 CVE-2021-39275 23 Sep 2021 9.8 (v3) Critical Pass Apache >= 2.4.30 < 2.4.49 mod_proxy_uwsgi CVE-2021-36160 23 Sep 2021 7.5 (v3) High Pass Apache Tomcat 10.1.0.M1 < 10.1.0.M6 vulnerability CVE-2021-42340 14 Oct 2021 7.5 (v3) High Pass Apache 2.4.49 < 2.4.50 Multiple Vulnerabilities CVE-2021-41524 CVE-2021-41773 05 Oct 2021 7.5 (v3) High Pass Jenkins Enterprise and Operations Center < 2.249.31.0.5 / 2.289.1.2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-06-02) 11 Oct 2021 6.8 (v3) Medium Pass Oracle E-Business Suite Multiple Vulnerabilities (Oct 2021 CPU) CVE-2021-2474 CVE-2021-2477 CVE-2021-2482 CVE-2021-2483 CVE-2021-2484 CVE-2021-2485 CVE-2021-35536 CVE-2021-35554 CVE-2021-35562 CVE-2021-35563 CVE-2021-35566 CVE-2021-35569 CVE-2021-35570 CVE-2021-35580 CVE-2021-35581 C 21 Oct 2021 8.1 (v3) High Pass Oracle Database Server Multiple Vulnerabilities (October 2021 CPU) CVE-2020-27824 CVE-2021-2332 CVE-2021-25122 CVE-2021-26272 CVE-2021-29425 CVE-2021-29921 CVE-2021-35551 CVE-2021-35557 CVE-2021-35558 CVE-2021-35576 CVE-2021-35599 CVE-2021-35619 21 Oct 2021 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center < 2.222.43.0.1 / 2.249.30.0.1 / 2.263.2.2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-01-13) CVE-2021-21602 CVE-2021-21603 CVE-2021-21604 CVE-2021-21605 CVE-2021-21606 CVE-2021-21607 CVE-2021-21608 CVE-2021-21609 CVE-2021-21610 CVE-2021-21611 CVE-2021-21612 CVE-2021-21613 CVE-2021-21614 29 Nov 2021 8 (v3) High Pass PHP 8.1.x < 8.1.0 Multiple Vulnerabilities CVE-2021-21703 CVE-2021-21706 CVE-2021-21707 30 Nov 2021 7 (v3) High Pass Jenkins Enterprise and Operations Center < 2.222.43.0.2 / 2.249.30.0.2 / 2.263.2.3 Arbitrary File Read (CloudBees Security Advisory 2021-01-26) CVE-2021-21615 03 Dec 2021 5.3 (v3) Medium Pass Apache 2.4.x >= 2.4.7 / < 2.4.52 Forward Proxy DoS / SSRF CVE-2021-44224 CVE-2021-44790 23 Dec 2021 9.8 (v3) Critical Pass Jenkins plugins Multiple Vulnerabilities (2022-01-12) CVE-2022-20612 CVE-2022-20613 CVE-2022-20614 CVE-2022-20615 CVE-2022-20616 CVE-2022-20617 CVE-2022-20618 CVE-2022-20619 CVE-2022-20620 CVE-2022-20621 CVE-2022-23105 CVE-2022-23106 CVE-2022-23107 CVE-2022-23108 CVE-2022-2 21 Jan 2022 8.8 (v3) High Pass Apache Tomcat 10.1.0.M1 < 10.1.0.M10 multiple vulnerabilities CVE-2022-23181 26 Jan 2022 7 (v3) High Pass Apache Tomcat 10.0.0.M5 < 10.0.16 multiple vulnerabilities CVE-2022-23181 26 Jan 2022 7 (v3) High Pass Atlassian Jira < 8.13.15 / 8.14.0 < 8.20.3 RCE (JRASERVER-73067) CVE-2021-43947 28 Jan 2022 7.2 (v3) High Pass Jenkins Enterprise and Operations Center < 2.277.43.0.5 / 2.319.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2022-01-12) CVE-2022-20612 CVE-2022-20613 CVE-2022-20614 CVE-2022-20615 CVE-2022-20616 CVE-2022-20617 CVE-2022-20618 CVE-2022-20619 CVE-2022-20620 CVE-2022-20621 CVE-2022-23105 CVE-2022-23106 CVE-2022-23107 CVE-2022-23108 CVE-2022-2 15 Feb 2022 8.8 (v3) High Pass PHP 7.4.x < 7.4.28 CVE-2021-21708 17 Feb 2022 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.7 / 2.303.x < 2.303.30.0.6 / 2.319.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-02-15) CVE-2022-25173 CVE-2022-25174 CVE-2022-25175 CVE-2022-25176 CVE-2022-25177 CVE-2022-25178 CVE-2022-25179 CVE-2022-25180 CVE-2022-25181 CVE-2022-25182 CVE-2022-25183 CVE-2022-25184 CVE-2022-25185 CVE-2022-25186 CVE-2022-2 08 Mar 2022 8.8 (v3) High Pass Apache 2.4.x < 2.4.53 Multiple Vulnerabilities CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 14 Mar 2022 9.8 (v3) Critical Pass Atlassian Jira < 8.13.18 / 8.14.x < 8.20.6 / 8.21.0 XSRF (JRASERVER-73138) CVE-2021-43952 21 Mar 2022 4.3 (v3) Medium Pass SonicWall Secure Remote Access (SRA) SQLi (SNWLID-2021-0017) CVE-2021-20028 04 Apr 2022 9.8 (v3) Critical Pass Juniper Junos OS Kernel Crash DoS (JSA11213) CVE-2021-0299 18 May 2022 7.5 (v3) High Pass GitLab 12.6 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure CVE-2022-1426 18 May 2022 3.7 (v3) Low Pass GitLab 13.9 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 DoS CVE-2022-1510 18 May 2022 7.5 (v3) High Pass GitLab 13.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure 18 May 2022 4.3 (v3) Medium Pass GitLab 11.0 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure CVE-2022-1352 18 May 2022 5.3 (v3) Medium Pass GitLab 14.4 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 XSS CVE-2022-1433 18 May 2022 6.1 (v3) Medium Pass GitLab 9.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Incorrect Authorization CVE-2022-1460 18 May 2022 4.9 (v3) Medium Pass GitLab 12.10 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 DoS CVE-2022-1431 18 May 2022 5.3 (v3) Medium Pass GitLab 8.12 < 14.8.6 / 8.13 < 14.9.4 / 8.14 < 14.10.1 Improper Access Control CVE-2022-1417 18 May 2022 4.3 (v3) Medium Pass Cisco IOS XE Software Web Services DoS (cisco-sa-http-dos-svOdkdBS) CVE-2022-20697 19 May 2022 8.6 (v3) High Pass IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.5 Information Disclosure (6585704) CVE-2022-22393 19 May 2022 6.5 (v3) Medium Pass Oracle Primavera Uni fi er (Apr 2022 CPU) CVE-2021-23450 CVE-2021-41184 20 Apr 2022 9.8 (v3) Critical Pass GitLab 11.1.0 < 14.2.6 / 11.2.0 < 14.3.4 / 11.3.0 < 14.4.1 Approval Bypass CVE-2021-39909 20 Apr 2022 5.3 (v3) Medium Pass GitLab 0.8.0 < 14.4.1 Privilege Escalation CVE-2021-39913 20 Apr 2022 6.7 (v3) Medium Pass GitLab 13.5.0 < 14.2.6 / 14.3.0 < 14.3.4 / 14.4.0 < 14.4.1 Arbitrary Code Execution CVE-2021-39906 20 Apr 2022 6.1 (v3) Medium Pass GitLab 14.3 < 14.3.6 / 14.4 < 14.4.3 / 14.5 < 14.5.2 XSS CVE-2021-39946 20 Apr 2022 5.4 (v3) Medium Pass GitLab < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.21 Content Spoo fi ng CVE-2022-0090 20 Apr 2022 6.5 (v3) Medium Pass GitLab 12.0 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 Improper Access CVE-2022-0125 20 Apr 2022 4.3 (v3) Medium Pass TCP/IP Initial Sequence Number (ISN) Reuse Weakness CVE-2002-1463 02 Aug 2002 7.3 (v3) High Pass Apple TV < 12.3 Multiple Vulnerabilities CVE-2019-6237 CVE-2019-8560 CVE-2019-8568 CVE-2019-8571 CVE-2019-8574 CVE-2019-8576 CVE-2019-8577 CVE-2019-8583 CVE-2019-8584 CVE-2019-8585 CVE-2019-8586 CVE-2019-8587 CVE-2019-8591 CVE-2019-8593 CVE-2019-8594 CVE-2019-8 15 May 2019 9.8 (v3) Critical Pass iLO 4 < 2.70 / iLO 5 < 1.40a Multiple Vulnerabilities CVE-2018-7117 CVE-2019-11982 CVE-2019-11983 23 May 2019 8.3 (v3) High Pass Tenable Nessus < 8.5.0 Multiple Vulnerabilities (TNS-2019-04) CVE-2019-3961 CVE-2019-3962 11 Jul 2019 6.1 (v3) Medium Pass Apple TV < 12.4 Multiple Vulnerabilities CVE-2018-16860 CVE-2019-8641 CVE-2019-8644 CVE-2019-8646 CVE-2019-8647 CVE-2019-8649 CVE-2019-8657 CVE-2019-8658 CVE-2019-8660 CVE-2019-8662 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019- 26 Jul 2019 9.8 (v3) Critical Pass OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities CVE-2019-1547 CVE-2019-1552 CVE-2019-1563 23 Aug 2019 4.7 (v3) Medium Pass VMware vCenter Server 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0013) CVE-2019-5531 CVE-2019-5532 CVE-2019-5534 02 Oct 2019 7.7 (v3) High Pass Atlassian JIRA < 8.3.2 Multiple Vulnerabilities CVE-2019-8446 CVE-2019-8447 CVE-2019-11584 CVE-2019-15005 04 Oct 2019 6.1 (v3) Medium Pass Atlassian JIRA 7.13.x < 7.13.6 / 8.x < 8.2.3 / 8.3.x < 8.3.2 Multiple Vulnerabilities CVE-2019-11585 CVE-2019-11586 CVE-2019-11587 CVE-2019-11588 CVE-2019-11589 07 Oct 2019 6.5 (v3) Medium Pass Juniper JSA10962 CVE-2019-0063 18 Oct 2019 7.5 (v3) High Pass Jenkins < 2.176.4 LTS / 2.197 Multiple Vulnerabilities CVE-2019-10401 CVE-2019-10402 CVE-2019-10403 CVE-2019-10404 CVE-2019-10405 CVE-2019-10406 21 Oct 2019 5.4 (v3) Medium Pass MikroTik RouterOS < 6.44.6 LTS or 6.45.x < 6.45.7 Multiple Vulnerabilities CVE-2019-3976 CVE-2019-3977 CVE-2019-3978 CVE-2019-3979 31 Oct 2019 8.8 (v3) High Pass macOS 10.14.x < 10.14.5 Multiple Vulnerabilities CVE-2018-4456 CVE-2019-6237 CVE-2019-8560 CVE-2019-8568 CVE-2019-8569 CVE-2019-8571 CVE-2019-8574 CVE-2019-8576 CVE-2019-8577 CVE-2019-8583 CVE-2019-8584 CVE-2019-8585 CVE-2019-8586 CVE-2019-8587 CVE-2019-8589 CVE-2019-8 15 May 2019 9.8 (v3) Critical Pass macOS 10.14.x < 10.14.6 Multiple Vulnerabilities CVE-2018-16860 CVE-2018-19860 CVE-2019-8641 CVE-2019-8644 CVE-2019-8646 CVE-2019-8648 CVE-2019-8649 CVE-2019-8656 CVE-2019-8657 CVE-2019-8658 CVE-2019-8660 CVE-2019-8661 CVE-2019-8662 CVE-2019-8663 CVE-2019-8666 CVE-2019 26 Jul 2019 9.8 (v3) Critical Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-17091 CVE-2020-2556 CVE-2020-2707 17 Jan 2020 7.3 (v3) High Pass Splunk Enterprise 8.1 < 8.1.4 XSS CVE-2022-27183 27 May 2022 6.1 (v3) Medium Pass IBM BigFix Platform 9.2.x < 9.2.15 / 9.5.x < 9.5.10 Multiple Vulnerabilities CVE-2018-0739 CVE-2018-1474 CVE-2018-1476 CVE-2018-1478 CVE-2018-1480 CVE-2018-1481 CVE-2018-1484 CVE-2018-1485 21 Dec 2018 7.5 (v3) High Pass Splunk Enterprise 6.0.x < 6.0.14 / 6.1.x < 6.1.13 / 6.2.x < 6.2.14 / 6.3.x < 6.3.11 / 6.4.x < 6.4.8 / 6.5.x < 6.5.3 or Splunk Light < 6.6.0 Multiple Vulnerabilities CVE-2018-7427 CVE-2018-7429 CVE-2018-7431 CVE-2018-7432 09 Jan 2019 6.5 (v3) Medium Pass Authentication Bypass (Forced Browse) 09 Jan 2019 9.1 (v3) Critical Pass OS Command Injection 09 Jan 2019 9.1 (v3) Critical Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-9206 CVE-2018-14718 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 18 Jan 2019 10 (v3) Critical Pass MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check) CVE-2017-0143 CVE-2017-0144 CVE-2017-0145 CVE-2017-0146 CVE-2017-0147 CVE-2017-0148 20 Mar 2017 8.1 (v3) High Pass OMRON FINS UDP Protocol Detection 27 Oct 2016 None Pass Multiple SSH Vulnerabilities - Cisco Systems CVE-2001-0572 01 Sep 2010 7.5 (v2) High Pass CA DMPrimer Service Detection 19 Jan 2006 None Pass FTP Server Detection 12 Oct 1999 None Pass Cisco Email Security Appliance DoS (cisco-sa-20200219-esa-dos) CVE-2019-1947 28 Feb 2020 8.6 (v3) High Pass Puppet Enterprise < 3.1.0 Multiple Vulnerabilities CVE-2013-2065 CVE-2013-4287 CVE-2013-4957 CVE-2013-4965 29 Oct 2013 6.8 (v2) Medium Pass Citrix NFuse Launch Scripts 'NFuse_Application' Parameter XSS CVE-2002-0504 02 Sep 2004 4.3 (v2) Medium 63

Pass OS Identi fi cation : Miscellaneous Methods 01 Apr 2013 None Pass Juniper Junos Sockets Library Bu ff er Over fl ow Privilege Escalation (JSA10792) CVE-2017-2344 23 Aug 2017 7.8 (v3) High Pass Authenticated Check : OS Name and Installed Package Enumeration 06 Jul 2004 None Pass OS Identi fi cation : MSRPC 19 May 2007 None Pass Juniper Junos J-Web Weak SSL Ciphers (PSN-2011-01-147) 22 Aug 2011 2.9 (v2) Low Pass IRC Daemon STARTTLS Command Support 08 Jan 2016 None Pass rsync STARTTLS Command Support 08 Jan 2016 None Pass AXIGEN Mail Server AXIMilter CNHO Command Remote Format String CVE-2008-0434 28 Jan 2008 5.1 (v2) Medium Pass IBM Tivoli Provisioning Manager OS Deployment < 5.1.0.3 Interim Fix 3 HTTP Server Logging Functionality Remote Over fl ow CVE-2008-0401 13 Feb 2008 10 (v2) Critical Pass OpenSSL 1.0.2 < 1.0.2za Vulnerability CVE-2021-3712 24 Aug 2021 7.4 (v3) High Pass NetSpy Malware Services Detection 29 Mar 2016 10 (v2) Critical Pass Juniper Junos LLDP Packet Handling Memory Corruption Vulnerability (JSA10830) CVE-2018-0007 26 Jan 2018 8.4 (v3) High Pass Apache Tomcat 7.0.x < 7.0.40 Multiple Vulnerabilities CVE-2013-2071 CVE-2013-4444 15 May 2013 3.7 (v3) Low Pass Apache Tomcat 7.0.x < 7.0.52 Content-Type DoS CVE-2014-0050 25 Feb 2014 5.3 (v3) Medium Pass Cisco Email Security Appliance (ESA) GUI Denial of Service Vulnerability CVE-2020-3164 13 Mar 2020 5.3 (v3) Medium Pass SurgeMail <= 3.0c2 Multiple XSS CVE-2005-1714 20 May 2005 4.3 (v2) Medium Pass OTRS Authenticated Remote Code Execution (OSA-2017-09) CVE-2017-16921 14 Feb 2019 8.8 (v3) High Pass Juniper Junos Key Exchange Initialization Handling Memory Exhaustion Remote DoS (JSA10837) CVE-2016-8858 26 Jan 2018 7.5 (v3) High Pass Cisco Email Security Appliance Privilege Escalation Vulnerability CVE-2018-0095 26 Jan 2018 7.8 (v3) High Pass Apache Storm < 1.1.3 / 1.2.x < 1.2.2 arbitrary fi le write vulnerability CVE-2018-8008 28 Feb 2019 5.5 (v3) Medium Pass VMware vRealize Automation Deserialization Vulnerability (VMSA-2018-0006) CVE-2017-4947 06 Feb 2018 9.8 (v3) Critical Pass Default Password ('!2345Asdfg') for 'root' Account CVE-1999-0502 06 Mar 2019 9.8 (v3) Critical Pass Mac OS X 10.10.x < 10.10.1 Multiple Vulnerabilities CVE-2014-4453 CVE-2014-4458 CVE-2014-4459 CVE-2014-4460 18 Nov 2014 6.8 (v2) Medium Pass rsh Unauthenticated Access (via fi nger Information) CVE-2012-6392 23 Apr 2000 10 (v2) Critical Pass Icecast utils.c fd_write Function Format String CVE-2001-0197 24 Jan 2001 10 (v2) Critical Pass MariaDB 10.3.1 < 10.3.2 Multiple DoS Vulnerabilities 07 Dec 2017 4.3 (v3) Medium Pass Atlassian Jira < 8.13.18 / 8.14.x < 8.20.6 / 8.21.x Authentication Bypass in Seraph (JRASERVER-73650) CVE-2022-0540 22 Apr 2022 9.8 (v3) Critical Pass Jenkins LTS < 2.319.3 / Jenkins weekly < 2.334 Multiple Vulnerabilities CVE-2021-43859 CVE-2022-0538 09 Feb 2022 7.5 (v3) High Pass pfSense < 2.2 Multiple XSS Vulnerabilities (SA-15_01) 31 Jan 2018 4.7 (v3) Medium Pass lighttpd HTTP Server Detection 06 Feb 2018 None Pass SMTP Host Information in NTLM SSP 28 Mar 2018 None Pass MySQL Eventum index.php email Parameter XSS 03 Jan 2005 4.3 (v2) Medium Pass POP3 Host Information in NTLM SSP 03 Apr 2018 None Pass Sendmail Crafted ETRN Commands Remote DoS CVE-1999-1109 11 Mar 2003 5.3 (v3) Medium Pass Cisco IOS Software IOx Application Hosting Environment (cisco-sa-iox-yuXQ6hFj) CVE-2022-20718 CVE-2022-20719 CVE-2022-20720 CVE-2022-20721 CVE-2022-20722 CVE-2022-20723 CVE-2022-20724 CVE-2022-20725 CVE-2022-20726 CVE-2022-20727 22 Apr 2022 7.5 (v3) High Pass VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2021-0016) CVE-2021-22002 CVE-2021-22003 12 Aug 2021 9.8 (v3) Critical Pass Belkin N750 Router Command Injection 10 Jul 2017 9.8 (v3) Critical Pass Wind River VxWorks < 7.0 Multiple Vulnerabilities CVE-2020-13603 CVE-2020-35198 20 Aug 2021 9.8 (v3) Critical Pass WordPress Outdated Plugin Detection 20 Jul 2017 None Pass Nonexistent Page (404) Physical Path Disclosure CVE-2001-1372 CVE-2002-0266 CVE-2002-2008 CVE-2003-0456 11 Jun 2003 5 (v2) Medium Pass NETGEAR DGN Remote Unauthenticated Command Execution 24 Oct 2017 9.8 (v3) Critical Pass SSH Compression Error Checking 06 Nov 2017 None Pass Cisco Uni fi ed CommunicationsManager Information Disclosure (cisco-sa-cucm-logging-6QSWKRYz) CVE-2021-1226 22 Jan 2021 6.5 (v3) Medium Pass Cisco IOS Smart Install Protocol Misuse (cisco-sr-20170214-smi) 06 Apr 2017 None Pass Default Password 'cat1029' for 'Wproot' Account 01 Dec 2017 9.8 (v3) Critical Pass Apache Tomcat 8.5.7 < 8.5.11 nextRequest Information Disclosure CVE-2016-8747 13 Apr 2017 7.5 (v3) High Pass Apache Tomcat 8.5.x < 8.5.13 / 9.0.x < 9.0.0.M19 Multiple Vulnerabilities CVE-2017-5647 CVE-2017-5650 CVE-2017-5651 14 Apr 2017 9.8 (v3) Critical Pass Tenable SecurityCenter PHP < 5.6.30 Multiple Vulnerabilities (TNS-2017-04) CVE-2017-11147 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10167 CVE-2016-10168 26 Jun 2017 9.8 (v3) Critical Pass OpenSSL < 0.9.6m / 0.9.7d Multiple Remote DoS CVE-2004-0079 CVE-2004-0081 CVE-2004-0112 17 Mar 2004 5 (v2) Medium Pass Oracle WebCenter Content Detection 16 Feb 2012 None Pass ZXShell Malware Services Detection 14 Oct 2014 10 (v2) Critical Pass Cisco IOS Software VPLS denial of service (cisco-sa-20170927-vpls) CVE-2017-12238 05 Oct 2017 6.5 (v3) Medium Pass Comelit Camera Detection 21 Apr 2017 None Pass Splunk Enterprise 6.4.x < 6.4.7 Multiple Vulnerabilities 27 Apr 2017 4.3 (v3) Medium Pass SSH Weak Algorithms Supported 04 Apr 2016 4.3 (v2) Medium Pass macOS 10.15.x < 10.15.2 / 10.14.x < 10.14.6 Security Update 2019-002 / 10.13.x < 10.13.6 Security Update 2019-007 CVE-2012-1164 CVE-2012-2668 CVE-2013-4449 CVE-2015-1545 CVE-2017-16808 CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 12 Dec 2019 9.8 (v3) Critical Pass MySQL 5.6.x < 5.6.39 Multiple Vulnerabilities (January 2018 CPU) CVE-2017-3737 CVE-2018-2562 CVE-2018-2573 CVE-2018-2583 CVE-2018-2590 CVE-2018-2591 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2647 CVE-2018-2665 CVE-2018-2668 CVE-2018-2696 CVE-2018-2703 17 Jan 2018 5.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2018 CPU) CVE-2017-10282 CVE-2017-12617 CVE-2018-2575 CVE-2018-2680 CVE-2018-2699 19 Jan 2018 8.1 (v3) High Pass Apache Tomcat 9.0.0.M22 < 9.0.2 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 3.7 (v3) Low Pass Apache Tomcat 8.0.0.RC1 < 8.0.50 Security Constraint Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 3.7 (v3) Low Pass Splunk Enterprise < 5.0.15 / 6.0.11 / 6.1.10 / 6.2.9 / 6.3.3.4 or Splunk Light < 6.2.9 / 6.3.3.4 Multiple Vulnerabilities (DROWN) CVE-2015-7995 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 25 Apr 2016 9.8 (v3) Critical Pass Oracle Database Server Java VM Unspeci fi ed Remote Code Execution (April 2018 CPU) CVE-2018-2841 20 Apr 2018 8.5 (v3) High Pass AirConnect Default Password CVE-1999-0508 22 May 2002 7.5 (v2) High Pass OpenSSL 1.0.2 < 1.0.2c ASN.1 Encoder Negative Zero Value Handling RCE CVE-2016-2108 04 May 2016 9.8 (v3) Critical Pass Tenable SecurityCenter < 5.7.0 Multiple Vulnerabilites (TNS-2018-11) CVE-2018-1154 CVE-2018-1155 16 Aug 2018 5.4 (v3) Medium Pass Cisco Application Policy Infrastructure Controller Stored XSS (cisco-sa-capic-scss-bFT75YrM) CVE-2021-1582 01 Sep 2021 5.4 (v3) Medium Pass Apache Struts 2.x < 2.3.4.1 Multiple Vulnerabilities (S2-010) (S2-011) CVE-2012-4386 CVE-2012-4387 11 Sep 2018 7.1 (v3) High Pass Apache Tomcat < 6.0.6 Cross-Site Scripting CVE-2007-1358 11 Jan 2019 4.3 (v3) Medium Pass PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy) CVE-2015-8879 CVE-2016-5385 CVE-2016-5399 CVE-2016-6207 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6293 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 26 Jul 2016 9.8 (v3) Critical Pass Cisco IOS XR gRPC Software Denial of Service Vulnerability CVE-2019-1711 26 Apr 2019 7.5 (v3) High Pass Juniper JSA10904 CVE-2015-1283 29 May 2019 7.3 (v3) High Pass Juniper JSA10933 CVE-2019-0041 07 Jun 2019 8.6 (v3) High Pass IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904) CVE-2018-1904 20 Jun 2019 9.8 (v3) Critical Pass Cisco Data Center Network Manager < 11.1(1) Authentication Bypass Vulnerability CVE-2019-1619 12 Jul 2019 9.8 (v3) Critical Pass MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU) CVE-2018-16890 CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2741 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2791 CVE-2019-2797 CVE-2019-2805 CVE-2019-2819 CVE-2019-2948 CVE-2019- 18 Jul 2019 9.8 (v3) Critical Pass Nortel/Bay Networks Default Password CVE-1999-0508 05 Jun 2002 7.8 (v2) High Pass Juniper JSA10943 CVE-2019-0049 05 Aug 2019 7.5 (v3) High Pass Cisco IOS Short Message Service Denial of Service Vulnerability CVE-2019-1747 23 Aug 2019 8.6 (v3) High Pass Atlassian JIRA 7.x.x < 7.13.1 / 8.0.0 Cross-Site Scripting (XSS) Vulnerability (SB18-141) CVE-2018-20827 05 Sep 2019 5.4 (v3) Medium Pass ArubaOS-Switch Ripple20 Multiple Vulnerabilities (ARUBA-PSA-2020-006) CVE-2020-11896 CVE-2020-11897 CVE-2020-11898 CVE-2020-11899 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11904 CVE-2020-11905 CVE-2020-11906 CVE-2020-11907 CVE-2020-11908 CVE-2020-11909 CVE-2020-1 30 Jun 2021 10 (v3) Critical Pass Cisco FXOS Software Command Injection Vulnerabilities (cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782) CVE-2019-1781 CVE-2019-1782 15 Oct 2019 6.7 (v3) Medium Pass Cisco TelePresence Collaboration Endpoint Software Command Injection Vulnerability (cisco-sa-20191016-tele-ce-cmdinj) CVE-2019-15274 07 Nov 2019 6.7 (v3) Medium Pass MS03-043: Bu ff er Overrun in Messenger Service (828035) (uncredentialed check) CVE-2003-0717 16 Oct 2003 10 (v2) Critical Noise TLS ALPN Supported Protocol Enumeration 17 Jul 2015 None Pass Cisco NX-OS Software Command Injection (CVE-2019-1784) CVE-2019-1784 12 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1776) CVE-2019-1776 14 Nov 2019 6.7 (v3) Medium Pass Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write (cisco-sa-20180926-ir800-memwrite) CVE-2018-15375 CVE-2018-15376 16 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612) CVE-2019-1612 18 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software CLI Command Injection Vulnerability (cisco-sa-20190306-nxos-cmdinj-1608) CVE-2019-1608 20 Dec 2019 6.7 (v3) Medium Pass DNS Server Zone Transfer Information Disclosure (AXFR) CVE-1999-0532 16 Jan 2001 5 (v2) Medium Pass MySQL 5.7.x < 5.7.29 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-5482 CVE-2020-2570 CVE-2020-2572 CVE-2020-2573 CVE-2020-2574 CVE-2020-2577 CVE-2020-2579 CVE-2020-2584 CVE-2020-2589 CVE-2020-2660 CVE-2020-2790 CVE-2020-2806 CVE-2020-2814 16 Jan 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1901) CVE-2018-1901 28 Jan 2020 8.8 (v3) High Pass IBM WebSphere Application Server Denial of Service (CVE-2019-4720) CVE-2019-4720 07 Feb 2020 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.3 Command Execution (CVE-2020-4163) CVE-2020-4163 14 Feb 2020 7.2 (v3) High Pass Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability CVE-2020-3165 09 Mar 2020 8.2 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 Privilege Escalation (CVE-2020-4276) CVE-2020-4276 02 Apr 2020 7.5 (v3) High Pass MySQL 5.6.x < 5.6.48 Multiple Vulnerabilities (Apr 2020 CPU) CVE-2020-2752 CVE-2020-2763 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2814 CVE-2020-2922 CVE-2021-2007 17 Apr 2020 3.7 (v3) Low Pass MySQL 5.7.x < 5.7.30 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-15601 CVE-2020-2760 CVE-2020-2763 CVE-2020-2765 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2922 CVE-2021-2007 CVE-2021-2144 17 Apr 2020 7.5 (v3) High Pass MySQL 8.0.x < 8.0.20 Multiple Vulnerabilities (Apr 2020 CPU) CVE-2019-15601 CVE-2020-2759 CVE-2020-2760 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2892 CVE-2020-2893 CVE-2020-2895 CVE-2020-2896 CVE-2020-2897 CVE-2020-2898 CVE-2020- 22 Jan 2021 7.5 (v3) High Pass Junos OS: Established BGP Session Termination Vulnerability (JSA10996) CVE-2020-1613 30 Apr 2020 7.5 (v3) High Pass IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 Information Disclosure (CVE-2018-1957) CVE-2018-1957 11 May 2020 5.5 (v3) Medium Pass Cisco IOS Software Secure Shell DoS (cisco-sa-ssh-dos-Un22sd2A) CVE-2020-3200 05 Jun 2020 7.7 (v3) High Pass Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection (cisco-sa-ios-iot-vds-cmd-inj-VfJtqGhE) CVE-2020-3210 10 Jun 2020 6.7 (v3) Medium Pass SMB Password Encryption Not Required 05 Jan 2016 4.3 (v2) Medium Pass Cisco IOS Internet Key Exchange Version 2 DoS (cisco-sa-ikev2-9p23Jj2a) CVE-2020-3230 26 Jun 2020 7.5 (v3) High Pass Windows NetBIOS / SMB Remote Host Report Tag 05 Nov 2018 None Pass Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Veri fi cation Bypass (cisco-sa-ios-ir800-img-verif-wHhLYHjK) CVE-2020-3208 07 Jul 2020 6.7 (v3) Medium Pass Cisco NX-OS Software CLI to Internal Service Bypass (cisco-sa-20190515-nxos-cli-bypass) CVE-2019-1726 18 Aug 2020 7.8 (v3) High Pass Lexmark MarkVision Enterprise ReportDownloadServlet Information Disclosure CVE-2014-8742 15 Jan 2015 5 (v2) Medium Pass Cisco Small Business RV340 Series Routers Firmware < 1.0.03.19 Command Injection and RCE (cisco-sa-rv-osinj-rce-pwTkPCJv) CVE-2020-3451 CVE-2020-3453 04 Sep 2020 6.8 (v3) Medium Pass Cisco IOS Software Information Disclosure (cisco-sa-info-disclosure-V4BmJBNF) CVE-2020-3477 02 Oct 2020 5.5 (v3) Medium Pass EMC vApp Manager Default Credentials CVE-2018-1216 15 Feb 2018 9.8 (v3) Critical 64

Pass Novell ZENworks ChangePassword RPC XPath Injection CVE-2015-5970 26 Feb 2016 5.3 (v3) Medium Pass MySQL 8.0.x < 8.0.23 Multiple Vulnerabilities (Jan 2021 CPU) CVE-2020-1971 CVE-2021-2002 CVE-2021-2010 CVE-2021-2011 CVE-2021-2014 CVE-2021-2021 CVE-2021-2022 CVE-2021-2024 CVE-2021-2031 CVE-2021-2032 CVE-2021-2036 CVE-2021-2038 CVE-2021-2046 CVE-2021-2048 CVE-2021-2056 CVE-2021-2 22 Jan 2021 5 (v3) Medium Pass Novell Open Enterprise Server Remote Manager (novell-nrm) POST Request Content-Length Over fl ow CVE-2005-3655 20 Jan 2006 7.5 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0009) (remote check) CVE-2013-0166 CVE-2013-0169 CVE-2013-0268 CVE-2013-0338 CVE-2013-0871 CVE-2013-2116 04 Mar 2016 6.9 (v2) Medium Pass VMware ESX / ESXi Guest OS Local Privilege Escalation (VMSA-2013-0014) (remote check) CVE-2013-3519 04 Mar 2016 7.9 (v2) High Pass Atlassian Con fl uence Server Arbitrary File Read (CVE-2021-26085) CVE-2021-26085 20 Oct 2021 5.3 (v3) Medium Pass OpenSSL Unsupported 17 Oct 2014 10 (v3) Critical Pass Tenable SecurityCenter 5.16.x / 5.17.0 Multiple Vulnerabilities (TNS-2021-03) CVE-2021-23840 CVE-2021-23841 05 Mar 2021 7.5 (v3) High Pass Cisco TelePresence Management Suite Stored XSS (cisco-sa-tms-xss-CwjZJSQc) CVE-2021-34760 27 Oct 2021 4.8 (v3) Medium Pass IBM Network Security Protection XGS Remote Code Execution (swg21690823) (credentialed check) CVE-2014-6183 02 Jan 2015 4 (v2) Medium Pass Cisco Email Security Appliance Filter Bypass (cisco-sa-ESA- fi lt-39jXvMfM) CVE-2020-3370 23 Jul 2020 5.8 (v3) Medium Pass Cisco Email Security Appliance DoS (cisco-sa-esa-tls-dos-xW53TBhb) CVE-2020-3548 04 Sep 2020 5.3 (v3) Medium Pass PHP 7.3.x < 7.3.31 Arbitrary File Write CVE-2021-21706 28 Oct 2021 6.5 (v3) Medium Pass Symantec (Blue Coat) Reporter Denial of Service vulnerability (SYMSA1280) CVE-2011-1473 23 May 2019 6.5 (v3) Medium Pass SolarWinds Orion Platform 2020.2.0 < 2020.2.6 Multiple Vulnerabilities CVE-2021-35213 CVE-2021-35215 17 Nov 2021 8.8 (v3) High Pass Cisco IOS Software DHCP Remote Code Execution Vulnerability CVE-2017-12240 02 Oct 2017 9.8 (v3) Critical Pass Cisco IOS Software CIP Multiple Vulnerabilities (cisco-sa-20170927-cip) CVE-2017-12233 CVE-2017-12234 05 Oct 2017 7.5 (v3) High Pass Microsoft Windows XP Unsupported Installation Detection 25 Mar 2014 10 (v3) Critical Pass Cyrus IMAPd NNTP AUTHINFO USER Command Parsing Authentication Bypass CVE-2011-3372 19 Dec 2011 6.4 (v2) Medium Pass VMware vCenter Operations Manager Web UI Default Credentials 10 Apr 2015 7.5 (v2) High Pass Cisco IOS Software Quality of Service Remote Code Execution Vulnerability CVE-2018-0151 29 Mar 2018 9.8 (v3) Critical Pass Cisco IOS Software Link Layer Discovery Protocol Bu ff er Over fl ow Vulnerabilities (cisco-sa-20180328-lldp) CVE-2018-0167 CVE-2018-0175 06 Apr 2018 8.8 (v3) High Pass Cisco Uni fi ed Communications Manager Java Interface SQL Injection (CSCuo17337) CVE-2014-3287 18 Jun 2014 4 (v2) Medium Pass Atlassian JIRA Server & JIRA Data Center Template Injection Vulnerability CVE-2019-11581 11 Jul 2019 9.8 (v3) Critical Pass Cisco Uni fi ed Computing System Integrated Management Controller XSRF (CSCuq45477) CVE-2014-7996 01 May 2015 6.8 (v2) Medium Pass IBM Rational License Key Server Administration and Reporting Tool 8.1.4.x < 8.1.4.7 XSS CVE-2015-1907 18 May 2015 4 (v2) Medium Pass Cisco IOS Software Integrated Services Module for VPN DoS (cisco-sa-20180328-dos) CVE-2018-0154 21 Nov 2019 7.5 (v3) High Pass Apple TV < 12.4.1 A Use-After-Free Vulnerability CVE-2019-8605 04 Dec 2019 7.8 (v3) High Pass ManageEngine Applications Manager Unsupported Version Detection 08 Jun 2015 10 (v2) Critical Pass Cisco IOS Software Internet Key Exchange Version 1 DoS (cisco-sa-20180328-ike-dos) CVE-2018-0159 27 Nov 2019 7.5 (v3) High Pass phpMoAdmin Detection 16 Jun 2015 None Pass Splunk Unsupported Version Detection 23 Jun 2015 10 (v3) Critical Pass Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability CVE-2019-1605 20 Dec 2019 7.8 (v3) High Pass Palo Alto Networks PAN-OS GlobalProtect Web Portal RCE (PAN-SA-2016-0005) CVE-2016-3657 28 Mar 2016 9.8 (v3) Critical Pass EMC Documentum D2 4.1 / 4.2.x < 4.2 P16 / 4.5.x < 4.5 P03 Multiple DQL Injection Vulnerabilities CVE-2015-0547 CVE-2015-0548 09 Jul 2015 4 (v2) Medium Pass MaraDNS Server Version Detection 11 Apr 2014 None Pass Cisco IOS Software Simple Network Management Protocol GET MIB Object ID DoS (cisco-sa-20180328-snmp) CVE-2018-0161 27 Nov 2019 6.3 (v3) Medium Pass Oracle GlassFish Server Multiple Vulnerabilities (July 2015 CPU) CVE-2014-1569 CVE-2015-2623 CVE-2015-4744 16 Jul 2015 7.5 (v2) High Pass IBM DB2 9.7 < Fix Pack 11 Multiple Vulnerabilities (Bar Mitzvah) (FREAK) (TLS POODLE) CVE-2014-0919 CVE-2014-6209 CVE-2014-6210 CVE-2014-8730 CVE-2014-8901 CVE-2014-8910 CVE-2015-0138 CVE-2015-0157 CVE-2015-1788 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 CVE-2015-2808 18 Jul 2015 7.6 (v3) High Pass Polycom SIP Detection 23 Sep 2013 None Pass Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities CVE-2009-5044 CVE-2009-5078 CVE-2012-6685 CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 CVE-2013-7040 CVE-2013-7338 CVE-2013-7422 CVE-2014-0067 CVE-2014-0106 CVE-2014-0191 CVE-2014-1912 CVE-2014-3581 CVE-2014-3 17 Aug 2015 9.3 (v2) High Pass Alcatel OmniSwitch Default Credentials (telnet) 30 Sep 2013 6.4 (v2) Medium Pass Xerox WorkCentre Multiple Unspeci fi ed Vulnerabilities (XRX13-006) 10 Oct 2013 10 (v2) Critical Pass Xerox ColorQube Multiple Unspeci fi ed Vulnerabilities (XRX13-006) 10 Oct 2013 10 (v2) Critical Pass Tenable Appliance Web Detection 17 Jul 2012 None Pass NETGEAR ReadyNAS Remote Unauthenticated Command Execution CVE-2013-2751 24 Oct 2013 9.8 (v3) Critical Pass ESXi 5.0 < Build 1197855 NFC Tra ffi c Denial of Service (remote check) CVE-2013-1661 13 Nov 2013 4.3 (v2) Medium Pass OpenVAS Administrator / Manager Authentication Bypass CVE-2013-6765 CVE-2013-6766 15 Nov 2013 7.5 (v2) High Pass SSH Weak MAC Algorithms Enabled 22 Nov 2013 2.6 (v2) Low Pass Blackboard LC3000 Laundry Reader Default Telnet Password 26 Nov 2013 10 (v2) Critical Pass ASUS RT-N13U Router Built-in Admin Telnet Account with Unchangeable Password 26 Nov 2013 10 (v2) Critical Pass ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check) CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 CVE-2011-3905 CVE-2011-3919 CVE-2012-0841 13 Nov 2013 9.3 (v2) High Pass Cisco WAAS Mobile Server Web Administration Interface Detection 07 Jan 2014 None Pass ScMM DSL Modem/Router Backdoor Detection CVE-2014-0659 06 Jan 2014 10 (v2) Critical Pass ESXi 5.5 < Build 1474526 File Descriptors Privilege Escalation (remote check) CVE-2013-5973 31 Dec 2013 4.4 (v2) Medium Pass OpenSSL 1.0.0 < 1.0.0l DTLS Security Bypass CVE-2013-6450 08 Jan 2014 5.8 (v2) Medium Pass HP Intelligent Management Center Web Administration Interface Default Credentials 09 Jan 2014 7.5 (v2) High Pass NETGEAR DGN2200 Multiple Vulnerabilities 05 Mar 2014 8.8 (v3) High Pass Cisco TelePresence ISDN Gateway D-Channel DoS CVE-2014-0660 28 Jan 2014 7.1 (v2) High Pass Alvarion Multiple Products Default Telnet Credentials 31 Jan 2014 10 (v2) Critical Pass SAProuter Remote Authentication Bypass (Note 1853140) CVE-2013-7093 03 Feb 2014 5 (v2) Medium Pass Emerson Network Power Avocent MergePoint Unity KVM Switch < 1.14 / 1.18 download.php fi lename Parameter Directory Traversal CVE-2013-6030 05 Feb 2014 5 (v2) Medium Pass Geeklog auth.inc.php loginname Parameter SQL Injection CVE-2006-2700 31 May 2006 5.1 (v2) Medium Pass Nortel CS Signaling Server Default Admin Credentials 20 Feb 2014 9.8 (v3) Critical Pass CoSoSys Endpoint Protector < 4.4.0.1 Unspeci fi ed XSS 24 Feb 2014 4.3 (v2) Medium Pass Anonymous SFTP Enabled 24 Feb 2014 None Pass Adobe Connect < 9.5.7 event_registration.html Multiple Parameter XSS (APSB16-35) CVE-2016-7851 14 Nov 2016 6.1 (v3) Medium Pass DNS Server Version Detection 03 Mar 2014 None Pass Xerox ColorQube ConnectKey Controller Multiple Unspeci fi ed Vulnerabilities (XRX14-001) 19 Feb 2014 10 (v2) Critical Pass IBM Rational Focal Point RequestAccessController Servlet File Disclosure CVE-2013-5398 06 Mar 2014 3.3 (v2) Low Pass activePDF Server < 3.8.6 Packet Handling Remote Over fl ow CVE-2007-5397 05 Mar 2008 10 (v2) Critical Pass Veritas Storage Foundation Multiple Service Remote DoS (SYM08-004) CVE-2007-4516 CVE-2008-0638 15 Apr 2008 3.3 (v2) Low Pass Cisco ONS 15454 Controller Card DoS (CSCun06870) CVE-2014-2142 10 Apr 2014 5 (v2) Medium Pass MS07-062: Vulnerability in DNS Could Allow Spoo fi ng (941672) (uncredentialed check) CVE-2007-3898 05 Mar 2014 6.4 (v2) Medium Pass Oracle WebLogic Server mod_wl Invalid Parameter Remote Over fl ow (1150354) CVE-2008-4008 16 Nov 2008 10 (v2) Critical Pass Atmail Webmail < 6.5.0 'DOM processor' XSS 18 Apr 2014 4.3 (v2) Medium Pass Apple iTunes < 12.10.3 Multiple Vulnerabilities (uncredentialed check) CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-8848 CVE-2019-15903 27 Dec 2019 8.8 (v3) High Pass Cisco Network Registrar 7.1 DHCPv6 DoS (CSCuo07437) CVE-2014-2155 29 Apr 2014 5 (v2) Medium Pass ACC Tigris Access Terminal Con fi guration Disclosure CVE-1999-0383 21 Mar 2000 6.4 (v2) Medium Pass Multiple Vendor SNMP public Community String Information Disclosure 19 May 2014 5 (v2) Medium Pass Web Server on Extended Support 11 Jun 2014 None Pass Brocade Fabric OS Default Credentials 16 Jun 2014 9.8 (v3) Critical Pass RSP Detection 27 Sep 2010 None Pass Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure CVE-2013-0169 14 Jul 2014 2.6 (v2) Low Pass HP Intelligent Management Center 7.x < 7.0-E0202P03 Multiple Vulnerabilities CVE-2014-2618 CVE-2014-2619 CVE-2014-2620 CVE-2014-2621 CVE-2014-2622 21 Jul 2014 8.5 (v2) High Pass HP BladeSystem c-Class Onboard Administrator 4.11 / 4.20 Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 15 Jul 2014 7.5 (v3) High Pass Junos OS: Path traversal vulnerability in J-Web (JSA10985) CVE-2020-1606 17 Jan 2020 5.4 (v3) Medium Pass WebTitan Web Interface Default Credentials 24 Jul 2014 7.5 (v2) High Pass CODESYS WAGO WebVisu Password Information Disclosure Vulnerability 25 Aug 2014 5 (v2) Medium Pass CODESYS WAGO WebVisu Detection 25 Aug 2014 None Pass OS Identi fi cation : NTP 19 May 2007 None Pass Unsupported Cisco MXP Series Device CVE-2014-3362 19 Sep 2014 7.8 (v2) High Pass Silver Peak NX Detection 25 Sep 2014 None Pass Cisco HyperFlex HX Command Injection Direct Check (cisco-sa-hyper fl ex-rce-TjjNrkpR) CVE-2021-1497 CVE-2021-1498 26 May 2021 9.8 (v3) Critical Pass IBM Jazz Team Server Session Cookie Information Disclosure CVE-2014-3092 06 Oct 2014 5 (v2) Medium Pass CommuniGate Pro LISTS Module Malformed Multipart Message DoS CVE-2005-1007 06 Apr 2005 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.6 DHCP Packet Handling Dataplane DoS 07 Jul 2016 5 (v2) Medium Pass Unprotected Telnet Service 13 Nov 2014 10 (v2) Critical Pass DNN (DotNetNuke) Detection 02 Dec 2009 None Pass Embedded HP Web Server Detected 13 Aug 2018 None Pass ARRIS Touchstone Cable Modem Detection 07 Nov 2014 None Pass Western Digital ShareSpace Detection 18 Jul 2012 None Pass Apache Hadoop YARN ResourceManager Web Interface 20 Sep 2018 None Pass Horde Kronolith Detection 07 Aug 2012 None Pass EMail Security Virtual Appliance Detection 06 Sep 2012 None Pass Atlassian Con fl uence VelocityServlet Error Page XSS 27 Sep 2012 4.3 (v2) Medium Pass AXIS Camera Unsecured Feed Detection 21 Feb 2019 None Pass MapServer for Windows (MS4W) Detection 01 Nov 2012 None Pass Traq Detection 12 Nov 2012 None Pass PHP 5.6.x < 5.6.38 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass Apple TV < 13.3 Multiple Vulnerabilities CVE-2019-8828 CVE-2019-8830 CVE-2019-8832 CVE-2019-8833 CVE-2019-8835 CVE-2019-8836 CVE-2019-8838 CVE-2019-8844 CVE-2019-8846 CVE-2019-8848 CVE-2019-15903 13 Dec 2019 8.8 (v3) High Pass Juniper Junos SRX Series Upgrade Handling Local Root Authentication Bypass (JSA10753) CVE-2016-1278 22 Jul 2016 7.2 (v2) High 65

Pass Uploader Plugin for WordPress File Upload Arbitrary Code Execution 28 Jan 2013 8.8 (v3) High Pass Ekiga SIP Detection 04 Feb 2013 None Pass ImpressPages Detection 19 Feb 2013 None Pass Oracle Application Express (Apex) Unspeci fi ed Issues (pre 3.0.1) CVE-2007-3860 20 Feb 2013 7.5 (v2) High Pass Foscam Detection 24 Mar 2013 None Pass Eye-Fi Helper < 3.4.23 Directory Traversal CVE-2011-4696 26 Mar 2013 4.3 (v2) Medium Pass Plesk Horde Detection 22 Apr 2013 7.5 (v2) High Pass Novell iManager Unsupported Version 19 Apr 2013 10 (v2) Critical Pass Novell iManager Detection 19 Apr 2013 None Pass CODESYS V2 Web Server Improperly Implemented Security Check (2021-07) CVE-2021-30192 27 Jul 2021 9.8 (v3) Critical Pass OpenAM RCE (CVE-2021-35464) CVE-2021-35464 29 Jul 2021 9.8 (v3) Critical Pass Cisco Content Security Management Appliance (SMA) GUI Denial of Service Vulnerability CVE-2020-3164 13 Mar 2020 5.3 (v3) Medium Pass ESXi 5.1 < Build 1312873 File Descriptors Privilege Escalation (remote check) CVE-2013-5973 31 Dec 2013 4.4 (v2) Medium Pass Greenstone Detection 31 May 2013 None Pass SolusVM Detection 24 Jun 2013 None Pass php-Charts wizard/index.php PHP Execution 03 Jul 2013 7.5 (v2) High Pass php-Charts Detection 03 Jul 2013 None Pass Cisco TelePresence Supervisor MSE 8050 TCP Connection Request Saturation Remote DoS CVE-2013-1236 23 Jul 2013 7.8 (v2) High Pass EMC RSA Archer 6.1.x, 6.2.x, 6.3.x < 6.3.0.7 and 6.4.x < 6.4.0.1 SQL Injection Vulnerability CVE-2018-11065 31 Aug 2018 4.3 (v3) Medium Pass paFileDB sessions Directory Admin Hashed Password Disclosure CVE-2004-1219 06 Dec 2004 5 (v2) Medium Pass TrustPort WebFilter help.php hf Parameter Directory Traversal CVE-2013-5301 13 Aug 2013 7.8 (v2) High Pass Bu ff alo Router Web Interface Detection 04 Aug 2021 None Pass X7 Chat upgradev1.php old_pre fi x Parameter SQL Injection CVE-2006-3851 25 Jul 2006 7.5 (v2) High Pass Meeting Room Booking System Detection 18 Oct 2010 None Pass IBM RSA Default Credentials 26 Oct 2010 10 (v2) Critical Pass VMware Harbor Information Disclosure (CVE-2020-29662) CVE-2020-29662 05 Aug 2021 5.3 (v3) Medium Pass HP Systems Insight Manager Detection 10 Nov 2010 None Pass Anti-Nessus Defense Detection 19 Feb 2003 None Pass GitLab Web UI Detection 11 Aug 2021 None Pass Cisco EPN Manager Detection (Web UI) 12 Aug 2021 None Pass PHP Live! directory/conf File Include Unspeci fi ed Issue CVE-2004-2485 09 Dec 2004 7.5 (v2) High Pass phpMyAdmin < 2.6.1-rc1 Multiple Remote Vulnerabilities CVE-2004-1147 CVE-2004-1148 13 Dec 2004 5.1 (v2) Medium Pass Site fi nity CMS Arbitrary File Upload 10 Dec 2010 7.5 (v2) High Pass MySQL 8.0.x < 8.0.22 Multiple Vulnerabilities (Oct 2020 CPU) CVE-2020-14672 CVE-2020-14765 CVE-2020-14769 CVE-2020-14771 CVE-2020-14773 CVE-2020-14775 CVE-2020-14776 CVE-2020-14777 CVE-2020-14785 CVE-2020-14786 CVE-2020-14789 CVE-2020-14790 CVE-2020-14791 CVE-2020-14793 CVE-2020-1 22 Oct 2020 8 (v3) High Pass Well-known SSL Certi fi cate Used in Remote Device 21 Dec 2010 5.8 (v2) Medium Pass PHP < 4.3.10 / 5.0.3 Multiple Vulnerabilities CVE-2004-1018 CVE-2004-1019 CVE-2004-1020 CVE-2004-1063 CVE-2004-1064 CVE-2004-1065 15 Dec 2004 7.5 (v2) High Pass Majordomo Detection 16 Feb 2011 None Pass Micro Focus Enterprise Administration Server Authentication Check 01 Feb 2011 7.5 (v2) High Pass CGI Generic XSS (Parameters Names) 14 Feb 2011 4.3 (v2) Medium Pass MODx 'ucfg' Parameter Arbitrary File Access CVE-2010-3930 14 Feb 2011 5 (v2) Medium Pass MySQL Eventum forgot_password.php XSS 22 Feb 2011 4.3 (v2) Medium Pass Atlassian Con fl uence Server Webwork OGNL Injection (CVE-2021-26084) CVE-2021-26084 07 Sep 2021 9.8 (v3) Critical Pass CGI Generic XSS (persistent, 3rd Pass) 01 Mar 2011 4.3 (v2) Medium Pass phpwcms spaw_control.class.php spaw_root Parameter Remote File Inclusion CVE-2006-2519 23 May 2006 2.6 (v2) Low Pass vsftpd Detection 17 Mar 2011 None Pass ManageEngine ADManager Plus Detection 09 Sep 2021 None Pass MS11-020: Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) (remote check) CVE-2011-0661 20 Apr 2011 10 (v2) Critical Pass Trend Micro Data Loss Prevention Virtual Appliance Web Console Detection 29 Jun 2011 None Pass ManageEngine SupportCenter Plus Detection 28 Jun 2011 None Pass Cisco Content Security Management Appliance HTTP Header Injection Vulnerability CVE-2020-3117 31 Jan 2020 4.7 (v3) Medium Pass phpGroupWare <= 0.9.16.003 Multiple Vulnerabilities CVE-2004-1383 CVE-2004-1384 CVE-2004-1385 16 Dec 2004 7.5 (v2) High Pass SolarWinds Orion Platform 2019.2 HF4 / 2019.4.2 / 2020.2.5 HF1 / 2020.2.6 / 2020.2.6 SQLI CVE-2021-35212 17 Nov 2021 8.8 (v3) High Pass ZeroBoard < 4.1pl5 Multiple Remote Vulnerabilities CVE-2004-1419 CVE-2004-2738 28 Dec 2004 6.8 (v2) Medium Pass e107 Image Manager Unauthorized File Upload CVE-2004-2262 28 Jan 2013 8.8 (v3) High Pass Oracle HTTP Server Version 21 Nov 2011 None Pass FTPS Cleartext Fallback Security Bypass 13 Dec 2011 5.8 (v2) Medium Pass FlatNuke index.php url_avatar Field Arbitrary PHP Code Execution CVE-2005-0267 CVE-2005-0268 04 Jan 2005 7.5 (v2) High Pass GNU Mailman Multiple Unspeci fi ed Remote Vulnerabilities 12 Jan 2005 7.5 (v2) High Pass op5 Portal Detection 17 Jan 2012 None Pass Small SSH RSA Key 25 Jan 2012 8.1 (v3) High Pass Apple iTunes < 12.12 Multiple Vulnerabilities (uncredentialed check) CVE-2021-30835 CVE-2021-30847 CVE-2021-30849 04 Oct 2021 7.8 (v3) High Pass Simple PHP Blog comments.php Traversal Arbitrary File Access CVE-2005-0214 12 Jan 2005 7.8 (v2) High Pass ClearSpace Detection 27 Apr 2009 None Pass Apache-SSL ExpandCert() Function Certi fi cate Handling Arbitrary Environment Variables Manipulation CVE-2008-0555 03 Apr 2008 7.3 (v3) High Pass Jenkins Git Plugin < 4.8.3 / Jenkins LTS < 2.303.2 / Jenkins weekly < 2.315 Multiple Vulnerabilities (Deprecated) CVE-2014-3577 CVE-2021-21682 CVE-2021-21683 CVE-2021-21684 07 Oct 2021 5.8 (v2) Medium Pass OS Identi fi cation : SMTP 13 Feb 2012 None Pass PeerCast servhs.cpp handshakeHTTP Function SOURCE Request Remote Over fl ow CVE-2007-6454 18 Dec 2007 7.5 (v2) High Pass Astaro Security Gateway Detection 23 Feb 2012 None Pass Cisco TelePresence Collaboration Endpoint DoS (cisco-sa-tpce-rmos-mem-dos-rck56tT) CVE-2021-34758 08 Oct 2021 3.3 (v3) Low Pass BNBT EasyTracker Malformed GET Request Remote DoS CVE-2005-2806 31 Aug 2005 5 (v2) Medium Pass Citrix XenServer Workload Balancer Detection 13 Apr 2012 None Pass ArubaOS 6.3.1.11 / 6.4.2.1 SSH Authentication Bypass CVE-2014-7299 16 Oct 2014 7.5 (v2) High Pass OpenSSL 1.0.1 < 1.0.1c TLS/DTLS CBC Denial of Service CVE-2012-2333 11 May 2012 5 (v2) Medium Pass phpGroupWare index.php Calendar Date XSS CVE-2004-2574 12 Jan 2005 4.3 (v2) Medium Pass Cisco Small Business RV Series Routers Multiple Vulnerabilities (cisco-sa-smb-mult-vuln-KA9PK6D) CVE-2022-20699 CVE-2022-20700 CVE-2022-20701 CVE-2022-20702 CVE-2022-20703 CVE-2022-20704 CVE-2022-20705 CVE-2022-20706 CVE-2022-20707 CVE-2022-20708 CVE-2022-20709 CVE-2022-20710 CVE-2022-20711 CVE-2022-20712 CVE-2022-2 03 Feb 2022 9.8 (v3) Critical Pass ownCloud Web Interface Detection 27 Jun 2012 None Pass MyBB member.php 'uid' Parameter SQLi CVE-2005-0282 12 Jan 2005 7.5 (v2) High Pass Horde < 3.0.1 Multiple Script XSS CVE-2005-0378 13 Jan 2005 4.3 (v2) Medium Pass Siteman forum.php page Parameter XSS 14 Jan 2005 4.3 (v2) Medium Pass Novell GroupWise 6.5.3 WebAccess Multiple XSS 15 Jan 2005 4.3 (v2) Medium Pass ZeroBoard Multiple Scripts dir Parameter Remote File Inclusion CVE-2005-0380 17 Jan 2005 7.5 (v2) High Pass Gallery login.php username Parameter XSS CVE-2005-0220 18 Jan 2005 4.3 (v2) Medium Pass DD-WRT HTTP Daemon Metacharacter Injection Remote Code Execution CVE-2009-2765 23 Jul 2009 8.3 (v2) High Pass AWStats awstats.pl con fi gdir Parameter Arbitrary Command Execution CVE-2005-0116 18 Jan 2005 7.5 (v2) High Pass phpBB < 2.0.11 Multiple Vulnerabilities (ESMARKCONANT) CVE-2004-1315 18 Jan 2005 7.3 (v3) High Pass Google Analytics on An Internal Web Server Detection 21 Aug 2009 None Pass ISC BIND 9 Dynamic Update Handling Remote DoS (intrusive check) CVE-2009-0696 31 Jul 2009 5 (v2) Medium Pass phpSANE fi le_save Parameter Remote File Include CVE-2009-3188 28 Aug 2009 7.5 (v2) High Pass PHP-Fusion < 6.00.110 Multiple Scripts SQL Injection CVE-2005-3157 CVE-2005-3158 CVE-2005-3160 CVE-2005-3161 12 Oct 2005 6.8 (v2) Medium Pass WebGUI < 6.7.6 Asset.pm Asset Addition Arbitrary Code Execution CVE-2005-4694 17 Oct 2005 7.5 (v2) High Pass ViewVC Detection 03 Nov 2009 None Pass LDAP Service STARTTLS Command Support 30 Oct 2009 None Pass vBulletin includes/init.php Unspeci fi ed Vulnerability 18 Jan 2005 7.5 (v2) High Pass phpMyWebHosting Authentication SQL Injection CVE-2004-2218 19 Jan 2005 7.3 (v3) High Pass sslh Detection 12 Nov 2009 None Pass eMule IRC Module / Web Server DecodeBase16 Function Remote Over fl ow CVE-2004-1892 17 Nov 2009 7.5 (v2) High Pass pfSense 2.3.x <= 2.3.5-p2 / 2.4.x < 2.4.4 Multiple Vulnerabilities (SA-18_06 / SA-18_07 / SA-18_08) CVE-2018-3620 CVE-2018-3646 CVE-2018-6922 CVE-2018-6923 CVE-2018-6924 CVE-2018-14526 CVE-2018-15473 CVE-2018-16055 27 Dec 2018 8.8 (v3) High Pass Oracle Database Multiple Vulnerabilities (January 2005 CPU) CVE-2004-0637 CVE-2004-0638 CVE-2004-1362 CVE-2004-1363 CVE-2004-1364 CVE-2004-1365 CVE-2004-1366 CVE-2004-1367 CVE-2004-1368 CVE-2004-1369 CVE-2004-1370 CVE-2004-1371 19 Jan 2005 7.5 (v2) High Pass phpLDAPadmin Detection 23 Dec 2009 None Pass Cisco FXOS Software Cisco Fabric Services Arbitrary Code Execution (cisco-sa-20180620-fxnxos-ace) CVE-2018-0304 14 Jul 2020 9.8 (v3) Critical Pass HP Web Jetadmin Detection 28 Jan 2010 None Pass PHPLinks Multiple Input Validation Vulnerabilities 19 Jan 2005 7.3 (v3) High Pass MySQL 8.0.x < 8.0.27 Multiple Vulnerabilities (Oct 2021 CPU) CVE-2021-2478 CVE-2021-2479 CVE-2021-2481 CVE-2021-3711 CVE-2021-22926 CVE-2021-35546 CVE-2021-35575 CVE-2021-35577 CVE-2021-35591 CVE-2021-35596 CVE-2021-35597 CVE-2021-35602 CVE-2021-35604 CVE-2021-35607 CVE-2021-35608 20 Oct 2021 9.8 (v3) Critical Pass ClamAV Antivirus Detection and Status 28 Apr 2010 10 (v2) Critical Pass SquirrelMail < 1.4.4 Multiple Vulnerabilities CVE-2005-0075 CVE-2005-0103 CVE-2005-0104 24 Jan 2005 4.3 (v2) Medium Pass GForge Multiple Script Traversal Arbitrary Directory Listing CVE-2005-0299 21 Jan 2005 5 (v2) Medium Pass HP System Management Homepage < 6.1.0.102 / 6.1.0-103 Multiple Vulnerabilities CVE-2009-3555 19 May 2010 6.5 (v3) Medium Pass NolaPro Detection 24 May 2010 None Pass TikiWiki Detection 27 May 2010 None Pass IBM DB2 9.7 < Fix Pack 2 Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3555 CVE-2010-0462 CVE-2010-0472 CVE-2010-3193 CVE-2010-3194 CVE-2010-3195 CVE-2010-3196 CVE-2010-3197 CVE-2011-0757 01 Jun 2010 6.5 (v3) Medium Pass Apache Tomcat JSP2 Examples XSS CVE-2005-4838 13 Jul 2010 5.3 (v3) Medium Pass XLight FTP Server 3.x SFTP Directory Traversal CVE-2010-2695 08 Jul 2010 6.5 (v2) Medium 66

Pass Apple iTunes < 9.2.1 'itpc:' Bu ff er Over fl ow (uncredentialed check) CVE-2010-1777 20 Jul 2010 9.3 (v2) High Pass Splunk Web Detection 07 Jul 2010 None Pass Mongoose URI Trailing Slash Request Source Code Disclosure CVE-2009-4535 30 Jul 2010 5 (v2) Medium Pass phpPgAds dest Parameter HTTP Response Splitting 29 Jan 2005 4.3 (v2) Medium Pass Miscon fi gured SOCKS fi ltering 23 Aug 2010 5 (v2) Medium Pass Device Information (devinfo.xml) 04 Sep 2010 None Pass vBulletin BB Tag XSS 31 Jan 2005 2.6 (v2) Low Noise External URLs 04 Oct 2010 None Pass PHP/FI php.cgi Traversal Arbitrary File Access CVE-1999-0238 22 Jun 1999 5 (v2) Medium Pass Default Password (nagiosxi) for 'root' Account CVE-1999-0502 06 Oct 2010 9.8 (v3) Critical Pass F5 BIG-IP Web Management Interface Version 11 Feb 2008 None Pass F5 BIG-IP Web Management Multiple XSS CVE-2008-0265 CVE-2008-0539 11 Feb 2008 4.3 (v2) Medium Pass Microsoft IIS .HTR ISAPI Filter Enabled CVE-2002-0071 10 Apr 2002 7.5 (v2) High Pass GNUnet Detection (Client Interface) 12 Mar 2008 None Pass Apache mod_imap Image Map Referer XSS CVE-2005-3352 25 Mar 2008 4.3 (v2) Medium Pass solidDB Detection 28 Mar 2008 None Pass HP OpenView Performance Insight sendEmail.jsp XSS CVE-2011-2410 12 Aug 2011 4.3 (v2) Medium Pass Xoops Incontent Module Traversal Arbitrary PHP File Source Disclosure 01 Feb 2005 5 (v2) Medium Pass Symantec pcAnywhere Access Server Detection 06 May 2008 None Pass Django Administration Application Login Form XSS CVE-2008-2302 15 May 2008 4.3 (v2) Medium Pass McAfee Common Management Agent Detection 21 May 2008 None Pass Oracle Application Server Portal 10g Authentication Bypass CVE-2008-2138 29 May 2008 5 (v2) Medium Pass Mambo Global Variables Unauthorized Access 04 Feb 2005 8.3 (v3) High Pass PHP-Fusion < 5.00 viewthread.php Arbitrary Message Thread / Forum Access CVE-2005-0345 09 Feb 2005 5 (v2) Medium Pass Network Camera Web Server Detection 17 Jul 2008 None Pass Openlink Virtuoso Server Default Credentials 25 Jul 2008 7.5 (v2) High Pass .svn/entries Disclosed via Web Server 05 Aug 2008 5 (v2) Medium Pass Adobe Dreamweaver dwsync.xml Remote Information Disclosure 18 Aug 2008 5.3 (v3) Medium Pass IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.3 Clickjacking (6559044) CVE-2021-39038 03 Mar 2022 5.4 (v3) Medium Pass Network Notary Server Detection 21 Oct 2008 None Pass Dropbear SSH Server svr_ses.childpidsize Remote Over fl ow CVE-2005-4178 13 Nov 2008 9 (v2) High Pass Polycom Videoconferencing Unit Detection 21 Nov 2008 None Pass WordPress wp-includes/feed.php self_link() Function Host Header RSS Feed XSS CVE-2008-5278 02 Dec 2008 4.3 (v2) Medium Pass Sun Java System Identity Manager Detection 15 Dec 2008 None Pass Universal Plug and Play (UPnP) Protocol Detection 19 Feb 2009 None Pass Mono ASP.NET action Attribute XSS CVE-2008-3422 30 Jan 2009 4.3 (v2) Medium Pass Juniper Junos MAC Move Limit Tra ffi c Handling Remote DoS (JSA10833) CVE-2018-0005 26 Jan 2018 7.5 (v3) High Pass Coppermine Photo Gallery keysToSkip Parameter Overwrite 04 Mar 2009 6.8 (v2) Medium Pass Skype Extras Manager Unspeci fi ed Vulnerability (uncredentialed check) CVE-2009-4741 15 Oct 2009 6.8 (v2) Medium Pass lighttpd PHP File Trailing Slash Request Source Disclosure 03 Jun 2009 4.3 (v2) Medium Pass Mailman private.py true_path Function Traversal Arbitrary File Access CVE-2005-0202 10 Feb 2005 3.5 (v2) Low Pass NetSphere Backdoor Detection 08 Jul 1999 10 (v2) Critical Pass vBulletin forumdisplay.php comma Parameter Arbitrary Command Execution CVE-2005-0429 14 Feb 2005 6.8 (v2) Medium Pass AWStats Multiple Remote Vulnerabilities (Cmd Exec, Traversal, ID) CVE-2005-0436 CVE-2005-0437 CVE-2005-0438 14 Feb 2005 7.5 (v2) High Pass Rio Karma MP3 Player File Upload Service Detection 15 Feb 2005 None Pass Kayako eSupport index.php nav Parameter XSS CVE-2005-0487 16 Feb 2005 4.3 (v2) Medium Pass DCP-Portal Multiple Scripts SQL Injection CVE-2005-0454 CVE-2005-3365 CVE-2005-4227 16 Feb 2005 7.5 (v2) High Pass SyGate Backdoor Detection CVE-2000-0113 29 Jan 2000 7.2 (v2) High Pass SSH Server Type and Version Information 12 Oct 1999 None Pass phpBB <= 2.0.11 Multiple Vulnerabilities CVE-2005-0258 CVE-2005-0259 23 Feb 2005 5 (v2) Medium Pass Telnet Server Detection 12 Oct 1999 None Pass WFTP Unpassworded Guest Account CVE-1999-0200 22 Jun 1999 9.8 (v3) Critical Pass Arugizer Backdoor Detection CVE-2010-0103 08 Mar 2010 10 (v2) Critical Pass AMANDA Client Version 14 Jul 2000 None Pass AnalogX SimpleServer:WWW Encoded Traversal Arbitrary File Access CVE-2000-0664 06 Aug 2000 5 (v2) Medium Pass SNMP Query Running Process List Disclosure 13 Nov 2000 None Pass ISC BIND < 8.2.2-P7 Compressed ZXFR Name Service Query DoS CVE-2000-0887 12 Nov 2000 7.8 (v2) High Pass Sendmail mime7to8() Function Remote Over fl ow CVE-1999-0206 06 Jan 2001 9.8 (v3) Critical Pass ISC BIND < 4.9.8 / 8.2.3 Multiple Remote Over fl ows CVE-2001-0010 CVE-2001-0011 CVE-2001-0012 CVE-2001-0013 29 Jan 2001 10 (v2) Critical Pass Lion Worm Detection 05 Apr 2001 10 (v2) Critical Pass Orange Web Server Malformed HTTP Request Remote DoS CVE-2001-0647 25 Mar 2001 5 (v2) Medium Pass Oracle Database Listener Program (tnslsnr) Service Blank Password 03 May 2001 5 (v2) Medium Pass Resin Traversal Arbitrary File Access CVE-2001-0304 17 Apr 2001 5 (v2) Medium Pass Apple Filing Protocol Server Detection 12 May 2001 None Pass Apache Zookeeper Server Detection 31 May 2018 None Pass vBulletin misc.php template Parameter PHP Code Injection CVE-2005-0511 24 Feb 2005 5.1 (v2) Medium Pass iPlanet Certi fi cate Management Traversal Arbitrary File Access CVE-2000-1075 29 May 2001 5 (v2) Medium Pass phpMyAdmin < 2.6.1 pl2 Libraries and Themes Multiple XSS CVE-2005-0543 25 Feb 2005 4.3 (v2) Medium Pass phpMyAdmin < 2.6.1 pl1 Multiple Script File Inclusions CVE-2005-0567 25 Feb 2005 5.1 (v2) Medium Pass phpWebSite Image Announcement Upload Arbitrary Command Execution CVE-2005-0565 25 Feb 2005 7.5 (v2) High Pass ZyXEL Router Default Telnet Password Present CVE-1999-0571 13 Aug 2001 10 (v2) Critical Pass MySQL Server Detection 13 Aug 2001 None Pass Samba NETBIOS Name Traversal Arbitrary Remote File Creation CVE-2001-1162 17 Oct 2001 10 (v2) Critical Pass WebDAV Detection 20 Mar 2003 None Pass UPnP Client Detection 29 Dec 2001 None Pass CDE Subprocess Control Service (dtspcd) Detection 15 Dec 1999 None Noise SSL Certi fi cate Information 19 May 2008 None Pass Oracle Application Server XSQLServlet XSQLCon fi g.xml Information Disclosure CVE-2002-0568 07 Feb 2002 2.1 (v2) Low Pass RemotelyAnywhere SSH Detection 25 Mar 2002 None Pass phpBB <= 2.0.12 Multiple Vulnerabilities CVE-2005-0603 CVE-2005-0614 28 Feb 2005 7.5 (v2) High Pass CubeCart < 2.0.5 Multiple Vulnerabilities CVE-2005-0442 CVE-2005-0443 28 Feb 2005 5 (v2) Medium Pass BEA WebLogic Null Byte Request JSP Source Disclosure 02 May 2002 5 (v2) Medium Pass Zaurus PDA FTP Server Unpassworded root Account CVE-2002-1974 11 Jul 2002 9.8 (v3) Critical Pass AnalogX SimpleServer:WWW Bu ff er Over fl ow CVE-2002-0968 30 Jun 2002 7.5 (v2) High Pass Worldspan for Windows Gateway Res Manager Port 17990 Malformed Request DoS CVE-2002-1029 19 Jul 2002 5 (v2) Medium Pass EFTP Nonexistent File Request Installation Directory Disclosure 18 Aug 2002 4.3 (v3) Medium Pass Nortel/Bay Networks/Xylogics Annex Default Password 18 Jan 2003 7.8 (v2) High Pass writesrv Service Detection 08 Feb 2003 None Pass Cisco VPN Concentrator Invalid Login DoS (CSCdu82823) CVE-2001-0427 01 Mar 2003 7.5 (v3) High Pass smtpscan SMTP Fingerprinting 20 Mar 2003 None Pass RSA ClearTrust ct_logon.asp Multiple Parameter XSS 15 Mar 2003 4.3 (v2) Medium Pass Microsoft ActiveSync WideCharToMultiByte() Function NULL Dereference Remote DoS 22 Mar 2003 5 (v2) Medium Pass NETGEAR ProSafe VPN Firewall Web Server Malformed Basic Authorization Header Remote DoS (intrusive check) 25 Mar 2003 5.8 (v3) Medium Pass Bugzilla Software Detection 24 Mar 2003 None Pass My Guest Book (myGuestBk) Multiple Vulnerabilities 27 Mar 2003 7.5 (v2) High Pass Super Guestbook superguestcon fi g Admin Password Disclosure 14 Apr 2003 5 (v2) Medium Pass Coppermine Photo Gallery EXIF Data XSS CVE-2005-2676 27 Aug 2005 4.3 (v2) Medium Pass Ocean12 ASP Guestbook Manager Database Download 07 May 2003 5 (v2) Medium Pass NetCharts Server Default Password 07 May 2003 7.5 (v2) High Pass PostNuke <= 0.760 RC2 Multiple Vulnerabilities CVE-2005-0615 CVE-2005-0616 CVE-2005-0617 01 Mar 2005 7.5 (v2) High Pass Horde Turba status.php Path Disclosure 21 May 2003 5 (v2) Medium Pass Eserv Web Server /? Request Forced Directory Listing 27 May 2003 5 (v2) Medium Pass php-proxima autohtml.php Arbitrary File Retrieval CVE-2003-0294 14 May 2003 5 (v2) Medium Pass Philboard philboard_admin.ASP Authentication Bypass 02 Jun 2003 7.5 (v2) High Pass JBoss %00 Request JSP Source Disclosure 03 Jun 2003 5 (v2) Medium Pass Spyke Multiple Remote Vulnerabilities 09 Jun 2003 5 (v2) Medium Pass RADIUS Server Detection 14 Jun 2003 None Pass PostNuke Glossary Module page Parameter SQL Injection 17 Jun 2003 7.5 (v2) High Pass pod.board 1.1 Multiple Script XSS 18 Jun 2003 4.3 (v2) Medium Pass Linksys WRT54G Empty GET Request Remote DoS 04 Dec 2003 5.3 (v3) Medium Pass DCN HELLO detection 29 Oct 2003 None Pass INN < 2.4.1 Control Message Handling Code Over fl ow CVE-2004-0045 08 Jan 2004 7.5 (v2) High 67

Pass Sasser Virus Detection 01 May 2004 10 (v2) Critical Pass VMware Carbon Black App Control Unsupported Version Detection 29 Jun 2021 10 (v3) Critical Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M7 multiple vulnerabilities CVE-2020-13934 CVE-2020-13935 21 Jun 2021 7.5 (v3) High Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M10 multiple vulnerabilities CVE-2020-17527 CVE-2021-24122 21 Jun 2021 7.5 (v3) High Pass osTicket Detection 30 Jul 2004 None Pass Hydra: SMB 01 Dec 2004 8.3 (v3) High Pass Open WebMail Detection 10 Jul 2004 None Pass ignitionServer SERVER Command Spoofed Server Saturation DoS 26 Aug 2004 5 (v2) Medium Pass AWStats Totals awstatstotals.php multisort() Function sort Parameter Arbitrary PHP Code Execution CVE-2008-3922 27 Aug 2008 7.5 (v2) High Pass IlohaMail Software Detection 02 Sep 2004 None Pass Liferay Portal 7.3.x < 7.3.6 Information Disclosure CVE-2021-29052 13 Jul 2021 4.3 (v3) Medium Pass identd Service UID Association 07 Sep 2004 None Pass Liferay Portal 7.3.4 < 7.3.6 XSS CVE-2021-29048 13 Jul 2021 6.1 (v3) Medium Pass Liferay Portal 7.3.5 SQLi CVE-2021-29053 14 Jul 2021 8.8 (v3) High Pass Cisco IOS EnergyWise DoS (cisco-sa-20170419-energywise) CVE-2017-3860 CVE-2017-3861 CVE-2017-3862 CVE-2017-3863 26 Apr 2017 8.6 (v3) High Pass Horde Software Detection 02 Nov 2004 None Pass Hydra: CVS 01 Dec 2004 7.5 (v2) High Pass Symantec Reporter Web Interface Detection 03 May 2019 None Pass PunBB Detection 13 Dec 2004 None Pass Hydra: PC-NFS 01 Dec 2004 7.5 (v2) High Pass MS04-035: WINS Code Execution (870763) (uncredentialed check) CVE-2004-0567 CVE-2004-1080 15 Dec 2004 10 (v2) Critical Pass PhpDig < 1.8.5 Unspeci fi ed Vulnerability 13 Dec 2004 5 (v2) Medium Pass Juniper Junos rpd RIP DoS (JSA10772) CVE-2017-2303 20 Jan 2017 5.9 (v3) Medium Pass Sendmail < 8.14.9 close-on-exec SMTP Connection Manipulation CVE-2014-3956 03 Jun 2014 3.3 (v3) Low Pass UMN Gopherd Unauthorized FTP Proxy 18 Jan 2005 5 (v2) Medium Pass ngIRCd < 0.8.2 Lists_MakeMask() Remote Over fl ow DoS CVE-2005-0199 29 Jan 2005 10 (v2) Critical Pass ArGoSoft Mail Server Multiple Traversals CVE-2005-0367 10 Feb 2005 6.5 (v2) Medium Pass RaidenHTTPD Crafted Request Arbitrary File Access 07 Feb 2005 7.8 (v2) High Pass PHP-Fusion Detection 09 Feb 2005 None Pass Mailman Detection 10 Feb 2005 None Pass Sybase TCP/IP Listener Service Detection 21 Feb 2005 None Pass Oracle Primavera P6 Enterprise Project Portfolio Management (Jul 2021 CPU) CVE-2021-2366 CVE-2021-2386 21 Jul 2021 6.4 (v3) Medium Pass OpenVMS WASD HTTP Server Multiple Vulnerabilities CVE-2002-1825 19 Feb 2005 10 (v2) Critical Pass Invision Power Board Software Detection 23 Feb 2005 None Pass phpMyAdmin Detection 25 Feb 2005 None Pass NNTP Server Message Header Handling Remote Over fl ow 28 Feb 2005 7.5 (v2) High Pass NNTP Server Password Handling Remote Over fl ow 28 Feb 2005 7.5 (v2) High Pass paNews Detection 02 Mar 2005 None Pass phpWebSite Detection 25 Feb 2005 None Pass phpMyFAQ Detection 09 Mar 2005 None Pass Eudora Internet Mail Server for Mac OS USER Over fl ow CVE-1999-1113 08 Mar 2005 10 (v2) Critical Pass Cyrus IMAP Server < 2.2.11 Multiple Remote Over fl ows CVE-2005-0546 24 Feb 2005 7.5 (v2) High Pass ESXi 6.0 < Build 3380124 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check) CVE-2015-6933 15 Jan 2016 6.3 (v3) Medium Pass ArGoSoft FTP Server DELE Command Remote Bu ff er Overrun CVE-2005-0696 09 Mar 2005 6 (v2) Medium Pass Cisco IOS TFTP File Disclosure 16 Mar 2005 5 (v2) Medium Pass Jetty < 4.2.19 HTTP Server HttpRequest.java Content-Length Handling Remote Over fl ow DoS CVE-2004-2381 17 Mar 2005 5 (v2) Medium Pass Oracle Enterprise Manager Web Console Detection 21 Mar 2005 None Pass ISS Deployment Manager Detection 21 Mar 2005 None Pass Avaya P330 Stackable Switch Default Password CVE-1999-0508 28 Mar 2005 10 (v2) Critical Pass Oracle HTTP Server (January 2007 CPU) CVE-2007-0279 CVE-2007-0280 CVE-2007-0281 CVE-2007-0282 21 Nov 2011 7.5 (v2) High Pass Sendmail < 8.13.8 Header Processing Over fl ow DoS CVE-2006-4434 18 Nov 2011 5.3 (v3) Medium Pass Sun Java Web Console BeginLogin.jsp redirect_url Parameter URI Redirection CVE-2008-5550 18 Nov 2011 4.3 (v2) Medium Pass OpenSSL 0.9.6 CA Basic Constraints Validation Vulnerability CVE-2009-0653 04 Jan 2012 7.5 (v2) High Pass OpenSSL < 0.9.8k Signature Repudiation CVE-2009-0591 04 Jan 2012 2.6 (v2) Low Pass OpenSSL 1.0.0 < 1.0.0-beta2 DoS CVE-2009-1379 CVE-2009-1387 04 Jan 2012 5 (v2) Medium Pass Web Server GET Request Saturation Remote DoS 25 May 2005 None Pass CubeCart Detection 08 Apr 2005 None Pass Cisco 675 Router Default Unpassworded Account CVE-1999-0889 22 Aug 1999 10 (v2) Critical Pass Novell GroupWise Enhancement Pack Java Server URL Handling Over fl ow DoS CVE-2000-0146 08 Feb 2000 5.3 (v3) Medium Pass Compaq WBEM HTTP Server Remote Over fl ow CVE-2005-4823 07 Apr 2005 10 (v2) Critical Pass Serendipity Detection 15 Apr 2005 None Pass RealServer G2 Malformed Telnet Data Remote Over fl ow CVE-1999-0271 04 Nov 1999 10 (v2) Critical Pass Xerox Document Centre Device Detection 21 Apr 2005 None Pass Kibuv Worm Detection 25 May 2005 10 (v2) Critical Pass Horde Mnemo Detection 26 Apr 2005 None Noise Service Detection 19 Aug 2007 None Pass Horde Nag Detection 26 Apr 2005 None Pass Stacheldraht Trojan Detection CVE-2000-0138 28 Jan 2000 10 (v2) Critical Pass WinGate Telnet Proxy localhost Connection Saturation DoS CVE-1999-0290 22 Jun 1999 5 (v2) Medium Pass Novell NetMail < 3.52C IMAP Agent Multiple Remote Over fl ows CVE-2005-1758 17 Jun 2005 7.5 (v2) High Pass PlanetFileServer mshftp.dll Data Processing Remote Over fl ow CVE-2005-2159 05 Jul 2005 10 (v2) Critical Pass 4D WebSTAR Symlink Privilege Escalation CVE-2004-0698 09 Aug 2004 3.6 (v2) Low Pass MailEnable IMAP STATUS Command Remote Over fl ow CVE-2005-2278 14 Jul 2005 7.2 (v2) High Pass Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability (cisco-sa-20100922-igmp) CVE-2010-2830 10 Jan 2012 7.1 (v2) High Pass WordPress Plugin 'ThemeGrill Demo Importer' 1.3.4 < 1.6.3 Database Wipe and Auth Bypass 21 Feb 2020 8.8 (v3) High Pass VNC Server Security Type Detection 22 Jul 2005 None Pass Microsoft Windows SMTP Service Malformed BDAT Request Remote DoS CVE-2002-0055 08 Mar 2002 5 (v2) Medium Pass Cisco Regular Expression Processing DoS CVE-2007-4430 10 Jan 2012 5 (v2) Medium Pass MDaemon Content Filter Traversal Arbitrary File Write 27 Jul 2005 9.3 (v2) High Pass Cisco IOS Line Printer Daemon (LPD) Stack Over fl ow CVE-2007-5381 10 Jan 2012 9.3 (v2) High Pass LocalWeb2000 2.1.0 Multiple Remote Vulnerabilities CVE-2001-0189 CVE-2002-0897 05 Jun 2002 7.5 (v2) High Pass Zotob Worm Detection 16 Aug 2005 10 (v2) Critical Pass SugarCRM Detection 24 Aug 2005 None Pass EMC Cloud Tiering Appliance Web Interface Detection 07 Apr 2014 None Pass GameSpy 3D Based Games Spoofed UDP Response Ampli fi cation DDoS CVE-2003-1354 22 Jan 2003 5 (v2) Medium Pass Embedded Web Server Detection 14 Sep 2005 None Pass Microsoft Windows Vista Unsupported Installation Detection 17 Apr 2017 10 (v3) Critical Pass Py2Play Game Engine Detection 19 Sep 2005 None Pass SNMP settings 20 Sep 2005 None Pass SBLIM-SFCB Multiple Bu ff er Over fl ows CVE-2010-1937 CVE-2010-2054 07 Jun 2010 10 (v2) Critical Pass Ethernet Card Manufacturer Detection 19 Feb 2009 None Pass Squid Crafted NTLM Authentication Header DoS CVE-2005-2917 12 Oct 2005 5.3 (v3) Medium Pass F5 BIG-IP Cookie Remote Information Disclosure 26 Oct 2005 5 (v2) Medium Pass Mailgust Password Reminder email Field SQL Injection CVE-2005-3063 06 Oct 2005 6.8 (v2) Medium Pass HSQLDB Server Detection 20 Oct 2005 None Pass VLAN Membership Policy Server Detection 20 Oct 2005 None Pass GpsDrive friendsd2 dir Field Remote Format String CVE-2005-3523 07 Nov 2005 7.5 (v2) High Pass CA Message Queuing Service Detection 04 Nov 2005 None Pass phpWebSite < 0.9.x Multiple Vulnerabilities CVE-2003-0735 CVE-2003-0736 CVE-2003-0737 CVE-2003-0738 11 Aug 2003 7.5 (v2) High Pass Ipswitch IMail Server IMAP LIST Command Remote Over fl ow DoS CVE-2005-2923 19 Dec 2005 7.8 (v2) High Pass MS04-042: Windows NT Multiple DHCP Vulnerabilities (885249) (uncredentialed check) CVE-2004-0899 CVE-2004-0900 03 Jan 2006 10 (v2) Critical Pass MailEnable IMAP EXAMINE Command Remote Over fl ow CVE-2005-4456 20 Dec 2005 7.8 (v2) High Pass Eudora Internet Mail Server (EIMS) < 3.2.8 Multiple DoS CVE-2006-0141 11 Jan 2006 5 (v2) Medium Pass Samba Mangling Method Hash Over fl ow CVE-2004-0686 22 Jul 2004 5 (v2) Medium Pass phpCOIN <= 1.2.1b Multiple Vulnerabilities CVE-2005-0669 CVE-2005-0670 CVE-2005-0932 CVE-2005-0933 CVE-2005-0946 CVE-2005-0947 01 Mar 2005 7.5 (v2) High Pass 4D WebStar Pre-authentication FTP Over fl ow CVE-2004-0695 03 Aug 2004 10 (v2) Critical Pass PHPNews auth.php path Parameter Remote File Inclusion CVE-2005-0632 02 Mar 2005 6.8 (v2) Medium Pass phpList <= 2.6.3 Multiple Vulnerabilities 03 Mar 2005 7.5 (v2) High Pass SquirrelMail < 1.4.3 Multiple Vulnerabilities CVE-2004-0519 CVE-2004-0520 CVE-2004-0521 05 May 2004 7.5 (v2) High Pass Adobe Document Server Default Credentials 18 Mar 2006 7.5 (v2) High Pass CubeCart < 2.0.6 settings.inc.php Multiple Script XSS CVE-2005-0606 CVE-2005-0607 03 Mar 2005 5 (v2) Medium Pass TYPO3 'cmw_linklist Extension' 'category_uid' Parameter SQL Injection CVE-2005-0658 04 Mar 2005 7.5 (v2) High 68

Pass Default Password (synnet) for 'debug' Account CVE-1999-0502 08 Mar 2005 9.8 (v3) Critical Pass Default Password (public) for 'public' Account CVE-1999-0383 CVE-1999-0502 08 Mar 2005 9.8 (v3) Critical Pass Default Password (debug) for 'super' Account CVE-1999-0502 CVE-1999-1420 CVE-1999-1421 08 Mar 2005 9.8 (v3) Critical Pass Default Password (forgot) for 'super' Account CVE-1999-0502 CVE-1999-1420 CVE-1999-1421 08 Mar 2005 9.8 (v3) Critical Pass MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow DoS (913580) (uncredentialed check) CVE-2006-0034 CVE-2006-1184 10 May 2006 10 (v2) Critical Pass Default Password (debug) for 'user' Account CVE-1999-0502 CVE-1999-1420 08 Mar 2005 9.8 (v3) Critical Pass Default Password (forgot) for 'user' Account CVE-1999-0502 CVE-1999-1420 08 Mar 2005 9.8 (v3) Critical Pass FortressSSH SSH_MSG_KEXINIT Logging Remote Over fl ow CVE-2006-2421 23 May 2006 7.5 (v2) High Pass Panda AdminSecure Communications Agent Detection 25 Jul 2007 None Pass Easy File Sharing Web Server Crafted Request ADS Arbitrary File Access CVE-2006-5714 08 Nov 2006 5 (v2) Medium Pass Juniper Junos ttymodem() DoS (PSN-2012-08-699) 26 Oct 2012 7.1 (v2) High Pass phpMyFAQ Forum Message username Field SQL Injection CVE-2005-0702 09 Mar 2005 7.5 (v2) High Pass phpBB <= 2.0.13 Multiple Vulnerabilities CVE-2005-0659 CVE-2005-0673 CVE-2005-1026 09 Mar 2005 6.5 (v2) Medium Pass PHP-Fusion BBCode IMG Tag XSS CVE-2005-0692 09 Mar 2005 4.3 (v2) Medium Noise TCP/IP Timestamps Supported 16 May 2007 None Pass YaBB YaBB.pl usersrecentposts Action username Parameter XSS CVE-2005-0741 CVE-2005-0785 10 Mar 2005 4.3 (v2) Medium Pass NewsScript newsscript.pl mode Parameter Privilege Escalation CVE-2005-0735 10 Mar 2005 6.4 (v2) Medium Pass XMPP Server Detection 29 May 2007 None Pass Packeteer Web Management Interface Detection 26 Jun 2007 None Pass AlienVault OSSIM REST API Service Detection 24 May 2017 None Pass Atlassian Jira Data Center / Jira Service Management Data Center Missing Authentication (2021-07-21) CVE-2020-36239 29 Jul 2021 9.8 (v3) Critical Pass Firewall Detection 26 Oct 2007 None Pass Skype skype4com URI Handler Remote Heap Corruption (uncredentialed check) CVE-2007-5989 07 Dec 2007 9.3 (v2) High Pass HP DesignJet Accounting.xls Information Disclosure Vulnerability 16 Apr 2019 5.3 (v3) Medium Pass Tenable Core Web Interface Detection 18 Nov 2019 None Pass NGINX Unit HTTP Server Detection 26 Apr 2019 None Pass Juniper Junos Oversized BGP UPDATE Remote DoS (JSA10609) CVE-2014-0616 16 Jan 2014 4.3 (v2) Medium Pass Juniper Junos SRX Series fl owd Remote DoS (JSA10611) CVE-2014-0618 16 Jan 2014 7.8 (v2) High Pass OS Identi fi cation: iPhone or iPad 10 Jul 2019 None Pass Pinnacle Cart index.php pg Parameter XSS CVE-2005-1130 13 Apr 2005 4.3 (v2) Medium Pass Cisco TelePresence Conductor REST API Server-Side Request Forgery Vulnerability CVE-2019-1679 27 Aug 2019 5 (v3) Medium Pass Tenable Nessus < 8.6.0 Denial of Service vulnerability (TNS-2019-05) CVE-2019-3974 23 Aug 2019 8.1 (v3) High Pass Puppet Enterprise 2015.x < 2016.4.0 Denial of Service Vulnerability CVE-2016-9686 09 Oct 2019 5.3 (v3) Medium Pass Mac OS X 10.9.x < 10.9.4 Multiple Vulnerabilities CVE-2014-0015 CVE-2014-1317 CVE-2014-1355 CVE-2014-1356 CVE-2014-1357 CVE-2014-1358 CVE-2014-1359 CVE-2014-1361 CVE-2014-1370 CVE-2014-1371 CVE-2014-1372 CVE-2014-1373 CVE-2014-1375 CVE-2014-1376 CVE-2014-1377 CVE-2014-1 01 Jul 2014 10 (v2) Critical Pass Juniper Junos Invalid PIM DoS (JSA10637) CVE-2014-3819 15 Jul 2014 7.8 (v2) High Pass Juniper Junos TCP Packet Processing Remote DoS (JSA10638) CVE-2004-0230 15 Jul 2014 5 (v2) Medium Pass McAfee Web Gateway Information Disclosure (SB10080) CVE-2014-6064 05 Sep 2014 4 (v2) Medium Pass Juniper Junos 'em' Interface Fragmentation Remote DoS (JSA10655) CVE-2014-6380 14 Oct 2014 7.8 (v2) High Pass PhotoPost PHP < 5.0.1 Multiple Remote Vulnerabilities CVE-2005-0774 CVE-2005-0775 CVE-2005-0776 CVE-2005-0777 CVE-2005-0778 CVE-2005-1629 11 Mar 2005 7.5 (v2) High Pass UBB.threads Detection 12 Mar 2005 None Pass Phorum < 5.0.15 Multiple XSS CVE-2005-0783 CVE-2005-0784 17 Mar 2005 4.3 (v2) Medium Pass Unpassworded 'help' Account CVE-1999-0502 19 Mar 2005 9.8 (v3) Critical Pass Phorum search.php location Parameter HTTP Response Splitting CVE-2005-0843 22 Mar 2005 4.3 (v2) Medium Pass Kayako eSupport Troubleshooter Module index.php Multiple Parameter XSS CVE-2005-0842 22 Mar 2005 4.3 (v2) Medium Pass XMB Forum < 1.9.10 Multiple Vulnerabilities CVE-2005-0885 CVE-2005-2574 CVE-2005-2575 24 Mar 2005 7.5 (v2) High Pass Invision Power Board HTTP POST Request IFRAME Tag XSS CVE-2005-0886 24 Mar 2005 3.5 (v2) Low Pass Juniper Junos MX Series Trio-based PFE Modules Security Bypass (JSA10666) CVE-2014-6383 23 Jan 2015 5 (v2) Medium Pass Cisco TelePresence Conductor GNU glibc gethostbyname Function Bu ff er Over fl ow Vulnerability (GHOST) CVE-2015-0235 18 Feb 2015 10 (v2) Critical Pass Cisco Wireless LAN Controller Web Authentication DoS (CSCum03269) CVE-2015-0723 21 May 2015 6.1 (v2) Medium Pass Sybase SQL Anywhere Server Detection 07 Mar 2007 None Pass PHPSysInfo < 2.5 Multiple Script XSS CVE-2005-0870 24 Mar 2005 4.3 (v2) Medium Pass Oracle Reports Server test.jsp Multiple Parameter XSS CVE-2005-0873 24 Mar 2005 4.3 (v2) Medium Pass Juniper Junos J-Web Multiple Vulnerabilities (JSA10682) CVE-2014-6447 04 Aug 2015 10 (v2) Critical Pass Default Password '666666' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Libssh ssh_packet_kexinit() Double-free Memory DoS CVE-2014-8132 16 Jan 2015 5 (v2) Medium Pass Puppet Enterprise Multiple OpenSSL Vulnerabilities (FREAK) CVE-2015-0204 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 30 Dec 2015 7.5 (v2) High Pass IPMI v2.0 Password Hash Disclosure CVE-2013-4786 18 Dec 2014 7.5 (v3) High Pass GoAhead Embedded Web Server websNormalizeUriPath() Directory Traversal Vulnerability CVE-2014-9707 03 Apr 2015 7.5 (v2) High Pass MIT Kerberos 5 setup_server_realm() Remote DoS CVE-2013-1418 18 Nov 2013 4.3 (v2) Medium Pass HP Intelligent Management Center SOM Module Information Disclosure CVE-2013-4826 09 Jan 2014 5 (v2) Medium Pass MS07-029: Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966) (uncredentialed check) CVE-2007-1748 05 Mar 2014 10 (v2) Critical Pass Zebra ZTC Printer Web Interface Detection 25 Nov 2019 None Pass CKEditor Preview Plugin Unspeci fi ed XSS CVE-2014-5191 31 Jul 2014 4.3 (v2) Medium Pass Oracle Web Determinations Detection 12 Sep 2014 None Pass Oracle Web Cache Admin Module Multiple GET Request Method DoS CVE-2002-0386 14 Aug 2002 5 (v2) Medium Pass PostgreSQL 8.4 < 8.4.17 / 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 Predictable Random Number Generator CVE-2013-1900 08 Apr 2013 8.8 (v3) High Pass Apache mod_wsgi < 3.5 Apache Process Privilege Escalation CVE-2014-0240 14 Jul 2014 8.1 (v3) High Pass Novell NetWare Web Server sewse.nlm (viewcode.jse) Traversal Arbitrary File Access CVE-2001-1580 06 Feb 2004 5 (v2) Medium Pass Apache Tomcat 3.x < 3.2.2 Malformed URL JSP Source Disclosure CVE-2001-0590 26 Oct 2010 5.3 (v3) Medium Pass OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Downgrade Issue CVE-2010-4180 07 Feb 2011 4.3 (v2) Medium Pass Apache 2.2.x < 2.2.18 APR apr_fnmatch DoS CVE-2011-1928 25 May 2011 5.3 (v3) Medium Pass Oracle Secure Backup Administration Server login.php XSS CVE-2011-2251 27 Jul 2011 4.3 (v2) Medium Pass OpenSSL 1.0.0 < 1.0.0j DTLS CBC Denial of Service CVE-2012-2333 11 May 2012 5 (v2) Medium Pass HP Data Protector Unspeci fi ed Local Unauthorized Access CVE-2009-4183 28 Jan 2010 4.6 (v2) Medium Pass CVS pserver Line Entry Handling Over fl ow CVE-2004-0396 19 May 2004 10 (v2) Critical Pass Cisco Content Security Management Appliance Web Detection 26 Jul 2013 None Pass Real Video Server Telnet Malformed Data Remote DoS CVE-1999-0271 22 Aug 1999 5 (v2) Medium Pass BenHur Firewall Source Port 20 ACL Restriction Bypass CVE-2002-2307 22 Jul 2002 5 (v2) Medium Pass Apache < 2.0.44 Illegal Character Default Script Mapping Bypass CVE-2003-0017 22 Jan 2003 5.3 (v3) Medium Pass Solaris in.lpd Crafted Job Request Arbitrary Remote Command Execution CVE-2001-1583 03 Apr 2003 10 (v2) Critical Pass mod_gzip Debug Mode mod_gzip_printf Remote Format String CVE-2003-0843 02 Jun 2003 5.1 (v2) Medium Pass PhotoPost < 5.1 Multiple Input Validation Vulnerabilities CVE-2005-0928 CVE-2005-0929 30 Mar 2005 7.5 (v2) High Pass PHP Multiple Image Processing Functions File Handling DoS CVE-2005-0524 CVE-2005-0525 02 Apr 2005 5.4 (v2) Medium Pass Apple iTunes For Windows iTunesHelper.exe Path Subversion Local Privilege Escalation (uncredentialed check) CVE-2005-2938 16 Nov 2005 7.2 (v2) High Pass phpMyAdmin index.php convcharset Parameter XSS CVE-2005-0992 05 Apr 2005 4.3 (v2) Medium Pass MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass CVE-2004-0627 07 Jan 2011 7.5 (v2) High Pass PHP < 4.4.2 Multiple XSS Vulnerabilities CVE-2006-0208 18 Nov 2011 2.6 (v2) Low Pass PHP < 4.4.4 Multiple Vulnerabilities CVE-2006-1017 CVE-2006-4020 18 Nov 2011 9.3 (v2) High Pass PHP 5.x < 5.1.0 Multiple Vulnerabilities CVE-2005-3319 CVE-2005-3883 18 Nov 2011 5 (v2) Medium Pass IBM Storwize V7000 Uni fi ed ACL Security Bypass CVE-2014-0875 31 Aug 2015 3.5 (v2) Low Pass PHP 5.1.x < 5.1.2 Multiple Vulnerabilities CVE-2006-0200 CVE-2006-0207 CVE-2006-0208 18 Nov 2011 9.3 (v2) High Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (July 2018 CPU) CVE-2016-4055 CVE-2016-7103 CVE-2018-2965 CVE-2018-2966 CVE-2018-2967 CVE-2018-2968 CVE-2018-2969 20 Jul 2018 6.1 (v3) Medium Pass Jenkins < 2.138.4 LTS / 2.150.1 LTS / 2.154 Multiple Vulnerabilities CVE-2018-1000861 CVE-2018-1000862 CVE-2018-1000863 CVE-2018-1000864 07 Dec 2018 9.8 (v3) Critical Pass HP Data Protector 'EXEC_INTEGUTIL' Arbitrary Command Execution 13 Nov 2014 10 (v2) Critical Pass Palo Alto Networks Panorama PAN-OS < 6.0.1 Firmware Signature Veri fi cation Bypass Arbitrary Code Execution CVE-2015-6531 28 Sep 2015 7.6 (v2) High Pass Apple TV < 10.1.1 Multiple Vulnerabilities CVE-2016-8687 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2360 CVE-2017-2362 CVE-2017-2363 CVE-2017-2365 CVE-2017-2369 CVE-2017-2370 CVE-2017-2373 30 Jan 2017 7.8 (v3) High Pass Apache Tomcat 4.x < 4.1.0 Multiple Vulnerabilities CVE-2002-2006 CVE-2003-0866 04 Nov 2010 5.3 (v3) Medium Pass Apache Tomcat 3.x < 3.3.2 Multiple Vulnerabilities CVE-2003-0044 CVE-2007-3384 09 Nov 2010 5.6 (v3) Medium Pass Dropbear SSH Server < 2016.72 Multiple Vulnerabilities CVE-2016-7406 CVE-2016-7407 CVE-2016-7408 CVE-2016-7409 22 Sep 2016 9.8 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (October 2010 CPU) CVE-2010-1321 CVE-2010-2389 CVE-2010-2390 CVE-2010-2391 CVE-2010-2407 CVE-2010-2411 CVE-2010-2412 CVE-2010-2415 CVE-2010-2419 18 Nov 2010 7.5 (v2) High Pass Ethernet MAC Addresses 16 Oct 2015 None Pass macOS 10.13.x < 10.13.4 Multiple Vulnerabilities CVE-2017-13080 CVE-2017-13890 CVE-2017-13911 CVE-2017-15412 CVE-2017-7151 CVE-2018-4104 CVE-2018-4105 CVE-2018-4106 CVE-2018-4107 CVE-2018-4108 CVE-2018-4111 CVE-2018-4112 CVE-2018-4115 CVE-2018-4131 CVE-2018-4132 CVE-20 02 Apr 2018 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 6.x.x < 6.1.21 / 7.1.x < 7.1.18 / 8.0.x < 8.0.11-h1 Multiple Vulnerabilities CVE-2018-7636 CVE-2018-9242 CVE-2018-9334 CVE-2018-9335 13 Jul 2018 5.5 (v3) Medium Pass Juniper Junos Privilege Escalation (JSA10857) CVE-2018-0024 20 Jul 2018 7.8 (v3) High Pass Citrix NetScaler Multiple Vulnerabilities (CTX232161) CVE-2018-6186 CVE-2018-6808 CVE-2018-6809 CVE-2018-6810 CVE-2018-6811 05 Jul 2018 9.8 (v3) Critical Pass Cisco Prime Data Center Network Manager Web Detection 11 Jul 2013 None Pass Microsoft Windows 95/98/ME Unsupported Installation Detection 01 Jun 2006 10 (v2) Critical Pass Solaris rpc.yppasswdd username Remote Over fl ow CVE-2001-0779 29 May 2001 10 (v2) Critical Pass WebLogic Server Encoded Request Directory Listing 16 Feb 2016 5 (v2) Medium Pass Citrix NFuse Server launch.asp Arbitrary Server/Port Redirect 16 Oct 2003 5 (v2) Medium Pass QlikView Server AccessPoint XML External Entity Injection CVE-2015-3623 23 Jun 2016 6.4 (v2) Medium Pass Disk Sorter HTTP POST Request Handling Remote Stack Bu ff er Over fl ow 15 Jun 2018 9.8 (v3) Critical 69

Pass Juniper Junos Multiple Python Privilege Escalation (JSA10695) CVE-2014-6448 26 Oct 2015 7.2 (v2) High Pass ASUSTOR Data Master < 3.1.3 Multiple Vulnerabilities CVE-2018-12313 24 Jul 2018 9.8 (v3) Critical Pass OpenSSL 1.1.0 < 1.1.0i Multiple Vulnerabilities CVE-2018-0732 CVE-2018-0737 CVE-2018-5407 27 Aug 2018 5.9 (v3) Medium Pass OpenSSL 1.0.x < 1.0.2p Multiple Vulnerabilities CVE-2018-0732 CVE-2018-0737 27 Aug 2018 5.9 (v3) Medium Pass PHP < 5.6.37 or 7.2.x < 7.2.8 Multiple Vulnerabilities (Deprecated) CVE-2018-14883 CVE-2018-14851 CVE-2018-15132 07 Sep 2018 7.5 (v3) High Pass DNN (DotNetNuke) 5.0.0 < 9.2.2 Multiple Vulnerabilities 02 Oct 2018 6.3 (v3) Medium Pass Quest DR Series Appliance Web Default Administrator Credentials 08 Mar 2018 8.6 (v3) High Pass Apple TV < 12.1 Multiple Vulnerabilities CVE-2018-4368 CVE-2018-4369 CVE-2018-4371 CVE-2018-4372 CVE-2018-4378 CVE-2018-4382 CVE-2018-4386 CVE-2018-4392 CVE-2018-4394 CVE-2018-4398 CVE-2018-4409 CVE-2018-4413 CVE-2018-4416 CVE-2018-4419 CVE-2018-4420 02 Nov 2018 8.8 (v3) High Pass Atmail Webmail 6.x < 6.6.4 / 7.x < 7.1.2 Multiple Vulnerabilities CVE-2013-5031 CVE-2013-5032 CVE-2013-5033 CVE-2013-5034 18 Apr 2014 10 (v2) Critical Pass Juniper Junos IGMPv3 Protocol Multicast DoS (JSA10714) CVE-2016-1256 22 Jan 2016 5 (v2) Medium Pass Silver Peak VX Default Credentials 25 Sep 2014 10 (v2) Critical Pass OpenSSL < 0.9.8p / 1.0.0b Bu ff er Over fl ow CVE-2010-3864 04 Jan 2012 7.6 (v2) High Pass Cisco Video Surveillance Manager Appliance Default Password Vulnerability(cisco-sa-20180921-vsm) CVE-2018-15427 15 Feb 2019 9.8 (v3) Critical Pass nginx HTTP Server Detection 26 Jan 2018 None Pass Jinzora Multiple Script include_path Parameter Remote File Inclusion CVE-2006-6770 02 Jan 2007 6.8 (v2) Medium Pass PHP 7.1.x < 7.1.22 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass CA BrightStor ARCserve Backup for Laptops & Desktops Server Multiple Vulnerabilities (QO83833) CVE-2007-0449 CVE-2007-0672 CVE-2007-0673 26 Jan 2007 10 (v2) Critical Pass EMC RSA Authentication Manager < 8.4 Relative Path Traversal (DSA-2018-226) CVE-2018-15782 17 Jan 2019 7.8 (v3) High Pass Juniper Junos IPv6 Packet Handling mbuf Chain Corruption DoS (JSA10699) CVE-2014-6450 21 Oct 2015 7.8 (v2) High Pass Juniper Junos SRX5000-series J-Web DoS (JSA10700) CVE-2014-6451 21 Oct 2015 7.8 (v2) High Pass Palo Alto Networks PAN-OS API Key Persistence Security Bypass (PAN-SA-2015-0006) 17 Nov 2015 5.1 (v2) Medium Pass WordPress Plugin 'AMP for WP - Accelerated Mobile Pages' < 0.9.97.20 Multiple Vulnerabilities 15 Nov 2018 6.3 (v3) Medium Pass Juniper Junos TKEY Query Handling DoS (JSA10718) CVE-2015-5477 22 Jan 2016 7.8 (v2) High Pass Cisco IOS Multiple OpenSSL Vulnerabilities (CSCup22590) CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 26 Feb 2016 6.8 (v2) Medium Pass JQuery Detection 07 Feb 2018 None Pass OpenSSL 1.0.x < 1.0.2o Multiple Vulnerabilities CVE-2018-0739 21 May 2018 6.5 (v3) Medium Pass Elasticsearch Unrestricted Access Information Disclosure 23 Jun 2017 5.3 (v3) Medium Pass Oracle GlassFish Server 3.0.1.x < 3.0.1.17 / 3.1.2.x < 3.1.2.18 (October 2017 CPU) CVE-2016-3092 CVE-2017-10385 CVE-2017-10391 CVE-2017-10393 CVE-2017-10400 19 Oct 2017 7.3 (v3) High Pass Cisco Data Center Network Manager Privilege Escalation (cisco-sa-dcnm-privescal-zxfCH7Dg) CVE-2020-3380 28 Jul 2020 7.8 (v3) High Pass EMC Documentum D2 < 4.6 Insu ffi cient ACL Remote Object Manipulation (ESA-2016-034) CVE-2016-0888 08 Apr 2016 8.8 (v3) High Pass LabVIEW Web Server HTTP Get Newline DoS CVE-2002-0748 06 Aug 2002 5 (v2) Medium Pass GIT gitweb git_search Shell Metacharacter Arbitrary Command Execution CVE-2008-5516 08 Apr 2011 7.5 (v2) High Pass ESXi 5.0 < Build 1022489 Multiple Vulnerabilities (remote check) CVE-2011-3102 CVE-2012-2807 CVE-2012-5134 CVE-2013-3519 13 Nov 2013 7.9 (v2) High Pass ESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check) CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2011-1089 CVE-2011-1202 CVE-2011-3102 CVE-2011-3970 CVE-2011-4609 CVE-2012-0864 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-3404 CVE-2012-3405 CVE-2012-3 13 Nov 2013 6.9 (v2) Medium Pass Cisco Data Center Network Manager Multiple Vulnerabilities (Aug 2020) CVE-2020-3521 CVE-2020-3538 CVE-2020-3539 25 Aug 2020 6.5 (v3) Medium Pass Web Application Potentially Vulnerable to Clickjacking 22 Aug 2015 4.3 (v2) Medium Pass Elasticsearch ESA-2018-16 CVE-2018-17244 07 Nov 2018 6.5 (v3) Medium Pass ESXi 6.5 / 6.7 / 7.0 DoS (VMSA-2020-0018) CVE-2020-3976 28 Aug 2020 5.3 (v3) Medium Pass IBM Tivoli SecureWay WebSEAL Proxy Policy Director Encoded URL DoS CVE-2001-1191 18 Aug 2002 5 (v2) Medium Pass Darwin Streaming Server < 5.5.5 Multiple RCE Vulnerabilities CVE-2007-0748 CVE-2007-0749 14 May 2007 10 (v2) Critical Pass OpenNMS Java Object Deserialization RCE 10 Dec 2015 10 (v2) Critical Pass Hashicorp Consul Web UI and API access 26 Jul 2018 8.8 (v3) High Pass VMware ESX / ESXi Unsupported Version Detection 02 Dec 2011 10 (v3) Critical Pass ESXi 6.5 < Build 5224529 Multiple Vulnerabilities (VMSA-2017-0006) (remote check) CVE-2017-4903 CVE-2017-4904 CVE-2017-4905 31 Mar 2017 8.8 (v3) High Pass Silex USB Device Server Web Con fi guration Page Empty Password 07 Mar 2014 10 (v2) Critical Pass Cisco NX-OS Software CLI Arbitrary Command Injection (cisco-sa-20180620-nx-os-cli-injection) CVE-2018-0307 14 Jul 2020 7.8 (v3) High Pass NFS portmapper localhost Mount Request Restricted Host Access CVE-1999-0168 12 Mar 2003 7.5 (v2) High Pass HP O ffi ceJet Printer Security Bypass (HPSBPI03107) CVE-2014-0224 09 Oct 2014 5.6 (v3) Medium Pass ARRIS Touchstone DG950A SNMP Information Disclosure (CVE-2014-4863) CVE-2014-4863 07 Nov 2014 5 (v2) Medium Pass Oracle iPlanet Web Server 7.0.x < 7.0.21 NSS Signature Veri fi cation Vulnerability CVE-2014-1568 22 Apr 2015 7.5 (v2) High Pass Wordfence Plugin for WordPress 'email' Parameter XSS 27 Nov 2012 4.7 (v3) Medium Pass PostgreSQL 8.3 < 8.3.20 / 8.4 < 8.4.13 / 9.0 < 9.0.9 / 9.1 < 9.1.5 Multiple Vulnerabilities CVE-2012-3488 CVE-2012-3489 28 Dec 2012 6.5 (v3) Medium Pass HP Intelligent Management Center User Access Manager Unspeci fi ed Information Disclosure CVE-2012-5211 13 Mar 2013 7.5 (v2) High Pass Oracle E-Business Multiple Vulnerabilities (January 2018 CPU) CVE-2017-3735 CVE-2017-3736 CVE-2018-2580 CVE-2018-2635 CVE-2018-2655 CVE-2018-2656 CVE-2018-2684 CVE-2018-2691 17 Jan 2018 9.1 (v3) Critical Pass SunFTP GET Request Remote Over fl ow CVE-2000-0856 13 Mar 2003 7.5 (v2) High Pass iPlanet Application Server Pre fi x Remote Over fl ow CVE-2002-0387 16 Mar 2003 7.5 (v2) High Pass Adobe Media Server Unsupported Version Detection 11 Aug 2011 10 (v2) Critical Pass Ipswitch WhatsUp Professional Login.asp Multiple Field SQL Injection CVE-2005-1250 23 Jun 2005 5.1 (v2) Medium Pass OpenSSL 'ChangeCipherSpec' MiTM Vulnerability CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 14 Aug 2014 5.6 (v3) Medium Pass Dolibarr Multiple Script URI XSS CVE-2011-4814 13 Apr 2012 4.3 (v2) Medium Pass Kayako SupportSuite 3.x <= 3.70.02 Multiple Vulnerabilities 16 Feb 2012 6.5 (v2) Medium Pass HP Data Protector LogClientInstallation Method Userid Field SQL Execution CVE-2011-3156 29 Mar 2012 7.5 (v2) High Pass Cisco TelePresence MCU Software Memory Exhaustion CVE-2014-3397 22 Oct 2014 7.8 (v2) High Pass Apple TV < 5.2 Multiple Vulnerabilities CVE-2012-2619 CVE-2013-0964 04 Feb 2013 3.6 (v2) Low Pass Xerox WorkCentre Crafted PostScript File Handling Directory Access (XRX10-001) CVE-2010-0549 01 Mar 2010 5 (v2) Medium Pass solidDB Default Credentials 28 Mar 2008 7.5 (v2) High Pass Trend Micro IMSS Console Management Detection 01 Mar 2005 None Pass PHP 5.1.x < 5.1.5 Multiple Vulnerabilities CVE-2006-1017 CVE-2006-4020 CVE-2006-4481 CVE-2006-4482 CVE-2006-4483 CVE-2006-4484 CVE-2006-4485 18 Nov 2011 10 (v2) Critical Pass leafnode fetchnews DoS CVE-2004-2068 27 Oct 2009 5 (v2) Medium Pass CrashPlan Server Default Administrative Credentials 29 May 2009 7.5 (v2) High Pass Sendmail < 8.11.2 -bt Option Local Over fl ow 25 Nov 2001 8.4 (v3) High Pass IBM Lotus Domino Crafted .nsf Request Authentication Bypass CVE-2001-1567 12 May 2002 5 (v2) Medium Pass HP OpenView Network Node Manager ovlaunch.exe Information Disclosure (c01661610) CVE-2008-4560 12 Feb 2009 5 (v2) Medium Pass Hobbit Monitor < 4.1.0 hobbitd Malformed Message Remote Over fl ow 27 Jul 2005 7.5 (v2) High Pass PHP Foreign Function Interface Arbitrary DLL Loading safe_mode Restriction Bypass CVE-2007-4528 18 Nov 2011 5.8 (v3) Medium Pass Cisco Data Center Network Manager Privilege Escalation (cisco-sa-20180905-cdcnm-escalation) CVE-2018-0440 18 Sep 2020 7.2 (v3) High Pass Floating Social Media Links Plugin for WordPress 'wpp' Parameter Remote File Inclusion 25 Jan 2013 7.5 (v2) High Pass Citrix Access Gateway Administrative Web Interface Default Credentials 12 Apr 2013 7.5 (v2) High Pass Asterisk Detection 10 Dec 2012 None Pass PHP ip2long Function String Validation Weakness CVE-2006-4023 18 Nov 2011 5.8 (v3) Medium Pass IPSEC Internet Key Exchange (IKE) Version 1 Detection 02 Dec 2003 None Pass ManageEngine ADAudit Plus Default Credentials 02 Jun 2010 7.5 (v2) High Pass PHP mb_send_mail() Function Parameter Security Bypass CVE-2006-1014 18 Nov 2011 3.2 (v2) Low Pass PHP Symlink Function Race Condition open_basedir Bypass CVE-2006-5178 18 Nov 2011 8.8 (v3) High Pass SquirrelMail < 1.45 Multiple Vulnerabilities CVE-2005-1769 CVE-2005-2095 16 Jun 2005 5 (v2) Medium Pass ShowO ff ! Digital Media Software <= 1.5.4 Multiple Remote Vulnerabilities CVE-2005-1571 CVE-2005-1572 12 May 2005 7.8 (v2) High Pass Oracle WebLogic Console / WLST Unspeci fi ed Privilege Escalation (CVE-2008-2577) CVE-2008-2577 30 Nov 2011 4.6 (v2) Medium Pass Oracle WebLogic Server Unspeci fi ed Information Disclosure (CVE-2008-2578) CVE-2008-2578 30 Nov 2011 4.3 (v2) Medium Pass Oracle WebLogic Plugins Unspeci fi ed Remote Issue (CVE-2008-2579) CVE-2008-2579 30 Nov 2011 6.8 (v2) Medium Pass Oracle WebLogic Server Servlets Unspeci fi ed Unauthenticated Remote Issue (CVE-2008-4013) CVE-2008-4013 30 Nov 2011 6.8 (v2) Medium Pass Oracle WebLogic ForeignJMS Component Unspeci fi ed Information Disclosure (CVE-2008-2576) CVE-2008-2576 30 Nov 2011 4.3 (v2) Medium Pass GitLab 14.6.x < 14.6.5 / 14.7.x < 14.7.4 / 14.8.x < 14.8.2 Information Disclosure CVE-2022-0738 14 Mar 2022 7.5 (v3) High Pass Oracle WebLogic Multiple Authorizer Unspeci fi ed Privilege Escalation (CVE-2008-4009) CVE-2008-4009 30 Nov 2011 5.1 (v2) Medium Pass Oracle WebLogic Admin State Unspeci fi ed Privilege Escalation (CVE-2008-4011) CVE-2008-4011 30 Nov 2011 2.1 (v2) Low Pass Oracle WebLogic UDDI Explorer Unspeci fi ed Vulnerability (CVE-2008-2581) CVE-2008-2581 30 Nov 2011 5.1 (v2) Medium Pass PHP 7.1.x < 7.1.7 Multiple Vulnerabilities CVE-2017-7890 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 CVE-2017-11144 CVE-2017-11145 CVE-2017-11362 CVE-2017-11628 CVE-2017-12933 CVE-2017-12934 13 Jul 2017 9.8 (v3) Critical Pass Atlassian Con fl uence 6.14.x < 6.14.3 / 6.15.x < 6.15.5 stored cross-site-scripting (SXSS) Vulnerability CVE-2019-20102 30 Apr 2020 6.1 (v3) Medium Pass Oracle WebLogic DoS (CVE-2008-2582) CVE-2008-2582 30 Nov 2011 5 (v2) Medium Pass Oracle WebLogic WLS Unspeci fi ed Vulnerability (CVE-2008-5461) CVE-2008-5461 30 Nov 2011 6.8 (v2) Medium Pass Oracle WebLogic Portal Elevation of Privilege (CVE-2008-5462) CVE-2008-5462 10 Jan 2012 6.8 (v2) Medium Pass PHP 4.x < 4.3.0 ZendEngine Integer Over fl ow CVE-2006-4812 11 Jan 2012 7.5 (v2) High Pass Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection DoS (cisco-sa-nxos-bfd-dos-wGQXrzxn) CVE-2022-20623 14 Mar 2022 7.5 (v3) High Pass GitLab 13.x < 14.6.5 / 14.7.4 / 14.8.2 Information Disclosure CVE-2021-4191 14 Mar 2022 5.3 (v3) Medium Pass Icecast HTTP Basic Authorization Remote Over fl ow DoS CVE-2004-2027 01 Oct 2004 5 (v2) Medium Pass Cisco Data Center Network Manager Authentication Bypass (cisco-sa-dcnm-bypass-dyEejUMs) CVE-2020-3382 12 Aug 2020 9.8 (v3) Critical Pass Apache Struts 2 ParameterInterceptor Class OGNL Expression Parsing Remote Command Execution CVE-2011-3923 06 Feb 2012 9.8 (v3) Critical Pass Apache Struts 2 Multiple Remote Code Execution and File Overwrite Vulnerabilities (safe check) (deprecated) CVE-2012-0392 25 Jan 2012 8.1 (v3) High Pass Apache Struts 2 'method:' Pre fi x Arbitrary Remote Command Execution CVE-2016-3081 17 Dec 2018 8.1 (v3) High Pass Apache Struts 2 Tag Attribute Double OGNL Evaluation RCE CVE-2016-0785 24 Mar 2016 8.8 (v3) High Pass Apache Struts 2 ExceptionDelegator Arbitrary Remote Command Execution CVE-2012-0391 07 Aug 2013 8.8 (v3) High Pass Atlassian Jira < 8.5.8 / 8.6.0 < 8.11.1 Sensitive Data Exposure (JRASERVER-71536) CVE-2020-14179 24 Sep 2020 5.3 (v3) Medium Pass HTTP login page 26 Oct 2002 None 70

Pass Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check) CVE-2018-13379 06 Sep 2019 9.8 (v3) Critical Pass NETGEAR Web Interface Detection 22 May 2017 None Pass ClearSCADA Web Server Detection 23 Oct 2013 None Pass Open Web Analytics Detection 27 May 2014 None Pass ROADS search.pl form Parameter Traversal Arbitrary File Access CVE-2001-0215 08 Mar 2001 5 (v2) Medium Pass Graylog2 Default Credentials 10 Feb 2015 7.5 (v2) High Pass Tenable Appliance < 4.5.0 Web UI simpleupload.py Remote Command Execution (CVE-2017-8051) CVE-2017-8051 21 Apr 2017 9.8 (v3) Critical Pass Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) DoS (cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX) CVE-2020-3492 12 Oct 2020 8.6 (v3) High Pass Juniper Junos Information Exposure Vulnerability (JSA11008) CVE-2020-1628 08 Jul 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x / 8.x < 8.1.15 OS Command Injection Vulnerability CVE-2020-2030 09 Jul 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 8.x < 8.1.15 / 9.0.x < 9.0.9 / 9.1.x < 9.1.3 TLS 1.0 Usage Vulnerability CVE-2020-1982 09 Jul 2020 4.8 (v3) Medium Pass Apache Cassandra Default Credentials 23 Dec 2020 9.8 (v3) Critical Pass NAI PGP Certi fi cate Server Unresolvable IP DoS CVE-2000-0543 22 Jun 2000 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS Series PA-7000 9.0 < 9.0.5-h5 Remote Code Execution Vulnerability (PAN-SA-2019-0040) CVE-2019-17440 28 Jan 2020 9.8 (v3) Critical Pass DrayTek Vigor < 1.5.1 Unauthenticated RCE (Direct Check) CVE-2020-8515 22 Oct 2020 9.8 (v3) Critical Pass DNS Server Dynamic Update Record Injection 15 Jan 2009 5.8 (v3) Medium Pass Polycom SoundPoint IP Phone Default Password 22 Jun 2011 7.5 (v2) High Pass Blog Torrent btdownload.php fi le Variable Traversal Arbitrary File Retrieval CVE-2004-1212 05 Dec 2004 7.8 (v2) High Pass Nostromo HTTP Server Detection 30 Oct 2020 None Pass OTRS SOAP Interface Unauthenticated Object Manipulation CVE-2008-1515 08 Apr 2008 7.5 (v2) High Pass Oracle WebLogic Unsupported Version Detection 26 Apr 2018 10 (v3) Critical Pass YaCy Peer-To-Peer Search Engine XSS CVE-2004-2651 28 Dec 2004 4.3 (v2) Medium Pass Apache 2.4.17 / 2.4.18 DoS CVE-2016-1546 08 Feb 2019 5.9 (v3) Medium Pass Apache 2.4.x < 2.4.35 DoS CVE-2018-11763 27 Sep 2018 5.9 (v3) Medium Pass Apache 2.4.6 Remote DoS CVE-2013-4352 30 Jul 2014 5.3 (v3) Medium Pass Apache 2.4.x < 2.4.3 Multiple Vulnerabilities CVE-2012-2687 CVE-2012-3502 23 Aug 2012 5.3 (v3) Medium Pass phpScheduleIt < 1.0.1 Reservation.class.php Arbitrary Reservation Modi fi cation CVE-2004-2469 20 Nov 2004 5 (v2) Medium Pass Cisco IOS Software Multiple Vulnerabilities in ntpd (cisco-sa-20150408-ntpd) CVE-2015-1798 CVE-2015-1799 10 Apr 2018 5.4 (v3) Medium Pass Atlassian JIRA < 7.13.18 / 8.0.x < 8.5.9 / 8.6.x < 8.12.1 Information Disclosure (JRASERVER-71646) CVE-2020-14183 27 Nov 2020 4.3 (v3) Medium Pass Atlassian JIRA Common Credentials 22 Mar 2019 9.8 (v3) Critical Pass Apache Cassandra < 2.1.22 / 2.2.x < 2.2.18 / 3.0.x < 3.0.22 / 3.11.x < 3.11.8 Information Disclosure Vulnerability CVE-2020-13946 02 Dec 2020 5.9 (v3) Medium Pass WordPress Plugin 'Email Subscribers & Newsletters' Multiple Vulnerabilities CVE-2020-5767 CVE-2020-5768 27 Aug 2020 6.5 (v3) Medium Pass Cisco IOS XE Software Web UI Command Injection (cisco-sa-web-cmdinj3-44st5CcA) CVE-2020-3212 09 Jun 2020 7.2 (v3) High Pass HP-UX ftpd PAM Authentication Con fi guration Weakness Authentication Bypass CVE-2008-1668 15 Aug 2008 7.6 (v2) High Pass Microsoft Windows 10 Version 1903 Unsupported Version Detection 14 Jan 2021 10 (v3) Critical Pass Juniper Junos OS DoS (JSA11091) CVE-2020-8617 14 Jan 2021 7.5 (v3) High Pass Rocket U2 UniData < 7.3 unidata72 RPC Interface Call Parsing Arbitrary Command Execution 21 Jun 2012 10 (v2) Critical Pass IceWarp Web Mail Multiple Flaws (3) CVE-2005-0320 CVE-2005-0321 29 Jan 2005 5 (v2) Medium Pass Cogent DataHub < 6.4.5Beta OPC Connection Failure DoS 15 Jun 2016 5 (v2) Medium Pass Rockwell Automation MicroLogix 1100 PLC < Series B FRN 12.0 MitM Replay Authentication Bypass CVE-2012-6440 07 Jul 2015 9.3 (v2) High Pass Honeywell FALCON XL Web Controller Multiple Vulnerabilities CVE-2014-2717 CVE-2014-3110 25 Aug 2014 7.6 (v2) High Pass Huawei HG532e Home Gateway Command Injection CVE-2017-17215 11 Dec 2017 8.8 (v3) High Pass PHP 5.x < 5.2.2 Multiple vulnerabilities CVE-2007-1001 CVE-2007-1583 CVE-2007-1649 CVE-2007-1717 CVE-2007-1718 11 Jan 2012 7.5 (v3) High Pass CUPS Remote Command Execution via Shellshock CVE-2014-6271 CVE-2014-7169 08 Dec 2014 10 (v2) Critical Pass OpenWrt Web UI Detection. 04 Dec 2020 None Pass BASE < 1.4.4 base_local_rules.php dir Parameter XSS 27 Oct 2009 4.3 (v2) Medium Pass SonicWALL SOHO Web Interface XSS CVE-2005-1006 06 Apr 2005 4.3 (v2) Medium Pass CubeCart <= 2.0.6 Multiple SQL Injections CVE-2005-1033 08 Apr 2005 7.5 (v2) High Pass PostNuke < 0.760 RC4 Multiple Script XSS CVE-2005-1049 08 Apr 2005 2.6 (v2) Low Pass Invision Power Board index.php Members Action st Parameter SQL Injection CVE-2005-1070 11 Apr 2005 7.5 (v2) High Pass Oracle Database 10g Multiple Remote Vulnerabilities CVE-2004-1774 CVE-2005-3202 CVE-2005-3203 CVE-2005-4832 13 Apr 2005 7.5 (v2) High Pass WWWBoard passwd.txt Authentication Credential Disclosure CVE-1999-0953 27 Nov 1999 5 (v2) Medium Pass LedgerSMB / SQL-Ledger login.pl script Parameter Arbitrary Perl Code Execution CVE-2006-5872 30 Jan 2007 7.5 (v2) High Pass XAMPP Default FTP Account CVE-2005-1078 13 Apr 2005 9.8 (v3) Critical Pass Hydrogen Detection 13 Apr 2005 None Pass IBM WebSphere Application Server Malformed Host Header JSP Source Disclosure CVE-2005-1112 14 Apr 2005 2.6 (v2) Low Pass phpBB Photo Album Module <= 2.0.53 Multiple Vulnerabilities CVE-2005-1114 CVE-2005-1115 14 Apr 2005 7.5 (v2) High Pass Cyberstrong eShop Multiple Script ProductCode Parameter SQL Injection CVE-2003-0509 07 Aug 2005 7.5 (v2) High Pass PHP Upload Center index.php fi lename Parameter Directory Traversal Arbitrary File Access CVE-2005-3947 13 Jan 2006 5 (v2) Medium Pass Serendipity exit.php Multiple Parameter SQL Injection CVE-2005-1134 15 Apr 2005 7.5 (v2) High Pass phpBB Knowledge Base Module kb.php cat Parameter SQL Injection CVE-2005-1196 18 Apr 2005 7.5 (v2) High Pass Coppermine Photo Gallery < 1.3.2 Multiple SQL Injections CVE-2005-1225 CVE-2005-1226 21 Apr 2005 7.5 (v2) High Pass ELMAH (Error Logging Modules and Handlers) Remotely Accessible 03 Apr 2014 5 (v2) Medium Pass phpBB <= 2.0.14 Multiple Vulnerabilities CVE-2005-1193 CVE-2005-1290 25 Apr 2005 4.3 (v2) Medium Pass Horde Turba Contact Manager common-footer.inc Parent Frame Page Title XSS CVE-2005-1315 26 Apr 2005 4.3 (v2) Medium Pass Horde Mnemo common-footer.inc Parent Frame Page XSS CVE-2005-1320 26 Apr 2005 4.3 (v2) Medium Pass Horde Nag common-footer.inc Parent Frame Page Title XSS CVE-2005-1322 26 Apr 2005 4.3 (v2) Medium Pass Horde Turba common-footer.inc Parent Frame Page Title XSS CVE-2005-1315 26 Apr 2005 4.3 (v2) Medium Pass CuteNews Debug Info Disclosure 04 Dec 2003 5 (v2) Medium Pass IMP common-footer.inc Parent Frame Page Title XSS CVE-2005-1319 26 Apr 2005 4.3 (v2) Medium Pass yappa-ng < 2.3.2 Multiple Vulnerabilities CVE-2005-1311 CVE-2005-1312 27 Apr 2005 6.8 (v2) Medium Pass Serendipity BBCode Plugin XSS CVE-2005-1448 28 Apr 2005 2.6 (v2) Low Pass Apple iTunes < 12.7.5 Multiple Vulnerabilities (uncredentialed check) CVE-2018-4188 CVE-2018-4190 CVE-2018-4192 CVE-2018-4199 CVE-2018-4200 CVE-2018-4201 CVE-2018-4204 CVE-2018-4214 CVE-2018-4218 CVE-2018-4222 CVE-2018-4224 CVE-2018-4225 CVE-2018-4226 CVE-2018-4232 CVE-2018-4233 CVE-2018-4 06 Jun 2018 8.8 (v3) High Pass UserPro Plugin for WordPress up_auto_log Parameter Remote Authentication Bypass CVE-2017-16562 12 Jun 2018 9.8 (v3) Critical Pass VX Search HTTP POST Request Handling Remote Stack Bu ff er Over fl ow CVE-2017-7310 15 Jun 2018 7.8 (v3) High Pass Sync Breeze HTTP POST Request Handling Remote Stack Bu ff er Over fl ow 15 Jun 2018 9.8 (v3) Critical Pass Dup Scout HTTP POST Request Handling Remote Stack Bu ff er Over fl ow 15 Jun 2018 9.8 (v3) Critical Pass Disk Savvy HTTP POST Request Handling Remote Stack Bu ff er Over fl ow 15 Jun 2018 9.8 (v3) Critical Pass IBM InfoSphere Information Governance Catalog Detection 08 Jun 2018 None Pass Apple TV < 11.4.1 Multiple Vulnerabilities CVE-2018-4248 CVE-2018-4261 CVE-2018-4262 CVE-2018-4263 CVE-2018-4264 CVE-2018-4265 CVE-2018-4266 CVE-2018-4267 CVE-2018-4270 CVE-2018-4271 CVE-2018-4272 CVE-2018-4273 CVE-2018-4277 CVE-2018-4278 CVE-2018-4280 CVE-2018-4 16 Jul 2018 8.8 (v3) High Pass MySQL 8.0.x < 8.0.12 Multiple Vulnerabilities (Jul 2018 CPU) (Jul 2019 CPU) CVE-2018-0739 CVE-2018-3054 CVE-2018-3056 CVE-2018-3060 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3067 CVE-2018-3073 CVE-2018-3074 CVE-2018-3075 CVE-2018-3077 CVE-2018-3078 CVE-2018-3079 CVE-2018-3080 CVE-2018-3 20 Jul 2018 7.1 (v3) High Pass MySQL 5.7.x < 5.7.23 Multiple Vulnerabilities (July 2018 CPU) CVE-2018-0739 CVE-2018-2767 CVE-2018-3054 CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070 CVE-2018-3071 CVE-2018-3077 CVE-2018-3081 20 Jul 2018 7.1 (v3) High Pass PHP 7.2.x < 7.2.8 Use After Free Arbitrary Code Execution in EXIF CVE-2018-12882 CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 20 Jul 2018 9.8 (v3) Critical Pass Elasticsearch ESA-2018-07 CVE-2018-3822 22 Aug 2018 9.8 (v3) Critical Pass Elasticsearch ESA-2017-19 CVE-2017-8448 22 Aug 2018 8.8 (v3) High Pass Elasticsearch ESA-2017-06 CVE-2017-8438 22 Aug 2018 8.8 (v3) High Pass ASUSTOR Data Master < 3.1.6 Multiple Vulnerabilities CVE-2018-15694 CVE-2018-15695 CVE-2018-15696 CVE-2018-15697 CVE-2018-15698 CVE-2018-15699 24 Aug 2018 6.5 (v3) Medium Pass EMC Data Protection Advisor 6.2 < 6.4 Patch B180 / < 6.5 patch B51 (DSA-2018-112). CVE-2018-11048 31 Aug 2018 8.1 (v3) High Pass Zinwave Series 3000 DAS Web Interface Default Credentials 13 Sep 2018 9.8 (v3) Critical Pass Symantec Messaging Gateway 10.x < 10.6.6 Multiple Vulnerabilities (SYMSA1461) CVE-2018-12242 CVE-2018-12243 20 Sep 2018 9.8 (v3) Critical Pass Elasticsearch ESA-2018-15 CVE-2018-3831 24 Sep 2018 8.8 (v3) High Pass Apple iTunes < 12.9 Multiple Vulnerabilities (uncredentialed check) CVE-2018-4191 CVE-2018-4197 CVE-2018-4299 CVE-2018-4306 CVE-2018-4309 CVE-2018-4311 CVE-2018-4312 CVE-2018-4314 CVE-2018-4315 CVE-2018-4316 CVE-2018-4317 CVE-2018-4318 CVE-2018-4319 CVE-2018-4323 CVE-2018-4328 CVE-2018-4 02 Oct 2018 8.8 (v3) High Pass Apple iTunes < 12.8 Multiple Vulnerabilities (uncredentialed check) CVE-2018-4261 CVE-2018-4262 CVE-2018-4263 CVE-2018-4264 CVE-2018-4265 CVE-2018-4266 CVE-2018-4267 CVE-2018-4270 CVE-2018-4271 CVE-2018-4272 CVE-2018-4273 CVE-2018-4278 CVE-2018-4284 CVE-2018-4293 02 Oct 2018 8.8 (v3) High Pass Cisco Prime Infrastructure TFTP Arbitrary File Upload and Command Execution Vulnerability (cisco-sa-20181003-pi-tftp) CVE-2018-15379 12 Oct 2018 9.8 (v3) Critical Pass Cisco Prime Infrastructure TFTP Arbitrary File Upload and Command Execution Vulnerability (cisco-sa-20181003-pi-tftp) CVE-2018-15379 16 Oct 2018 9.8 (v3) Critical Pass MySQL 8.0.x < 8.0.13 Multiple Vulnerabilities (Oct 2018 CPU) (Jul 2019 CPU) CVE-2016-9843 CVE-2018-3133 CVE-2018-3137 CVE-2018-3143 CVE-2018-3144 CVE-2018-3145 CVE-2018-3155 CVE-2018-3156 CVE-2018-3161 CVE-2018-3162 CVE-2018-3170 CVE-2018-3171 CVE-2018-3173 CVE-2018-3174 CVE-2018-3182 CVE-2018-3 19 Oct 2018 9.8 (v3) Critical Pass MySQL 5.7.x < 5.7.24 Multiple Vulnerabilities (Oct 2018 CPU) (Jul 2019 CPU) CVE-2016-9843 CVE-2018-3133 CVE-2018-3143 CVE-2018-3144 CVE-2018-3155 CVE-2018-3156 CVE-2018-3161 CVE-2018-3162 CVE-2018-3171 CVE-2018-3173 CVE-2018-3174 CVE-2018-3185 CVE-2018-3187 CVE-2018-3200 CVE-2018-3247 CVE-2018-3 19 Oct 2018 9.8 (v3) Critical Pass MySQL 5.6.x < 5.6.42 Multiple Vulnerabilities (October 2018 CPU) CVE-2016-9843 CVE-2018-3133 CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3247 CVE-2018-3251 CVE-2018-3276 CVE-2018-3278 CVE-2018-3282 19 Oct 2018 9.8 (v3) Critical Pass MySQL 5.5.x < 5.5.62 Multiple Vulnerabilities (October 2018 CPU) CVE-2016-9843 CVE-2018-3133 CVE-2018-3174 CVE-2018-3282 19 Oct 2018 9.8 (v3) Critical Pass Apple iTunes < 12.9.1 Multiple Vulnerabilities (uncredentialed check) CVE-2018-4372 CVE-2018-4373 CVE-2018-4374 CVE-2018-4375 CVE-2018-4376 CVE-2018-4377 CVE-2018-4378 CVE-2018-4382 CVE-2018-4386 CVE-2018-4392 CVE-2018-4394 CVE-2018-4398 CVE-2018-4409 CVE-2018-4416 02 Nov 2018 8.8 (v3) High Pass Oracle Primavera Gateway Multiple Vulnerabilities (Oct 2018 CPU) CVE-2015-9251 CVE-2018-1275 CVE-2018-7489 02 Nov 2018 9.8 (v3) Critical Pass Appweb < 7.0.3 authCondition Authentication Bypass Vulnerability CVE-2018-8715 02 Nov 2018 8.1 (v3) High Pass jQuery-File-Upload Arbitrary File Upload Vulnerability (Remote Check) CVE-2018-9206 22 Oct 2018 9.8 (v3) Critical Pass Kibana ESA-2018-18 CVE-2018-17246 07 Nov 2018 9.8 (v3) Critical Pass WordPress Plugin 'WP GDPR Compliance' < 1.4.3 Privilege Escalation CVE-2018-19207 14 Nov 2018 9.8 (v3) Critical Pass Kibana ESA-2018-17 CVE-2018-17245 05 Dec 2018 9.8 (v3) Critical Pass Elasticsearch ESA-2015-06 CVE-2015-5377 07 Dec 2018 9.8 (v3) Critical Pass Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU) CVE-2018-2911 CVE-2018-3152 CVE-2018-3210 11 Dec 2018 8.3 (v3) High Pass Quest NetVault Backup Server < 11.4.5 Process Manager Service SQL Injection Remote Code Execution Vulnerability (ZDI-17-982) CVE-2017-17417 14 Dec 2018 9.8 (v3) Critical Pass IBM WebSphere Application Server 9.0.0.x < 9.0.0.10 XML External Entity Injection (XXE) Vulnerability (CVE-2018-1905) CVE-2018-1905 14 Dec 2018 7.1 (v3) High Pass Kubernetes proxy request handling vulnerability (CVE-2018-1002105) CVE-2018-1002105 14 Dec 2018 9.8 (v3) Critical Pass SSL / TLS Certi fi cate Known Hard Coded Private Keys CVE-2015-6358 CVE-2015-7255 CVE-2015-7256 CVE-2015-7276 CVE-2015-8251 08 Jan 2019 7.5 (v3) High 71

Pass SSH Known Hard Coded Private Keys CVE-2015-6358 CVE-2015-7255 CVE-2015-7256 CVE-2015-7276 CVE-2015-8251 08 Jan 2019 7.5 (v3) High Pass Apache Tomcat 8.0.x < 8.0.52 / 8.5.x < 8.5.31 / 9.0.x < 9.0.8 Denial of Service CVE-2018-1336 11 Jan 2019 7.5 (v3) High Pass MariaDB 10.0.0 < 10.0.37 Multiple Vulnerabilities CVE-2016-9843 CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3251 CVE-2018-3282 16 Jan 2019 9.8 (v3) Critical Pass MariaDB 5.5.0 < 5.5.42 Multiple Vulnerabilities CVE-2015-0433 CVE-2015-0441 CVE-2015-2568 CVE-2015-2573 16 Jan 2019 7.5 (v3) High Pass MySQL 8.0.x < 8.0.14 Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-0734 CVE-2018-3123 CVE-2019-2420 CVE-2019-2434 CVE-2019-2436 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2486 CVE-2019-2494 CVE-2019-2495 CVE-2019-2502 CVE-2019-2503 CVE-2019-2507 CVE-2019-2510 CVE-2019-2 17 Jan 2019 7.1 (v3) High Pass MySQL 5.7.x < 5.7.25 Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-0734 CVE-2018-3123 CVE-2019-2420 CVE-2019-2434 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2503 CVE-2019-2507 CVE-2019-2510 CVE-2019-2528 CVE-2019-2529 CVE-2019-2531 CVE-2019-2532 CVE-2019-2534 CVE-2019-2 17 Jan 2019 7.1 (v3) High Pass MySQL 5.6.x < 5.6.43 Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-0734 CVE-2018-3123 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2503 CVE-2019-2507 CVE-2019-2529 CVE-2019-2531 CVE-2019-2534 CVE-2019-2537 17 Jan 2019 7.1 (v3) High Pass File Alteration Monitor daemon (famd) Detection 02 May 2005 None Pass MariaDB 10.2.0 < 10.2.19 Multiple Vulnerabilities CVE-2016-9843 CVE-2018-3143 CVE-2018-3156 CVE-2018-3162 CVE-2018-3173 CVE-2018-3174 CVE-2018-3185 CVE-2018-3200 CVE-2018-3251 CVE-2018-3277 CVE-2018-3282 CVE-2018-3284 25 Jan 2019 9.8 (v3) Critical Pass VMware ESX / ESXi Web-Based Datastore Browser Default Credentials 24 Jan 2019 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.14 Multiple vulnerabilities. CVE-2016-10166 CVE-2018-19935 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 24 Jan 2019 9.8 (v3) Critical Pass PHP 7.3.x < 7.3.1 Multiple vulnerabilities. CVE-2016-10166 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9023 CVE-2019-9024 CVE-2019-9025 30 Jan 2019 9.8 (v3) Critical Pass JBoss Remoting RemoteMessageChannel DoS (intrusive check) CVE-2018-1041 31 Jan 2019 7.5 (v3) High Pass MariaDB 10.1 < 10.1.31 Multiple Vulnerabilities CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-3133 28 Jan 2019 7.1 (v3) High Pass iLO 3 < 1.88 Information Disclosure Vulnerability CVE-2016-4379 15 Feb 2019 3.7 (v3) Low Pass iLO 2 2.29 Remote Code Execution Vulnerability CVE-2017-8979 26 Feb 2019 9.8 (v3) Critical Pass MongoDB 3.4.x < 3.4.10 / 3.5.x < 3.6.0-rc0 mongod CVE-2017-15535 21 Feb 2019 9.1 (v3) Critical Pass EMC RSA Archer < 6.4.1.5 / 6.5.x < 6.5.0.2 Multiple Vulnerabilities CVE-2019-3715 CVE-2019-3716 07 Mar 2019 7.8 (v3) High Pass EMC RSA Authentication Manager < 8.4 P1 Insecure Credential Management (DSA-2019-038) CVE-2019-3711 08 Mar 2019 7.2 (v3) High Pass VMWare STARTTLS Support 01 Mar 2019 None Pass Logstash ESA-2019-05 CVE-2019-7612 20 Mar 2019 9.8 (v3) Critical Pass phpMyAdmin 4.x < 4.8.5 Multiple Vulnerabilities (PMASA-2019-1) (PMASA-2019-2) CVE-2019-6798 CVE-2019-6799 27 Mar 2019 9.8 (v3) Critical Pass Elasticsearch ESA-2019-04 CVE-2019-7611 20 Mar 2019 8.1 (v3) High Pass Aruba VAN SDN Controller Detection 12 Mar 2019 None Pass WePresent fi le_transfer.cgi Remote Command Execution CVE-2019-3929 30 Apr 2019 9.8 (v3) Critical Pass Oracle RDBMS Host Name and Patch Info 26 Apr 2010 None Pass Apache Storm WebUI Detection 28 Feb 2019 None Pass Trihedral VTScada 8.x < 11.2.02 Multiple Vulnerabilities CVE-2016-4510 CVE-2016-4523 CVE-2016-4532 28 Sep 2017 9.1 (v3) Critical Pass ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0005) (Remote Check) CVE-2019-5518 CVE-2019-5519 29 Mar 2019 6.8 (v3) Medium Pass Magento 2.2.x < 2.2.8 / 2.3.x < 2.3.1 Unauthenticated SQLi 29 Mar 2019 10 (v3) Critical Pass Oracle GlassFish Server Path Traversal CVE-2017-1000028 30 May 2018 7.5 (v3) High Pass Apache Tomcat HTTP PUT JSP File Upload RCE CVE-2017-12617 04 Dec 2017 8.1 (v3) High Pass CyberArk Password Vault Web Access .NET Object Deserialization (Direct Check) CVE-2018-9843 01 Jun 2018 9.8 (v3) Critical Pass Slimstat Analytics Plugin for WordPress < 4.7.1 PHP Object Injection 05 Dec 2017 7.4 (v3) High Pass Ultimate Form Builder Lite for WordPress < 1.3.7 SQL Injection CVE-2017-15919 05 Dec 2017 9.8 (v3) Critical Pass Zabbix Server 'active checks' Command Injection CVE-2017-2824 06 Dec 2017 8.1 (v3) High Pass MariaDB 10.2.x < 10.2.10 Multiple Vulnerabilities CVE-2017-3302 CVE-2017-3308 CVE-2017-3309 CVE-2017-3313 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-10268 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384 CVE-2017-15365 07 Dec 2017 8.8 (v3) High Pass Smush Image Plugin for WordPress < 2.7.6 Directory Traversal CVE-2017-15079 12 Dec 2017 7.5 (v3) High Pass RegistrationMagic Plugin for WordPress < 3.7.9.3 PHP Object Injection 12 Dec 2017 8.3 (v3) High Pass Gallery Bank Plugin for WordPress < 2.0.20 XSS 15 Dec 2017 2.4 (v3) Low Pass WP Symposium Plugin Arbitrary File Upload CVE-2014-10021 19 Dec 2017 10 (v3) Critical Pass Palo Alto Networks PAN-OS Management Interface RCE (PAN-SA-2017-0027) CVE-2017-15944 20 Dec 2017 9.8 (v3) Critical Pass GitHub Enterprise Detection 19 Dec 2017 None Pass ESXi 5.5 / 6.0 / 6.5 / Multiple Vulnerabilities (VMSA-2017-0021) (VMSA-2018-0002) (Spectre) (remote check) CVE-2017-4940 CVE-2017-4941 CVE-2017-5715 CVE-2017-5753 29 Dec 2017 7.5 (v3) High Pass ESXi 6.5 < Build 6765664 Heap Bu ff er Over fl ow (VMSA-2017-0021) (remote check) CVE-2017-4933 05 Jan 2018 7.5 (v3) High Pass Apple iTunes < 12.7.2 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2017-7156 CVE-2017-7157 CVE-2017-7160 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 08 Jan 2018 8.8 (v3) High Pass Elasticsearch Transport Protocol Unspeci fi ed Remote Code Execution CVE-2015-5377 11 Jan 2018 9.8 (v3) Critical Pass Oracle WebLogic WSAT Remote Code Execution CVE-2017-10271 28 Dec 2017 7.5 (v3) High Pass Apple iTunes < 12.7.3 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2018-4088 CVE-2018-4096 26 Jan 2018 8.8 (v3) High Pass Symantec (Blue Coat) Reporter Multiple Vulnerabilities (SA158) CVE-2017-15531 26 Jan 2018 9.8 (v3) Critical Pass Weak DH Key Exchange Supported (PCI DSS) CVE-2015-4000 29 Jan 2018 3.7 (v3) Low Pass pfSense < 2.1.1 Multiple Vulnerabilities (SA-14_02 / SA-14_03) CVE-2013-4353 CVE-2013-5211 CVE-2013-6449 CVE-2013-6450 CVE-2014-1452 31 Jan 2018 8.8 (v3) High Pass pfSense < 2.2.1 Multiple Vulnerabilities (SA-15_02 - SA-15_04) CVE-2015-2294 CVE-2015-2295 31 Jan 2018 7.1 (v3) High Pass pfSense < 2.2.6 Multiple Vulnerabilities (SA-15_09 / SA-15_10 / SA-15_11) CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-8023 31 Jan 2018 9 (v3) Critical Pass pfSense < 2.3.3 Multiple Vulnerabilities (SA-17_01 - SA-17_03) CVE-2016-1889 CVE-2016-6559 CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-8610 CVE-2016-8858 CVE-2016-9310 CVE-2016-9311 CVE-2016-9312 CVE-2016-10009 CVE-2016- 31 Jan 2018 9.8 (v3) Critical Pass pfSense < 2.3.4 Multiple Vulnerabilities (SA-17_04) CVE-2016-9042 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-7407 CVE-2017-7468 31 Jan 2018 9.8 (v3) Critical Pass pfSense 2.3.x < 2.3.5 / 2.4.x < 2.4.2 Multiple XSS Vulnerabilites (SA-17_08 / SA-17_09) CVE-2017-1000479 31 Jan 2018 8.8 (v3) High Pass Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check) 09 Feb 2018 None Pass IBM San Volume Controller / Storwize / FlashSystem 8.1.x < 8.1.0.1 privilege escalation vulnerability CVE-2017-1710 15 Feb 2018 9.8 (v3) Critical Pass Apple TV < 11.2.6 Telugu Character Handling Remote Memory Corruption Vulnerability CVE-2018-4124 23 Feb 2018 9.8 (v3) Critical Pass Lantronix Universal Device Server UDS1100 Version 12 Feb 2018 None Pass VMware AirWatch Console 9.1.x < 9.1.5 / 9.2.x < 9.2.2 XSRF CVE-2017-4951 02 Feb 2018 8.8 (v3) High Pass Hikvision IP Camera Remote Authentication Bypass CVE-2017-7921 CVE-2017-7923 28 Feb 2018 10 (v3) Critical Pass Cisco UCS Central Software < 2.0(1c) HTTP Request Handling RCE CVE-2018-0113 06 Mar 2018 8.8 (v3) High Pass Quest DR Series Appliance Web Detection 08 Mar 2018 None Pass Trend Micro Smart Protection Server Session Hijacking Via Log File Disclosure CVE-2017-11398 08 Mar 2018 8.8 (v3) High Pass Apache Tra ffi c Server 6.x < 6.2.2 / 7.x < 7.1.2 Host Header and Line Folding Vulnerability CVE-2017-5660 08 Mar 2018 8.6 (v3) High Pass Apache Tra ffi c Server 5.2.0 - 5.3.2 / 6.x < 6.2.2 / 7.x < 7.1.2 TLS Handshake DoS CVE-2017-7671 08 Mar 2018 7.5 (v3) High Pass Adobe Connect < 9.7.5 Multiple Vulnerabilities (APSB18-06) CVE-2018-4921 CVE-2018-4923 14 Mar 2018 9.1 (v3) Critical Pass Aspen HTTP Server Detection 16 Mar 2018 None Pass Apache 2.4.x < 2.4.33 Multiple Vulnerabilities (deprecated) CVE-2017-15710 CVE-2017-15715 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 30 Mar 2018 9.8 (v3) Critical Pass OS Identi fi cation : UPnP 29 Mar 2018 None Pass MS09-003: Microsoft Exchange Remote Code Execution (959239) (Uncredentialed) CVE-2009-0098 CVE-2009-0099 03 Apr 2018 9.8 (v3) Critical Pass Microsoft SQL Server TCP/IP Listener Product Database Detection 19 Mar 2018 None Pass Microsoft SQL Server Default Credentials (PCI wordlist) 26 Mar 2018 9.8 (v3) Critical Pass pfSense < 2.3.5 Multiple Vulnerabilities (KRACK) CVE-2017-12837 CVE-2017-12883 CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13084 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 CVE-2017-13704 CVE-2017-14491 CVE-2017-1 13 Apr 2018 9.8 (v3) Critical Pass pfSense < 2.4.3 Multiple Vulnerabilities (SA-18_01 / SA-18_02 / SA-18_03) (Meltdown) (Spectre) CVE-2017-5715 CVE-2017-5754 CVE-2018-6916 13 Apr 2018 9.8 (v3) Critical Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (April 2018 CPU) CVE-2017-7525 CVE-2017-15095 19 Apr 2018 9.8 (v3) Critical Pass Do not scan operational technology devices 18 Apr 2018 None Pass Oracle WebLogic SNMP Detection (TCP) 01 May 2018 None Pass Oracle WebLogic SNMP Detection (UDP) 01 May 2018 None Pass Oracle WebLogic HTTP Detection 03 May 2018 None Pass WAS Target Scanning for PCI 04 Jan 2019 None Pass Adobe <= 9.7.5 Connect Authentication Bypass Vulnerability (APSB18-18, APSB18-22) CVE-2018-4994 CVE-2018-12804 CVE-2018-12805 11 May 2018 9.8 (v3) Critical Pass HP Network Automation 10.0x < 10.00.023 / 10.1x < 10.11.06 / 10.2x < 10.21.05 / 10.3x < 10.30.03 / 10.4x < 10.40.01 / 10.5x < 10.50.01 Multiple Vulnerabilities CVE-2018-6492 CVE-2018-6493 18 May 2018 8.8 (v3) High Pass PHP 7.2.x < 7.2.5 Stack Bu ff er Over fl ow CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 04 May 2018 8.8 (v3) High Pass ISC BIND 9.12.x < 9.12.1-P1 Multiple Vulnerabilities CVE-2018-5736 CVE-2018-5737 22 May 2018 7.5 (v3) High Pass Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check) CVE-2009-3270 CVE-2009-3560 CVE-2009-3720 CVE-2012-1147 CVE-2012-1148 CVE-2012-6702 CVE-2013-7443 CVE-2015-1283 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-3717 CVE-2015-6607 CVE-2016-0718 CVE-2016-4472 CVE-2016-5 08 May 2017 9.8 (v3) Critical Pass Elasticsearch Detection 21 May 2018 None Pass HP Service Manager Detection 18 May 2018 None Pass Logstash JSON API Detection 21 May 2018 None Pass Apple iTunes < 12.6.1 WebKit Memory Corruption RCE (uncredentialed check) CVE-2017-6984 19 May 2017 8.8 (v3) High Pass PHP 7.0.x < 7.0.19 Multiple Vulnerabilities CVE-2017-8923 CVE-2017-9119 25 May 2017 9.8 (v3) Critical Pass Trend Micro SafeSync for Enterprise Authentication Bypass 05 Jun 2017 7.5 (v3) High Pass GE Multilin UR / URPlus / B95Plus Relay Web Interface Detection 26 May 2017 None Pass IBM BigFix Compliance 1.9.70 Multiple Vulnerabilities CVE-2017-1178 CVE-2017-1179 CVE-2017-1196 CVE-2017-1197 09 Jun 2017 9.8 (v3) Critical Pass Redis Server Unprotected by Password Authentication 06 Jun 2017 9.8 (v3) Critical Pass Adobe Captivate Quiz Reporting Feature 'internalServerReporting.php' File Upload RCE CVE-2017-3087 16 Jun 2017 7.5 (v3) High Pass Adobe Captivate Quiz Reporting Feature 'internalserverread.php' Remote File Disclosure (APSB17-19) CVE-2017-3087 16 Jun 2017 7.5 (v3) High Pass Apache 2.2.x < 2.2.33-dev / 2.4.x < 2.4.26 Multiple Vulnerabilities CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 22 Jun 2017 9.8 (v3) Critical Pass Check_MK Agent for Linux 1.2.3i < 1.2.5i3 Arbitrary File Disclosure CVE-2014-0243 28 Jun 2017 5.5 (v3) Medium Pass WP Statistics Plugin for WordPress < 12.0.8 'functions.php' wp_statistics_searchengine_query() SQLi 07 Jul 2017 8.8 (v3) High Pass WP Statistics Plugin for WordPress 'functions.php' wp_statistics_searchengine_query() SQLi 07 Jul 2017 8.8 (v3) High Pass EMC RSA Archer < 6.2.0.2 Multiple Vulnerabilities CVE-2017-4998 CVE-2017-4999 CVE-2017-5000 CVE-2017-5001 CVE-2017-5002 07 Jul 2017 8.8 (v3) High Pass Adobe Connect < 9.6.2 Multiple Vulnerabilities (APSB17-22) CVE-2017-3101 CVE-2017-3102 CVE-2017-3103 12 Jul 2017 7.5 (v3) High Pass Foscam C1 IP Camera FTP Hard Coded Password CVE-2016-8731 14 Jul 2017 9.8 (v3) Critical Pass Apache 2.2.x < 2.2.34 Multiple Vulnerabilities CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 18 Jul 2017 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.31 Multiple Vulnerabilities CVE-2017-6004 CVE-2017-7890 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 CVE-2017-11142 CVE-2017-11143 CVE-2017-11144 CVE-2017-11145 CVE-2017-11628 CVE-2017-12933 13 Jul 2017 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.21 Multiple Vulnerabilities CVE-2017-6004 CVE-2017-7890 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 CVE-2017-11144 CVE-2017-11145 CVE-2017-11362 CVE-2017-11628 CVE-2017-12933 CVE-2017-12934 13 Jul 2017 9.8 (v3) Critical Pass AXIS gSOAP Message Handling RCE (ACV-116267) (Devil's Ivy) CVE-2017-9765 19 Jul 2017 8.1 (v3) High Pass Linksys Smart Wi-Fi Router Default Credentials 19 Jul 2017 9.8 (v3) Critical Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 1 Token Pro fi le Name Stored XSS (ESA-2017-068) CVE-2017-8000 20 Jul 2017 4.8 (v3) Medium 72

Pass Oracle Primavera Gateway Multiple Vulnerabilities (July 2017 CPU) CVE-2015-0254 CVE-2016-6814 21 Jul 2017 9.8 (v3) Critical Pass IBM BigFix Platform 9.1.x < 9.1.1328.0 / 9.2.x < 9.2.11.19 Multiple Vulnerabilities CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1203 CVE-2017-1219 27 Jul 2017 9.8 (v3) Critical Pass GoAhead System.ini Leak CVE-2017-8225 03 Aug 2017 9.8 (v3) Critical Pass ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015) (remote check) CVE-2016-2183 CVE-2016-7055 CVE-2016-1000110 CVE-2017-3730 CVE-2017-3731 CVE-2017-3732 CVE-2017-4925 20 Sep 2017 7.5 (v3) High Pass Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability CVE-2017-6767 25 Aug 2017 7.1 (v3) High Pass Fuji Electric V-Server Detection 24 Jul 2017 None Pass HP Operations Orchestration 10.x < 10.80 Remote Code Execution CVE-2017-8994 05 Sep 2017 9.8 (v3) Critical Pass IBM BigFix Remote Control < 9.1.4 Authentication Bypass CVE-2016-2930 13 Sep 2017 7.5 (v3) High Pass D-Link DIR Router Missing Authentication Check CVE-2017-14417 14 Sep 2017 9.8 (v3) Critical Pass ESXi 5.5 < Build 6480267 RPC NULL Pointer Dereference Vulnerability (VMSA-2017-0015) (remote check) CVE-2017-4925 21 Sep 2017 5.5 (v3) Medium Pass VMware vCenter Server 6.5.x < 6.5u1 H5 Client Stored XSS (VMSA-2017-0015) CVE-2017-4926 21 Sep 2017 5.4 (v3) Medium Pass EMC Data Protection Advisor < 6.4.130 Hardcoded Password Vulnerability CVE-2017-8013 21 Sep 2017 9.8 (v3) Critical Pass Apache Solr < 6.6.1 Kerberos Plugin Delegation Token Handling Remote Information Disclosure CVE-2017-9803 27 Sep 2017 7.5 (v3) High Pass Apple iTunes < 12.7 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2017-7081 CVE-2017-7087 CVE-2017-7090 CVE-2017-7091 CVE-2017-7092 CVE-2017-7093 CVE-2017-7094 CVE-2017-7095 CVE-2017-7096 CVE-2017-7098 CVE-2017-7099 CVE-2017-7100 CVE-2017-7102 CVE-2017-7104 CVE-2017-7107 CVE-2017-7 27 Sep 2017 8.8 (v3) High Pass Trihedral VTScada Detection 28 Sep 2017 None Pass HP UCMDB Server BeanUtils Java Deserialization RCE CVE-2017-14353 09 Oct 2017 8.8 (v3) High Pass EMC RSA Archer < 6.2.0.5 Multiple Vulnerabilities CVE-2017-8016 CVE-2017-8025 CVE-2017-14369 CVE-2017-14370 CVE-2017-14371 CVE-2017-14372 12 Oct 2017 7.4 (v3) High Pass Apache 2.4.x < 2.4.28 HTTP Vulnerability (OptionsBleed) CVE-2017-9798 13 Oct 2017 7.5 (v3) High Pass Trend Micro O ffi ceScan Web Interface Detection 19 Oct 2017 None Pass ONVIF Device Services 17 Oct 2017 None Pass ONVIF Camera Snapshot 17 Oct 2017 None Pass ONVIF Get Device User List 17 Oct 2017 None Pass Ubiquiti Networks UniFi < 3.9.3.7537 (KRACK) CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13084 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 17 Oct 2017 8.1 (v3) High Pass Microsoft Windows SMB Server (2017-10) Multiple Vulnerabilities (uncredentialed check) CVE-2017-11780 CVE-2017-11781 17 Oct 2017 7 (v3) High Pass Trend Micro O ffi ceScan cgiShowClientAdm Remote Memory Corruption CVE-2017-14083 CVE-2017-14084 CVE-2017-14085 CVE-2017-14086 CVE-2017-14087 CVE-2017-14088 CVE-2017-14089 19 Oct 2017 9.8 (v3) Critical Pass Linksys E1500/E2500 Authenticated Command Execution 25 Oct 2017 9.1 (v3) Critical Pass ONVIF Stream URI 31 Oct 2017 None Pass Apache Solr 5.x < 5.5.5 / 6.x < 6.6.2 / 7.x < 7.1.0 Multiple Vulnerabilities CVE-2017-12629 02 Nov 2017 9.8 (v3) Critical Pass IBM BigFix Platform 9.2.x < 9.2.12 / 9.5.x < 9.5.7 Multiple Vulnerabilities CVE-2017-1218 CVE-2017-1220 CVE-2017-1222 CVE-2017-1225 CVE-2017-1226 CVE-2017-1228 CVE-2017-1230 CVE-2017-1232 CVE-2017-1521 02 Nov 2017 8.8 (v3) High Pass Apple iTunes < 12.7.1 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2017-13783 CVE-2017-13784 CVE-2017-13785 CVE-2017-13788 CVE-2017-13791 CVE-2017-13792 CVE-2017-13793 CVE-2017-13794 CVE-2017-13795 CVE-2017-13796 CVE-2017-13797 CVE-2017-13798 CVE-2017-13802 CVE-2017-13803 02 Nov 2017 8.8 (v3) High Pass IBM Storwize 1.5.x / 1.6.x < 1.6.2.0 RC4 Initial Keystream Bias Vulnerability (CVE-2017-1375) CVE-2017-1375 03 Nov 2017 7.5 (v3) High Pass Cisco APIC-EM 1.x < 1.5 Unauthorized Access (credentialed check) CVE-2017-12262 09 Nov 2017 8.8 (v3) High Pass Adobe Connect < 9.7 Multiple Vulnerabilities (APSB17-35) CVE-2017-11287 CVE-2017-11288 CVE-2017-11289 CVE-2017-11290 CVE-2017-11291 15 Nov 2017 10 (v3) Critical Pass VMware vCenter Server 5.5.x < 5.5u3f / 6.0.x < 6.0u3c / 6.5.x < 6.5u1 Multiple Vulnerabilities (VMSA-2017-0017) CVE-2017-4927 CVE-2017-4928 17 Nov 2017 7.5 (v3) High Pass Vanilla Forums Header Injection Remote Code Execution CVE-2016-10073 17 Nov 2017 7.5 (v3) High Pass PHP 5.6.x < 5.6.32 Multiple Vulnerabilities CVE-2016-1283 CVE-2017-16642 16 Nov 2017 9.8 (v3) Critical Pass HP LaserJet Printers RCE (HPSBPI03569) CVE-2017-2750 28 Nov 2017 9.8 (v3) Critical Pass Exim < 4.89.1 Use-After-Free BDAT Remote Code Execution CVE-2017-16943 29 Nov 2017 9.8 (v3) Critical Pass Samba Version 30 Nov 2017 None Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 6 Stored Cross-Site Scripting (ESA-2017-152) CVE-2017-14379 30 Nov 2017 5.4 (v3) Medium Pass WP Google Maps for WordPress < 7.11.17 Unauthenticated SQL Injection (CVE-2019-10692) CVE-2019-10692 03 Apr 2019 9.8 (v3) Critical Pass Network Time Protocol Daemon (ntpd) read_mru_list() Remote DoS CVE-2016-7434 29 Nov 2016 7.5 (v3) High Pass Observium Detection 29 Nov 2016 None Pass Veritas NetBackup Appliance < 2.7.2 / 3.1.0 Multiple Vulnerabilities (VTS17-003) CVE-2017-6399 CVE-2017-6400 CVE-2017-6401 CVE-2017-6402 CVE-2017-6403 CVE-2017-6404 CVE-2017-6405 CVE-2017-6406 CVE-2017-6407 CVE-2017-6408 CVE-2017-6409 30 Nov 2017 9.8 (v3) Critical Pass Default Password 'QwestM0dem' for 'admin' Account CVE-1999-0502 01 Dec 2017 9.8 (v3) Critical Pass VMware vCenter Server 5.5.x < 5.5u3e / 6.0.x < 6.0u2a Multiple XXE Vulnerabilities (VMSA-2016-0022) CVE-2016-7459 CVE-2016-7460 02 Dec 2016 9.1 (v3) Critical Pass HP Network Automation RPCServlet Java Object Deserialization RCE CVE-2016-8511 09 Dec 2016 9.8 (v3) Critical Pass Apple iTunes < 12.5.4 Multiple Vulnerabilities (uncredentialed check) CVE-2016-4692 CVE-2016-4743 CVE-2016-7586 CVE-2016-7587 CVE-2016-7589 CVE-2016-7592 CVE-2016-7598 CVE-2016-7599 CVE-2016-7610 CVE-2016-7611 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7640 CVE-2016-7641 CVE-2016-7 14 Dec 2016 8.8 (v3) High Pass EMC Avamar ADS / AVE Server Detection 16 Dec 2016 None Pass IBM BigFix Remote Control < 9.1.3 Multiple Vulnerabilities (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2183 CVE-2016-2928 CVE-2016-2931 CVE-2016-2932 CVE-2016-2933 CVE-2016-2934 CVE-2016-2935 CVE-2016-2943 CVE-2016-6304 CVE-2016-6306 27 Dec 2016 9.8 (v3) Critical Pass Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-4975 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2020-11985 12 Jan 2017 8.1 (v3) High Pass IBM Spectrum Protect Mount Detection 27 Dec 2016 None Pass Cisco IOS IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN) (uncredentialed check) CVE-2016-6415 26 Jan 2017 7.5 (v3) High Pass Oracle WebLogic Java Object RMI Connect-Back Deserialization RCE (January 2017 CPU) CVE-2017-3248 26 Jan 2017 9.8 (v3) Critical Pass Apple iTunes < 12.5.5 Multiple Vulnerabilities (uncredentialed check) CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2366 27 Jan 2017 8.8 (v3) High Pass Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check) 03 Feb 2017 None Pass Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.13 / 6.3.9 / 6.4.5 / 6.5.2 or Splunk Light < 6.5.2 Multiple Vulnerabilities CVE-2016-5418 CVE-2016-8688 CVE-2017-5607 CVE-2017-5880 10 Feb 2017 7.5 (v3) High Pass Tenable Nessus 6.8.x and 6.9.x < 6.9.1 Stored XSS (TNS-2016-17) CVE-2016-9259 15 Feb 2017 5.4 (v3) Medium Pass F5 TLS Session Ticket Implementation Remote Memory Disclosure (Ticketbleed) (uncredentialed check) CVE-2016-9244 15 Feb 2017 7.5 (v3) High Pass WordPress 4.7.x < 4.7.2 REST API 'id' Parameter Privilege Escalation CVE-2017-1001000 16 Feb 2017 7.5 (v3) High Pass McAfee ePolicy Orchestrator Agent Remote Log Detection 16 Feb 2017 None Pass IBM DataPower Gateway Detection 06 Feb 2017 None Pass OpenSSL 1.1.0 < 1.1.0e Encrypt-Then-Mac Extension DoS CVE-2017-3733 23 Feb 2017 7.5 (v3) High Pass Splunk Enterprise 6.4.x < 6.4.6 Stored XSS Vulnerability CVE-2017-12572 03 Mar 2017 4.8 (v3) Medium Pass Kodi Local File Inclusion Information Disclosure CVE-2017-5982 22 Mar 2017 7.5 (v3) High Pass Siemens S7 Protocol Support Detection 03 Apr 2017 None Pass OS Identi fi cation and Installed Software Enumeration over SSH v2 (Using New SSH Library) 30 May 2017 None Pass Default Password 'adminIWSS85' for 'admin' Account CVE-1999-0502 07 Apr 2017 9.8 (v3) Critical Pass VMware vCenter Server 6.0.x < 6.0u3b / 6.5.x < 6.5c BlazeDS AMF3 RCE (VMSA-2017-0007) CVE-2017-5641 19 Apr 2017 9.8 (v3) Critical Pass Tenable Nessus 6.8.x < 6.10.2 Arbitrary File Upload (TNS-2017-06) CVE-2017-6543 18 Apr 2017 7.3 (v3) High Pass NetGain Enterprise Manager Detection 10 Mar 2017 None Pass Adobe ColdFusion BlazeDS Java Object Deserialization RCE CVE-2017-3066 28 Apr 2017 9.8 (v3) Critical Pass Cisco Prime LAN Management Solution Java Object Deserialization RCE (CSCux34647) CVE-2015-6420 02 May 2017 9.8 (v3) Critical Pass Comelit Actuator Detection 21 Apr 2017 None Pass Powershell Empire Detection 21 Apr 2017 None Pass Cisco TelePresence CE 8.1.1 < 8.3.2 ICMP Packet Handling DoS (cisco-sa-20170503-ctp) CVE-2017-3825 04 May 2017 7.5 (v3) High Pass Jenkins < 2.46.2 / 2.57 and Jenkins Enterprise < 1.625.24.1 / 1.651.24.1 / 2.7.24.0.1 / 2.46.2.1 Multiple Vulnerabilities CVE-2017-1000353 CVE-2017-1000354 CVE-2017-1000355 CVE-2017-1000356 04 May 2017 9.8 (v3) Critical Pass Dell iDRAC6 / iDRAC7 / iDRAC8 Path Traversal Authentication Bypass CVE-2015-7270 01 Apr 2016 7.8 (v3) High Pass QNAP Signage Station Arbitrary File Upload Vulnerability CVE-2015-6036 25 Mar 2016 7.5 (v3) High Pass Apache Jetspeed Detection 28 Mar 2016 None Pass Apple TV < 7.2.1 Multiple Vulnerabilities CVE-2012-6685 CVE-2014-0191 CVE-2014-3660 CVE-2015-3730 CVE-2015-3731 CVE-2015-3732 CVE-2015-3733 CVE-2015-3734 CVE-2015-3735 CVE-2015-3736 CVE-2015-3737 CVE-2015-3738 CVE-2015-3739 CVE-2015-3740 CVE-2015-3741 CVE-2015-3 04 Apr 2016 9.8 (v3) Critical Pass VMware vRealize Business Unspeci fi ed Stored XSS (VMSA-2016-0003) CVE-2016-2075 06 Apr 2016 5.4 (v3) Medium Pass QNAP Signage Station Server Detection 25 Mar 2016 None Pass VMware vRealize Business Web UI Detection 06 Apr 2016 None Pass Cisco TelePresence Server Crafted IPv6 Packet Handling DoS (cisco-sa-20160406-cts) CVE-2016-1346 15 Apr 2016 5.9 (v3) Medium Pass Cisco Prime Infrastructure Java Deserialization RCE (cisco-sa-20160406-remcode) CVE-2016-1291 19 Apr 2016 9.8 (v3) Critical Pass Oracle WebLogic Server Java Object Deserialization RCE (April 2016 CPU) CVE-2016-0638 26 Apr 2016 9.8 (v3) Critical Pass Oracle iPlanet Web Server 7.0.x < 7.0.23 NSS ASN.1 Decoder RCE (April 2016 CPU) CVE-2015-7182 21 Apr 2016 9.8 (v3) Critical Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.27 NSS ASN.1 Decoder RCE (April 2016 CPU) CVE-2015-7182 22 Apr 2016 9.8 (v3) Critical Pass VMware vCenter Server 5.5.x < 5.5u3d / 6.0.x < 6.0u2 Client Integration Plugin Session Hijacking (VMSA-2016-0004) CVE-2016-2076 26 Apr 2016 7.6 (v3) High Pass OpenSSL 1.0.1 < 1.0.1t Multiple Vulnerabilities CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 04 May 2016 8.2 (v3) High Pass OpenSSL 1.0.2 < 1.0.2h Multiple Vulnerabilities CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 04 May 2016 8.2 (v3) High Pass Symantec Messaging Gateway 10.x < 10.6.1 Management Console Multiple Vulnerabilities (SYM16-005) CVE-2016-2203 CVE-2016-2204 05 May 2016 8.2 (v3) High Pass NetIQ Sentinel Detection 20 Apr 2016 None Pass BMC BladeLogic Server Automation RSCD Agent Detection 10 May 2016 None Pass Cisco TelePresence XML API HTTP Request Handling Authentication Bypass (cisco-sa-20160504-tpxml) CVE-2016-1387 13 May 2016 9.8 (v3) Critical Pass Moxa NPort Serial-to-Ethernet Server Detection 20 May 2016 None Pass PostgreSQL Server Login Possible 24 Jun 2016 None Pass Red Hat JBoss Operations Network Java Object Deserialization RCE CVE-2016-3737 06 Jun 2016 9.8 (v3) Critical Pass OpenSSL AES-NI Padding Oracle MitM Information Disclosure CVE-2016-2107 13 Jun 2016 5.9 (v3) Medium Noise HyperText Transfer Protocol (HTTP) Redirect Information 16 Jun 2016 None Pass Cisco APIC Detection 21 Jun 2016 None Noise Web Application Sitemap 24 Jun 2016 None Pass Wireless Access Controller Detection 06 Jun 2016 None Pass Symantec Messaging Gateway 10.x < 10.6.1-4 Multiple Vulnerabilities (SYM16-010) CVE-2016-2207 CVE-2016-2209 CVE-2016-2210 CVE-2016-2211 CVE-2016-3644 CVE-2016-3645 CVE-2016-3646 30 Jun 2016 8.4 (v3) High Pass BMC Server Automation RSCD Agent Weak ACL NSH Arbitrary Command Execution 05 Jul 2016 10 (v2) Critical Pass HPE LoadRunner Virtual Table Server import_csv Remote File Deletion DoS CVE-2016-4360 07 Jul 2016 9.1 (v3) Critical Pass PHP 5.6.x < 5.6.23 Multiple Vulnerabilities CVE-2016-4473 CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 01 Jul 2016 9.8 (v3) Critical Pass Symantec Web Gateway Anti-Virus De fi nition < 20160628.037 Multiple Vulnerabilities (SYM16-010) (credentialed check) CVE-2016-2207 CVE-2016-2209 CVE-2016-2210 CVE-2016-2211 CVE-2016-3644 CVE-2016-3645 CVE-2016-3646 12 Jul 2016 8.4 (v3) High Pass Untangle NG Firewall Detection 15 Jul 2016 None Pass Apache 2.4.18 / 2.4.20 X.509 Certi fi cate Authentication Bypass CVE-2016-4979 15 Jul 2016 7.5 (v3) High Pass Apache Tomcat 7.x < 7.0.17 Multiple Vulnerabilities CVE-2011-2204 CVE-2011-2481 CVE-2011-2526 03 Aug 2011 7.3 (v3) High 73

Pass Apache Tomcat 7.x < 7.0.20 'jsvc' Information Disclosure CVE-2011-2729 16 Aug 2011 5.3 (v3) Medium Pass IBM WebSphere Application Server Liberty Detection 04 Aug 2016 None Pass HP UCMDB Server Java Deserialization RCE CVE-2016-4368 25 Jul 2016 9.8 (v3) Critical Pass Splunk Enterprise < 5.0.16 / 6.0.12 / 6.1.11 / 6.2.11 / 6.3.6 / 6.4.2 or Splunk Light < 6.4.2 Multiple Vulnerabilities CVE-2013-0211 CVE-2015-2304 CVE-2016-1541 CVE-2016-2107 08 Aug 2016 8.8 (v3) High Pass VMware vRealize Log Insight 2.x / 3.x < 3.3.2 Multiple Vulnerabilities (VMSA-2016-0008) CVE-2016-2081 CVE-2016-2082 10 Aug 2016 8.8 (v3) High Pass ESXi 5.0 / 5.1 / 5.5 / 6.0 Multiple Vulnerabilities (VMSA-2016-0010) (remote check) CVE-2016-5330 CVE-2016-5331 12 Aug 2016 7.8 (v3) High Pass osTicket <= 1.2.7 Multiple Vulnerabilities CVE-2005-1436 CVE-2005-1437 CVE-2005-1438 CVE-2005-1439 04 May 2005 6.8 (v2) Medium Pass SonicWALL Global Management System (GMS) / Analyzer GMC Service XML External Entity (XXE) Injection 15 Aug 2016 9.3 (v3) Critical Pass PHP 5.6.x < 5.6.25 Multiple Vulnerabilities CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 23 Aug 2016 9.8 (v3) Critical Pass Cisco UCS Central Software < 1.3(1c) HTTP Request Handling RCE CVE-2016-1352 25 Aug 2016 9.8 (v3) Critical Pass OpenSSL < 1.0.2i Default Weak 64-bit Block Cipher (SWEET32) CVE-2016-2183 25 Aug 2016 7.5 (v3) High Pass Portable SDK for UPnP Devices (libupnp) HTTP Arbitrary File Write CVE-2016-6255 30 Aug 2016 7.5 (v3) High Pass IBM BigFix Server 9.2.x < 9.2.7.53 BES Gather XSS CVE-2016-0269 30 Aug 2016 5.4 (v3) Medium Pass SAP RMI-P4 Protocol Detection 08 Sep 2016 None Pass BMC Server Automation rscd Service Authentication Bypass RCE CVE-2016-4322 23 Sep 2016 9.8 (v3) Critical Pass Moxa MiiNePort Blank Default Telnet Password CVE-2016-2286 15 Sep 2016 7.5 (v3) High Pass Symantec Protection for SharePoint Servers Detection 09 Sep 2016 None Pass McAfee Security Information and Event Management 9.5.x / 9.6.x < 9.6.0.3 ESM Authentication Bypass (KB87744) CVE-2016-8006 26 Sep 2016 4.4 (v3) Medium Pass OpenSSL 1.0.2i CRL Handling NULL Pointer Dereference DoS CVE-2016-7052 28 Sep 2016 7.5 (v3) High Pass OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 30 Sep 2016 9.8 (v3) Critical Pass OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 30 Sep 2016 9.8 (v3) Critical Pass UPnP File Share Detection 13 Oct 2016 4.3 (v3) Medium Pass UPnP API Listing 13 Oct 2016 4.3 (v3) Medium Pass Apple TV < 9.1 Multiple Vulnerabilities CVE-2011-2895 CVE-2015-7038 CVE-2015-7039 CVE-2015-7040 CVE-2015-7041 CVE-2015-7042 CVE-2015-7043 CVE-2015-7047 CVE-2015-7048 CVE-2015-7051 CVE-2015-7053 CVE-2015-7054 CVE-2015-7055 CVE-2015-7058 CVE-2015-7059 CVE-2015-7 13 Oct 2016 4.3 (v3) Medium Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.29 Mozilla NSS ASN.1 Structure Handling RCE (October 2016 CPU) CVE-2016-1950 20 Oct 2016 8.8 (v3) High Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.29 / 3.0.1.x < 3.0.1.14 / 3.1.2.x < 3.1.2.15 Java Server Faces RCE (October 2016 CPU) CVE-2016-5519 20 Oct 2016 8.8 (v3) High Pass EMC Legato Networker Remote Exec Service Stack Over fl ow RCE CVE-2007-3618 20 Oct 2016 9.1 (v3) Critical Pass Unprotected 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '666666' for '666666' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '12345' for 'guest' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'klv123' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass F5 Networks BIG-IP : BIG-IP Virtual Server HTTP Explicit Proxy / SOCKS Pro fi le RCE (SOL35520031) (uncredentialed check) CVE-2016-5700 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'supervisor' for 'supervisor' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'support' for 'support' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Noise SSL Root Certi fi cation Authority Certi fi cate Information 14 Nov 2016 None Pass Apple iTunes < 12.5.2 Multiple Vulnerabilities (Uncredentialed Check) CVE-2016-4613 CVE-2016-7578 17 Nov 2016 8.8 (v3) High Pass OpenSSL 1.1.0 < 1.1.0c Multiple Vulnerabilities CVE-2016-7053 CVE-2016-7054 CVE-2016-7055 18 Nov 2016 7.5 (v3) High Pass PHP 7.0.x < 7.0.13 Multiple Vulnerabilities CVE-2016-7478 CVE-2016-9933 CVE-2016-9934 18 Nov 2016 7.5 (v3) High Pass Apple iTunes < 12.5.1 Multiple Vulnerabilities (uncredentialed Check) CVE-2016-4728 CVE-2016-4758 CVE-2016-4759 CVE-2016-4760 CVE-2016-4762 CVE-2016-4763 CVE-2016-4764 CVE-2016-4765 CVE-2016-4766 CVE-2016-4767 CVE-2016-4768 CVE-2016-4769 18 Nov 2016 8.8 (v3) High Pass Accellion Secure File Transfer Appliance 'oauth_token' Parameter Remote Command Execution CVE-2015-2857 27 Jul 2015 9.8 (v3) Critical Pass Accellion Secure File Transfer Appliance 'statecode' Cookie Remote File Disclosure CVE-2015-2856 27 Jul 2015 7.5 (v3) High Pass PHP 5.5.x < 5.5.28 Multiple Vulnerabilities CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-6836 CVE-2015-8835 CVE-2015-8867 CVE-2015-8873 CVE-2015-8876 11 Aug 2015 9.8 (v3) Critical Pass Invision Power Board index.php Multiple Parameter XSS CVE-2005-1443 05 May 2005 4.3 (v2) Medium Pass Web Application Cookies Not Marked HttpOnly 24 Aug 2015 None Pass Web Application Cookies Not Marked Secure 24 Aug 2015 None Pass SSL Certi fi cate Signed Using SHA-1 Algorithm 22 Sep 2015 None Pass Symantec Web Gateway Database < 5.0.0.1277 Multiple Vulnerabilities (SYM15-009) (credentialed check) CVE-2015-5690 CVE-2015-5691 CVE-2015-5692 CVE-2015-5693 CVE-2015-6547 CVE-2015-6548 25 Sep 2015 9.9 (v3) Critical Pass OrientDB < 2.0.15 / 2.1.1 XSRF CVE-2015-2912 08 Oct 2015 8.8 (v3) High Pass Janitza Hard-Coded FTP Password CVE-2015-3968 17 Nov 2015 9.8 (v3) Critical Pass VMware ESXi 5.0 < Build 3021432 OpenSLP RCE (VMSA-2015-0007) CVE-2015-1047 CVE-2015-2342 CVE-2015-5177 19 Nov 2015 8.6 (v3) High Pass VMware ESXi 5.1 < Build 3021178 OpenSLP RCE (VMSA-2015-0007) CVE-2015-1047 CVE-2015-2342 CVE-2015-5177 19 Nov 2015 8.6 (v3) High Pass VMware ESXi 5.5 < Build 3029944 OpenSLP RCE (VMSA-2015-0007) CVE-2015-1047 CVE-2015-2342 CVE-2015-5177 19 Nov 2015 8.6 (v3) High Pass 7-Technologies / Schneider-Electric IGSS Data Collector Detection 04 Dec 2015 None Pass Nessus 5.x < 5.2.12 / 6.x < 6.4 Multiple OpenSSL Vulnerabilities CVE-2015-1788 CVE-2015-1789 19 Nov 2015 7.5 (v3) High Pass TLS NPN Supported Protocol Enumeration 08 Dec 2015 None Pass Puppet Enterprise Installation Process Local CA Key Disclosure CVE-2015-7328 17 Dec 2015 4.7 (v3) Medium Pass Emerson SM-Ethernet FTP Server Default Credentials 01 Dec 2015 9.8 (v3) Critical Pass Unbound DNS Resolver Remote Version Detection 12 Jan 2016 None Pass HP Virtual Table Server Detection 20 Jan 2016 None Pass OpenSSL 1.0.1 < 1.0.1r Multiple Vulnerabilities (Logjam) CVE-2015-3197 CVE-2015-4000 02 Feb 2016 3.7 (v3) Low Pass OpenSSL 1.0.2 < 1.0.2f Multiple Vulnerabilities (Logjam) CVE-2015-3197 CVE-2015-4000 CVE-2016-0701 02 Feb 2016 3.7 (v3) Low Pass Joomla! User-Agent Object Injection RCE CVE-2015-8562 29 Jan 2016 9.8 (v3) Critical Pass Cisco TelePresence Video Communication Server (VCS) Web UI Detection 02 Feb 2016 None Pass Ipswitch WhatsUp Gold < 16.4 Multiple Vulnerabilities CVE-2015-6004 CVE-2015-6005 CVE-2015-8261 15 Feb 2016 9.8 (v3) Critical Pass Nessus SQLite Multiple RCE CVE-2015-5895 25 Feb 2016 8.8 (v3) High Pass ESXi 5.5 < Build 3568722 / 6.0 < Build 3568940 glibc DNS Resolver RCE (VMSA-2016-0002) (remote check) CVE-2015-7547 23 Feb 2016 8.1 (v3) High Pass Ipswitch WhatsUp Gold Detection 15 Feb 2016 None Pass IBM Tivoli Storage Manager FastBack 5.5.x / 6.1.x < 6.1.12.2 Multiple Vulnerabilities CVE-2015-8519 CVE-2015-8520 CVE-2015-8521 CVE-2015-8522 CVE-2015-8523 09 Mar 2016 9.8 (v3) Critical Pass Visual Mining NetCharts Server Arbitrary File Upload CVE-2014-8516 17 Dec 2014 8.8 (v3) High Pass Symantec Encryption Management Server Remote Administrator Enumeration CVE-2015-8148 11 Mar 2016 7.5 (v3) High Pass Default Password (abc123) for 'admin' Account CVE-1999-0502 22 Dec 2014 9.8 (v3) Critical Pass 7-Technologies / Schneider-Electric IGSS ODBC Service Detection 29 Feb 2016 None Pass 7-Technologies / Schneider-Electric IGSS ODBC Version Identi fi cation 29 Feb 2016 None Pass Default Password (centreon) for 'root' Account CVE-1999-0502 23 Dec 2014 9.8 (v3) Critical Pass Apache Tra ffi c Server 5.1.x < 5.1.1 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3624 22 Jan 2015 9.8 (v3) Critical Pass Default Password (passw0rd) for 'superuser' Account CVE-1999-0502 23 Jan 2015 9.8 (v3) Critical Pass Centreon Detection 23 Dec 2014 None Pass HP SiteScope 11.1x < 11.13 or 11.2x < 11.24 IP3 Remote Privilege Escalation CVE-2014-7882 06 Feb 2015 8.1 (v3) High Pass Default Password (changemenow) for 'root' Account CVE-1999-0502 04 Feb 2015 9.8 (v3) Critical Pass Jetty HttpParser Error Remote Memory Disclosure CVE-2015-2080 27 Feb 2015 7.5 (v3) High Pass MongoDB Service Without Authentication Detection 12 Mar 2015 9.8 (v3) Critical Pass Apple TV < 7.1 Multiple Vulnerabilities (FREAK) CVE-2015-1061 CVE-2015-1062 CVE-2015-1067 12 Mar 2015 9.8 (v3) Critical Pass ManageEngine OpManager Detection 16 Feb 2015 None Pass Symantec Data Center Security Web Console Interface Detection 26 Feb 2015 None Pass Siemens SIMATIC S7-1200 PLC Firmware Detection 02 Mar 2015 None Pass ManageEngine Desktop Central Remote Security Bypass (Intrusive Check) CVE-2014-7862 25 Mar 2015 9.8 (v3) Critical Pass ManageEngine Desktop Central Remote Security Bypass CVE-2014-7862 25 Mar 2015 9.8 (v3) Critical Pass ManageEngine Desktop Central < 9 Build 90135 Unauthenticated Admin Password Reset CVE-2015-2560 31 Mar 2015 9.8 (v3) Critical Pass ClusterLabs Pacemaker PCS Daemon Detection 07 May 2015 None Pass Apple TV < 7.2 Multiple Vulnerabilities CVE-2015-1068 CVE-2015-1069 CVE-2015-1070 CVE-2015-1071 CVE-2015-1072 CVE-2015-1073 CVE-2015-1074 CVE-2015-1076 CVE-2015-1077 CVE-2015-1078 CVE-2015-1079 CVE-2015-1080 CVE-2015-1081 CVE-2015-1082 CVE-2015-1083 CVE-2015-1 10 Apr 2015 9.8 (v3) Critical Pass Novell ZENworks Con fi guration Management < 11.3.2 Remote Code Execution (intrusive check) CVE-2015-0779 08 May 2015 8.8 (v3) High Noise SSL Certi fi cate Chain Contains Certi fi cates Expiring Soon 08 May 2015 None Pass IBM Tivoli Storage Manager FastBack Server Detection 08 May 2015 None Pass Default Password (123456) for 'nexthink' Account CVE-1999-0502 01 Apr 2015 9.8 (v3) Critical Pass sobby Server Detection 29 Apr 2015 None Pass Gearman Server Detection 14 May 2015 None Pass Apache Tomcat 7.0.x < 7.0.60 Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 19 May 2015 7.3 (v3) High Pass Cisco TelePresence IP VCR Detection 21 May 2015 None Pass Cisco TelePresence Server Detection 21 May 2015 None Pass eFront Detection 26 May 2015 None Pass Default Password (password) for 'emcupdate' Account CVE-1999-0502 CVE-2015-0529 22 May 2015 9.8 (v3) Critical Pass Cisco Ironport Security Appliance Authorized Key Vulnerability CVE-2015-4216 02 Jul 2015 7.2 (v3) High Pass HSTS Missing From HTTPS Server 02 Jul 2015 None Pass PostgreSQL < 8.0.3 Multiple Vulnerabilities CVE-2005-1409 CVE-2005-1410 05 May 2005 6.5 (v2) Medium Pass Backported Security Patch Detection (PHP) 07 Jul 2015 None Pass Puppet Enterprise 3.x < 3.8.1 Multiple Vulnerabilities (Logjam) CVE-2014-3600 CVE-2014-3612 CVE-2014-8110 CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-4000 23 Jul 2015 9.8 (v3) Critical Pass IBM DB2 Content Manager eClient Detection 23 Sep 2013 None Pass Cisco Uni fi ed MeetingPlace Detection 23 Sep 2013 None Pass Cisco CUCM / CUPS Detection 24 Sep 2013 None Pass HP Network Automation Detection 24 Sep 2013 None Pass HP Onboard Administrator Detection 26 Sep 2013 None Pass HP Network Node Manager i (NNMi) Console Detection 26 Sep 2013 None 74

Pass Trend Micro ScanMail for Exchange Web Console Detection 05 Jun 2015 None Pass Alcatel OmniSwitch Default Credentials (ftp) 30 Sep 2013 9.1 (v3) Critical Pass RES Workspace Manager Agent Detection 03 Oct 2013 None Pass RES Workspace Manager Relay Server Detection 03 Oct 2013 None Pass FireEye Web MPS GUI Detection 03 Oct 2013 None Noise SSL Cipher Block Chaining Cipher Suites Supported 22 Oct 2013 None Pass SSH Algorithms and Languages Supported 28 Oct 2013 None Pass Cogent DataHub Tunnel/Mirror Service Detection 23 Oct 2013 None Pass Net Optics Director Web Detection 23 Oct 2013 None Pass McAfee Web Reporter Detection (remote check) 14 Oct 2013 None Pass Schneider Electric InduSoft Web Studio Arbitrary Script Execution CVE-2015-7374 05 Nov 2013 9.8 (v3) Critical Pass SuperMicro Device Uses Default SSH Host Key 19 Dec 2013 9.8 (v3) Critical Pass Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS CVE-2013-5211 02 Jan 2014 7.5 (v3) High Pass IBM DB2 9.7 < Fix Pack 9 Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2012-2203 CVE-2013-3475 CVE-2013-4033 CVE-2013-5466 CVE-2013-6717 18 Dec 2013 9.8 (v3) Critical Pass Oracle Portal Demo Organization Chart Detection 22 Nov 2013 None Pass ColdFusion Extended Support Version Detection 22 Jan 2014 None Pass Web Site Client Access Policy File Detection 11 Feb 2014 None Pass Certi fi cate Revocation List Expiry 12 Feb 2014 None Pass Cisco TelePresence Video Communication Server (VCS) Detection 28 Jan 2014 None Pass SAProuter Detection 28 Jan 2014 None Pass Symantec Encryption Server Detection 14 Feb 2014 None Pass Cisco TelePresence System Detection 28 Jan 2014 None Pass NagiosQL Detection 26 Dec 2013 None Pass Synology DiskStation Manager (DSM) Detection 05 Feb 2014 None Pass Core FTP Server < 1.2 Build 508 lstrcpy Over fl ow Code Execution CVE-2014-1215 24 Feb 2014 7.8 (v3) High Pass Microsoft DNS Server Version Detection 03 Mar 2014 None Pass ZTE ZXV10 W300 Wireless Router Hard-coded Password CVE-2014-0329 05 Mar 2014 9.8 (v3) Critical Pass SFTP Supported 24 Feb 2014 None Pass Core FTP Server Detection 24 Feb 2014 None Pass Artifactory < 3.1.1.1 XStream Remote Code Execution CVE-2013-7285 12 Mar 2014 9.8 (v3) Critical Pass NAT-PMP Detection (local network) 20 Mar 2014 None Pass Default FTP Credentials (ntpupdate / ntpupdate) 25 Mar 2014 9.1 (v3) Critical Pass Default Password (ironport) for 'admin' Account CVE-1999-0502 02 Apr 2014 9.8 (v3) Critical Pass EMC RSA Authentication Manager Version 04 Apr 2014 None Pass SSH Static Key Accepted CVE-2012-1493 CVE-2013-3619 08 May 2014 9.8 (v3) Critical Pass HP LeftHand OS Management Protocol Detection 10 Apr 2014 None Pass EZPZ One Click Backup Plugin for WordPress 'cmd' Parameter Remote Command Execution CVE-2014-3114 20 May 2014 9.8 (v3) Critical Pass Participants Database Plugin for WordPress 'query' Parameter SQL Injection CVE-2014-3961 16 Jun 2014 10 (v3) Critical Pass nginx 1.5.10 SPDY Memory Corruption CVE-2014-0088 06 May 2014 5.6 (v3) Medium Pass Default Password (arkeia) for 'root' Account CVE-1999-0502 28 May 2014 9.8 (v3) Critical Pass HP O ffi ceJet Printer Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 02 Jun 2014 7.5 (v3) High Pass Symantec Web Gateway < 5.2.1 Multiple Vulnerabilities (SYM14-010) CVE-2013-5017 CVE-2014-1650 CVE-2014-1651 CVE-2014-1652 19 Jun 2014 9.8 (v3) Critical Pass Default Password (f00b@r) for 'root' Account CVE-1999-0502 23 Jun 2014 9.8 (v3) Critical Pass OSSIM SOAP Service Detection 23 Jun 2014 None Pass AlienVault OSSIM 'av-centerd' set_ fi le() Remote Code Execution CVE-2014-4151 25 Jun 2014 8.8 (v3) High Pass Tinc VPN Service Detection 26 Jun 2014 None Pass HylaFAX Installed 24 Jun 2014 None Pass Countertack Sentinel User Interface Detection 23 Jun 2014 None Pass Apache mod_wsgi < 4.2.4 Privilege Dropping Privilege Escalation CVE-2014-8583 14 Jul 2014 8.1 (v3) High Pass Cloudera Manager Detection 26 Jun 2014 None Pass WebTitan Default Credentials (ssh) 24 Jul 2014 9.8 (v3) Critical Pass Knot DNS Server Version Detection 25 Jul 2014 None Pass Default Password (default) for 'root' Account CVE-1999-0502 31 Jul 2014 9.8 (v3) Critical Pass Microsoft Exchange Client Access Server Information Disclosure 06 Aug 2014 7.5 (v3) High Pass Default Password (vmware) for 'root' Account CVE-1999-0502 04 Aug 2014 9.8 (v3) Critical Pass IBM GCM16 / GCM32 Global Console Manager KVM Switch Detection 05 Aug 2014 None Pass Halon Security Router Detection 11 Aug 2014 None Pass Atlassian Bamboo Detection 11 Aug 2014 None Pass Apache 2.2.x < 2.2.28 Multiple Vulnerabilities CVE-2013-5704 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 04 Sep 2014 7.3 (v3) High Pass ManageEngine EventLog Analyzer 02 Sep 2014 None Pass Post fi x Policyd Protocol Detection 07 Oct 2014 None Pass GNU Bash Environment Variable Handling Code Injection via ProFTPD (Shellshock) CVE-2014-6271 CVE-2014-7169 30 Sep 2014 8.8 (v3) High Pass Creative Contact Form Component for Joomla! File Upload RCE CVE-2014-7969 24 Nov 2014 9.8 (v3) Critical Pass rsync Writeable Module Detection 14 Oct 2014 None Pass Hikit Backdoor Detection 14 Oct 2014 None Pass Cisco UCS Director Default Credentials (SSH) 31 Oct 2014 9.8 (v3) Critical Pass Cisco UCS Director Web UI Detection 31 Oct 2014 None Pass WaveMaker Studio Detection 19 Jul 2012 None Pass Eaton Network Shutdown Module Detection 20 Jul 2012 None Pass Cisco TelePresence Multipoint Switch Web Detection 27 Jul 2012 None Pass Appweb HTTP Server Version 02 Aug 2012 None Pass Cyberoam Admin Console Detection 07 Aug 2012 None Pass RabidHamster R4 Detection 09 Aug 2012 None Pass Apple Pro fi le Manager Detection 01 Mar 2012 None Pass Eucalyptus Walrus Detection 21 Aug 2012 None Pass Eucalyptus Cloud Controller Console Detection 21 Aug 2012 None Pass Oracle Integrated Lights Out Manager Web Detection 23 Aug 2012 None Pass Symantec Messaging Gateway Detection 07 Sep 2012 None Pass SquidClamav Detection 10 Sep 2012 None Pass EMC AutoStart ftAgent Detection 10 Aug 2012 None Pass Default Password (user) for 'user' Account CVE-1999-0502 19 Sep 2012 9.8 (v3) Critical Pass Apache 2.2.x < 2.2.23 Multiple Vulnerabilities CVE-2012-0883 CVE-2012-2687 14 Sep 2012 7 (v3) High Pass SolarWinds Orion Product Detection 17 Sep 2012 None Pass Cisco Prime Security Manager Web Detection 18 Sep 2012 None Pass HP Database Archiving Software Detection 19 Sep 2012 None Pass SAP Control SOAP Web Service Detection 25 Sep 2012 None Pass SAP Host Control SOAP Web Service Detection 25 Sep 2012 None Pass Advanced Message Queuing Protocol Detection STARTTLS Support 27 Sep 2012 None Pass OpenStack Glance Detection 27 Sep 2012 None Pass OpenStack Keystone Detection 27 Sep 2012 None Pass LogAnalyzer Detection 17 Sep 2012 None Pass WebPagetest Detection 18 Sep 2012 None Pass WordPress A Page Flip Book Plugin for WordPress 'page fl ipbook_language' Parameter Arbitrary Code Execution CVE-2012-6652 03 Oct 2012 9.8 (v3) Critical Pass SSL Compression Methods Supported 16 Oct 2012 None Pass IPSEC Internet Key Exchange (IKE) Version 2 Detection 24 Oct 2012 None Pass Novell ZENworks Asset Management Detection 25 Oct 2012 None Noise TLS Next Protocols Supported 16 Oct 2012 None Pass WANem result.php pc Parameter Remote Command Execution 29 Oct 2012 8.8 (v3) High Pass ManageEngine OpStor Detection 01 Nov 2012 None Pass CoSoSys Endpoint Protector Detection 16 Nov 2012 None Pass WebYaST Web Client Detection 19 Nov 2012 None Pass Novell Sentinel Log Manager Web Detection 19 Nov 2012 None Pass Tectia SSH Server Authentication Bypass CVE-2012-5975 05 Dec 2012 9.8 (v3) Critical Pass ManageEngine Applications Manager Detection 05 Dec 2012 None Pass ManageEngine Security Manager Plus Detection 10 Dec 2012 None Pass Mutiny Detection 26 Oct 2012 None Pass freeFTPd / freeSSHd SFTP Authentication Bypass CVE-2012-6066 CVE-2012-6067 11 Dec 2012 7.3 (v3) High Pass Snare Agent Detection 24 Dec 2012 None Pass Nagios Core Detection 16 Jan 2013 None Pass ViArt Shop Detection 30 Jan 2013 None Pass HP Diagnostics Server Detection 05 Feb 2013 None Pass Hunt CCTV DVR.cfg Direct Request Information Disclosure CVE-2013-1391 06 Feb 2013 7.5 (v3) High 75

Pass Oracle Application Express (Apex) Detection 20 Feb 2013 None Pass Oracle Application Express (Apex) Administration Interface is Accessible 20 Feb 2013 None Pass Terminal Services Use SSL/TLS 22 Feb 2013 None Pass Bu ff alo LinkStation Detection 27 Feb 2013 None Pass Collector Component for Joomla! File Upload RCE 05 Feb 2013 9.8 (v3) Critical Pass Well-Known Ruby on Rails Secret Token Used on Remote Application 30 Jan 2013 5.8 (v2) Medium Pass HP LeftHand OS Console Discovery Detection 14 Feb 2013 None Pass Jenkins Detection 06 Mar 2013 None Pass Web Service Description Language File Detected 08 Mar 2013 None Pass Default Password (abc123) for 'root' Account CVE-1999-0502 05 Apr 2013 9.8 (v3) Critical Pass Novell ZENworks Mobile Management Detection 14 Mar 2013 None Pass Eye-Fi Helper Detection 26 Mar 2013 None Pass VNC Server Unencrypted Communication Detection 03 Apr 2013 None Pass Sophos Web Protection Detection 09 Apr 2013 None Pass IBM InfoSphere Data Replication Dashboard Detection 10 Apr 2013 None Pass Gallery Detection 02 Apr 2013 None Pass MongoDB Web Interface Detection 10 Apr 2013 None Pass Piwigo Detection 02 Apr 2013 None Pass mnoGoSearch Detection 10 Apr 2013 None Pass Novell Identity Manager Role Based Provisioning Module Detection 10 Apr 2013 None Pass Privoxy Detection 12 Apr 2013 None Pass Citrix Access Gateway Administrative Web Interface Detection 12 Apr 2013 None Pass Citrix Access Gateway User Web Interface Detection 12 Apr 2013 None Pass JBoss Web Services Endpoint Enumeration 23 Apr 2013 None Pass Puppet REST API Detection 26 Apr 2013 None Pass Puppet Enterprise Console Detection 26 Apr 2013 None Pass Cerb Detection 02 Apr 2013 None Pass Puppet Enterprise Console Authentication Bypass (intrusive check) CVE-2013-2716 26 Apr 2013 8.8 (v3) High Pass IBM Endpoint Manager Web Server Detection 30 Apr 2013 None Pass RDP Screenshot 22 Apr 2013 None Pass McAfee ePolicy Orchestrator Application Server Detection 04 May 2013 None Pass Lexmark Markvision Enterprise Detection 06 May 2013 None Pass Adobe ColdFusion Authentication Bypass (APSB13-13) (intrusive check) CVE-2013-1389 14 May 2013 8.8 (v3) High Pass Nagios NRPE Plugin Detect 09 May 2013 None Pass Junos Space WebUI Detection 31 May 2013 None Pass Sybase EAServer Detect 27 Jun 2013 None Pass GroundWork Monitor Enterprise Detection 28 Jun 2013 None Pass Hazelcast Wire Protocol Detection 28 Jun 2013 None Pass Hazelcast Memcached Interface Detection 28 Jun 2013 None Pass Hazelcast REST Interface Detection 28 Jun 2013 None Pass Invision Power Board < 2.0.4 Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1597 CVE-2005-1598 09 May 2005 7.5 (v2) High Pass ModSecurity Version 02 Jul 2013 None Pass Web mirroring stub 04 May 2001 None Pass IBM Blade Center Advanced Management Console Detection 16 Jul 2013 None Pass Apache 2.0.x < 2.0.65 Multiple Vulnerabilities CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862 16 Jul 2013 9.1 (v3) Critical Pass Oracle 10g DBMS_SCHEDULER Privilege Escalation CVE-2005-1496 09 May 2005 6 (v2) Medium Pass Oracle Database 9i/10g Fine Grained Auditing (FGA) SELECT Statement Logging Weakness CVE-2005-1495 09 May 2005 2.6 (v2) Low Pass VLC Web Interface Detection 23 Jul 2013 None Pass Hiawatha Detection 24 Jul 2013 None Pass Cisco TelePresence Multipoint Control Unit Detection 24 Jul 2013 None Pass Cisco Prime Network / Wireless Control System Health Monitor Detection 25 Jul 2013 None Pass Cisco ONS Detection 25 Jul 2013 None Pass Cisco Email Security Appliance Web Detection 26 Jul 2013 None Pass Cisco Web Security Appliance Web Detection 26 Jul 2013 None Pass OS Identi fi cation : NETCONF Over SSH 01 Aug 2013 None Pass Juniper NSM GUI Server Detection 13 Sep 2013 None Pass HP ArcSight Logger HTTP Detection 27 Aug 2013 None Pass SSL Certi fi cate Chain Contains RSA Keys Less Than 2048 bits 03 Sep 2013 None Pass Cisco Video Surveillance Manager Web Detection 12 Sep 2013 None Pass Juniper NSM Web Proxy Detection 13 Sep 2013 None Pass Juniper NSM Web Proxy SOAP Interface Detection 13 Sep 2013 None Pass Cisco Uni fi ed Computing System (UCS) Manager Version 17 Sep 2013 None Pass PHP 5.5.x < 5.5.3 Multiple Vulnerabilities CVE-2011-4718 CVE-2013-4248 21 Aug 2013 7.3 (v3) High Pass ICAP Server Type and Version 17 Sep 2013 None Pass Blue Coat ProxyAV Detection 17 Sep 2013 None Pass Management Center for Cisco Security Agents Detection 18 Sep 2013 None Pass Default Password (cliuser) for 'cliuser' Account CVE-1999-0502 17 Sep 2013 9.8 (v3) Critical Pass Atlassian Crucible for Windows < 4.4.6, 4.5.x < 4.5.3 Remote Code Execution Vulnerability CVE-2018-5223 04 Apr 2019 7.2 (v3) High Pass Apache Hadoop MapReduce JobTracker Web Detection 22 Oct 2010 None Pass Super Simple Blog Script Detection 20 Oct 2010 None Pass Moxa Device Manager Gateway Detection 22 Oct 2010 None Pass Apache Hadoop MapReduce TaskTracker Web Interface 22 Oct 2010 None Pass Apache Hadoop HDFS NameNode Web Detection 22 Oct 2010 None Pass Apache Hadoop HDFS DataNode Web Detection 22 Oct 2010 None Pass HTTP Origin Response Header Usage 26 Oct 2010 None Noise Missing or Permissive Content-Security-Policy frame-ancestors HTTP Response Header 26 Oct 2010 None Pass Default Password (patrol) for 'patrol' Account CVE-1999-0502 31 Oct 2010 9.8 (v3) Critical Noise Missing or Permissive X-Frame-Options HTTP Response Header 26 Oct 2010 None Pass CGI Generic Fragile Parameters Detection (potential) 30 Oct 2010 None Pass Sawmill Detection 01 Nov 2010 None Pass Web Common Credentials 06 Nov 2010 9.8 (v3) Critical Pass FreeNAS Web Detection 08 Nov 2010 None Pass Novatel MiFi Detection 08 Nov 2010 None Pass Atlassian FishEye Detection 02 Nov 2010 None Pass HP Systems Insight Control Detection 10 Nov 2010 None Pass HP Systems Insight Dynamics Detection 10 Nov 2010 None Pass NetSupport Manager Gateway Detection 10 Nov 2010 None Pass Ricoh Printer Detection 12 Nov 2010 None Pass BitTorrent / uTorrent Detection 22 Nov 2010 None Pass Adobe Flash Media Server Version Detection 24 Nov 2010 None Pass Pandora FMS Console Detection 01 Dec 2010 None Pass OpenSSL Detection 30 Nov 2010 None Pass Vuze Detection 02 Dec 2010 None Pass OS Identi fi cation : SSL Certi fi cates 10 Nov 2010 None Pass ProFTPD Compromised Source Packages Trojaned Distribution 06 Dec 2010 8.8 (v3) High Pass Vuze Media Server Detection 07 Dec 2010 None Pass Web Server Uses Basic Authentication over HTTPS 08 Dec 2010 None Pass IceWarp Webmail Detection 09 Dec 2010 None Pass Open fi re Admin Console Detection 13 Dec 2010 None Pass Dell Integrated Remote Access Controller (iDRAC) Detection 15 Dec 2010 None Pass Open fi ler Management Interface Detection 12 Jan 2011 None Pass DiskPulse Server Detection 09 Dec 2010 None Pass Site fi nity CMS Detection 10 Dec 2010 None Pass PhpGedView Detection 12 Jan 2011 None Pass Microsoft O ffi ce Document Conversions Load Balancer Detection 01 Feb 2011 None Pass Micro Focus Enterprise Administration Server Detection 01 Feb 2011 None Pass HP OpenView Performance Insight Server Detection 02 Feb 2011 None Pass OS Identi fi cation : SNMP hrSWInstalledName 03 Feb 2011 None Pass PRTG Network Monitor Detection 04 Feb 2011 None Pass Microsoft O ffi ce Document Conversions Launcher Detection 01 Feb 2011 None Pass Telnet Service START_TLS Support 07 Feb 2011 None Pass SSL Session Resume Supported 07 Feb 2011 None 76

Pass Apache CouchDB Detection 09 Feb 2011 None Pass F-Secure Internet Gatekeeper Web Console Detection 18 Feb 2011 None Pass Aeonian Dreams Detection 01 Mar 2011 None Pass Blacklisted SSL Certi fi cate 24 Mar 2011 None Pass Restricted Web Pages Detection 25 Mar 2011 None Pass HP Client Automation Web Console Detection 25 Mar 2011 None Pass MySQL Eventum Detection 22 Feb 2011 None Pass Symantec LiveUpdate Administrator Web Detection 29 Mar 2011 None Pass ActiveFax Server Detection 07 Apr 2011 None Pass OS Identi fi cation : Apple Filing Protocol 08 Apr 2011 None Pass RPC portmapper (TCP) 08 Apr 2011 None Pass SSL Server Accepts Weak Di ffi e-Hellman Keys 11 Apr 2011 None Pass OS Identi fi cation : HNAP 18 Apr 2011 None Pass Dell KACE K2000 Web Detection 19 Apr 2011 None Pass Link-Local Multicast Name Resolution (LLMNR) Detection 21 Apr 2011 None Pass Oracle BI Publisher Enterprise Detection 01 Apr 2011 None Pass Movicon TcpUploadServer Detection 25 Mar 2011 None Pass Plone Detection 25 Apr 2011 None Pass HP SiteScope Detection 02 May 2011 None Pass SMTP Authentication Methods 19 May 2011 None Pass Anonymous SMTP Authentication Enabled 19 May 2011 None Pass Sybase M-Business Anywhere (AvantGo) SOAP Server Detection 23 May 2011 None Pass WINS Server Detection 24 May 2011 None Pass Atlassian Con fl uence Wiki Detection 28 Apr 2011 None Pass RSA Operations Console Detection 05 Jul 2011 None Pass RSA Security Console Detection 05 Jul 2011 None Pass RSA Self-Service Console Detection 05 Jul 2011 None Pass Adobe ColdFusion Remote Development Services 05 Jul 2011 None Pass Apache Archiva Detection 05 Jun 2011 None Pass vsftpd Smiley Face Backdoor 06 Jul 2011 8.8 (v3) High Pass ManageEngine ServiceDesk Plus Detection 28 Jun 2011 None Pass Symantec Web Gateway Detection 20 Jul 2011 None Pass Computer Associates ARCserve D2D Detection 28 Jul 2011 None Pass Microsoft Remote Desktop Web Access Detection 09 Aug 2011 None Pass Remote Authentication Message Check 18 Aug 2011 None Pass Sitecore CMS / Experience Platform (XP) Web Detection 25 Aug 2011 None Pass Oracle GlassFish Server Administration Console 16 Aug 2011 None Pass Oracle GlassFish HTTP Server Version 16 Aug 2011 None Pass Solstice Enterprise Agent SNMP (snmpdx) Detection 30 Aug 2011 None Pass HP Client Automation Satellite Web Console Detection 12 Sep 2011 None Pass OpenVPN Server Detection 29 Aug 2011 None Pass OpenAdmin Tool Detection 13 Sep 2011 None Pass Microsoft Host Integration Server Detection 25 Oct 2011 None Pass SSL Certi fi cate Chain Not Sorted 12 Oct 2011 None Pass SSL Certi fi cate Chain Contains Unnecessary Certi fi cates 12 Oct 2011 None Pass Cisco Uni fi ed Operations Manager Detection 13 Oct 2011 None Pass ManageEngine ADSelfService Plus Detection 14 Oct 2011 None Pass Dropbox Software Detection (listener) 02 Nov 2011 None Pass SonicWALL ViewPoint Server Detection 26 Oct 2011 None Pass Greenbone Security Assistant detection 02 Dec 2011 None Pass Metasploit HTTP Server detection 02 Dec 2011 None Pass Nexpose HTTP Server Detection 02 Dec 2011 None Pass Bitcoin Detection 14 Sep 2011 None Pass VMware vCenter Update Manager Detection 28 Nov 2011 None Noise SSL / TLS Versions Supported 01 Dec 2011 None Pass JSPWiki Edit.jsp editor Parameter Traversal Local File Inclusion CVE-2008-1231 16 Dec 2011 9.8 (v3) Critical Pass Oracle WebLogic Detection (Combined) 30 Nov 2011 None Pass IBM WebSphere Application Server Detection 06 Dec 2011 None Noise SSL Perfect Forward Secrecy Cipher Suites Supported 07 Dec 2011 None Pass OpenSSL Version Detection 16 Dec 2011 None Pass NNTP Authentication Methods 19 Dec 2011 None Pass Anonymous NNTP Authentication Enabled 19 Dec 2011 None Pass VMware vSphere Detect 23 Dec 2011 None Pass OpenVAS Scanner Detection 02 Dec 2011 None Pass SAP Dynamic Information and Action Gateway Detection 30 Nov 2011 None Pass Apple iOS Lockdown Detection 09 Jan 2012 None Pass op5 Monitor Detection 17 Jan 2012 None Pass HP Managed Printing Administration Detection 26 Jan 2012 None Pass Symantec Endpoint Protection Manager Detection 01 Feb 2012 None Pass CodeMeter WebAdmin Detection 02 Feb 2012 None Pass IBM iSeries Credentials 08 Feb 2012 None Pass Backported Security Patch Detection (SMTP) 13 Feb 2012 None Pass Service Detection : SMTP Server on a Well-Known Port 13 Feb 2012 None Pass SSL Certi fi cate Chain Analysis 17 Jan 2012 None Pass LDAP 'Domain Admins' Group Membership Enumeration 20 Feb 2012 None Pass OS Identi fi cation : LDAP 21 Feb 2012 None Pass BJNP Detection 28 Feb 2012 None Pass SimpleSAMLphp Detection 23 Jan 2012 None Pass Kayako SupportSuite Detection 16 Feb 2012 None Pass Check Point SecuRemote Hostname Information Disclosure 21 Mar 2012 None Pass ManageEngine DeviceExpert Detection 22 Mar 2012 None Pass Novell ZENworks Control Center Detection 23 Mar 2012 None Pass HP Data Protector DPNECentral Web Service Detection 29 Mar 2012 None Pass McAfee WebShield Web UI Detection 03 Apr 2012 None Pass at32 Reverse Proxy Detection 05 Apr 2012 None Pass OS Identi fi cation : NativeLanManager 05 Apr 2012 None Pass Lenovo ThinkManagement Console Detection 10 Apr 2012 None Pass SSL Resume With Di ff erent Cipher Issue 17 Apr 2012 None Pass WebGlimpse Detection 21 Mar 2012 None Pass Dolibarr Detection 13 Apr 2012 None Pass Citrix XenServer vSwitch Controller Detection 20 Apr 2012 None Pass Scrutinizer NetFlow & sFlow Analyzer Detection 04 May 2012 None Pass SolarWinds Storage Manager Detection 16 May 2012 None Pass Symantec Web Gateway ipchange.php Shell Command Injection (SYM12-006) (intrusive check) CVE-2012-0297 21 May 2012 8.8 (v3) High Pass Symantec Web Gateway upload_ fi le() Remote Code Execution (SYM12-006) (intrusive check) CVE-2012-0299 21 May 2012 8.8 (v3) High Pass PacketVideo TwonkyServer Detection 23 May 2012 None Pass IBM Tivoli Directory Server Web Administration Tool Detection 20 Apr 2012 None Pass Atlassian Crucible Detection 01 Jun 2012 None Pass CGIProxy Detection 23 Apr 2012 None Pass Liferay Portal Detection 22 May 2012 None Pass Cobbler Admin Interface Detection 07 Jun 2012 None Pass Cobbler Linux Installation Server Detection 07 Jun 2012 None Pass Citrix Provisioning Services Unspeci fi ed Request Parsing Remote Code Execution (CTX133039) (uncredentialed check) CVE-2012-4068 13 Jun 2012 9.8 (v3) Critical Pass F5 Multiple Products Root Authentication Bypass CVE-2012-1493 13 Jun 2012 9.8 (v3) Critical Pass Network UPS Tools Detection 22 Jun 2012 None Pass Network UPS Tools Service STARTTLS Command Support 22 Jun 2012 None Pass Globus Toolkit GridFTP Server Detection 27 Jun 2012 None Pass Quagga Zebra Detection 29 Jun 2012 None Pass Symantec Message Filter Management Interface Detection 03 Jul 2012 None Pass Check_MK Agent Detection 03 Jul 2012 None Pass MailEnable WebMail Detection 19 Jun 2012 None Pass Elgg Detection 22 Jun 2012 None 77

Pass WellinTech KingView History Server Detection 05 Jun 2012 None Pass MikroTik RouterOS Winbox Detection 27 Jun 2012 None Pass Wyse Device Manager Default FTP Account 20 Jul 2009 9.8 (v3) Critical Pass Web Server Detection (HTTP/1.1) 28 Jul 2009 None Pass SNMP Supported Protocols Detection 31 Jul 2009 None Pass WP-Syntax Plugin for WordPress 'apply_ fi lters' function Command Execution CVE-2009-2852 14 Aug 2009 8.8 (v3) High Pass Protected Web Page Detection 21 Aug 2009 None Pass Web Application Potentially Sensitive CGI Parameter Detection 25 Aug 2009 None Pass Snitz Forums 2000 Detection 03 Aug 2009 None Pass Citrix Licensing Service Detection 04 Sep 2009 None Pass Web Server Allows Password Auto-Completion 07 Oct 2009 None Pass ACAP Service STARTTLS Command Support 09 Oct 2009 None Pass IMAP Service STARTTLS Command Support 09 Oct 2009 None Pass Dopewars Server Detection 07 Oct 2009 None Pass NNTP Service STARTTLS Command Support 09 Oct 2009 None Pass POP3 Service STLS Command Support 09 Oct 2009 None Pass SMTP Service STARTTLS Command Support 09 Oct 2009 None Pass XMPP Service STARTTLS Command Support 09 Oct 2009 None Pass Drupal SA-CONTRIB-2009-080: Simplenews Statistics Open Redirect CVE-2009-3784 24 Oct 2009 7.1 (v3) High Pass NFS Server Super fl uous CVE-1999-0548 26 Oct 2009 None Info Pass NFS Shares World Readable 26 Oct 2009 7.5 (v3) High Pass AlienVault OSSIM Web Front End Detection 02 Nov 2009 None Pass Windows NetBIOS Remote Host Information Disclosure 06 Nov 2009 None Pass Adobe ColdFusion Detection 02 Nov 2009 None Pass Microsoft Windows NTLMSSP Authentication Request Remote Network Name Disclosure 06 Nov 2009 None Pass CISCO ASA SSL VPN Detection 12 Nov 2009 None Pass HP Power Manager Detection 13 Nov 2009 None Pass Lotus Domino Console Detection 16 Nov 2009 None Pass osCommerce Detection 03 Nov 2009 None Noise Strict Transport Security (STS) Detection 16 Nov 2009 None Pass Non-compliant Strict Transport Security (STS) 16 Nov 2009 None Pass BuildBot WebStatus Detection 03 Nov 2009 None Pass Apple TV Detection 16 Nov 2009 None Pass SSL Medium Strength Cipher Suites Supported (SWEET32) CVE-2016-2183 23 Nov 2009 7.5 (v3) High Pass SqueezeCenter Discovery Service Detection 30 Nov 2009 None Pass SSL Certi fi cate Expiry - Future Validity 02 Dec 2009 None Noise SSL Certi fi cate Expiry - Future Expiry 02 Dec 2009 None Pass Web Application Tests Disabled 09 Dec 2009 None Pass SNMP Query WLAN SSID (Cisco) 10 Dec 2009 None Pass Squeezebox Server CLI Detection 30 Nov 2009 None Pass Unisys Business Information Server Detection 18 Nov 2009 None Pass GForge Detection 01 Dec 2009 None Pass phpShop Detection 14 Dec 2009 None Pass Altiris Deployment Solution Server DB Manager Detection 08 Jan 2010 None Pass NetBIOS Multiple IP Address Enumeration 06 Jan 2010 None Pass Kerberos Information Disclosure 08 Jan 2010 None Pass Oracle WebLogic Server Node Manager Remote Command Execution CVE-2010-0073 26 Jan 2010 8.8 (v3) High Pass HNAP Detection 26 Jan 2010 None Pass D-Link Router Detection 26 Jan 2010 None Pass Oracle WebLogic Server Node Manager Detection 26 Jan 2010 None Pass OpenX Source Detection 12 Jan 2010 None Pass TYPO3 Detection 22 Jan 2010 None Pass X-format Communications Protocol (XCP) Detection 28 Jan 2010 None Pass SAP BusinessObjects Detection 01 Feb 2010 None Pass OS Identi fi cation : SNMP sysObjectID 01 Feb 2010 None Pass Linksys Router Detection 04 Feb 2010 None Pass IBM Tivoli Monitoring Service Console Detection 04 Feb 2010 None Pass VMware Host Agent Web Detection 17 Feb 2010 None Pass SilverStripe CMS Detection 28 Jan 2010 None Pass Do not scan printers (AppSocket) 26 Feb 2010 None Pass HTTP Session Cookies 04 Mar 2010 None Pass SNMP Query Airport Version 10 Mar 2010 None Pass Remote Help Detection 24 Mar 2010 None Pass eScan MWAdmin Interface Detection 25 Mar 2010 None Pass IBM Remote Supervisor Adapter Detection (HTTP) 26 Mar 2010 None Pass Hyperic HQ Web GUI Detection 26 Mar 2010 None Pass AFP Server Share Enumeration (guest) 30 Mar 2010 None Pass ICMP Node Information Query Information Disclosure 01 Apr 2010 None Pass SSL Certi fi cate 'commonName' Mismatch 03 Apr 2010 None Pass Mac OS X Server Web Services Version Detection 08 Apr 2010 None Pass LDAP Group Enumeration 09 Apr 2010 None Pass LDAP User Enumeration 09 Apr 2010 None Pass AjaXplorer Detection 12 Apr 2010 None Pass TaskFreak! Detection 04 May 2010 None Pass Apache ActiveMQ Detection 16 Apr 2010 None Pass STUN Detection 20 Apr 2010 None Pass Hyper Text Caching Protocol (HTCP) Detection 23 Apr 2010 None Pass Internet Cache Protocol (ICP) Version 2 Detection 23 Apr 2010 None Pass Windows Media Service Server Detection 27 Apr 2010 None Noise Additional DNS Hostnames 29 Apr 2010 None Pass Tembria Server Monitor Detection 30 Apr 2010 None Pass Inconsistent Hostname and IP Address 03 May 2010 None Pass MODx CMS Detection 29 Apr 2010 None Pass Lexmark Printer Detection 11 May 2010 None Pass ManageEngine ADManager Plus Detection 02 Jun 2010 None Pass ManageEngine ADAudit Plus Detection 02 Jun 2010 None Pass Beanstalkd Detection 14 Jun 2010 None Pass PRTG Tra ffi c Grapher Detection 10 Jun 2010 None Pass Magnoware DataTrack System Detection 11 Jun 2010 None Pass Campsite Detection 05 May 2010 None Pass Apache Axis2 Detection 27 May 2010 None Pass Host Fully Quali fi ed Domain Name (FQDN) Resolution (XML tag) 14 Jul 2011 None Pass D-link Click 'n Connect Daemon Detection 06 Jul 2010 None Pass Novell Teaming Detection 20 Jul 2010 None Pass Symphony Detection 07 Jun 2010 None Pass Simple Machines Forum Detection 28 Jun 2010 None Pass FireStats Detection 16 Jul 2010 None Pass CGI Generic Injectable Parameter 26 Jul 2010 None Pass Apache HTTP Server Version 30 Jul 2010 None Pass Oracle Business Process Management Detection 16 Aug 2010 None Pass IBM Tivoli Management Framework Endpoint Web Detection 18 Aug 2010 None Pass PHP Version Detection 04 Aug 2010 None Pass Syncrify Detection 23 Sep 2010 None Pass Squid Proxy Version Detection 28 Sep 2010 None Pass Apple Remote Events Service Detection 07 Oct 2010 None Pass Web Server Harvested Email Addresses 04 Oct 2010 None Pass MapServer Detection 27 Jul 2010 None Pass phpwcms Detection 30 Jul 2010 None Pass Barracuda Spam & Virus Firewall Console Management Detection 04 Oct 2010 None Pass Nagios XI / Fusion Detection 06 Oct 2010 None Pass FreePBX Detection 18 Oct 2010 None Pass BitDefender Update Server Detection 21 Jan 2008 None 78

Pass Coppermine imageObjectIM.class.php Command Execution Vulnerabilities CVE-2008-0506 31 Jan 2008 8.8 (v3) High Pass XOT Detection 29 Jan 2008 None Pass LPD Detection 08 Feb 2008 None Pass netsaint-statd Daemon Detection 06 Oct 2010 None Pass F5 BIG-IP Web Management Interface Detection 11 Feb 2008 None Pass MikroTik RouterOS Detection 11 Feb 2008 None Pass RTMP Server Detection 15 Feb 2008 None Pass Sniplets Plugin for WordPress execute.php 'text' Parameter Arbitrary Command Execution CVE-2008-1060 26 Feb 2008 8.8 (v3) High Pass KiSS PC-Link Server Detection (UDP) 14 Mar 2008 None Pass Acronis Agent Detection (UDP) 25 Mar 2008 None Pass DNS Sender Policy Framework (SPF) Enabled 26 Mar 2008 None Pass SSL Anonymous Cipher Suites Supported CVE-2007-1858 28 Mar 2008 5.9 (v3) Medium Pass SQL Anywhere Broadcast Repeater Detection 01 Apr 2008 None Pass Symantec Storage Foundation Scheduler Service Detection 15 Apr 2008 None Pass MobiLink Server Detection 01 Apr 2008 None Pass FTP Server Any Command Accepted (possible backdoor/proxy) 19 May 2008 None Pass FTP Server No Command Accepted (possible backdoor/proxy) 19 May 2008 None Pass FTP Server Bad Command Sequence Accepted (possible backdoor/proxy) 19 May 2008 None Pass MDAP Service Detection 22 May 2008 None Pass File Transfer (P2P) Detection 26 Mar 2008 None Pass Sympa Detection 01 Apr 2008 None Pass WS-Management Server Detection 11 Jun 2008 None Pass Owner Free File System Client Detection 20 Jun 2008 None Pass CA Secure Content Manager HTTP Gateway Service Detection 11 Jun 2008 None Pass Microsoft Dynamics GP Distributed Process Manager Detection 02 Jul 2008 None Pass Sun Java System ASP Server < 4.0.3 Multiple Vulnerabilities CVE-2008-2405 CVE-2008-2406 08 Jul 2008 8.8 (v3) High Pass Multiple Vendor DNS Query ID Field Prediction Cache Poisoning CVE-2008-1447 09 Jul 2008 9.1 (v3) Critical Pass LANDesk Remote Control Service Detection 29 Jul 2008 None Pass SNMP Query Routing Information Disclosure 21 Aug 2008 None Pass PowerDNS Version Detection 25 Aug 2008 None Pass .NET NegotiateStream Server Detection 15 Jul 2008 None Pass Openlink Virtuoso Server Detection 25 Jul 2008 None Pass LANDesk QIP Server Detection 17 Sep 2008 None Pass IRC Bouncer (BNC) Detection 17 Sep 2008 None Pass LogMeIn Agent Detection 23 Sep 2008 None Pass Default Password (bank) for 'bank' Account CVE-1999-0502 04 Sep 2008 9.8 (v3) Critical Pass Default Password (trans) for 'trans' Account CVE-1999-0502 04 Sep 2008 9.8 (v3) Critical Pass Kyocera Mita Scanner File Utility Detection 09 Sep 2008 None Pass Simple PHP Blog Detection 08 Sep 2008 None Pass ASG-Sentry SNMP Agent Detection 14 Oct 2008 None Pass phpScheduleIt reserve.php start_date Parameter Arbitrary Command Injection CVE-2008-6132 03 Oct 2008 8.8 (v3) High Pass Blue Coat Reporter Detection 03 Oct 2008 None Pass Broken Web Server Detection 22 Oct 2008 None Pass phpScheduleIt Detection 03 Oct 2008 None Pass Apache Struts 2 < 2.0.12 / 2.1.3 Dispatcher Directory Traversal CVE-2008-6505 24 Nov 2008 7.5 (v3) High Pass SNMP Protocol Version Detection 06 Jan 2009 None Pass HDHomeRun Discovery Service Detection 13 Jan 2009 None Pass DNS Server hostname.bind Map Hostname Disclosure 15 Jan 2009 None Pass SSL Service Requests Client Certi fi cate 06 Jan 2009 None Pass CA Unicenter Cron Scheduler Detection 08 Jan 2009 None Pass DNS Server DNSSEC Aware Resolver 15 Jan 2009 None Pass Scan for UPnP hosts (multicast) 19 Feb 2009 None Pass DNS Server Spoofed Request Ampli fi cation DDoS CVE-2006-0987 22 Jan 2009 7.5 (v3) High Pass GigaTribe Detection 28 Jan 2009 None Pass OS Identi fi cation : FTP 12 Feb 2009 None Pass UPnP Internet Gateway Device (IGD) External IP Address Reachable 19 Feb 2009 None Pass Web Server UPnP Detection 19 Feb 2009 None Pass TeamSpeak Server Administration Detection 20 Feb 2009 None Pass OS Identi fi cation : HTML 05 Mar 2009 None Pass Thecus NAS Device Detection 10 Mar 2009 None Pass EMC RepliStor Detection 26 Jan 2009 None Pass Zabbix Web Interface Detection 07 Mar 2009 None Pass Fortify 360 Web Interface Detection 24 Apr 2009 None Pass FogBugz Interface Detection 24 Apr 2009 None Pass Microsoft SharePoint Server Detection 27 Apr 2009 None Pass pam_ssh Login Prompt Remote Username Enumeration CVE-2009-1273 28 Apr 2009 9.4 (v3) Critical Pass A-A-S Application Access Server Detection 14 May 2009 None Pass Samhain Server (yule) Detection 17 Mar 2009 None Pass HP LaserJet Printer Detection 10 Apr 2009 None Pass Open Virtual Desktop Detection 14 May 2009 None Pass AWStats Detection 20 Mar 2009 None Pass Geeklog Detection 13 Apr 2009 None Pass Atmail Webmail / AtmailOpen Webmail Detection 30 Apr 2009 None Pass NSD version Directive Remote Version Disclosure 21 May 2009 None Pass Vulture Reverse Proxy Detection 08 Jun 2009 None Pass ClamAV Version Detection 17 Jun 2009 None Pass Apache Tomcat Detection 18 Jun 2009 None Pass HTTP Server Cookies Set 19 Jun 2009 None Pass Backported Security Patch Detection (FTP) 25 Jun 2009 None Pass Backported Security Patch Detection (SSH) 25 Jun 2009 None Pass Backported Security Patch Detection (WWW) 25 Jun 2009 None Pass TinyWebGallery lang Parameter Local File Inclusion CVE-2009-1911 26 May 2009 8.8 (v3) High Pass SquirrelMail map_yp_alias Username Mapping Alias Arbitrary Code Execution CVE-2009-1579 15 May 2009 8.8 (v3) High Pass Zen Cart Detection 24 Jun 2009 None Pass Movable Type Detection 26 Jun 2009 None Pass HP DDMI on Windows Unspeci fi ed Remote Agent Access CVE-2009-1419 06 Jul 2009 8.8 (v3) High Pass Adobe ColdFusion FCKeditor 'CurrentFolder' File Upload CVE-2009-2265 14 Jul 2009 8.8 (v3) High Pass Symantec pcAnywhere Status Service Detection (UDP) 12 Dec 1999 None Pass Identd Service Detection 22 Jun 1999 None Pass DNS Server BIND version Directive Remote Version Detection 12 Oct 1999 None Pass Daytime Service Detection 22 Jun 1999 None Pass WU-FTPD SITE EXEC Arbitrary Local Command Execution CVE-1999-0080 CVE-1999-0955 22 Jun 1999 8.1 (v3) High Pass rsh NULL Login Remote Privilege Escalation CVE-1999-0180 25 Jul 2002 8.8 (v3) High Noise HTTP Server Type and Version 04 Jan 2000 None Pass ICMP Netmask Request Information Disclosure CVE-1999-0524 29 Jul 1999 None Info Pass ICMP Timestamp Request Remote Date Disclosure CVE-1999-0524 01 Aug 1999 None Info Pass LinuxConf Detection 03 Mar 2000 None Pass Windows NetBIOS / SMB Remote Host Information Disclosure 12 Oct 1999 None Pass NIS Server Detection 30 Aug 1999 None Pass NNTP Server Detection 12 Oct 1999 None Pass rlogin -froot Remote Root Access CVE-1999-0113 26 Aug 2002 8.8 (v3) High Pass Windows NT FTP 'guest' Account Present CVE-1999-0546 22 Jun 1999 9.8 (v3) Critical Pass POP Server Detection 12 Oct 1999 None Pass HTTP Proxy CONNECT Request Relaying 22 Jun 1999 None Pass Microsoft SQL Server TCP/IP Listener Detection 12 Oct 1999 None Pass Nessus Server Detection 12 Oct 1999 None Pass HTTP Proxy POST Request Relaying 22 Jun 1999 5.3 (v3) Medium Pass HTTP Proxy Open Relay Detection 22 Jun 1999 None Pass HP Remote Watch showdisk Remote Privilege Escalation CVE-1999-0246 31 Aug 1999 8.8 (v3) High Pass RPC portmapper Service Detection CVE-1999-0632 19 Aug 1999 None Info Pass rquotad Service Detection CVE-1999-0625 19 Aug 1999 None Info Pass RPC rstatd Service Detection CVE-1999-0624 19 Aug 1999 None Info 79

Pass MTA Open Mail Relaying Allowed CVE-1999-0512 CVE-2002-1278 CVE-2003-0285 22 Jun 1999 7.5 (v3) High Pass SMTP Server Detection 12 Oct 1999 None Pass Telnet Service Detection 22 Aug 1999 None Pass Microsoft Windows SMB Shares Access 09 May 2000 None Noise Traceroute Information 27 Nov 1999 None Noise Web Server robots.txt Information Disclosure 12 Oct 1999 None Pass VNC Software Detection 07 Mar 2000 None Noise Web Server No 404 Error Code Check 28 Apr 2000 None Pass Microsoft Windows SMB Log In Possible 09 May 2000 None Pass CVSweb Detection 10 May 2000 None Pass NFS Share Export List 07 Jun 2000 None Pass AFS Client Version Detection 14 Jun 2000 None Pass TCP Scanner 04 Feb 2009 None Pass Microsoft IIS Dangerous Sample Files Detection 15 Apr 2000 None Pass WFTPD Unauthenticated MLST Command DoS CVE-2000-0647 03 Aug 2000 7.5 (v3) High Pass PFTP Default Unpassworded Account 10 Sep 2000 9.8 (v3) Critical Pass LCDproc Detection 22 Apr 2000 None Pass Microsoft Windows LAN Manager SNMP LanMan Services Disclosure CVE-1999-0499 10 Nov 2000 None Pass SNMP Request Network Interfaces Enumeration 13 Nov 2000 None Pass HTTP Protocol Version Detection 28 Dec 2000 None Pass PPTP Detection 28 Feb 2001 None Pass c fi ngerd Version Detection 16 Apr 2001 None Pass Oracle Database tnslsnr Service Remote Version Disclosure 01 May 2001 None Pass Microsoft SQL Server UDP Query Remote Version Disclosure 25 May 2001 None Pass Check Point FireWall-1 Telnet Client Authentication Detection 26 May 2001 None Pass Check Point FireWall-1 HTTP Client Authentication Detection 26 May 2001 None Pass Microsoft Windows SMB NativeLanManager Remote System Information Disclosure 17 Oct 2001 None Pass ISC BIND 9.x AUTHORS Map Remote Version Disclosure 23 Aug 2001 None Pass VisualRoute Web Server Detection 29 Aug 2001 None Pass HP System Management Homepage Detection 29 Aug 2001 None Pass Webmin Detection 14 Sep 2001 None Pass VNC HTTP Server Detection 14 Sep 2001 None Pass COM+ Internet Services (CIS) Server Detection 14 Sep 2001 None Pass RTSP Server Type / Version Detection 14 Sep 2001 None Pass HTTP RPC Endpoint Mapper (http-rpc-epmap) Detection 14 Sep 2001 None Pass healthd Detection 23 Aug 2001 None Pass LaBrea Tarpitted Host Detection 06 Nov 2001 None Pass SNMP Query System Information Disclosure 06 Nov 2001 None Pass Symantec pcAnywhere Detection (TCP) 29 Oct 2001 None Pass Network Time Protocol (NTP) Server Detection 20 Mar 2015 None Pass Open Port Re-check 19 Mar 2002 None Pass Citrix Server Detection 20 Apr 2002 None Pass DNS Server Detection 13 Feb 2003 None Pass Sendmail RestrictQueueRun Option Debug Mode Information Disclosure CVE-2001-0715 18 Aug 2002 4 (v3) Medium Pass SNMP Request Cisco Router Information Disclosure 05 Jun 2002 None Pass RemotelyAnywhere WWW Detection 25 Mar 2002 None Pass Gnutella Servent Detection 30 Apr 2002 None Pass Windows Terminal Services Enabled 20 Apr 2002 None Pass Achievo class.atkdateattribute.js.php con fi g_atkroot Parameter Remote File Inclusion CVE-2002-1435 22 Aug 2002 8.3 (v3) High Pass RPC Services Enumeration 24 Aug 2002 None Pass Web Server UDDI Detection 09 Oct 2002 None Pass Web Server Crafted Request Vendor/Version Information Disclosure 19 Feb 2003 None Pass HTTP Proxy Open gopher:// Request Relaying 02 Mar 2003 None Pass HP JetDirect Device SNMP Request Cleartext Admin Credential Disclosure CVE-2002-1048 04 Mar 2003 None Pass Sendmail < 8.7.6 Multiple Local Vulnerabilities CVE-1999-0131 11 Mar 2003 9.8 (v3) Critical Pass Discard Service Detection 12 Mar 2003 None Pass L2TP Network Server Detection 14 Mar 2003 None Pass rsync Service Detection 14 Mar 2003 None Pass Web Server Uncon fi gured - Default Install Page Present 20 Mar 2003 None Pass E-theni a ff _liste_langue.php rep_include Parameter Remote File Inclusion CVE-2003-1256 28 Mar 2003 8.3 (v3) High Pass MantisBT Detection 27 May 2003 None Pass URLScan for IIS Detection 05 Jun 2003 None Pass zenTrack index.php Multiple Parameter Remote File Inclusion 06 Jun 2003 4.7 (v3) Medium Pass NETGEAR Router Default Password (password) for 'admin' Account 12 Jun 2003 9.8 (v3) Critical Pass Web Server Potentially Hosting Copyrighted Material 26 Jun 2003 None Pass ashNews 0.83 Multiple Vulnerabilities CVE-2006-0524 CVE-2003-1292 22 Jul 2003 7.5 (v3) High Pass Source Routed Packet Weakness 09 Sep 2003 None Pass StoneGate Firewall Client Authentication Detection 18 Jun 2003 None Pass BGP Service Detection 25 Oct 2003 None Pass Apache < 1.3.29 Multiple Modules Local Over fl ow CVE-2003-0542 01 Nov 2003 9.8 (v3) Critical Pass HMAP Web Server Fingerprinting 11 Nov 2003 None Pass Netscape Enterprise Server Default Files Present 25 Feb 2004 None Pass Avotus CDR mm Arbitrary File Retrieval 11 Dec 2003 None Pass Novonyx Web Server Multiple Sample Application Files Present CVE-2002-1634 07 Feb 2004 7.5 (v3) High Noise Host Fully Quali fi ed Domain Name (FQDN) Resolution 11 Feb 2004 None Pass eMule Web Server Detection 07 May 2004 None Pass NETGEAR Wireless Access Point Hardcoded Default Password CVE-2004-2556 CVE-2004-2557 03 Jun 2004 7.5 (v3) High Pass Dell OpenManage Server Administrator Detection 01 Jul 2004 None Pass BasiliX Application Detection 09 Aug 2004 None Pass Direct Connect Hub Detection 25 Jul 2004 None Pass Netstat Portscanner (SSH) 15 Aug 2004 None Pass Arkoon Appliance Detection 26 Aug 2004 None Pass NetAsq IPS-Firewalls Detection 26 Aug 2004 None Pass Xedus Detection 03 Sep 2004 None Pass Xedus Webserver Connection Saturation DoS CVE-2004-1644 03 Sep 2004 7.5 (v3) High Pass Service Detection (2nd Pass) 17 Sep 2004 None Pass Microsoft Outlook Web Access (OWA) Version Detection 11 Aug 2004 None Pass Coppermine Photo Gallery Detection 21 Oct 2004 None Pass phpBB viewtopic.php highlight Parameter SQL Injection (ESMARKCONANT) CVE-2004-1315 22 Nov 2004 9.8 (v3) Critical Pass McAfee IntruShield Management Console Detection 03 Nov 2004 None Pass Hydra (NASL wrappers options) 01 Dec 2004 None Pass Help Center Live Multiple Remote Vulnerabilities (Cmd Exec, XSS) CVE-2004-2602 CVE-2004-2603 28 Dec 2004 8.3 (v3) High Pass Blue Coat ProxySG Console Management Detection 10 Feb 2005 None Pass NetOp Products Detection (TCP) 19 Nov 2004 None Pass NetOp Products Detection (UDP) 19 Nov 2004 None Pass Trend Micro IWSS Console Management Detection 23 Feb 2005 None Pass paFileDB Detection 15 Mar 2005 None Pass WebShield Appliance Detection 18 Mar 2005 None Pass Aventail ASAP Platform Management Console Detection 21 Mar 2005 None Pass Apache mod_suexec Multiple Privilege Escalation Vulnerabilities CVE-2007-1741 CVE-2007-1742 CVE-2007-1743 18 Nov 2011 7 (v3) High Pass CA ARCServe UniversalAgent Detection 13 Apr 2005 None Pass TCP Port 0 Open: Possible Backdoor 29 Apr 2005 None Pass CuteNews Detection 02 Mar 2005 None Pass Phorum Detection 17 Mar 2005 None Pass PhotoPost PHP Detection 30 Mar 2005 None Pass Kerio Personal Firewall Admin Service Detection 02 May 2005 None Pass Kerio Mailserver Admin Service Detection 02 May 2005 None Pass Kerio Winroute Firewall Admin Service Detection 02 May 2005 None Pass Woltlab Burning Board Detection 12 May 2005 None Pass Clearswift MIMEsweeper Manager Console Detection 10 May 2005 None Pass Service Detection (GET request) 06 Apr 2005 None Pass SMTP Server Connection Check 18 Jun 2005 None 80

Pass CA eTrust Intrusion Detection System Detection 21 Jun 2005 None Pass Apache Banner Linux Distribution Disclosure 15 May 2005 None Pass Unpassworded 'mpi' Account CVE-1999-0502 CVE-2005-1379 18 Jun 2005 9.8 (v3) Critical Pass XOOPS Detection 05 Jul 2005 None Pass CA ARCServe MSSQL Agent Detection 03 Aug 2005 None Pass EMC Legato Networker Detection 03 Sep 2005 None Pass LDU Software/Version Detection 09 Sep 2005 None Pass Drupal Software Detection 07 Jul 2005 None Pass SNMP Query Installed Software Disclosure 20 Sep 2005 None Pass Skype Detection 22 Sep 2005 None Pass Guppy Multiple HTTP Header XSS CVE-2005-2853 06 Oct 2005 8.8 (v3) High Pass Moodle Detection 13 Jul 2005 None Pass phpList Detection 29 Jul 2005 None Pass Xaraya Software/Version Detection 12 Aug 2005 None Pass TWiki Detection 06 Oct 2005 None Pass Web Server / Application favicon.ico Vendor Fingerprinting 28 Oct 2005 None Pass VERITAS Backup Agent Detection 10 Nov 2005 None Pass Google Search Appliance Detection 20 Nov 2005 None Pass Apple iTunes Music Sharing Enabled 16 Nov 2005 None Pass Windows Server Update Services (WSUS) Detection 04 Jan 2006 None Pass MyBB Detection 04 Feb 2006 None Pass AJP Connector Detection 05 Apr 2006 None Pass SynchronEyes Student Detection 13 Apr 2006 None Pass Novell Messenger Archive Agent Detection 19 Apr 2006 None Pass Network Block Device Server Detection 24 Dec 2005 None Pass VNC Security Type Enforcement Failure Remote Authentication Bypass CVE-2006-2369 CVE-2006-2450 15 May 2006 9.8 (v3) Critical Pass Session Initiation Protocol Detection 29 Dec 2003 None Noise SSL Cipher Suites Supported 05 Jun 2006 None Pass IBM DB2 Discovery Service Detection 10 Jul 2006 None Pass FCKeditor upload.php Type Parameter Arbitrary File Upload CVE-2006-2529 19 May 2006 8.8 (v3) High Pass IBM DB2 Administration Server Detection 10 Jul 2006 None Pass Check Point FireWall-1 ICA Service Detection 27 Jul 2006 None Pass HP OpenView BBC Service Detection 11 Sep 2006 None Pass Do not scan Novell NetWare 02 Oct 2006 None Pass Hobbit Monitor Daemon Detection 08 Aug 2006 None Pass Ariel FTP Server Default 'document' Account 15 Oct 2006 9.8 (v3) Critical Pass SLP Server Detection (UDP) 07 Dec 2006 None Pass Default Password (informix) for 'informix' Account CVE-1999-0502 06 Feb 2007 9.8 (v3) Critical Pass CA BrightStor ARCserve Backup Discovery Service Detection 12 Dec 2006 None Pass TCP Channel Detection 17 Jan 2007 None Pass Microsoft .NET Handlers Enumeration 26 Jan 2007 None Pass Microsoft .NET Version Information Disclosure 26 Jan 2007 None Pass SLP Server Detection (TCP) 07 Dec 2006 None Pass Seditio Detection 10 Dec 2006 None Pass Host Logical Network Segregation Weakness 03 Jan 2007 None Pass OS Identi fi cation : HTTP 19 May 2007 None Pass Link Layer Topology Discovery (LLTD) Detection 30 Mar 2007 None Pass Talk Service (talkd, in.talk, ntalk) Detection 03 Mar 2000 None Pass OS Identi fi cation : mDNS 19 May 2007 None Pass avast! Management Server Detection 25 May 2007 None Pass Packeteer Web Management Interface Version Detection 26 Jun 2007 None Pass Printer Job Language (PJL) Detection 14 Apr 2007 None Pass FrontBase FBExec Process Detection 27 Mar 2007 None Pass Timbuktu Detection (UDP) 30 Aug 2007 None Pass memcached Detection 02 Oct 2007 None Pass PostgreSQL Server Detection 14 Sep 2007 None Pass LDAP Crafted Search Request Server Information Disclosure 12 Jul 2007 None Pass IBM Tivoli Storage Manager Client Acceptor Daemon Detection 25 Sep 2007 None Pass Novell CLNTRUST Service Detection 01 Nov 2007 None Pass Avocent KVM Over IP Switch Detection 10 Jan 2008 None Pass LANDesk Ping Discovery Service Detection 17 Jan 2008 None Pass LANDesk Management Agent Detection 17 Jan 2008 None Pass OS Identi fi cation : Telnet 03 Jan 2008 None Pass CA BrightStor HSM Engine Detection (TCP) 04 Oct 2007 None Pass X Font Service Detection 12 Oct 2007 None Pass OSSIM Server Detection 26 Nov 2007 None Pass HP OVCM/Radia Notify Daemon Detection 06 Nov 2007 None Pass GPON ONT Home Gateway Remote Enabling of Telnet (CVE-2019-3917) CVE-2019-3917 24 Apr 2019 7.5 (v3) High Pass IBM BigFix Platform 9.5.x < 9.5.10 Plain Text Credentials CVE-2017-1231 03 May 2019 7.8 (v3) High Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU) CVE-2016-1000031 CVE-2017-9798 CVE-2018-0734 CVE-2018-0735 CVE-2018-5407 CVE-2018-8034 CVE-2018-11763 CVE-2018-11784 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2019-2701 19 Apr 2019 9.8 (v3) Critical Pass OpenSSL 1.1.0 < 1.1.0k Vulnerability CVE-2019-1543 03 Jun 2019 7.4 (v3) High Pass MariaDB 10.0.0 < 10.0.36 Multiple Vulnerabilities CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 05 Jun 2019 7.1 (v3) High Pass MariaDB 10.1.0 < 10.1.35 Multiple Vulnerabilities CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 05 Jun 2019 7.1 (v3) High Pass MariaDB 10.2.0 < 10.2.17 Multiple Vulnerabilities CVE-2018-3058 CVE-2018-3060 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 05 Jun 2019 7.1 (v3) High Pass phpMyAdmin prior to 4.8.6 SQLi vulnerablity (PMASA-2019-3) CVE-2019-11768 13 Jun 2019 9.8 (v3) Critical Pass Linux Malicious File Detection 26 Jun 2019 10 (v3) Critical Pass PHP Advanced Transfer Manager <= 1.21 Multiple Vulnerabilities CVE-2005-1604 CVE-2005-1681 09 May 2005 6.8 (v2) Medium Pass Splunk Enterprise 6.0.x < 6.0.15, 6.1.x < 6.1.14, 6.2.x < 6.2.14, 6.3.x < 6.3.12, 6.4.x < 6.4.9, 6.5.x < 6.5.5 or Splunk Light < 6.6.0 Persistent XSS CVE-2019-5727 16 Jul 2019 5.4 (v3) Medium Pass Oracle Primavera Gateway Multiple Vulnerabilities (Jul 2019 CPU) CVE-2018-15756 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 19 Jul 2019 9.8 (v3) Critical Pass Symantec Messaging Gateway 10.x < 10.7.1 Privilege Escalation Vulnerability (SYMSA1486) CVE-2019-12751 18 Jul 2019 9.8 (v3) Critical Pass OS Identi fi cation : Apple AirPlay 14 Aug 2019 None Pass Ansible Tower 3.x < 3.3.5 / 3.4.x < 3.4.3 Privilege Escalation Vulnerability CVE-2019-3869 05 Aug 2019 7.2 (v3) High Pass PHP 7.1.x < 7.1.31 Multiple Vulnerabilities. CVE-2019-11041 CVE-2019-11042 12 Aug 2019 7.1 (v3) High Pass MyServer 0.8 Multiple Vulnerabilities CVE-2005-1658 CVE-2005-1659 10 May 2005 5 (v2) Medium Pass OpenGear Web Detection 21 Aug 2019 None Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.24-h1 / 8.0.x < 8.0.19-h1 / 8.1.x < 8.1.9-h4 / 9.0.x < 9.0.3-h3 Vulnerability CVE-2019-1581 30 Aug 2019 9.8 (v3) Critical Pass WowBB view_user.php Multiple Parameter SQL Injection CVE-2005-1554 11 May 2005 7.5 (v2) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.9-h4 / 9.0.x < 9.0.3-h3 Vulnerability CVE-2019-1582 04 Sep 2019 7.2 (v3) High Pass Oracle GlassFish Server < 3.0.1.22 Multiple Vulnerabilities CVE-2017-1000029 CVE-2017-1000030 05 Sep 2019 9.8 (v3) Critical Pass PHP 7.3.x < 7.3.9 Multiple Vulnerabilities. CVE-2019-13224 05 Sep 2019 9.8 (v3) Critical Pass HP Smart Update Manager Remote Unauthorized Access. CVE-2019-11988 13 Sep 2019 9.8 (v3) Critical Pass Puppet Enterprise 2015.x < 2015.3.3 Multiple Vulnerabilities CVE-2016-2786 CVE-2016-2787 09 Oct 2019 9.8 (v3) Critical Pass Puppet Enterprise < 2016.2.1 Multiple Vulnerabilities CVE-2015-7331 CVE-2016-2788 09 Oct 2019 9.8 (v3) Critical Pass Puppet Enterprise < 2016.4.0 Multiple Vulnerabilities CVE-2016-5714 CVE-2016-5715 09 Oct 2019 7.2 (v3) High Pass Puppet Enterprise < 2017.3.4 Code Execution Vulnerability CVE-2017-10690 CVE-2018-6508 09 Oct 2019 8 (v3) High Pass Puppet Enterprise 2017.x < 2017.3.6 Cross-site Scripting Vulnerability CVE-2018-6510 CVE-2018-6511 09 Oct 2019 5.4 (v3) Medium Pass Cisco HyperFlex Web API Detection 07 Oct 2019 None Pass Puppet Enterprise 2016.x < 2016.4.12 / 2017.x < 2017.3.7 / 2018.x < 2018.1.1 Arbitrary Code Execution Vulnerability CVE-2018-6513 09 Oct 2019 8.8 (v3) High Pass Puppet Enterprise 2016.x < 2016.4.15 / 2017.x < 2017.3.10 / 2018.x < 2018.1.4 Plaintext Credential Vulnerability CVE-2018-11749 09 Oct 2019 9.8 (v3) Critical Pass Oracle Primavera Gateway Multiple Vulnerabilities (Oct 2019 CPU) CVE-2017-12626 CVE-2019-12086 CVE-2019-14379 18 Oct 2019 9.8 (v3) Critical Pass e107 search.php search_info Parameter Traversal Arbitrary File Inclusion 11 May 2005 7.5 (v2) High Pass Cisco SPA ATA SIP Detection 17 Oct 2019 None Pass Cisco UCS Director Loggo ff DoS (cisco-sa-20190821-ucs-imc-dos) CVE-2019-12634 24 Oct 2019 7.5 (v3) High Pass Junos OS: SSL-Proxy DoS (JSA10973) CVE-2019-0051 25 Oct 2019 7.5 (v3) High Pass BakBone NetVault < 7.1.2 / 7.3.1 Multiple Remote Over fl ows CVE-2005-1009 CVE-2005-1547 14 May 2005 10 (v2) Critical Pass Juniper JSA10975 CVE-2019-0074 28 Oct 2019 5.5 (v3) Medium Pass TFTP Traversal Arbitrary File Access CVE-1999-0183 CVE-1999-0498 CVE-2002-2353 CVE-2009-0271 CVE-2009-0288 CVE-2009-1161 16 May 2005 5 (v2) Medium Pass Serendipity < 0.8.1 Multiple Vulnerabilities CVE-2005-1712 CVE-2005-1713 18 May 2005 4.6 (v2) Medium Pass Junos OS: rdp Memory Leak DoS (JSA10957) CVE-2019-0059 04 Nov 2019 7.5 (v3) High Pass Junos OS: app-id Signature Update MitM (JSA10952) CVE-2019-0054 04 Nov 2019 7.4 (v3) High Pass Junos OS: NG-mVPN rpd DoS (JSA10965) CVE-2019-0066 05 Nov 2019 7.5 (v3) High Pass Junos OS: Multicast fl owd DoS (JSA10968) CVE-2019-0068 06 Nov 2019 7.5 (v3) High 81

Pass Junos OS: J-Web Session Fixation Vulnerability (JSA10961) CVE-2019-0062 06 Nov 2019 8.8 (v3) High Pass CODESYS Gateway V3 Detection 31 Oct 2019 None Pass Junos OS: srxpfe DoS (JSA10972) CVE-2019-0050 06 Nov 2019 7.5 (v3) High Pass Cisco NX-OS Border Gateway Protocol DoS (cisco-sa-20161005-bgp) CVE-2016-1454 07 Nov 2019 6.5 (v3) Medium Pass Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities CVE-2009-1578 CVE-2009-1579 CVE-2009-1580 CVE-2009-1581 CVE-2009-2964 CVE-2009-4212 CVE-2010-0186 CVE-2010-0187 CVE-2010-0283 CVE-2010-0302 CVE-2010-0540 CVE-2010-0541 CVE-2010-0545 CVE-2010-0546 CVE-2010-0734 CVE-2010-1 15 Jun 2010 8.8 (v3) High Noise Device Type 23 May 2011 None Pass Cisco NX-OS Version 30 May 2013 None Pass Cisco Email Security Appliance Version 26 Jul 2013 None Pass Cisco IOS IKEv2 Fragmentation DoS (cisco-sa-20160323-ios-ikev2) CVE-2016-1344 06 Apr 2016 5.9 (v3) Medium Pass VMware vRealize Automation 6.x < 6.2.4 Unspeci fi ed Stored XSS (VMSA-2016-0003) CVE-2015-2344 27 Apr 2016 5.4 (v3) Medium Pass VMware vRealize Automation 7.0.x < 7.1 Multiple Vulnerabilities (VMSA-2016-0013) CVE-2016-5335 CVE-2016-5336 29 Aug 2016 9.8 (v3) Critical Pass Cisco Nexus 3000 / 9000 Series GNU C Library (glibc) getaddrinfo() RCE (cisco-sa-20160218-glibc) CVE-2015-7547 14 Sep 2016 8.1 (v3) High Pass Cisco IOS IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN) CVE-2016-6415 27 Sep 2016 7.5 (v3) High Pass Palo Alto Networks PAN-OS < 7.1.7 Uni fi ed Log View Information Disclosure 16 Jan 2017 2.7 (v3) Low Pass Juniper Junos jdhcpd DHCPv6 DoS (JSA10769) CVE-2017-2301 20 Jan 2017 7.5 (v3) High Pass Juniper Junos rpd BGP add-path DoS (JSA10771) CVE-2017-2302 20 Jan 2017 7.5 (v3) High Pass Juniper Junos QFX / EX Series 'Etherleak' Improper Padding Memory Disclosure (JSA10773) CVE-2017-2304 20 Jan 2017 4.3 (v3) Medium Pass Cisco NX-OS Fibre Channel over Ethernet DoS (cisco-sa-20170607-nxos) CVE-2017-6655 16 Jun 2017 6.5 (v3) Medium Pass EMC Avamar ADS / AVE 7.2.x < 7.2.1 Hot fi x 277897 / 7.3.x < 7.3.1 Hot fi x 276676 / 7.4.x < 7.4.1 Hot fi x 279294 Multiple Vulnerabilities (ESA-2017-054) CVE-2017-4989 CVE-2017-4990 29 Jun 2017 9.8 (v3) Critical Pass Cisco AsyncOS for Email Security Appliance Attachment MIME Header Handling Filter Bypass (cisco-sa-20170607-esa1) CVE-2017-6671 06 Jul 2017 7.5 (v3) High Pass Juniper Junos SRX IDP Remote Command Injection (JSA10801) CVE-2017-2349 31 Jul 2017 9.9 (v3) Critical Pass Cisco NX-OS Software Python Parser Escape Vulnerability CVE-2017-12301 24 Oct 2017 6.7 (v3) Medium Pass Cisco Prime Collaboration Provisioning < 12.3 Authenticated SQL Injection Vulnerability (cisco-sa-20171101-cpcp) CVE-2017-12276 08 Nov 2017 8.1 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.13 Management Interface Unspeci fi ed Remote DoS CVE-2017-15942 15 Dec 2017 7.5 (v3) High Pass Juniper Junos Commit Script Handling Local Console Port Access Weakness Vulnerability (JSA10835) CVE-2018-0008 26 Jan 2018 7.4 (v3) High Pass Arista Networks EOS Multiple Vulnerabilities (SA0019) CVE-2015-8138 CVE-2016-1547 CVE-2016-1548 CVE-2016-1549 CVE-2016-1550 28 Feb 2018 7.2 (v3) High Pass Arista Networks EOS ngx_chain_to_iovec NULL Pointer Deference DoS (SA0021) CVE-2016-4450 28 Feb 2018 7.5 (v3) High Pass Arista Networks EOS Multiple Vulnerabilities (SA0024) (SWEET32) CVE-2016-2178 CVE-2016-2183 28 Feb 2018 7.5 (v3) High Pass Juniper Junos IDP Policy Compilation Packet Handling Firewall Rule Bypass Remote Information Disclosure (JSA10846) CVE-2018-0018 20 Apr 2018 7.5 (v3) High Pass Juniper Junos Routing Process Daemon (RPD) BGP UPDATE Packet Handling Unspeci fi ed Remote DoS (JSA10848) CVE-2018-0020 20 Apr 2018 7.5 (v3) High Pass Cisco Wireless LAN Controller Multiple Vulnerabilities CVE-2018-0226 CVE-2018-0234 CVE-2018-0235 CVE-2018-0252 11 May 2018 7.5 (v3) High Pass Juniper Junos HTTP/HTTPS Firewall User Authentication Remote Information Disclosure (JSA10858) CVE-2018-0025 20 Jul 2018 8.1 (v3) High Pass Juniper Junos Malformed RSVP RPD DoS (JSA10861) CVE-2018-0027 20 Jul 2018 5.9 (v3) Medium Pass Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12) CVE-2018-0732 CVE-2018-0737 CVE-2018-7584 CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 24 Sep 2018 9.8 (v3) Critical Pass Citrix NetScaler Gateway Cross-Site Scripting Vulnerability (CTX232199) CVE-2018-18517 26 Oct 2018 4.8 (v3) Medium Pass VMware vRealize Log Insight 4.6.x < 4.6.2 / 4.7.x < 4.7.1 Authorization Bypass Vulnerability (VMSA-2018-0028) CVE-2018-6980 16 Nov 2018 7.2 (v3) High Pass Junos OS: pd crash on VPLS PE upon receipt of speci fi c BGP message (JSA10912) CVE-2019-0012 11 Jan 2019 7.5 (v3) High Pass Junos OS: RPD crash upon receipt of malformed PIM packet (JSA10913) CVE-2019-0013 24 Jan 2019 7.5 (v3) High Pass Junos OS: Crafted HTTP tra ffi c may cause UTM to consume all mbufs, leading to Denial of Service (JSA10910) CVE-2019-0010 07 Feb 2019 7.5 (v3) High Pass PostNuke AutoTheme Module Multiple Unspeci fi ed Vulnerabilities CVE-2005-1608 19 May 2005 7.5 (v2) High Pass Juniper JSA10924 CVE-2019-0035 11 Apr 2019 6.8 (v3) Medium Pass Palo Alto Networks 9.0.0 < 9.0.1 Authentication Bypass vulnerability (PAN-SA-2019-0005) CVE-2019-1572 12 Apr 2019 7.5 (v3) High Pass Juniper JSA10935 CVE-2019-0043 15 Apr 2019 7.5 (v3) High Pass Juniper JSA10925 CVE-2019-0036 15 Apr 2019 9.8 (v3) Critical Pass Juniper Junos memory consumption denial of service (JSA10920) CVE-2019-0031 23 Apr 2019 7.5 (v3) High Pass Juniper JSA10932 CVE-2019-0028 23 Apr 2019 7.5 (v3) High Pass Juniper JSA10930 CVE-2019-0008 26 Apr 2019 9.8 (v3) Critical Pass Juniper JSA10929 CVE-2019-0040 10 May 2019 9.1 (v3) Critical Pass Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability CVE-2019-1733 03 Jun 2019 5.4 (v3) Medium Pass Cisco NX-OS Software SSH Key Information Disclosure Vulnerability CVE-2019-1731 28 Jun 2019 4.4 (v3) Medium Pass Cisco NX-OS Software Python Parser Privilege Escalation Vulnerability CVE-2019-1727 03 Jul 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability CVE-2019-1616 04 Jul 2019 7.5 (v3) High Pass Palo Alto Networks PAN-OS 9.0.x < 9.0.3 Vulnerability CVE-2019-1576 19 Jul 2019 8.8 (v3) High Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778) CVE-2019-1778 22 Aug 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1780) CVE-2019-1780 28 Aug 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability (CVE-2019-1965) CVE-2019-1965 06 Sep 2019 7.7 (v3) High Pass Cisco NX-OS Software NX-API Denial of Service Vulnerability (CVE-2019-1968) CVE-2019-1968 06 Sep 2019 7.5 (v3) High Pass Cisco NX-OS Software Virtual Service Image Signature Bypass Vulnerability CVE-2019-12662 04 Oct 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection Vulnerabilities (cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782) CVE-2019-1781 CVE-2019-1782 15 Oct 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Privilege Escalation Vulnerability CVE-2019-1603 09 Dec 2019 7.8 (v3) High Pass DNS Server UDP Query Limitation 22 May 2005 None Pass EMC RSA Authentication Manager < 8.4 Patch 8 XSS (DSA-2019-168) CVE-2019-18574 12 Dec 2019 4.8 (v3) Medium Pass Palo Alto Networks PAN-OS 1.0 < 7.1.24-h1 / 8.0.x < 8.1.9-h4 / 9.0 < 9.0.3-h3 Vulnerability CVE-2019-17437 13 Dec 2019 7.8 (v3) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1610) CVE-2019-1610 13 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607) CVE-2019-1607 18 Dec 2019 6.7 (v3) Medium Pass Deprecated SSLv2 Connection Attempts 06 Jan 2020 None Pass Cisco NX-OS Software Bash Bypass Guest Shell (cisco-sa-20190515-nxos-bash-bypass) CVE-2019-1730 07 Jan 2020 6.7 (v3) Medium Pass Cisco NX-OS Software Line Card Command Injection (cisco-sa-20190515-nxos-linecardinj-1769) CVE-2019-1769 07 Jan 2020 6.7 (v3) Medium Pass Cisco NX-OS Software Secure Con fi guration Bypass (cisco-sa-20190515-nxos-conf-bypass) CVE-2019-1728 09 Jan 2020 6.7 (v3) Medium Pass ProFTPD 'mod_copy' Arbitrary File Copy Vulnerability (Remote) CVE-2019-12815 09 Jan 2020 9.8 (v3) Critical Pass VMware Harbor 1.7.x, 1.8.x < 1.8.6 / 1.9.x < 1.9.3 CVE-2019-3990 CVE-2019-19023 CVE-2019-19025 CVE-2019-19026 CVE-2019-19029 14 Jan 2020 8.8 (v3) High Pass Oracle Primavera Gateway Multiple Vulnerabilities (Jan 2020 CPU) CVE-2014-3596 CVE-2015-9251 CVE-2018-8032 CVE-2019-0227 CVE-2019-11358 CVE-2019-12415 CVE-2019-14540 CVE-2019-16335 15 Jan 2020 9.8 (v3) Critical Pass Multiple Vulnerabilities in Juniper Junos (JSA10954) CVE-2019-0056 16 Jan 2020 7.5 (v3) High Pass Junos OS: pccd DoS (JSA10980) CVE-2020-1601 20 Jan 2020 7.5 (v3) High Pass Flexense Enterprise Products Detection 15 Jun 2018 None Pass PostNuke <= 0.760 RC4a Multiple Vulnerabilities CVE-2005-1621 CVE-2005-1697 CVE-2005-1698 CVE-2005-1699 CVE-2005-1700 23 May 2005 7.5 (v2) High Pass Trend Micro O ffi ceScan Directory Traversal Vulnerability (1122250) CVE-2019-9489 24 Jan 2020 7.5 (v3) High Pass Elasticsearch ESA-2017-15 CVE-2017-8445 22 Aug 2018 5.5 (v3) Medium Pass Citrix NetScaler Application Delivery Management (ADM) 12 Oct 2018 None Pass HP Performance Agent detection - deprecated 25 Sep 2018 None Pass QLogic QConvergeConsole GUI Web Interface Detection 24 Oct 2018 None Pass TLS Version 1.1 Protocol Detection 08 Jan 2019 None Pass MySQL 5.7.x < 5.7.26 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU) CVE-2019-1547 CVE-2019-2632 CVE-2019-1559 CVE-2019-2628 CVE-2019-2566 CVE-2019-2581 CVE-2019-2683 CVE-2019-2592 CVE-2019-2627 CVE-2019-2614 CVE-2019-2755 18 Apr 2019 7.5 (v3) High Pass TeamViewer remote detection 18 Jan 2019 None Pass Quest NetVault Backup Server Detection 14 Dec 2018 None Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (Jan 2020 CPU) CVE-2014-3596 CVE-2018-8032 CVE-2019-0227 CVE-2019-10088 CVE-2019-10093 CVE-2019-10094 CVE-2019-12415 CVE-2019-14540 CVE-2019-16335 30 Jan 2020 9.8 (v3) Critical Pass Arista Networks Rib agent DoS (SA0033) CVE-2018-5254 21 Feb 2020 7.5 (v3) High Pass Cisco Content Security Management Appliance Denial of Service Vulnerability (CSCvo89182) CVE-2019-1983 25 Feb 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.13 Privilege Escalation (PAN-97584) CVE-2020-1979 19 Mar 2020 7.8 (v3) High Pass HP DesignJet Printer Web Interface Detection 24 Jan 2019 None Pass Adobe Experience Manager 6.1.x / 6.2.x / 6.3.x < 6.3.3.8 / 6.4.x < 6.4.8.0 / 6.5.x < 6.5.4.0 (APSB20-15) CVE-2020-3769 20 Mar 2020 7.5 (v3) High Pass VMware ESXi 5.5 / 6.0 XSS (VMSA-2016-0023) (remote check) CVE-2016-7463 24 Mar 2020 5.4 (v3) Medium Pass VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 Information Disclosure (VMSA-2018-0012) (Spectre) (remote check) CVE-2018-3639 24 Mar 2020 5.5 (v3) Medium Pass MikroTik RouterOS DNS Cache Poisoning (CVE-2019-3978) CVE-2019-3978 19 Mar 2020 7.5 (v3) High Pass Atlassian Jira 8.3.x < 8.5.2 DLL Hijacking Vulnerability (JRASERVER-70407) CVE-2019-20400 27 Mar 2020 7.8 (v3) High Pass Palo Alto Expedition Cross-Site Scripting CVE-2019-1569 CVE-2019-1570 CVE-2019-1571 07 Apr 2020 4.8 (v3) Medium Pass Palo Alto Default Credentials 07 Apr 2020 9.8 (v3) Critical Pass GNU Mailutils <= 0.6 Multiple Vulnerabilities CVE-2005-1520 CVE-2005-1521 CVE-2005-1522 CVE-2005-1523 CVE-2005-1824 26 May 2005 7.5 (v2) High Pass OpenSSL 1.1.1 < 1.1.1g Vulnerability CVE-2020-1967 23 Apr 2020 7.5 (v3) High Pass EMC RSA Authentication Manager < 8.4 P11 XSS Vulnerability (DSA-2020-066) CVE-2020-5346 23 Apr 2020 4.8 (v3) Medium Noise TLS Version 1.2 Protocol Detection 04 May 2020 None Pass IBM MQ Default Credentials 21 May 2020 9.8 (v3) Critical Pass Apache Tomcat 8.5.x < 8.5.55 Remote Code Execution CVE-2020-9484 22 May 2020 7 (v3) High Pass PHP Remote Code Execution Vulnerability (CVE-2019-11043). CVE-2019-11043 21 May 2020 9.8 (v3) Critical Pass WordPress Plugin 'LearnPress' < 3.2.6.8 Multiple Vulnerabilities CVE-2020-6010 CVE-2020-11511 01 May 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.12 / 8.1.x < 8.1.12 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2018 22 May 2020 9 (v3) Critical Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.13 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2012 22 May 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 / 9.1.x < 9.1.1 Vulnerability CVE-2020-2013 22 May 2020 8.8 (v3) High Pass ShareFile Documents Unauthenticated Access (CTX269106) CVE-2020-7473 CVE-2020-8982 CVE-2020-8983 02 Jun 2020 7.5 (v3) High Pass BookReview 1.0 Multiple Script XSS CVE-2005-1782 CVE-2005-1783 27 May 2005 4.3 (v2) Medium Pass Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication Vulnerability (cisco-sa-20190501-aci-insecure-fabric) CVE-2019-1590 03 Jun 2020 8.1 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2002 09 Jun 2020 8.1 (v3) High 82

Pass Palo Alto Expedition Cross-Site Scripting (PAN-SA-2019-0003) CVE-2019-1567 10 Jun 2020 5.4 (v3) Medium Pass Adobe Experience Manager 6.1.x < 6.4.8.1 / 6.5.x < 6.5.5.0 (APSB20-31) CVE-2020-9643 CVE-2020-9644 CVE-2020-9645 CVE-2020-9647 CVE-2020-9648 CVE-2020-9651 12 Jun 2020 7.5 (v3) High Pass Treck/Kasago Network Stack Detection 22 Jun 2020 None Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 / 9.1.x < 9.1.1 Vulnerability CVE-2020-1998 02 Jul 2020 8.8 (v3) High Pass Invision Power Board Multiple Vulnerabilities (Priv Esc, SQLi CVE-2005-1816 30 May 2005 4.6 (v2) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.12 / 8.0.x < 8.1.12 / 8.1.x < 8.1.12 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2001 02 Jul 2020 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability CVE-2017-7529 02 Jul 2020 7.5 (v3) High Pass Nexus 9000 Series Switches Standalone NX-OS Mode Fibre Channel over Ethernet NPV DoS Vulnerability (cisco-sa-20190306-nxos-npv-dos) CVE-2019-1617 09 Jul 2020 7.4 (v3) High Pass Cisco Wireless LAN Controller Software Cross-Site Request Forgery (cisco-sa-20190417-wlc-csrf) CVE-2019-1797 14 Jul 2020 8.8 (v3) High Pass Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite (cisco-sa-fdmfo-HvPWKxDe) CVE-2020-3309 14 Jul 2020 6.5 (v3) Medium Pass Cisco Firepower Device Manager Web Interface Detection 10 Jul 2020 None Pass Invision Community Blog Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1945 CVE-2005-1946 10 Jun 2005 6.5 (v2) Medium Pass Invision Gallery < 1.3.1 Multiple SQL Injections CVE-2005-1948 10 Jun 2005 6.5 (v2) Medium Pass Oracle Primavera Gateway (Jul 2020 CPU) CVE-2017-5645 CVE-2020-1945 CVE-2020-9488 CVE-2020-11022 CVE-2020-11023 16 Jul 2020 9.8 (v3) Critical Pass Siteframe siteframe.php LOCAL_PATH Parameter Remote File Inclusion CVE-2005-1965 10 Jun 2005 7.5 (v2) High Pass Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass (cisco-sa-rv-auth-bypass-cGv9EruZ) CVE-2020-3144 17 Jul 2020 9.8 (v3) Critical Pass e107 ePing Plugin doping.php Arbitrary Code Execution CVE-2005-2559 10 Jun 2005 7.5 (v2) High Pass Juniper JSA11031 CVE-2020-1654 20 Jul 2020 9.8 (v3) Critical Pass Juniper Junos SRX Double Free ICAP Redirect DoS RCE (JSA11034) CVE-2020-1647 22 Jul 2020 9.8 (v3) Critical Pass MySQL Enterprise Monitor 8.x < 8.0.18 DoS (Oct 2019 CPU) CVE-2019-10072 24 Jul 2020 7.5 (v3) High Pass MySQL Enterprise Monitor 4.x < 4.0.8 / 8.x < 8.0.14 DoS (Jan 2019 CPU) CVE-2018-0732 24 Jul 2020 7.5 (v3) High Pass MySQL Enterprise Monitor 4.x < 4.0.10 / 8.x < 8.0.15 DoS (Jul 2019 CPU) CVE-2018-15756 24 Jul 2020 7.5 (v3) High Pass Juniper Junos MX Series PFE Small Packet DoS (JSA11036) CVE-2020-1649 24 Jul 2020 7.5 (v3) High Pass Trend Micro InterScan Web Security Virtual Appliance (IWSVA) Multiple Vulnerabilities (000253095) CVE-2020-8604 CVE-2020-8606 28 Jul 2020 9.8 (v3) Critical Pass Junos OS: RPD crash when processing a speci fi c BGP packet (JSA11035) CVE-2020-1648 28 Jul 2020 7.5 (v3) High Pass Juniper Junos NFX150 Multiple Vulnerabilities (JSA11026) CVE-2019-0131 CVE-2019-0165 CVE-2019-0166 CVE-2019-0168 CVE-2019-0169 CVE-2019-11086 CVE-2019-11087 CVE-2019-11088 CVE-2019-11090 CVE-2019-11097 CVE-2019-11100 CVE-2019-11101 CVE-2019-11102 CVE-2019-11103 CVE-2019-11104 28 Jul 2020 9.8 (v3) Critical Pass Adobe Experience Manager 6.x < 6.3.3.6 / 6.4.x < 6.4.6.0 / 6.5.x < 6.5.2.0 Multiple Vulnerabilities (APSB19-48) CVE-2019-8078 CVE-2019-8079 CVE-2019-8080 CVE-2019-8081 CVE-2019-8082 CVE-2019-8083 CVE-2019-8084 CVE-2019-8085 CVE-2019-8086 CVE-2019-8087 CVE-2019-8088 CVE-2019-8234 31 Jul 2020 9.8 (v3) Critical Pass Atlassian Con fl uence < 7.4.2 / 7.5.x < 7.5.2 XSS (CONFSERVER-60102) CVE-2020-14175 31 Jul 2020 5.4 (v3) Medium Pass Pulse Policy Secure < 9.1R8 (SA44516) CVE-2020-8204 CVE-2020-8206 CVE-2020-8216 CVE-2020-8217 CVE-2020-8218 CVE-2020-8219 CVE-2020-8220 CVE-2020-8221 CVE-2020-8222 CVE-2020-12880 CVE-2020-15408 31 Jul 2020 8.1 (v3) High Pass Cisco Data Center Network Manager Command Injection (cisco-sa-dcnm-rest-inj-BCt8pwAJ) CVE-2020-3384 10 Aug 2020 8.2 (v3) High Pass Cisco Prime Collaboration Provisioning Software SQL Injection (cisco-sa-pcp-sql-inj-22Auwt66) CVE-2020-3184 18 Aug 2020 7.2 (v3) High Pass WordPress Plugin 'SRS Simple Hits Counter' Information Disclosure CVE-2020-5766 27 Aug 2020 7.5 (v3) High Pass ISC BIND 9.15.6 < 9.16.6 / 9.17.x < 9.17.4 DoS CVE-2020-8620 28 Aug 2020 7.5 (v3) High Pass Cisco Data Center Network Manager Stored XSS (cisco-sa-dcnm-xss-stored-w4rJZJtO) CVE-2020-3439 01 Sep 2020 4.8 (v3) Medium Pass Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session DoS (cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp) CVE-2020-3398 02 Sep 2020 8.6 (v3) High Pass IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.8 Information Disclosure (711983) CVE-2018-1614 10 Sep 2020 7.5 (v3) High Pass Cisco Aironet Web UI Detection. 08 Sep 2020 None Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.9 XSS CVE-2020-2036 11 Sep 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 8.0.x / 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.3 Information Exposure CVE-2020-2044 11 Sep 2020 3.3 (v3) Low Pass Juniper Junos DNS fi ltering JSA11028 CVE-2020-1645 14 Sep 2020 8.3 (v3) High Pass Cisco Data Center Network Manager Stored Cross-Site Scripting (cisco-sa-20200219-dcnm-xss) CVE-2020-3113 17 Sep 2020 5.4 (v3) Medium Pass PHP 7.2.x / 7.3.x < 7.3.22 Memory Leak Vulnerability 11 Sep 2020 7.5 (v3) High Pass PHP 7.4.x < 7.4.10 Memory Leak Vulnerability 11 Sep 2020 7.5 (v3) High Pass Cisco Data Center Network Manager Cross-Site Request Forgery (cisco-sa-20200219-dcnm-csrf) CVE-2020-3114 18 Sep 2020 8.8 (v3) High Pass CodeMeter < 6.81 Denial of Service Vulnerability CVE-2020-14513 21 Sep 2020 7.5 (v3) High Pass CodeMeter < 7.10a Multiple Vulnerabilities CVE-2020-14509 CVE-2020-14517 CVE-2020-14519 21 Sep 2020 9.8 (v3) Critical Pass HP iLO 3 < 1.93 / HP iLO 4 < 2.75 / HP iLO Superdome 4 < 1.64 / HP iLO 5 < 2.18 / HP Moonshot/Edgeline iLO 5 < 2.30 Ripple20 Multiple vulnerabilities CVE-2020-11896 CVE-2020-11898 CVE-2020-11900 CVE-2020-11906 CVE-2020-11907 CVE-2020-11911 CVE-2020-11912 CVE-2020-11914 24 Sep 2020 10 (v3) Critical Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX281474) CVE-2020-8245 CVE-2020-8246 CVE-2020-8247 25 Sep 2020 8.8 (v3) High Pass Citrix SD-WAN WANOP Multiple Vulnerabilities (CTX281474) CVE-2020-8246 CVE-2020-8247 25 Sep 2020 8.8 (v3) High Pass SonicWall SonicOS Bu ff er Over fl ow Vulnerability CVE-2020-5135 16 Oct 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 XSS (CVE-2019-4270) CVE-2019-4270 16 Oct 2020 5.4 (v3) Medium Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.11 XSS (CVE-2019-4030) CVE-2019-4030 19 Oct 2020 5.4 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 RCE (CVE-2016-1000031) CVE-2016-1000031 20 Oct 2020 9.8 (v3) Critical Pass WordPress Loginizer plugin < 1.6.4 blind SQLi (CVE-2020-27615) CVE-2020-27615 22 Oct 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 SSRF (CVE-2019-17566) CVE-2019-17566 30 Oct 2020 7.5 (v3) High Pass Nostromo < 1.9.7 Remote Code Execution CVE-2019-16278 30 Oct 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.x < 9.0.0.8 Security Bypass (CVE-2015-0899) CVE-2015-0899 30 Oct 2020 7.5 (v3) High Pass IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.10 XXE (CVE-2015-0254) CVE-2015-0254 30 Oct 2020 10 (v3) Critical Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.5 / 10.0.x < 10.0.1 Authentication Bypass Vulnerability CVE-2020-2050 13 Nov 2020 8.2 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.5 Vulnerability CVE-2020-2022 13 Nov 2020 7.5 (v3) High Pass Cisco Security Manager < 4.22 Path Traversal (cisco-sa-csm-path-trav-NgeRnqgR) CVE-2020-27130 17 Nov 2020 9.1 (v3) Critical Pass Cisco IOS XE Software PROFINET Link Layer Discovery Protocol DoS (cisco-sa-ios-pro fi net-dos-65qYG3W5) CVE-2020-3512 17 Nov 2020 7.4 (v3) High Pass Cisco IOS Software PROFINET Link Layer Discovery Protocol DoS (cisco-sa-ios-pro fi net-dos-65qYG3W5) CVE-2020-3512 17 Nov 2020 7.4 (v3) High Pass IBM Spectrum Protect Operations Center 7.1.x < 7.1.11.000 / 8.1.x < 8.1.10.000 Code Injection Vulnerability CVE-2020-4693 19 Nov 2020 9.8 (v3) Critical Pass Intel Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391) (remote check) CVE-2020-8705 CVE-2020-8744 CVE-2020-8745 CVE-2020-8746 CVE-2020-8747 CVE-2020-8749 CVE-2020-8751 CVE-2020-8752 CVE-2020-8753 CVE-2020-8754 CVE-2020-8755 CVE-2020-8756 CVE-2020-8757 CVE-2020-8760 CVE-2020-8761 CVE-2020-1 20 Nov 2020 9.8 (v3) Critical Pass Cisco IoT Field Network Director Missing API Authentication (cisco-sa-FND-APIA-xZntFS2V) CVE-2020-3392 24 Nov 2020 7.5 (v3) High Pass Juniper Junos OS EX4300-MP/EX4600/QFX5K Series DoS (JSA11086) CVE-2020-1689 01 Dec 2020 6.5 (v3) Medium Pass Apache Cassandra 3.8.x < 3.11.1 RCE CVE-2018-8016 02 Dec 2020 9.8 (v3) Critical Pass Apache Cassandra 1.2.x <= 1.2.19 / 2.0.x <= 2.0.13 / 2.1.x <= 2.1.3 RCE CVE-2015-0225 02 Dec 2020 9.8 (v3) Critical Pass Adobe Experience Manager 6.1 < 6.3.3.7 / 6.4 < 6.4.7.0 / 6.5 < 6.5.3.0 Multiple Vulnerabilities (APSB20-01) CVE-2019-16466 CVE-2019-16467 CVE-2019-16468 CVE-2019-16469 03 Dec 2020 7.5 (v3) High Pass Cisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation (cisco-sa-iox-usb-guestshell-WmevScDj) CVE-2020-3396 07 Dec 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.18 / 9.0.x < 9.0.12 / 9.1.x < 9.1.5 Vulnerability CVE-2021-3031 13 Jan 2021 4.3 (v3) Medium Pass Juniper Junos OS DoS (JSA11111) CVE-2021-0221 14 Jan 2021 6.5 (v3) Medium Pass Juniper Junos OS Command Injection (JSA11109) CVE-2021-0219 14 Jan 2021 6.7 (v3) Medium Pass Oracle Primavera Gateway (Jan 2021 CPU) CVE-2020-5421 CVE-2020-11979 20 Jan 2021 7.5 (v3) High Pass Juniper Junos DoS (JSA11096) CVE-2021-0206 22 Jan 2021 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.6 XXE (6408244) CVE-2020-4949 28 Jan 2021 8.2 (v3) High Pass Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family CAPWAP DoS (cisco-sa-capwap-dos-TPdNTdyq) CVE-2020-3486 CVE-2020-3487 CVE-2020-3488 CVE-2020-3489 CVE-2020-3493 CVE-2020-3494 CVE-2020-3497 29 Jan 2021 7.4 (v3) High Pass Juniper Junos OS DoS (JSA11094) CVE-2021-0222 04 Feb 2021 7.4 (v3) High Pass JamMail jammail.pl mail Parameter Arbitrary Command Execution CVE-2005-1959 13 Jun 2005 7.5 (v2) High Pass pfSense 2.4.x < 2.4.5-p1 Multiple Vulnerabilities CVE-2020-12662 CVE-2020-12663 CVE-2020-12762 04 Feb 2021 7.8 (v3) High Pass Apache Flink Web UI Detection 09 Feb 2021 None Pass OpenSSL 1.0.2 < 1.0.2w Information Disclosure CVE-2020-1968 10 Feb 2021 3.7 (v3) Low Pass Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability (cisco-sa-nxos-pim-dos-Y8SjMz4) CVE-2021-1367 24 Feb 2021 4.3 (v3) Medium Pass e107 eTrace Plugin dotrace.php Arbitrary Code Execution CVE-2005-1966 13 Jun 2005 7.5 (v2) High Pass Cisco NX-OS Software NX-API Cross-Site Request Forgery Vulnerability (cisco-sa-nxos-nxapi-csrf-wRMzWL9z) CVE-2021-1227 24 Feb 2021 8.1 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.19 / 9.0.x <= 9.0.5.6 XXE (6413709) CVE-2021-20353 25 Feb 2021 8.2 (v3) High Pass Tenable SecurityCenter 5.13.0 - 5.17.0 Remote Code Execution (TNS-2021-03) CVE-2021-20076 03 Mar 2021 8.8 (v3) High Pass Adobe Connect <= 11.0.5 Multiple Vulnerabilities (ASPB21-19) CVE-2021-21079 CVE-2021-21080 CVE-2021-21081 CVE-2021-21085 10 Mar 2021 7.8 (v3) High Pass Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability (cisco-sa-3000-9000- fi leaction-QtLzDRy2) CVE-2021-1361 24 Mar 2021 9.1 (v3) Critical Pass Apache OFBiz Remote Code Execution (CVE-2021-26295) CVE-2021-26295 30 Mar 2021 9.8 (v3) Critical Pass Cisco IOS Software Common Industrial Protocol Privilege Escalation (cisco-sa-XE-SAP-OPLbze68) CVE-2021-1392 30 Mar 2021 7.8 (v3) High Pass OpenSSL 1.1.1 < 1.1.1j Multiple Vulnerabilities CVE-2021-23840 CVE-2021-23841 09 Apr 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11150) CVE-2021-0259 15 Apr 2021 7.4 (v3) High Pass Atlassian Jira < 8.13.3 / 8.14.x < 8.14.1 Broken Authentication (JRASERVER-72029) CVE-2021-26070 01 Apr 2021 7.2 (v3) High Pass Juniper Junos OS Vulnerability (JSA11144) CVE-2021-0251 15 Apr 2021 8.6 (v3) High Pass Juniper Junos OS Vulnerability (JSA11136) CVE-2021-0243 15 Apr 2021 4.7 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11158) CVE-2021-0267 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11117) CVE-2021-0214 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11118) CVE-2021-0216 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11157) CVE-2021-0266 15 Apr 2021 9.8 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11145) CVE-2021-0252 15 Apr 2021 7.8 (v3) High Pass CA Multiple Products Message Queuing Multiple Remote DoS CVE-2006-0529 CVE-2006-0530 03 Feb 2006 4.1 (v3) Medium Pass CA Multiple Products Message Queuing Multiple Remote Vulnerabilities CVE-2005-2667 CVE-2005-2668 CVE-2005-2669 08 Nov 2005 9.1 (v3) Critical Pass Mambo Open Source < 4.5.2.3 Multiple Vulnerabilities CVE-2005-2002 15 Jun 2005 7.5 (v2) High Pass DNN (DotNetNuke) < 3.0.12 Multiple XSS CVE-2005-0040 16 Jun 2005 4.3 (v2) Medium Pass YaPiG < 0.95b Multiple Vulnerabilities CVE-2005-1881 CVE-2005-1882 CVE-2005-1883 CVE-2005-1884 CVE-2005-1885 CVE-2005-1886 17 Jun 2005 7.5 (v2) High Pass osCommerce application_top.php Multiple Parameter HTTP Response Splitting CVE-2005-1951 18 Jun 2005 4.3 (v2) Medium Pass paFAQ 1.0 Beta 4 Multiple Vulnerabilities CVE-2005-0475 CVE-2005-2011 CVE-2005-2012 CVE-2005-2013 CVE-2005-2014 21 Jun 2005 7.5 (v2) High Pass cPanel cpsrvd.pl user Parameter XSS CVE-2005-2021 21 Jun 2005 4.3 (v2) Medium Pass Cacti Local File Inclusion Vulnerability CVE-2005-1524 CVE-2005-1525 CVE-2005-1526 22 Jun 2005 7.5 (v2) High Pass phpBB2 Plus <= 1.52 Multiple XSS CVE-2005-1113 CVE-2005-1114 CVE-2005-1115 CVE-2005-1116 28 Jun 2005 4.3 (v2) Medium 83

Pass Serendipity XML-RPC for PHP Remote Code Injection CVE-2005-1921 01 Jul 2005 7.5 (v2) High Pass XOOPS < 2.0.12 Multiple Vulnerabilities CVE-2005-2112 CVE-2005-2113 05 Jul 2005 7.5 (v2) High Pass Cacti < 0.8.6f Authentication Bypass Vulnerability CVE-2005-2148 CVE-2005-2149 05 Jul 2005 7.5 (v2) High Pass phpBB < 2.0.17 Nested BBCode URL Tags XSS CVE-2005-2161 06 Jul 2005 3.5 (v2) Low Pass YaPiG Password Protected Directory Bypass 06 Jul 2005 5 (v2) Medium Pass phpWebSite <= 0.10.1 Multiple Vulnerabilities 07 Jul 2005 7.5 (v2) High Pass Drupal XML-RPC for PHP Remote Code Injection CVE-2005-1921 08 Jul 2005 7.5 (v2) High Pass Comersus Cart Multiple Vulnerabilities (SQLi, XSS) CVE-2005-2190 CVE-2005-2191 08 Jul 2005 7.5 (v2) High Pass Hydra: PostgreSQL 10 Jul 2005 7.5 (v2) High Pass Moodle < 1.5.1 Multiple Vulnerabilities CVE-2005-2247 13 Jul 2005 7.5 (v2) High Pass Apache Tomcat 7.x < 7.0.21 Arbitrary AJP Message Control CVE-2011-3190 02 Sep 2011 7.3 (v3) High Pass Phpauction <= 2.5 Multiple Vulnerabilities CVE-2005-2252 CVE-2005-2253 CVE-2005-2254 CVE-2005-2255 20 Jul 2005 7.5 (v2) High Pass PHP-Fusion <= 6.00.105 Multiple Vulnerabilities CVE-2005-2074 CVE-2005-2075 20 Jul 2005 5 (v2) Medium Pass Gossamer Threads Links user.cgi url Parameter XSS CVE-2005-1492 20 Jul 2005 4.3 (v2) Medium Pass PHPAuction Admin Authentication Bypass 20 Jul 2005 7.5 (v2) High Pass MDaemon IMAP Server Multiple AUTHENTICATE Commands Remote Over fl ow 21 Jul 2005 7.5 (v2) High Pass osCommerce update.php readme_ fi le Parameter Arbitrary File Disclosure CVE-2005-2330 21 Jul 2005 5 (v2) Medium Pass PHPNews auth.php Multiple Parameter SQL Injection CVE-2005-2383 22 Jul 2005 6.8 (v2) Medium Pass UltraVNC w/ DSM Plugin Detection 24 Jul 2005 4 (v2) Medium Pass FtpLocate fl search.pl fsite Parameter Remote File Inclusion CVE-2005-2420 26 Jul 2005 7.5 (v2) High Pass Netquery <= 3.1 Multiple Vulnerabilities 26 Jul 2005 6.8 (v2) Medium Pass PHP-Fusion <= 6.00.106 Multiple Vulnerabilities CVE-2005-2401 CVE-2005-3159 29 Jul 2005 6 (v2) Medium Pass GForge <= 4.5 Multiple Script XSS CVE-2005-2430 29 Jul 2005 4.3 (v2) Medium Pass Kayako LiveResponse Multiple Vulnerabilities CVE-2005-2460 CVE-2005-2461 CVE-2005-2462 CVE-2005-2463 01 Aug 2005 6.4 (v2) Medium Pass AutoIndex PHP Script index.php search Parameter XSS CVE-2005-2163 04 Aug 2005 4.3 (v2) Medium Pass JAWS Glossary Gadget Multiple XSS CVE-2005-1231 CVE-2005-1800 08 Aug 2005 4.3 (v2) Medium Pass FlatNuke < 2.5.6 Multiple Remote Vulnerabilities CVE-2005-2537 CVE-2005-2538 CVE-2005-2539 CVE-2005-2540 08 Aug 2005 7.5 (v2) High Pass AWStats Referrer Header Arbitrary Command Execution CVE-2005-1527 10 Aug 2005 5.1 (v2) Medium Pass Mantis < 1.0.0rc2 Multiple Vulnerabilities CVE-2005-2556 CVE-2005-2557 CVE-2005-3090 CVE-2005-3091 22 Aug 2005 4.3 (v2) Medium Pass Home FTP Server Multiple Vulnerabilities CVE-2005-2726 CVE-2005-2727 25 Aug 2005 4.3 (v3) Medium Pass WebCalendar send_reminders.php includedir Parameter Remote File Inclusion CVE-2005-2717 25 Aug 2005 7.5 (v2) High Pass Cisco CallManager TFTP File Detection 26 Aug 2005 5 (v2) Medium Pass PhotoPost PHP Pro EXIF Data XSS CVE-2005-2737 27 Aug 2005 4.3 (v2) Medium Pass YaPiG <= 0.9.5b Multiple Vulnerabilities CVE-2005-2736 CVE-2005-4799 CVE-2006-4421 27 Aug 2005 5.1 (v2) Medium Pass phpMyAdmin < 2.6.4 Multiple XSS CVE-2005-2869 29 Aug 2005 4.3 (v2) Medium Pass PHP 7.1.x < 7.1.30 Multiple Vulnerabilities. CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 31 May 2019 9.1 (v3) Critical Pass PHP 7.2.x < 7.2.19 Multiple Vulnerabilities. CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 31 May 2019 9.1 (v3) Critical Pass PHP 7.3.x < 7.3.6 Multiple Vulnerabilities. CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 04 Jun 2019 9.1 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (January 2014 CPU) CVE-2013-5764 CVE-2013-5853 CVE-2013-5858 CVE-2014-0377 CVE-2014-0378 15 Jan 2014 4.1 (v2) Medium Pass Apache Tomcat 7.0.x < 7.0.50 Multiple Vulnerabilities CVE-2013-4322 CVE-2013-4590 25 Feb 2014 5.3 (v3) Medium Pass Jenkins < 2.84 / < 2.73.2 (LTS) Multiple Vulnerabilities CVE-2017-1000393 CVE-2017-1000394 CVE-2017-1000395 CVE-2017-1000396 CVE-2017-1000398 CVE-2017-1000399 CVE-2017-1000400 CVE-2017-1000401 05 Jun 2019 8.8 (v3) High Pass Apache Tomcat 6.0.x < 6.0.48 / 7.0.x < 7.0.73 / 8.0.x < 8.0.39 / 8.5.x < 8.5.8 / 9.0.x < 9.0.0.M13 Multiple Vulnerabilities CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 01 Dec 2016 9.8 (v3) Critical Pass Cisco IOS XE Software Locator/ID Separation Protocol Authentication Bypass Vulnerability CVE-2017-12236 06 Oct 2017 9.8 (v3) Critical Pass Jenkins < 2.121 / < 2.107.3 (LTS) Multiple Vulnerabilities CVE-2018-1000192 CVE-2018-1000193 CVE-2018-1000194 CVE-2018-1000195 05 Jun 2019 8.1 (v3) High Pass HPE Intelligent Management Center dbman Multiple Vulnerabilities CVE-2018-7123 CVE-2019-5355 CVE-2019-5390 CVE-2019-5391 CVE-2019-5392 CVE-2019-5393 06 Jun 2019 9.8 (v3) Critical Pass Apache Tomcat 7.0.0 < 7.0.91 Open Redirect Weakness CVE-2018-11784 10 Oct 2018 4.3 (v3) Medium Pass SSH Protocol Authentication Bypass (Remote Exploit Check) CVE-2018-10933 CVE-2018-1000805 17 Oct 2018 8.8 (v3) High Pass Ncat TLS Listener 19 Feb 2019 9.8 (v3) Critical Pass Cisco IOS XR Software DHCP Version 4 Server DoS (cisco-sa-iosxr-dhcp-dos-pjPVReLU) CVE-2021-34737 10 Sep 2021 7.5 (v3) High Pass phpMyAdmin 4.x < 4.9.0 CSRF vulnerablity (PMASA-2019-4) CVE-2019-12616 13 Jun 2019 6.5 (v3) Medium Pass Cisco IOS XR Software Border Gateway Protocol Resource Public Key Infrastructure DoS (cisco-sa-xrbgp-rpki-dos-gvmjqxbk) CVE-2021-1440 13 Sep 2021 6.8 (v3) Medium Pass Cisco IOS XR Software for 8000 Network Convergence System 540 Series Routers Image Veri fi cation (cisco-sa-lnt-QN9mCzwn) CVE-2021-34708 CVE-2021-34709 13 Sep 2021 6.7 (v3) Medium Pass Oracle WebLogic Server Deserialization RCE (CVE-2019-2729) CVE-2019-2729 27 Jun 2019 9.8 (v3) Critical Pass Multiple Command Injection Vulnerabilities in Grandstream Products CVE-2019-10655 CVE-2019-10656 CVE-2019-10657 CVE-2019-10658 CVE-2019-10659 CVE-2019-10660 CVE-2019-10661 CVE-2019-10662 CVE-2019-10663 01 Apr 2019 9.8 (v3) Critical Pass D-Link Router HNAP GetDeviceSettings Remote Command Execution CVE-2015-2051 10 Jun 2015 10 (v2) Critical Pass MongoDB 3.0.x < 3.0.7 / 3.1.x < 3.1.9 Authentication Bypass CVE-2015-7882 05 Jul 2019 8.1 (v3) High Pass Apple TV < 7 Multiple Vulnerabilities CVE-2011-2391 CVE-2013-6663 CVE-2014-1384 CVE-2014-1385 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-4357 CVE-2014-4364 CVE-2014-4369 CVE-2014-4371 CVE-2014-4372 CVE-2014-4373 CVE-2014-4375 CVE-2014-4377 CVE-2014-4 24 Sep 2014 7.8 (v3) High Pass FTP Service AUTH TLS Command Support 15 Oct 2009 None Pass Hummingbird Connectivity FTP Service XCWD Command Over fl ow CVE-2004-2728 31 Dec 2004 4.3 (v3) Medium Pass FTP Writable Directories 04 Oct 2005 6.5 (v3) Medium Pass IBM DB2 Connection Port Detection 21 Sep 2006 None Pass Tor Server Detection 14 Sep 2007 None Pass Multiple Command Injection Vulnerabilities in Grandstream Products CVE-2019-10655 CVE-2019-10659 CVE-2019-10660 CVE-2019-10661 CVE-2019-10662 CVE-2019-10663 19 Apr 2019 9.8 (v3) Critical Noise Common Platform Enumeration (CPE) 21 Apr 2010 None Pass Mac OS X < 10.10 Multiple Vulnerabilities (POODLE) (Shellshock) CVE-2011-2391 CVE-2013-5150 CVE-2013-6438 CVE-2014-0098 CVE-2014-3537 CVE-2014-3566 CVE-2014-4351 CVE-2014-4364 CVE-2014-4371 CVE-2014-4373 CVE-2014-4375 CVE-2014-4380 CVE-2014-4388 CVE-2014-4391 CVE-2014-4404 CVE-2014-4 17 Oct 2014 10 (v2) Critical Pass Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK) CVE-2013-0118 CVE-2013-5704 CVE-2013-6438 CVE-2013-6712 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0207 CVE-2014-0226 CVE-2014-0231 CVE-2014-0237 CVE-2014-0238 CVE-2014-2497 CVE-2014-3478 CVE-2014-3479 CVE-2014-3 10 Apr 2015 10 (v2) Critical Pass CockroachDB Web Console Detection 11 Feb 2022 None Pass Juniper Junos RPD MPLS RCE (JSA10877) CVE-2018-0043 19 Oct 2018 8.8 (v3) High Pass Juniper Junos Memory Exhaustion RDP DOS with JET support (JSA10882) CVE-2018-0048 19 Oct 2018 7.5 (v3) High Pass Microsoft Windows SMBv3 Compression RCE (ADV200005)(CVE-2020-0796)(Remote) CVE-2020-0796 02 Apr 2020 10 (v3) Critical Pass WordPress Plugin 'File Manager' 6.x < 6.9 Remote Code Execution CVE-2020-25213 04 Sep 2020 9.8 (v3) Critical Pass PHP 7.4.x < 7.4.26 CVE-2021-21707 18 Nov 2021 5.3 (v3) Medium Pass PHP 8.0.x < 8.0.13 CVE-2021-21707 19 Nov 2021 5.3 (v3) Medium Pass Jenkins Enterprise and Operations Center < 2.249.31.0.3 / 2.277.4.2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-05-05) 19 Nov 2021 5.4 (v3) Medium Pass Cisco IOS XE Software Web UI DoS Vulnerability (cisco-sa-20180926-webuidos) CVE-2018-0469 05 Oct 2018 6.8 (v3) Medium Pass Cisco Expressway Series and TelePresence Video Communication Server Image Veri fi cation RCE (cisco-sa-ewver-c6WZPXRx) CVE-2021-34715 25 Aug 2021 7.2 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (Oct 2018 CPU) CVE-2018-2971 CVE-2018-3011 CVE-2018-3138 CVE-2018-3151 CVE-2018-3167 CVE-2018-3188 CVE-2018-3189 CVE-2018-3190 CVE-2018-3196 CVE-2018-3235 CVE-2018-3236 CVE-2018-3237 CVE-2018-3242 CVE-2018-3243 CVE-2018-3244 CVE-2018-3 18 Oct 2018 8.2 (v3) High Pass Apache Struts 2.5.x < 2.5.14.1 Json-lib JSON Parsing Unspeci fi ed DoS (S2-054) (S2-055) CVE-2017-7525 CVE-2017-15707 04 Dec 2017 9.8 (v3) Critical Pass Apache Tomcat 7.0.79 < 7.0.83 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 5.3 (v3) Medium Pass Apache Tomcat 8.5.16 < 8.5.24 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 3.7 (v3) Low Pass Apache Tomcat 8.5.x < 8.5.28 Security Constraint Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 3.7 (v3) Low Pass Cisco IOS XE Software Shell Access Authentication Bypass (cisco-sa-20180926-shell-access) CVE-2018-15371 05 Apr 2019 6.7 (v3) Medium Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (Jul 2019 CPU) CVE-2015-9251 CVE-2017-3164 CVE-2018-17197 CVE-2019-0192 19 Jul 2019 9.8 (v3) Critical Pass Oracle E-Business Suite Multiple Vulnerabilities (Jul 2019 CPU) CVE-2019-2666 CVE-2019-2668 CVE-2019-2672 CVE-2019-2761 CVE-2019-2773 CVE-2019-2775 CVE-2019-2782 CVE-2019-2783 CVE-2019-2809 CVE-2019-2825 CVE-2019-2828 CVE-2019-2829 CVE-2019-2837 19 Jul 2019 9.6 (v3) Critical Pass Ansible Tower 3.x < 3.3.3 Unauthorized Access vulnerability CVE-2018-16879 05 Aug 2019 9.8 (v3) Critical Pass Ansible Tower 3.3.x < 3.3.6 / 3.4.x < 3.4.4 / 3.5.x < 3.5.1 CRLF Vulnerability CVE-2019-9740 05 Aug 2019 6.1 (v3) Medium Pass PHP 7.2.x < 7.2.21 Multiple Vulnerabilities. CVE-2019-11041 CVE-2019-11042 12 Aug 2019 7.1 (v3) High Pass PHP 7.3.x < 7.3.8 Multiple Vulnerabilities. CVE-2019-11041 CVE-2019-11042 12 Aug 2019 7.1 (v3) High Pass Atlassian JIRA 7.6.5 / 7.7.x < 7.7.4 / 7.8.x < 7.8.4 / 7.9.x < 7.9.2 Multiple Vulnerabilities (SB18-141) CVE-2018-5230 CVE-2018-5231 25 May 2018 6.1 (v3) Medium Pass Apache Struts 2.3.x < 2.3.33 Denial of Service (S2-049) CVE-2017-9787 05 Nov 2018 7.5 (v3) High Pass Apache Struts <= 2.3.36 FileUpload Deserialization Vulnerability CVE-2016-1000031 05 Nov 2018 9.8 (v3) Critical Pass Juniper Junos OS Multiple Vulnerabilities (JSA11207) CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 14 Jul 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11195) 14 Jul 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11193) 14 Jul 2021 7.5 (v3) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check PPTP) CVE-2021-44228 04 Jan 2022 10 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11191) 14 Jul 2021 7.4 (v3) High Pass Juniper Junos OS Vulnerability (JSA11181) 14 Jul 2021 6.2 (v3) Medium Pass nginx 1.9.5 < 1.16.1 / 1.17.x < 1.17.3 Multiple Vulnerabilities CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 16 Aug 2019 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.14 / 8.5.x < 8.5.5.21 / 9.0.x < 9.0.5.9 Privilege Escalation CVE-2021-29736 03 Aug 2021 8.8 (v3) High Pass Apache 2.4.x < 2.4.34 Multiple Vulnerabilities CVE-2018-1333 CVE-2018-8011 16 Aug 2018 7.5 (v3) High Pass MSSQL Host Information in NTLM SSP 30 Mar 2018 None Pass Pulse Connect Secure Detection 18 May 2018 None Pass VMware vCenter Server 6.7 Sensitive Information Disclosure Vulnerability (VMSA-2020-0006) CVE-2020-3952 13 Apr 2020 9.8 (v3) Critical Pass Unsupported PAN-OS Operating System 21 Jan 2015 10 (v3) Critical Pass IBM DB2 Login Possible 24 Jun 2016 None Pass Oracle DB Login Possible 24 Jun 2016 None Pass Oracle Default Accounts 19 Jul 2006 9.8 (v3) Critical Pass Advantech WebAccess/SCADA Network Service Detection 10 Sep 2018 None Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.19 / 9.0.x < 9.0.5.6 Information Disclosure (CVE-2020-4576) CVE-2020-4576 16 Oct 2020 7.5 (v3) High Pass Cisco IOS XE Software ROM Monitor for Industrial Switches Command Injection (cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw) CVE-2021-1452 12 Apr 2021 6.8 (v3) Medium Pass ManageEngine Log360 Detection 24 Sep 2021 None Pass ManageEngine Log360 < Build 5229 REST API Restriction Bypass RCE CVE-2021-40539 24 Sep 2021 9.8 (v3) Critical 84

Pass Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service (cisco-sa-ewlc-capwap-dos-gmNjdKOY) CVE-2021-1565 CVE-2021-34768 CVE-2021-34769 22 Sep 2021 8.6 (v3) High Pass Apache 2.4.x < 2.4.41 Multiple Vulnerabilities CVE-2019-9517 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 20 Aug 2019 9.1 (v3) Critical Pass Joomla! 1.6.x < 3.9.11 Joomla 3.9.11 Release (5775-joomla-3-9-11) CVE-2019-15028 22 Aug 2019 5.3 (v3) Medium Pass Flexera FlexNet Publisher < 11.16.2 Multiple Vulnerabilities CVE-2018-20031 CVE-2018-20032 CVE-2018-20033 CVE-2018-20034 26 Aug 2019 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway Series < 12.5 REST API Server-Side Request Forgery Vulnerability CVE-2019-1679 27 Aug 2019 5 (v3) Medium Pass Citrix SD-WAN Center Unauthenticated Remote Command Injection CVE-2019-12985 29 Aug 2019 9.8 (v3) Critical Pass Cisco TelePresence Video Communication Server RCE (cisco-sa-ewrce-QPynNCjh) CVE-2021-34716 15 Sep 2021 7.2 (v3) High Pass Apple iTunes < 12.12.3 Multiple Vulnerabilities (uncredentialed check) CVE-2022-22611 CVE-2022-22612 CVE-2022-22629 CVE-2022-22662 15 Mar 2022 9.8 (v3) Critical Pass OpenSSL 1.1.1 < 1.1.1n Vulnerability CVE-2022-0778 16 Mar 2022 7.5 (v3) High Pass Jenkins plugins Multiple Vulnerabilities (2022-03-15) CVE-2022-27195 CVE-2022-27196 CVE-2022-27197 CVE-2022-27198 CVE-2022-27199 CVE-2022-27200 CVE-2022-27201 CVE-2022-27202 CVE-2022-27203 CVE-2022-27204 CVE-2022-27205 CVE-2022-27206 CVE-2022-27207 CVE-2022-27208 CVE-2022-2 16 Mar 2022 8.8 (v3) High Pass Apple iTunes U < 3.8.3 A Vulnerability (uncredentialed check) CVE-2021-30862 16 Mar 2022 6.1 (v3) Medium Pass Apache Tomcat 9.0.0.M1 < 9.0.48 vulnerability CVE-2021-33037 03 Aug 2021 5.3 (v3) Medium Pass Apache Tomcat 8.5.0 < 8.5.68 vulnerability CVE-2021-33037 03 Aug 2021 5.3 (v3) Medium Pass Pulse Connect Secure < 9.1R12 (SA44858) CVE-2021-22933 CVE-2021-22934 CVE-2021-22935 CVE-2021-22936 CVE-2021-22937 CVE-2021-22938 05 Aug 2021 7.2 (v3) High Pass Apache HTTP Server 2.4.49 Path Traversal (CVE-2021-41773) CVE-2021-41773 05 Oct 2021 7.5 (v3) High Pass Linux BPFDoor Detection (Direct Check) 01 Jun 2022 10 (v3) Critical Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU) CVE-2016-2179 CVE-2017-10068 CVE-2018-2715 27 Dec 2018 8.2 (v3) High Pass Atlassian JIRA < 7.6.7 / 7.7.x < 7.10.1 Cross-Site Scripting CVE-2018-5232 05 Mar 2019 6.1 (v3) Medium Pass Atlassian JIRA < 7.2.12 / 7.3.x < 7.6.1 Cross-Site Scripting CVE-2017-14594 05 Mar 2019 6.1 (v3) Medium Pass GitLab 7.12.x < 13.8.8 / 13.9.x < 13.9.6 / 13.10.x < 13.10.3 RCE CVE-2021-22205 03 Nov 2021 10 (v3) Critical Pass Atlassian JIRA Open Redirect Vulnerabilities CVE-2019-11585 CVE-2019-11589 28 Aug 2019 6.1 (v3) Medium Pass Apache Struts 2.x < 2.3.14.3 Remote Code Execution Vulnerability (S2-012) CVE-2013-1965 13 Sep 2019 9.8 (v3) Critical Pass Apache Struts 2.0.x < 2.0.12 / 2.1.x < 2.1.6 Directory Traversal Vulnerability (S2-004) 13 Sep 2019 5.3 (v3) Medium Pass Apache Struts 2.3.x Showcase App Struts 1 Plugin ActionMessage Class Error Message Input Handling RCE (S2-048) CVE-2017-9791 11 Jul 2017 9.8 (v3) Critical Pass Juniper JSA10928 CVE-2019-0039 21 May 2019 8.1 (v3) High Pass Cisco IOS Software PROFINET denial of service (cisco-sa-20170927-pro fi net) CVE-2017-12235 05 Oct 2017 7.5 (v3) High Pass Multiple Adobe Products XML External Entity (XXE) Injection (APSB10-05) CVE-2009-3960 01 Mar 2010 4.3 (v2) Medium Pass VMware vCenter Multiple Vulnerabilities (VMSA-2012-0013) CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0504 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 CVE-2012-1711 CVE-2012-1713 CVE-2012-1 05 Jun 2013 10 (v2) Critical Pass NETGEAR Multiple Model cgi-bin RCE CVE-2016-6277 14 Dec 2016 8.8 (v3) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0005) (BEAST) (remote check) CVE-2010-0405 CVE-2011-3190 CVE-2011-3375 CVE-2011-3389 CVE-2011-3516 CVE-2011-3521 CVE-2011-3544 CVE-2011-3545 CVE-2011-3546 CVE-2011-3547 CVE-2011-3548 CVE-2011-3549 CVE-2011-3550 CVE-2011-3551 CVE-2011-3552 CVE-2011-3 03 Mar 2016 10 (v2) Critical Pass Adobe ColdFusion Authentication Bypass (APSB13-03) CVE-2013-0632 19 Feb 2013 10 (v2) Critical Pass OpenSSL 3.0.0 < 3.0.1 Vulnerability CVE-2021-4044 CVE-2021-4160 15 Dec 2021 5.9 (v3) Medium Pass AXIS Web Interface Detection 12 Dec 2017 None Pass Intel Management Engine Active Management Technology (AMT) Remote Access Enabled 12 Jan 2018 None Pass Microsoft SQL Server Login Possible 24 Jun 2016 None Pass Atlassian Jira 7.13.x < 7.13.3, 8.x < 8.1.1 Cross-Site Scripting Vulnerability CVE-2019-3402 25 Oct 2019 6.1 (v3) Medium Pass Oracle Business Intelligence Publisher Information Disclosure (Oct 2016 CPU) CVE-2016-3473 25 Oct 2019 7.7 (v3) High Pass LusyPOS Malware Detection 12 Jan 2014 None Pass Cisco Uni fi ed Communications Manager Security Bypass Vulnerability (cisco-sa-20191002-ucm-secbypass) CVE-2019-15272 30 Oct 2019 6.5 (v3) Medium Pass ALCASAR Detection 20 Jan 2015 None Pass OpenMediaVault Web Detection 18 Dec 2013 None Pass Apache Solr Detection 07 Jan 2014 None Pass HP Intelligent Management Center Web Administration Interface Detection 10 Dec 2013 None Pass Atlassian Jira Server and Data Center Template Injection Vulnerability (JRASERVER-69933) CVE-2019-15001 06 Nov 2019 7.2 (v3) High Pass McAfee Cloud Single Sign On User Interface Detection 25 Mar 2014 None Pass VMware vCenter Data Collection 27 Nov 2012 None Pass Palo Alto Networks PAN-OS Compliance Checks 19 Feb 2013 None Pass PHP < 5.3.12 / 5.4.2 CGI Query String Code Execution CVE-2012-1823 04 May 2012 7.5 (v2) High Pass MacOS Malicious File Detection 26 Jun 2019 10 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (October 2014 CPU) CVE-2014-0050 CVE-2014-2478 CVE-2014-4289 CVE-2014-4290 CVE-2014-4291 CVE-2014-4292 CVE-2014-4293 CVE-2014-4294 CVE-2014-4295 CVE-2014-4296 CVE-2014-4297 CVE-2014-4298 CVE-2014-4299 CVE-2014-4300 CVE-2014-4301 CVE-2014-4 17 Oct 2014 9 (v2) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Jan 2021 CPU) CVE-2021-2015 CVE-2021-2017 CVE-2021-2023 CVE-2021-2026 CVE-2021-2027 CVE-2021-2029 CVE-2021-2034 CVE-2021-2059 CVE-2021-2077 CVE-2021-2082 CVE-2021-2083 CVE-2021-2084 CVE-2021-2085 CVE-2021-2089 CVE-2021-2090 CVE-2021-2 20 Jan 2021 9.8 (v3) Critical Pass IBM Spectrum Protect Plus Web UI Detection 21 Apr 2020 None Pass Selligent Message Studio Detection 20 Oct 2020 None Pass Microsoft Exchange Server Authentication Bypass CVE-2021-26855 08 Mar 2021 9.8 (v3) Critical Pass Cisco IOS OSPF LSA Manipulation (cisco-sa-20170727-ospf) CVE-2017-6770 27 Nov 2019 4.2 (v3) Medium Pass SonicWall Secure Mobile Access Arbitrary File Delete (SNWLID-2021-0021) CVE-2021-20034 01 Oct 2021 9.1 (v3) Critical Pass Apache Solr Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 05 Jan 2022 10 (v3) Critical Pass Tenable Nessus 10.x < 10.1.0 / 8.x < 8.15.3 Third-Party Vulnerability (TNS-2022-04) CVE-2021-23358 03 Feb 2022 7.2 (v3) High Pass Samba 4.13.x < 4.13.17 / 4.14.x < 4.14.12 / 4.15.x < 4.15.5 Multiple Vulnerabilities CVE-2021-44141 CVE-2021-44142 CVE-2022-0336 03 Feb 2022 8.8 (v3) High Pass IBM WebSphere Application Server Liberty 21.0.0.10 <= 21.0.0.12 Information Disclosure (6541530) CVE-2022-22310 10 Feb 2022 6.5 (v3) Medium Pass Cisco Uni fi ed Communications Manager SQL Injection Vulnerability CVE-2019-15972 06 Dec 2019 8.8 (v3) High Pass Palo Alto Networks PAN-OS for Panorama < 9.0.15 / 9.1.12-h3 / 10.0.8-h8 Multiple RCE (Log4Shell) CVE-2021-44228 CVE-2021-45046 10 Feb 2022 10 (v3) Critical Pass Atlassian JIRA < 7.8.1 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-67106) CVE-2017-18100 06 Jan 2020 6.1 (v3) Medium Pass PHP 7.2.x < 7.2.28 / PHP 7.3.x < 7.3.15 / 7.4.x < 7.4.3 Multiple Vulnerabilities CVE-2020-7061 CVE-2020-7062 CVE-2020-7063 28 Feb 2020 9.1 (v3) Critical Pass Cisco Email Security Appliance URL Filtering Bypass (cisco-sa-esa-url-bypass-sGcfsDrp) CVE-2021-1534 08 Oct 2021 5.3 (v3) Medium Pass AXIS OS 5.51 < 5.51.7.5 / 6.0 < 6.50.5.5 / 7.0 < 8.40.4.3 / 9.0 < 9.80.3.5 / 10.0 < 10.8 Multiple Vulnerabilities CVE-2021-31986 CVE-2021-31987 CVE-2021-31988 08 Oct 2021 8.8 (v3) High Pass Apache 2.4.49 < 2.4.51 Path Traversal Vulnerability CVE-2021-42013 08 Oct 2021 9.8 (v3) Critical Pass Cisco Uni fi ed Communications Manager XML External Expansion Vulnerability (cisco-sa-20191002-cucm-xxe) CVE-2019-12711 22 Apr 2020 6.5 (v3) Medium Pass SonicWall Secure Mobile Access Multiple Vulnerabilities (SNWLID-2021-0026) CVE-2021-20038 CVE-2021-20039 CVE-2021-20040 CVE-2021-20041 CVE-2021-20042 CVE-2021-20043 CVE-2021-20044 CVE-2021-20045 09 Dec 2021 9.8 (v3) Critical Pass Security Updates for Exchange (November 2021) (Remote) CVE-2021-41349 CVE-2021-42305 CVE-2021-42321 09 Dec 2021 8.8 (v3) High Pass ThinkPHP Detection 10 Dec 2021 None Pass Juniper Junos OS Evolved DoS (JSA69505) CVE-2022-22194 25 Apr 2022 7.5 (v3) High Pass SolarWinds Orion Platform 2020.2.0 < 2020.2.4 CVE-2021-27258 17 Mar 2022 9.8 (v3) Critical Pass Oracle E-Business Version and Patch Info 27 Sep 2013 None Pass UltraVNC Java Viewer Detection 09 Jan 2014 None Pass Citrix EdgeSight Load Tester (ESLT) version detection 22 Aug 2011 None Pass Unsupported Web Server Detection 21 Oct 2008 10 (v3) Critical Pass PHP 7.3.x < 7.3.33 CVE-2021-21707 18 Nov 2021 5.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2015 CPU) CVE-2014-6514 CVE-2014-6541 CVE-2014-6567 CVE-2014-6577 CVE-2014-6578 CVE-2015-0370 CVE-2015-0371 CVE-2015-0373 22 Jan 2015 9 (v2) High Pass Apache Tomcat 7.0.x < 7.0.59 Security Manager Bypass CVE-2014-7810 21 May 2015 7.3 (v3) High Pass Apache Tomcat 8.0.x < 8.0.17 Security Manager Bypass CVE-2014-7810 21 May 2015 7.3 (v3) High Pass Jenkins Git Plugin < 4.8.3 XSS CVE-2021-21684 19 Nov 2021 6.1 (v3) Medium Pass Nutanix Data Collection 25 Apr 2022 None Pass Oracle Database Multiple Vulnerabilities (April 2016 CPU) CVE-2016-0677 CVE-2016-0681 CVE-2016-0690 CVE-2016-0691 CVE-2016-3454 27 Apr 2016 9 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11238) CVE-2021-31373 02 Jun 2022 5.4 (v3) Medium Pass PHP 7.4.x < 7.4.18 / 8.x < 8.0.5 Integer Over fl ow 07 May 2021 8.3 (v3) High Pass Atlassian Con fl uence < 7.11.0 SSRF (CONFSERVER-61453) CVE-2020-29445 12 May 2021 4.3 (v3) Medium Pass Cisco Uni fi ed Communications Manager XSS (cisco-sa-cucm-xss-Q4PZcNzJ) CVE-2021-1380 CVE-2021-1407 CVE-2021-1408 CVE-2021-1409 13 May 2021 6.1 (v3) Medium Pass nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE CVE-2021-23017 03 Jun 2021 9.4 (v3) Critical Pass Apache 2.4.x < 2.4.48 Vulnerability CVE-2021-31618 04 Jun 2021 7.5 (v3) High Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M8 vulnerability CVE-2020-13943 21 Jun 2021 4.3 (v3) Medium Pass Dragon fl y CMS install.php newlang Parameter Local File Inclusion CVE-2006-0644 10 Feb 2006 7.5 (v2) High Pass ICMP Domain Name Request 12 Feb 2006 None Pass CommuniGate Pro Server < 5.0.8 LDAP Module Field Handling Remote DoS CVE-2006-0566 13 Feb 2006 5 (v2) Medium Pass PmWiki < 2.1 beta 21 Multiple Vulnerabilities CVE-2006-0479 13 Feb 2006 4.3 (v2) Medium Pass LinPHA <= 1.0 Multiple Vulnerabilities CVE-2006-0713 13 Feb 2006 5 (v2) Medium Pass HP Systems Insight Manager Namazu lang Parameter Traversal Arbitrary File Access CVE-2006-0656 13 Feb 2006 5 (v2) Medium Pass IBM Tivoli Directory Server LDAP Packet Handling DoS CVE-2006-0717 14 Feb 2006 5 (v2) Medium Pass dotProject Multiple Scripts Remote File Inclusion CVE-2006-0754 CVE-2006-0755 CVE-2006-4234 15 Feb 2006 7.5 (v2) High Pass Flyspray install-0.9.7.php adodbpath Parameter Remote File Inclusion CVE-2006-0714 16 Feb 2006 5 (v2) Medium Pass MyBB < 1.04 misc.php SQLi CVE-2006-0959 16 Feb 2006 7.5 (v2) High Pass PostNuke < 0.762 Multiple Vulnerabilities CVE-2006-0800 CVE-2006-0801 CVE-2006-0802 22 Feb 2006 5.1 (v2) Medium Pass SquirrelMail < 1.4.6 Multiple Vulnerabilities CVE-2006-0188 CVE-2006-0195 CVE-2006-0377 22 Feb 2006 5 (v2) Medium Pass Noah's Classi fi eds <= 1.3 Multiple Vulnerabilities CVE-2006-0879 CVE-2006-0880 CVE-2006-0881 CVE-2006-0882 23 Feb 2006 7.5 (v2) High Pass Plume CMS < 1.0.3 Remote File Inclusion CVE-2006-0725 23 Feb 2006 7.5 (v2) High Pass NOCC <= 1.0 Multiple Vulnerabilities CVE-2006-0891 CVE-2006-0892 CVE-2006-0893 CVE-2006-0894 CVE-2006-0895 25 Feb 2006 7.5 (v2) High Pass phpRPC Library rpc_decoder.php decode() Function Arbitrary Code Execution CVE-2006-1032 28 Feb 2006 8.8 (v3) High Pass HP System Management Homepage (SMH) on Windows Namazu lang Parameter Traversal Arbitrary File Access CVE-2006-1023 01 Mar 2006 5 (v2) Medium Pass imageVue < 16.2 admin/upload.php Unrestricted File Upload CVE-2006-0702 03 Mar 2006 7.5 (v2) High Pass vBulletin Email Field XSS CVE-2006-1040 03 Mar 2006 4.3 (v2) Medium Pass Retrospect Client Detection 03 Mar 2006 None Pass Gallery < 2.0.3 IP Spoo fi ng CVE-2006-1126 CVE-2006-1127 CVE-2006-1128 06 Mar 2006 6.4 (v2) Medium 85

Pass Cisco Small Business 220 Series Smart Switch Detection 10 Jan 2022 None Pass Gallery Zipcart Module Arbitrary File Disclosure CVE-2005-4023 06 Mar 2006 5 (v2) Medium Pass Gallery Install Log Local Information Disclosure CVE-2005-4021 06 Mar 2006 5 (v2) Medium Pass 4Images <= 1.7.1 index.php template Parameter Traversal Local File Inclusion CVE-2006-0899 06 Mar 2006 7.5 (v2) High Pass Loudblog < 0.42 template Parameter Traversal CVE-2006-1114 08 Mar 2006 6.4 (v2) Medium Pass Owl Intranet Engine lib/OWL_API.php xrms_ fi le_root Parameter Remote File Inclusion CVE-2006-1149 08 Mar 2006 7.5 (v2) High Pass Geeklog lib-sessions.php Session Cookie Handling Authentication Bypass CVE-2006-1069 09 Mar 2006 7.5 (v2) High Pass SquirrelMail strings.php base_uri Parameter Information Disclosure CVE-2006-3665 09 Mar 2006 4.3 (v2) Medium Pass Easy File Sharing Web Server Multiple Remote Vulnerabilities (FS, XSS, Upload) CVE-2006-1159 CVE-2006-1160 CVE-2006-1161 10 Mar 2006 7.8 (v2) High Pass Gallery stepOrder Parameter Local File Inclusion CVE-2006-1219 10 Mar 2006 5 (v2) Medium Pass Pixelpost < 1.5 RC1 showimage Parameter SQL Injection CVE-2006-1104 13 Mar 2006 7.5 (v2) High Pass Kerio MailServer IMAP Server Crafted LOGIN Command DoS CVE-2006-1158 13 Mar 2006 7.8 (v2) High Pass Ipswitch IMail Server/Collaboration Suite IMAP FETCH Command Over fl ow CVE-2005-3526 13 Mar 2006 6.5 (v2) Medium Pass OTRS WebUI Detection 11 Dec 2017 None Pass Oracle Primavera Gateway Detection 21 Jul 2017 None Pass Advantech WebAccess < 8.2_20170817 Multiple Vulnerabilities CVE-2017-12698 CVE-2017-12702 CVE-2017-12704 CVE-2017-12706 CVE-2017-12708 CVE-2017-12710 CVE-2017-12711 CVE-2017-12713 CVE-2017-12717 08 Sep 2017 9.8 (v3) Critical Pass MyBB search.php 'forums' Parameter SQLi CVE-2006-1065 13 Mar 2006 5 (v2) Medium Pass Kaa IoT Administration Server Detection 04 May 2017 None Pass Cisco Prime Infrastructure Detection 19 Apr 2016 None Pass VMware vRealize Automation Web UI Detection 27 Apr 2016 None Pass JBoss Operations Network Server Detection 06 Jun 2016 None Pass Emerson SM-Ethernet Web Interface Detection 01 Dec 2015 None Pass MyBB 'comma' Cookie SQLi CVE-2006-0959 13 Mar 2006 7.5 (v2) High Pass Cisco Identity Services Engine WebUI Detection 30 Dec 2014 None Pass IBM Rational Focal Point Login Detection 06 Mar 2014 None Pass Admbook content-data.php X-Forwarded-For Header Arbitrary PHP Code Injection CVE-2006-0852 15 Mar 2006 8.8 (v3) High Pass NAS4Free Web UI Detection 14 Apr 2014 None Pass IBM Storwize Web Management Interface Detection 03 Jul 2014 None Pass Bitdefender GravityZone User Interface Detection 25 Jul 2014 None Pass TimThumb Detection 28 Jul 2014 None Pass IBM Jazz Team Server Detection 06 Oct 2014 None Pass Barracuda Web Filter Detection 07 Oct 2014 None Pass Cisco TelePresence Conductor WebUI Detection 26 Nov 2014 None Pass MongoDB Detection 10 Apr 2013 None Pass Trend Micro Message Routing Framework Detection 14 Mar 2011 None Pass ManageEngine SharePoint Manager Plus Detection 05 May 2022 None Pass Horde go.php url Parameter Arbitrary File Access CVE-2006-1260 15 Mar 2006 5 (v2) Medium Pass PHP iCalendar Cookie Data Traversal Local File Inclusion CVE-2006-1292 16 Mar 2006 5.1 (v2) Medium Pass 3S CODESYS CmpWebServerHandlerV3 Heap-based Bu ff er Over fl ow CVE-2019-18858 04 Dec 2019 9.8 (v3) Critical Pass OpenSMTPD Critical LPE / RCE (CVE-2020-7247) CVE-2020-7247 14 Feb 2020 9.8 (v3) Critical Pass Cisco Uni fi ed Communications Manager Information Disclosure (cisco-sa-cucm-inf-disc-wCxZNjL2) CVE-2021-1406 16 Apr 2021 4.9 (v3) Medium Pass Juniper Junos OS DoS (JSA11212) CVE-2021-0298 26 Apr 2022 4.7 (v3) Medium Pass QNAP QTS / QuTS Hero Default Credentials 26 Apr 2022 9.8 (v3) Critical Pass PHP iCalendar publish.ical.php Arbitrary File Upload CVE-2006-1291 17 Mar 2006 8.8 (v3) High Pass MailEnable POP3 Server Authentication Vulnerabilities CVE-2006-1337 22 Mar 2006 7.5 (v2) High Pass MailEnable POP3 Server APOP Command Remote Bu ff er Over fl ow CVE-2006-1792 23 Mar 2006 10 (v2) Critical Pass Joomla! Detection 24 Mar 2006 None Pass Joomla! < 1.0.8 Information Disclosure CVE-2006-1027 24 Mar 2006 5.3 (v3) Medium Pass PostNuke PNphpBB2 includes/functions_admin.php phpbb_root_path Parameter Remote File Inclusion CVE-2006-4968 27 Mar 2006 6.8 (v2) Medium Pass Free Articles Directory index.php page Parameter Remote File Inclusion CVE-2006-1350 27 Mar 2006 7.5 (v2) High Pass phpBannerExchange Template Class Local File Inclusion CVE-2006-1201 27 Mar 2006 5 (v2) Medium Pass Pubcookie Login Server index.cgi XSS CVE-2006-1392 28 Mar 2006 4.3 (v2) Medium Pass PHP Live Helper Multiple Remote File Inclusions CVE-2006-1477 CVE-2006-4051 28 Mar 2006 7.5 (v2) High Pass Horde Help Viewer Arbitrary Code Execution CVE-2006-1491 29 Mar 2006 7.5 (v2) High Pass gCards < 1.46 Multiple Vulnerabilities CVE-2006-1346 CVE-2006-1347 CVE-2006-1348 03 Apr 2006 7.5 (v2) High Pass BASE base_maintenance.php Authentication Bypass CVE-2006-1505 03 Apr 2006 5 (v2) Medium Pass AngelineCMS loadkernel.php installPath Parameter Remote File Inclusion CVE-2006-1653 05 Apr 2006 7.5 (v2) High Pass CubeCart FCKeditor connector.php Arbitrary File Upload CVE-2006-0922 05 Apr 2006 7.5 (v2) High Pass PHProjekt authform.inc.php path_pre Parameter Remote File Inclusion CVE-2004-2740 07 Apr 2006 6.8 (v2) Medium Pass Skype < 1.4.0.84 Multiple Vulnerabilities (uncredentialed check) CVE-2005-3265 CVE-2005-3267 11 Apr 2006 10 (v2) Critical Pass Dokeos < 1.6.4 / 2.0.3 Multiple Scripts Remote File Inclusion CVE-2006-2286 12 Apr 2006 6.8 (v2) Medium Pass Clever Copy connect.inc Direct Request Information Disclosure CVE-2006-1718 12 Apr 2006 5 (v2) Medium Pass Plone Unprotected MembershipTool Methods Arbitrary Portrait Manipulation CVE-2006-1711 14 Apr 2006 5 (v2) Medium Pass Adobe Document Server for Reader Extensions < 6.1 Multiple Vulnerabilities CVE-2006-1627 CVE-2006-1785 CVE-2006-1786 CVE-2006-1787 CVE-2006-1788 14 Apr 2006 7.5 (v2) High Pass phpList index.php database_module Parameter Local File Inclusion CVE-2006-1746 14 Apr 2006 5 (v2) Medium Pass Simplog <= 0.9.2 Multiple Vulnerabilities CVE-2006-1776 CVE-2006-1777 CVE-2006-1778 CVE-2006-1779 14 Apr 2006 7.5 (v2) High Pass PAJAX < 0.5.2 Multiple Vulnerabilities CVE-2006-1551 CVE-2006-1789 16 Apr 2006 7.5 (v2) High Pass phpWebSite index.php hub_dir Parameter Local File Inclusion CVE-2006-1819 16 Apr 2006 7.5 (v2) High Pass Sphider con fi gset.php settings_dir Parameter Remote File Inclusion CVE-2006-1784 16 Apr 2006 5.1 (v2) Medium Pass phpAlbum language.php data_dir Parameter Remote File Inclusion CVE-2006-1839 17 Apr 2006 7.5 (v2) High Pass Sysinfo name Parameter Arbitrary Code Execution CVE-2006-1831 17 Apr 2006 7.5 (v2) High Pass phpWebFTP index.php language Parameter Local File Inclusion CVE-2006-1813 17 Apr 2006 6.4 (v2) Medium Pass MyBB global.php 'KILL_GLOBAL' Overwrite SQL Injection CVE-2006-1912 17 Apr 2006 5.8 (v2) Medium Pass ActualAnalyzer direct.php rf Parameter Remote File Inclusion CVE-2006-1959 19 Apr 2006 7.5 (v2) High Pass GDB Server Detection 19 Apr 2006 7.5 (v2) High Pass OpenSSL 1.0.2 < 1.0.2zc-dev Vulnerability CVE-2021-4160 29 Jan 2022 5.9 (v3) Medium Pass phpBB Advanced GuestBook addentry.php phpbb_root_path Parameter Remote File Inclusion CVE-2006-2152 03 May 2006 7.5 (v2) High Pass Asterisk Recording Interface (ARI) includes/main.conf Remote Credential Disclosure CVE-2006-2020 03 May 2006 7.8 (v2) High Pass Asterisk Recording Interface (ARI) misc/audio.php recording Parameter Traversal Arbitrary File Access CVE-2006-2021 03 May 2006 5 (v2) Medium Pass Help Center Live osTicket Module Multiple Unspeci fi ed SQL Injections CVE-2006-2039 03 May 2006 7.5 (v2) High Pass Invision Power Board 2.x.x < 04-25-06 Multiple Vulnerabilities CVE-2006-2059 CVE-2006-2060 CVE-2006-2061 03 May 2006 6.4 (v2) Medium Pass Monster Top List sources/functions.php root_path Parameter Remote File Inclusion CVE-2006-1781 03 May 2006 7.5 (v2) High Pass phpListPro Multiple Script returnpath Parameter Remote File Inclusions CVE-2006-1749 CVE-2006-2323 03 May 2006 7.5 (v2) High Pass sBLOG search.php keyword Parameter SQL Injection CVE-2006-2189 03 May 2006 10 (v2) Critical Pass phpBB Multiple Module phpbb_root_path Parameter Remote File Inclusion CVE-2006-2245 CVE-2006-5301 CVE-2006-5306 CVE-2006-5390 CVE-2006-5418 CVE-2006-7090 CVE-2006-7100 CVE-2006-7147 CVE-2007-5009 CVE-2007-5100 04 May 2006 6.8 (v2) Medium Pass AWStats migrate Parameter Arbitrary Command Execution CVE-2006-2237 08 May 2006 5.1 (v2) Medium Pass Aardvark Topsites CONFIG[path] Parameter Remote File Inclusion CVE-2006-2149 08 May 2006 6.4 (v2) Medium Pass Juniper Junos OS DoS (JSA11168) CVE-2021-0240 CVE-2021-0241 07 May 2021 6.5 (v3) Medium Pass Claroline ldap.inc.php clarolineRepositorySys Parameter Remote File Inclusion CVE-2006-2284 11 May 2006 6.8 (v2) Medium Pass Dell EMC iDRAC8 < 2.80.80.80 / Dell EMC iDRAC9 < 4.40.40.00 (DSA-2021-177) CVE-2021-36301 03 Jun 2022 7.2 (v3) High Pass Dell EMC iDRAC9 4.40.x < 4.40.29.00 (DSA-2021-177) CVE-2021-36299 03 Jun 2022 8.1 (v3) High Pass IdealBB < 1.5.4b Multiple Vulnerabilities (XSS, SQLi, Upload, Traversal) CVE-2006-2317 CVE-2006-2318 CVE-2006-2319 CVE-2006-2320 CVE-2006-2321 11 May 2006 7.5 (v2) High Pass Dell EMC iDRAC9 < 5.00.00.00 (DSA-2021-177) CVE-2021-36300 03 Jun 2022 8.2 (v3) High Pass Stadtaus Gaestebuch-Script index.php include_ fi les Parameter Remote File Inclusion CVE-2006-2158 11 May 2006 6.4 (v2) Medium Pass Cisco NX-OS Software Unidirectional Link Detection DoS / Code Execution (cisco-sa-nxos-udld-rce-xetH6w35) CVE-2021-1368 19 May 2021 8.8 (v3) High Pass e107 e107_cookie Parameter SQL Injection CVE-2006-2416 15 May 2006 5.1 (v2) Medium Pass Cisco Web Security Appliance Stored XSS (cisco-sa-wsa-xss-RuB5WGqL) CVE-2021-1271 20 May 2021 4.8 (v3) Medium Pass Citrix ADC Authentication Bypass (CTX261055) CVE-2019-18225 25 May 2021 9.8 (v3) Critical Pass Juniper Junos OS DoS (JSA11132) CVE-2021-0237 26 May 2021 6.5 (v3) Medium Pass ACal embed/day.php path Parameter Remote File Inclusion CVE-2006-2261 15 May 2006 7.5 (v2) High Pass EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 P2 Insecure Credential Storage CVE-2021-29253 28 May 2021 5.5 (v3) Medium Pass Limbo weblinks.html.php catid Parameter SQL Injection CVE-2006-2363 15 May 2006 5.1 (v2) Medium Pass Dovecot Multiple Command Traversal Arbitrary Directory Listing CVE-2006-2414 15 May 2006 5 (v2) Medium Pass Squirrelcart cart_content.php cart_isp_root Parameter Remote File Inclusion CVE-2006-2483 17 May 2006 6.4 (v2) Medium Pass Skype URI Handling Arbitrary File Download (uncredentialed check) CVE-2006-2312 19 May 2006 2.6 (v2) Low Pass Nucleus CMS PLUGINADMIN.php DIR_LIBS Parameter Remote File Inclusion CVE-2006-2583 25 May 2006 5.1 (v2) Medium Pass BASE Multiple Script BASE_path Parameter Remote File Inclusion CVE-2006-2685 27 May 2006 4 (v2) Medium Pass e107 email.php Arbitrary Mail Relay CVE-2006-2591 31 May 2006 5 (v2) Medium Pass SquirrelMail plugin.php plugins Parameter Local File Inclusion CVE-2006-2842 03 Jun 2006 7.5 (v2) High Pass LifeType index.php articleId Parameter SQL Injection CVE-2006-2857 04 Jun 2006 7.5 (v2) High Pass MySQL Anonymous Login Handshake Remote Information Disclosure CVE-2006-1516 04 Jun 2006 5 (v2) Medium Pass Claroline Multiple Script includePath Parameter Remote File Inclusion CVE-2006-2868 05 Jun 2006 5.1 (v2) Medium 86

Pass Pixelpost index.php category Parameter SQL Injection CVE-2006-2889 06 Jun 2006 5.1 (v2) Medium Pass DokuWiki Spell Checker Embedded Link Arbitrary PHP Code Execution CVE-2006-2878 06 Jun 2006 7.5 (v2) High Pass OpenEMR C_FormEvaluation.class.php fi leroot Parameter Remote File Inclusion CVE-2006-2929 09 Jun 2006 6.8 (v2) Medium Pass Rendezvous Daemon Detection 10 Jun 2006 None Pass Calendarix Multiple Script id Parameter SQL Injection CVE-2006-3094 17 Jun 2006 5.1 (v2) Medium Pass Adobe Experience Manager < 6.5.9.0 Multiple Vulnerabilities (APSB21-39) CVE-2021-28625 CVE-2021-28626 CVE-2021-28627 CVE-2021-28628 10 Jun 2021 8.8 (v3) High Pass Wikka wikka.php Local File Inclusion CVE-2006-7049 17 Jun 2006 7.5 (v2) High Pass BlueDragon 6.2.1 Multiple Remote Vulnerabilities (XSS, DoS) CVE-2006-2310 CVE-2006-2311 23 Jun 2006 5 (v2) Medium Pass Cisco IOS XE Software SD WAN Console Privilege Escalation (cisco-sa-sdwan-esc-rSNVvTf9) CVE-2021-1371 08 Jul 2021 6.6 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11178) 14 Jul 2021 5.5 (v3) Medium Pass Juniper Junos OS DoS (JSA11054) CVE-2020-1660 14 Jul 2021 9.9 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11177) 14 Jul 2021 7.8 (v3) High Pass TeamCity Server < 2020.2.4 Multiple Vulnerabilities CVE-2020-7908 CVE-2020-7909 CVE-2020-7910 CVE-2020-7911 CVE-2020-11686 CVE-2020-11687 CVE-2020-11688 CVE-2020-11689 CVE-2020-11938 CVE-2020-15826 CVE-2021-3315 CVE-2021-26309 CVE-2021-26310 CVE-2021-31904 CVE-2021-31906 16 Jul 2021 9.8 (v3) Critical Pass Scout Portal Toolkit SPT--ForumTopics.php forumid Parameter SQL Injection CVE-2006-3309 28 Jun 2006 7.5 (v2) High Pass Geeklog Multiple Script _CONF[path] Parameter Remote File Inclusion CVE-2006-6225 29 Jun 2006 5.1 (v2) Medium Pass FCKeditor on Apache connector.php Crafted File Extension Arbitrary File Upload CVE-2006-3362 29 Jun 2006 8.8 (v3) High Pass MySQL 5.7.x < 5.7.35 Multiple Vulnerabilities (Jul 2021 CPU) CVE-2019-17543 CVE-2021-2342 CVE-2021-2356 CVE-2021-2372 CVE-2021-2385 CVE-2021-2389 CVE-2021-2390 CVE-2021-22901 22 Jul 2021 8.1 (v3) High Pass SiteBuilder-FX top.php admindir Parameter Remote File Inclusion CVE-2006-3395 02 Jul 2006 5.1 (v2) Medium Pass CommuniGate Pro POP Service Empty Inbox Remote DoS CVE-2006-3477 04 Jul 2006 5 (v2) Medium Pass Horde < 3.0.11 / 3.1.2 Multiple Script XSS CVE-2006-3548 CVE-2006-3549 05 Jul 2006 4.3 (v2) Medium Pass LifeType index.php Date Parameter SQL Injection CVE-2006-3577 05 Jul 2006 7.5 (v2) High Pass Mambo phpBB Component download.php phpbb_root_path Parameter Remote File Inclusion CVE-2006-7208 11 Jul 2006 6.8 (v2) Medium Pass SimpleBoard / Joomlaboard 'sbp' Parameter Remote File Include CVE-2006-3528 CVE-2006-5043 11 Jul 2006 8.1 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.57 Multiple Vulnerabilities CVE-2020-13934 CVE-2020-13935 17 Jul 2020 7.5 (v3) High Pass Juniper Junos OS DoS (JSA11274) CVE-2022-22166 14 Feb 2022 6.5 (v3) Medium Pass Mambo / Joomla! Component / Module 'mosCon fi g_absolute_path' Multiple Parameter Remote File Include Vulnerabilities CVE-2006-3396 CVE-2006-3530 CVE-2006-3556 CVE-2006-3748 CVE-2006-3749 CVE-2006-3750 CVE-2006-3751 CVE-2006-3773 CVE-2006-3774 CVE-2006-3846 CVE-2006-3947 CVE-2006-3949 CVE-2006-3980 CVE-2006-3995 CVE-2006-4074 CVE-2006-4 15 Jul 2006 8.1 (v3) High Pass VHCS include/sql.php include_path Parameter Remote File Inclusion 19 Jul 2006 6.8 (v2) Medium Pass VHCS login.php check_login() Function Authentication Bypass CVE-2006-0685 19 Jul 2006 10 (v2) Critical Pass Invision Power Board classes/class_session.php CLIENT_IP HTTP Header SQL Injection CVE-2006-7071 24 Jul 2006 7.5 (v2) High Pass TWiki con fi gure Script Arbitrary Command Execution CVE-2006-3819 31 Jul 2006 8.8 (v3) High Pass phpMyAdmin import_blacklist Variable Overwriting CVE-2005-4079 31 Jul 2006 5 (v2) Medium Pass eIQnetworks Enterprise Security Analyzer Syslog Server Detection 02 Aug 2006 None Pass eIQnetworks Enterprise Security Analyzer License Manager Detection 02 Aug 2006 None Pass nginx Data Disclosure Vulnerability CVE-2017-7529 16 Oct 2018 7.5 (v3) High Pass Jenkins < 2.89.2 / 2.95 Multiple Vulnerabilities CVE-2017-1000503 CVE-2017-1000504 01 Feb 2018 8.1 (v3) High Pass Jenkins < 1.642.2 / 1.650 and Jenkins Enterprise < 1.609.16.1 / 1.625.16.1 / 1.642.2.1 Multiple Vulnerabilities CVE-2016-0788 CVE-2016-0789 CVE-2016-0790 CVE-2016-0791 CVE-2016-0792 14 Mar 2016 9.8 (v3) Critical Pass nginx < 1.6.1 / 1.7.4 SMTP STARTTLS Command Injection CVE-2014-3556 19 Aug 2014 6.5 (v3) Medium Pass Jenkins < 1.514 / 1.509.1 and Jenkins Enterprise 1.466.x / 1.480.x < 1.466.14.1 / 1.480.4.1 Multiple Vulnerabilities CVE-2013-1808 CVE-2013-2033 CVE-2013-2034 14 Jun 2013 6.8 (v2) Medium Pass Ping the remote host 24 Jun 1999 None Pass nginx 1.0.7 - 1.0.14 / 1.1.3 - 1.1.18 ngx_http_mp4_module Bu ff er Over fl ow CVE-2012-2089 13 Apr 2012 5.6 (v3) Medium Pass Jenkins < 2.107 / < 2.89.4 (LTS) Server-Side Request Forgery (SSRF) Vulnerability CVE-2018-1000067 05 Jun 2019 5.3 (v3) Medium Pass Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities CVE-2019-10352 CVE-2019-10353 CVE-2019-10354 26 Jul 2019 7.5 (v3) High Pass Jenkins weekly < 2.280 Privilege Escalation CVE-2021-22112 09 Apr 2021 8.8 (v3) High Pass Jenkins LTS < 2.277.3 / Jenkins weekly < 2.286 CVE-2021-28165 23 Apr 2021 7.5 (v3) High Pass Barracuda Spam Firewall Default Credentials CVE-2006-4000 CVE-2006-4001 CVE-2006-4081 CVE-2006-4082 02 Aug 2006 7.5 (v2) High Pass eIQnetworks Enterprise Security Analyzer Topology Server Detection 03 Aug 2006 None Pass eIQnetworks Enterprise Security Analyzer Monitoring Agent Detection 10 Aug 2006 None Pass ManageEngine AssetExplorer < 6.1.0 Build 6113 Multiple XSS CVE-2015-2169 CVE-2015-5061 09 Nov 2015 3.1 (v3) Low Pass PostgreSQL Empty Password Handling Remote Authentication Bypass CVE-2017-7546 20 Oct 2017 9.8 (v3) Critical Pass TLS Padding Oracle Information Disclosure Vulnerability (TLS POODLE) CVE-2014-8730 15 Dec 2014 5.3 (v3) Medium Pass RealVNC Java Viewer Detection 09 Jan 2014 None Pass TigerVNC Java Viewer Detection 09 Jan 2014 None Pass ManageEngine AssetExplorer < 5.6.0 Build 5614 XML Asset Data XSS CVE-2012-5956 24 Jan 2013 3.1 (v3) Low Pass MS12-026: Vulnerabilities in Forefront Uni fi ed Access Gateway (UAG) Could Allow Information Disclosure (2663860) (uncredentialed check) CVE-2012-0146 CVE-2012-0147 27 Apr 2012 4.3 (v2) Medium Pass MS12-036: Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939) (uncredentialed check) CVE-2012-0173 16 Jul 2012 9.3 (v2) High Pass RuggedCom RuggedOS Default 'factory' Account Backdoor CVE-2012-1803 12 Jun 2012 9.8 (v3) Critical Pass ManageEngine AssentExplorer < 6.8 Unauthenticated Stored XSS CVE-2021-20080 12 Apr 2021 6.1 (v3) Medium Pass WEBInsta CMS index.php templates_dir Parameter Remote File Inclusion CVE-2006-4196 14 Aug 2006 7.5 (v2) High Pass Informix Detection 16 Aug 2006 None Pass SquirrelMail compose.php session_expired_post Arbitrary Variable Overwriting CVE-2006-4019 17 Aug 2006 6.4 (v2) Medium Pass CubeCart < 3.0.12 Multiple Vulnerabilities (SQLi, XSS) CVE-2006-4267 CVE-2006-4268 17 Aug 2006 7.5 (v2) High Pass Owl Intranet Engine <= 0.91 Multiple Vulnerabilities CVE-2006-4211 CVE-2006-4212 17 Aug 2006 7.5 (v2) High Pass Zen Cart ipn_main_handler.php custom SQL Injection CVE-2006-4214 17 Aug 2006 7.5 (v2) High Pass IBM Cognos Analytics Web Interface Detection 20 Sep 2021 None Pass Zen Cart autoload_func.php autoLoadCon fi g Array Remote File Inclusion CVE-2006-4215 17 Aug 2006 5.1 (v2) Medium Pass Docebo GLOBALS Variable Overwrite Remote File Inclusion CVE-2006-2576 CVE-2006-2577 17 Aug 2006 5.1 (v2) Medium Pass MDaemon < 9.0.6 POP3 Server USER / APOP Command Remote Over fl ow CVE-2006-4364 23 Aug 2006 5 (v2) Medium Pass phpCOIN Multiple Script _CCFG Parameter Remote File Inclusion CVE-2006-4424 CVE-2006-4425 25 Aug 2006 5.1 (v2) Medium Pass PHP < 4.4.3 / 5.1.4 Multiple Vulnerabilities CVE-2006-0996 CVE-2006-1490 CVE-2006-1494 CVE-2006-1608 CVE-2006-1990 CVE-2006-1991 CVE-2006-2563 CVE-2006-2660 CVE-2006-3011 CVE-2006-3016 CVE-2006-3017 CVE-2006-3018 CVE-2006-4433 25 Aug 2006 9.3 (v2) High Pass Zend Session Clustering Daemon Detection 25 Aug 2006 None Pass PHProjekt <= 5.1 Multiple Remote File Inclusions CVE-2006-4204 29 Aug 2006 7.5 (v2) High Pass Feedsplitter <= 2006-01-21 Multiple Remote Vulnerabilities (XSS, Traversal, Disc) CVE-2006-4549 CVE-2006-4550 CVE-2006-4551 CVE-2006-4552 31 Aug 2006 7.5 (v2) High Pass CubeCart < 3.0.13 Multiple Remote Vulnerabilities (LFI, SQLi, XSS) CVE-2006-4525 CVE-2006-4526 CVE-2006-4527 31 Aug 2006 7.5 (v2) High Pass Joomla! < 1.0.11 administrator/index.php Input Weakness CVE-2006-4468 01 Sep 2006 5.6 (v3) Medium Pass Joomla! < 1.0.11 Unspeci fi ed Remote Code Execution CVE-2005-3390 CVE-2006-4469 01 Sep 2006 5.6 (v3) Medium Pass e107 ibrowser.php zend_has_del() Function Remote Code Execution CVE-2005-3390 CVE-2006-3017 02 Sep 2006 8.8 (v3) High Pass TikiWiki jhot.php Arbitrary File Upload CVE-2006-4602 04 Sep 2006 8.8 (v3) High Pass Mailman Utils.py Spoofed Log Entry Injection CVE-2006-4624 05 Sep 2006 2.6 (v2) Low Pass Cisco IOS XE Software TrustSec CLI Parser DoS (cisco-sa-trustsec-dos-7fuXDR2) CVE-2021-34699 19 Oct 2021 7.7 (v3) High Pass PmWiki < 2.1.21 Global Variables Overwriting CVE-2006-3017 06 Sep 2006 7.5 (v2) High Pass Cisco IOS Software TrustSec CLI Parser DoS (cisco-sa-trustsec-dos-7fuXDR2) CVE-2021-34699 19 Oct 2021 7.7 (v3) High Pass DokuWiki doku.php X-FORWARDED-FOR HTTP Header Arbitrary Code Injection CVE-2006-4674 08 Sep 2006 7.5 (v2) High Pass TWiki ' fi lename' Parameter Traversal Arbitrary File Access CVE-2006-4294 15 Sep 2006 5 (v2) Medium Pass RMI Remote Object Detection 15 Sep 2006 None Pass Moodle < 1.6.2 Multiple Vulnerabilities CVE-2006-4784 CVE-2006-4785 CVE-2006-4786 15 Sep 2006 7.5 (v2) High Pass Claroline claro_init_local.inc.php extAuthSource[newUser] Parameter Remote File Inclusion CVE-2006-4844 16 Sep 2006 5.1 (v2) Medium Pass QNAP QTS Multiple Vulnerabilities in File Station (QSA-20-01) CVE-2018-19943 CVE-2018-19949 CVE-2018-19953 26 May 2022 9.8 (v3) Critical Pass Dokeos claro_init_local.inc.php extAuthSource Parameter Array Remote File Inclusion CVE-2006-4844 16 Sep 2006 5.1 (v2) Medium Pass Limbo Contact Component (com_contact) contact.html.php contact_attach Unrestricted File Upload CVE-2006-4859 16 Sep 2006 8.8 (v3) High Pass Site@School Multiple Script cmsdir Parameter Remote File Inclusion CVE-2006-4920 CVE-2006-4921 16 Sep 2006 7.5 (v2) High Pass Limbo com_fm Component sql.php classes_dir Parameter Remote File Inclusion 17 Sep 2006 6.8 (v2) Medium Pass Derby Network Server Detection 18 Sep 2006 None Pass Exponent CMS index.php view Parameter Local File Inclusion CVE-2006-4963 19 Sep 2006 6.4 (v2) Medium Pass MyReview Admin.php email Parameter SQL Injection CVE-2006-4957 19 Sep 2006 7.5 (v2) High Pass SAP Internet Transaction Server wgate Multiple Parameter XSS CVE-2006-5114 28 Sep 2006 6.8 (v2) Medium Pass DokuWiki fetch.php Multiple Parameter imconvert Function Arbitrary Command Execution CVE-2006-5098 CVE-2006-5099 29 Sep 2006 8.8 (v3) High Pass Sun Secure Global Software / Tarantella Detection 29 Sep 2006 None Pass HAMweather Template.php do_parse_code Function Arbitrary Code Execution CVE-2006-5185 04 Oct 2006 7.5 (v2) High Pass Moodle 'index.php' 'tag' Parameter SQL Injection CVE-2006-5219 10 Oct 2006 5.1 (v2) Medium Pass Pervasive PSQL / Btrieve Server Detection 10 Oct 2006 None Pass Cisco IOS XE Software NETCONF RESTCONF Authentication Bypass (cisco-sa-aaa-Yx47ZT8Q) CVE-2021-1619 06 Oct 2021 9.1 (v3) Critical Pass BlueShoes lib/googlesearch/GoogleSearch.php APP[path][lib] Parameter Remote File Inclusion CVE-2006-5250 13 Oct 2006 5.1 (v2) Medium Pass Web Site sitemap.xml File and Directory Disclosure 14 Oct 2006 None Pass phpMyConferences menus.inc.php lvc_include_dir Parameter Remote File Inclusion CVE-2006-5310 16 Oct 2006 6.8 (v2) Medium Pass Open Conference System < 1.1.6 Multiple Script fullpath Parameter Remote File Inclusion CVE-2006-5308 18 Oct 2006 7.5 (v2) High Pass SolarWinds Virtualization Manager <= 6.3.1 Privilege Escalation CVE-2016-3643 08 Nov 2021 7.8 (v3) High Pass Microsoft Windows Server Version 1809 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Microsoft Windows Server Version 1803 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Microsoft Windows Server Version 1709 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Microsoft Windows Server Version 1903 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Microsoft Windows Server Version 1909 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Trend Micro O ffi ceScan 10 SP1 < 10 SP1 Patch 2329 Multiple Vulnerabilities (000287815) CVE-2021-36741 CVE-2021-36742 08 Nov 2021 8.8 (v3) High 87

Pass MongoDB Server Login Possible 08 Nov 2021 None Pass Cerberus Helpdesk rpc.php Arbitrary Ticket Information Disclosure CVE-2006-5428 18 Oct 2006 5 (v2) Medium Pass Draytek VigorConnect Web UI Detection 08 Nov 2021 None Pass Draytek VigorConnect LFI (CVE-2021-20123) CVE-2021-20123 08 Nov 2021 7.5 (v3) High Pass Asterisk Skinny Channel Driver (chan_skinny) get_input Function Remote Over fl ow CVE-2006-5444 19 Oct 2006 7.5 (v2) High Pass Hosting Controller Multiple Script ForumID Parameter SQL Injection CVE-2006-5629 23 Oct 2006 7.5 (v2) High Pass Apache Air fl ow Web API Detection 26 Apr 2022 None Pass Segue CMS themesettings.inc.php themesdir Parameter Remote File Inclusion CVE-2006-5497 28 Oct 2006 7.5 (v2) High Pass miniBB bb_func_txt.php pathToFiles Parameter Remote File Inclusion CVE-2006-5673 30 Oct 2006 6.8 (v2) Medium Pass e107 class2.php e107language_e107cookie Cookie Traversal Local File Inclusion CVE-2006-5786 06 Nov 2006 7.5 (v2) High Pass OpenLDAP SASL authcid Name BIND Request DoS CVE-2006-5779 07 Nov 2006 5 (v2) Medium Pass Exhibit Engine styles.php toroot Parameter Remote File Inclusion CVE-2006-7183 CVE-2006-7184 14 Nov 2006 6.8 (v2) Medium Pass MODx CMS base_path Parameter Remote File Inclusion CVE-2006-5730 14 Nov 2006 5.1 (v2) Medium Pass IBM WebSphere Application Server SOAP Connector Error Page XSS CVE-2006-2431 16 Nov 2006 4.3 (v2) Medium Pass Etomite CMS index.php id Parameter SQL Injection CVE-2006-6048 23 Nov 2006 6.8 (v2) Medium Pass HSQLDB Server Default Credentials 27 Nov 2006 7.5 (v2) High Pass IBM WebSphere Application Server '%20' Request Source Disclosure CVE-2005-0425 14 Nov 2006 5 (v2) Medium Pass IBM WebSphere snoopservlet Path Disclosure 14 Nov 2006 5 (v2) Medium Pass ManageEngine ADAudit Plus < Build 7060 XXE RCE CVE-2022-28219 27 Apr 2022 9.8 (v3) Critical Pass Serendipity serendipity_event_bbcode.php Script serendipity[charset] Parameter Local File Inclusion CVE-2006-6242 01 Dec 2006 6.8 (v2) Medium Pass PHP Easy Download admin/save.php moreinfo Parameter Code Injection 07 Dec 2006 7.5 (v2) High Pass Patch Management: HCL BigFix Get Installed Packages 27 Apr 2022 None Pass Cisco IOS XE Software DECnet Phase IV/OSI DoS (cisco-sa-iosxe-decnet-dos-cuPWDkyL) CVE-2021-1352 20 May 2021 6.5 (v3) Medium Pass Microsoft Azure CycleCloud Privilege Escalation (CVE-2021-33762) CVE-2021-33762 13 Aug 2021 7.8 (v3) High Pass Cisco IOS Software PTP DoS Vulnerability (cisco-sa-20180926-ptp) CVE-2018-0473 05 Oct 2018 8.6 (v3) High Pass Cisco Catalyst 4000 Series Switches TCP Denial of Service Vulnerability (cisco-sa-20190925-cat4000-tcp-dos) CVE-2019-12652 04 Oct 2019 7.5 (v3) High Pass Cisco IOx Application Environment DoS Vulnerability (cisco-sa-20190925-iox) CVE-2019-12656 09 Oct 2019 7.5 (v3) High Pass Juniper Junos OS DoS (JSA11184) CVE-2021-0280 14 Sep 2021 7.5 (v3) High Pass Juniper Junos OS DoS (JSA11186) CVE-2021-0282 14 Sep 2021 7.5 (v3) High Pass JCE Admin Component for Joomla! 'plugin' Parameter Local File Include CVE-2006-6419 10 Dec 2006 7.3 (v3) High Pass Liferay Portal 7.3.5 Stored XSS CVE-2021-29046 21 Sep 2021 6.1 (v3) Medium Pass phpWebThings core/editor.php editor_insert_bottom Parameter Remote File Inclusion CVE-2006-6042 10 Dec 2006 6.8 (v2) Medium Pass ICCP/COTP TSAP Addressing Weakness 11 Dec 2006 5 (v2) Medium Pass Schneider Electric FTP Server Default Credentials 11 Dec 2006 10 (v3) Critical Pass VMware vCenter Server < 7.0 U2d Multiple Vulnerabilities (VMSA-2021-0020) CVE-2021-22011 CVE-2021-22018 22 Sep 2021 6.5 (v3) Medium Pass Apache >= 2.4.17 < 2.4.49 mod_http2 CVE-2021-33193 23 Sep 2021 7.5 (v3) High Pass Modicon Quantum Telnet Server Default Credentials 11 Dec 2006 6.4 (v2) Medium Pass Kerio MailServer < 6.3.1 Long LDAP Query DoS CVE-2006-6554 15 Dec 2006 5 (v2) Medium Pass PHP-Update blog.php Variable Overwriting Arbitrary Code Execution CVE-2006-6661 20 Dec 2006 7.5 (v2) High Pass TYPO3 'spell-check-logic.php' 'userUid' Parameter Arbitrary Command Execution CVE-2006-6690 21 Dec 2006 8.8 (v3) High Pass IBM DB2 < 8.1 FixPak 12 EXCSAT Long MGRLVLLS Message Remote DoS CVE-2006-3066 23 Dec 2006 5.3 (v3) Medium Pass IBM DB2 < 8.1 Fix Pack 14 Multiple Vulnerabilities CVE-2006-6638 CVE-2007-1228 23 Dec 2006 5.3 (v3) Medium Pass Cacti cmd.php Multiple Parameter SQL Injection Arbitrary Command Execution CVE-2006-6799 02 Jan 2007 7.5 (v2) High Pass Cacti copy_cacti_user.php template_user Variable SQL Injection 02 Jan 2007 7.5 (v2) High Pass Ultimate PHP Board chat/login.php username Parameter Arbitrary Command Execution CVE-2006-6790 02 Jan 2007 8.8 (v3) High Pass phpMyFAQ < 1.6.8 Multiple SQL Injection Vulnerabilities CVE-2006-6912 CVE-2006-6913 10 Jan 2007 7.5 (v2) High Pass Oreon lang/index.php fi le Parameter Remote File Inclusion CVE-2007-0360 19 Jan 2007 7.5 (v2) High Pass Website Baker REMEMBER_KEY Cookie SQL Injection CVE-2007-0527 23 Jan 2007 6.8 (v2) Medium Pass Apache Log4Shell RCE detection via callback correlation (Direct Check HTTP) CVE-2021-44228 11 Dec 2021 10 (v3) Critical Pass ARCserve Backup for Laptops & Desktops Server Detection 26 Jan 2007 None Pass PHProxy Detection 30 Jan 2007 None Pass Drupal Multiple Module $_SESSION Manipulation CAPTCHA Bypass CVE-2007-0658 01 Feb 2007 5 (v2) Medium Pass Drupal Comment Function Arbitrary Code Execution CVE-2007-0626 01 Feb 2007 5.1 (v2) Medium Pass Drupal Comment Module comment_form_add_preview() Function Arbitrary Code Execution CVE-2007-0626 01 Feb 2007 5.1 (v2) Medium Pass ExoPHPDesk faq.php id Parameter SQL Injection CVE-2007-0676 01 Feb 2007 6.8 (v2) Medium Pass Default Password (oracle) for 'oracle' Account CVE-1999-0502 06 Feb 2007 9.8 (v3) Critical Pass Advanced Poll admin/index.php Session Identi fi er Replay Authentication Bypass CVE-2007-0845 08 Feb 2007 7.5 (v2) High Pass AXIGEN Mail Server < 2.0.0 Multiple Remote Vulnerabilities CVE-2007-0886 CVE-2007-0887 09 Feb 2007 10 (v2) Critical Pass Solaris 10 Forced Login Telnet Authentication Bypass CVE-2007-0882 12 Feb 2007 10 (v2) Critical Pass LifeType rss.php pro fi le Parameter Traversal Arbitrary File Access CVE-2007-0979 16 Feb 2007 5 (v2) Medium Pass phpMyFAQ < 1.6.10 Multiple Script Arbitrary File Upload CVE-2007-1032 20 Feb 2007 6.8 (v2) Medium Pass ZPanel 2.0 Multiple Script Remote File Inclusion CVE-2005-0793 CVE-2007-1123 23 Feb 2007 7.5 (v2) High Pass IBM DB2 < 9 Fix Pack 2 Multiple Vulnerabilities CVE-2007-1086 CVE-2007-1087 CVE-2007-1088 CVE-2007-1228 23 Feb 2007 9.8 (v3) Critical Pass Pagesetter for PostNuke index.php id Parameter Traversal Arbitrary File Access CVE-2007-1158 27 Feb 2007 5 (v2) Medium Pass OrangeHRM login.php txtUserName Parameter SQL Injection CVE-2007-1193 01 Mar 2007 9.3 (v2) High Pass Juniper Junos OS Vulnerability (JSA11278) CVE-2022-22172 12 Jan 2022 6.5 (v3) Medium Pass Default Password (password) for 'root' Account CVE-1999-0502 CVE-2006-5288 CVE-2012-4577 01 Mar 2007 9.8 (v3) Critical Pass getID3 < 1.7.8-b1 Multiple Remote Vulnerabilities CVE-2007-1035 01 Mar 2007 7.5 (v2) High Pass Atlassian JIRA XSRF, Open Redirect, and Access Control Bypass Vulnerabilities CVE-2018-13400 CVE-2018-13401 CVE-2018-13402 02 Nov 2018 6.1 (v3) Medium Pass Apache Struts Con fi g Browser Plugin Detection 15 Feb 2019 5.3 (v3) Medium Pass VMware AirWatch Console HTTP Detection 02 Feb 2018 None Pass Linksys Smart Wi-Fi Web Interface Detection 19 Jul 2017 None Pass Advantech WebAccess SQLi CVE-2017-5154 30 Jan 2017 9.8 (v3) Critical Pass Intel Management Engine Authentication Bypass (INTEL-SA-00075) (remote check) CVE-2017-5689 04 May 2017 9.8 (v3) Critical Pass H3C / HPE Intelligent Management Center accessMgrServlet Java Object Deserialization RCE CVE-2017-5790 28 Apr 2017 9.8 (v3) Critical Pass Flexera FlexNet Publisher Detection 24 Mar 2016 None Pass H3C / HPE Intelligent Management Center Java Object Deserialization RCE CVE-2016-4372 23 Aug 2016 9.8 (v3) Critical Pass Topsec Firewall Cookie Command Injection (ELIGIBLECANDIDATE) 25 Oct 2016 9.8 (v3) Critical Pass Advantech WebAccess 7.2 < 7.2-2014.07.30 Multiple ActiveX RCE CVE-2014-0985 CVE-2014-0986 CVE-2014-0987 CVE-2014-0988 CVE-2014-0989 CVE-2014-0990 CVE-2014-0991 CVE-2014-0992 24 Aug 2015 6.8 (v2) Medium Pass Ipswitch IMail Server < 2006.2 Multiple Remote Over fl ows CVE-2007-1637 07 Mar 2007 9.3 (v2) High Pass Advantech WebAccess < 7.0-2011.12.20 Multiple Vulnerabilities 28 Aug 2015 7.5 (v2) High Pass LedgerSMB / SQL-Ledger fi le Parameter Multiple Vulnerabilities 09 Mar 2007 7.5 (v2) High Pass LedgerSMB / SQL-Ledger admin.pl Admin Authentication Bypass CVE-2007-1436 09 Mar 2007 7.5 (v2) High Pass Advantech WebAccess openWidget Script Path Traversal Remote File Disclosure CVE-2016-0855 18 Feb 2016 7.5 (v3) High Pass HP Universal Con fi guration Management Database Data Flow Probe Gateway Detection 18 Mar 2015 None Pass RuggedCom RuggedOS < 3.12.2 Multiple Vulnerabilities CVE-2013-6925 CVE-2013-6926 07 Oct 2013 8.3 (v2) High Pass Palo Alto Networks PAN-OS Firewall/Panorama Web UI Detection 17 Dec 2013 None Pass TightVNC Java Viewer Detection 09 Jan 2014 None Pass Dell KACE K1000 Web Detection 07 Feb 2014 None Pass CommonSpot Detection 17 Apr 2014 None Pass Advantech WebAccess < 7.2-2014.06.06 Multiple Vulnerabilities CVE-2014-2364 CVE-2014-2365 CVE-2014-2366 CVE-2014-2367 CVE-2014-2368 14 Apr 2014 7.5 (v2) High Pass Oracle OpenSSO Detection 28 Apr 2014 None Pass Blackboard Learn Detection 13 Jun 2014 None Pass HP OneView Detection 13 Jun 2014 None Pass Oracle Tra ffi c Director Administration Console Detection 31 Jul 2014 None Pass IBM Rational License Key Server Administration and Reporting Tool Detection 16 Sep 2014 None Pass Horde NLS.php Language Selection new_lang Parameter XSS CVE-2007-1473 16 Mar 2007 4.3 (v2) Medium Pass MS14-066: Vulnerability in Schannel Could Allow Remote Code Execution (2992611) (uncredentialed check) CVE-2014-6321 01 Dec 2014 8.8 (v3) High Pass Umbraco Detection 13 Aug 2012 None Pass IOServer XML Server URI Directory Traversal Arbitrary File Access CVE-2012-4680 19 Nov 2012 4.3 (v2) Medium Pass VMware vCenter Detect 27 Nov 2012 None Pass Jenkins Enterprise and Operations Center < 2.289.3.2 rev 2 Bad Permissions (CloudBees Security Advisory 2021-08-02) 11 Oct 2021 3.3 (v3) Low Pass Piwik Detection 28 Nov 2012 None Pass Jenkins Enterprise and Operations Center < 2.249.32.0.1 / 2.277.41.0.1 / 2.303.1.5 Bad Permissions (CloudBees Security Advisory 2021-08-25) 11 Oct 2021 2.4 (v3) Low Pass RWCards Component for Joomla! 'category_id' Parameter SQLi CVE-2007-1703 27 Mar 2007 5.6 (v3) Medium Pass MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220) (uncredentialed check) CVE-2013-0013 22 Jan 2013 5.8 (v2) Medium Pass HP LeftHand OS hydra Detection 14 Feb 2013 None Pass Atlassian Crowd Detection 03 Jul 2013 None Pass Virtualizor Detection 24 Jul 2013 None Pass Oracle TNS Listener Remote Poisoning CVE-2012-1675 26 Aug 2013 7.3 (v3) High Pass Meeting Room Booking System typematch Parameter SQL Injection CVE-2009-3533 18 Oct 2010 7.5 (v2) High Pass Mambo task Parameter XSS 05 Jul 2011 4.3 (v2) Medium 88

Pass OpenVAS Manager / Administrator Detection 02 Dec 2011 None Pass Apache OFBiz Detection 23 May 2012 None Pass TYPOlight < 2.2.5 Unspeci fi ed Vulnerability CVE-2007-1632 27 Mar 2007 7.5 (v2) High Pass Cisco UCS Director Log4j Remote Code Execution (cisco-sa-apache-log4j-qRuKNEbd) CVE-2021-44228 03 Jun 2022 10 (v3) Critical Pass XOOPS Articles Module print.php id Parameter SQL Injection CVE-2007-3311 27 Mar 2007 7.5 (v2) High Pass IBM Lotus Domino IMAP Server (nimap.exe) CRAM-MD5 Authentication Remote Over fl ow CVE-2007-1675 29 Mar 2007 10 (v2) Critical Pass PHP < 4.4.5 Multiple Vulnerabilities CVE-2006-4625 CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 CVE-2007-1286 CVE-2007-1376 CVE-2007-1378 CVE-2007-1379 CVE-2007-1380 CVE-2007-1700 CVE-2007-1701 CVE-2007-1 02 Apr 2007 7.5 (v2) High Pass Request Tracker Detection 04 Dec 2009 None Pass eclime login.php SQL Injection 16 Mar 2010 7.5 (v2) High Pass Ektron CMS400.NET Detection 30 Apr 2010 None Pass HAProxy Statistics Page Detection 29 Jun 2012 5 (v2) Medium Pass Ektron CMS400.net TransformXslt Web Service Directory Traversal 30 Apr 2010 4.3 (v2) Medium Pass Tenable PVS Proxy Detection 29 Apr 2010 None Pass Cacti Detection 04 May 2010 None Pass Pligg Detection 19 Jul 2010 None Pass MapServer Insecure MapServ CGI Command-line Debug Args CVE-2010-2540 27 Jul 2010 9.8 (v3) Critical Pass FuseTalk Detection 17 Aug 2010 None Pass Serv-U Version Detection 25 Aug 2010 None Pass PHP < 5.2.1 Multiple Vulnerabilities CVE-2006-6383 CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 CVE-2007-1376 CVE-2007-1380 CVE-2007-1383 CVE-2007-1452 CVE-2007-1453 CVE-2007-1454 CVE-2007-1700 CVE-2007-1 02 Apr 2007 7.5 (v2) High Pass Zenphoto Detection 20 Sep 2010 None Pass Mura CMS Detection 30 Sep 2010 None Pass Samba Web Administration Tool (SWAT) Detection 03 Mar 2000 None Pass Invision Power Board ibProArcade Module index.php cat Parameter SQL Injection CVE-2004-1536 22 Nov 2004 7.5 (v2) High Pass Invision Power Board sources/post.php qpid Parameter SQL Injection CVE-2004-1531 22 Nov 2004 7.5 (v2) High Pass Mambo Site Server Multiple Vulnerabilities CVE-2003-1204 07 Feb 2005 7.5 (v2) High Pass Sybase SQL sa Account Blank Password 21 Feb 2005 7.5 (v2) High Pass Mambo Detection 01 Apr 2005 None Pass Horde Turba Detection 26 Apr 2005 None Pass Claroline < 1.5.4 / 1.6.0 Multiple Vulnerabilities (RFI, SQLi, XSS, Traversal) CVE-2005-1374 CVE-2005-1375 CVE-2005-1376 CVE-2005-1377 29 Apr 2005 7.5 (v2) High Pass XOOPS WF-Section Module print.php articleid Parameter SQL Injection CVE-2007-1974 03 Apr 2007 7.5 (v2) High Pass MediaWiki Detection 20 Jul 2005 None Pass osCommerce Unprotected Admin Directory 21 Jul 2005 7.5 (v2) High Pass VERITAS NetBackup Volume Manager Detection 11 Nov 2005 None Pass Xaraya index.php module Parameter Traversal Arbitrary File/Directory Manipulation CVE-2005-3929 02 Jan 2006 5 (v2) Medium Pass Kerberos telnet Crafted Username Remote Authentication Bypass CVE-2007-0956 05 Apr 2007 8.8 (v3) High Pass Jenkins Enterprise and Operations Center < 2.277.43.0.3 / 2.319.1.5 Multiple Vulnerabilities (CloudBees Security Advisory 2021-12-01) CVE-2021-35517 CVE-2021-37714 16 Feb 2022 7.5 (v3) High Pass Apache Solr Unauthenticated Access Information Disclosure 16 Feb 2022 5.3 (v3) Medium Pass WebCalendar < 1.0.2 Multiple Vulnerabilities CVE-2005-3949 CVE-2005-3961 CVE-2005-3982 CVE-2005-3982 02 Dec 2005 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA11286) CVE-2022-22180 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11282) CVE-2022-22176 12 Jan 2022 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11275) CVE-2022-22168 12 Jan 2022 6.5 (v3) Medium Pass XOOPS Jobs Module index.php cid Parameter SQL Injection CVE-2007-2370 06 Apr 2007 7.5 (v2) High Pass WebSpeed Development Mode Check 26 Apr 2007 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA11271) CVE-2022-22163 12 Jan 2022 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11268) CVE-2022-22160 12 Jan 2022 6.5 (v3) Medium Pass XOOPS xoopsCon fi g Parameter Variable Overwrite Local File Inclusion CVE-2006-2516 23 May 2006 5.1 (v2) Medium Pass Juniper Junos OS Multiple Vulnerabilities (JSA11289) CVE-2021-22876 CVE-2021-22890 CVE-2021-22897 CVE-2021-22898 CVE-2021-22901 12 Jan 2022 8.1 (v3) High Pass Advanced Guestbook index.php lang Cookie Parameter Path Disclosure CVE-2007-0609 09 May 2007 5.1 (v2) Medium Pass WoltLab Burning Board Lite wbb_userid Parameter PHP Unset SQL Injection CVE-2006-6289 27 Nov 2006 6.8 (v2) Medium Pass HP LoadRunner Agent Service Detection 13 Feb 2007 None Pass Thyme event_view.php eid Parameter SQL Injection CVE-2007-2621 11 May 2007 7.5 (v2) High Pass YaNC Component for Joomla! 'listid' Parameter SQLi CVE-2007-2792 17 May 2007 7.3 (v3) High Pass XOOPS XFSection Module modify.php dir_module Parameter Remote File Inclusion CVE-2007-3222 14 Jun 2007 7.5 (v2) High Pass WebSpeed Workshop Arbitrary Command Execution 26 Apr 2007 8.8 (v3) High Pass Apache Solr 5.x <= 5.5.5 or 6.x <= 6.6.5 Deserialization Vulnerability (CVE-2019-0192) CVE-2019-0192 03 Jul 2019 9.8 (v3) Critical Pass Advantech WebAccess webvprcs IOCTL 10012 Stack Over fl ow CVE-2019-3953 04 Jul 2019 9.8 (v3) Critical Pass Atlassian JIRA Server Template Injection Vulnerability (CVE-2019-11581) CVE-2019-11581 13 Sep 2019 9.8 (v3) Critical Pass OS Identi fi cation : ICMP 09 Dec 2003 None Pass Atlassian JIRA Con fi gurePortalPages.jspa XSS CVE-2019-3402 13 Sep 2019 6.1 (v3) Medium Pass Tenable Nessus 8.x < 8.15.5 Thiird-Party Vulnerabilities (TNS-2022-12) CVE-2022-23852 CVE-2022-23990 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 27 May 2022 9.8 (v3) Critical Pass Atlassian Jira Webroot Directory Traversal Vulnerability CVE-2019-8442 25 Oct 2019 7.5 (v3) High Pass Tomcat Sample App hello.jsp 'test' Parameter XSS CVE-2007-1355 21 May 2007 5.3 (v3) Medium Pass Centennial IP Transfer Agent Detection 23 May 2007 None Pass Siemens SINEMA Remote Connect Server Multiple Vulnerabilities (SSA-884497) CVE-2019-13918 CVE-2019-13919 CVE-2019-13920 CVE-2019-13922 02 Dec 2019 9.8 (v3) Critical Pass Oracle WebLogic Server Java Object Deserialization RCE (CVE-2018-3245) CVE-2018-3245 03 May 2019 9.8 (v3) Critical Pass GForge CVSWeb CGI cvsweb.php PATH_INFO Parameter Arbitrary Command Execution CVE-2007-0246 26 May 2007 8.8 (v3) High Pass ShareFile Storage Zones Controller Installed (Windows) 02 Jun 2020 None Pass Rockwell Automation FactoryTalk Linx Path Traversal Information Disclosure CVE-2020-12003 08 Oct 2020 7.5 (v3) High Pass UebiMiau Multiple Input Validation Vulnerabilities CVE-2007-3170 CVE-2007-3171 CVE-2007-3172 30 May 2007 5 (v2) Medium Pass Microsoft Netlogon Elevation of Privilege (Zerologon) (Remote) CVE-2020-1472 18 Sep 2020 10 (v3) Critical Pass OpenWrt < 18.06.2 XSS (direct check) CVE-2018-19630 04 Dec 2020 6.1 (v3) Medium Pass Apache Unomi RCE (Direct Check) CVE-2020-13942 14 Jan 2021 9.8 (v3) Critical Pass ManageEngine OpManager Smart Update Manager RCE CVE-2020-28653 02 Apr 2021 9.8 (v3) Critical Pass Trend Micro Worry-Free Business Security Remote File Deletion (000281948) CVE-2020-28574 12 Apr 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11263) CVE-2022-22155 12 Jan 2022 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11267) CVE-2022-22159 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11279) CVE-2022-22173 12 Jan 2022 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.37 Multiple Vulnerabilities CVE-2020-13934 CVE-2020-13935 17 Jul 2020 7.5 (v3) High Pass PHP 7.2.x < 7.2.32 / 7.3.x < 7.3.20 / 7.4.x < 7.4.8 Information Disclosure CVE-2020-8169 17 Jul 2020 7.5 (v3) High Pass phpMyAdmin 4.x < 4.9.4 / 5.x < 5.0.1 SQLi (PMASA-2020-1) CVE-2020-5504 17 Jul 2020 8.8 (v3) High Pass Magento Unsupported Version Detection 17 Jul 2020 10 (v3) Critical Pass TYPO3 9.4 < 9.5.8 Insecure Deserialization (TYPO3-CORE-SA-2019-016) CVE-2019-10912 20 Jul 2020 7.1 (v3) High Pass Juniper Junos OS Vulnerability (JSA11270) CVE-2022-22162 12 Jan 2022 7.8 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11277) CVE-2022-22170 CVE-2022-22171 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11281) CVE-2022-22175 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11293) CVE-2021-3712 12 Jan 2022 7.4 (v3) High Pass Juniper Junos OS Vulnerability (JSA11280) CVE-2022-22174 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11284) CVE-2022-22178 12 Jan 2022 7.5 (v3) High Pass Atlassian JIRA < 7.13.18 / 8.x < 8.5.9 / 8.6.x < 8.12.2 Information Disclosure (JRASERVER-71696) CVE-2020-14185 22 Oct 2020 5.3 (v3) Medium Pass Oracle Oracle E-Business Suite (Oct 2020 CPU) CVE-2020-14746 CVE-2020-14761 CVE-2020-14774 CVE-2020-14805 CVE-2020-14808 CVE-2020-14811 CVE-2020-14816 CVE-2020-14817 CVE-2020-14819 CVE-2020-14822 CVE-2020-14823 CVE-2020-14826 CVE-2020-14831 CVE-2020-14833 CVE-2020-1 22 Oct 2020 9.8 (v3) Critical Pass PHP 7.4.x < 7.4.12 DoS 16 Nov 2020 5.9 (v3) Medium Pass PHP 7.3.x < 7.3.25 / 7.4.x < 7.4.13 Multiple Vulnerabilities 03 Dec 2020 5.6 (v3) Medium Pass Apache Struts 2.x < 2.3.1.1 Multiple Vulnerabilities CVE-2011-3923 CVE-2012-0392 20 Nov 2020 8.1 (v3) High Pass GitLab 8.15.x < 14.6.5 / 14.7.x < 14.7.4 / 14.8.x < 14.8.2 DoS CVE-2022-0489 14 Mar 2022 5.7 (v3) Medium Pass PHP < 5.2.3 Multiple Vulnerabilities CVE-2007-1887 CVE-2007-1900 CVE-2007-2756 CVE-2007-2872 CVE-2007-3007 02 Jun 2007 7.3 (v3) High Pass XOOPS Multiple Modules spaw_control.class.php spaw_root Parameter Remote File Inclusion CVE-2007-3057 CVE-2007-3220 CVE-2007-3221 CVE-2007-3237 CVE-2007-3289 02 Jun 2007 7.5 (v2) High Pass PNphpBB2 index.php c Parameter SQL Injection CVE-2007-3052 05 Jun 2007 7.5 (v2) High Pass SNMPc Management Server Detection 05 Jun 2007 None Pass BASE Authentication Redirect Authentication Bypass CVE-2007-5578 07 Jun 2007 7.5 (v2) High Pass PBLang login.php lang Parameter Local File Inclusion CVE-2007-3096 07 Jun 2007 6.8 (v2) Medium Pass JFFNMS auth.php Multiple Parameter SQL Injection CVE-2007-3190 12 Jun 2007 9.4 (v2) High Pass Firebird DataBase Server fbserver.exe p_cnct_count Value Remote Over fl ow CVE-2007-3181 13 Jun 2007 10 (v2) Critical Pass Apache Tomcat snoop.jsp URI XSS CVE-2007-2449 18 Jun 2007 5.3 (v3) Medium Pass Apache MyFaces Tomahawk JSF Application autoscroll Multiple XSS CVE-2007-3101 19 Jun 2007 4.3 (v2) Medium Pass FuseTalk index.cfm txForumID Parameter SQL Injection CVE-2007-3273 20 Jun 2007 7.5 (v2) High Pass FuseTalk Multiple Script XSS CVE-2007-3339 21 Jun 2007 4.3 (v2) Medium Pass Calendarix calendar.php Multiple Parameter SQL Injection CVE-2007-3183 26 Jun 2007 6.8 (v2) Medium Pass Ingres Communications Server Detection 26 Jun 2007 None Pass Maia Mailguard login.php lang Parameter Local File Inclusion CVE-2007-3619 06 Jul 2007 5 (v2) Medium Pass MDaemon Server DomainPOP Malformed Message DoS CVE-2007-3622 10 Jul 2007 2.6 (v2) Low Pass MS07-039: Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122) (uncredentialed check) CVE-2007-0040 CVE-2007-3028 11 Jul 2007 10 (v2) Critical Pass paFileDB includes/search.php categories Parameter SQL Injection CVE-2007-3808 16 Jul 2007 7.5 (v2) High 89

Pass MailMarshal Spam Quarantine Interface Arbitrary Account Password Retrieval CVE-2007-3796 18 Jul 2007 7.6 (v2) High Pass Expose for Joomla! File Upload RCE CVE-2007-3932 19 Jul 2007 9.8 (v3) Critical Pass LinPHA include/img_view.class.php order parameter SQL Injection CVE-2007-4053 30 Jul 2007 7.5 (v2) High Pass UltraVNC w/ DSM Plugin Detection (2) 31 Jul 2007 None Pass Ipswitch IMail Server < 2006.21 Multiple Vulnerabilities CVE-2007-2795 CVE-2007-3925 CVE-2007-3926 CVE-2007-3927 19 Jul 2007 10 (v2) Critical Pass CVS (Web-Based) Directory Spider 24 Jul 2007 5 (v2) Medium Pass Ipswitch Instant Messaging Client Detection 25 Jul 2007 None Pass Ipswitch Instant Messaging Server Detection 25 Jul 2007 None Pass PHP-Blogger pref.db Database Information Disclosure CVE-2007-4157 31 Jul 2007 5 (v2) Medium Pass Joomla! com_content Component 'order' Parameter XSS CVE-2007-4189 01 Aug 2007 4.7 (v3) Medium Pass GMaps Component for Joomla! 'mapId' Parameter SQLi CVE-2007-4128 01 Aug 2007 7.3 (v3) High Pass Altiris Deployment Server Detection 15 Aug 2007 None Pass Help Center Live class/auth.php check_logout Function Admin Authentication Bypass CVE-2007-4240 16 Aug 2007 7.5 (v2) High Pass EZPhotoSales Multiple Con fi guration Files Remote Information Disclosure CVE-2007-4261 16 Aug 2007 7.5 (v2) High Pass IBM DB2 < 9 Fix Pack 3 / 8 Fix Pack 15 Multiple Vulnerabilities CVE-2007-2582 CVE-2007-4270 CVE-2007-4271 CVE-2007-4272 CVE-2007-4273 CVE-2007-4275 CVE-2007-4276 CVE-2007-4417 CVE-2007-4418 CVE-2007-4423 20 Aug 2007 9.8 (v3) Critical Pass Microsoft OMI Service Detection 20 Sep 2021 None Pass SimpleFAQ Component for Joomla! 'aid' Parameter SQLi CVE-2007-4456 24 Aug 2007 7.3 (v3) High Pass Cache' SuperServer Detection 27 Aug 2007 None Pass PHP < 5.2.4 Multiple Vulnerabilities CVE-2007-1413 CVE-2007-2872 CVE-2007-3294 CVE-2007-3378 CVE-2007-3790 CVE-2007-3799 CVE-2007-3806 CVE-2007-4010 CVE-2007-4033 CVE-2007-4255 CVE-2007-4507 CVE-2007-4652 CVE-2007-4658 CVE-2007-4659 CVE-2007-4660 CVE-2007-4 03 Sep 2007 6.8 (v2) Medium Pass VHCS PHPSESSID Cookie Session Fixation CVE-2007-3988 05 Sep 2007 6.8 (v2) Medium Pass Joomla! CMS com_search Component 'searchword' Parameter RCE CVE-2007-4187 05 Sep 2007 9.8 (v3) Critical Pass MDPro index.php topicid Parameter SQL Injection CVE-2007-3938 05 Sep 2007 7.5 (v2) High Pass Apache Tomcat SendMailServlet sendmail.jsp 'mailfrom' Parameter XSS CVE-2007-3383 06 Sep 2007 5.3 (v3) Medium Pass QuickEStore insertorder.cfm CFTOKEN Parameter SQL Injection CVE-2007-3933 07 Sep 2007 7.5 (v2) High Pass Claroline inc/lib/language.lib.php language Parameter Traversal Local File Inclusion CVE-2007-4718 10 Sep 2007 5.1 (v2) Medium Pass AWStats is Openly Accessible 14 Sep 2007 None Pass lighttpd Status Module Remote Information Disclosure 17 Sep 2007 5.3 (v3) Medium Pass Mambo / Joomla! Multiple Components 'mosCon fi g_live_site' Parameter Remote File Include CVE-2007-4923 CVE-2007-5309 CVE-2007-5363 CVE-2007-5410 CVE-2007-5451 17 Sep 2007 8.1 (v3) High Pass Shop-Script admin.php Admin Panel Security Bypass CVE-2007-4932 19 Sep 2007 7.5 (v2) High Pass IceWarp Merak Mail Server < 9.0.0 BODY Element XSS CVE-2007-5046 24 Sep 2007 4.3 (v2) Medium Pass ADOdb Lite adodb-perf-module.inc.php last_module Parameter Arbitrary Code Execution CVE-2007-5056 24 Sep 2007 6.8 (v2) Medium Pass Oracle Listener Program Logging Privilege Escalation (1361722) CVE-2000-0818 27 Sep 2007 7.5 (v2) High Pass Original inc/exif.inc.php exif_prog Parameter Arbitrary Command Execution CVE-2007-5224 03 Oct 2007 6.8 (v2) Medium Pass Cart32 c32web.exe ImageName Traversal Arbitrary File Access CVE-2007-5253 05 Oct 2007 5 (v2) Medium Pass GForge account/verify.php con fi rm_hash Parameter XSS CVE-2007-3918 CVE-2009-4069 08 Oct 2007 4.3 (v2) Medium Pass TikiWiki tiki-graph_formula.php f Parameter Arbitrary Command Execution CVE-2007-5423 11 Oct 2007 8.8 (v3) High Pass Simple Machines Forum Search.php SQL Injection CVE-2007-5646 28 Oct 2007 6.8 (v2) Medium Pass Module Builder DownloadModule Traversal Arbitrary File Disclosure CVE-2007-5812 31 Oct 2007 5 (v2) Medium Pass GuppY inc/includes.inc selskin Parameter Traversal Local File Inclusion CVE-2007-5844 05 Nov 2007 7.5 (v2) High Pass IBM WebSphere Application Server navigateTree.do Multiple Vulnerabilities CVE-2007-5798 CVE-2007-5799 07 Nov 2007 4.3 (v2) Medium Pass PHP < 5.2.5 Multiple Vulnerabilities CVE-2007-3996 CVE-2007-4782 CVE-2007-4783 CVE-2007-4784 CVE-2007-4825 CVE-2007-4840 CVE-2007-4887 CVE-2007-4889 CVE-2007-5447 CVE-2007-5653 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900 CVE-2008-2107 CVE-2008-2108 CVE-2008-4 12 Nov 2007 4.4 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11149) CVE-2021-0258 15 Apr 2021 5.9 (v3) Medium Pass Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration Without Credentials CVE-2000-1200 15 Sep 2011 5 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11159) CVE-2021-0268 15 Apr 2021 9.3 (v3) Critical Pass IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.7 XXE (CVE-2021-20453) CVE-2021-20453 20 Apr 2021 8.2 (v3) High Pass Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability (cisco-sa-sxp-68TEVzR) CVE-2020-3228 19 Jun 2020 8.6 (v3) High Pass Cisco IOS XE Software Cluster Management Protocol DoS Vulnerability (cisco-sa-20180926-cmp) CVE-2018-0475 05 Oct 2018 7.4 (v3) High Pass Directory Traversal 09 Jan 2019 9.1 (v3) Critical Pass Cisco Smart Install Detection 12 Dec 2017 None Pass GoAhead Server CGI Remote Code Execution CVE-2017-17562 20 Dec 2017 8.1 (v3) High Pass MS08-039: Outlook Web Access for Exchange Server Privilege Escalation (Uncredentialed) CVE-2008-2247 CVE-2008-2248 03 Apr 2018 4.7 (v3) Medium Pass Microsoft Exchange Server Detection (Uncredentialed) 03 Apr 2018 None Pass Alt-N MDaemon Remote Administration Detection 02 Jun 2017 None Pass Redis Server Detection 06 Jun 2017 None Pass Siemens SCALANCE X-200 Web Session Hijacking CVE-2013-5709 21 Oct 2013 8.3 (v2) High Pass IBM DB2 < 9 Fix Pack 4 Multiple Vulnerabilities CVE-2007-3676 CVE-2007-5652 CVE-2007-5757 CVE-2007-6045 CVE-2007-6046 CVE-2007-6047 CVE-2007-6048 CVE-2007-6049 CVE-2007-6050 CVE-2007-6051 CVE-2007-6052 CVE-2007-6053 CVE-2008-0698 16 Nov 2007 9.8 (v3) Critical Pass Ability Mail Server < 2.61 Multiple Remote DoS CVE-2007-6101 21 Nov 2007 4 (v2) Medium Pass GWExtranet gwextranet/scp.dll Multiple Parameter Traversal Local File Inclusion 26 Nov 2007 5 (v2) Medium Pass Ruby on Rails Multiple Method Session Fixation CVE-2007-5380 CVE-2007-6077 28 Nov 2007 6.8 (v2) Medium Pass ht://dig htsearch sort Parameter XSS CVE-2007-6110 28 Nov 2007 4.3 (v2) Medium Pass Plumtree Portal User Object User Enumeration CVE-2007-6198 04 Dec 2007 5 (v2) Medium Pass Mort Bay Jetty Dump Servlet (webapps/test/jsp/dump.jsp) XSS CVE-2007-5613 05 Dec 2007 4.3 (v2) Medium Pass NetScaler Web Management Interface Cookie Credentials Encryption Weakness CVE-2007-6192 06 Dec 2007 4.3 (v2) Medium Pass NetScaler Web Management Interface IP Address Cookie Information Disclosure CVE-2007-6193 06 Dec 2007 5 (v2) Medium Pass Anon Proxy Server Software Detection 17 Dec 2007 None Pass Centreon ' fi leOreonConf' Parameter File Include Vulnerabilities CVE-2007-6485 17 Dec 2007 7.5 (v2) High Pass Perforce Server Detection 23 Dec 2007 None Pass Tikiwiki tiki-listmovies.php movie Parameter Traversal Arbitrary File Access CVE-2007-6528 26 Dec 2007 5 (v2) Medium Pass ShareFile < 5.11.20 RCE (CVE-2021-22941) CVE-2021-22941 11 Jan 2022 9.8 (v3) Critical Pass Apple iTunes < 11.1 Multiple Vulnerabilities (uncredentialed check) CVE-2013-1035 20 Sep 2013 9.3 (v2) High Pass Vanilla Forum p Parameter Local File Inclusion 23 May 2011 6.8 (v2) Medium Pass PMOS Help Desk form.php Arbitrary Code Execution CVE-2007-6550 26 Dec 2007 8.8 (v3) High Pass Zenphoto rss.php albumnr Parameter SQL Injection CVE-2007-6666 03 Jan 2008 7.5 (v2) High Pass PHP < 4.4.8 Multiple Vulnerabilities CVE-2007-3378 CVE-2007-3799 CVE-2007-3997 CVE-2007-4657 CVE-2007-4658 CVE-2008-0145 CVE-2008-2108 03 Jan 2008 7.5 (v2) High Pass Atlassian JIRA 500page.jsp XSS CVE-2007-6617 CVE-2007-6618 CVE-2007-6619 03 Jan 2008 4.3 (v2) Medium Pass Bitweaver wiki/edit.php suck_url Parameter Traversal Source Code Disclosure CVE-2007-6651 07 Jan 2008 5 (v2) Medium Pass Newbb_plus Module for RunCMS Client-Ip Header SQL Injection CVE-2008-0224 07 Jan 2008 6.8 (v2) Medium Pass Loudblog loudblog/inc/parse_old.php template Parameter Arbitrary Remote Code Execution CVE-2008-0139 07 Jan 2008 6.8 (v2) Medium Pass XoopsGallery init_basic.php GALLERY_BASEDIR Parameter Remote File Inclusion CVE-2008-0138 08 Jan 2008 7.5 (v2) High Pass IceWarp Mail Server admin/index.html message Parameter XSS CVE-2008-0218 09 Jan 2008 4.3 (v2) Medium Pass PineApp Mail-SeCure Detection 01 Aug 2013 None Pass PortalApp forums.asp sortby Parameter SQL Injection CVE-2008-4613 09 Jan 2008 7.5 (v2) High Pass HTTP Host Information via NTLM SSP over HTTP(S) 04 Oct 2019 None Pass SAP DB / MaxDB Cons Program Arbitrary Command Execution CVE-2008-0244 11 Jan 2008 8.8 (v3) High Pass IBM Lotus Domino < 7.0.2 FP3 Unspeci fi ed DoS CVE-2008-0243 11 Jan 2008 7.8 (v2) High Pass Apache APISIX Dashboard Detection 28 Apr 2022 None Pass Apache APISIX Dashboard < 2.10.1 Authentication Bypass (Direct Check) CVE-2021-45232 28 Apr 2022 9.8 (v3) Critical Pass Sun Java System Identity Manager Multiple XSS CVE-2008-0239 CVE-2008-0240 CVE-2008-0241 11 Jan 2008 4.3 (v2) Medium Pass Huawei Versatile Security / Storage Platform Version Detection 02 Dec 2014 None Pass Cisco Uni fi ed Communications Manager (CUCM) Detection 29 Dec 2014 None Pass Cisco Uni fi ed Communications Products XSRF (cisco-sa-ucm-csrf-jrKP4eNT) CVE-2022-20787 28 Apr 2022 6.8 (v3) Medium Pass eggBlog index.php eggblogpassword Parameter Cookie SQL Injection CVE-2008-0159 12 Jan 2008 6.8 (v2) Medium Pass netOctopus Agent Detection (TCP) 14 Jan 2008 None Pass X7 Chat index.php day Parameter SQL Injection CVE-2008-0278 15 Jan 2008 7.5 (v2) High Pass Pixelpost index.php parent_id Parameter SQL Injection CVE-2008-0358 17 Jan 2008 6.8 (v2) Medium Pass MyBB forumdisplay.php 'sortby' Parameter Arbitrary PHP Code Execution CVE-2008-0382 17 Jan 2008 7.5 (v2) High Pass PHP 7.3.x < 7.3.3 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.16 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.27 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass MikroTik RouterOS Unauthenticated Intermediary CVE-2019-3924 08 Apr 2019 7.5 (v3) High Pass Apache Tomcat 7.0.0 < 7.0.94 Remote Code Execution Vulnerability (Windows) CVE-2019-0221 CVE-2019-0232 16 Apr 2019 8.1 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.19 Remote Code Execution Vulnerability (Windows) CVE-2019-0221 CVE-2019-0232 15 Apr 2019 8.1 (v3) High Pass Apache 2.4.x < 2.4.46 Multiple Vulnerabilities CVE-2020-9490 CVE-2020-11984 CVE-2020-11993 13 Aug 2020 9.8 (v3) Critical Pass Jenkins < 2.235.4 LTS / 2.252 Multiple Cross-Site Scripting (XSS) Vulnerabilities CVE-2020-2229 CVE-2020-2230 CVE-2020-2231 20 Aug 2020 5.4 (v3) Medium Pass CodeMeter Runtime Detection 06 May 2021 None Pass SSH Password Authentication Accepted 07 May 2021 None Pass Juniper Junos OS Vulnerability (JSA11163) CVE-2021-0272 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11153) CVE-2021-0262 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11154) CVE-2021-0263 15 Apr 2021 5.9 (v3) Medium Pass Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.7.1 Stored XSS (JRASERVER-70814) CVE-2020-14173 25 Aug 2020 5.4 (v3) Medium Pass McAfee Email Gateway Detection 11 Jul 2016 None Pass OrientDB Detection 08 Oct 2015 None 90

Pass FreeSWITCH Detection 11 Feb 2016 None Pass Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.6.1 Jira Gadget API DoS (JRASERVER-70808) CVE-2019-20899 25 Aug 2020 5.3 (v3) Medium Pass Atlassian Jira < 7.13.12, 8.x < 8.5.4, 8.6.x < 8.6.1 Broken Access Control (JRASERVER-70543) CVE-2019-20106 25 Aug 2020 4.3 (v3) Medium Pass TYPO3 8.x < 8.7.27 / 9.x < 9.5.8 Multiple Vulnerabilities CVE-2019-12747 20 Jul 2020 9.8 (v3) Critical Pass TYPO3 9.3 < 9.5.8 Broken Access Control (TYPO3-CORE-SA-2019-017) 20 Jul 2020 8.5 (v3) High Noise OS Identi fi cation 09 Dec 2003 None Pass Cisco HyperFlex HX Command Injection Vulnerabilities (cisco-sa-hyper fl ex-rce-TjjNrkpR) CVE-2021-1497 CVE-2021-1498 13 May 2021 9.8 (v3) Critical Pass uC/TCP-IP Stack - HTTP Detection 14 May 2021 None Pass Microsoft Windows 10 Version 1507 Unsupported Version Detection 09 May 2017 10 (v3) Critical Pass Juniper Junos DoS (JSA11148) CVE-2021-0257 10 May 2021 6.5 (v3) Medium Pass Juniper Junos OS DoS (JSA11137) CVE-2021-0244 11 May 2021 7.4 (v3) High Pass TYPO3 8.3 < 8.7.27 / 9.x < 9.5.8 XSS (TYPO3-CORE-SA-2019-015) CVE-2019-12748 21 Jul 2020 6.1 (v3) Medium Pass NetX TCP/IP Stack - HTTP Detection 17 May 2021 None Pass OPC UA opc.tcp Detection 17 May 2021 None Pass iLO 4 < 2.53 Remote Code Execution Vulnerability CVE-2017-12542 11 Feb 2019 10 (v3) Critical Pass Cisco Content Security Management Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-gY2AEz2H) CVE-2021-1516 21 May 2021 6.5 (v3) Medium Pass Juniper Junos Unsupported Version Detection 22 Aug 2011 10 (v3) Critical Pass iLO 3 < 1.88 / iLO 4 < 2.44 XSS Vulnerability CVE-2016-4406 14 Feb 2019 6.1 (v3) Medium Pass Adobe Experience Manager 6.2.x <= 6.2 SP1-CFP20 / 6.3.x <= 6.3.3.8 / 6.4.x < 6.4.8.2 / 6.5.x < 6.5.6.0 (APSB20-56) CVE-2020-9733 CVE-2020-9735 CVE-2020-9736 CVE-2020-9737 CVE-2020-9738 CVE-2020-9740 CVE-2020-9742 CVE-2020-9743 11 Sep 2020 7.5 (v3) High Pass Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.7.1 Avatar Upload DoS (JRASERVER-70813) CVE-2019-20897 25 Aug 2020 6.5 (v3) Medium Pass iLO 2 < 2.27 / iLO 3 < 1.82 / iLO 4 < 2.10 Denial of Service Vulnerability CVE-2015-2106 14 Feb 2019 5.3 (v3) Medium Pass Cisco ACI Multi-Site Orchestrator (MSO) Detection 26 May 2021 None Pass Apple TV Version Detection 27 Sep 2016 None Pass Cisco IOS Software Privilege Escalation (cisco-sa-XE-FSM-Yj8qJbJc) CVE-2021-1391 29 Mar 2021 6.7 (v3) Medium Pass Source fi re Defense Center Multiple Security Vulnerabilities 22 Aug 2013 7.5 (v2) High Pass Juniper Junos BGP Update DoS (JSA11033) CVE-2020-1646 17 Jul 2020 7.5 (v3) High Pass OpenSSL 1.1.1 < 1.1.1i Null Pointer Dereference Vulnerability CVE-2020-1971 10 Dec 2020 5.9 (v3) Medium Pass F5 Networks BIG-IQ Con fi guration Utility Privilege Escalation CVE-2014-3220 09 May 2014 9 (v2) High Pass Juniper Junos OS Vulnerability (JSA11139) CVE-2021-0246 15 Apr 2021 7.3 (v3) High Pass Cisco TelePresence ISDN Gateway Detection 28 Jan 2014 None Pass EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 SP1 P1 Stored Cross-site Scripting CVE-2021-29252 28 May 2021 5.4 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2y Multiple Vulnerabilities CVE-2021-23839 CVE-2021-23840 CVE-2021-23841 19 Feb 2021 3.7 (v3) Low Pass BACnet Protocol Detection 16 Apr 2014 None Pass Oracle Reports Servlet Detection 14 Mar 2014 None Pass CODESYS PLC Runtime Service Detection 02 Nov 2012 None Pass Junos Space Security Director Detection 24 Mar 2021 None Pass HP Printer PJL Interface Detection 01 Mar 2012 None Pass Tenable Nessus < 8.11.1 Session Expiration (TNS-2020-06) CVE-2020-5774 27 Aug 2020 7.1 (v3) High Pass IBM Spectrum Protect 8.1.x < 8.1.10.100 Information Disclosure CVE-2020-4591 03 Sep 2020 3.3 (v3) Low Pass IBM Spectrum Protect 7.1.x <= 7.1.10.000 / 8.1.x <= 8.1.10.000 DoS CVE-2020-4559 03 Sep 2020 7.5 (v3) High Pass Atlassian Con fl uence Command Injection (CVE-2022-26134) CVE-2022-26134 03 Jun 2022 10 (v3) Critical Pass Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.10.2 / 8.11.x < 8.11.1 DoS (JRASERVER-71388) CVE-2020-14177 24 Sep 2020 6.5 (v3) Medium Pass Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.12.0 User Enumeration (JRASERVER-71560) CVE-2020-14181 24 Sep 2020 5.3 (v3) Medium Pass SonicWall SonicOS Bu ff er Over fl ow (SNWLID-2021-0006) CVE-2021-20019 24 Jun 2021 7.5 (v3) High Pass Cisco IOS XE Software NAT SIP Application Layer Gateway DoS Vulnerability (cisco-sa-20180926-sip-alg) CVE-2018-0476 05 Oct 2018 5.9 (v3) Medium Pass Cisco IOS XE Software CDP Memory Leak DoS Vulnerability (cisco-sa-20180926-cdp-memleak) CVE-2018-0471 05 Oct 2018 7.4 (v3) High Pass Juniper Junos OS Vulnerability (JSA11162) CVE-2021-0271 15 Apr 2021 6.5 (v3) Medium Pass Cisco IOS XE Software Multiple Vulnerabilities in ntpd (cisco-sa-20150408-ntpd) CVE-2015-1798 CVE-2015-1799 10 Apr 2018 5.4 (v3) Medium Pass Cisco IOS XE Software DNS Forwarder Denial of Service Vulnerability (cisco-sa-20160928-dns) CVE-2016-6380 10 Apr 2018 8.1 (v3) High Pass ArubaOS-Switch DoS (ARUBA-PSA-2021-002) CVE-2021-25141 15 Jun 2021 4.4 (v3) Medium Pass Untangle NG Firewall Captive Portal RCE 15 Jul 2016 10 (v2) Critical Pass Wind River VxWorks RTOS Detection 09 Jul 2021 None Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (Jul 2020 CPU) CVE-2020-1945 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10650 CVE-2020-10672 CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11619 CVE-2020-11620 CVE-2020-14617 15 Jul 2020 9.8 (v3) Critical Pass OpenTSDB HTTP Detection 09 Jul 2021 None Pass Unix Operating System Unsupported Version Detection 08 Aug 2008 10 (v3) Critical Pass ManageEngine ServiceDesk Plus < 11.2 Build 11205 RCE CVE-2021-20081 02 Jul 2021 7.2 (v3) High Pass Kaseya Virtual System Administrator (VSA) Detection 05 Jul 2021 None Pass PHP 7.2 < 7.2.34 / 7.3.x < 7.3.23 / 7.4.x < 7.4.11 Mulitiple Vulnerabilities CVE-2020-7069 CVE-2020-7070 09 Oct 2020 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11179) 14 Jul 2021 7.5 (v3) High Pass Cisco Integrated Management Controller Command Injection (cisco-sa-CIMC-CIV-pKDBe9x5) CVE-2020-3371 09 Jul 2021 8.8 (v3) High Pass Apache Storm Version Detection 28 Feb 2019 None Pass Apache Tomcat 10.0.0.M1 < 10.0.7 vulnerability CVE-2021-33037 12 Jul 2021 5.3 (v3) Medium Pass EgoSecure EndPoint Service Installed 03 Mar 2015 None Pass Remote web server screenshot 29 Mar 2013 None Pass IBM MQ Console Detection 21 May 2020 None Pass CA InoWeb Detection 11 May 2005 None Pass MySQL Default Account Credentials CVE-2012-3951 CVE-2014-3413 28 Aug 2012 9.8 (v3) Critical Pass SQL Server Version Detection 04 Mar 2019 None Pass Tenable.sc < 5.19.0 Multiple Vulnerabilities (TNS-2021-14) (deprecated) CVE-2016-10735 CVE-2017-5661 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 CVE-2019-11044 CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-110 22 Jul 2021 7.3 (v3) High Pass Oracle Primavera Uni fi er (Jul 2021 CPU) CVE-2020-5258 CVE-2020-25649 CVE-2020-36189 CVE-2021-27807 CVE-2021-27906 CVE-2021-31811 22 Jul 2021 8.1 (v3) High Pass RuggedCom RuggedOS (ROS) Web-Based Admin Interface Detection 15 Jun 2012 None Pass Python Remote HTTP Detection 21 Feb 2019 None Pass HPE Systems Insight Manager RCE (CVE-2020-7200) CVE-2020-7200 22 Mar 2021 9.8 (v3) Critical Pass ManageEngine Password Manager Pro Detection 23 Jan 2015 None Pass Oracle Primavera Gateway (Apr 2020 CPU) CVE-2019-10086 CVE-2019-12402 CVE-2019-16942 CVE-2019-16943 CVE-2019-17195 CVE-2019-17531 15 Apr 2020 9.8 (v3) Critical Pass Jenkins < 2.263.3 LTS / 2.276 TOCTOU CVE-2021-21615 28 Jan 2021 5.3 (v3) Medium Pass CODESYS V2 Web Server Detection 27 Jul 2021 None Pass Juniper Junos OS Vulnerability (JSA11135) CVE-2021-0242 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos LLDP Packet DoS JSA11027 CVE-2020-1641 17 Jul 2020 6.5 (v3) Medium Pass Cisco IoT Field Network Director DoS (cisco-sa-iot-coap-dos-WTBu6YTq) CVE-2020-3162 28 Jul 2021 7.5 (v3) High Pass HP O ffi ceJet Printers RCE (HPSBPI03569) CVE-2017-2750 28 Nov 2017 9.8 (v3) Critical Pass TYPO3 8.x < 8.7.25 / 9.x < 9.5.6 Multiple Vulnerabilities CVE-2019-11832 21 Jul 2020 7.5 (v3) High Pass Apache Tomcat 4.x < 4.1.3 Denial of Service CVE-2002-0935 01 Oct 2010 5.3 (v3) Medium Pass Apache Tomcat 6.x < 6.0.30 / 7.x < 7.0.5 Multiple XSS CVE-2010-4172 14 Jan 2011 5.3 (v3) Medium Pass Apache Tomcat 5.5.x < 5.5.32 HTML Manager Interface XSS CVE-2011-0013 11 Feb 2011 5.3 (v3) Medium Pass Apache Tomcat 7.x < 7.0.11 @ServletSecurity Annotation Security Bypass CVE-2011-1088 CVE-2011-1419 11 Mar 2011 6.5 (v3) Medium Pass Junos Version Detection 22 Aug 2011 None Pass Oracle Database Multiple Vulnerabilities (April 2006 CPU) CVE-2006-1705 CVE-2006-1866 CVE-2006-1867 CVE-2006-1868 CVE-2006-1869 CVE-2006-1870 CVE-2006-1871 CVE-2006-1872 CVE-2006-1873 CVE-2006-1874 CVE-2006-1875 CVE-2006-1876 CVE-2006-1877 16 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (October 2009 CPU) CVE-2009-1007 CVE-2009-1018 CVE-2009-1964 CVE-2009-1965 CVE-2009-1971 CVE-2009-1972 CVE-2009-1979 CVE-2009-1985 CVE-2009-1991 CVE-2009-1992 CVE-2009-1993 CVE-2009-1994 CVE-2009-1995 CVE-2009-1997 CVE-2009-2000 CVE-2009-2 16 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (October 2011 CPU) CVE-2011-2301 CVE-2011-2322 CVE-2011-3511 CVE-2011-3512 CVE-2011-3525 26 Oct 2011 8.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2012 CPU) CVE-2012-0072 CVE-2012-0082 18 Jan 2012 5.5 (v2) Medium Pass OpenBase Detection 21 Nov 2007 None Pass Harbor Web Interface Detection 17 Oct 2019 None Pass WordPress Detection 18 May 2005 None Pass Citrix CloudPlatform Unauthorized Access Vulnerability (CTX140989) CVE-2013-6398 01 Dec 2014 2.8 (v2) Low Pass Oracle Database Multiple Vulnerabilities (October 2012 CPU) CVE-2012-1751 CVE-2012-3132 CVE-2012-3137 CVE-2012-3146 CVE-2012-3151 23 Oct 2012 6.5 (v2) Medium Pass Citrix CloudPlatform Default Credentials 01 Dec 2014 7.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2013 CPU) CVE-2012-3219 CVE-2012-3220 CVE-2012-5062 CVE-2013-0352 CVE-2013-0353 CVE-2013-0354 CVE-2013-0355 CVE-2013-0358 CVE-2013-0372 CVE-2013-0373 CVE-2013-0374 18 Jan 2013 9 (v2) High Pass Citrix CloudPlatform Detection 01 Dec 2014 None Pass Apache Tomcat 6.0.x < 6.0.37 Multiple Vulnerabilities CVE-2012-3544 CVE-2013-2067 15 May 2013 5.6 (v3) Medium Pass WANem Detection 29 Oct 2012 None Pass Novell Sentinel Log Manager Authentication Bypass CVE-2012-6534 19 Nov 2012 4.3 (v2) Medium Pass Apple TV < 12 Multiple Vulnerabilities CVE-2016-1777 CVE-2018-4305 CVE-2018-4313 CVE-2018-4363 CVE-2018-5383 18 Sep 2018 5.5 (v3) Medium Pass NetIQ Privileged User Manager Detection 21 Nov 2012 None Pass EMC Data Protection Advisor Web UI Detection 20 Feb 2013 None Pass Oracle Database Multiple Vulnerabilities (July 2014 CPU) CVE-2013-3751 CVE-2013-3774 CVE-2014-4236 CVE-2014-4237 CVE-2014-4245 16 Jul 2014 9 (v2) High Pass Oracle Application Express (Apex) Version Detection 20 Feb 2013 None Pass Oracle Application Express (Apex) CVE-2010-0892 CVE-2010-0892 20 Feb 2013 4.3 (v2) Medium Pass Crafted IP Option Vulnerability (cisco-sa-20070124-crafted-ip-option) CVE-2007-0480 14 Dec 2013 10 (v2) Critical Pass Cisco IOS XR Version 14 Dec 2013 None Pass OpenSMTPD TLS Blocking Socket Remote DoS CVE-2013-2125 24 May 2013 5 (v2) Medium Pass Information Leakage Using IPv6 Routing Header in Cisco IOS XR (cisco-sa-20070808-IOS-IPv6-leak) CVE-2007-4285 14 Dec 2013 9 (v2) High 91

Pass Cisco IOS XR Software Memory Exhaustion Vulnerability (cisco-sa-20131002-iosxr) CVE-2013-5503 14 Dec 2013 7.8 (v2) High Pass McAfee Vulnerability Manager Detect 29 Mar 2013 None Pass Elasticsearch Detection (deprecated) 03 Dec 2018 None None Pass Logstash JSON API Detection (deprecated) 03 Dec 2018 None None Pass Ansible AWX WebUI Detection 04 Feb 2019 None Pass Cisco IOS XR ICMPv6 Redirect Denial of Service CVE-2014-2144 09 Apr 2014 6.1 (v2) Medium Pass Alt-N MDaemon Detection 28 May 2013 None Pass Junos OS: Multiple vulnerabilities in libxml2 (JSA10902) CVE-2019-0003 15 Feb 2019 5.9 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (April 2014 CPU) CVE-2014-2406 CVE-2014-2408 16 Apr 2014 8.5 (v2) High Pass Microsoft SQL Server Unsupported Version Detection (remote check) 29 Apr 2014 10 (v3) Critical Pass Apache Struts 2 CookieInterceptor Unspeci fi ed Security Bypass (S2-022) CVE-2014-0116 09 May 2014 6.5 (v3) Medium Pass Cisco IOS XR OSPFv3 DoS (CSCuj82176) CVE-2013-5565 28 Jul 2014 4.3 (v2) Medium Pass Cisco IOS XR DHCPv6 Multiple DoS Vulnerabilities CVE-2014-3270 CVE-2014-3271 01 Aug 2014 5 (v2) Medium Pass Cisco IOS XR DHCPv6 DoS CVE-2014-3343 26 Nov 2014 4.3 (v2) Medium Pass Cisco IOS XR Malformed RSVP Packet DoS CVE-2014-3376 28 Nov 2014 5 (v2) Medium Pass Tenable SecurityCenter Multiple DoS (TNS-2014-11) CVE-2014-3513 CVE-2014-3567 30 Dec 2014 7.5 (v3) High Pass Apache Struts 2 Multiple Vulnerabilities (S2-023) (S2-025) CVE-2014-7809 CVE-2015-5169 10 Dec 2014 7.3 (v3) High Pass Cisco IOS XR Multiple ntpd Vulnerabilities CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 18 Mar 2015 7.5 (v2) High Pass Apache Tomcat 6.0.x < 6.0.42 Handling Request Smuggling DoS CVE-2014-0227 01 Mar 2015 4.8 (v3) Medium Pass Apache Struts 2.3.20 Incorrect Default Exclude Pattern (S2-024) CVE-2015-1831 15 May 2015 7.3 (v3) High Pass Cisco IOS XR NCS 6000 Multiple ntpd Vulnerabilities CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 18 Mar 2015 7.5 (v2) High Pass Cisco IOS XR DHCPv4 Message Saturation DoS CVE-2015-0672 31 Mar 2015 5 (v2) Medium Pass Cisco IOS Software TCP Memory Leak DoS (cisco-sa-20150325-tcpleak) CVE-2015-0646 03 Apr 2015 7.5 (v3) High Pass Cisco IOS Autonomic Networking Infrastructure Multiple Vulnerabilities (cisco-sa-20150325-ani) CVE-2015-0635 CVE-2015-0636 CVE-2015-0637 06 Apr 2015 9 (v2) High Pass Oracle Database Multiple Vulnerabilities (April 2015 CPU) CVE-2015-0455 CVE-2015-0457 CVE-2015-0479 CVE-2015-0483 20 Apr 2015 9 (v2) High Pass Cisco ANI Con fi guration Overwrite DoS (CSCup62167) CVE-2015-0669 22 May 2015 6.4 (v2) Medium Pass Cisco IOS XR Software Crafted IPv6 Packet DoS (cisco-sa-20150611-iosxr) CVE-2015-0769 19 Jun 2015 7.8 (v2) High Pass Tenable SecurityCenter < 5.0.1 Multiple RCE (TNS-2015-10) CVE-2015-4149 CVE-2015-4150 03 Aug 2015 8.8 (v3) High Pass Tenable SecurityCenter Alternative Certi fi cate Validation Bypass Vulnerability (TNS-2015-08) CVE-2015-1793 20 Aug 2015 6.5 (v3) Medium Pass Atlassian Jira < 8.5.5 / 8.6.x < 8.8.2 / 8.9.x < 8.9.1 Multiple Cross-Site Scripting (XSS) CVE-2020-4022 CVE-2020-4024 CVE-2020-4025 22 Jul 2020 6.1 (v3) Medium Pass Tenable SecurityCenter Multiple PHP Vulnerabilities (TNS-2015-06) CVE-2006-7243 CVE-2015-2325 CVE-2015-2326 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 20 Aug 2015 9.8 (v3) Critical Pass Cisco IOS SSHv2 RSA-Based User Authentication Bypass (CSCus73013) CVE-2015-6280 02 Oct 2015 9.3 (v2) High Pass Oracle Database Multiple Vulnerabilities (October 2015 CPU) CVE-2015-4794 CVE-2015-4796 CVE-2015-4857 CVE-2015-4863 CVE-2015-4873 CVE-2015-4888 CVE-2015-4900 23 Oct 2015 10 (v2) Critical Pass Cisco IOS XR OSPF Link State Advertisement PCE DoS (cisco-sa-20160104-iosxr) CVE-2015-6432 08 Jan 2016 7.5 (v3) High Pass Tenable SecurityCenter OpenSSL ASN.1 Signature Veri fi cation Routine DoS (TNS-2016-01) CVE-2015-3194 17 Feb 2016 7.5 (v3) High Pass Tenable SecurityCenter PHP Character Handling (TNS-2015-09) 29 Feb 2016 9.8 (v3) Critical Pass Cisco IOS XR OpenSSL Security Bypass (CSCup22654) CVE-2014-0224 26 Feb 2016 5.8 (v2) Medium Pass Tenable SecurityCenter 5.0.2 Audit File XSS (TNS-2015-12) CVE-2015-8503 16 Mar 2016 4.1 (v3) Medium Pass Tenable SecurityCenter 5.2.x / 5.3.x < 5.3.1 Multiple Vulnerabilities (TNS-2016-07) CVE-2016-82008 CVE-2016-82009 CVE-2016-82010 CVE-2016-82011 12 Apr 2016 4.7 (v3) Medium Pass Cisco IOS XR GSR 12000 Port Range BFD DoS (cisco-sa-20160311-gsr) CVE-2016-1361 14 Apr 2016 5.3 (v3) Medium Pass Cisco IOS NTP Subsystem Unauthorized Access (cisco-sa-20160419-ios) CVE-2016-1384 03 May 2016 7.5 (v3) High Pass Cisco IOS XR OpenSSH Module SSH Login Channel Identi fi er DoS CVE-2015-4193 17 May 2016 4 (v2) Medium Pass Atlassian Jira 7.13.x < 8.3.0 XSS (JRASERVER-70856) CVE-2019-20416 22 Jul 2020 4.8 (v3) Medium Pass Cisco IOS XR < 6.1.1 on ASR 9000 LPTS DoS CVE-2016-1407 25 May 2016 7.5 (v3) High Pass Cisco IOS LLDP Packet Handling Remote DoS (cisco-sa-20160616-ios) CVE-2016-1424 22 Jun 2016 6.5 (v3) Medium Pass Cisco IOS XR 6.0.1.x and 6.0.2.x < 6.0.2.7 / 6.1.x < 6.1.1.17 Command Input Handling Privilege Escalation CVE-2016-1456 12 Aug 2016 7.8 (v3) High Pass Cisco IOS XR 5.1.x < 5.1.3 / 5.2.x < 5.2.4 / 5.3.x < 5.3.2 Fragmented Packet DoS (cisco-sa-20160810-iosxr) CVE-2016-6355 19 Aug 2016 7.5 (v3) High Pass Cisco IOS Software Border Gateway Protocol Message Processing DoS (cisco-sa-20160715-bgp) CVE-2016-1459 26 Aug 2016 5.3 (v3) Medium Pass Cisco IOS NTP Packet Handling Remote DoS (cisco-sa-20160804-wedge) CVE-2016-1478 29 Aug 2016 7.5 (v3) High Pass Tenable SecurityCenter < 5.3.0 Multiple Vulnerabilities (TNS-2016-04) CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 06 Sep 2016 4.3 (v3) Medium Pass Cisco IOS Software Wide Area Application Services Express DoS CVE-2016-1347 16 Sep 2016 7.5 (v3) High Pass Cisco IOS XR NCS 6000 Packet Timer Leak DoS (cisco-sa-20160713-ncs6k) CVE-2016-1426 16 Sep 2016 7.5 (v3) High Pass Cisco IOS XR IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERTAIN) CVE-2016-6415 27 Sep 2016 7.5 (v3) High Pass Apache Struts 2.3.1 < 2.3.31 / 2.5.x < 2.5.5 Convention Plugin Path Traversal RCE (S2-042) CVE-2016-6795 27 Oct 2016 9.8 (v3) Critical Pass Atlassian Jira 7.13.x < 7.13.3 / 8.x < 8.1.0 CSRF via Logging and Pro fi ling Feature (JRASERVER-70849) CVE-2019-20415 22 Jul 2020 4.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2017 CPU) CVE-2017-3240 CVE-2017-3310 18 Jan 2017 9 (v3) Critical Pass Tenable SecurityCenter 5.4.x <= 5.4.3 PHP Object Deserialization Remote File Deletion (TNS-2017-05) 07 Mar 2017 4.3 (v3) Medium Pass Tenable SecurityCenter 5.x < 5.4.3 Multiple Vulnerabilities (TNS-2017-04) (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-5387 CVE-2016-7055 CVE-2016-8740 CVE-2016-8743 CVE-2016-9594 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10167 CVE-2016-1000102 CVE-2016-1000104 CVE-2017-3731 14 Mar 2017 6.5 (v3) Medium Pass Cisco IOS ANI Registrar DoS (cisco-sa-20170320-ani) CVE-2017-3849 24 Mar 2017 7.4 (v3) High Pass Cisco IOS ANI IPv6 Packets DoS (cisco-sa-20170320-aniipv6) CVE-2017-3850 24 Mar 2017 5.9 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.105 WebSocket DoS CVE-2020-13935 23 Jul 2020 7.5 (v3) High Pass Oracle GlassFish Server Unspeci fi ed Vulnerability (January 2015 CPU) CVE-2015-0396 23 Jan 2015 7.5 (v2) High Pass Apache Tra ffi c Server Unsupported 22 Jan 2015 10 (v3) Critical Pass TYPO3 9.x < 9.5.6 Information Disclosure 23 Jul 2020 4.8 (v3) Medium Pass Apache Tomcat 8.0.x < 8.0.21 Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 19 May 2015 7.3 (v3) High Pass HP StoreVirtual 4000 and StoreVirtual VSA Software dbd_manager RCE CVE-2013-4841 10 Apr 2014 10 (v2) Critical Pass Azure CycleCloud Web UI Detection 13 Aug 2021 None Pass ServletExec 4.1 ISAPI com.newatlanta.servletexec.JSP10Servlet Path Disclosure CVE-2002-0892 22 May 2002 5 (v2) Medium Pass HP System Management Homepage < 7.5.4 Multiple Vulnerabilities (Logjam) CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1793 CVE-2015-3143 CVE-2015-3145 CVE-2015-3148 CVE-2015-4000 CVE-2015-4024 CVE-2016-1993 CVE-2016-1994 CVE-2016-1995 CVE-2016-1996 24 Mar 2016 9.8 (v3) Critical Pass Samba MS-DOS Path Request Arbitrary File Retrieval CVE-2004-0815 30 Sep 2004 6.5 (v2) Medium Pass Atlassian Jira < 8.5.5 / 8.6.x < 8.7.2 / 8.8.x < 8.8.1 Improper authorization CVE-2020-4029 23 Jul 2020 4.3 (v3) Medium Pass Web Server Directory Enumeration 26 Jun 2002 None Pass Cisco Wireless LAN Controller (WLC) Version 25 Sep 2013 None Pass Jenkins ( < 2.235.2 LTS / < 2.245 Weekly) Multiple Stored XSS (Jenkins Security Advisory 2020-07-15) CVE-2020-2220 CVE-2020-2221 CVE-2020-2222 CVE-2020-2223 24 Jul 2020 5.4 (v3) Medium Pass SSL/TLS Service Requires Client Certi fi cate 19 May 2016 None Pass TYPO3 8.x < 8.7.23 / 9.x < 9.5.4 Multiple Vulnerabilities CVE-2018-14041 24 Jul 2020 6.1 (v3) Medium Pass Juniper JSA10879 CVE-2018-0045 23 Jul 2019 8.8 (v3) High Pass BMC Server Automation RSCD Agent Weak ACL XML-RPC Arbitrary Command Execution 10 May 2016 10 (v2) Critical Pass ArubaOS Detection 16 Oct 2014 None Pass IBM WebSphere Application Server 8.0 < Fix Pack 10 Multiple Vulnerabilities (POODLE) CVE-2013-5704 CVE-2014-0076 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3021 CVE-2014-3070 CVE-2014-3083 CVE-2014-3566 CVE-2014-4764 CVE-2014-4770 CVE-2014-4816 CVE-2014-6166 CVE-2014-6167 CVE-2014-6174 18 Feb 2015 6.8 (v2) Medium Pass Cisco NX-OS GNU C Library (glibc) Bu ff er Over fl ow (GHOST) CVE-2015-0235 19 Jul 2016 8.1 (v3) High Noise TLS Version 1.3 Protocol Detection 09 Jul 2020 None Pass Database Authentication Failure(s) for Provided Credentials 24 Jun 2016 None Pass MySQL Server Login Possible 24 Jun 2016 None Pass Oracle Primavera Gateway (Oct 2020 CPU) CVE-2019-17495 22 Oct 2020 9.8 (v3) Critical Pass Atlassian Jira < 7.13.9 / 8.0.x < 8.4.2 Multiple Vulnerabilities CVE-2019-20411 CVE-2019-20413 28 Jul 2020 4.3 (v3) Medium Pass PHP < 7.3.28 Email Header Injection 26 Aug 2021 5.3 (v3) Medium Pass HP LaserJet Printers Remote Unauthorized Access, DoS (HPSBPI03147) CVE-2014-7875 05 Nov 2014 9 (v2) High Pass Atlassian Jira < 7.6.17 / 7.7.x < 7.13.9 / 8.0.x < 8.4.2 Information Disclosure CVE-2019-20410 29 Jul 2020 6.5 (v3) Medium Pass POP Password Changer (poppassd_pam) Arbitrary User Remote Password Modi fi cation 12 Jan 2005 7.5 (v2) High Pass Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2m Multiple Vulnerabilities CVE-2017-3735 CVE-2017-3736 16 Nov 2017 5.3 (v3) Medium Pass Xerox WorkCentre Command Injection (XRX11-001) 08 Feb 2011 10 (v2) Critical Pass Internet Gateway Device WAN Interface UPnP Access 19 Feb 2009 6.5 (v3) Medium Pass Veritas Cluster Management Console Detection 02 Mar 2011 None Pass SMTP Service STARTTLS Plaintext Command Injection CVE-2011-0411 CVE-2011-1430 CVE-2011-1431 CVE-2011-1432 CVE-2011-1506 CVE-2011-2165 10 Mar 2011 4 (v2) Medium Pass HP StorageWorks File Migration Agent Detection 14 Mar 2011 None Pass Wake-on-LAN 10 Mar 2011 None Pass Sybase M-Business Anywhere (AvantGo) Sync Server Detection 23 May 2011 None Pass Unprotected memcached 11 Mar 2011 5 (v2) Medium Pass Tenable SecurityCenter PHP < 5.6.32 PCRE DoS CVE-2016-1283 16 Nov 2017 9.8 (v3) Critical Pass Juniper Junos SIP DoS (PSN-2013-04-911) 20 May 2013 7.1 (v2) High Pass Sun Java System Directory Server bind-dn Remote Privilege Escalation CVE-2008-1995 01 May 2008 6.5 (v2) Medium Pass Cisco Web Security Appliance (WSA) Server Name Identi fi cation Data Ex fi ltration (cisco-sa-sni-data-ex fi l-mFgzXqLN) CVE-2021-34749 25 Aug 2021 8.6 (v3) High Pass Script Src Integrity Check 20 Dec 2018 7.1 (v3) High Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX276688) (Direct Check) CVE-2020-8193 30 Jul 2020 6.5 (v3) Medium Pass NETGEAR Hard-coded Telnet Unlock Credentials 05 Mar 2014 8.3 (v2) High Pass 3Com Switch Default Admin Credentials 25 Mar 2014 10 (v2) Critical Pass Quantum vmPRO Default Credentials Check 24 Mar 2014 10 (v2) Critical Pass OpenSSH < 3.0.1 Multiple Flaws CVE-2001-1507 20 Nov 2001 6.8 (v2) Medium Pass Stuxnet Worm Detection (uncredentialed check) 18 Nov 2010 10 (v2) Critical Pass 3Com Web Management Interface Default Credentials 25 Mar 2014 10 (v2) Critical Pass Novell GroupWise WebAccess Accessible 23 Nov 2010 5 (v2) Medium 92

Pass Lime Wire Multiple Remote Unauthorized Access CVE-2005-0788 06 Apr 2005 5 (v2) Medium Pass Ability FTP Server Multiple Command Remote Bu ff er Over fl ows CVE-2004-1626 CVE-2004-1627 04 Nov 2004 10 (v2) Critical Pass Western Digital TV Multiple Vulnerabilities 08 Sep 2017 7.5 (v3) High Pass up-imapproxy IMAP Proxy IMAP_Line_Read() Function Literal Size DoS CVE-2004-1035 30 Nov 2004 6.4 (v2) Medium Pass ExtCalendar Detection 26 Jan 2011 None Pass macOS 10.15.x < 10.15.5 / 10.14.x < 10.14.6 Security Update 2020-003 / 10.13.x < 10.13.6 Security Update 2020-003 CVE-2019-14868 CVE-2019-20044 CVE-2020-3878 CVE-2020-3882 CVE-2020-9771 CVE-2020-9772 CVE-2020-9788 CVE-2020-9789 CVE-2020-9790 CVE-2020-9791 CVE-2020-9792 CVE-2020-9793 CVE-2020-9794 CVE-2020-9795 CVE-2020-9797 CVE-2020 28 May 2020 8.8 (v3) High Pass IBM Sametime Detection 14 Mar 2011 None Pass PHP 7.0.x < 7.0.25 Multiple Vulnerabilities CVE-2016-1283 CVE-2017-16642 16 Nov 2017 9.8 (v3) Critical Pass HP Client Automation Default Credentials 25 Mar 2011 10 (v2) Critical Pass WU-FTPD fi leutils/coreutils ls -w Argument Memory Consumption DoS CVE-2003-0853 CVE-2003-0854 29 Oct 2003 7.5 (v3) High Pass WP Statistics Plugin for WordPress < 12.6.7 Blind SQL Injection 02 Jul 2019 8.3 (v3) High Pass Default Password '1111' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass IMAP pop-2d POP Daemon FOLD Command Remote Over fl ow CVE-1999-0920 22 Jun 1999 10 (v2) Critical Pass HP System Management Homepage < 7.2.5 / 7.4.1 Multiple Vulnerabilities (POODLE) CVE-2014-3508 CVE-2014-3509 CVE-2014-3511 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 CVE-2015-2133 03 Aug 2015 6.8 (v2) Medium Pass Xerox WorkCentre Multi-Page Document Scan/Fax Information Disclosure (XRX05-002) 16 May 2005 2.6 (v2) Low Pass ePolicy Orchestrator Detection 02 Oct 2006 None Pass pfSense < 2.3.1-p5 Multiple Vulnerabilities (SA-16_07 / SA-16_08) CVE-2013-7456 CVE-2016-5093 CVE-2016-5094 CVE-2016-5096 31 Jan 2018 8.6 (v3) High Pass pfSense < 2.2.2 Multiple Vulnerabilities (SA-15_05) 31 Jan 2018 4.7 (v3) Medium Pass pfSense < 2.2.4 Multiple Vulnerabilities (SA-15_07) CVE-2015-3152 CVE-2015-5358 CVE-2015-8838 31 Jan 2018 5.9 (v3) Medium Pass pfSense < 2.3.1-p1 Multiple Vulnerabilities (SA-16_05) 31 Jan 2018 8.8 (v3) High Pass pfSense < 2.4.2 Multiple Vulnerabilities (SA-17_07) CVE-2017-1086 CVE-2017-1088 CVE-2017-3735 CVE-2017-3736 21 Mar 2018 5.3 (v3) Medium Pass pfSense < 2.1.4 Multiple Vulnerabilities ( SA-14_07 ) CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 21 Mar 2018 7.4 (v3) High Pass Multiple FTP Server Command Handling Over fl ow CVE-1999-0219 CVE-2000-0870 CVE-2000-0943 CVE-2000-1035 CVE-2000-1194 CVE-2002-0126 CVE-2003-0271 CVE-2005-0634 CVE-2005-1415 22 Jun 1999 9.8 (v3) Critical Pass pfSense Default SSH Credentials 24 Jan 2018 9.8 (v3) Critical Pass GuildFTPd Traversal Arbitrary File Enumeration CVE-2000-0640 16 Jul 2000 7.3 (v3) High Pass Samba Badlock Vulnerability CVE-2016-2118 13 Apr 2016 7.5 (v3) High Pass OS Identi fi cation : SinFP 19 May 2007 None Pass Unsupported Windows OS (remote) 03 Apr 2018 10 (v3) Critical Pass Dell iDRAC9 Directory Traversal (DSA-2020-128) CVE-2020-5366 31 Jul 2020 6.5 (v3) Medium Pass Sendmail < 8.14.4 SSL Certi fi cate NULL Character Spoo fi ng CVE-2009-4565 05 Jan 2010 7.3 (v3) High Pass PHP 8.1.x < 8.1.3 CVE-2021-21708 18 Feb 2022 9.8 (v3) Critical Pass OTRS Unspeci fi ed Remote Code Execution (OSA-2017-04) CVE-2017-14635 11 Dec 2017 8.8 (v3) High Pass OTRS Authenticated Remote Code Execution (OSA-2017-07) CVE-2017-16664 11 Dec 2017 8.8 (v3) High Pass Cisco IOS XE Software IOx Application Environment Path Traversal (cisco-sa-iox-pt-hWGcPf7g) CVE-2021-1385 08 Sep 2021 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 9.0.10 < 9.0.15 / 9.1.4 < 9.1.11 / 10.0.x < 10.0.8 / 10.1.x < 10.1.2 OS Command Injection CVE-2021-3050 10 Sep 2021 8.8 (v3) High Pass Pulse Connect Secure < 9.1R8 (SA44516) CVE-2020-8204 CVE-2020-8206 CVE-2020-8216 CVE-2020-8217 CVE-2020-8218 CVE-2020-8219 CVE-2020-8220 CVE-2020-8221 CVE-2020-8222 CVE-2020-12880 CVE-2020-15408 31 Jul 2020 8.1 (v3) High Pass MariaDB 10.3.x < 10.3.1 Multiple DoS Vulnerabilities 07 Dec 2017 4.3 (v3) Medium Pass OpenSSL < 0.9.6e / 0.9.7b3 Multiple Remote Vulnerabilities CVE-2000-0535 CVE-2001-1141 CVE-2002-0655 CVE-2002-0656 CVE-2002-0657 CVE-2002-0659 05 Aug 2002 10 (v2) Critical Pass SSH Secure Shell without PTY setsid() Function Privilege Escalation CVE-2002-1644 25 Nov 2002 7.1 (v2) High Pass pfSense Unsupported Version Detection 30 Jan 2019 10 (v3) Critical Pass Allied Telesyn Router/Switch Web Interface Default Password CVE-1999-0508 03 Jun 2005 7.5 (v2) High Pass Micro Focus Operations Orchestration JMiniX Multiple Vulnerabilities CVE-2018-6490 02 Mar 2018 7.5 (v3) High Pass Arista CloudVision Portal Web Detection 26 Jun 2020 None Pass Cisco Uni fi ed Communications Manager Express Denial of Service Vulnerabilities (cisco-sa-20100324-cucme) CVE-2010-0585 CVE-2010-0586 01 Sep 2010 7.8 (v2) High Pass Unauthenticated OpenVPN Server Detection 28 Feb 2018 None Pass Cisco IOS Software IPsec Vulnerability (cisco-sa-20100324-ipsec) CVE-2010-0578 01 Sep 2010 7.8 (v2) High Pass Oracle Portal Demo Organization Chart SQL Injection CVE-2013-3831 22 Nov 2013 5.5 (v2) Medium Pass PHP 7.3.x < 7.3.21 Use-After-Free Vulnerability CVE-2020-7068 13 Aug 2020 3.6 (v3) Low Pass Juniper Junos PIM rpd Crafted Boot Message Remote DoS (PSN-2011-07-296) 22 Aug 2011 5.4 (v2) Medium Pass PHP 7.4.x < 7.4.9 Use-After-Free Vulnerability CVE-2020-7068 13 Aug 2020 3.6 (v3) Low Pass PHP 7.2.x < 7.2.33 Use-After-Free Vulnerability CVE-2020-7068 13 Aug 2020 3.6 (v3) Low Pass Juniper Junos J-Web Component Unspeci fi ed CSRF (PSN-2012-01-474) 23 Jan 2012 9.3 (v2) High Pass Novell NetWare 6.0 Tomcat source.jsp Traversal Arbitrary File Access CVE-2000-1210 30 Mar 2004 7.8 (v2) High Pass Allegro Software RomPager 2.10 Malformed Authentication Request DoS CVE-2000-0470 27 Jul 2005 7.8 (v2) High Pass WinComLPD LPD Monitoring Server Default Credentials 06 Feb 2008 7.5 (v2) High Pass JQuery 1.2 < 3.5.0 Multiple XSS CVE-2020-11022 CVE-2020-11023 28 May 2020 6.1 (v3) Medium Pass Cisco IOS XR BGP Additional Paths DoS (cisco-sa-bgp-ErKEqAer) CVE-2020-3449 14 Aug 2020 4.3 (v3) Medium Pass Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities (cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz) CVE-2020-3566 CVE-2020-3569 01 Sep 2020 7.5 (v3) High Pass Apache for Windows Multiple Forward Slash Directory Listing CVE-2000-0505 CVE-2001-0729 13 Jun 2000 5.3 (v3) Medium Pass Novell eDirectory < 8.8.5 ftf1/8.7.3.10 ftf2 NULL Base DN DoS CVE-2009-3862 06 Nov 2009 5 (v2) Medium Pass Juniper Junos OS DoS (JSA11187) CVE-2021-0285 08 Sep 2021 7.5 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.9 / 10.0.x < 10.0.5 Vulnerability CVE-2021-3053 08 Sep 2021 7.5 (v3) High Pass WP Symposium Plugin for WordPress forum.php 'show' Parameter SQL Injection (Version Check) CVE-2015-3325 18 May 2015 7.5 (v2) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.10 / 10.0.x < 10.0.2 Vulnerability CVE-2021-3052 08 Sep 2021 5.4 (v3) Medium Pass Palo Alto Networks PAN-OS 5.0.x < 5.0.20 / 5.1.x < 5.1.13 / 6.0.x < 6.0.15 / 6.1.x < 6.1.15 / 7.0.x < 7.0.11 / 7.1.x < 7.1.6 Multiple Vulnerabilities (PAN-SA-2016-0033 / PAN-SA-2016-0034 / PAN-SA-2016-0035 / PAN-SA-2016-0037) CVE-2016-9149 CVE-2016-9150 CVE-2016-9151 02 Dec 2016 9.8 (v3) Critical Pass EMC RSA Authentication Manager < 8.3 Patch 3 Multiple Vulnerabilities (DSA-2018-152) CVE-2018-11073 CVE-2018-11074 CVE-2018-11075 27 Sep 2018 6.1 (v3) Medium Pass Barracuda Spam Firewall cgi-bin/ldap_test.cgi email Parameter XSS CVE-2008-2333 23 May 2008 4.3 (v2) Medium Pass ColdFusion on IIS cfm/dbm Diagnostic Error Path Disclosure CVE-2002-0576 15 Mar 2003 5 (v2) Medium Pass ManageEngine Applications Manager Invalid URL Remote Information Disclosure CVE-2008-0475 26 Jan 2008 5 (v2) Medium Pass WP Super Cache Plugin for WordPress wp-cache.php Cache List Content Handling XSS 16 Apr 2015 4.3 (v2) Medium Pass GateCrasher Backdoor Detection 09 Jul 1999 10 (v2) Critical Pass MDaemon WorldClient < 12.5.7 Multiple XSS Vulnerabilities CVE-2012-2584 17 Sep 2012 4.3 (v2) Medium Pass Xerver HTTP Response Splitting CVE-2009-4086 25 Nov 2009 4.3 (v2) Medium Pass Kubernetes info API access 28 Jun 2018 5.3 (v3) Medium Pass Puppet Enterprise 3.7.x < 3.8.1 / 3.8.x < 3.8.1 Multiple Vulnerabilities CVE-2015-3900 CVE-2015-4020 CVE-2015-4100 23 Jul 2015 5 (v2) Medium Pass Zabbix Server send_history_last_id() SQL Injection 22 Dec 2009 7.5 (v2) High Pass Splunk < 5.0.5 Multiple Code Execution Vulnerabilities CVE-2013-6771 CVE-2013-7394 30 Sep 2013 9.3 (v2) High Pass IBM WebSphere Application Server < 6.1.0.23 Multiple Flaws CVE-2008-4284 CVE-2009-0508 CVE-2009-0855 CVE-2009-0856 CVE-2009-0891 CVE-2009-0892 CVE-2009-1172 15 Apr 2009 7.5 (v2) High Pass Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability (cisco-sa-20100324-ldp) CVE-2010-0576 01 Sep 2010 7.8 (v2) High Pass OpenSSH < 1.2.3 xauth Session Highjacking CVE-2000-0217 04 Oct 2011 5.1 (v2) Medium Pass Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (cisco-sa-20100324-sip) CVE-2010-0579 CVE-2010-0580 CVE-2010-0581 01 Sep 2010 10 (v2) Critical Pass HP Ink Printers Multiple Vulnerabilities (HPSBHF03589) CVE-2018-5924 CVE-2018-5925 13 Aug 2018 7.8 (v3) High Pass Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability (cisco-sa-20100324-tcp) CVE-2010-0577 01 Sep 2010 7.1 (v2) High Pass PHP Code Snippet Library index.php Multiple Parameter XSS CVE-2004-1746 25 Aug 2004 4.3 (v2) Medium Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10775) CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 23 Aug 2017 7.5 (v3) High Pass Nimda Worm Infected HTML File Detection 19 Sep 2001 10 (v2) Critical Pass EMC RSA Authentication Manager 7.x < 7.1 SP4 Patch 32 Unspeci fi ed XSS CVE-2014-0623 04 Apr 2014 4.3 (v2) Medium Noise OS Identi fi cation Failed 26 Oct 2010 None Pass Apache 2.2.x < 2.2.25 Multiple Vulnerabilities CVE-2013-1862 CVE-2013-1896 16 Jul 2013 5.6 (v3) Medium Pass HP Operations Orchestration 10.x Authentication Bypass CVE-2015-2109 07 May 2015 7.5 (v2) High Pass AFP Server Directory Traversal CVE-2010-0533 29 Mar 2010 5 (v2) Medium Pass IBM WebSphere Application Server 6.0 < 6.0.2.21 Multiple Vulnerabilities CVE-2007-3397 CVE-2007-3960 05 Apr 2010 9.3 (v2) High Pass IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities CVE-2009-0899 CVE-2009-0903 CVE-2009-0904 CVE-2009-1174 CVE-2009-1899 CVE-2009-1900 CVE-2009-1901 CVE-2009-2085 CVE-2009-2087 CVE-2009-2088 CVE-2009-2089 19 Jun 2009 5 (v2) Medium Pass Juniper Junos SRX MACsec Feature Secure Link Failure Silent Fallback Information Disclosure (JSA10790) CVE-2017-2342 23 Aug 2017 5.4 (v3) Medium Pass TANDBERG Video Communication Server Static SSH Host Keys CVE-2009-4510 14 Apr 2010 9.3 (v2) High Pass SSL Self-Signed Certi fi cate 17 Jan 2012 6.4 (v2) Medium Pass Juniper Junos Extended DHCP Relay Agent Tra ffi c Redirection (PSN-2011-07-300) 22 Aug 2011 2.9 (v2) Low Pass Subversion Cleartext Authentication 05 Jan 2016 4.3 (v2) Medium Pass Juniper Junos Fragmented ICMP Packet Handling Remote DoS (PSN-2011-07-298) 22 Aug 2011 6.1 (v2) Medium Pass Juniper Junos ICMP Ping 'composite next-hop' Remote DoS (PSN-2011-07-297) 22 Aug 2011 7.8 (v2) High Pass Cisco Video Surveillance Manager Multiple Vulnerabilities (cisco-sa-20130724-vsm) CVE-2013-3429 CVE-2013-3430 CVE-2013-3431 12 Sep 2013 8.6 (v3) High Pass Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20110928-nat) CVE-2011-3276 CVE-2011-3277 CVE-2011-3278 CVE-2011-3279 CVE-2011-3280 29 Sep 2011 7.8 (v2) High Pass Juniper Junos Next-Gen MVPN Senario Malformed Message Handling Remote DoS (PSN-2011-10-391) 10 Nov 2011 7.1 (v2) High Pass Novell eDirectory < 8.8 SP5 Patch 4 Multiple Vulnerabilities CVE-2009-4653 15 Jun 2010 9 (v2) High Pass Apache 2.2.x < 2.2.17 Multiple Vulnerabilities CVE-2009-3560 CVE-2009-3720 CVE-2010-1623 20 Oct 2010 5.3 (v3) Medium Pass thttpd ssi Servlet Encoded Traversal Arbitrary File Access CVE-2000-0900 03 Oct 2000 5 (v2) Medium Pass PatchLink Update Server checkpro fi le.asp checkid Parameter SQL Injection CVE-2006-3430 28 Jul 2006 7.5 (v2) High Pass Juniper Junos Remote Execution Vulnerability (JSA10818) CVE-2017-10615 20 Oct 2017 7.5 (v3) High Pass IA eMailServer IMAP4 LIST Command Format String Remote DoS CVE-2005-2083 28 Jun 2005 4 (v2) Medium Pass Juniper Junos HTTPS Server Certi fi cate AV Vulnerability (JSA10822) CVE-2017-10620 20 Oct 2017 7.5 (v3) High Pass Juniper JSA10960 CVE-2019-0061 13 Dec 2019 7.8 (v3) High Pass Cisco MSE <= 8.0.120.7 Multiple Vulnerabilities CVE-2015-4282 CVE-2015-6316 18 Nov 2015 6.9 (v2) Medium 93

Pass VxWorks WDB Debug Service Detection CVE-2010-2965 06 Aug 2010 10 (v2) Critical Pass Apache Tomcat Long URL Information Disclosure CVE-2001-0917 CVE-2002-2009 01 Oct 2010 5.3 (v3) Medium Pass Juniper Junos Key Generation Weakness (PSN-2012-04-549) 25 Apr 2012 4 (v2) Medium Pass PatchLink Update /dagent/downloadreport.asp Multiple Parameter SQL Injection CVE-2006-6450 12 Dec 2006 7.5 (v2) High Pass WebAdmin < 3.2.5 Multiple Vulnerabilities CVE-2006-4370 CVE-2006-4371 23 Aug 2006 7.5 (v2) High Pass QLogic QConvergeConsole (QCC) GUI Web Interface Default Credentials 24 Oct 2018 8.6 (v3) High Pass Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure CVE-2011-4327 09 May 2011 2.1 (v2) Low Pass OrientDB < 2.0.7 / 2.1.0 Weak Session IDs CVE-2015-2913 08 Oct 2015 5.9 (v3) Medium Pass Kerio WinRoute Firewall HTTP/HTTPS Management Detection 18 Nov 2005 4 (v2) Medium Pass XAMPP ADOdb mssql_connect Remote Bu ff er Over fl ow CVE-2007-2079 30 Apr 2007 9.3 (v2) High Pass Juniper Junos BGP UPDATE DoS (PSN-2012-10-733) 26 Oct 2012 6.3 (v2) Medium Pass Juniper Junos PIM Join Flood DoS (PSN-2013-01-808) 14 Jan 2013 6.3 (v2) Medium Pass Puppet Enterprise 2.8.x / 3.2.x Multiple Vulnerabilities CVE-2014-0198 CVE-2014-0224 CVE-2014-3251 20 Aug 2014 5.8 (v2) Medium Pass macOS 10.13.x < 10.13.1 Multiple Vulnerabilities CVE-2017-1000100 CVE-2017-1000101 CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2 03 Nov 2017 7.8 (v3) High Pass Apache < 1.3.37 mod_rewrite LDAP Protocol URL Handling Over fl ow CVE-2006-3747 26 Mar 2008 7.3 (v3) High Pass Default Password (dottie) for 'root' Account CVE-1999-0502 CVE-2006-5288 11 Apr 2008 9.8 (v3) Critical Pass Cisco TelePresence Multipoint Switch < 1.7.0 Multiple Vulnerabilities (cisco-sa-20110223-telepresence-ctms) CVE-2011-0379 CVE-2011-0383 CVE-2011-0384 CVE-2011-0385 CVE-2011-0387 CVE-2011-0388 CVE-2011-0389 27 Jul 2012 10 (v2) Critical Pass XMPP Cleartext Authentication 05 Jan 2016 4.3 (v2) Medium Pass Dell KACE K2000 < 3.3.52857 Multiple Vulnerabilities CVE-2011-4046 CVE-2011-4047 CVE-2011-4048 CVE-2011-4436 10 Feb 2014 9.3 (v2) High Pass Oracle Policy Automation (Oracle Web Determinations) Unspeci fi ed Remote Security Vulnerability (July 2013 CPU) CVE-2013-3816 12 Sep 2014 4 (v2) Medium Pass Zoho ManageEngine OpManager 'OPM_BVNAME' Multiple Vulnerabilities CVE-2014-7868 CVE-2016-82014 CVE-2016-82015 16 Feb 2015 7.5 (v2) High Pass EMC AlphaStor Device Manager robotd RCE CVE-2008-2157 01 Jul 2008 9.8 (v3) Critical Pass ManageEngine Desktop Central Arbitrary File Upload and RCE (Safe Check) CVE-2014-5005 CVE-2014-5006 CVE-2014-5007 25 Mar 2015 7.5 (v2) High Pass WebPagetest < 2.7.2 fi le Parameter Traversal Arbitrary File Access 18 Sep 2012 5 (v2) Medium Pass Novell ZENworks Asset Management rtrlet Component GetFile_Password Method Hardcoded Credentials Information Disclosure CVE-2012-4933 25 Oct 2012 7.8 (v2) High Pass Sendmail headers.c crackaddr Function Address Field Handling Remote Over fl ow CVE-2002-1337 03 Mar 2003 9.8 (v3) Critical Pass Sun Java ASP Server Default Admin Password 08 Jul 2008 7.5 (v2) High Pass ManageEngine Desktop Central AgentLogUploadServlet Arbitrary File Upload CVE-2013-7390 04 Dec 2013 10 (v2) Critical Pass IBM WebSphere Application Server Multiple Vulnerabilities CVE-2011-1376 04 Feb 2012 4.6 (v2) Medium Pass Apache 2.0.x < 2.0.47 Multiple Vulnerabilities (DoS, Encryption) CVE-2003-0192 CVE-2003-0253 CVE-2003-0254 20 Oct 2010 6.5 (v3) Medium Pass SCO OpenServer Multiple Local Privilege Escalation Vulnerabilities CVE-2002-0158 CVE-2002-0164 16 Oct 2003 7.2 (v2) High Pass Apache mod_wsgi < 3.4 Remote Information Disclosure CVE-2014-0242 14 Jul 2014 5.3 (v3) Medium Pass macOS 10.13.x < 10.13.3 Multiple Vulnerabilities CVE-2017-13889 CVE-2017-5705 CVE-2017-5708 CVE-2017-7830 CVE-2017-8816 CVE-2017-8817 CVE-2018-4082 CVE-2018-4083 CVE-2018-4084 CVE-2018-4085 CVE-2018-4086 CVE-2018-4088 CVE-2018-4089 CVE-2018-4090 CVE-2018-4091 CVE-2018- 24 Jan 2018 9.8 (v3) Critical Pass Apache 2.x < 2.0.50 Multiple Remote DoS CVE-2004-0493 CVE-2004-0748 29 Jun 2004 5.3 (v3) Medium Pass VNC Server Unauthenticated Access 05 Oct 2007 7.5 (v2) High Pass Apache Tomcat Manager Common Administrative Credentials CVE-2009-3099 CVE-2009-3548 CVE-2010-0557 CVE-2010-4094 26 Nov 2008 9.8 (v3) Critical Pass NetScaler Unencrypted Web Management Interface 06 Dec 2007 5 (v2) Medium Pass Mailman Crated Email Remote User Password Disclosure CVE-2004-0412 26 May 2004 5 (v2) Medium Pass StarWind Control Port Default Credentials 17 Dec 2007 7.5 (v2) High Pass Open fi re AuthCheck Authentication Bypass CVE-2008-6508 09 Nov 2008 7.5 (v2) High Pass BulletScript MailList bsml.pl Information Disclosure 01 Jan 2004 6.4 (v2) Medium Pass Juniper Junos MPLS Packet Handling Remote DoS (JSA10831) CVE-2018-0003 26 Jan 2018 7.5 (v3) High Pass Multiple Vendor HMAC Authentication SNMPv3 Authentication Bypass CVE-2008-0960 31 Jul 2009 9.8 (v3) Critical Pass Juniper Junos Kernel Register and Schedule Software Interrupt Handler Subsystem CPU Consumption Remote DoS (JSA10832) CVE-2018-0004 26 Jan 2018 7.5 (v3) High Pass Squid < 2.7.STABLE6 / 3.0.STABLE13 / 3.1.0.5 HTTP Version Number Request Remote DoS CVE-2009-0478 09 Feb 2009 5.3 (v3) Medium Pass Microsoft IIS Multiple Vulnerabilities (MS02-018) CVE-2002-0074 CVE-2002-0148 CVE-2002-0150 11 Apr 2002 4.3 (v2) Medium Pass ArGoSoft Mail Server Multiple Remote Vulnerabilities (XSS, DoS, Traversal) CVE-2002-1004 CVE-2002-1005 CVE-2002-1893 28 May 2003 7.8 (v2) High Pass Apple iTunes < 9.1 Multiple Vulnerabilities (uncredentialed check) CVE-2009-2285 CVE-2010-0040 CVE-2010-0041 CVE-2010-0042 CVE-2010-0043 CVE-2010-0531 CVE-2010-0532 CVE-2010-1768 CVE-2010-1795 31 Mar 2010 9.3 (v2) High Pass Juniper Junos RPD Routing Process DoS (JSA10715) CVE-2016-1257 22 Jan 2016 4.3 (v2) Medium Pass PBLang BBS <= 4.65 Multiple Vulnerabilities CVE-2005-0526 CVE-2005-0630 CVE-2005-0631 24 Feb 2005 6.5 (v2) Medium Pass Palo Alto Networks PAN-OS < 3.1.11 / 4.0.x < 4.0.9 Multiple Vulnerabilities CVE-2012-6597 CVE-2012-6604 CVE-2012-6605 05 Mar 2014 9 (v2) High Pass OpenSSL 1.0.x < 1.0.2q Multiple Vulnerabilities CVE-2018-5407 CVE-2018-0734 25 Jan 2019 5.9 (v3) Medium Pass VMware ESX / ESXi host Directory Con fi guration Files Information Disclosure 24 Jan 2019 5.3 (v3) Medium Pass Belkin N750 Router 1.10.22 Command Injection CVE-2018-1144 16 Apr 2018 9.8 (v3) Critical Pass phpAdsNew / phpPgAds < 2.0.6 Multiple Vulnerabilities CVE-2005-2498 CVE-2005-2635 CVE-2005-2636 29 Aug 2005 7.5 (v2) High Pass Open WebMail Multiple Content Header XSS 08 Jun 2004 4.3 (v2) Medium Pass web.con fi g File Information Disclosure 30 Jan 2019 5.3 (v3) Medium Pass Logstash ESA-2018-01 CVE-2018-3817 22 Jan 2019 6.5 (v3) Medium Pass Random password for 'root' account CVE-2009-3232 15 Sep 2009 9.8 (v3) Critical Pass pfSense < 2.3.4-p1 Multiple Vulnerabilities (SA-17_05 / SA-17_06) 31 Jan 2018 4.7 (v3) Medium Pass Juniper Junos Custom Application UUID Rule Handling Remote Firewall Bypass Vulnerability (JSA10836) CVE-2018-0009 26 Jan 2018 4 (v3) Medium Pass Barracuda Spam Firewall < 3.5.12.007 Multiple Vulnerabilities CVE-2008-0971 CVE-2008-1094 19 Dec 2008 6.5 (v2) Medium Pass SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE) CVE-2014-3566 15 Oct 2014 6.8 (v3) Medium Pass CakePHP vendors.php fi le Parameter Traversal Arbitrary File Access CVE-2006-5031 25 Sep 2006 5 (v2) Medium Pass FlexCast Server Terminal Authentication Unspeci fi ed Remote Issue CVE-2005-1897 07 Jun 2005 7.5 (v2) High Pass Mercury IMAP Server LOGIN Command Remote Over fl ow CVE-2006-5961 09 Mar 2007 7.5 (v2) High Pass ActivePerl perlIS.dll Remote Bu ff er Over fl ow CVE-2001-0815 26 Nov 2001 10 (v2) Critical Pass Comdev eCommerce 3.0 Multiple Vulnerabilities (RFI, Traversal) CVE-2005-2543 CVE-2005-2544 07 Aug 2005 6.8 (v2) Medium Pass Mail-it Now! Upload2Server Predictable Filename Upload Arbitrary Code Execution 14 Sep 2005 7.5 (v2) High Pass Sendmail < 8.8.5 MIME Conversion Malformed Header Over fl ow CVE-1999-0047 25 Jul 2002 9.8 (v3) Critical Pass FTP Privileged Port Bounce Scan CVE-1999-0017 22 Jun 1999 7.3 (v3) High Pass OpenSSL < 0.9.8l Multiple Vulnerabilities CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-2409 04 Jan 2012 5.1 (v2) Medium Pass Mac OS X 10.9.x < 10.9.5 Multiple Vulnerabilities CVE-2013-7345 CVE-2014-0076 CVE-2014-0185 CVE-2014-0195 CVE-2014-0207 CVE-2014-0221 CVE-2014-0224 CVE-2014-0237 CVE-2014-0238 CVE-2014-1391 CVE-2014-1943 CVE-2014-2270 CVE-2014-2525 CVE-2014-3470 CVE-2014-3478 CVE-2014-3 18 Sep 2014 10 (v2) Critical Pass Juniper Junos NTP Server Ampli fi cation Remote DoS (JSA10613) CVE-2013-5211 19 Sep 2014 5 (v2) Medium Pass IRIX handler CGI Arbitrary Command Execution CVE-1999-0148 22 Jun 1999 8.8 (v3) High Pass ESXi 5.5 / 6.0 / 6.5 / 6.7 Speculative Execution Side Channel Vulnerability (Foreshadow) (VMSA-2018-0020) (remote check) CVE-2018-3646 15 Aug 2018 5.6 (v3) Medium Pass HP Managed Printing Administration < 2.6.4 Multiple Vulnerabilities CVE-2011-4166 CVE-2011-4167 CVE-2011-4168 CVE-2011-4169 26 Jan 2012 9 (v2) High Pass Juniper Junos RSVP 'rpd' Remote DoS (JSA10652) CVE-2014-6378 14 Oct 2014 7.8 (v2) High Pass Arista Networks EOS libresolv Over fl ow RCE (SA0017) CVE-2015-7547 28 Feb 2018 8.1 (v3) High Pass OpenSSH < 5.2 CBC Plaintext Disclosure CVE-2008-5161 27 Sep 2011 4 (v2) Medium Pass DNN (DotNetNuke) < 6.2.9 / 7.1.1 Multiple Vulnerabilities CVE-2013-3943 CVE-2013-4649 CVE-2013-7335 03 Oct 2013 4.3 (v2) Medium Pass CylancePROTECT 2.0.x < 2.0.1480 SSL Validation (Cy2008-002) 07 May 2018 4.8 (v3) Medium Pass Cisco Uni fi ed Communications Products DoS (cisco-sa-ucm-dos-zHS9X9kD) CVE-2022-20804 28 Apr 2022 6.5 (v3) Medium Pass Apache 1.3.x < 1.3.42 mod_proxy Integer Over fl ow CVE-2010-0010 11 Feb 2010 9.8 (v3) Critical Pass Juniper Junos MX Series BBE Routers jpppd Remote DoS (JSA10665) CVE-2014-6382 23 Jan 2015 7.8 (v2) High Pass Juniper Junos libxml2 Library Multiple Vulnerabilities (JSA10669) CVE-2011-1944 CVE-2012-0841 CVE-2012-5134 CVE-2013-0338 CVE-2013-2877 23 Jan 2015 9.3 (v2) High Pass Comment Rating Plugin for WordPress 'id' Parameter SQL Injection 25 Feb 2011 7.5 (v2) High Pass WP Forum Server Plugin for WordPress 'topic' Parameter SQL Injection 04 Mar 2011 7.5 (v2) High Pass thttpd 2.04 If-Modi fi ed-Since Header Remote Bu ff er Over fl ow CVE-2000-0359 14 Nov 1999 10 (v2) Critical Pass HP Operations Orchestration 10.x < 10.70 wsExecutionBridgeService Servlet Java Object Deserialization RCE CVE-2016-8519 12 Jan 2017 9.8 (v3) Critical Pass RealNetworks Helix Servers DESCRIBE Request LoadTestPassword Field Remote Over fl ow CVE-2006-6026 23 Mar 2007 10 (v2) Critical Pass MailEnable IMAP / SMTP Multiple Remote Vulnerabilities CVE-2005-1013 CVE-2005-1014 CVE-2005-1015 06 Apr 2005 10 (v2) Critical Pass Easy WP SMTP Plugin for WordPress 1.3.9 Unauthenticated Remote Code Execution 22 Mar 2019 10 (v3) Critical Pass XtraMail POP3 PASS Command Remote Over fl ow CVE-1999-1511 10 Nov 1999 10 (v2) Critical Pass Novell eDirectory < 8.8 SP5 Patch 3 eMBox SOAP Request DoS CVE-2010-0666 01 Mar 2010 5 (v2) Medium Pass Microsoft IIS FrontPage Server Extensions (FPSE) shtml.exe Path Disclosure CVE-2000-0413 10 May 2000 5 (v2) Medium Pass Cisco IOS Software VRF ICMP Queue Wedge DoS (cisco-sa-20150325-wedge) CVE-2015-0638 03 Apr 2015 7.1 (v2) High Pass Cisco IOS IKEv2 DoS (cisco-sa-20150325-ikev2) CVE-2015-0642 CVE-2015-0643 03 Apr 2015 7.8 (v2) High Pass ManageEngine Desktop Central 8 / 9 < Build 91100 Multiple RCE CVE-2015-82001 25 Mar 2016 10 (v2) Critical Pass eIQnetworks Enterprise Security Analyzer License Manager < 2.5.9 Multiple Remote Over fl ows CVE-2007-2059 18 Apr 2007 10 (v2) Critical Pass Dragon FTP USER Command Remote Over fl ow CVE-2000-0479 27 Jun 2000 9.8 (v3) Critical Pass MS11-051: Vulnerability in Active Directory Certi fi cate Services Web Enrollment Could Allow Elevation of Privilege (2518295) (uncredentialed check) CVE-2011-1264 15 Jun 2011 4.3 (v2) Medium Pass Tenable Virtual Appliance Unsupported Detection 29 Apr 2020 9.8 (v3) Critical Pass EMC Avamar ADS / AVE 7.3.x < 7.3.1 Hot fi x HOTFIX 290316 / 7.4.x < 7.4.1 Hot fi x 291882 / 7.5.x < 7.5.0 Hot fi x 291881 Missing Access Control Check Vulnerability (DSA-2018-025) CVE-2018-1217 13 Apr 2018 9.8 (v3) Critical Pass Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability CVE-2019-1593 05 Jul 2019 7.8 (v3) High Pass Aruba VAN SDN default credentials 12 Mar 2019 9.8 (v3) Critical Pass Packeteer PacketShaper Web Management rpttop.htm Crafted Request Remote DoS CVE-2007-3151 26 Jun 2007 5 (v2) Medium Pass PHP File Upload Capability Hidden Form Field Modi fi cation Arbitrary File Access CVE-2000-0860 12 Sep 2000 4.3 (v2) Medium Pass Cisco NX-OS OpenSSL Multiple Vulnerabilities (cisco-sa-20150310-ssl) (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 19 May 2015 5 (v2) Medium Pass Lotus Domino SMTP ENVID Variable Handling RCE CVE-2000-1047 06 Nov 2000 9.8 (v3) Critical Pass Cisco TelePresence MSE 8050 Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass Cloudera Manager Unsupported Version Detection 26 Jun 2014 10 (v2) Critical 94

Pass SuSE Linux in.identd Request Saturation DoS CVE-1999-0746 29 Nov 2000 5 (v2) Medium Pass MailMan Webmail mmstdod.cgi Arbitrary Command Execution CVE-2001-0021 06 Dec 2000 10 (v2) Critical Pass DCForum dcboard.cgi Multiple Vulnerabilities CVE-2001-0436 CVE-2001-0437 29 Dec 2000 7.5 (v2) High Pass Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam) CVE-2015-0209 CVE-2015-0235 CVE-2015-0273 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1157 CVE-2015-1798 CVE-2015-1799 CVE-2015-3661 CVE-2015-3662 CVE-2015-3663 CVE-2015-3666 CVE-2015-3 01 Jul 2015 10 (v2) Critical Pass CodeMeter < 4.30.498.504 Virtual Directory Traversal Arbitrary File Access 02 Feb 2012 5.3 (v3) Medium Pass Muscat Empower CGI Malformed DB Parameter Path Disclosure CVE-2001-0224 13 Feb 2001 5 (v2) Medium Pass Juniper Junos SRX Series 'set system ports console insecure' Local Privilege Escalation (JSA10683) CVE-2015-3007 04 Aug 2015 7.2 (v2) High Pass Blue Coat ProxyAV 3.5.x < 3.5.4.1 Multiple DoS Vulnerabilities CVE-2015-3194 CVE-2015-3195 09 Sep 2016 5.3 (v3) Medium Pass EMC RSA Authentication Manager 8.x < 8.1 Patch 6 Unspeci fi ed URI Redirection CVE-2014-2516 12 Jun 2015 5.8 (v2) Medium Pass GoodTech FTP Server Connection Saturation DoS CVE-2001-0188 15 Jun 2001 5 (v2) Medium Pass Zope ZClass Modi fi cation Local DoS CVE-2001-0568 04 Aug 2001 4 (v2) Medium Pass AXIS HTTP GET Heap Over fl ow 12 Dec 2017 9.3 (v3) Critical Pass Flickr Gallery Plugin for WordPress < 1.5.3 PHP Object Injection 12 Dec 2017 8.3 (v3) High Pass Sendmail < 8.11.6 -d category Value Local Over fl ow CVE-2001-0653 23 Aug 2001 5.9 (v3) Medium Pass Quikstore Shopping Cart quikstore.cgi Multiple Vulnerabilities CVE-1999-0607 CVE-2000-1188 04 Aug 2001 5 (v2) Medium Pass GitHub Enterprise Management Console RCE 19 Dec 2017 9.8 (v3) Critical Pass IBM Tivoli Endpoint Manager Server < 8.2.1372 Multiple Vulnerabilities CVE-2012-2686 CVE-2013-0166 CVE-2013-0169 CVE-2013-0452 CVE-2013-0453 30 Apr 2013 6.8 (v2) Medium Pass Cisco PIX Firewall Manager (PFM) on Windows Arbitrary File Access CVE-1999-0158 06 Dec 2001 5 (v2) Medium Pass MS10-025: Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) (uncredentialed check) CVE-2010-0478 27 Apr 2010 8.1 (v3) High Pass pfSense < 2.1.5 Multiple Vulnerabilities ( SA-14_14 ) CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 21 Mar 2018 7.4 (v3) High Pass MySQL Enterprise Server 5.6.x < 5.6.29 / 5.7.x < 5.7.11 OpenSSL Multiple Vulnerabilities CVE-2015-3194 CVE-2015-3195 11 Feb 2016 5.3 (v3) Medium Pass Apache on Windows < 1.3.24 / 2.0.x < 2.0.34 DOS Batch File Arbitrary Command Execution CVE-2002-0061 18 Apr 2002 7.3 (v3) High Pass JRun Multiple Vulnerabilities (OF, XSS, ID, Hijacking) CVE-2004-0646 CVE-2004-0928 CVE-2004-1477 CVE-2004-1478 CVE-2004-2182 24 Sep 2004 5.1 (v2) Medium Pass VMware vCenter Server 5.5.x < 5.5U3g / 6.0.x < 6.0U3d / 6.5.x < 6.5U1e Hypervisor-Assisted Guest Remediation (VMSA-2018-0004) (Spectre) CVE-2017-5715 12 Jan 2018 5.6 (v3) Medium Pass Apache .htaccess and .htpasswd Disclosure 22 Jan 2018 5.3 (v3) Medium Pass Western Digital My Net Router main_internet.php Admin Credential Disclosure CVE-2013-5006 15 Aug 2013 4.3 (v2) Medium Pass Anonymous Key Exchanges Supported (PCI DSS) 29 Jan 2018 6.5 (v3) Medium Pass OpenSSH < 3.4 Multiple Remote Over fl ows CVE-2002-0639 CVE-2002-0640 25 Jun 2002 10 (v2) Critical Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 7 Security Console Unspeci fi ed Blind SQL Injection (ESA-2018-002) CVE-2017-15546 01 Feb 2018 4.3 (v3) Medium Pass Nokia VitalQIP Web Client Default Credentials 09 Feb 2018 10 (v3) Critical Pass Sendmail < 8.12.1 RestrictQueueRun Option Multiple Argument Local DoS CVE-2001-0714 18 Aug 2002 4 (v3) Medium Pass FTP Server Traversal Arbitrary File Access CVE-2001-0582 CVE-2001-0680 CVE-2001-1335 CVE-2004-1679 27 Aug 2002 5.3 (v3) Medium Pass EMC RSA Archer < 6.2.0.8 Multiple Vulnerabilities CVE-2018-1219 CVE-2018-1220 08 Mar 2018 6.1 (v3) Medium Pass Aspen < 0.22 Directory Traversal CVE-2013-2619 16 Mar 2018 6.5 (v3) Medium Pass Mambo mod_mainmenu.php mosCon fi g_absolute_path Parameter Remote File Inclusion 19 Jan 2004 8.3 (v3) High Pass OS vulnerabilities detected in banner reporting (PCI-DSS check) 23 Mar 2018 7.3 (v3) High Pass PCI DSS Compliance : Scan Interference 29 Mar 2018 7.3 (v3) High Pass @lex Guestbook livre_include.php chem_absolu Parameter Remote File Inclusion CVE-2004-1554 27 Sep 2004 8.3 (v3) High Pass NCR Aloha POS VNC Server 'aloha' Default Password 29 Mar 2018 9.8 (v3) Critical Pass Webmin Unspeci fi ed Command Execution Vulnerability (< 1.370) CVE-2007-5066 22 Mar 2018 8.8 (v3) High Pass Apache < 2.0.44 DOS Device Name Multiple Remote Vulnerabilities (Code Exec, DoS) CVE-2003-0016 22 Jan 2003 7.3 (v3) High Pass Apple iTunes < 12.7.3 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2018-4101 CVE-2018-4113 CVE-2018-4114 CVE-2018-4117 CVE-2018-4118 CVE-2018-4119 CVE-2018-4120 CVE-2018-4121 CVE-2018-4122 CVE-2018-4125 CVE-2018-4127 CVE-2018-4128 CVE-2018-4129 CVE-2018-4130 CVE-2018-4144 CVE-2018-4 03 Apr 2018 7.8 (v3) High Pass Sendmail Custom DNS Map TXT Query Over fl ow CVE-2002-0906 17 Feb 2003 7.3 (v3) High Pass WordPress < 1.5.1 Multiple Vulnerabilities CVE-2005-1687 CVE-2005-1688 19 May 2005 7.5 (v2) High Pass Fire fl y Media Server webserver.c ws_addarg Function /xml-rpc Authorization Header Remote Format String CVE-2007-5825 03 Nov 2007 7.5 (v2) High Pass Oracle WebLogic T3 Protocol Detection 03 May 2018 None Pass Unpassworded 'jack' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Apache Tomcat Directory Listing and File Disclosure CVE-2003-0042 CVE-2003-0043 22 Mar 2003 5.3 (v3) Medium Pass Sendmail < 8.8.3 Daemon Mode Local Privilege Escalation CVE-1999-0130 11 Mar 2003 8.4 (v3) High Pass Default Password 'padmin' for 'padmin' Account 17 May 2017 9.8 (v3) Critical Pass Cisco Prime Security Manager Network Time Protocol Daemon (ntpd) Multiple Vulnerabilities (cisco-sa-20141222-ntpd) CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 20 Mar 2015 7.5 (v2) High Pass D-Link DIR 850L Router Local File Inclusion 11 Sep 2017 10 (v3) Critical Pass Apache 2.2.x < 2.2.24 Multiple XSS Vulnerabilities CVE-2012-3499 CVE-2012-4558 27 Feb 2013 5.3 (v3) Medium Pass Alt-N MDaemon Remote Administration 13.0.x < 13.0.8 RCE (MD041917) (EASYBEE) 02 Jun 2017 9.8 (v3) Critical Pass mod_auth_any for Apache Metacharacter Remote Command Execution CVE-2003-0084 26 Mar 2003 7.5 (v2) High Pass Alt-N MDaemon WebAdmin Unsupported Version Detection 02 Jun 2017 10 (v3) Critical Pass Juniper Junos OS DoS (JSA11092) CVE-2021-0202 14 Jan 2021 7.5 (v3) High Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0504P04 Multiple Vulnerabilities CVE-2016-7053 CVE-2016-7054 CVE-2016-7055 CVE-2017-5815 CVE-2017-5816 CVE-2017-5817 CVE-2017-5818 CVE-2017-5819 CVE-2017-5820 CVE-2017-5821 CVE-2017-5822 CVE-2017-5823 CVE-2017-8948 CVE-2017-8956 19 Jun 2017 9.8 (v3) Critical Pass Cisco TelePresence Endpoint SIP INVITE Packet Flood DoS (cisco-sa-20170607-tele) CVE-2017-6648 16 Jun 2017 7.5 (v3) High Pass ISC BIND < 4.9.5 DNS Resolver Functions Remote Over fl ow CVE-2002-0684 03 Apr 2003 10 (v2) Critical Pass RealVNC < 5.0.7 Multiple Local Privilege Escalations CVE-2013-6886 09 Jan 2014 7.2 (v2) High Pass Microsoft Windows SMB Versions Supported (remote check) 19 Jun 2017 None Pass Sophos Web Appliance < 4.3.0 FTP Redirect Page Re fl ected XSS 16 Jun 2017 4.7 (v3) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 31 Multiple Vulnerabilities CVE-2012-2098 CVE-2013-1862 CVE-2013-1896 CVE-2013-4005 CVE-2013-4052 CVE-2013-4053 CVE-2013-5372 CVE-2013-5414 CVE-2013-5417 CVE-2013-5418 CVE-2013-5780 CVE-2013-5803 CVE-2013-6325 CVE-2013-6330 CVE-2013-6725 20 Jan 2014 6.8 (v2) Medium Pass Check_MK 1.2.2 < 1.2.2p3 / 1.2.3 < 1.2.3i5 Multiple Vulnerabilities CVE-2014-2329 CVE-2014-2332 28 Jun 2017 5.4 (v3) Medium Pass Barracuda Appliances Default Credentials 28 Jan 2013 7.3 (v3) High Pass HooToo HT-TM06 TripMate Elite Web Server 'protocol.csp' HTTP Cookie Header Handling RCE CVE-2017-9025 29 Jun 2017 6.5 (v3) Medium Pass Cisco Prime Data Center Network Manager Static Credential Authentication Bypass (cisco-sa-20170607-dcnm2) CVE-2017-6640 10 Jul 2017 9.8 (v3) Critical Pass Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass RCE CVE-2017-6622 13 Jul 2017 9.8 (v3) Critical Pass EMC Data Protection Advisor < 6.4 Multiple Vulnerabilities CVE-2017-8002 CVE-2017-8003 13 Jul 2017 4.9 (v3) Medium Pass Novell NetWare FTPServ Malformed Input Remote DoS 09 May 2003 5.3 (v3) Medium Pass IdealBB Multiple Vulnerabilities (XSS, SQLi, more) CVE-2004-2207 CVE-2004-2208 CVE-2004-2209 21 Oct 2004 5 (v2) Medium Pass Land Down Under <= 801 Multiple Vulnerabilities CVE-2005-2674 CVE-2005-2675 CVE-2005-2788 CVE-2005-2884 CVE-2005-4821 09 Sep 2005 7.5 (v2) High Pass Cherokee Web Server URI Traversal Arbitrary File Access CVE-2001-1432 04 Nov 2004 5 (v2) Medium Pass DevoyBB Multiple Remote Vulnerabilities (SQLi, XSS) CVE-2004-2177 CVE-2004-2178 25 Oct 2004 7.5 (v2) High Pass Grandstream Phone Web UI Information Disclosure 27 Sep 2017 5.3 (v3) Medium Pass ESXi 7.0 DoS (VMSA-2020-0029) CVE-2020-3999 20 Jan 2021 6.5 (v3) Medium Pass Samba Multiple Remote Vulnerabilities CVE-2004-0882 CVE-2004-0930 13 Nov 2004 7.5 (v2) High Pass BlackMoon FTP Login Error Message User Enumeration CVE-2003-0343 27 May 2003 5.3 (v3) Medium Pass Grandstream Phone Web Interface Default Credentials 27 Sep 2017 10 (v3) Critical Pass Jetpack Plugin for WordPress Security Bypass CVE-2014-0173 23 Apr 2014 5.8 (v2) Medium Pass EMC VMAX VASA Provider Virtual Appliance File Upload RCE CVE-2017-4997 28 Jul 2017 9.8 (v3) Critical Pass Splunk Enterprise 6.6.x < 6.6.3 / Splunk Light 6.6.x < 6.6.3 Multiple XSS 24 Aug 2017 4.3 (v3) Medium Pass Fastream NETFile FTP/Web Server HEAD Request Saturation DoS CVE-2004-2534 19 Nov 2004 5 (v2) Medium Pass iisPROTECT Admin Interface SiteAdmin.ASP GroupName Parameter SQL Injection CVE-2003-0377 28 May 2003 6.5 (v2) Medium Pass OS Identi fi cation : OUI 29 Aug 2017 None Pass Cisco Uni fi ed Operations Manager 8.6 SQL Injection Vulnerability CVE-2013-3437 06 Sep 2017 6.3 (v3) Medium Pass Cisco Prime LAN Management Solution Session Fixation Vulnerability CVE-2017-12225 11 Sep 2017 6.5 (v3) Medium Pass Novell ZENworks Mobile Management MDM.php Local File Inclusion CVE-2013-1081 14 Mar 2013 7.5 (v2) High Pass Apple TV <= 7.2.2 Bluetooth Remote Code Execution (BlueBorne) CVE-2017-14315 14 Sep 2017 7.5 (v3) High Pass EMC Legato Networker Multiple Vulnerabilities CVE-2005-0357 CVE-2005-0358 CVE-2005-0359 03 Sep 2005 10 (v2) Critical Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0506P03 Multiple Vulnerabilities CVE-2017-12554 CVE-2017-12556 CVE-2017-12557 CVE-2017-12558 CVE-2017-12559 CVE-2017-12560 CVE-2017-12561 06 Oct 2017 9.8 (v3) Critical Pass SolarWinds Log and Event Manager < 6.3.1 Hot fi x 4 Insecure HTTP Update Download MitM Code Execution CVE-2017-5198 CVE-2017-5199 CVE-2017-7646 CVE-2017-7647 17 Oct 2017 8.8 (v3) High Pass ONVIF Device Information 17 Oct 2017 None Pass MailCarrier < 3.0.1 SMTP EHLO Command Remote Over fl ow CVE-2004-1638 03 Dec 2004 7.5 (v2) High Pass NUUO NVR Web Interface RCE 18 Oct 2017 9.8 (v3) Critical Pass MS04-006: WINS Server Remote Over fl ow (830352) (uncredentialed check) CVE-2003-0825 06 Dec 2004 10 (v2) Critical Pass D-Link DIR-300L/600L Remote Command Execution 24 Oct 2017 10 (v3) Critical Pass Apache < 1.3.28 Multiple Vulnerabilities (DoS, ID) CVE-2003-0460 18 Jul 2003 9.1 (v3) Critical Pass MVPower DVR Remote Command Execution 25 Oct 2017 10 (v3) Critical Pass Vocran NVR Remote Command Execution 24 Oct 2017 10 (v3) Critical Pass Apache 2.0.x < 2.0.48 Multiple Vulnerabilities (OF, Info Disc.) CVE-2003-0789 CVE-2003-0542 26 Sep 2003 9.8 (v3) Critical Pass Apple TV < 11.1 Multiple Vulnerabilities CVE-2017-13080 CVE-2017-13783 CVE-2017-13784 CVE-2017-13785 CVE-2017-13788 CVE-2017-13791 CVE-2017-13792 CVE-2017-13793 CVE-2017-13794 CVE-2017-13795 CVE-2017-13796 CVE-2017-13797 CVE-2017-13798 CVE-2017-13799 CVE-2017-1 03 Nov 2017 7.8 (v3) High Pass OpenSSL 1.0.x < 1.0.2m RSA/DSA Unspeci fi ed Carry Issue CVE-2017-3735 CVE-2017-3736 06 Nov 2017 5.3 (v3) Medium Pass Citrix Application Delivery Management Agent Information Disclosure CVE-2019-9548 20 Jun 2019 10 (v3) Critical Pass My_eGallery < 3.1.1g Remote File Inclusion 26 Nov 2003 7.5 (v2) High Pass Brother Printer Debut embedded httpd <= 1.20 DoS CVE-2017-16249 30 Nov 2017 7.5 (v3) High Pass CVS pserver Crafted Module Request Arbitrary File / Directory Creation CVE-2003-0977 11 Dec 2003 5 (v2) Medium Pass SSLv2-Only Open Ports 19 Nov 2019 None Pass Oracle MySQL Enterprise Monitor Multiple Vulnerabilities (Jan 2021 CPU) CVE-2019-10086 CVE-2020-5408 CVE-2020-5421 28 Jan 2021 7.3 (v3) High Pass Apache 1.3.x < 1.3.41 Multiple Vulnerabilities (DoS, XSS) CVE-2007-3847 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 07 Mar 2008 5.3 (v3) Medium Pass Splunk Enterprise 5.0.x < 5.0.11 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3567 04 Dec 2014 4.3 (v2) Medium 95

Pass HP Operations Orchestration wsExecutionBridgeService Servlet Java Object Deserialization RCE CVE-2016-8519 16 Jan 2017 9.8 (v3) Critical Pass Novell NetBasic Scripting Server Encoded Traversal Arbitrary File Access CVE-2002-1417 09 Feb 2004 5 (v2) Medium Pass phpGedView Arbitrary File Access / Remote File Inclusion CVE-2004-0127 CVE-2004-0128 02 Feb 2004 7.5 (v2) High Pass phpMyAdmin 4.7.7 < 4.9.2 SQLi (PMASA-2019-5) CVE-2019-18622 26 Nov 2019 9.8 (v3) Critical Pass Apple TV < 5.1 Multiple Vulnerabilities CVE-2011-1167 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-3026 CVE-2011-3048 CVE-2011-3328 CVE-2011-3919 CVE-2011-4599 CVE-2012-0682 CVE-2012-0683 CVE-2012-1173 CVE-2012-3589 CVE-2012-3590 CVE-2012-3591 CVE-2012-3 27 Sep 2012 9.3 (v2) High Pass Multiple Vendor NIS rpc.ypupdated YP Map Update Arbitrary Remote Command Execution CVE-1999-0208 28 Mar 2008 9.3 (v2) High Pass F-Secure SSH Password Authentication Policy Evasion 14 Mar 2004 5 (v2) Medium Pass WarFTPd CWD Command Remote DoS CVE-2005-0312 27 Jan 2005 5 (v2) Medium Pass UW-IMAP CRAM-MD5 Remote Authentication Bypass CVE-2005-0198 29 Jan 2005 9.3 (v2) High Pass EMC Documentum D2 4.5.x and 4.6.x < 4.7 Multiple Vulnerabilities (ESA-2016-167) CVE-2016-9872 CVE-2016-9873 02 Feb 2017 6.3 (v3) Medium Pass Cisco TelePresence MCU Fragmented Packets Reassembly RCE CVE-2017-3792 06 Feb 2017 9.8 (v3) Critical Pass IBM DataPower Gateway < 7.5.2.2 Default Admin Password Security Bypass 06 Feb 2017 8.1 (v3) High Pass PostgreSQL < 7.2.7 / 7.3.9 / 7.4.7 / 8.0.1 Multiple Vulnerabilities CVE-2005-0227 CVE-2005-0244 CVE-2005-0245 CVE-2005-0246 CVE-2005-0247 03 Feb 2005 6.5 (v2) Medium Pass F5 Networks BIG-IP Web Interface Default Credential Check 31 Jul 2014 10 (v2) Critical Pass OpenSSL 1.0.0 < 1.0.0k Multiple Vulnerabilities CVE-2013-0166 CVE-2013-0169 09 Feb 2013 2.6 (v2) Low Pass Apache 2.2.x < 2.2.9 Multiple Vulnerabilities (DoS, XSS) CVE-2007-6420 CVE-2008-2364 CVE-2007-6423 11 Jul 2008 5.3 (v3) Medium Pass Tenable Nessus 6.x < 6.9 Multiple Vulnerabilities (TNS-2016-16) (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6305 CVE-2016-6306 CVE-2016-6307 CVE-2016-6308 CVE-2016-6309 CVE-2016-7 15 Feb 2017 9.8 (v3) Critical Pass l2tpd < 0.69 control.c write_packet Function Remote Over fl ow CVE-2004-0649 22 Jul 2004 10 (v2) Critical Pass Network Time Protocol (NTP) Mode 6 Scanner 21 Mar 2017 5.8 (v3) Medium Pass Cabletron WebView Administrative Access 22 May 2002 7.5 (v2) High Pass AVTech Multiple Vulnerabilities 23 Oct 2017 10 (v3) Critical Pass MS04-022: Microsoft Windows Task Scheduler Remote Over fl ow (841873) (uncredentialed check) CVE-2004-0212 29 Jul 2004 10 (v2) Critical Pass Apple TV < 10.2 Multiple Vulnerabilities CVE-2016-3619 CVE-2016-9642 CVE-2016-9643 CVE-2017-2367 CVE-2017-2379 CVE-2017-2386 CVE-2017-2390 CVE-2017-2394 CVE-2017-2395 CVE-2017-2396 CVE-2017-2401 CVE-2017-2406 CVE-2017-2407 CVE-2017-2415 CVE-2017-2416 CVE-2017-2 10 Apr 2017 7.8 (v3) High Pass Puppet Enterprise < 2017.2.2 Arbitrary Code Execution Vulnerability CVE-2017-2296 09 Oct 2019 6.5 (v3) Medium Pass Cisco TelePresence Management Address Unspeci fi ed Admin Access CVE-2013-3379 24 Jul 2013 8.3 (v2) High Pass HP O ffi ceJet Pro Wi-Fi Direct Support Printer Con fi guration Unauthenticated Access 21 Apr 2017 9.8 (v3) Critical Pass Oracle GlassFish Server 3.1.2.x < 3.1.2.17 Java Server Faces Information Disclosure (April 2017 CPU) CVE-2017-3626 20 Apr 2017 3.1 (v3) Low Pass IP Forwarding Enabled CVE-1999-0511 23 Nov 2010 6.5 (v3) Medium Pass Oracle WebLogic Server mod_wl POST Request Remote Over fl ow CVE-2008-3257 18 Aug 2008 10 (v2) Critical Pass PostgreSQL 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 File Deletion CVE-2013-1899 08 Apr 2013 6.3 (v3) Medium Pass BadBlue Connection Saturation Remote DoS CVE-2004-1727 23 Aug 2004 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 15 Multiple Vulnerabilities CVE-2011-0315 CVE-2011-0316 CVE-2011-1307 CVE-2011-1308 CVE-2011-1309 CVE-2011-1310 CVE-2011-1311 CVE-2011-1312 CVE-2011-1313 CVE-2011-1314 CVE-2011-1315 CVE-2011-1316 CVE-2011-1317 CVE-2011-1318 CVE-2011-1319 CVE-2011-1 10 Mar 2011 7.5 (v2) High Pass Junos OS: fl owd DoS (JSA10963) CVE-2019-0064 04 Nov 2019 7.5 (v3) High Pass WS_FTP Server Multiple Vulnerabilities (Bounce, PASV Hijacking) CVE-1999-0017 01 Sep 2004 7.5 (v2) High Pass Exim < 4.76 dkim_exim_verify_ fi nish() DKIM-Signature Header Format String CVE-2011-1407 CVE-2011-1764 10 May 2011 7.5 (v2) High Pass Serv-U 4.x-5.x STOU Command MS-DOS Argument Remote DoS CVE-2004-1675 13 Sep 2004 5 (v2) Medium Pass Citrix XenServer Web Self Service Detection 05 Mar 2012 None Pass Apache Jetspeed User Manager Service SQLi CVE-2016-0710 28 Mar 2016 8.8 (v3) High Pass Juniper Junos Space < 19.2R1 Multiple Vulnerabilities (JSA10951) CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 CVE-2018-10902 CVE-2018-12327 CVE-2019-5739 CVE-2019-6133 04 Dec 2019 9.8 (v3) Critical Pass Echo Service Detection CVE-1999-0103 CVE-1999-0635 22 Jun 1999 6.5 (v3) Medium Pass Canon ImageRUNNER SMTP Arbitrary Content Printing CVE-1999-0564 CVE-2004-2166 24 Sep 2004 5 (v2) Medium Pass phpMyAdmin Multiple Path Disclosure Vulnerabilities (PMASA-2016-1, PMASA-2016-6, PMASA-2016-8) CVE-2016-2038 CVE-2016-2042 CVE-2016-2044 12 Apr 2016 5.3 (v3) Medium Pass Apache HTTP Server mod_proxy Reverse Proxy HTTP 0.9 Information Disclosure CVE-2011-3639 09 Feb 2012 5 (v2) Medium Pass OpenSSL < 0.9.8w ASN.1 asn1_d2i_read_bio Memory Corruption CVE-2012-2110 CVE-2012-2131 24 Apr 2012 7.5 (v2) High Pass EMC Avamar ADS / AVE < 7.3.0 Hot fi x 263301 PostgreSQL Command Local Privilege Escalation (ESA-2016-111) CVE-2016-0909 16 Dec 2016 8.4 (v3) High Pass Chargen UDP Service Remote DoS CVE-1999-0103 29 Nov 1999 5 (v2) Medium Pass VMSA-2012-0009 : ESXi and ESX patches address critical security issues (uncredentialed check) CVE-2012-2448 CVE-2012-2449 CVE-2012-2450 11 Jun 2012 9 (v2) High Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.12 Multiple Vulnerabilities 19 Dec 2016 7.5 (v3) High Pass SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection CVE-2009-3555 24 Nov 2009 5.8 (v2) Medium Pass Cisco Email Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC) CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass Cisco Content Security Management Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC) CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass HP System Management Homepage Multiple Vulnerabilities (HPSBMU03593) CVE-2007-6750 CVE-2011-4969 CVE-2015-3194 CVE-2015-3195 CVE-2015-3237 CVE-2015-7995 CVE-2015-8035 CVE-2016-0705 CVE-2016-0799 CVE-2016-2015 CVE-2016-2842 18 May 2016 9.8 (v3) Critical Pass glFTPd Multiple Script ZIP File Handling Arbitrary File / Directory Access CVE-2005-0483 01 Mar 2005 5 (v2) Medium Pass Cisco Web Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC) CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass Apple iTunes < 12.4 DLL Injection Arbitrary Code Execution (uncredentialed check) CVE-2016-1742 27 May 2016 7.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.24-h1 / 8.0.x < 8.0.19-h1 / 8.1.x < 8.1.9-h4 / 9.0.x < 9.0.3-h3 Vulnerability CVE-2019-1580 30 Aug 2019 9.8 (v3) Critical Pass IBM Storwize 1.3.x < 1.4.3.4 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities CVE-2007-6750 CVE-2013-4286 CVE-2013-4322 CVE-2014-0075 CVE-2014-0094 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0178 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 CVE-2014-3077 CVE-2014-3493 CVE-2014-4811 26 Jun 2015 9.3 (v2) High Pass Oracle Primavera Gateway Multiple Vulnerabilities (Apri 2017 CPU) CVE-2017-3500 CVE-2017-3508 16 Jan 2020 9.1 (v3) Critical Pass Altiris Deployment Solution Server < 6.9.355 Password Disclosure (SYM08-020) CVE-2008-6828 25 Nov 2008 2.1 (v2) Low Pass UBB.threads < 6.5.1 Multiple XSS CVE-2004-2509 CVE-2004-2510 13 Dec 2004 4.3 (v2) Medium Pass SIR GNUBoard Remote File Inclusion CVE-2004-1403 15 Dec 2004 8.3 (v3) High Pass Oracle GlassFish Server Request Handling Remote File Disclosure 20 Jun 2016 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.24 / 8.0.x < 8.0.19 / 8.1.x < 8.1.8-h5 / 9.0.x < 9.0.2-h4 Vulnerability CVE-2019-1575 19 Jul 2019 8.8 (v3) High Pass Cisco Nexus 3000 and 3500 Insecure Default Telnet Credentials (cisco-sa-20160302-n3k) CVE-2016-1329 03 Mar 2016 9.8 (v3) Critical Pass ArGoSoft FTP Server USER Command Account Enumeration CVE-2004-1428 03 Jan 2005 5.3 (v3) Medium Pass e_Board index2.cgi message Parameter Traversal Arbitrary File Access 23 Dec 2004 5 (v2) Medium Pass Palo Alto Networks PAN-OS Management Interface API Remote DoS (PAN-SA-2016-0008) 06 Jul 2016 5 (v2) Medium Pass VideoDB < 2.0.2 Multiple Vulnerabilities 12 Jan 2005 7.5 (v2) High Pass Cisco Data Center Network Manager Information Disclosure (cisco-sa-dcnm-info-disc-QCSJB6YG) CVE-2021-1283 01 Feb 2021 5.5 (v3) Medium Pass Cisco ASA SSL VPN Functionality Version Information Disclosure (CSCuq65542) CVE-2014-3398 06 Jul 2016 5 (v2) Medium Pass ManageEngine ADSelfService Plus < 5.3 Build 5313 PasswordSelfServiceAPI XSS 11 Jul 2016 5.8 (v2) Medium Pass VMware Harbor 1.7.x < 1.7.6, 1.8.x < 1.8.3 (VMSA-2019-0015) CVE-2019-16097 17 Oct 2019 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS Multiple Vulnerabilities (PAN-SA-2016-0002, PAN-SA-2016-0004) 04 Mar 2016 8.5 (v2) High Pass ngIRCd < 0.8.3 Log_Resolver() Format String CVE-2005-0226 03 Feb 2005 7.6 (v2) High Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.28 Information Disclosure (July 2016 CPU) CVE-2016-5477 20 Jul 2016 5.8 (v3) Medium Pass Drupal RESTWS Module Page Callback RCE 18 Jul 2016 10 (v2) Critical Pass eIQnetworks Enterprise Security Analyzer EnterpriseSecurityAnalyzer.exe LICMGR_ADDLICENSE Command Remote Over fl ow CVE-2006-3838 02 Aug 2006 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < 6.1.0.7 Multiple Vulnerabilities CVE-2007-1944 CVE-2007-1945 CVE-2007-3262 CVE-2007-3263 05 Apr 2010 10 (v2) Critical Pass Cisco TelePresence VCS / Expressway 8.x < 8.8 Multiple Vulnerabilities (Bar Mitzvah) CVE-2015-2808 CVE-2015-6413 CVE-2016-1444 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 14 Jul 2016 9.8 (v3) Critical Pass RealNetworks Helix Server < 11.1.8/12.0.1 Multiple Vulnerabilities CVE-2008-5911 30 Jan 2009 10 (v2) Critical Pass Palo Alto Networks PAN-OS Multiple Vulnerabilities (PAN-SA-2016-0003, PAN-SA-2016-0005) 04 Mar 2016 10 (v2) Critical Pass NetApp OnTap OS Default Credentials 25 Jul 2016 9.8 (v3) Critical Pass Drupal Coder Module Deserialization RCE 29 Jul 2016 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws CVE-2009-0434 12 Feb 2009 4.3 (v2) Medium Pass Ipswitch Collaboration Suite / IMail SMTPD Multiple Commands Format String CVE-2005-2931 19 Dec 2005 7.5 (v2) High Pass Splunk Enterprise < 5.0.16 / 6.0.12 / 6.1.11 / 6.2.10 / 6.3.6 / 6.4.3 or Splunk Light < 6.4.3 Cross-Site Redirection 25 Aug 2016 4.7 (v3) Medium Pass Mambo Open Source Tar.php Remote File Inclusion CVE-2005-0512 22 Feb 2005 6.8 (v2) Medium Pass ESXi 5.1 < Build 1483097 Multiple Vulnerabilities (remote check) CVE-2013-0166 CVE-2013-0169 CVE-2013-0338 CVE-2014-1207 CVE-2014-1208 20 Jan 2014 2.6 (v2) Low Pass Juniper Junos OS Denial of Service (JSA11098) CVE-2021-0208 29 Jan 2021 8.8 (v3) High Pass MiniUPnP DNS Rebind Vulnerability 30 Aug 2016 4.7 (v3) Medium Pass Cisco Nexus 5500 / 5600 / 6000 SNMP DoS (cisco-sa-20160302-n5ksnmp) CVE-2015-6260 09 Mar 2016 7.5 (v3) High Pass Cisco IOS XE SD-WAN DoS (cisco-sa-sdwan-dosmulti-48jJuEUP) CVE-2021-1274 01 Feb 2021 8.6 (v3) High Pass ProFTPD 1.2.0pre4 mkdir Command Directory Name Handling Remote Over fl ow CVE-1999-0911 31 Aug 1999 10 (v2) Critical Pass Cisco Nexus TCP Packet TIME_WAIT State Handling DoS (cisco-sa-20160302-netstack) CVE-2015-0718 09 Mar 2016 7.5 (v3) High Pass McAfee WebShield SMTP 4.5 Multiple Vulnerabilities CVE-2000-0738 CVE-2000-1130 27 Nov 2000 7.5 (v2) High Pass UPnP Internet Gateway Device (IGD) Port Mapping Listing 13 Oct 2016 6.3 (v3) Medium Pass UPnP WFA Device Detection 13 Oct 2016 5.4 (v3) Medium Pass MiCasaVerde VeraLite UPnP RCE CVE-2013-4863 07 Oct 2016 9.8 (v3) Critical Pass Core FTP Server < 1.2 Build 515 Multiple Vulnerabilities CVE-2014-1441 CVE-2014-1442 CVE-2014-1443 24 Feb 2014 4 (v2) Medium Pass Apache HTTP Server 403 Error Page UTF-7 Encoded XSS CVE-2008-2168 18 Nov 2011 6.5 (v3) Medium Pass Juniper Junos Authentication Bypass (JSA11001) CVE-2020-1618 03 Feb 2021 6.8 (v3) Medium Pass Cisco Data Center Network Manager Server-Side Request Forgery (cisco-sa-dcnm-ssrf-F2vX6q5p) CVE-2021-1272 02 Feb 2021 8.8 (v3) High Pass MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) (uncredentialed check) CVE-2011-1966 CVE-2011-1970 05 Mar 2014 10 (v2) Critical Pass MS02-037: Microsoft Exchange EHLO Long Hostname Over fl ow CVE-2002-0698 29 Jul 2002 7.5 (v2) High Pass Samba 3.0.0 'SamrChangePassword' RCE CVE-2007-2447 06 Apr 2015 6.3 (v3) Medium Pass HP Network Automation Remote Unauthorized Access (HPSBMU02738) CVE-2011-4790 24 Sep 2013 9.3 (v2) High Pass ProFTPD on Debian Linux postinst Installation Privilege Escalation CVE-2001-0456 23 Mar 2003 5.8 (v2) Medium Pass MailMax < 5.0.10.8 Multiple Remote Over fl ows CVE-1999-0404 07 May 2003 7.5 (v2) High Pass pfSense 2.4.x < 2.4.4-p1 Multiple Vulnerabilities (SA-18_09) CVE-2018-4019 CVE-2018-4020 CVE-2018-4021 CVE-2018-6925 CVE-2018-17154 CVE-2018-17155 02 Feb 2021 7.2 (v3) High Pass OpenSSL 1.0.x < 1.0.2r Information Disclosure Vulnerability CVE-2019-1559 01 Mar 2019 5.9 (v3) Medium Pass Sophos Web Protection Appliance Open Redirect Vulnerability 15 Nov 2016 4.3 (v3) Medium Pass ThinClientServer Admin Account Creation Privilege Escalation CVE-2006-6221 07 Dec 2006 7.5 (v2) High 96

Pass ISC BIND < 4.9.7-REL / 8.2.2-P5 Multiple Remote Vulnerabilities CVE-1999-0833 CVE-1999-0835 CVE-1999-0837 CVE-1999-0848 CVE-1999-0849 CVE-1999-0851 11 Nov 1999 10 (v2) Critical Pass Tenable SecurityCenter < 5.4.1 Multiple Vulnerabilities (TNS-2016-19) CVE-2016-7052 CVE-2016-7103 CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7415 CVE-2016-7 27 Jan 2017 9.8 (v3) Critical Pass SNMP Agent Default Community Names CVE-1999-0186 CVE-1999-0254 CVE-1999-0472 CVE-1999-0516 CVE-1999-0517 CVE-1999-0792 CVE-2000-0147 CVE-2001-0380 CVE-2001-0514 CVE-2001-1210 CVE-2002-0109 CVE-2002-0478 CVE-2002-1229 CVE-2004-0311 CVE-2004-1474 CVE-2010-1 25 Nov 2002 10 (v2) Critical Pass Oracle Application Express (Apex) CVE-2009-0981 CVE-2009-0981 20 Feb 2013 4 (v2) Medium Pass sphpblog search.php q Parameter XSS CVE-2005-1135 14 Apr 2005 4.3 (v2) Medium Pass Microsoft FrontPage dvwssr.dll Multiple Vulnerabilities CVE-2000-0260 14 Apr 2000 10 (v2) Critical Pass rlogin Service Detection CVE-1999-0651 30 Aug 1999 7.5 (v2) High Pass Hosting Controller HCDiskQuoteService.csv Direct Request Information Disclosure CVE-2005-0694 10 Mar 2005 5 (v2) Medium Pass OpenSSL < 0.9.7l / 0.9.8d Multiple Vulnerabilities CVE-2006-2937 CVE-2006-3738 CVE-2006-2940 CVE-2006-4343 04 Jan 2012 10 (v2) Critical Noise HTTP/2 Cleartext Detection 04 Sep 2015 None Pass OpenSSL 1.0.0 < 1.0.0m Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2015-0292 08 Apr 2014 7.5 (v2) High Pass Microsoft Windows SMTP Incorrect Credentials Authentication Bypass CVE-2001-0504 07 Jul 2001 7.5 (v2) High Pass Barracuda Web Filter <= 5.0.0.012 Remote Command Execution 09 Sep 2015 9 (v2) High Pass IBM DB2 10.5 < Fix Pack 6 Multiple Vulnerabilities (Bar Mitzvah) CVE-2015-0138 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 CVE-2015-2808 18 Sep 2015 9.8 (v3) Critical Pass Cisco NX-OS Malformed LISP Packet DoS (CSCuv11993) CVE-2016-1351 01 Apr 2016 7.5 (v3) High Pass Cisco TelePresence Server Conference Control Protocol API URL Handling DoS (cisco-sa-20150916-tps) CVE-2015-6284 24 Sep 2015 7.8 (v2) High Pass SqWebMail redirect Parameter CRLF Injected XSS CVE-2005-1308 26 May 2005 4.3 (v2) Medium Pass VMware vCenter 5.5 LDAP Certi fi cate Validation MitM Spoo fi ng (VMSA-2015-0006) CVE-2015-6932 24 Sep 2015 5.8 (v2) Medium Pass VMware vCenter 6.0 LDAP Certi fi cate Validation MitM Spoo fi ng (VMSA-2015-0006) CVE-2015-6932 24 Sep 2015 5.8 (v2) Medium Pass Bay Networks Accelar 1200 Switch Default Password (password) for 'usrname' Account CVE-1999-0508 03 Jun 2005 10 (v2) Critical Pass IBM Lotus Sametime Multiplexer Bu ff er Over fl ow CVE-2008-2499 24 Sep 2013 7.5 (v2) High Pass IBM Domino ZMerge Database Security Bypass CVE-2002-0664 09 Oct 2015 7.3 (v3) High Pass Cisco Small Business RV Series Routers Management Interface Multiple Vulnerabilities (cisco-sa-rv-over fl ow-ghZP68yj) CVE-2021-1319 CVE-2021-1320 CVE-2021-1321 CVE-2021-1322 CVE-2021-1323 CVE-2021-1324 CVE-2021-1325 CVE-2021-1326 CVE-2021-1327 CVE-2021-1328 CVE-2021-1329 CVE-2021-1330 CVE-2021-1331 CVE-2021-1332 CVE-2021-1333 CVE-2021-1 05 Feb 2021 7.2 (v3) High Pass ViRobot Linux Server addschup Multiple Over fl ows CVE-2005-2041 15 Jun 2005 10 (v2) Critical Pass Cisco Small Business RV Series VPN Multiple RCE (cisco-sa-rv160-260-rce-XZeFkNHf) CVE-2021-1289 CVE-2021-1290 CVE-2021-1291 CVE-2021-1292 CVE-2021-1293 CVE-2021-1294 CVE-2021-1295 05 Feb 2021 9.8 (v3) Critical Pass Oracle GlassFish Server Unspeci fi ed Information Disclosure (October 2015 CPU) CVE-2015-4899 21 Oct 2015 4.3 (v2) Medium Pass OpenSSH < 4.2 Multiple Vulnerabilities CVE-2005-2797 CVE-2005-2798 CVE-2006-0393 07 Sep 2005 3.5 (v2) Low Pass Persistent Systems Radia Client Automation Agent Stack Over fl ow Remote Code Execution (destructive check) 02 Oct 2015 10 (v2) Critical Pass Apple iTunes < 12.3.1 Multiple Vulnerabilities (uncredentialed check) CVE-2015-5928 CVE-2015-5929 CVE-2015-5930 CVE-2015-5931 CVE-2015-6975 CVE-2015-6992 CVE-2015-7002 CVE-2015-7011 CVE-2015-7012 CVE-2015-7013 CVE-2015-7014 CVE-2015-7017 26 Oct 2015 7.5 (v2) High Pass SAP BusinessObjects Business Intelligence Platform Web Detection. 08 Feb 2021 None Pass Juniper Junos OS DoS (JSA11101) CVE-2021-0211 03 Feb 2021 10 (v3) Critical Pass Apache Tra ffi c Server 5.3.x < 5.3.2 HTTP2 Multiple Vulnerabilities CVE-2015-5168 CVE-2015-5206 08 Dec 2015 9.8 (v3) Critical Pass Sun JavaServer Default Admin Password CVE-1999-0508 05 Jun 2002 7.5 (v2) High Pass Apple TV < 14.2 Multiple Vulnerabilities CVE-2020-9974 CVE-2020-10002 CVE-2020-10003 CVE-2020-10010 CVE-2020-10011 CVE-2020-10016 CVE-2020-10017 CVE-2020-27899 CVE-2020-27905 CVE-2020-27909 CVE-2020-27910 CVE-2020-27911 CVE-2020-27912 CVE-2020-27916 CVE-2020-27 05 Feb 2021 7.8 (v3) High Pass paNews 2.0.4b Multiple Input Validation Vulnerabilities CVE-2005-0646 CVE-2005-0647 18 Mar 2005 7.5 (v2) High Pass Tenable SecurityCenter < 5.17.0 Multiple Vulnerabilities (TNS-2020-11) CVE-2019-1551 CVE-2020-1967 CVE-2020-1971 CVE-2020-5808 CVE-2020-11022 23 Dec 2020 7.5 (v3) High Pass OpenSSL 0.9.8 < 0.9.8zh X509_ATTRIBUTE Memory Leak DoS CVE-2015-3195 07 Dec 2015 5.3 (v3) Medium Pass OpenSSL 1.0.0 < 1.0.0t Multiple DoS CVE-2015-3195 CVE-2015-3196 07 Dec 2015 5.3 (v3) Medium Pass Xerox WorkCentre 3025 / 3215 / 3225 OpenSSL Multiple Vulnerabilities (XRX15AM) (FREAK) (POODLE) CVE-2014-3566 CVE-2015-0204 11 Dec 2015 4.3 (v2) Medium Pass Xerox WorkCentre 3550 OpenSSL Multiple Vulnerabilities (XRX15AJ) (FREAK) (POODLE) CVE-2014-3566 CVE-2015-0204 11 Dec 2015 4.3 (v2) Medium Pass Cisco Small Business RV Series Routers Multiple Vulnerabilities (cisco-sa-rv160-260- fi lewrite-7x9mnKjn) CVE-2021-1296 CVE-2021-1297 05 Feb 2021 7.5 (v3) High Pass Apple iTunes < 12.3.2 Multiple Vulnerabilities (uncredentialed check) CVE-2015-7048 CVE-2015-7050 CVE-2015-7095 CVE-2015-7096 CVE-2015-7097 CVE-2015-7098 CVE-2015-7099 CVE-2015-7100 CVE-2015-7101 CVE-2015-7102 CVE-2015-7103 CVE-2015-7104 15 Dec 2015 6.8 (v2) Medium Pass Zebedee Malformed Protocol Option Header Port 0 Remote DoS CVE-2005-2904 10 Sep 2005 5 (v2) Medium Pass Juniper ScreenOS SSH / Telnet Authentication Backdoor CVE-2015-7755 23 Dec 2015 9.8 (v3) Critical Pass Symantec Messaging Gateway 10.x < 10.6.4 Directory Traversal Vulnerability (SYM17-016) CVE-2017-15532 02 Jan 2018 5.7 (v3) Medium Pass Junos OS: Multiple vulnerabilities in libxml2 (JSA10916) CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2017-7375 CVE-2017-18258 CVE-2018-9251 11 Jan 2019 9.8 (v3) Critical Pass SolarWinds Storage Manager AuthenticationFilter Script Upload RCE CVE-2015-5371 22 Dec 2015 10 (v2) Critical Pass Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability (cisco-sa-20190227-rmi-cmd-ex) CVE-2019-1663 27 Feb 2019 9.8 (v3) Critical Pass ACAP Cleartext Authentication 05 Jan 2016 4.3 (v2) Medium Pass AMQP Cleartext Authentication 05 Jan 2016 4.3 (v2) Medium Pass Palo Alto Networks PAN-OS 5.0.x < 5.0.19 / 5.1.x < 5.1.12 / 6.0.x < 6.0.14 / 6.1.x < 6.1.12 / 7.0.x < 7.0.8 Privilege Escalation (PAN-SA-2016-0012) CVE-2016-1712 26 Aug 2016 7.8 (v3) High Pass ESXi 5.5 < Build 3248547 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check) CVE-2015-6933 15 Jan 2016 6.3 (v3) Medium Pass HP Virtual Table Server (VTS) Database Import RCE CVE-2015-6857 20 Jan 2016 7.2 (v2) High Pass Oracle GlassFish Embedded Server Vulnerabilities (January 2016 CPU) CVE-2016-0441 CVE-2016-0453 20 Jan 2016 6.8 (v2) Medium Pass Oracle Application Express (Apex) CVE-2009-1993 CVE-2009-1993 20 Feb 2013 5.5 (v2) Medium Pass Cisco Uni fi ed Computing System Manager CGI RCE (CSCur90888) CVE-2015-6435 29 Jan 2016 9.8 (v3) Critical Pass Cisco Uni fi ed Computing System Manager CGI RCE (CSCur90888) (remote check) CVE-2015-6435 05 Feb 2016 9.8 (v3) Critical Pass HP Network Automation Multiple Vulnerabilities (HPSBMU02693) CVE-2011-2402 CVE-2011-2403 24 Sep 2013 6.5 (v2) Medium Pass Apache 2.2.x < 2.2.6 Multiple Vulnerabilities (DoS, XSS, Info Disc) CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3303 CVE-2007-3304 CVE-2007-3847 CVE-2007-4465 CVE-2007-1743 14 Sep 2007 5.3 (v3) Medium Pass pfSense < 2.4.5 Multiple Vulnerabilities CVE-2019-12462 CVE-2019-12949 CVE-2019-16914 CVE-2019-16915 11 Feb 2021 9.8 (v3) Critical Pass Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability - Cisco Systems CVE-2008-3804 01 Sep 2010 7.8 (v2) High Pass macOS 10.13 Authentication Bypass Remote Check (CVE-2017-13872) CVE-2017-13872 04 Dec 2017 8.1 (v3) High Pass SolarWinds Orion Platform < 2019.4.2 Remote Code Execution CVE-2021-25274 09 Feb 2021 9.8 (v3) Critical Pass Cisco Prime Collaboration Assurance 10.5.x / 10.6.x / 11.0.x / 11.1.x < 11.1.66527 Open Redirect (cisco-sa-20160503-pca) CVE-2016-1392 09 May 2016 7.4 (v3) High Pass SolarWinds Orion Platform < 2020.2.4 Multiple Vulnerabilities CVE-2021-25274 CVE-2021-25275 09 Feb 2021 9.8 (v3) Critical Pass Cisco Prime Collaboration Provisioning 10.6.x / 11.0.x < 11.0.0.815 Web Framework SQLi (cisco-sa-20151008-pcp) CVE-2015-6329 09 May 2016 6.5 (v2) Medium Pass HylaFAX hfaxd with PAM Password Policy Bypass CVE-2005-3538 10 Jan 2006 7.5 (v2) High Pass Junos OS: OpenSSL Security Advisories [16 Apr 2018] and [12 June 2018] (JSA10919) CVE-2018-0732 CVE-2018-0737 11 Jan 2019 5.9 (v3) Medium Pass VMware ESX / ESXi Descheduled Time Accounting DoS (VMSA-2009-0007) (remote check) CVE-2009-1805 03 Mar 2016 4 (v2) Medium Pass Lotus Domino LDAP Server Crafted Packet Remote DoS CVE-2006-0580 13 Feb 2006 5 (v2) Medium Pass EMC RSA Authentication Manager < 8.3 Patch 1 Multiple Vulnerabilities (DSA-2018-086) CVE-2018-1247 CVE-2018-1248 10 May 2018 6.1 (v3) Medium Pass VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check) CVE-2011-1202 CVE-2011-3102 CVE-2011-3970 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-4244 CVE-2013-1405 04 Mar 2016 10 (v2) Critical Pass VMware ESX Service Console Multiple Vulnerabilities (VMSA-2012-0008) (remote check) CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 CVE-2011-3191 CVE-2011-3905 CVE-2011-3919 CVE-2011-4348 CVE-2012-0028 03 Mar 2016 10 (v2) Critical Pass VMware ESX WebWorks Help Multiple XSS (VMSA-2009-0017) (remote check) CVE-2009-3731 03 Mar 2016 4.3 (v2) Medium Pass Fenice <= 1.10 Multiple Remote Vulnerabilities CVE-2006-2022 CVE-2006-2023 27 May 2006 7.5 (v2) High Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0015) (remote check) CVE-2012-2372 CVE-2012-3552 CVE-2013-0791 CVE-2013-1620 CVE-2013-2147 CVE-2013-2164 CVE-2013-2206 CVE-2013-2224 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 04 Mar 2016 6.9 (v2) Medium Pass VMware ESX / ESXi Arbitrary File Modi fi cation (VMSA-2013-0016) (remote check) CVE-2013-5973 04 Mar 2016 4.4 (v2) Medium Pass CA DM Deployment Common Component Multiple DoS CVE-2006-0306 CVE-2006-0307 19 Jan 2006 5 (v2) Medium Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0001) (remote check) CVE-2010-0211 CVE-2010-0212 CVE-2010-2956 CVE-2010-3847 CVE-2010-3856 04 Mar 2016 7.2 (v2) High Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0010) (remote check) CVE-2010-0296 CVE-2011-0536 CVE-2011-0997 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 04 Mar 2016 7.5 (v2) High Pass Ipswitch IMail Server SMTP Service Crafted RCPT String Remote Over fl ow CVE-2006-4379 08 Sep 2006 7.5 (v2) High Pass Apache on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure CVE-2006-4110 11 Aug 2006 5.3 (v3) Medium Pass RunCMS Multiple Script lid Parameter SQL Injection CVE-2007-6544 07 Jan 2008 7.5 (v2) High Pass pfSense < 2.4.4-p3 Multiple Vulnerabilities CVE-2018-20798 CVE-2018-20799 11 Feb 2021 7.5 (v3) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613) CVE-2019-1613 13 Dec 2019 6.7 (v3) Medium Pass IBM Tivoli Storage Manager FastBack 5.5.x Multiple Vulnerabilities CVE-2016-0212 CVE-2016-0213 CVE-2016-0216 04 Mar 2016 9.8 (v3) Critical Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0013) (remote check) CVE-2005-4268 CVE-2007-4476 CVE-2008-5302 CVE-2008-5303 CVE-2010-0624 CVE-2010-1168 CVE-2010-1321 CVE-2010-1447 CVE-2010-2063 08 Mar 2016 8.5 (v2) High Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0019) (remote check) CVE-2009-0590 CVE-2009-2409 CVE-2009-3555 CVE-2010-0405 CVE-2010-3069 08 Mar 2016 7.5 (v2) High Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.30 / 3.0.1.x < 3.0.1.15 / 3.1.2.x < 3.1.2.16 Multiple Vulnerabilities (January 2017 CPU) CVE-2016-5528 CVE-2017-3239 CVE-2017-3247 CVE-2017-3249 CVE-2017-3250 19 Jan 2017 7.3 (v3) High Pass VMware ESX Privilege Escalation (VMSA-2010-0017) (remote check) CVE-2010-3081 08 Mar 2016 7.2 (v2) High Pass Verity Ultraseek < 5.7 Multiple Vulnerabilities CVE-2006-5819 18 Nov 2006 10 (v2) Critical Pass HP O ffi ceJet Printers Unspeci fi ed Information Disclosure (HPSBPI03546) CVE-2016-2244 15 Mar 2016 5.9 (v3) Medium Pass Cisco Uni fi ed Computing System (UCS) Central Software Improper Certi fi cate Validation (cisco-sa-ucs-invcert-eOpRvCKH) CVE-2021-1354 12 Feb 2021 3.5 (v3) Low Pass Lexmark MarkVision Enterprise < 2.1 Multiple Vulnerabilities CVE-2014-8741 CVE-2014-8742 22 Dec 2014 10 (v2) Critical Pass ManageEngine Desktop Central Default Administrator Credentials 04 Dec 2013 7.5 (v2) High Pass IBM Network Security Protection XGS Default Credentials 02 Jan 2015 10 (v2) Critical Pass ASUS Router 'infosvr' Remote Command Execution CVE-2014-9583 14 Jan 2015 10 (v2) Critical Pass Mercury LoadRunner Agent server_ip_name Field Remote Bu ff er Over fl ow CVE-2007-0446 13 Feb 2007 10 (v2) Critical Pass Lexmark MarkVision Enterprise GfdFileUploadServerlet RCE Vulnerability CVE-2014-8741 15 Jan 2015 10 (v2) Critical Pass OpenSSL 1.0.1 < 1.0.1k Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 16 Jan 2015 5 (v2) Medium Pass Juniper Junos OS Multiple Local Privilege Escalation Vulnerabilities (JSA11114) CVE-2021-0204 CVE-2021-0223 27 Jan 2021 7.8 (v3) High Pass Apache Tra ffi c Server 5.1.x < 5.1.2 DoS CVE-2014-10022 22 Jan 2015 5 (v2) Medium Pass Multiple Vulnerabilities in Cisco NX-OS-Based Products (cisco-sa-20130424-nxosmulti) CVE-2013-1178 CVE-2013-1179 CVE-2013-1180 CVE-2013-1181 31 May 2013 9 (v2) High Pass ManageEngine Password Manager Pro Default Credentials 23 Jan 2015 7.5 (v2) High Pass Openswan < 2.6.36 IKE Packet NULL Pointer Dereference Remote DoS CVE-2011-3380 28 Jan 2015 5.3 (v3) Medium Pass Openswan < 2.6.37 Cryptographic Helper Use-After-Free Remote DoS CVE-2011-4073 28 Jan 2015 4.3 (v3) Medium Pass Juniper Junos OS MX Series DoS (JSA11077) CVE-2020-1680 30 Oct 2020 5.3 (v3) Medium Pass ESXi 5.5 < Build 2352327 Multiple Vulnerabilities (remote check) (POODLE) CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3660 CVE-2014-8370 CVE-2015-1044 29 Jan 2015 6.4 (v2) Medium Pass Zope Image and File Update Data Protection Bypass CVE-2000-1212 19 Dec 2000 6 (v2) Medium Pass Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities CVE-2012-0883 CVE-2012-2686 CVE-2012-2687 CVE-2012-3499 CVE-2012-3817 CVE-2012-4244 CVE-2012-4558 CVE-2012-5166 CVE-2012-5688 CVE-2013-0166 CVE-2013-0169 CVE-2013-1025 CVE-2013-1026 CVE-2013-1027 CVE-2013-1028 CVE-2013-1 13 Sep 2013 10 (v2) Critical Pass Tenable SecurityCenter < 5.14.0 Multiple Vulnerabilities (TNS-2020-02) CVE-2019-11358 CVE-2020-5737 19 Feb 2021 6.1 (v3) Medium Pass Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability (cisco-sa-20130925-ntp) CVE-2013-5472 07 Oct 2013 7.1 (v2) High 97

Pass OpenSSL 1.0.0 < 1.0.1o Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 17 Oct 2014 4.3 (v2) Medium Pass Graylog2 LDAP Authentication Bypass Vulnerability CVE-2014-9217 10 Feb 2015 5 (v2) Medium Pass Cisco NX-OS Software BGP DoS (CSCtn13055) CVE-2012-4098 16 Oct 2013 5 (v2) Medium Pass Tivoli Storage Manager Server Unsupported Product 24 Feb 2015 10 (v2) Critical Pass Symantec Data Center Security Server 'WCUnsupportedClass.jsp' XSS 26 Feb 2015 4.3 (v2) Medium Pass IBM Tivoli Storage Manager Express Backup Server Service (dsmsvc.exe) Packet Handling Remote Over fl ow CVE-2008-0247 17 Jan 2008 10 (v2) Critical Pass Cisco Nexus 4000 Series Switches IPv6 Denial of Service (CSCtd15904) CVE-2013-6683 02 Dec 2013 6.1 (v2) Medium Pass Lotus Quickr for Domino qp2.dll ActiveX Control Integer Over fl ow Remote Code Execution CVE-2013-3026 26 Jun 2013 9.3 (v2) High Pass CodeMeter < 5.20 Local Privilege Escalation Vulnerability CVE-2014-8419 23 Feb 2015 7.2 (v2) High Pass SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Supported (FREAK) CVE-2015-0204 04 Mar 2015 4.3 (v2) Medium Pass BayTech RPC-3 Telnet Daemon Remote Authentication Bypass CVE-2005-0957 01 Apr 2005 10 (v2) Critical Pass MongoDB Unauthenticated REST API Detection 12 Mar 2015 5 (v2) Medium Pass Palo Alto Networks PAN-OS < 4.0.9 / 4.1.x < 4.1.2 Multiple Command Injections CVE-2012-6595 CVE-2012-6600 05 Mar 2014 9 (v2) High Pass Loxone Smart Home Miniserver < 6.3 Multiple Vulnerabilities 13 Mar 2015 6.8 (v2) Medium Pass Pulse Connect Secure < 9.1R8.2 (SA44588) CVE-2020-8238 CVE-2020-8243 CVE-2020-8256 09 Oct 2020 7.2 (v3) High Pass Dell KACE K2000 Appliance Hidden CIFS Fileshare Information Disclosure CVE-2011-1672 19 Apr 2011 5.3 (v3) Medium Pass Apple TV < 7.0.2 Multiple Vulnerabilities CVE-2014-4452 CVE-2014-4455 CVE-2014-4461 CVE-2014-4462 20 Nov 2014 9.3 (v2) High Pass Palo Alto Networks PAN-OS 5.x < 5.0.9 Multiple Vulnerabilities 05 Mar 2014 6.5 (v2) Medium Pass ManageEngine NetFlow Analyzer Default Credentials 16 Mar 2015 7.5 (v2) High Pass HP Universal Con fi guration Management Database Data Flow Probe Gateway Cross-Site Tracing 18 Mar 2015 5 (v2) Medium Pass Cisco UCS Director Authentication Bypass (cisco-sa-20190821-ucsd-authbypass) CVE-2019-1938 23 Aug 2019 9.8 (v3) Critical Pass Juniper Junos SRX Series fl owd DoS (JSA10622) CVE-2014-2714 14 Apr 2014 7.1 (v2) High Pass OpenSSL 1.0.2 < 1.0.2a Multiple Vulnerabilities CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0293 CVE-2015-1787 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.7 Multiple Vulnerabilities 17 Jun 2016 10 (v2) Critical Pass Apache Struts struts-cookbook processSimple.do message Parameter XSS CVE-2012-1007 23 Jul 2012 4.3 (v2) Medium Pass Cisco NX-OS Multiple Vulnerabilities (cisco-sa-20140521-nxos) CVE-2013-1191 CVE-2014-2200 CVE-2014-2201 CVE-2014-3261 30 May 2014 7.6 (v2) High Pass ArubaOS Remote Access Point Command Injection CVE-2015-1388 03 Apr 2015 7.2 (v2) High Pass Cisco IOS Software NAT denial of service (cisco-sa-20170927-nat) CVE-2017-12231 05 Oct 2017 7.5 (v3) High Pass Cisco NX-OS Software Bu ff er Over fl ow and Command Injection Vulnerabilities CVE-2019-1767 CVE-2019-1768 28 Jun 2019 6.7 (v3) Medium Pass Juniper Junos IPv6 Neighbor Discovery (ND) Tra ffi c Handling Multiple Vulnerabilities (JSA10749) CVE-2016-1409 22 Jun 2016 5.3 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities CVE-2019-1547 CVE-2019-1552 CVE-2019-1563 23 Aug 2019 4.7 (v3) Medium Pass Cisco IOS Zone-Based Firewall Feature Security Bypass (CSCun94946) CVE-2014-2146 27 Jun 2016 6.5 (v3) Medium Pass MySQL Enterprise Monitor 3.0.x < 3.0.5 Apache Struts DMI Multiple Vulnerabilities CVE-2013-4316 08 May 2015 10 (v2) Critical Pass CherryPy staticFilter Traversal Arbitrary File Access CVE-2006-0847 22 Feb 2006 5 (v2) Medium Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.11 Multiple Vulnerabilities 07 Jul 2016 4 (v2) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.1 Vulnerability CVE-2016-10012 02 Jul 2020 7.8 (v3) High Pass Websense TRITON 7.8 Source Code Disclosure 21 May 2015 5 (v2) Medium Pass Mingle Forum Plugin for WordPress 'topic' parameter SQL Injection 20 Jan 2011 7.5 (v2) High Pass Cisco TelePresence ISDN Gateway Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass Cisco TelePresence MCU Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass OpenMediaVault Default Administrator Credentials 18 Dec 2013 7.5 (v2) High Pass Modbus/TCP Report Slave ID 10 May 2015 5 (v2) Medium Pass Xerox ColorQube Unspeci fi ed Remote Protocol Authorization Bypass (XRX13-008) 28 Oct 2013 10 (v2) Critical Pass HP SiteScope Log Analysis Tool Remote Privilege Escalation (uncredentialed check) CVE-2015-2120 10 Jun 2015 8.7 (v2) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 Directory Traversal (CVE-2020-4782) CVE-2020-4782 12 Feb 2021 6.5 (v3) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 4 Multiple Vulnerabilities CVE-2012-2159 CVE-2012-2161 CVE-2012-2170 CVE-2012-2190 CVE-2012-2191 CVE-2012-3293 09 Aug 2012 5.8 (v2) Medium Pass ManageEngine Applications Manager FailOverHelperServlet ' fi leName' Parameter Arbitrary File Disclosure CVE-2014-7863 08 Jun 2015 5 (v2) Medium Pass Splunk Enterprise 5.0.x < 5.0.13 / 6.0.x < 6.0.9 / 6.1.x < 6.1.8 OpenSSL Vulnerabilities (FREAK) CVE-2015-0204 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-1787 04 Jun 2015 7.5 (v2) High Pass TLS Version 1.0 Protocol Detection (PCI DSS) 30 Jun 2015 8.2 (v3) High Pass Splunk Enterprise < 5.0.18 / 6.0.14 / 6.1.13 / 6.2.13.1 / 6.3.10 / 6.4.6 / 6.5.3 / Splunk Light < 6.5.3 Multiple Vulnerabilities CVE-2017-5607 06 Apr 2017 3.5 (v3) Low Pass Bitrix bitrix.xscan Module < 1.0.4 bitrix.xscan_worker.php ' fi le' Parameter Path Traversal File Disclosure CVE-2015-8357 02 May 2017 4.7 (v3) Medium Pass Cisco Ironport Security Appliance Default Host Key Vulnerability CVE-2015-4217 02 Jul 2015 4.3 (v2) Medium Pass EMC Documentum D2 4.1.x < 4.5 XSS (ESA-2015-109) CVE-2015-0549 26 Jun 2015 3.5 (v2) Low Pass Oracle iPlanet Web Server 6.1.x < 6.1.21 / 7.0.x < 7.0.22 NSS Signature Handling Remote Code Injection CVE-2014-1569 23 Jul 2015 7.5 (v2) High Pass IBM WebSphere Application Server 6.1 < Fix Pack 47 Multiple Vulnerabilities CVE-2012-2098 CVE-2012-3305 CVE-2012-4853 CVE-2013-0169 CVE-2013-0458 CVE-2013-0459 CVE-2013-0460 CVE-2013-0461 CVE-2013-0462 CVE-2013-0541 CVE-2013-0542 CVE-2013-0543 CVE-2013-0544 CVE-2013-0596 CVE-2013-1768 CVE-2013-1 20 Sep 2013 10 (v2) Critical Pass HP Network Automation 9.22.0x / 10.00.0x < 10.00.02 Multiple RCE CVE-2016-1988 CVE-2016-1989 25 Mar 2016 9.8 (v3) Critical Pass Apple TV < 9.2 Multiple Vulnerabilities CVE-2015-1819 CVE-2015-5312 CVE-2015-7499 CVE-2015-7500 CVE-2015-7942 CVE-2015-8035 CVE-2015-8242 CVE-2015-8659 CVE-2016-0801 CVE-2016-0802 CVE-2016-1740 CVE-2016-1748 CVE-2016-1750 CVE-2016-1751 CVE-2016-1752 CVE-2016-1 01 Apr 2016 10 (v3) Critical Pass MS07-063: Vulnerability in SMBv2 Could Allow Remote Code Execution (942624) (uncredentialed check) CVE-2007-5351 07 Jan 2008 10 (v3) Critical Pass Retrospect Client Malformed Packet DoS CVE-2006-0995 03 Mar 2006 5 (v2) Medium Pass SecurityCenter devform.php message Parameter XSS CVE-2013-5911 30 Sep 2013 4.3 (v2) Medium Pass HP Autonomy Ultraseek 5 Unspeci fi ed XSS CVE-2013-6196 15 Jan 2014 3.5 (v2) Low Pass Alcatel OmniSwitch Default Credentials (http) 30 Sep 2013 7.5 (v2) High Pass Coppermine Photo Gallery showdoc.php f Parameter Local File Inclusion CVE-2006-0873 27 Feb 2006 5 (v2) Medium Pass SSH Server CBC Mode Ciphers Enabled CVE-2008-5161 28 Oct 2013 2.6 (v2) Low Pass Oracle GlassFish Server Multiple Vulnerabilities (October 2013 CPU) CVE-2013-2172 CVE-2013-3827 CVE-2013-5816 17 Oct 2013 5 (v2) Medium Pass Acme mini_httpd Protocol String Handling Memory Disclosure CVE-2015-1548 05 May 2016 5 (v2) Medium Pass Dropbear SSH Server < 2013.59 Multiple Vulnerabilities CVE-2013-4421 CVE-2013-4434 22 Oct 2013 5 (v2) Medium Pass AjaXplorer < 5.0.3 Multiple Vulnerabilities CVE-2013-5688 18 Oct 2013 5.5 (v2) Medium Pass FancyBox Plugin for WordPress 'mfbfw' Parameter Persistent XSS CVE-2015-1494 16 Feb 2015 4.3 (v2) Medium Pass TWiki 'debugenableplugins' Parameter RCE CVE-2014-7236 20 Apr 2015 8.8 (v3) High Pass ESXi 5.0 < Build 721882 Multiple Vulnerabilities (remote check) CVE-2012-3288 CVE-2012-3289 13 Nov 2013 9.3 (v2) High Pass ESXi 5.1 < Build 1142907 NFC Tra ffi c Denial of Service (remote check) CVE-2013-1661 13 Nov 2013 4.3 (v2) Medium Pass OpenSSH 6.2 and 6.3 AES-GCM Cipher Memory Corruption CVE-2013-4548 13 Nov 2013 6 (v2) Medium Pass Claroline Multiple RemoteVulnerabilities (RFI, Traversal, XSS) CVE-2006-1594 CVE-2006-1595 CVE-2006-1596 03 Apr 2006 7.5 (v2) High Pass ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check) CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2010-4180 CVE-2010-4252 CVE-2011-0014 CVE-2011-1089 CVE-2011-3048 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4577 CVE-2011-4609 CVE-2011-4619 CVE-2012-0050 CVE-2012-0 13 Nov 2013 9.3 (v2) High Pass MikroTik RouterOS 5.x < 5.26 / 6.x < 6.3 sshd Unspeci fi ed Remote Heap Corruption 18 Nov 2013 5 (v2) Medium Pass MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212) (uncredentialed check) CVE-2006-7192 CVE-2007-0041 CVE-2007-0042 CVE-2007-0043 11 Jul 2007 9.3 (v2) High Pass MySQL Server COM_CHANGE_USER Command Security Bypass CVE-2012-5627 27 Nov 2013 4.3 (v3) Medium Pass RomPager HTTP Referer Header XSS CVE-2013-6786 03 Dec 2013 4.3 (v2) Medium Pass Cisco Prime Data Center Network Manager < 6.2(1) Multiple Vulnerabilities (uncredentialed check) CVE-2013-5486 CVE-2013-5487 CVE-2013-5490 27 Sep 2013 9.8 (v3) Critical Pass OpenSSL 1.0.1 < 1.0.1f Multiple Vulnerabilities CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 08 Jan 2014 5.8 (v2) Medium Pass Accellion File Transfer Appliance Unsupported Version 01 Mar 2021 9.8 (v3) Critical Pass Cisco WAAS Mobile Server Web Administration Default Credentials 07 Jan 2014 7.5 (v2) High Pass Apache Solr < 4.6.0 'SolrResourceLoader' Directory Traversal CVE-2013-6397 07 Jan 2014 4.3 (v2) Medium Pass Novell Identity Manager Roles Based Provisioning Module taskId XSS CVE-2013-1096 07 Jan 2014 4.3 (v2) Medium Pass Synology DiskStation Manager < 4.3-3776 Update 3 info.cgi Multiple Parameters XSS 05 Feb 2014 4.3 (v2) Medium Pass VMware Security Updates for vCenter Server (VMSA-2014-0006) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 10 Jul 2014 5.8 (v2) Medium Pass Adobe ColdFusion Multiple Vulnerabilities (APSA13-03) CVE-2013-3336 14 May 2013 5 (v2) Medium Pass Puppet Symlink File Overwrite CVE-2013-4969 27 Jan 2014 2.1 (v2) Low Pass IBM GCM16 / GCM32 Global Console Manager KVM Switch Firmware Version < 1.20.0.22575 Remote Code Execution CVE-2013-0526 05 Aug 2014 8.5 (v2) High Pass OpenSSL 1.0.0 < 1.0.0n Multiple Vulnerabilities CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 08 Aug 2014 6.8 (v2) Medium Pass JForum Detection 14 Feb 2014 None Pass SAP Host Agent SOAP Web Service Information Disclosure (SAP Note 1816536) CVE-2013-3319 03 Feb 2014 5 (v2) Medium Pass Cisco Uni fi ed Computing System Serial over LAN Static Private Key Vulnerability (CSCte90338) CVE-2012-4074 12 Feb 2014 5.8 (v2) Medium Pass Symantec Web Gateway < 5.2.5 Management Console Command Injection (SYM16-017) CVE-2016-5313 13 Oct 2016 8.8 (v3) High Pass Cisco Uni fi ed Computing System Smart Call Home Input Validation Vulnerability (CSCtl00186) CVE-2012-4093 18 Feb 2014 4.6 (v2) Medium Pass Symantec Web Gateway <= 5.1.1 Multiple Vulnerabilities (SYM14-003) CVE-2013-5012 CVE-2013-5013 13 Feb 2014 6.5 (v2) Medium Pass Ubiquiti airCam < 1.2.0 ubnt-streamer RTSP Service Remote Code Execution CVE-2013-1606 19 Feb 2014 7.5 (v2) High Pass nginx < 1.8.1 / 1.9.x < 1.9.10 Multiple Vulnerabilities CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 09 Mar 2018 7.3 (v3) High Pass VMware Security Updates for vCenter Server (VMSA-2013-0006) CVE-2012-2733 CVE-2012-4534 CVE-2013-3107 30 Apr 2013 4.3 (v2) Medium Pass Oracle GlassFish Server 3.0.1 < 3.0.1.7 / 3.1.2 < 3.1.2.5 Multiple Vulnerabilities (April 2013 CPU) CVE-2013-1508 CVE-2013-1515 05 Jun 2013 4.3 (v2) Medium Pass Lexmark Printer Con fi guration Persistent XSS CVE-2013-6033 03 Mar 2014 3.5 (v2) Low Pass MS08-037: Vulnerabilities in DNS Could Allow Spoo fi ng (951746) (uncredentialed check) CVE-2008-1447 CVE-2008-1454 05 Mar 2014 9.4 (v2) High Pass OpenSSH S/KEY Authentication Account Enumeration CVE-2007-2243 18 Nov 2011 5 (v2) Medium Pass McAfee Web Gateway User Interface Default Credentials 21 Feb 2014 10 (v2) Critical Pass Apache 2.2.x < 2.2.22 Multiple Vulnerabilities CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-4557 02 Feb 2012 5.3 (v3) Medium Pass Novell ZENworks Con fi guration Console Login.jsp language Parameter XSS CVE-2013-1094 18 Jun 2013 4.3 (v2) Medium Pass Web Accessible Backups 03 Mar 2014 None Pass Oracle RDBMS Patchset Out of Date (remote check) 13 Mar 2014 10 (v2) Critical Pass PeopleSoft PeopleTools JMS Listening Connector Activity Parameter XSS CVE-2009-1987 29 Oct 2009 4.3 (v2) Medium Pass Cisco Email Security Appliance Web UI Default Credentials 02 Apr 2014 9.8 (v3) Critical Pass Cisco Content Security Management Appliance Web UI Default Credentials 02 Apr 2014 7.5 (v2) High 98

Pass ionCube loader-wizard.php Accessible 04 Apr 2014 5 (v2) Medium Pass Ajax Pagination (twitter Style) Plugin for WordPress Local File Inclusion 07 Apr 2014 5 (v2) Medium Pass ASUS Routers fl ag Parameter XSS 25 Feb 2014 4.3 (v2) Medium Pass HP Universal Con fi guration Management Database Server (UCMDB) Local Information Disclosure (HPSBGN03504) CVE-2015-5440 22 Sep 2015 4.9 (v2) Medium Pass Cisco ONS 15454 Controller Card DoS (CSCug97315) CVE-2014-2139 10 Apr 2014 5 (v2) Medium Pass Canon PIXMA Printer WLAN Credential Disclosure CVE-2013-4614 07 Apr 2014 2.1 (v2) Low Pass OpenSSL Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 08 Apr 2014 7.5 (v3) High Pass NAS4Free Web UI Default Credentials 14 Apr 2014 10 (v2) Critical Pass CA ERwin Web Portal 9.5 Multiple Directory Traversals CVE-2014-2210 29 Apr 2014 7.5 (v2) High Pass BSD in.lpd File Name Handling Remote Over fl ow CVE-2001-0670 CVE-1999-0061 17 Mar 2003 7.5 (v2) High Pass Symantec Endpoint Protection Manager Java Object Deserialization RCE (SYM15-011) CVE-2015-6554 18 Dec 2015 8.8 (v3) High Pass IBM DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3555 CVE-2010-0462 CVE-2010-3193 CVE-2010-3194 CVE-2010-3195 CVE-2010-3731 CVE-2010-3732 CVE-2010-3733 CVE-2010-3734 CVE-2010-3735 CVE-2010-3736 CVE-2010-3737 CVE-2010-3738 CVE-2010-3739 CVE-2010-3 07 Sep 2010 9.8 (v3) Critical Pass OS Identi fi cation: SinFP with Machine Learning 15 Jan 2020 None Pass OpenSSL < 0.9.6e Multiple Vulnerabilities CVE-2002-0655 CVE-2002-0656 CVE-2002-0659 04 Jan 2012 7.5 (v2) High Pass APC < 3.8.0 apcupsd Multiple Vulnerabilities CVE-2001-0040 CVE-2003-0098 CVE-2003-0099 26 Mar 2003 10 (v2) Critical Pass Microsoft SharePoint Server Unsupported Version Detection 30 May 2014 10 (v3) Critical Pass OpenSSL < 0.9.7h / 0.9.8a Protocol Version Rollback CVE-2005-2969 04 Jan 2012 5 (v2) Medium Pass HP OneView Unspeci fi ed Remote Privilege Escalation (HPSBGN03034) CVE-2014-2602 13 Jun 2014 6.5 (v2) Medium Pass PoPToP PPTP ctrlpacket.c Negative Read Remote Over fl ow CVE-2003-0213 16 Apr 2003 10 (v2) Critical Pass OpenSSH < 3.7.1 Multiple Vulnerabilities CVE-2003-0682 CVE-2003-0693 CVE-2003-0695 CVE-2004-2760 16 Sep 2003 10 (v2) Critical Pass Apache 2.0.x < 2.0.51 Multiple Vulnerabilities (OF, DoS) CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 16 Sep 2004 5.6 (v3) Medium Pass Splunk '/en-US/app/' Referer Header XSS CVE-2014-8380 30 May 2014 4.3 (v2) Medium Pass Snitz Forums 2000 < 3.4.03 register.asp Email Parameter SQL Injection CVE-2003-0286 04 Aug 2004 7.5 (v2) High Pass F5 Networks ARX Data Manager Unsupported Version Detection 01 Jul 2014 10 (v2) Critical Pass Unsupported Microsoft DNS Server Detection 12 Jun 2014 10 (v3) Critical Pass EMC Documentum D2 Privilege Escalation (ESA-2014-045) CVE-2014-2504 06 Jun 2014 9 (v2) High Pass McAfee Cloud Single Sign On WebUI Default Credentials 25 Mar 2014 7.5 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 13 Multiple Vulnerabilities CVE-2010-0781 CVE-2010-0783 CVE-2010-0784 CVE-2010-0785 CVE-2010-0786 CVE-2010-1632 CVE-2010-3186 CVE-2010-4220 11 Nov 2010 7.5 (v2) High Pass Puppet Enterprise 3.x < 3.1.3 LibYAML Heap-Based Bu ff er Over fl ow CVE-2013-6393 21 Mar 2014 6.8 (v2) Medium Pass Tivoli Provisioning Manager Express for Software Distribution Detection 29 Mar 2012 None Pass Oracle iPlanet Web Server 7.0.x < 7.0.9 Multiple Vulnerabilities CVE-2010-3512 CVE-2010-3514 CVE-2010-3544 CVE-2010-3545 13 Dec 2010 5.8 (v2) Medium Pass Cisco TelePresence Supervisor MSE 8050 Multiple Vulnerabilities in OpenSSL CVE-2014-0224 CVE-2014-3470 18 Jun 2014 5.8 (v2) Medium Pass Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL CVE-2014-0076 CVE-2014-3470 18 Jun 2014 1.9 (v2) Low Pass Woltlab Burning Board pms.php folderid Parameter XSS CVE-2005-1327 12 May 2005 4.3 (v2) Medium Pass Better WP Security Plugin for WordPress Multiple XSS CVE-2012-4263 CVE-2012-4264 31 Mar 2014 4.3 (v2) Medium Pass SSH Tectia Server SFTP Filename Logging Format String CVE-2006-0705 15 Feb 2006 5 (v2) Medium Pass Cloudera Manager Default Credentials 26 Jun 2014 10 (v2) Critical Pass Apache Tomcat 6.0.x < 6.0.43 Multiple Vulnerabilities (POODLE) CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3 05 Mar 2015 7.3 (v3) High Pass Serv-U FTP Server < 15.1.0.458 Multiple Vulnerabilities 04 Jul 2014 6.4 (v2) Medium Pass OSSIM < 4.3.3.1 tele_stats.php SQL Injection 25 Jun 2014 7.5 (v2) High Pass IMAP Service STARTTLS Plaintext Command Injection CVE-2011-0411 CVE-2011-1926 10 Mar 2011 4 (v2) Medium Pass Symantec Data Insight < 4.5 Multiple Vulnerabilities (SYM14-012) CVE-2014-3432 CVE-2014-3433 03 Jul 2014 4.3 (v2) Medium Pass NETGEAR GS105PE Pro Safe Switch Hard-coded Credentials CVE-2014-2969 11 Jul 2014 8.3 (v2) High Pass SNMP 'GETBULK' Re fl ection DDoS 11 Jul 2014 5 (v2) Medium Pass VMware ESX / ESXi NFC Tra ffi c Handling DoS (VMSA-2013-0011) (remote check) CVE-2013-1661 04 Mar 2016 4.3 (v2) Medium Pass ManageEngine Desktop Central < 9 build 90103 XSRF CVE-2014-9331 25 Mar 2015 6.8 (v2) Medium Pass HP SiteScope Unspeci fi ed Authentication Bypass CVE-2014-2614 09 Jul 2014 7.5 (v2) High Pass MailPoet Newsletters for WordPress Arbitrary File Upload CVE-2014-4725 16 Jul 2014 8.8 (v3) High Pass IBM Storwize V7000 Uni fi ed Service Account Unspeci fi ed Local Privilege Escalation CVE-2014-3043 24 Jul 2014 6.5 (v2) Medium Pass WebTitan 'categories-x.php' 'sortkey' Parameter SQL Injection CVE-2014-4307 18 Jul 2014 7.5 (v2) High Pass Autodesk VRED Python API Remote Code Execution CVE-2014-2967 24 Jul 2014 10 (v2) Critical Pass VMware Harbor 1.8.x < 1.8.4 (VMSA-2019-0016) CVE-2019-16919 22 Oct 2019 7.5 (v3) High Pass Junos OS: Cross-Site Scripting (XSS) in J-Web (JSA10986) CVE-2020-1607 17 Jan 2020 7.5 (v3) High Pass OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 30 Jan 2017 5.9 (v3) Medium Pass Cisco ONS 15454 Controller Card DoS (CSCug97416) CVE-2014-2141 10 Apr 2014 4 (v2) Medium Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0015) (remote check) CVE-2009-2409 CVE-2009-3245 CVE-2009-3555 CVE-2009-3767 CVE-2010-0433 CVE-2010-0734 CVE-2010-0826 CVE-2010-1646 08 Mar 2016 10 (v2) Critical Pass NetIQ Sentinel < 7.4.1 Multiple Vulnerabilities CVE-2014-3576 CVE-2015-0851 26 Apr 2016 5 (v2) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities CVE-2013-6323 CVE-2013-6329 CVE-2013-6438 CVE-2013-6738 CVE-2013-6747 CVE-2014-0050 CVE-2014-0076 CVE-2014-0098 CVE-2014-0453 CVE-2014-0460 CVE-2014-0823 CVE-2014-0857 CVE-2014-0859 CVE-2014-0878 CVE-2014-0891 CVE-2014-0 04 Aug 2014 7.5 (v2) High Pass EMC Documentum D2 Privilege Escalation (ESA-2014-067) CVE-2014-2515 21 Aug 2014 8.5 (v2) High Pass HP LaserJet Printers Unspeci fi ed Information Disclosure (HPSBPI03546) CVE-2016-2244 15 Mar 2016 5.9 (v3) Medium Pass Juniper Junos Fragmented TCP Packet Sequence Handling DoS (JSA10696) CVE-2014-6449 21 Oct 2015 5 (v2) Medium Pass Allegro RomPager HTTP Cookie Management Remote Code Execution Vulnerability (Misfortune Cookie) CVE-2014-9222 CVE-2014-9223 30 Dec 2014 10 (v2) Critical Pass Juniper Junos jdhcpd crash denial of service (JSA10926) CVE-2019-0037 19 Apr 2019 7.5 (v3) High Pass HP StoreVirtual Storage Remote Unauthorized Access CVE-2013-2352 10 Apr 2014 9.4 (v2) High Pass Barco ClickShare Device Default Credentials 19 Aug 2014 10 (v2) Critical Pass Apache Tra ffi c Server 4.x < 4.2.1.1 / 5.x < 5.0.1 Synthetic Health Check Vulnerability CVE-2014-3525 22 Jan 2015 10 (v2) Critical Pass IBM Rational License Key Server Administration and Reporting Tool Default Credentials 16 Sep 2014 7.5 (v2) High Pass Fortinet FortiOS User Interface Default Credentials 15 Apr 2014 10 (v2) Critical Pass Splunk 6.x < 6.0.3 Multiple OpenSSL Vulnerabilities (Heartbleed) CVE-2013-4353 CVE-2014-0160 16 Apr 2014 7.5 (v3) High Pass phpMyAdmin 3.4.x < 3.4.6 XSS (PMASA-2011-16) CVE-2011-4064 26 Oct 2011 4.3 (v2) Medium Pass Oracle Real User Experience Insight October 2014 CPU CVE-2014-6557 26 Jan 2015 4.9 (v2) Medium Pass Palo Alto Networks PAN-OS HTTP Header Handling URL Filter Bypass (PAN-SA-2016-0006) 28 Apr 2016 5 (v2) Medium Pass SYAC DigiEye Backdoor Detection 10 Sep 2014 9.3 (v2) High Pass Oracle GlassFish Server 3.0.1 / 3.1.2 / Enterprise 2.1.1 DoS CVE-2012-3155 05 Sep 2014 5 (v2) Medium Pass F5 Networks rsync RCE CVE-2014-2927 14 Oct 2014 9.3 (v2) High Pass ManageEngine DeviceExpert Unauthorized Information Disclosure CVE-2014-5377 04 Sep 2014 5 (v2) Medium Pass OpenSSL 1.x < 1.0.0f Multiple Vulnerabilities CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 09 Jan 2012 5 (v2) Medium Pass FreeNAS WebGUI Blank Password CVE-2014-5334 18 Sep 2014 9.8 (v3) Critical Pass ManageEngine EventLog Analyzer Default Credentials 02 Sep 2014 7.5 (v2) High Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.14 / 7.1.x < 7.1.9 Multiple Vulnerabilities (PAN-SA-2017-0008 - PAN-SA-2017-0010) CVE-2017-7126 CVE-2017-7217 CVE-2017-7218 18 Apr 2017 7.8 (v3) High Pass Cisco Content Security Management Appliance Open Redirect Multiple Vulnerabilities (cisco-sa-sma-opn-rdrct-yPPMdsMQ) CVE-2020-3178 21 May 2020 6.1 (v3) Medium Pass Juniper Junos libgd Compressed GD2 Data RCE (JSA10798) CVE-2016-3074 31 Jul 2017 9.8 (v3) Critical Pass macOS 10.13.x < 10.13.2 Multiple Vulnerabilities (Meltdown) CVE-2017-1000254 CVE-2017-13847 CVE-2017-13848 CVE-2017-13855 CVE-2017-13858 CVE-2017-13860 CVE-2017-13862 CVE-2017-13865 CVE-2017-13867 CVE-2017-13868 CVE-2017-13869 CVE-2017-13871 CVE-2017-13872 CVE-2017-13875 CVE-201 07 Dec 2017 7.8 (v3) High Pass ESXi 5.5 < Build 1980513 glibc Library Multiple Vulnerabilities (remote check) CVE-2013-0242 CVE-2013-1914 09 Oct 2014 5 (v2) Medium Pass HP Printers Security Bypass (HPSBPI03107) CVE-2014-0224 09 Oct 2014 5.8 (v2) Medium Pass TIBCO Spot fi re Analytics Server Authentication Module Unspeci fi ed Information Disclosure CVE-2012-0690 13 Oct 2014 5 (v2) Medium Pass TIBCO Spot fi re Server Authentication Module Unspeci fi ed Remote Code Execution CVE-2014-2544 13 Oct 2014 7.5 (v2) High Pass TIBCO Spot fi re Server Unsupported Version Detection 13 Oct 2014 10 (v3) Critical Pass TIBCO Spot fi re Server Authentication Module Unspeci fi ed Privilege Escalation CVE-2014-5285 13 Oct 2014 7.5 (v2) High Pass Lexmark Printer con fi g.html Administrator Authentication Bypass (FREAK) CVE-2015-0204 CVE-2015-1637 19 Oct 2015 4.3 (v2) Medium Pass Apple iTunes < 12.0.1 Multiple Vulnerabilities (uncredentialed check) CVE-2013-2871 CVE-2013-2875 CVE-2013-2909 CVE-2013-2926 CVE-2013-2927 CVE-2013-2928 CVE-2013-5195 CVE-2013-5196 CVE-2013-5197 CVE-2013-5198 CVE-2013-5199 CVE-2013-5225 CVE-2013-5228 CVE-2013-6625 CVE-2013-6635 CVE-2013-6 21 Oct 2014 10 (v2) Critical Pass macOS 10.13.x < 10.13.5 Multiple Vulnerabilities CVE-2018-4141 CVE-2018-4159 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2018-4184 CVE-2018-4193 CVE-2018-4194 CVE-2018-4196 CVE-2018-4198 CVE-2018-4202 CVE-2018-4211 CVE-2018-4217 CVE-2018-4219 CVE-2018-4 05 Jun 2018 9.8 (v3) Critical Pass HP Operations Manager / Operations Agent < 11.13 XSS (HPSBMU03126) CVE-2014-2647 22 Oct 2014 4.3 (v2) Medium Pass Oracle Business Transaction Management 'FlashTunnelService' 'WriteToFile' Message RCE 31 Oct 2014 10 (v2) Critical Pass macOS 10.13.x < 10.13.6 Multiple Vulnerabilities CVE-2017-0898 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2018-3665 CVE-2018-4178 CVE-2018-4248 CVE-2018-4259 CVE-2018-4268 CVE-2018-4269 CVE-2018-4276 CVE-2018-4277 CVE-2018-4280 CVE-2 17 Jul 2018 9.8 (v3) Critical Pass Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Veri fi cation Vulnerability CVE-2019-1810 07 Jun 2019 6.7 (v3) Medium Pass SolarWinds Log and Event Manager Unsupported Version Detection 07 Nov 2014 10 (v2) Critical Pass SolarWinds Log and Event Manager Default Credentials 07 Nov 2014 10 (v2) Critical Pass IBM Tivoli Endpoint Manager Server 9.1.x < 9.1.1117.0 OpenSSL Security Bypass CVE-2014-0224 19 Nov 2014 5.8 (v2) Medium Pass AFP Server Network Interface Enumeration CVE-2014-4426 24 Nov 2014 4.3 (v2) Medium Pass Google Calendar Events Plugin for WordPress 'admin-ajax.php' XSS CVE-2014-7138 21 Nov 2014 4.3 (v2) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 2 Multiple Vulnerabilities CVE-2011-1376 CVE-2011-1377 CVE-2011-4889 04 Apr 2012 4.6 (v2) Medium Pass Apache Tra ffi c Server Host HTTP XSS 28 Nov 2014 4.3 (v2) Medium Pass IlohaMail read_message.php Attachment Multiple Field XSS CVE-2005-1120 14 Apr 2005 4.3 (v2) Medium Pass Splunk Enterprise 6.0.x < 6.0.6 Multiple Vulnerabilities CVE-2014-3511 CVE-2014-8303 04 Dec 2014 4.3 (v2) Medium Pass Isilon OneFS SNMP Detection 14 Aug 2018 None Pass Mac OS X < 10.11.1 Multiple Vulnerabilities CVE-2012-6151 CVE-2014-3565 CVE-2015-0235 CVE-2015-0273 CVE-2015-5924 CVE-2015-5925 CVE-2015-5926 CVE-2015-5927 CVE-2015-5932 CVE-2015-5933 CVE-2015-5934 CVE-2015-5935 CVE-2015-5936 CVE-2015-5937 CVE-2015-5938 CVE-2015-5 29 Oct 2015 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < 6.1.0.33 Multiple Vulnerabilities CVE-2010-0778 CVE-2010-0779 CVE-2010-0781 CVE-2010-3186 28 Sep 2010 10 (v2) Critical Pass SSL Certi fi cate Chain Contains Weak RSA Keys 24 Jul 2012 4 (v2) Medium Pass Cisco TelePresence Multipoint Switch XML-RPC DoS (cisco-sa-20110223-telepresence-ctms) CVE-2011-0390 27 Jul 2012 7.8 (v2) High Pass MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass CVE-2012-2122 02 Aug 2012 5.6 (v3) Medium Pass sipXtapi INVITE Message CSeq Field Header Remote Over fl ow CVE-2006-3524 25 Jul 2006 7.5 (v2) High 99

Pass Appweb 3.1.x / 3.2.x / 3.3.x < 3.3.3 mprUrlEncode Function Heap Over fl ow Vulnerability 02 Aug 2012 6.8 (v2) Medium Pass Symantec Web Gateway search.php SQL Injection (SYM12-011) CVE-2012-2961 06 Aug 2012 7.5 (v2) High Pass Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities CVE-2011-2895 CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 CVE-2015-3807 CVE-2015-5333 CVE-2015-5334 CVE-2015-6908 CVE-2015-7001 CVE-2015-7038 CVE-2015-7039 CVE-2015-7040 CVE-2015-7041 CVE-2015-7042 CVE-2015-7043 CVE-2015-7 10 Dec 2015 10 (v2) Critical Pass HP Network Automation Multiple Remote Vulnerabilities (HPSBMU03264) CVE-2014-7886 23 Apr 2015 6.8 (v2) Medium Pass Juniper Junos J-Web Service Privilege Escalation (JSA10754) CVE-2016-1279 22 Jul 2016 10 (v2) Critical Pass Juniper Junos Certi fi cate Validation Bypass (JSA10755) CVE-2016-1280 22 Jul 2016 5.8 (v2) Medium Pass Scrutinizer Default Credentials Check 20 Aug 2012 7.5 (v2) High Pass Scrutinizer < 9.5.2 d4d/statusFilter.php q Parameter SQL Injection CVE-2012-2962 20 Aug 2012 6.5 (v2) Medium Pass SquidClamav Specially Crafted Character Parsing Remote DoS CVE-2012-3501 10 Sep 2012 5 (v2) Medium Pass ManageEngine Security Manager Plus Default Administrator Credentials 10 Dec 2012 7.5 (v2) High Pass Novell eDirectory < 8.8 SP6 Patch 5 Multiple Vulnerabilities CVE-2010-1929 29 Aug 2012 9 (v2) High Pass VNC Server 'password' Password 29 Aug 2012 10 (v2) Critical Pass macOS 10.14.x < 10.14.4 Multiple Vulnerabilities CVE-2018-12015 CVE-2018-18311 CVE-2018-18313 CVE-2019-6207 CVE-2019-6237 CVE-2019-6239 CVE-2019-7293 CVE-2019-8502 CVE-2019-8504 CVE-2019-8507 CVE-2019-8508 CVE-2019-8510 CVE-2019-8511 CVE-2019-8513 CVE-2019-8514 CVE-201 27 Mar 2019 9.8 (v3) Critical Pass Kibana ESA-2018-06 CVE-2018-3823 25 Jan 2019 5.4 (v3) Medium Pass WAS Target Discovery for PCI 24 Jan 2019 None Pass Juniper Junos FreeBSD libc db Information Disclosure (JSA10756) CVE-2009-1436 22 Jul 2016 4.9 (v2) Medium Pass Cloudsafe365 Plugin for WordPress ' fi le' Parameter Traversal Arbitrary File Access 07 Sep 2012 5 (v2) Medium Pass DNS over TLS Server Detection 22 Mar 2021 None Pass JBoss Java Object Deserialization RCE CVE-2012-0874 CVE-2015-7501 10 Dec 2015 9.8 (v3) Critical Pass Mac Photo Gallery for WordPress 'albid' Parameter Traversal Arbitrary File Access 19 Sep 2012 5 (v2) Medium Pass Authentec UPEK Protector Suite Weak Password Storage 18 Oct 2012 2.1 (v2) Low Pass Mac Photo Gallery Plugin for WordPress 'macphtajax.php' Access Restriction Bypass 26 Sep 2012 5 (v2) Medium Pass OpenStack Keystone Default Credentials 27 Sep 2012 7.5 (v2) High Pass Yawcam Web Server Traversal Arbitrary File Access CVE-2005-1230 02 May 2005 5 (v2) Medium Pass ZEN Load Balancer global.conf Information Disclosure 28 Sep 2012 5.3 (v3) Medium Pass AttachmateWRQ Re fl ection for Secure IT Server < 6.0 Build 24 Multiple Vulnerabilities CVE-2005-2770 CVE-2005-2771 06 Sep 2005 4.6 (v2) Medium Pass Juniper Junos Crafted UDP Packet Handling DoS (JSA10758) CVE-2016-1263 22 Jul 2016 7.8 (v2) High Pass Transport Layer Security (TLS) Protocol CRIME Vulnerability CVE-2012-4929 CVE-2012-4930 16 Oct 2012 2.6 (v2) Low Pass RaidenFTPD Multiple Command Traversal Arbitrary File Access CVE-2001-0491 11 May 2005 6.4 (v2) Medium Pass SSL Root Certi fi cation Authority Distrusted 17 Apr 2019 6.5 (v3) Medium Pass Xerox Document Centre Web Server Unspeci fi ed Unauthorized Access (XRX05-003) CVE-2005-1936 14 May 2005 7.5 (v2) High Pass Dream4 Koobi CMS index.php area Parameter SQL Injection CVE-2005-1373 16 Jun 2005 7.5 (v2) High Pass web-app.org WebAPP Encoded Request .dat File Disclosure CVE-2005-0927 17 May 2005 5 (v2) Medium Pass HP/H3C and Huawei SNMP User Data Information Disclosure CVE-2012-3268 30 Oct 2012 8.5 (v2) High Pass ManageEngine OpStor Default Administrator Credentials 01 Nov 2012 7.5 (v2) High Pass CoSoSys Endpoint Protector 4 Predictable Password CVE-2012-2994 16 Nov 2012 7.5 (v2) High Pass SolarWinds Orion NPM < 9.5 Login.asp SQLi 12 Nov 2012 7.5 (v2) High Pass MS12-073: Vulnerabilities in Microsoft IIS Could Allow Information Disclosure (2733829) (uncredentialed check) CVE-2012-2532 16 Nov 2012 5.3 (v3) Medium Pass Juniper Junos VPLS Ethernet Frame MAC Address Remote DoS (JSA10750) CVE-2016-1275 22 Jul 2016 6.1 (v2) Medium Pass Novell File Reporter Agent FSFUI UICMD 126 Arbitrary File Download CVE-2012-4958 20 Nov 2012 7.8 (v2) High Pass NetIQ Privileged User Manager Default Admin Password 21 Nov 2012 10 (v2) Critical Pass McAfee WebShield SMTP Unsupported 03 Dec 2012 10 (v2) Critical Pass Juniper Junos SRX Series Application Layer Gateway DoS (JSA10751) CVE-2016-1276 22 Jul 2016 7.8 (v2) High Pass Juniper Junos Crafted ICMP Packet DoS (JSA10752) CVE-2016-1277 22 Jul 2016 7.8 (v2) High Pass ManageEngine Applications Manager Default Administrator Credentials 05 Dec 2012 7.5 (v2) High Pass Oracle Primavera Uni fi er Multiple Vulnerabilities (Oct 2018 CPU) CVE-2018-3148 CVE-2018-12023 01 Nov 2018 6.1 (v3) Medium Pass ESXi 5.1 < Build 2323236 Third-Party Libraries Multiple Vulnerabilities (remote check) (BEAST) CVE-2011-3389 CVE-2012-0845 CVE-2012-0876 CVE-2012-1150 CVE-2013-0242 CVE-2013-1752 CVE-2013-1914 CVE-2013-2877 CVE-2013-4238 CVE-2013-4332 CVE-2014-0015 CVE-2014-0138 CVE-2014-0191 12 Dec 2014 6.4 (v2) Medium Pass NetIQ Privileged User Manager Password Change Authentication Bypass (version check) CVE-2012-5930 07 Dec 2012 6.4 (v2) Medium Pass Cisco Small Business RV320 and RV325 Routers Multiple Vulnerabilities CVE-2019-1827 CVE-2019-1828 15 Apr 2019 8.1 (v3) High Pass Slideshow Plugin for WordPress 'settings.php' Multiple Parameter XSS 19 Dec 2012 4.3 (v2) Medium Pass HP LaserJet XSS Vulnerability CVE-2012-3272 15 Jan 2013 4.3 (v2) Medium Pass Apple TV < 12.1.1 Multiple Vulnerabilities CVE-2018-4303 CVE-2018-4431 CVE-2018-4435 CVE-2018-4436 CVE-2018-4437 CVE-2018-4438 CVE-2018-4441 CVE-2018-4442 CVE-2018-4443 CVE-2018-4447 CVE-2018-4460 CVE-2018-4461 CVE-2018-4464 CVE-2018-4465 21 Dec 2018 8.8 (v3) High Pass IronMail IronWebMail IM_FILE Identi fi er Encoded Traversal Arbitrary File Access CVE-2006-5210 20 Oct 2006 5 (v2) Medium Pass Dell OpenManage Server Administrator index_main.htm DOM-based XSS CVE-2012-6272 11 Jan 2013 4.3 (v2) Medium Pass Google Doc Embedder Plugin for WordPress 'File' Parameter Traversal Arbitrary File Disclosure CVE-2012-4915 24 Jan 2013 5 (v2) Medium Pass NetIQ Privileged User Manager regclnt.dll Directory Traversal CVE-2012-5931 24 Jan 2013 5.5 (v2) Medium Pass Kibana ESA-2018-08 CVE-2018-3824 25 Jan 2019 6.1 (v3) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 7 Multiple Vulnerabilities CVE-2012-2098 CVE-2013-0169 CVE-2013-0597 CVE-2013-1768 CVE-2013-1862 CVE-2013-1896 CVE-2013-2967 CVE-2013-2976 CVE-2013-3029 CVE-2013-4004 CVE-2013-4005 23 Aug 2013 7.5 (v2) High Pass ManageEngine AssetExplorer Detection 24 Jan 2013 None Pass ManageEngine AssetExplorer Default Administrator Credentials 24 Jan 2013 7.5 (v2) High Pass Silver Peak VX < 6.2.4 XSS CVE-2014-2975 25 Sep 2014 4.3 (v2) Medium Pass Browser Rejector Plugin for WordPress 'wppath' Parameter Remote File Inclusion 25 Jan 2013 7.5 (v2) High Pass Portable phpMyAdmin Plugin for WordPress 'wp-pma-mod' Authentication Bypass CVE-2012-5469 25 Jan 2013 7.5 (v2) High Pass GRAND Flash Album Gallery Plugin for WordPress 'f' Parameter Traversal Arbitrary Directory Enumeration 28 Jan 2013 5 (v2) Medium Pass MySQL Protocol Remote User Enumeration CVE-2012-5615 28 Jan 2013 5 (v2) Medium Pass WordPress 'xmlrpc.php' pingback.ping Server-Side Request Forgery CVE-2013-0235 04 Feb 2013 6.4 (v2) Medium Pass UnrealIRCd Unspeci fi ed DoS 06 Feb 2013 5 (v2) Medium Pass EMC Avamar ADS / AVE 7.2.x < 7.2.1 Hot fi x HOTFIX 300440 / 7.3.x < 7.3.1 Hot fi x 300439 / 7.4.x < 7.4.1 Hot fi x 300438 / 7.5.0 < 7.5.0 Hot fi x 300441 / 7.5.1 < 7.5.1 Hot fi x 300442 / 18.1 < 18.1 Hot fi x 300443 Multiple Vulnerabilities (DSA-2018-145) CVE-2018-11066 CVE-2018-11067 30 Nov 2018 9.8 (v3) Critical Pass Voice Vulnerabilities in Cisco IOS and Cisco Uni fi ed Communications Manager - Cisco Systems CVE-2007-4291 CVE-2007-4292 CVE-2007-4293 CVE-2007-4294 CVE-2007-4295 01 Sep 2010 9.3 (v2) High Pass SolarWinds Orion NPM < 10.3.1 Multiple Vulnerabilities CVE-2012-2577 CVE-2012-2602 17 Sep 2012 6.8 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1e Information Disclosure CVE-2013-0169 13 Feb 2013 2.6 (v2) Low Pass rsync < 2.5.7 Unspeci fi ed Remote Heap Over fl ow CVE-2003-0962 04 Dec 2003 7.5 (v2) High Pass Oracle Application Express (Apex) CVE-2012-1708 CVE-2012-1708 20 Feb 2013 4.3 (v2) Medium Pass Oracle Application Express (Apex) Unspeci fi ed Issues (pre 2.2.1) CVE-2006-5351 CVE-2006-5352 20 Feb 2013 10 (v2) Critical Pass Oracle Application Express (Apex) CVE-2011-3525 CVE-2011-3525 20 Feb 2013 6.5 (v2) Medium Pass ShadowIRCd m_capab.c Denial of Service CVE-2012-6084 11 Mar 2013 5 (v2) Medium Pass Cisco Prime LAN Management Solution Web Detection 21 Feb 2013 None Pass Nagios XI 2011R1.9 Multiple SQL Injection Vulnerabilities 19 Feb 2013 6.5 (v2) Medium Pass Cisco IOS IPS Denial of Service Vulnerability - Cisco Systems CVE-2008-2739 01 Sep 2010 7.8 (v2) High Pass Bu ff alo LinkStation Direct Request Remote File Disclosure 27 Feb 2013 5 (v2) Medium Pass W3 Total Cache Plugin for WordPress Cache File Direct Request Information Disclosure 04 Mar 2013 4.3 (v2) Medium Pass Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities - Cisco Systems CVE-2009-0633 CVE-2009-0634 01 Sep 2010 7.8 (v2) High Pass VMware vCenter Server Denial of Service (VMSA-2012-0018) CVE-2012-6326 12 Mar 2013 7.8 (v2) High Pass CVS < 1.11.17 / 1.12.9 Multiple Vulnerabilities CVE-2004-0414 CVE-2004-0416 CVE-2004-0417 CVE-2004-0418 CVE-2004-1471 09 Jun 2004 7.1 (v2) High Pass Cuyahoga FCKEditor Miscon fi guration Unrestricted File Upload CVE-2007-0147 10 Jan 2007 5 (v2) Medium Pass LogAnalyzer asktheoracle.php 'query' Parameter XSS 05 Mar 2013 4.3 (v2) Medium Pass Foswiki Detection 06 Mar 2013 None Pass Cisco Small Business RV Series Routers Management Interface Vulnerabilities (cisco-sa-rv-routers-injection-tWC7krKQ) CVE-2020-3268 CVE-2020-3269 15 Oct 2020 7.2 (v3) High Pass War FTP Daemon 1.82 Denial of Service CVE-2013-2278 11 Mar 2013 10 (v2) Critical Pass OpenFTPD SITE MSG FTP Command Format String CVE-2004-2523 01 Aug 2004 6.5 (v2) Medium Pass Ruby ftpd Gem ' fi lename' Parameter Remote Command Execution 07 Mar 2013 7.5 (v2) High Pass Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability - Cisco Systems CVE-2009-0631 01 Sep 2010 7.8 (v2) High Pass Juniper Junos Packet Forwarding Engine Potential RCE (JSA10906) CVE-2019-0006 10 Jan 2019 9.8 (v3) Critical Pass Cisco IOS Software Secure Copy Privilege Escalation Vulnerability - Cisco Systems CVE-2009-0637 01 Sep 2010 9 (v2) High Pass Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability - Cisco Systems CVE-2009-0629 01 Sep 2010 7.8 (v2) High Pass Nagios XI < 2012R1.6 Multiple Vulnerabilities 18 Mar 2013 6.5 (v2) Medium Pass SQLiteManager SQLiteManager_currentTheme Cookie Traversal Local File Inclusion CVE-2007-1232 27 Feb 2007 5.1 (v2) Medium Pass SSL RC4 Cipher Suites Supported (Bar Mitzvah) CVE-2013-2566 CVE-2015-2808 05 Apr 2013 5.9 (v3) Medium Pass Junos OS: Stateless fi rewall fi lter ignores IPv6 extension headers (JSA10905) CVE-2019-0005 15 Feb 2019 5.3 (v3) Medium Pass McAfee Vulnerability Manager cert_cn Parameter XSS CVE-2013-5094 29 Mar 2013 4.3 (v2) Medium Pass l2tpd < 0.68 Multiple Vulnerabilities CVE-2002-0872 CVE-2002-0873 14 Mar 2003 7.5 (v2) High Pass Cisco NX-OS Software Netstack DoS (cisco-sa-20190306-nxos-netstack) CVE-2019-1599 27 Mar 2020 8.6 (v3) High Pass IBM InfoSphere Data Replication Dashboard Unpassworded User Enumeration CVE-2013-0584 10 Apr 2013 5 (v2) Medium Pass IBM InfoSphere Data Replication Dashboard Default Credentials 10 Apr 2013 7.5 (v2) High Pass Cisco IOS Software WebVPN and SSLVPN Vulnerabilities - Cisco Systems CVE-2009-0626 CVE-2009-0628 01 Sep 2010 7.8 (v2) High Pass Multiple IRC Client Non-registered User parse_client_queued Saturation DoS CVE-2004-0605 10 Aug 2004 5 (v2) Medium Pass Ultimate Product Catalog Plugin for WordPress < 4.2.26 PHP Object Injection 05 Dec 2017 8.3 (v3) High Pass ESXi 5.1 < Build 911593 Multiple Vulnerabilities (remote check) CVE-2011-3048 CVE-2013-1406 CVE-2013-1659 13 Nov 2013 7.6 (v2) High Pass D-Link DIR-645 getcfg.php Admin Password Disclosure 26 Apr 2013 5 (v2) Medium Pass op5 Monitor < 5.7.3 Multiple Vulnerabilities 30 Apr 2013 3.5 (v2) Low Pass Exim with Dovecot use_shell Command Injection 10 May 2013 6.8 (v2) Medium Pass Jenkins JDK / Ant Tools Job Con fi guration Stored XSS Vulnerability (SECURITY-624) (deprecated) CVE-2017-17383 15 Dec 2017 4.1 (v3) Medium 100

Pass HP Managed Printing Administration < 2.7.0 XSS CVE-2012-5219 30 Apr 2013 4.3 (v2) Medium Pass Lexmark Markvision Enterprise Default Credentials 06 May 2013 7.5 (v2) High Pass Lexmark Markvision Enterprise Remote Command Execution CVE-2013-3055 06 May 2013 9.3 (v2) High Pass Groovy Shell Unauthenticated Remote Command Execution CVE-2013-3055 06 May 2013 9.3 (v2) High Pass Android Emulator Telnet Port on Remote Host 11 May 2013 7.5 (v2) High Pass IBM SPSS SamplePower 3.0 < 3.0 FP 1 Multiple ActiveX Controls Arbitrary Code Execution CVE-2012-5945 CVE-2012-5946 CVE-2012-5947 CVE-2013-0593 16 May 2013 9.3 (v2) High Pass Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities CVE-2008-4546 CVE-2009-0796 CVE-2009-0946 CVE-2009-2473 CVE-2009-2474 CVE-2009-2624 CVE-2009-3793 CVE-2009-4134 CVE-2010-0001 CVE-2010-0105 CVE-2010-0205 CVE-2010-0209 CVE-2010-0211 CVE-2010-0212 CVE-2010-0397 CVE-2010-0 10 Nov 2010 10 (v2) Critical Pass VMware vCenter Server 5.5.x / 6.0.x / 6.5.x / 6.7.x Speculative Execution Side Channel Vulnerability (Foreshadow) (VMSA-2018-0020) CVE-2018-3646 15 Aug 2018 5.6 (v3) Medium Pass Xerox ColorQube 92XX Multiple OpenSSL Vulnerabilities (XRX15AD) (FREAK) (GHOST) (POODLE) CVE-2014-3566 CVE-2015-0204 CVE-2015-0235 11 Dec 2015 10 (v2) Critical Pass Palo Alto Networks PAN-OS 6.0.x < 6.0.14 Multiple Vulnerabilities 26 Aug 2016 8.8 (v3) High Pass Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities CVE-2006-7243 CVE-2010-0405 CVE-2010-1323 CVE-2010-1324 CVE-2010-1452 CVE-2010-2068 CVE-2010-2950 CVE-2010-3069 CVE-2010-3089 CVE-2010-3315 CVE-2010-3434 CVE-2010-3709 CVE-2010-3710 CVE-2010-3801 CVE-2010-3802 CVE-2010-3 22 Mar 2011 7.6 (v2) High Pass Junos Space WebUI Default Credentials 31 May 2013 7.5 (v2) High Pass mDNS Detection (Local Network) 31 May 2013 None Pass HP System Management Homepage < 7.2.0.14 iprange Parameter Code Execution 22 May 2013 9.3 (v2) High Pass Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.12 / 6.3.8 / 6.4.4 or Splunk Light < 6.5.0 Multiple Vulnerabilities CVE-2016-0772 CVE-2016-5636 CVE-2016-5699 17 Nov 2016 9.8 (v3) Critical Pass VMware vCenter Server Multiple Vulnerabilities (VMSA-2012-0005) CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 05 Jun 2013 7.5 (v2) High Pass Mac OS X 10.7 / 10.8 Unauthorized File Access (remote check) CVE-2013-0990 06 Jun 2013 4.9 (v2) Medium Pass SAP Control SOAP Web Service Remote Code Execution (SAP Note 1414444) 05 Jun 2013 10 (v2) Critical Pass Novell ZENworks Control Center File Upload Remote Code Execution (intrusive check) CVE-2013-1080 18 Jun 2013 10 (v2) Critical Pass ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2018-0027) (Remote Check) CVE-2018-6981 CVE-2018-6982 12 Nov 2018 8.8 (v3) High Pass Elasticsearch ESA-2017-18 CVE-2017-8447 22 Aug 2018 6.5 (v3) Medium Pass GroundWork Monitor Enterprise Default Credentials 28 Jun 2013 7.5 (v2) High Pass Cisco IOS XE Bu ff er Over fl ow Vulnerabilities (cisco-sa-sdwan-bufovulns-B5NrSHbj) CVE-2021-1300 CVE-2021-1301 23 Mar 2021 9.8 (v3) Critical Pass Joomla! Unsupported Version Detection 07 Nov 2014 10 (v3) Critical Pass Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA) CVE-2014-0076 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 03 Nov 2015 5.8 (v2) Medium Pass Acunetix Web Vulnerability Scanner 4 < 4.0.20060717 Denial of Service CVE-2007-0120 02 Apr 2014 1.9 (v2) Low Pass Cisco IOS XE SD-WAN Bu ff er Over fl ow Vulnerabilities (cisco-sa-sdwan-bufovulns-B5NrSHbj) CVE-2021-1300 CVE-2021-1301 23 Mar 2021 9.8 (v3) Critical Pass Mac OS X 10.6.x < 10.6.8 Multiple Vulnerabilities CVE-2009-3245 CVE-2010-0740 CVE-2010-2632 CVE-2010-3677 CVE-2010-3682 CVE-2010-3790 CVE-2010-3833 CVE-2010-3834 CVE-2010-3835 CVE-2010-3836 CVE-2010-3837 CVE-2010-3838 CVE-2010-3864 CVE-2010-4180 CVE-2010-4651 CVE-2011-0 24 Jun 2011 10 (v2) Critical Pass Axon Virtual PBX /logon Multiple Parameter XSS CVE-2009-4038 12 Nov 2009 4.3 (v2) Medium Pass Zimbra Collaboration Server aspell.php dictionary Parameter XSS CVE-2013-1938 24 Feb 2014 4.3 (v2) Medium Pass VLC Web Interface XML Services XSS CVE-2013-3564 23 Jul 2013 4.3 (v2) Medium Pass OpenSSL 1.0.2 < 1.0.2e Multiple Vulnerabilities CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 07 Dec 2015 5 (v2) Medium Pass SAXoPRESS pbcs.dll url Parameter Traversal Arbitrary File Access CVE-2006-1771 17 Apr 2006 5 (v2) Medium Pass Cisco ONS Products Remote DoS CVE-2008-3818 25 Jul 2013 7.8 (v2) High Pass Juniper Junos IPv6 over IPv4 Security Policy Bypass (PSN-2011-07-299) 22 Aug 2011 5 (v2) Medium Pass Serv-U < 14.0.2.0 FTP Server SSL Renegotiation DoS 25 Jul 2013 5 (v2) Medium Pass Xerox WorkCentre 4260 / 4265 Multiple Vulnerabilities (XRX15AV) (FREAK) (Logjam) CVE-2015-0204 CVE-2015-3963 CVE-2015-4000 11 Dec 2015 5.8 (v2) Medium Pass BigTree CMS Detection 15 Aug 2013 None Pass ZTE F460 / F660 Cable Modems web_shell_cmd.gch Administrative Backdoor CVE-2014-2321 19 Mar 2014 10 (v2) Critical Pass Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities CVE-2010-1634 CVE-2010-2089 CVE-2011-0185 CVE-2011-0187 CVE-2011-0226 CVE-2011-0230 CVE-2011-0260 CVE-2011-1521 CVE-2011-1755 CVE-2011-1910 CVE-2011-2464 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3192 CVE-2011-3 13 Oct 2011 10 (v2) Critical Pass Puppet Enterprise 3.x < 3.1.2 DTLS Retransmission DoS CVE-2013-6450 21 Mar 2014 5.8 (v2) Medium Pass MailEnable < 1.7 IMAP Server Multiple Vulnerabilities (ME-100008) CVE-2005-3690 CVE-2005-3691 20 Nov 2005 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.39 Multiple Vulnerabilities CVE-2009-2747 11 Feb 2010 5 (v2) Medium Pass Splunk < 5.0.8 Unspeci fi ed XSS CVE-2014-2578 28 Mar 2014 4.3 (v2) Medium Pass Cisco Video Surveillance Manager Default Administrator Credentials 12 Sep 2013 9.8 (v3) Critical Pass PatchLink Update Server nwupload.asp Traversal Arbitrary File Write CVE-2006-3426 28 Jul 2006 5 (v2) Medium Pass Cisco Digital Media Manager < 5.3 Privilege Escalation CVE-2012-0329 18 Sep 2013 9 (v2) High Pass QNAP Photo Station < 5.7.0 Cross-Site Scripting Vulnerability CVE-2018-0715 03 Oct 2018 6.1 (v3) Medium Pass HP SiteScope SOAP Call runOMAgentCommand SOAP Request Arbitrary Remote Code Execution CVE-2013-2367 19 Sep 2013 10 (v2) Critical Pass PHP 5.5.x < 5.5.32 Multiple Vulnerabilities CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 CVE-2016-2554 CVE-2016-4342 11 Feb 2016 9.8 (v3) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0009) (remote check) CVE-2012-1516 CVE-2012-1517 CVE-2012-2448 CVE-2012-2449 CVE-2012-2450 29 Feb 2016 9 (v2) High Pass Artica mailattach Parameter Directory Traversal 25 Oct 2010 7.8 (v2) High Pass Canon PIXMA Printer Administration Authentication Bypass CVE-2013-4613 07 Apr 2014 7.5 (v2) High Pass macOS < 10.14 Multiple Vulnerabilities CVE-2016-0702 CVE-2015-3194 CVE-2015-5333 CVE-2015-5334 CVE-2016-1777 CVE-2017-12613 CVE-2017-12618 CVE-2018-3639 CVE-2018-3646 CVE-2018-4126 CVE-2018-4153 CVE-2018-4203 CVE-2018-4295 CVE-2018-4304 CVE-2018-4308 CVE-2018 18 Oct 2018 9.8 (v3) Critical Pass Default Password (artica) for 'root' Account CVE-1999-0502 25 Oct 2010 9.8 (v3) Critical Pass Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST) CVE-2011-1148 CVE-2011-1167 CVE-2011-1657 CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 CVE-2011-1938 CVE-2011-2192 CVE-2011-2202 CVE-2011-2483 CVE-2011-2895 CVE-2011-2937 CVE-2011-3182 CVE-2011-3189 CVE-2011-3246 CVE-2011-3 02 Feb 2012 10 (v2) Critical Pass Artica Detection 25 Oct 2010 None Pass Revive Adserver Detection 26 Jun 2014 None 101