RELAYTO Penetration Test Results

RELAYTO Penetration Test Results Result Check name CVE Publication date Scanning engine CVSS rating Risk factor Pass Sawmill 8.x < 8.1.7.3 Arbitrary File Disclosure 01 Nov 2010 7.8 (v2) High Pass Cisco IOS Software Multicast Source Discovery Protocol DoS (cisco-sa-20120328-msdp) CVE-2012-0382 02 Apr 2012 7.1 (v2) High Pass Arista Networks CloudVision Portal Privilege Escalation (SA0044) CVE-2019-18181 08 Jul 2020 7.8 (v3) High Pass Novatel MiFi Default Credentials 08 Nov 2010 10 (v2) Critical Pass Juniper Junos SSH TACACS+ Incorrect Permissions (PSN-2012-04-545) 25 Apr 2012 7.1 (v2) High Pass OS Identiﬁcation : SIP 10 Nov 2010 None Pass ignitionServer umode Command Global Operator Privilege Escalation CVE-2004-2553 27 Aug 2004 6 (v2) Medium Pass FeedList Plugin for WordPress 'i' Parameter XSS CVE-2010-4637 18 Nov 2010 4.3 (v2) Medium Pass Novell GroupWise Document Viewer Agent Arbitrary File Download CVE-2010-4715 23 Nov 2010 7.8 (v2) High Pass Novell GroupWise Document Viewer Agent Web Console Accessible 23 Nov 2010 5 (v2) Medium Pass Novell GroupWise Internet Agent Accessible 23 Nov 2010 6.4 (v2) Medium Pass Xerox WorkCentre 77XX Multiple Vulnerabilities (XRX15R) (FREAK) (GHOST) CVE-2015-0204 CVE-2015-0235 11 Dec 2015 10 (v2) Critical Pass Mac OS X 10.7.x < 10.7.4 Multiple Vulnerabilities (BEAST) CVE-2011-1004 CVE-2011-1005 CVE-2011-1777 CVE-2011-1778 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-2895 CVE-2011-3212 CVE-2011-3389 CVE-2011-3919 CVE-2011-4566 CVE-2011-4815 CVE-2011-4885 CVE-2012-0036 CVE-2012-0642 CVE-2012-0649 CVE-2012-0652 CVE-2012-0654 CVE-2012-0655 CVE-2012-0656 CVE-2012-0657 CVE-2012-0658 CVE-2012-0659 CVE-2012-0660 CVE-2012-0661 CVE-2012-0662 CVE-2012-0675 CVE-2012-083010 May 2012 10 (v2) Critical Pass FTP Server Traversal Arbitrary File Access (RETR) 24 Nov 2010 5.3 (v3) Medium Pass DiskPulse Server Default Credentials 09 Dec 2010 10 (v2) Critical Pass Remote Code Execution in DiskPulse Server 09 Dec 2010 10 (v2) Critical Pass Juniper Junos ICMPv6 DoS (PSN-2012-07-644) 17 Jul 2012 5.4 (v2) Medium Pass EMC Documentum D2 < 4.1 P22 / 4.2 P11 Multiple Vulnerabilities (ESA-2015-010) CVE-2015-0517 CVE-2015-0518 13 Feb 2015 9 (v2) High Pass pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam) CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4000 CVE-2015-4029 CVE-2015-4171 CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644 CVE-2015-6508 CVE-2015-6509 CVE-2015-6510 CVE-2015-651131 Jan 2018 9.8 (v3) Critical Pass BMC SNMP Agent Default Community Name (public) 14 Dec 2010 7.5 (v2) High Pass INN < 2.2.2 Crafted Article Handling Remote Overﬂow CVE-2000-0360 08 Sep 2004 5 (v2) Medium Pass Juniper Junos load factory-default Privilege Escalation (PSN-2012-07-646) 17 Jul 2012 6.3 (v2) Medium Pass Juniper Junos J-Web Hash Collision DoS (PSN-2012-07-650) 17 Jul 2012 7.8 (v2) High Pass Openﬁre Admin Console login.jsp XSS 13 Dec 2010 4.3 (v2) Medium Pass Juniper Junos lo0 Firewall Bypass (PSN-2012-07-651) 17 Jul 2012 7.1 (v2) High Pass Juniper Junos host-inbound-traﬃc Implicit Allow (PSN-2012-07-653) 17 Jul 2012 4 (v2) Medium Pass DD-WRT Info.live.htm Information Disclosure 30 Dec 2010 3.3 (v2) Low Pass Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20120926-dhcp) CVE-2012-4621 28 Sep 2012 7.8 (v2) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606) CVE-2019-1606 21 Jun 2019 7.8 (v3) High Pass HP StorageWorks MSA P2000 Default Credentials CVE-2012-0697 05 Jan 2011 9.8 (v3) Critical Pass PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS CVE-2010-4645 07 Jan 2011 5 (v2) Medium Pass OpenBiblio < 0.5.2 Multiple Scripts Local File Inclusion CVE-2006-5149 03 Oct 2006 7.5 (v2) High Pass Openﬁler Management Interface Default Administrator Credentials 12 Jan 2011 7.5 (v2) High Pass Cisco IOS Software DHCP Version 6 Server Denial of Service Vulnerability (cisco-sa-20120926-dhcpv6) CVE-2012-4623 28 Sep 2012 7.8 (v2) High Pass PRTG Network Monitor Default Credentials 04 Feb 2011 7.5 (v2) High Pass Microsoft System Center Conﬁguration Manager Management Point Detection 01 Feb 2011 None Pass Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20120926-sip) CVE-2012-3949 28 Sep 2012 7.8 (v2) High Pass PRTG Network Monitor login.htm errormsg Parameter XSS 04 Feb 2011 4.3 (v2) Medium Pass Arista Networks Networks CloudVision Portal IP fragment DoS (SA0037) CVE-2018-5391 09 Jul 2020 7.5 (v3) High Pass MailEnable IMAP Server (meimaps.exe) Crafted RENAME Command Remote DoS CVE-2005-3813 28 Nov 2005 4 (v2) Medium Pass F-Secure Internet Gatekeeper Default Administrator Credentials 18 Feb 2011 7.5 (v2) High Pass Mac OS X 10.8.x < 10.8.3 Multiple Vulnerabilities CVE-2011-3058 CVE-2012-2088 CVE-2012-3749 CVE-2012-3756 CVE-2013-0963 CVE-2013-0966 CVE-2013-0967 CVE-2013-0969 CVE-2013-0970 CVE-2013-0971 CVE-2013-097615 Mar 2013 9.3 (v2) High Pass Cisco NX-OS Software Border Gateway Protocol DoS (cisco-sa-20180620-nxosbgp) CVE-2018-0295 09 Jul 2020 7.5 (v3) High Pass Cisco IOS Software Network Address Translation Vulnerability (cisco-sa-20130327-nat) CVE-2013-1142 10 Apr 2013 7.8 (v2) High Pass Cisco NX-OS Software Internet Group Management Protocol Snooping RCE and DoS (cisco-sa-20180620-nxosigmp)CVE-2018-0292 09 Jul 2020 8.8 (v3) High Pass Juniper Junos Proxy ARP DoS (PSN-2013-04-913) 20 May 2013 7.8 (v2) High Pass Adobe ColdFusion Admin Requires No Authentication 05 Apr 2011 7.5 (v2) High Pass Juniper Junos IPv6 Egress Filter DoS (PSN-2013-04-915) 20 May 2013 7.1 (v2) High Pass Cisco Email Security Appliance Internal Testing Interface RCE CVE-2016-6406 05 Oct 2016 9.8 (v3) Critical Pass pfSense Detection 22 Feb 2018 None Pass NUUO NVRMini2 Authenticated Command Injection CVE-2018-15716 03 Dec 2018 8.8 (v3) High Pass Juniper Junos GRE DoS (PSN-2013-04-917) 20 May 2013 6.1 (v2) Medium Pass Zend Server Java Bridge Arbitrary Java Code Execution 22 Apr 2011 10 (v2) Critical Pass Grandstream SIP Detection 28 Mar 2019 None Pass MediaWiki API XSS CVE-2011-1587 15 Apr 2011 4.3 (v2) Medium Pass WordPress < 2.1.1 Multiple Script Backdoors CVE-2007-1277 02 Mar 2007 7.5 (v2) High Pass NCR Aloha POS SOAP API Detection 29 Mar 2018 None Pass Juniper Junos DNSSEC Validation DoS (PSN-2013-04-918) CVE-2012-3817 20 May 2013 7.8 (v2) High Pass Puppet Enterprise x < 2018.1.9 / 2019.x.x < 2019.0.3 Default Password Vulnerabilities CVE-2019-10694 09 Oct 2019 9.8 (v3) Critical Pass EMC RSA Archer WebUI Detection 07 Jul 2017 None Pass Oracle Primavera Uniﬁer Detection 21 Jul 2017 None Pass IceWarp install/index.html lang Parameter XSS 11 May 2011 4.3 (v2) Medium Pass is_human() Plugin for WordPress 'type' Parameter Command Injection 18 May 2011 7.5 (v2) High Pass IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Overﬂows CVE-2007-1868 03 May 2007 10 (v2) Critical Pass Postﬁx Cyrus SASL Authentication Context Data Reuse Memory Corruption (exploit) CVE-2011-1720 19 May 2011 6.8 (v2) Medium Pass Vacron NVR Web Interface Detection 24 Oct 2017 None Pass AOST Network Video Recorder Detection 25 Oct 2017 None Pass IBM BigFix Remote Control Detection 27 Dec 2016 None Pass Cisco NX-OS Software Image Signature Veriﬁcation (cisco-sa-20190306-nxos-sig-verif) CVE-2019-1615 09 Jul 2020 6.7 (v3) Medium Pass SiteMinder 5.5 Multiple Script XSS CVE-2005-2204 11 Jul 2005 4.3 (v2) Medium Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1779) CVE-2019-1779 02 Sep 2019 6.7 (v3) Medium Pass Kodi Media Player Detection 22 Mar 2017 None Pass SonicWALL Global Management System (GMS) / Analyzer Universal Management Appliance or Host (UMA / UMH) Information Disclosure 09 Dec 2016 5.3 (v3) Medium Pass HP Onboard Administrator < 4.22 Remote Information Disclosure CVE-2014-0224 03 Jul 2014 5.8 (v2) Medium Pass WPtouch Plugin for WordPress 'wptouch_redirect' Parameter URL Redirection 28 Jun 2011 4.3 (v2) Medium Pass ManageEngine ServiceDesk Plus Default Administrator Credentials 28 Jun 2011 7.5 (v2) High Pass Apple iTunes < 12.9.6 Multiple Vulnerabilities (uncredentialed check) CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8685 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-1311826 Jul 2019 8.8 (v3) High Pass Active Directory Certiﬁcate Services Web Enrollment Anonymous Access 15 Jun 2011 5 (v2) Medium Pass Mac OS X 10.8.x < 10.8.4 Multiple Vulnerabilities CVE-2011-1945 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0050 CVE-2012-2110 CVE-2012-2131 CVE-2012-2333 CVE-2012-4929 CVE-2012-5519 CVE-2013-0975 CVE-2013-0982 CVE-2013-0983 CVE-2013-0985 CVE-2013-0986 CVE-2013-0987 CVE-2013-0988 CVE-2013-0989 CVE-2013-0990 CVE-2013-102405 Jun 2013 9.3 (v2) High Pass Polycom SoundPoint IP Phones reg_1.html SIP Information Disclosure 22 Jun 2011 5 (v2) Medium Pass Trend Micro Data Loss Prevention Virtual Appliance Encoded Traversal Arbitrary File Access 29 Jun 2011 5 (v2) Medium Pass eScan < 9.0.718.1 MicroWorld Agent service (MWAGENT.EXE) Command Decryption Overﬂow CVE-2007-2687 24 May 2007 10 (v2) Critical Pass Adobe ColdFusion Remote Development Services Enabled Without Authentication 05 Jul 2011 6.4 (v2) Medium Pass SQL Dump Files Disclosed via Web Server 21 Jul 2011 5 (v2) Medium Pass OpenSSL 1.1.0 < 1.1.0d Multiple Vulnerabilities CVE-2017-3730 CVE-2017-3731 CVE-2017-3732 30 Jan 2017 5.9 (v3) Medium Pass Oracle iPlanet Web Server 7.0.x < 7.0.20 Multiple Vulnerabilities CVE-2013-1739 CVE-2013-1740 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 18 Jul 2014 7.5 (v2) High Pass SolarWinds Server & Application Monitor (SAM) Detection 03 Jun 2016 None Pass SolarWinds Virtualization Manager Detection 13 Jul 2016 None Pass Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection CVE-2011-2261 25 Jul 2011 10 (v2) Critical Pass MS11-061: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250) (uncrCVE-2011-1263edentialed check) 09 Aug 2011 4.3 (v2) Medium Pass Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) Remote Code Execution CVE-2007-2279 04 Jun 2007 9.3 (v2) High Pass iniNet SpiderControl SCADA Web Server 2.02 Local Privilege Escalation 27 Jan 2016 7.2 (v2) High Pass Cisco Security Manager Web Server Detection 05 Feb 2016 None Pass HP SiteScope Default Credentials 31 Aug 2011 7.5 (v2) High Pass CGI Generic XSS (extended patterns) 03 Aug 2011 4.3 (v2) Medium Pass macOS 10.14.x < 10.14.6 SU2 / 10.13.x < 10.13.6 Update 2019-005 / 10.12.x < 10.12.6 Update 2019-005 Out-of-Bounds Read VCVE-2019-8641 ulnerability 30 Sep 2019 9.8 (v3) Critical Pass Netatalk OpenSession Remote Code Execution CVE-2018-1160 20 Dec 2018 9.8 (v3) Critical Pass PCI DSS Compliance : Insecure Communication Has Been Detected 15 Sep 2011 5.3 (v3) Medium Pass GoodTech SMTP Server < 5.17 Multiple Buﬀer Overﬂows CVE-2005-2387 04 Aug 2005 10 (v2) Critical Pass NetIQ Access Manager Detect 18 Feb 2015 None Pass IBM Rational ClearQuest Web Client Detection 12 Mar 2015 None Pass ManageEngine NetFlow Analyzer Detection 16 Mar 2015 None Pass Visualware MyConnection Server Web Detection 02 Apr 2015 None Pass Apache <= 2.0.51 Satisfy Directive Access Control Bypass CVE-2004-0811 23 Sep 2004 7.3 (v3) High Pass SSL Certiﬁcate Fails to Adhere to Basic Constraints / Key Usage Extensions 23 Sep 2011 6.4 (v2) Medium Pass SMB Use Host SID to Enumerate Local Users Without Credentials CVE-2000-1200 15 Sep 2011 5.3 (v3) Medium Pass CGI Generic XPath Injection (2nd pass) 21 Sep 2011 5 (v2) Medium Pass HP Operations Orchestration Detection 07 May 2015 None Pass ManageEngine ADSelfService Plus resetUnLock Authentication Bypass CVE-2011-3485 14 Oct 2011 7.5 (v2) High 1

Pass TimThumb 'timthumb.php' WebShot 'src' Parameter Remote Command Execution CVE-2014-4663 28 Jul 2014 6.8 (v2) Medium Pass Inductive Automation Ignition Multiple Vulnerabilities CVE-2015-0976 CVE-2015-0991 CVE-2015-0992 CVE-2015-0993 CVE-2015-0994 CVE-2015-0995 02 Jun 2015 6.4 (v2) Medium Pass Puppet Enterprise < 2016.4.5 / 2016.5.x / 2017.1.x Multiple Vulnerabilities CVE-2017-2292 CVE-2017-2293 CVE-2017-2294 CVE-2017-2295 CVE-2017-2297 09 Oct 2019 9 (v3) Critical Pass IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities CVE-2013-6323 CVE-2013-6329 CVE-2013-6438 CVE-2013-6738 CVE-2013-6747 CVE-2014-0050 CVE-2014-0098 CVE-2014-0114 CVE-2014-0453 CVE-2014-0460 CVE-2014-0859 CVE-2014-0878 CVE-2014-0891 CVE-2014-0963 CVE-2014-0965 CVE-2014-302201 Aug 2014 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.43 Multiple Vulnerabilities CVE-2010-0776 CVE-2010-0777 CVE-2010-0779 CVE-2010-2327 28 Sep 2010 5 (v2) Medium Pass Schneider Electric InduSoft Web Studio < 7.1.3.4 Multiple Information Disclosures (SEVD-2015-054-01) CVE-2015-0996 CVE-2015-0997 CVE-2015-0998 CVE-2015-0999 18 Jun 2015 5 (v2) Medium Pass VMware vCenter Update Manager Directory Traversal (VMSA-2011-0014) CVE-2011-4404 28 Nov 2011 7.8 (v2) High Pass Adobe Experience Manager 6.4 and 6.5 DoS (APSB20-08) CVE-2020-3741 14 Feb 2020 7.5 (v3) High Pass ManageEngine ADSelfService EmployeeSearch.cc Multiple XSS CVE-2010-3274 CVE-2011-5105 08 Dec 2011 4.3 (v2) Medium Pass SurgeMail IMAP Server SEARCH Command Remote Buﬀer Overﬂow CVE-2007-4377 23 Aug 2007 6 (v2) Medium Pass VERITAS Backup Exec Agent Unauthenticated Remote Registry Access CVE-2005-0771 08 Aug 2005 10 (v2) Critical Pass Apple iTunes < 7.4 Malformed Music File Heap Overﬂow (uncredentialed check) CVE-2007-3752 07 Sep 2007 9.3 (v2) High Pass ManageEngine Firewall Analyzer Multiple XSS 13 Apr 2016 4.3 (v2) Medium Pass Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness CVE-2005-1794 01 Jun 2005 5.1 (v2) Medium Pass Mercury IMAP Server SEARCH Command Remote Buﬀer Overﬂow CVE-2007-5018 20 Sep 2007 6 (v2) Medium Pass Novell GroupWise 'FileUploadServlet' Arbitrary File Access Vulnerability CVE-2014-0600 02 Sep 2014 7.8 (v2) High Pass Web Application Information Disclosure 25 Jan 2012 5 (v2) Medium Pass Mac OS X 10.11.x < 10.11.5 Multiple Vulnerabilities CVE-2016-1792 CVE-2016-1793 CVE-2016-1794 CVE-2016-1795 CVE-2016-1796 CVE-2016-1797 CVE-2016-1798 CVE-2016-1799 CVE-2016-1801 CVE-2016-1802 CVE-2016-1803 CVE-2016-1804 CVE-2016-1805 CVE-2016-1806 CVE-2016-1807 CVE-2016-1808 CVE-2016-1809 CVE-2016-1810 CVE-2016-1811 CVE-2016-1812 CVE-2016-1813 CVE-2016-1814 CVE-2016-1815 CVE-2016-1816 CVE-2016-1817 CVE-2016-1818 CVE-2016-1819 CVE-2016-1820 CVE-2016-1821 CVE-2016-1822 CVE-2016-1823 CVE-2016-1824 CVE-2016-1825 CVE-2016-1826 CVE-2016-1827 CVE-2016-1828 CVE-2016-1829 CVE-2016-1830 CVE-2016-1831 CVE-2016-1832 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-1842 CVE-2016-1843 CVE-2016-1844 CVE-2016-1846 CVE-2016-1848 CVE-2016-1850 CVE-2016-1851 CVE-2016-1853 CVE-2016-1861 CVE-2016-3141 CVE-2016-3142 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 CVE-2016-465019 May 2016 7.8 (v3) High Pass TrackerCam Multiple Remote Vulnerabilities CVE-2005-0478 CVE-2005-0479 CVE-2005-0480 CVE-2005-0481 CVE-2005-0482 21 Feb 2005 7.5 (v2) High Pass Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20090727-wlc) CVE-2009-1164 CVE-2009-1165 CVE-2009-1166 CVE-2009-1167 25 Sep 2013 10 (v2) Critical Pass SMB Signing not required 19 Jan 2012 5.3 (v3) Medium Pass Pivotal Web Server Version Detection 26 Aug 2014 None Pass Unsupported IPSO Firewall 25 Jan 2012 10 (v2) Critical Pass Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability (cisco-sa-nxos-ipip-dos-kCT9X4)CVE-2020-10136 05 Jun 2020 5.3 (v3) Medium Pass Riverbed SteelApp (Stingray) Traﬃc Manager Web UI Detection 15 Sep 2014 None Pass OpenSSL 1.0.0f DTLS Denial of Service CVE-2012-0050 27 Jan 2012 5 (v2) Medium Pass Oracle GlassFish Server 3.1.1 < 3.1.1.2 Administration Component Unspeciﬁed Vulnerability CVE-2012-0081 02 Feb 2012 3.7 (v2) Low Pass OpenSSL 0.9.8s DTLS Denial of Service CVE-2012-0050 27 Jan 2012 5 (v2) Medium Pass CodeMeter TCP Packet Parsing Unspeciﬁed Remote DoS CVE-2011-4057 02 Feb 2012 5 (v2) Medium Pass CodeMeter Virtual Directory Traversal Arbitrary File Access (remote check) 02 Feb 2012 5.3 (v3) Medium Pass Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability (cisco-sa-20130925-ipv6vfr)CVE-2013-5474 07 Oct 2013 7.8 (v2) High Pass Oracle Application Express (APEX) / REST Data Services Listener Detection 07 Oct 2014 None Pass SolarWinds Log and Event Manager Detection 07 Nov 2014 None Pass RuggedCom RuggedOS Web-Based Admin Interface Default Credentials 15 Jun 2012 10 (v2) Critical Pass Modicon PLC CPU Type SNMP Request Model Type Remote Disclosure 11 Dec 2006 5 (v2) Medium Pass Oracle GlassFish Server 2.1.1 < 2.1.1 Patch15 Administration Component Unspeciﬁed Vulnerability CVE-2011-3564 02 Feb 2012 2.1 (v2) Low Pass EMC Celerra Control Station Default Credentials 13 Feb 2012 10 (v2) Critical Pass Cisco NX-OS OpenSSL Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2015-0292 26 Feb 2016 7.5 (v2) High Pass Docker Remote API Detection 12 Apr 2019 10 (v3) Critical Pass Novell eDirectory Server iMonitor Multiple Remote Overﬂows CVE-2005-2551 CVE-2006-2496 12 Aug 2005 10 (v2) Critical Pass Oracle GlassFish Server 2.1.1 < 2.1.1.14 / 3.0.1 < 3.0.1.4 / 3.1.1 < 3.1.1.1 Web Container Component UnspeciCVE-2011-3559ﬁed Vulnerability 22 Feb 2012 7.8 (v2) High Pass eIQnetworks Enterprise Security Analyzer Monitoring.exe Multiple Command Overﬂow CVE-2006-3838 10 Aug 2006 10 (v2) Critical Pass HP-UX Ignite-UX TFTP Service Remote File Manipulation CVE-2004-0952 26 Aug 2005 6.4 (v2) Medium Pass IIS Detailed Error Information Disclosure 16 Mar 2012 5.3 (v3) Medium Pass Tenable Appliance Web Authentication Bypass 17 Jul 2012 7.5 (v2) High Pass WordPress ToolsPack Plugin Backdoor 07 Mar 2012 8.8 (v3) High Pass TheCartPress Plugin for WordPress 'tcp_class_path' Parameter Remote File Inclusion 19 Mar 2012 7.5 (v2) High Pass 3S CODESYS V3 CmpUserMgr 3.x < 3.5.16.0 Password Transmission Vulnerability CVE-2019-9013 12 Aug 2019 8.8 (v3) High Pass CA ARCserve Backup Network Service Network Request Parsing Remote DoS CVE-2012-1662 05 Apr 2012 5 (v2) Medium Pass Mac OS X 10.11.x < 10.11.3 Multiple Vulnerabilities CVE-2015-7995 CVE-2016-1716 CVE-2016-1717 CVE-2016-1718 CVE-2016-1719 CVE-2016-1720 CVE-2016-1721 CVE-2016-1722 CVE-2016-172921 Jan 2016 7.3 (v3) High Pass phpWebNotes core/api.php t_path_core Parameter File Inclusion CVE-2005-2775 29 Aug 2005 7.5 (v2) High Pass Palo Alto Networks PAN-OS 8.0.x < 8.0.6 Multiple Vulnerabilities CVE-2017-15942 CVE-2017-15944 15 Dec 2017 9.8 (v3) Critical Pass ManageEngine DeviceExpert ScheduleResultViewer Remote Directory Traversal 22 Mar 2012 7.8 (v2) High Pass Palo Alto Networks 7.1.x < 7.1.22 / 8.0.x < 8.0.15 / 8.1.x < 8.1.6 Cross-Site Scripting Vulnerability (PAN-SA-2019-0001)CVE-2019-1565 12 Mar 2019 5.4 (v3) Medium Pass Apache Traﬃc Server 3.0.x < 3.0.4 / 3.1.x < 3.1.3 Host HTTP Header Parsing Remote Overﬂow CVE-2012-0256 04 Apr 2012 7.5 (v2) High Pass IBM Storwize Detection 23 Jan 2015 None Pass Debugging Log Report 17 Jun 2015 None Pass at32 Reverse Proxy Admin Portal No Password 05 Apr 2012 7.5 (v2) High Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.22 / 7.1.x < 7.1.20 / 8.0.x < 8.0.13 / 8.1.x < 8.1.5 Multiple Vulnerabilities (PCVE-2018-5391AN-SA-2018-0012) 19 Feb 2019 7.5 (v3) High Pass Sendmail Service Detection 06 Aug 2018 None Pass ePolicy Orchestrator Symlink Arbitrary Privileged File Access CVE-2005-2554 01 Sep 2005 4.9 (v2) Medium Pass TP-Link HTTP Server Detection 01 Oct 2018 None Pass OpenSSH < 4.4 Multiple Vulnerabilities CVE-2006-4924 CVE-2006-4925 CVE-2006-5051 CVE-2006-5052 CVE-2006-5229 CVE-2007-3102 CVE-2008-4109 28 Sep 2006 9.3 (v2) High Pass Cisco NX-OS OTV GRE Packet Header Parameter Handling RCE (cisco-sa-20161005-otv) CVE-2016-1453 18 Oct 2016 9.8 (v3) Critical Pass Citrix XenServer vSwitch Controller < 2.0.0+build11349 Multiple Vulnerabilities 20 Apr 2012 4.3 (v2) Medium Pass Apple iTunes < 11.2 Multiple Vulnerabilities (uncredentialed check) CVE-2014-1296 CVE-2014-8842 16 May 2014 4.3 (v2) Medium Pass 3S CODESYS Runtime 3.x < 3.5.14.20 Multiple Vulnerabilities CVE-2019-9010 CVE-2019-9012 CVE-2019-9013 30 Mar 2020 9.8 (v3) Critical Pass Palo Alto Networks 7.1.x < 7.1.22 / 8.0.x < 8.0.15 / 8.1.x < 8.1.6 Multiple Vulnerabilities (PAN-SA-2019-0002)CVE-2019-1566 20 Feb 2019 6.1 (v3) Medium Pass Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check) CVE-2010-3190 CVE-2014-8146 CVE-2015-1152 CVE-2015-1153 CVE-2015-1157 CVE-2015-1205 CVE-2015-3686 CVE-2015-3687 CVE-2015-3688 CVE-2015-3730 CVE-2015-3731 CVE-2015-3733 CVE-2015-3734 CVE-2015-3735 CVE-2015-3736 CVE-2015-3737 CVE-2015-3738 CVE-2015-3739 CVE-2015-3740 CVE-2015-3741 CVE-2015-3742 CVE-2015-3743 CVE-2015-3744 CVE-2015-3745 CVE-2015-3746 CVE-2015-3747 CVE-2015-3748 CVE-2015-3749 CVE-2015-5755 CVE-2015-5761 CVE-2015-5789 CVE-2015-5790 CVE-2015-5791 CVE-2015-5792 CVE-2015-5793 CVE-2015-5794 CVE-2015-5795 CVE-2015-5796 CVE-2015-5797 CVE-2015-5798 CVE-2015-5799 CVE-2015-5800 CVE-2015-5801 CVE-2015-5802 CVE-2015-5803 CVE-2015-5804 CVE-2015-5805 CVE-2015-5806 CVE-2015-5807 CVE-2015-5808 CVE-2015-5809 CVE-2015-5810 CVE-2015-5811 CVE-2015-5812 CVE-2015-5813 CVE-2015-5814 CVE-2015-5815 CVE-2015-5816 CVE-2015-5817 CVE-2015-5818 CVE-2015-5819 CVE-2015-5821 CVE-2015-5822 CVE-2015-5823 CVE-2015-5874 CVE-2015-592026 Oct 2015 9.3 (v2) High Pass CGIProxy < 2.1.2 Multiple Unspeciﬁed Vulnerabilities 23 Apr 2012 7.5 (v2) High Pass VERITAS Storage Foundation NULL NTLMSSP Authentication Bypass (SYM08-015) CVE-2008-3703 15 Aug 2008 10 (v2) Critical Pass Dell EMC Data Protection Central Web Interface Detected 02 Apr 2020 None Pass IBM Spectrum Protect Plus Administrative Console Detection 21 Apr 2020 None Pass Cisco IOS XE Software Common Industrial Protocol Privilege Escalation (cisco-sa-XE-SAP-OPLbze68) CVE-2021-1392 30 Mar 2021 7.8 (v3) High Pass Cisco IOS Software CIP Request DoS (cisco-sa-20160928-cip) CVE-2016-6391 25 Oct 2016 7.5 (v3) High Pass Cisco UCS Director and Cisco UCS Director Express for Big Data Multiple Vuulnerabilities (cisco-sa-ucsd-mult-vulns-UNfpdW4E)CVE-2020-3239 CVE-2020-3240 CVE-2020-3243 CVE-2020-3247 CVE-2020-3248 CVE-2020-3249 CVE-2020-3250 CVE-2020-3251 CVE-2020-325221 Apr 2020 9.8 (v3) Critical Pass Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities CVE-2014-9495 CVE-2015-0973 CVE-2015-1819 CVE-2015-3195 CVE-2015-5312 CVE-2015-7499 CVE-2015-7500 CVE-2015-7551 CVE-2015-7942 CVE-2015-8035 CVE-2015-8126 CVE-2015-8242 CVE-2015-8472 CVE-2015-8659 CVE-2016-0777 CVE-2016-0778 CVE-2016-0801 CVE-2016-0802 CVE-2016-1732 CVE-2016-1733 CVE-2016-1734 CVE-2016-1735 CVE-2016-1736 CVE-2016-1737 CVE-2016-1738 CVE-2016-1740 CVE-2016-1741 CVE-2016-1743 CVE-2016-1744 CVE-2016-1745 CVE-2016-1746 CVE-2016-1747 CVE-2016-1748 CVE-2016-1749 CVE-2016-1750 CVE-2016-1752 CVE-2016-1753 CVE-2016-1754 CVE-2016-1755 CVE-2016-1756 CVE-2016-1757 CVE-2016-1758 CVE-2016-1759 CVE-2016-1761 CVE-2016-1762 CVE-2016-1764 CVE-2016-1767 CVE-2016-1768 CVE-2016-1769 CVE-2016-1770 CVE-2016-1773 CVE-2016-1775 CVE-2016-1788 CVE-2016-195022 Mar 2016 9.8 (v3) Critical Pass BeanShell Remote Server Mode Arbitrary Code Execution 03 May 2012 10 (v2) Critical Pass 3S CODESYS Runtime 3.x < 3.5.15.40 Multiple Vulnerabilities CVE-2019-5105 CVE-2020-10245 30 Apr 2020 9.8 (v3) Critical Pass macOS 10.12.x < 10.12.1 Multiple Vulnerabilities CVE-2016-4660 CVE-2016-4661 CVE-2016-4667 CVE-2016-4669 CVE-2016-4670 CVE-2016-4673 CVE-2016-4674 CVE-2016-4675 CVE-2016-4678 CVE-2016-4679 CVE-2016-4688 CVE-2016-4721 CVE-2016-4780 CVE-2016-7577 CVE-2016-7579 CVE-2016-7584 CVE-2016-761325 Oct 2016 7.8 (v3) High Pass PHP PHP-CGI Query String Parameter Injection Arbitrary Code Execution CVE-2012-1823 CVE-2012-2311 14 May 2012 7.5 (v2) High Pass PHP 5.3.x < 5.3.13 CGI Query String Code Execution CVE-2012-2311 CVE-2012-2335 CVE-2012-2336 09 May 2012 7.5 (v2) High Pass Cisco Firepower Device Manager On-Box Software XML Parsing (cisco-sa-xpftd-gYDXyN8H) CVE-2020-3310 10 Jul 2020 4.9 (v3) Medium Pass Kibana ESA-2018-05 CVE-2018-3821 14 Jan 2019 6.1 (v3) Medium Pass McAfee WebShield UI Dashboard XSS (SB10026) CVE-2012-4597 16 May 2012 4.3 (v2) Medium Pass McAfee WebShield UI mui Directory Traversal (SB10026) CVE-2012-4596 16 May 2012 4.3 (v2) Medium Pass Caldera 'cdir' Parameter Absolute Path Directory Traversal CVE-2014-2933 05 Jun 2014 5 (v2) Medium Pass IBM San Volume Controller / Storwize / FlashSystem Arbitrary File Read (CVE-2018-1775) CVE-2018-1775 14 Jun 2019 6.5 (v3) Medium Pass Liferay Portal Default Credentials 22 May 2012 7.5 (v2) High Pass Inductive Automation Ignition 8.x < 8.0.10 Multiple Vulnerabilities CVE-2020-10641 CVE-2020-10644 CVE-2020-12000 CVE-2020-12004 11 Jun 2020 7.5 (v3) High Pass OpenSSL 1.1.1 < 1.1.1c Vulnerability CVE-2019-1543 03 Jun 2019 7.4 (v3) High Pass ManageEngine AssetExplorer Multiple Vulnerabilities 16 Nov 2015 5 (v2) Medium Pass PacketVideo TwonkyServer Directory Traversal 23 May 2012 5 (v2) Medium Pass SAP Netweaver Application Server (AS) HTTP Server Detection 15 Jul 2020 None Pass HP SAN/iQ < 9.5 Root Shell Command Injection CVE-2012-4361 01 Jun 2012 7.7 (v2) High Pass Cisco IP Phone SIP Detection 20 Jul 2020 None Pass Cisco Small Business RV132W and RV134W Routers Management Interface RCE / DoS (cisco-sa-rv-132w134w-overCVE-2021-1287ﬂow-Pptt4H2p) 25 Mar 2021 7.2 (v3) High Pass Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities CVE-2013-1862 CVE-2013-1896 CVE-2013-4073 CVE-2013-4113 CVE-2013-4248 CVE-2013-5986 CVE-2013-5987 CVE-2013-6420 CVE-2013-6629 CVE-2014-1245 CVE-2014-1246 CVE-2014-1247 CVE-2014-1248 CVE-2014-1249 CVE-2014-1250 CVE-2014-1252 CVE-2014-1254 CVE-2014-1255 CVE-2014-1256 CVE-2014-1258 CVE-2014-1259 CVE-2014-1261 CVE-2014-1262 CVE-2014-1263 CVE-2014-1264 CVE-2014-1265 CVE-2014-126625 Feb 2014 10 (v2) Critical Pass TLS Version 1.0 Protocol Detection 22 Nov 2017 6.5 (v3) Medium Pass Open WebMail sessionid Parameter XSS CVE-2005-2863 21 Sep 2005 4.3 (v2) Medium Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.2 Multiple Vulnerabilities CVE-2013-5372 CVE-2013-5780 CVE-2013-5803 CVE-2013-6323 CVE-2013-6325 CVE-2013-6329 CVE-2013-6438 CVE-2013-6725 CVE-2013-6738 CVE-2013-6747 CVE-2014-0050 CVE-2014-0823 CVE-2014-0857 CVE-2014-0859 CVE-2014-0891 CVE-2014-089629 May 2014 7.5 (v2) High Pass IBM MQ Service Detection 28 Jul 2020 None Pass Titan FTP Server SITE WHO Command Resource Consumption DoS CVE-2008-6082 16 Oct 2008 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.19 Multiple Vulnerabilities CVE-2017-15940 CVE-2017-15942 CVE-2017-15943 CVE-2017-15944 15 Dec 2017 9.8 (v3) Critical Pass Cisco NX-OS Software Unauthorized Administrator Account (cisco-sa-20180620-nxosadmin) CVE-2018-0294 14 Jul 2020 6.7 (v3) Medium Pass Palo Alto Networks PAN-OS < 4.0.8 Multiple Vulnerabilities CVE-2012-6590 CVE-2012-6598 05 Mar 2014 9 (v2) High Pass Network UPS Tools Cleartext Authentication 22 Jun 2012 6.8 (v2) Medium Pass MobileIron Core API Detection 09 Oct 2020 None Pass Elasticsearch ESA-2018-19 CVE-2018-17247 18 Jan 2019 5.9 (v3) Medium Pass Cisco IoT Field Network Director Web UI Detection. 30 Sep 2020 None Pass MailEnable IMAP Server W3C Logging Overﬂow CVE-2005-3155 04 Oct 2005 7.5 (v2) High Pass Juniper Junos Multiple CLI Command Handling Local Privilege Escalations (JSA10763) CVE-2016-4922 27 Oct 2016 7.8 (v3) High 2

Pass Kerio WinRoute Firewall Web Server Remote Source Code Disclosure 20 Jun 2012 5 (v2) Medium Pass Cisco Prime Collaboration Assurance 10.5.1.x < 10.5.1.58480 Multiple Vulnerabilities CVE-2015-6328 CVE-2015-6331 09 May 2016 6.8 (v2) Medium Pass Apache Tomcat 8.5.0 < 8.5.63 Multiple Vulnerabilities CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 04 Mar 2021 7.5 (v3) High Pass NSClient Default Password 20 Jul 2009 5 (v2) Medium Pass Basilic diﬀ.php Command Injection CVE-2012-3399 05 Jul 2012 7.5 (v2) High Pass SecurityReporter < 4.6.3p1 Multiple Vulnerabilities CVE-2007-3985 CVE-2007-3986 06 Sep 2007 5 (v2) Medium Pass Palo Alto Networks PAN-OS 6.1.x <= 6.1.20 / 7.1.x < 7.1.21 / 8.0.x < 8.0.14 / 8.1.x < 8.1.4 Multiple Vulnerabilities (PCVE-2018-0732 CVE-2018-0737 CVE-2018-0739AN-SA-2018-0015) 29 Mar 2019 5.9 (v3) Medium Pass Altiris Deployment Solution Server DB Manager Unauthenticated Command Execution CVE-2009-3107 31 Aug 2009 7.5 (v2) High Pass Spiceworks HTTP Response Accept Header Handling Overﬂow DoS 11 Aug 2009 10 (v2) Critical Pass Citrix NetScaler Application Delivery Controller Multiple Vulnerabilities CVE-2012-2141 CVE-2013-6938 CVE-2013-6939 CVE-2013-6940 CVE-2013-6941 CVE-2013-6942 CVE-2013-6943 CVE-2013-6944 26 Mar 2014 10 (v2) Critical Pass Novell GroupWise WebAccess User.interface Directory Traversal CVE-2012-0410 13 Jul 2012 5 (v2) Medium Pass Scrutinizer < 9.5.2 exporters.php XSS CVE-2012-3848 23 Aug 2012 4.3 (v2) Medium Pass Juniper Junos vMX 14.1 < 14.1R8 / 15.1 < 15.1F5 Local Information Disclosure (JSA10766) CVE-2016-4924 04 Nov 2016 6.5 (v3) Medium Pass WordPress < 2.8.4 Password Reset CVE-2009-2762 12 Aug 2009 6.4 (v2) Medium Pass Apache Tomcat 7.0.0 < 7.0.108 RCE CVE-2020-9484 CVE-2021-25329 05 Mar 2021 7 (v3) High Pass OpenWrt Router with a Blank Password (telnet check) CVE-1999-0508 23 Jul 2009 10 (v2) Critical Pass Cisco IOS Software Multiple Network Address Translation (NAT) Denial of Service Vulnerabilities (cisco-sa-20140326-nat)CVE-2014-2109 CVE-2014-2111 04 Apr 2014 7.8 (v2) High Pass Xerox WorkCentre Web Services Extensible Interface Platform Unauthorized Access (XRX09-003) 28 Aug 2009 5 (v2) Medium Pass CMS Made Simple url Parameter Arbitrary File Access 11 Aug 2009 5 (v2) Medium Pass Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1) CVE-2016-6381 14 Nov 2016 7.5 (v3) High Pass Apple iTunes < 9.0.1 PLS File Buﬀer Overﬂow (uncredentialed check) CVE-2009-2817 23 Sep 2009 9.3 (v2) High Pass Browsable Web Directories 15 Sep 2009 5.3 (v3) Medium Pass Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities CVE-2008-2286 CVE-2008-2287 CVE-2008-2288 CVE-2008-2289 CVE-2008-2291 15 May 2008 10 (v2) Critical Pass Dell OpenManage Server Administrator omalogin.html DOM-based XSS CVE-2012-4955 20 Nov 2012 6.1 (v3) Medium Pass NaviCOPA ::$DATA Extension Request Source Code Disclosure CVE-2009-3646 28 Sep 2009 5 (v2) Medium Pass McAfee Web Gateway Multiple OpenSSL Vulnerabilities (SB10075) CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 19 Jun 2014 6.8 (v2) Medium Pass SNMP Agent Default Community Name (public) CVE-1999-0517 25 Nov 2002 7.5 (v2) High Pass Adobe RoboHelp Server Security Bypass (APSA09-05) CVE-2009-3068 30 Sep 2009 10 (v2) Critical Pass Adobe RoboHelp Server Security Bypass (APSA09-05 / intrusive check) CVE-2009-3068 30 Sep 2009 10 (v2) Critical Pass NaviCOPA Encoded Space Request Source Code Disclosure CVE-2009-4529 15 Oct 2009 5 (v2) Medium Pass CGI Generic SSI Injection 07 Oct 2009 7.5 (v2) High Pass CGI Generic Local File Inclusion 07 Oct 2009 5 (v2) Medium Pass Unencrypted Telnet Server 27 Oct 2009 6.5 (v3) Medium Pass Infoblox IPAM Appliance Default Credentials 22 Oct 2009 7.5 (v2) High Pass OSSIM Web Frontend Default Credentials 02 Nov 2009 7.5 (v2) High Pass XOOPS misc.php Query String XSS CVE-2009-3963 10 Nov 2009 4.3 (v2) Medium Pass osCommerce ﬁle_manager.php Arbitrary PHP Code Injection 03 Nov 2009 7.5 (v2) High Pass OpenVMPS Logging Function Format String CVE-2005-4714 20 Oct 2005 7.5 (v2) High Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10629) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 05 Aug 2014 6.8 (v2) Medium Pass CGI Generic SQL Injection (HTTP Cookies) 06 Nov 2009 7.5 (v2) High Pass SugarCRM on Apache / Windows .htaccess Direct Request Arbitrary File Access 01 Dec 2009 5 (v2) Medium Pass CGI Generic SSI Injection (HTTP headers) 06 Nov 2009 7.5 (v2) High Pass Gallery Plugin for WordPress 'load' Parameter Remote File Inclusion CVE-2012-4919 11 Feb 2013 7.5 (v2) High Pass Symantec (Blue Coat) Reporter CLI OS Command Injection Vulnerability (SYMSA1465) CVE-2018-12237 18 Jan 2019 7.2 (v3) High Pass Novell eDirectory < 8.8.5.2 / 8.7.3.10 ftf2 'NDS Verb' Request Buﬀer Overﬂow CVE-2009-0895 07 Dec 2009 10 (v2) Critical Pass OpenSSH X11 Forwarding Session Hijacking CVE-2008-1483 CVE-2008-3234 03 Apr 2008 6.9 (v2) Medium Pass Juniper Junos CLI Local Privilege Escalation (JSA10803) CVE-2017-10602 31 Jul 2017 7.8 (v3) High Pass Kiwi Syslog Server Web Access Login Username Enumeration 14 Dec 2009 5 (v2) Medium Pass Sun Java System Identity Manager Default Credentials 15 Dec 2008 7.5 (v2) High Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10649) CVE-2014-3509 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 14 Oct 2014 7.5 (v2) High Pass Snitz Forums 2000 active.asp HTTP X-Forwarded-For Header SQL Injection 07 Jan 2010 7.5 (v2) High Pass TurboFTP Server < 1.00.720 DoS 13 Jan 2010 4 (v2) Medium Pass Novell NetWare 6.5 OpenSSH Remote Stack Buﬀer Overﬂow 04 Oct 2011 9 (v2) High Pass OpenSSH < 2.9.9p1 Resource Limit Bypass CVE-2001-1459 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 2.9.9 / 2.9p2 Symbolic Link 'cookies' File Removal CVE-2001-0529 04 Oct 2011 3.3 (v2) Low Pass OpenSSH < 3.2.3 YP Netgroups Authentication Bypass CVE-2002-0765 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 2.9.9p2 echo simulation Information Disclosure CVE-2001-1382 04 Oct 2011 5 (v2) Medium Pass Juniper Junos J-Web Reﬂected XSS (JSA10764) CVE-2016-4923 27 Oct 2016 4.3 (v3) Medium Pass OpenSSH < 4.0 known_hosts Plaintext Host Information Disclosure CVE-2005-2666 CVE-2007-4654 CVE-2004-2760 04 Oct 2011 1.2 (v2) Low Pass OpenSSH < 4.3 scp Command Line Filename Processing Command Injection CVE-2006-0225 04 Oct 2011 4.6 (v2) Medium Pass OpenSSH < 4.7 Trusted X11 Cookie Connection Policy Bypass CVE-2007-4752 CVE-2007-2243 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 4.9 'ForceCommand' Directive Bypass CVE-2008-1657 04 Oct 2011 6.5 (v2) Medium Pass Web Server Generic Cookie Injection 25 Jan 2010 4.3 (v2) Medium Pass SAP BusinessObjects 'HappyAxis2.jsp' Information Disclosure 01 Feb 2010 5 (v2) Medium Pass MoinMoin Detection 02 Feb 2010 None Pass QMTP Open Relay 15 May 2009 7.8 (v2) High Pass Web Application SQL Backend Identiﬁcation 19 Feb 2010 5 (v2) Medium Pass Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE) CVE-2014-1595 CVE-2014-3192 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-4371 CVE-2014-4389 CVE-2014-4419 CVE-2014-4420 CVE-2014-4421 CVE-2014-4460 CVE-2014-4461 CVE-2014-4476 CVE-2014-4477 CVE-2014-4479 CVE-2014-4481 CVE-2014-4483 CVE-2014-4484 CVE-2014-4485 CVE-2014-4486 CVE-2014-4487 CVE-2014-4488 CVE-2014-4489 CVE-2014-4491 CVE-2014-4492 CVE-2014-4495 CVE-2014-4498 CVE-2014-4499 CVE-2014-6277 CVE-2014-7186 CVE-2014-7187 CVE-2014-7861 CVE-2014-8517 CVE-2014-8817 CVE-2014-8819 CVE-2014-8820 CVE-2014-8821 CVE-2014-8822 CVE-2014-8823 CVE-2014-8824 CVE-2014-8825 CVE-2014-8826 CVE-2014-8827 CVE-2014-8830 CVE-2014-8831 CVE-2014-8832 CVE-2014-8833 CVE-2014-8834 CVE-2014-8835 CVE-2014-8836 CVE-2014-8837 CVE-2014-8838 CVE-2014-883929 Jan 2015 9.8 (v3) Critical Pass Zabbix node_process_command() Function Crafted Request Arbitrary Command Execution CVE-2009-4498 15 Feb 2010 8.8 (v3) High Pass IBM WebSphere Application Server < 6.0.2.35 Multiple Vulnerabilities CVE-2009-1898 CVE-2009-1899 CVE-2009-1900 CVE-2009-1901 02 Jun 2009 5 (v2) Medium Pass Splunk 5.0.x < 5.0.3 Multiple Vulnerabilities CVE-2012-6447 CVE-2013-0166 CVE-2013-0169 06 Jun 2013 4.3 (v2) Medium Pass Cisco Nexus 9000 ACI Mode Shell Escape Vulnerability (cisco-sa-20190306-aci-shell-escape) CVE-2019-1591 01 Jun 2020 7.8 (v3) High Pass SpamAssassin Milter Plugin 'mlﬁ_envrcpt()' Remote Arbitrary Command Injection CVE-2010-1132 09 Mar 2010 10 (v2) Critical Pass MyDoom Virus Backdoor Detection 27 Jan 2004 10 (v2) Critical Pass CGI Generic Command Execution (time-based) 19 Feb 2010 7.5 (v2) High Pass McAfee LinuxShield Login Username Enumeration 04 Mar 2010 5 (v2) Medium Pass SilverStripe CMS Running in Development Mode 01 Mar 2010 5 (v2) Medium Pass Apache 2.2.x < 2.2.14 Multiple Vulnerabilities CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 07 Oct 2009 7.3 (v3) High Pass Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787) CVE-2017-2341 23 Aug 2017 8.8 (v3) High Pass Session Fixation Attack on HTTP Cookies 17 Mar 2010 7.5 (v2) High Pass Multiple Vendor phf CGI Arbitrary Command Execution CVE-1999-0067 22 Jun 1999 10 (v2) Critical Pass eScan MWAdmin forgotpassword.php uname Parameter Arbitrary Command Execution 25 Mar 2010 10 (v2) Critical Pass Hyperic HQ Web GUI Default Credentials 26 Mar 2010 7.5 (v2) High Pass Juniper Junos SRX DHCP ﬂowd DHCP Packet Handling DoS (JSA10789) CVE-2017-10605 23 Aug 2017 7.5 (v3) High Pass Mac OS X FTP Server Directory Traversal CVE-2010-0501 30 Mar 2010 5 (v2) Medium Pass IBM WebSphere Application Server 6.0 < 6.0.2.17 Multiple Vulnerabilities CVE-2006-6636 CVE-2006-6637 05 Apr 2010 10 (v2) Critical Pass SSL Certiﬁcate with Wrong Hostname 03 Apr 2010 5.3 (v3) Medium Pass IBM WebSphere Application Server 6.0 < 6.0.2.23 Unspeciﬁed Vulnerability (PK45726) CVE-2007-5483 05 Apr 2010 10 (v2) Critical Pass IBM WebSphere Application Server 6.0 < 6.0.2.19 HTTP Response Splitting CVE-2007-1608 05 Apr 2010 7.5 (v2) High Pass Apple Mac OS X Wiki Server File Upload Security Bypass CVE-2010-0523 08 Apr 2010 5 (v2) Medium Pass Cisco NX-OS Multiple ntpd Vulnerabilities CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 18 Mar 2015 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.41 Multiple Vulnerabilities CVE-2010-0768 CVE-2010-0769 CVE-2010-0770 CVE-2010-0774 CVE-2010-0775 06 Apr 2010 4.3 (v2) Medium Pass Apache CouchDB Unauthenticated Administrative Access 07 Apr 2010 7.5 (v2) High Pass Samba < 3.0.35 / 3.2.13 / 3.3.6 Multiple Vulnerabilities CVE-2009-1886 CVE-2009-1888 CVE-2006-3403 24 Jun 2009 3.5 (v2) Low Pass VLC Web Interface XML Services Remote Command Execution CVE-2013-3564 23 Jul 2013 6.3 (v3) Medium Pass Apple Mac OS X Wiki Server Weblog SACL Security Bypass CVE-2010-0534 08 Apr 2010 4 (v2) Medium Pass Juniper Junos SRX Integrated User Firewall Hardcoded Credentials (JSA10791) CVE-2017-2343 23 Aug 2017 10 (v3) Critical Pass WindWeb <= 2.0 Malformed GET Request Remote DoS CVE-2005-3475 28 Oct 2005 5 (v2) Medium Pass Juniper Junos snmpd SNMP Packet Handling RCE (JSA10793) CVE-2017-2345 23 Aug 2017 9.8 (v3) Critical Pass Nessus Web UI Scanned Content Stored XSS CVE-2014-7280 25 Feb 2016 4.1 (v3) Medium Pass HP LaserJet Pro /IoMgmt/Adapters/wiﬁ0/WPS/Pin WPS PIN Disclosure CVE-2013-4807 09 Aug 2013 7.8 (v2) High Pass Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities CVE-2005-3352 CVE-2006-5752 CVE-2007-3847 CVE-2007-5000 CVE-2007-6388 CVE-2008-2364 CVE-2010-0425 CVE-2010-0434 CVE-2010-2068 CVE-2011-0419 CVE-2011-3348 CVE-2012-268711 Aug 2013 10 (v2) Critical Pass CGI Generic XSS (HTTP Headers) 30 Apr 2010 2.6 (v2) Low Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10679) (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 21 Apr 2015 5 (v2) Medium Pass Ektron CMS400.NET 'workarea/reterror.aspx' info Parameter XSS 30 Apr 2010 4.3 (v2) Medium Pass Fixed HTTP Session Cookies 30 Apr 2010 5.6 (v3) Medium Pass Juniper Junos rpd MPLS Ping Packet Handling DoS (JSA10795) CVE-2017-2347 23 Aug 2017 6.5 (v3) Medium Pass Virtualizor < 2.3.1 Unspeciﬁed SQL Injection 24 Jul 2013 9 (v2) High Pass Resin resin-admin/digest.php XSS CVE-2010-2032 21 May 2010 4.3 (v2) Medium Pass Cisco NX-OS IS-IS Packet Processing Denial of Service Vulnerability CVE-2017-3804 07 Sep 2017 6.1 (v3) Medium Pass ManageEngine ADManager Plus 'computerName' Parameter XSS CVE-2010-5050 02 Jun 2010 4.3 (v2) Medium Pass Cisco Email Security Appliance Malformed EML Attachment Bypass Vulnerability (cisco-sa-20170906-esa)CVE-2017-12218 08 Sep 2017 5.8 (v3) Medium 3

Pass ManageEngine ADManager Plus Default Credentials 02 Jun 2010 7.5 (v2) High Pass PRTG Traﬃc Grapher login.htm url Parameter XSS 10 Jun 2010 4.3 (v2) Medium Pass Apache Axis2 Default Credentials CVE-2010-0219 27 May 2010 7.5 (v2) High Pass Xerox WorkCentre Multiple Unspeciﬁed Vulnerabilities (XRX10-003) 21 Jun 2010 10 (v2) Critical Pass Palo Alto Networks PAN-OS 6.1.x / 7.0.x < 7.0.18 / 7.1.x < 7.1.12 / 8.0.x < 8.0.4 Network Time Protocol VulnerabilityCVE-2017-6460 14 Sep 2017 8.8 (v3) High Pass Apache Tomcat 3.x < 3.2.2 JSP Error Condition XSS CVE-2001-0829 02 Nov 2010 5.6 (v3) Medium Pass Super Simple Blog Script entry Parameter SQL Injection CVE-2009-2553 20 Oct 2010 7.5 (v2) High Pass Terminal Services Encryption Level is not FIPS-140 Compliant 11 Feb 2008 2.6 (v2) Low Pass Aruba Networks ClearPass Policy Manager 6.7.x < 6.7.13-HF / 6.8.x < 6.8.5-HF / 6.9.x < 6.9.1 Multiple Vulnerabilities (ARUBA-PSA-2020-005)CVE-2020-7115 CVE-2020-7116 CVE-2020-7117 17 Jul 2020 9.8 (v3) Critical Pass Cisco TelePresence CVE-2013-3377 Malformed SIP Packet Handling Remote DoS CVE-2013-3377 24 Jul 2013 7.8 (v2) High Pass Juniper Junos DoS Telnet Vulnerability (JSA10817) CVE-2017-10614 CVE-2017-10621 20 Oct 2017 7.5 (v3) High Pass Splunk 4.x < 4.1.3 404 Response XSS CVE-2010-2429 07 Jul 2010 4.3 (v2) Medium Pass Fake SMTP/FTP Server Detection (possible backdoor) 19 May 2008 10 (v2) Critical Pass CUPS Memory Information Disclosure CVE-2010-1748 14 Jul 2010 4.3 (v2) Medium Pass Juniper Junos BGP Update Vulnerability (JSA10820) CVE-2017-10618 20 Oct 2017 7.5 (v3) High Pass Apple iTunes < 12.4.2 Multiple Vulnerabilities (uncredentialed check) CVE-2016-1684 CVE-2016-1836 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4607 CVE-2016-4608 CVE-2016-4609 CVE-2016-4610 CVE-2016-4612 CVE-2016-4614 CVE-2016-4615 CVE-2016-4616 CVE-2016-461919 Jul 2016 9.8 (v3) Critical Pass CGI Generic Open Redirection 26 Jul 2010 4.3 (v2) Medium Pass HP Systems Insight Manager Multiple Products Authentication Bypass CVE-2010-3986 CVE-2010-4100 CVE-2010-4103 11 Nov 2010 7.5 (v2) High Pass vBulletin Database Credentials Information Disclosure 27 Jul 2010 5 (v2) Medium Pass Cisco IOS Software TFTP DoS (cisco-sa-20150722-tftp) CVE-2015-0681 30 Jul 2015 7.1 (v2) High Pass Wing FTP Server < 3.2.0 PORT Command DoS 02 Aug 2010 5 (v2) Medium Pass Wing FTP Server < 3.6.1 Multiple Flaws 02 Aug 2010 4 (v2) Medium Pass Juniper Junos DoS Vulnerability (JSA10821) CVE-2017-10619 20 Oct 2017 7.5 (v3) High Pass Oracle WebLogic Server Plug-in HTTP Injection CVE-2010-2375 29 Jul 2010 6.4 (v2) Medium Pass Juniper Junos bfdd RCE (JSA10690) CVE-2015-5362 04 Aug 2015 9.3 (v2) High Pass HP Power Manager < 4.3.2 CVE-2010-4113 16 Dec 2010 10 (v2) Critical Pass Xerver Double Slash Authentication Bypass 05 Aug 2010 7.5 (v2) High Pass Oracle BPM Process Administrator tips.jsp context Parameter XSS CVE-2010-2370 16 Aug 2010 4.3 (v2) Medium Pass BlackMoon FTP Server Denial of Service CVE-2011-0507 20 Jan 2011 5 (v2) Medium Pass Web Application Session Cookies Not Marked HttpOnly 25 Aug 2010 4.3 (v2) Medium Pass CGI Generic HTML Injections (quick test) 01 Sep 2010 4.3 (v2) Medium Pass Wing FTP Server < 3.6.6 DoS 01 Sep 2010 5 (v2) Medium Pass Open-Realty index.php select_users_lang Parameter Traversal Local File Inclusion 23 Aug 2010 7.5 (v2) High Pass Splunk Free Detection 01 Sep 2010 7.5 (v2) High Pass Web Application Session Cookies Not Marked Secure 14 Sep 2010 4.3 (v2) Medium Pass Majordomo 2 _list_ﬁle_get() Function Traversal Arbitrary File Access CVE-2011-0049 CVE-2011-0063 16 Feb 2011 5 (v2) Medium Pass Multiple Switch Vendors '__super' Account Backdoor 14 Sep 2010 8.8 (v3) High Pass OpenSSL 1.1.0 < 1.1.0a Multiple Vulnerabilities CVE-2016-6304 CVE-2016-6305 CVE-2016-6307 CVE-2016-6308 30 Sep 2016 7.5 (v3) High Pass Novell BorderManager Port 2000 Telnet DoS CVE-2000-0152 09 Feb 2000 5 (v2) Medium Pass Mura CMS Default Administrator Credentials 30 Sep 2010 7.5 (v2) High Pass Vtiger CRM graph.php Directory Traversal CVE-2009-3249 14 Mar 2011 7.5 (v2) High Pass Oracle WebLogic Server Servlet Container Session Fixation CVE-2010-4437 22 Mar 2011 5.8 (v2) Medium Pass Cisco Prime Collaboration Assurance Multiple Vulnerabilities (cisco-sa-20100217-csa) CVE-2015-4304 CVE-2015-4305 CVE-2015-4306 25 Sep 2015 9 (v2) High Pass Nagios XI < 2009R1.3C grab_request_var() Multiple XSS 06 Oct 2010 4.3 (v2) Medium Pass SSH with Kerberos NFS Share Ticket Disclosure CVE-2000-0575 16 Jul 2000 2.6 (v2) Low Pass VMware vCenter Multiple Vulnerabilities (VMSA-2015-0008) CVE-2015-3269 CVE-2015-5255 22 Dec 2015 5 (v2) Medium Pass DNS Server Recursive Query Cache Poisoning Weakness CVE-1999-0024 27 Oct 2000 5 (v2) Medium Pass Cisco Prime Collaboration Provisioning 9.0.x / 11.0.x < 11.1 Local Privilege Escalation (cisco-sa-20160209-pcp)CVE-2016-1320 09 Sep 2016 6.7 (v3) Medium Pass Apple iTunes < 10.2.2 Multiple Vulnerabilities (uncredentialed check) CVE-2011-1290 CVE-2011-1344 19 Apr 2011 9.3 (v2) High Pass WordPress fGallery 'ﬁm_rss.php' 'album' Parameter SQL Injection CVE-2008-0491 28 Jan 2008 7.5 (v2) High Pass MS11-030: Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553) (remote check)CVE-2011-0657 21 Apr 2011 10 (v2) Critical Pass Cisco CatOS VACM read-write Community String Device Conﬁguration Manipulation CVE-2004-1775 15 Jun 2001 10 (v2) Critical Pass 3Proxy HTTP Proxy Crafted Transparent Request Remote Overﬂow CVE-2007-2031 14 Feb 2008 7.5 (v2) High Pass SSH (SSF Derivative) Detection 12 Mar 2008 2.6 (v2) Low Pass OpenSSH < 3.0.2 Multiple Vulnerabilities CVE-2001-0872 CVE-2001-1029 10 Dec 2001 7.2 (v2) High Pass MiniWebsvr GET Request Traversal Arbitrary File Access 04 Mar 2008 5 (v2) Medium Pass pfSense < 2.3 Multiple Vulnerabilities (SA-16_01 - SA-16_02) CVE-2015-3197 CVE-2015-5300 CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8139 CVE-2015-8140 CVE-2015-8158 CVE-2016-0702 CVE-2016-0703 CVE-2016-0704 CVE-2016-0705 CVE-2016-0777 CVE-2016-0778 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-1879 CVE-2016-1882 CVE-2016-1885 CVE-2016-1070931 Jan 2018 9.8 (v3) Critical Pass HP Intelligent Management Center TFTP Multiple Vulnerabilities CVE-2011-1849 CVE-2011-1851 CVE-2011-1852 CVE-2011-1853 07 Jun 2011 10 (v2) Critical Pass EMC Documentum eRoom Indexing Server Hummingbird Client Connector Buﬀer Overﬂow CVE-2011-1741 29 Jul 2011 10 (v2) Critical Pass Versant Connection Services Daemon Arbitrary Command Execution CVE-2008-1319 12 Mar 2008 10 (v2) Critical Pass VLC Media Player network/httpd.c httpd_FileCallBack Function Connection Parameter Format String CVE-2007-6682 21 Mar 2008 7.5 (v2) High Pass EMC AlphaStor Library Manager Remote Code Execution CVE-2008-2157 01 Jul 2008 10 (v2) Critical Pass Cisco NX-OS System Software Authentication, Authorization, and Accounting Denial of Service Vulnerability VCVE-2017-3883ulnerability 26 Oct 2017 8.6 (v3) High Pass Apache < 2.0.59 mod_rewrite LDAP Protocol URL Handling Overﬂow CVE-2006-3747 26 Mar 2008 7.3 (v3) High Pass Web Server Uses Non Random Session IDs 26 Mar 2008 5.4 (v3) Medium Pass Apache mod_jk2 Host Header Multiple Fields Remote Overﬂow CVE-2007-6258 04 Apr 2008 7.3 (v3) High Pass Malware Payload Code detection 11 Apr 2008 10 (v2) Critical Pass IPSwitch IMail SMTP Multiple Vulnerabilities (OF, DoS) CVE-2001-0039 CVE-2001-0494 05 Jun 2002 9.3 (v2) High Pass Jigsaw < 2.2.4 Unspeciﬁed URI Parsing Unspeciﬁed Vulnerability CVE-2004-2274 22 Feb 2004 7.5 (v2) High Pass ESXi 5.1 < Build 1900470 OpenSSL Library Multiple Vulnerabilities (remote check) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 24 Jun 2014 5.8 (v2) Medium Pass Novell eDirectory Host Environment Service (dhost.exe) HTTP Connection Header DoS CVE-2008-0927 16 Apr 2008 7.8 (v2) High Pass WS_FTP Server SITE CPWD Command Remote Overﬂow CVE-2002-0826 21 Aug 2002 7.5 (v2) High Pass WordPress index.php 'cat' Parameter Local File Inclusion CVE-2008-4769 29 Apr 2008 6.8 (v2) Medium Pass SSH Multiple Remote Vulnerabilities CVE-2002-1357 CVE-2002-1358 CVE-2002-1359 CVE-2002-1360 20 Dec 2002 5 (v2) Medium Pass WEBrick Encoded Traversal Arbitrary CGI Source Disclosure CVE-2008-1891 17 Apr 2008 5 (v2) Medium Pass Debian OpenSSH/OpenSSL Package Random Number Generator Weakness CVE-2008-0166 14 May 2008 10 (v2) Critical Pass Cloudera Manager < 4.8.3 / 5.x < 5.0.1 Information Disclosure CVE-2014-0220 26 Jun 2014 4 (v2) Medium Pass MySQL Enterprise Server 5.0 < 5.0.60 MyISAM CREATE TABLE Privilege Check Bypass CVE-2008-2079 09 May 2008 3.5 (v2) Low Pass CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996) CVE-2008-2241 CVE-2008-2242 22 May 2008 10 (v2) Critical Pass SecurityGateway < 1.0.2 Administration Interface username Field Remote Overﬂow CVE-2008-4193 06 Jun 2008 10 (v2) Critical Pass Kismet Server Information Disclosure 25 Jun 2008 5 (v2) Medium Pass Lyris ListManager read/search/results words Parameter XSS CVE-2008-2923 18 Jun 2008 4.3 (v2) Medium Pass SurgeMail IMAP Service APPEND Command Remote DoS CVE-2008-2859 CVE-2008-7182 30 Jun 2008 4 (v2) Medium Pass Wordtrans-web exec_wordtrans Function Arbitrary Command Execution 02 Jul 2008 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.15 / 8.0.x < 8.0.7 Multiple Vulnerabilities (ROBOT) CVE-2017-15941 CVE-2017-16878 CVE-2017-17841 18 Jan 2018 6.1 (v3) Medium Pass Generic Backdoor Detection (banner check) 20 Aug 2008 10 (v2) Critical Pass VMware vCenter Server Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE) CVE-2014-3566 CVE-2014-6549 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0403 CVE-2015-0406 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0413 CVE-2015-0421 CVE-2015-043701 May 2015 10 (v2) Critical Pass Mambo < 4.6.5 mos_user_template Local File Inclusion 11 Jul 2008 5.1 (v2) Medium Pass Aruba Networks ClearPass Policy Manager 6.7.x < 6.7.13 / 6.8.x < 6.8.4 Multiple Vulnerabilities (ARUBA-PSA-2020-004)CVE-2020-7110 CVE-2020-7111 CVE-2020-7113 CVE-2020-7114 01 May 2020 9.8 (v3) Critical Pass Apache 2.2.x < 2.2.13 APR apr_palloc Heap Overﬂow CVE-2009-2412 19 Jan 2012 9.8 (v3) Critical Pass Asterisk IAX2 FWDOWNL Request Spooﬁng Remote DoS CVE-2008-3264 24 Jul 2008 5 (v2) Medium Pass Asterisk IAX2 (IAX) POKE Request Saturation Resource Exhaustion Remote DoS CVE-2008-3263 25 Jul 2008 5 (v2) Medium Pass MySQL Enterprise Monitor < 2.3.17 Multiple Vulnerabilities CVE-2014-0050 CVE-2014-0094 CVE-2014-0112 CVE-2014-0113 CVE-2014-0116 08 May 2015 7.5 (v2) High Pass Macromedia ColdFusion MX CFIDE/probe.cfm Direct Request Path Disclosure CVE-2003-1469 30 Apr 2003 5 (v2) Medium Pass XAMPP Example Pages Detection 05 Aug 2008 7.5 (v2) High Pass Management Center for Cisco Security Agents Remote Code Execution (cisco-sa-20110216-csa) CVE-2011-0364 18 Sep 2013 10 (v2) Critical Pass PowerDNS Authoritative Server Malformed Query Cache Poisoning Weakness CVE-2008-3337 12 Aug 2008 7.1 (v2) High Pass MailScan WebAdministrator Cookie Authentication Bypass CVE-2008-3729 17 Aug 2008 7.5 (v2) High Pass HP Managed Printing Administration jobDelivery Script Directory Traversal (intrusive check) CVE-2011-4168 26 Jan 2012 5 (v2) Medium Pass MS Site Server < 3.0 formslogin.asp url Parameter XSS CVE-2002-2073 18 Aug 2008 4.3 (v2) Medium Pass OpenSSL 0.9.8 < 0.9.8zg Multiple Vulnerabilities CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 12 Jun 2015 6.8 (v2) Medium Pass Default Password (000000) for 'admin' on WIP5000 IP Phone 16 Sep 2008 10 (v2) Critical Pass MS Executable Detection 20 Aug 2008 10 (v2) Critical Pass Web Server Generic 3xx Redirect 18 Aug 2008 4.3 (v2) Medium Pass Microsoft Windows SMBv1 Multiple Vulnerabilities CVE-2017-0267 CVE-2017-0268 CVE-2017-0269 CVE-2017-0270 CVE-2017-0271 CVE-2017-0272 CVE-2017-0273 CVE-2017-0274 CVE-2017-0275 CVE-2017-0276 CVE-2017-0277 CVE-2017-0278 CVE-2017-0279 CVE-2017-028026 May 2017 8.1 (v3) High Pass Apache Unomi Detection. 14 Jan 2021 None Pass Apple iTunes < 8.0 Integer Buﬀer Overﬂow (uncredentialed check) CVE-2008-3636 10 Sep 2008 7.2 (v2) High Pass MySQL Enterprise Server 5.0 < 5.0.66 Empty Bit-String Literal Token SQL Statement DoS CVE-2008-3963 11 Sep 2008 4 (v2) Medium Pass Default Password (admin) for 'admin' Account CVE-1999-0502 04 Sep 2008 9.8 (v3) Critical Pass Novell PlateSpin Orchestrate Remote Code Execution 19 Oct 2010 10 (v2) Critical Pass Xerox WorkCentre Samba Overﬂow (XRX08-009) CVE-2008-1105 19 Sep 2008 7.6 (v2) High Pass ISC BIND 9 for Windows UDP Client Handler Remote DoS CVE-2008-4163 20 Sep 2008 5 (v2) Medium 4

Pass ReviewPost PHP Pro Multiple Script SQL Injections CVE-2004-2175 04 Feb 2004 7.5 (v2) High Pass IBM DataPower Gateway Security Bypass CVE-2019-4621 20 Jul 2020 9.8 (v3) Critical Pass Telnetd - Remote Code Execution (CVE-2020-10188) CVE-2020-10188 26 May 2020 9.8 (v3) Critical Pass CA BrightStor ARCserve Backup RPC Interface (asdbapi.dll) Traversal Arbitrary Command Execution CVE-2008-4397 14 Oct 2008 10 (v2) Critical Pass Cisco IOS XE Software SD WAN vDaemon DoS (cisco-sa-iosxe-sdwdos-4zeEeC9w) CVE-2021-1431 06 Apr 2021 7.5 (v3) High Pass FTP Supports Cleartext Authentication 01 Oct 2008 2.6 (v2) Low Pass ESXi 5.0 < Build 1311175 Multiple Vulnerabilities (remote check) CVE-2013-0166 CVE-2013-0169 CVE-2013-0338 CVE-2013-5970 CVE-2013-5973 CVE-2014-1207 CVE-2014-1208 13 Nov 2013 4.4 (v2) Medium Pass Blue Coat Reporter Default Password (admin) for 'admin' Account 06 Oct 2008 7.5 (v2) High Pass OpenNMS Web Console Default Credentials 07 Oct 2008 7.5 (v2) High Pass MS08-065: Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Execution (951071) (uncrCVE-2008-3479edentialed check) 15 Oct 2008 10 (v2) Critical Pass Palo Alto Networks PAN-OS 9.1.x < 9.1.3 Integer Underﬂow Vulnerability CVE-2020-2031 09 Jul 2020 4.9 (v3) Medium Pass ManageEngine Desktop Central AgentLogUploadServlet Arbitrary File Upload RCE (intrusive check) CVE-2013-7390 04 Dec 2013 10 (v2) Critical Pass Juniper Junos J-Web Interface PHP URL Handling Use-after-free RCE (JSA10828) CVE-2018-0001 26 Jan 2018 9.8 (v3) Critical Pass CCProxy < 6.62 HTTP Proxy CONNECT Request Handling Remote Overﬂow CVE-2008-6415 24 Oct 2008 10 (v2) Critical Pass Tivoli Directory Server ldacgi.exe Template Parameter Traversal Arbitrary File Access CVE-2004-2526 02 Aug 2004 5 (v2) Medium Pass MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass CVE-2008-2079 CVE-2008-4098 09 Nov 2008 4.6 (v2) Medium Pass Juniper Junos Flowd TCP/IP Response Packet Handling Remote DoS (JSA10829) CVE-2018-0002 26 Jan 2018 7.5 (v3) High Pass Intel Active Management Technology (AMT) Web UI Clickjacking Weakness (INTEL-SA-00081) (remote check)CVE-2017-5697 30 Jun 2017 6.5 (v3) Medium Pass phpPgAdmin index.php _language Parameter Local File Inclusion CVE-2008-5587 08 Dec 2008 6.8 (v2) Medium Pass Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check) CVE-2011-3102 CVE-2012-0841 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-5134 CVE-2013-1024 CVE-2013-1037 CVE-2013-1038 CVE-2013-1039 CVE-2013-1040 CVE-2013-1041 CVE-2013-1042 CVE-2013-1043 CVE-2013-1044 CVE-2013-1045 CVE-2013-1046 CVE-2013-1047 CVE-2013-2842 CVE-2013-5125 CVE-2013-5126 CVE-2013-5127 CVE-2013-5128 CVE-2014-124223 Jan 2014 7.5 (v2) High Pass HTTP Backdoor Detection deprecated 08 Jan 2009 10 (v2) Critical Pass EMC Data Protection Advisor 6.4 / 6.5 / 18.1 OS Command Injection (DSA-2020-081) CVE-2020-5352 17 Jul 2020 8.8 (v3) High Pass WP-Forum Plugin for WordPress 'forum_feed.php' 'thread' Parameter SQL Injection 14 Jan 2009 7.5 (v2) High Pass 2BGal disp_album.php id_album Parameter SQL Injection CVE-2004-1415 23 Dec 2004 7.5 (v2) High Pass UPnP Internet Gateway Device (IGD) Protocol Detection 19 Feb 2009 6.3 (v3) Medium Pass EMC RepliStor Multiple Remote Heap Based Buﬀer Overﬂows CVE-2007-6426 27 Jan 2009 10 (v2) Critical Pass NaviCOPA Trailing Dot Source Code Disclosure 05 Feb 2009 5 (v2) Medium Pass Synology DiskStation Manager 4.3-x < 4.3-3810 Update 1 Multiple Vulnerabilities CVE-2013-6955 05 Feb 2014 10 (v2) Critical Pass Xerox WorkCentre Web Server Unspeciﬁed Command Injection (XRX09-001) 01 Feb 2009 10 (v2) Critical Pass Sun Java System Directory Server 6.x < 6.3.1 LDAP JDBC Backend DoS CVE-2009-0609 13 Feb 2009 5 (v2) Medium Pass Default Password (password) for 'admin' Account on Broadcom BCM96338 ADSL Router 09 Feb 2009 10 (v2) Critical Pass Default Password (profense) for 'operator' Account CVE-1999-0502 31 Jan 2009 9.8 (v3) Critical Pass NaviCOPA < 3.01 6th February 2009 Multiple Vulnerabilities 09 Feb 2009 10 (v2) Critical Pass Profense Web Application Firewall Default Credentials 03 Feb 2009 7.5 (v2) High Pass Trend Micro InterScan Web Security Suite Default Credentials 12 Feb 2009 7.5 (v2) High Pass CjOverkill trade.php Multiple Method XSS CVE-2004-2193 12 Oct 2004 4.3 (v2) Medium Pass Juniper Junos VLAN authentication processing DoS (JSA10834) CVE-2018-0006 26 Jan 2018 7.5 (v3) High Pass UPnP Internet Gateway Device (IGD) Port Mapping Manipulation 19 Feb 2009 6.3 (v3) Medium Pass ProFTPD Username Variable Substitution SQL Injection CVE-2009-0542 17 Feb 2009 7.5 (v2) High Pass FreeBSD telnetd sys_term.c Environment Variable Handling Privilege Escalation (FreeBSD-SA-09:05) CVE-2009-0641 17 Feb 2009 7.6 (v2) High Pass Novell eDirectory < 8.8 SP3 FTF3 iMonitor HTTP Accept-Language Header Overﬂow 03 Mar 2009 10 (v2) Critical Pass Apple iTunes < 8.1 Multiple Vulnerabilities (uncredentialed check) CVE-2009-0016 CVE-2009-0143 13 Mar 2009 5 (v2) Medium Pass Apache Tomcat 8.0.x < 8.0.15 Multiple Vulnerabilities (POODLE) CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-513905 Mar 2015 7.3 (v3) High Pass Tenable Security Center Default Credentials 26 Mar 2009 7.5 (v2) High Pass Xlight FTP Server Authentication SQL Injection CVE-2009-4795 31 Mar 2009 7.5 (v2) High Pass mod_perl Apache::Status Info Disclosure 07 Apr 2009 5 (v2) Medium Pass Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure CVE-2009-1556 24 Apr 2009 6.8 (v2) Medium Pass Default Password (admin) for 'root' Account CVE-1999-0502 23 Jul 2009 9.8 (v3) Critical Pass Memcached / MemcacheDB ASLR Bypass Weakness CVE-2009-1255 29 Apr 2009 5 (v2) Medium Pass A-A-S Application Access Server Default Admin Password CVE-2009-1465 14 May 2009 10 (v2) Critical Pass Oracle GlassFish Server Administration Console Default Credentials 07 May 2009 7.5 (v2) High Pass Icecast XSL Parser Multiple Vulnerabilities (OF, ID) CVE-2005-0837 CVE-2005-0838 22 Mar 2005 5 (v2) Medium Pass Atmail WebMail <= 5.6.0 (5.60) Email Body Injection 30 Apr 2009 4.3 (v2) Medium Pass ESXi 5.0 < Build 1918656 OpenSSL Library Multiple Vulnerabilities (remote check) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 04 Jul 2014 5.8 (v2) Medium Pass Microsoft IIS WebDAV Unicode Request Directory Security Bypass CVE-2009-1535 18 May 2009 7.5 (v2) High Pass Sendmail < 8.13.2 Mail X-Header Handling Remote Overﬂow CVE-2009-1490 24 May 2009 5.3 (v3) Medium Pass MS09-039: Vulnerabilities in WINS Could Allow Remote Code Execution (969883) (uncredentialed check) CVE-2009-1923 CVE-2009-1924 12 Aug 2009 10 (v2) Critical Pass Sun Java System Calendar Server login.wcap Fmt-out Parameter XSS CVE-2009-1218 27 May 2009 4.3 (v2) Medium Pass WP-Lytebox 'pg' Parameter Local File Inclusion CVE-2009-4672 27 May 2009 6.8 (v2) Medium Pass OpenSSH < 5.9 Multiple DoS CVE-2010-4755 CVE-2011-5000 18 Nov 2011 4 (v2) Medium Pass News Server (NNTP) Anonymous Read Access 08 Jun 2009 2.6 (v2) Low Pass MikroTik RouterOS with Blank Password (HTTP) CVE-1999-0508 17 Jun 2009 10 (v2) Critical Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.3 Multiple Vulnerabilities CVE-2014-0076 CVE-2014-0098 CVE-2014-0963 CVE-2014-0965 CVE-2014-3022 CVE-2014-3070 CVE-2014-3083 CVE-2014-4244 CVE-2014-4263 CVE-2014-4764 CVE-2014-476729 Aug 2014 6.5 (v2) Medium Pass RIP-1 Poisoning Routing Table Modiﬁcation 02 Jul 2009 5.8 (v2) Medium Pass CGI Generic Remote File Inclusion 19 Jun 2009 7.5 (v2) High Pass RIP Poisoning Routing Table Modiﬁcation (Adjacent Network) 02 Jul 2009 5.8 (v2) Medium Pass PostgreSQL LDAP Anonymous Bind Authentication Bypass CVE-2009-3231 11 Sep 2009 6.8 (v2) Medium Pass Sun Java Web Console helpwindow.jsp / masthead.jsp Multiple XSS CVE-2009-2283 02 Jul 2009 4.3 (v2) Medium Pass RIP-2 Poisoning Routing Table Modiﬁcation 02 Jul 2009 5.4 (v2) Medium Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 5 Reﬂected Cross-Site Scripting (ESA-2017-134) CVE-2017-14373 03 Nov 2017 6.1 (v3) Medium Pass OpenSSL 0.9.8 < 0.9.8zc Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 17 Oct 2014 4.3 (v2) Medium Pass Sun Java System Web Server ::$DATA Extension Request JSP Resource Disclosure CVE-2009-2445 07 Jul 2009 5 (v2) Medium Pass FCKeditor.Java Connector Servlet 'CurrentFolder' Inﬁnite Loop DoS CVE-2009-4875 20 Jul 2009 5 (v2) Medium Pass Alibaba Web Server 2.0 HTTP Request Overﬂow DoS CVE-2000-0626 29 Oct 1999 9.3 (v2) High Pass O'Reilly WebSite win-c-sample Remote Overﬂow CVE-1999-0178 22 Jun 1999 7.5 (v2) High Pass Cisco Content Security Management Appliance Privilege Escalation Vulnerability CVE-2018-0095 26 Jan 2018 7.8 (v3) High Pass RPC bootparamd Service Information Disclosure (Deprecated) 30 Aug 1999 5 (v2) Medium Pass CDK Backdoor Detection 20 Feb 2000 10 (v2) Critical Pass CERN httpd Virtual Web Path Disclosure CVE-2000-0079 20 Jan 2000 5 (v2) Medium Pass AltaVista Intranet Search CGI query Traversal Arbitrary File Access CVE-2000-0039 09 Jan 2000 5 (v2) Medium Pass F5 BIG/ip bigconf.cgi ﬁle Parameter Arbitrary File Access CVE-1999-1550 10 Nov 1999 7.5 (v2) High Pass BFTelnet Username Handling Remote Overﬂow DoS CVE-1999-0904 04 Nov 1999 10 (v2) Critical Pass VMware vRealize Operations Manager ver 6.x < 6.40 Suite API CollectorHttpRelayController RelayRequest Object DiskFileItem Deserialization DoSCVE-2016-7462 01 Dec 2016 8.5 (v3) High Pass Check Point FireWall-1 Identiﬁcation 27 Jul 1999 5 (v2) Medium Pass DeleGate Multiple Function Remote Overﬂows CVE-2000-0165 14 Nov 1999 10 (v2) Critical Pass Eserv GET Request Traversal Arbitrary File Access CVE-1999-1509 05 Nov 1999 5 (v2) Medium Pass Alcatel PABX 4400 Detection 08 Jun 2002 None Pass FakeBO NetBus Handling Code Remote Overﬂow 22 Jun 1999 7.5 (v2) High Pass Finger Service Remote Information Disclosure CVE-1999-0612 22 Jun 1999 5 (v2) Medium Pass Finger 0@host Unused Account Disclosure CVE-1999-0197 22 Jun 1999 5 (v2) Medium Pass Finger .@host Unused Account Disclosure CVE-1999-0198 22 Jun 1999 5 (v2) Medium Pass EZShopper Multiple Directory Traversal Vulnerabilities CVE-2000-0187 CVE-2000-0188 28 Feb 2000 5 (v2) Medium Pass HylaFAX faxsurvey Arbitrary Command Execution CVE-1999-0262 22 Jun 1999 7.5 (v2) High Pass Matthew Wright FormMail CGI (formmail.cgi) Arbitrary Mail Relay CVE-1999-0172 01 Dec 1999 7.5 (v2) High Pass Linux FTP Server Backdoor Detection CVE-1999-0452 22 Jun 1999 9.8 (v3) Critical Pass Anonymous FTP Writable root Directory CVE-1999-0527 22 Jun 1999 9.8 (v3) Critical Pass Apache 2.2.x < 2.2.15 Multiple Vulnerabilities CVE-2007-6750 CVE-2009-3555 CVE-2010-0408 CVE-2010-0425 CVE-2010-0434 20 Oct 2010 9.8 (v3) Critical Pass FTPd CWD Command Account Enumeration 12 Nov 1999 5 (v2) Medium Pass FTPGate Web Proxy Traversal Arbitrary File Access 05 Nov 1999 5 (v2) Medium Pass WU-FTPD QUOTE PASV Forced Core Dump Information Disclosure CVE-1999-0075 22 Jun 1999 6.4 (v2) Medium Pass Multiple FTP Server QUOTE CWD Command Home Path Disclosure CVE-1999-0201 22 Jun 1999 6.4 (v2) Medium Pass Anonymous FTP Enabled CVE-1999-0497 22 Jun 1999 5.3 (v3) Medium Pass IMail IMonitor Service Remote Overﬂow CVE-1999-1046 CVE-2000-0056 22 Jun 1999 7.5 (v2) High Pass SCO UnixWare i2odialogd daemon Username Authorization String Overﬂow CVE-2000-0026 22 Dec 1999 10 (v2) Critical Pass iChat Server Traversal Arbitrary File Access CVE-1999-0897 22 Jun 1999 5 (v2) Medium Pass Puppet Enterprise 2.x < 2.6.1 Session Handling Weakness CVE-2012-5158 07 Apr 2014 4 (v2) Medium Pass ht://Dig < 3.1.5 htsearch CGI Multiple Vulnerabilities CVE-1999-0978 CVE-2000-0208 03 Mar 2000 5 (v2) Medium Pass IMail IMAP Server Login Functions Remote Overﬂow CVE-1999-1557 22 Jun 1999 7.5 (v2) High Pass INN < 1.6 Multiple Vulnerabilities CVE-1999-0705 CVE-1999-0043 CVE-1999-0247 25 Aug 1999 10 (v2) Critical Pass UoW IMAP/POP server_login() Function Remote Overﬂow CVE-1999-0042 22 Jun 1999 10 (v2) Critical Pass in.ﬁngerd Pipe Input Arbitrary Command Execution CVE-1999-0152 22 Jun 1999 7.5 (v2) High Pass Microsoft IIS FTP Server NLST Command Overﬂow DoS CVE-1999-0349 22 Jun 1999 5 (v2) Medium 5

Pass Multiple Vendor info2www CGI Arbitrary Command Execution CVE-1999-0266 22 Jun 1999 10 (v2) Critical Pass MDaemon WorldClient HTTP Server URL Overﬂow DoS CVE-1999-0844 24 Nov 1999 5 (v2) Medium Pass Mini SQL w3-msql Arbitrary Directory Access (deprecated) CVE-1999-0753 08 Sep 1999 7.5 (v2) High Pass IRIX pfdispaly Arbitrary File Access CVE-1999-0270 22 Jun 1999 7.8 (v2) High Pass Lotus Notes SMTP Server HELO Command Overﬂow DoS CVE-1999-0284 22 Jun 1999 5 (v2) Medium Pass FlexCast Server Detection 07 Jun 2005 None Pass HP LaserJet Printer Unauthenticated Access CVE-1999-1061 22 Jun 1999 9 (v2) High Pass Web Server /cgi-bin Perl Interpreter Access CVE-1999-0509 22 Jun 1999 10 (v2) Critical Pass HTTP Proxy Arbitrary Site/Port Relaying 22 Jun 1999 6.8 (v2) Medium Pass Qpopper PASS Command Remote Overﬂow CVE-1999-0006 22 Jun 1999 10 (v2) Critical Pass MySQL Enterprise Monitor 4.x < 4.0.9 / 8.x < 8.0.16 Padding Oracle (Apr 2019 CPU) CVE-2019-1559 24 Jul 2020 5.9 (v3) Medium Pass Rover POP3 Server Username Remote Overﬂow CVE-2000-0060 03 Jan 2000 10 (v2) Critical Pass rexecd Service Detection CVE-1999-0618 31 Aug 1999 10 (v2) Critical Pass CDE RPC tooltalk Service Multiple Overﬂows CVE-1999-0003 CVE-1999-0693 22 Aug 1999 10 (v2) Critical Pass Multiple Mail Server EXPN/VRFY Information Disclosure 22 Jun 1999 5 (v2) Medium Pass NetCPlus SmartServer3 POP3 (NCPOPSERV.EXE) USER Command Remote Overﬂow 12 Nov 1999 10 (v2) Critical Pass Sendmail MAIL FROM Command Arbitrary Remote Command Execution CVE-1999-0203 22 Aug 1999 7.5 (v2) High Pass Sendmail RCPT TO Command Arbitrary File Overwrite 30 Aug 1999 10 (v2) Critical Pass Multiple MTA HELO Command Remote Overﬂow CVE-1999-0098 CVE-1999-1015 CVE-1999-1504 18 Aug 1999 7.5 (v2) High Pass Systat Service Remote Information Disclosure CVE-1999-0637 22 Jun 1999 5 (v2) Medium Pass Sendmail 8.6.9 IDENT Remote Overﬂow CVE-1999-0204 27 Aug 2002 9.8 (v3) Critical Pass SSH CBC/CFB Data Stream Injection CVE-1999-1085 23 Jul 1999 5.1 (v2) Medium Pass TCP/IP 'Chorusing' Windows DoS CVE-1999-1201 31 Oct 1999 5.7 (v2) Medium Pass MS00-013: Microsoft Windows Media Server Malformed Handshake Sequence DoS (253943) (intrusive check)CVE-2000-0211 28 Feb 2000 5 (v2) Medium Pass WinSATAN Backdoor Detection 04 Jan 2000 7.5 (v2) High Pass thttpd Double Slash Request Arbitrary File Access CVE-1999-1456 22 Jun 1999 5 (v2) Medium Pass UoW imapd AUTHENTICATE Command Remote Overﬂow CVE-1999-0005 22 Jun 1999 10 (v2) Critical Pass Vermillion FTPD Long CWD Commands DoS CVE-1999-1058 22 Nov 1999 5 (v2) Medium Pass Citrix Published Applications Remote Enumeration 09 Oct 2002 5 (v2) Medium Pass Microsoft Windows NT WINS Service Malformed Data DoS CVE-1999-0288 30 Aug 1999 5 (v2) Medium Pass WinGate Passwordless Default Installation CVE-1999-0291 22 Jun 1999 7.5 (v2) High Pass WindowsNT DNS Server Character Saturation DoS CVE-1999-0275 22 Jun 1999 5 (v2) Medium Pass CDomain whois_raw.cgi fqdn Parameter Arbitrary Command Execution CVE-1999-1063 22 Jun 1999 7.5 (v2) High Pass ISC BIND < 4.9.7 / 8.1.2 Inverse-Query Remote Overﬂow CVE-1999-0009 02 Apr 2002 10 (v2) Critical Pass Pocsag POC32 Remote Service Default Password (password) CVE-2000-0225 07 Mar 2000 5 (v2) Medium Pass Cayman DSL Router Unauthenticated Access CVE-1999-0508 12 Mar 2000 7.5 (v2) High Pass Kerberos klogind Remote Overﬂow CVE-2000-0389 18 May 2000 7.2 (v2) High Pass Microsoft IIS/PWS %2e Request ASP Source Disclosure CVE-1999-0253 10 Apr 2000 5 (v2) Medium Pass UoW imapd (UW-IMAP) Multiple Command Remote Overﬂows (2) CVE-2000-0284 18 Apr 2000 10 (v2) Critical Pass LCDproc < 0.4.1 screen_add Command Remote Overﬂow CVE-2000-0295 22 Apr 2000 7.5 (v2) High Pass MERCUR Mailserver Local Traversal Arbitrary File Access CVE-2000-0318 25 Apr 2000 6.5 (v2) Medium Pass Palo Alto Expedition < 1.1.13 Cross-Site Scripting Vulnerability (PAN-SA-2019-0009) CVE-2019-1574 08 Apr 2020 5.4 (v3) Medium Pass Piranha's RH6.2 default password CVE-2000-0248 25 Apr 2000 7.5 (v2) High Pass Cassandra NNTP Server Login Name Remote Overﬂow DoS CVE-2000-0341 02 May 2000 7.5 (v2) High Pass X Server Detection 12 May 2000 2.6 (v2) Low Pass spin_client.cgi Remote Overﬂow 03 May 2000 7.5 (v2) High Pass Gnapster Absolute Path Name Request Arbitrary File Access CVE-2000-0412 12 May 2000 7.5 (v2) High Pass Marcus Xenakis directory.php Execute Arbitrary Commands CVE-2002-0434 07 Jun 2002 10 (v2) Critical Pass SubSeven Trojan Detection 15 May 2000 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < Fix Pack 45 Multiple Vulnerabilities CVE-2012-2170 CVE-2012-2190 CVE-2012-2191 CVE-2012-3293 CVE-2012-3304 CVE-2012-3305 CVE-2012-3306 CVE-2012-3311 CVE-2012-332502 Oct 2012 6.8 (v2) Medium Pass Rockliﬀe MailSite Management Agent wconsole.dll GET Request Overﬂow CVE-2000-0398 25 May 2000 7.8 (v2) High Pass Qpopper EUIDL Arbitrary Command Execution CVE-2000-0320 27 May 2000 6.5 (v2) Medium Pass NAI WebShield SMTP GET_CONFIG Information Disclosure CVE-2000-0448 27 May 2000 5 (v2) Medium Pass Imate SMTP Server HELO Command Remote Overﬂow DoS CVE-2000-0507 06 Jun 2000 5 (v2) Medium Pass Sambar Server /sysadmin Default Accounts 25 May 2000 7.5 (v2) High Pass INN < 2.2.3 verifycancels Option Cancel Request Message Overﬂow CVE-2000-0472 07 Jun 2000 3.6 (v2) Low Pass WU-FTPD site_exec() Function Remote Format String CVE-2000-0573 27 Jun 2000 9.8 (v3) Critical Pass vpopmail vchkpw USER/PASS Command Format String CVE-2000-0583 15 Jul 2000 5 (v2) Medium Pass ipop2d fold Command Arbitrary File Access 02 Aug 2000 5 (v2) Medium Pass Zope < 2.1.7 DocumentTemplate Unauthorized DTML Entity Modiﬁcation CVE-2000-0483 22 Jun 2000 7.5 (v2) High Pass Snare Agent for Linux < 1.7.0 / 2.0.0 Multiple Vulnerabilities CVE-2011-5247 CVE-2011-5249 CVE-2011-5250 24 Dec 2012 4.3 (v2) Medium Pass Big Brother bb-hostsvc.sh 'HOSTSVC' Parameter Traversal Arbitrary File Access CVE-2000-0638 12 Jul 2000 5 (v2) Medium Pass Poll It CGI data_dir Parameter Arbitrary File Access CVE-2000-0590 12 Jul 2000 7.5 (v2) High Pass Apache Tomcat contextAdmin Arbitrary File Access CVE-2000-0672 22 Jul 2000 7.5 (v3) High Pass Multiple Web Server ~nobody/ Request Arbitrary File Access 01 Aug 2000 5 (v2) Medium Pass MiniVend view_page.html Shell Metacharacter Arbitrary Command Execution CVE-2000-0635 16 Jul 2000 7.5 (v2) High Pass Apache Tomcat Snoop Servlet Remote Information Disclosure CVE-2000-0760 22 Jul 2000 5.3 (v3) Medium Pass WebActive HTTP Server active.log Remote Information Disclosure CVE-2000-0642 16 Jul 2000 5 (v2) Medium Pass Roxen Web Server /%00/ Encoded Request Forced Directory Listing CVE-2000-0671 22 Jul 2000 5 (v2) Medium Pass bftpd NLST Command Output Format String 11 Dec 2000 7.3 (v3) High Pass Juniper Junos Connectionless Network Protocol (CLNP) Packet Handling Unspeciﬁed Remote Code Execution / DoS (JSA10844)CVE-2018-0016 20 Apr 2018 9.8 (v3) Critical Pass Apache WebDAV Module PROPFIND Arbitrary Directory Listing CVE-2000-0869 08 Sep 2000 5 (v2) Medium Pass Symantec (Blue Coat) Reporter UI Information Disclosure Vulnerability (SYMSA1489) CVE-2019-12753 30 Aug 2019 4.9 (v3) Medium Pass Simple Web Counter swc ctr Parameter Remote Overﬂow 24 Aug 2000 7.5 (v2) High Pass htgrep hdr Parameter Arbitrary File access CVE-2000-0832 24 Aug 2000 5 (v2) Medium Pass Juniper Junos VPLS Routing MPLS Packet Handling mbuf Exhaustion Remote DoS (JSA10845) CVE-2018-0017 20 Apr 2018 7.5 (v3) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 5 Multiple Vulnerabilities CVE-2012-3304 CVE-2012-3305 CVE-2012-3306 CVE-2012-3311 CVE-2012-3325 CVE-2012-3330 31 Jan 2013 6.8 (v2) Medium Pass Boa Web Server Traversal Arbtirary File Access/Execution CVE-2000-0920 06 Oct 2000 5 (v2) Medium Pass Nortel Networks Router Unpassworded Account (manager Level) 06 Oct 2000 7.8 (v2) High Pass Nortel Networks Router Unpassworded Account (User Level) 06 Oct 2000 7.8 (v2) High Pass Extent RBS Web Server Image Parameter Traversal Arbitrary File Access CVE-2000-1036 26 Sep 2000 5 (v2) Medium Pass Cisco PIX Firewall Mailguard Feature SMTP Content Filter Bypass CVE-2000-1022 04 Oct 2000 7.3 (v3) High Pass FreeBSD 4.1.1 Finger Arbitrary Remote File Access CVE-2000-0915 14 Oct 2000 7.8 (v2) High Pass eXtropia Web Store web_store.cgi Traversal Arbitrary File Access CVE-2000-1005 10 Oct 2000 5 (v2) Medium Pass CGIForum cgiforum.pl thesection Parameter Traversal Arbitrary File Access CVE-2000-1171 20 Nov 2000 5 (v2) Medium Pass KW Whois CGI whois Parameter Arbitrary Command Execution CVE-2000-0941 29 Nov 2002 7.5 (v2) High Pass Juniper Junos SNMP MIB-II Subagent Daemon (mib2d) Unspeciﬁed Remote DoS (JSA10847) CVE-2018-0019 20 Apr 2018 5.3 (v3) Medium Pass Microsoft Windows LAN Manager SNMP LanMan Users Disclosure CVE-1999-0499 10 Nov 2000 5.3 (v3) Medium Pass Microsoft Windows LAN Manager SNMP LanMan Shares Disclosure CVE-1999-0499 10 Nov 2000 5.3 (v3) Medium Pass XMail APOP / USER Command Remote Overﬂow CVE-2000-0840 CVE-2000-0841 28 Nov 2000 10 (v2) Critical Pass Serv-U CD Command Encoded Traversal Arbitrary File/Directory Access CVE-2001-0054 06 Dec 2000 5 (v2) Medium Pass Cisco 600 Series Router HTTP GET DoS (cisco-sa-20001204-cbos) CVE-2001-0058 29 Nov 2000 5.4 (v2) Medium Pass Cisco NX-OS DHCPv4 Crafted Packet DoS (cisco-sa-20161005-dhcp1) CVE-2015-6392 22 Nov 2016 7.5 (v3) High Pass Juniper Junos Short MacSec Keys Conﬁguration CKN / CAK Key Extension Brute-force Mitm Spooﬁng (JSA10854)CVE-2018-0021 20 Apr 2018 8.8 (v3) High Pass tinyProxy Long Connect Request Overﬂow CVE-2001-0129 19 Jan 2001 5 (v2) Medium Pass Juniper Junos VPLS Routing MPLS Packet Handling mbuf Exhaustion Remote DoS (JSA10855) CVE-2018-0022 20 Apr 2018 7.5 (v3) High Pass News Desk newsdesk.cgi t Parameter Traversal Arbitrary File Access CVE-2001-0231 04 Jan 2001 5 (v2) Medium Pass popper_mod PHP Administration Script Authentication Bypass CVE-2002-0513 09 Mar 2003 7.5 (v2) High Pass OpenSSH 2.3.1 SSHv2 Public Key Authentication Bypass CVE-2001-1585 09 Feb 2001 9.3 (v2) High Pass iWeb Hyperseek 2000 hsx.cgi show Parameter Traversal Arbitrary File Read CVE-2001-0253 29 Jan 2001 5 (v2) Medium Pass Allaire JRun Crafted Request Forced Directory Listing CVE-2000-1050 29 Jan 2001 5 (v2) Medium Pass Commerce.CGI Shopping Cart commerce.cgi page Parameter Traversal Arbitrary File Access CVE-2001-0210 13 Feb 2001 5 (v2) Medium Pass WebSPIRS webspirs.cgi Traversal Arbitrary File Access CVE-2001-0211 17 Feb 2001 5 (v2) Medium Pass W3.org Anaya Web sendtemp.pl 'templ' Parameter Traversal Arbitrary File Access CVE-2001-0272 15 Feb 2001 7.8 (v2) High Pass Savant Web Server Multiple Percent Request Remote DoS 13 Mar 2001 5 (v2) Medium Pass Oracle XSQL query.xsql sql Parameter SQL Injection CVE-2002-1631 15 Feb 2001 5 (v2) Medium Pass Solaris FTP Daemon CWD Command Account Enumeration 16 Apr 2001 5.3 (v3) Medium Pass BSD Based FTP Server Multiple glob Function Remote Overﬂow CVE-2001-0247 16 Apr 2001 9.8 (v3) Critical Pass Thinking Arts ES.One store.cgi StartID Parameter Traversal Arbitrary File Access CVE-2001-0305 25 Mar 2001 7.5 (v2) High Pass Ananconda Partners Clipper anacondaclip.pl Traversal Arbitrary File Access CVE-2001-0593 28 Mar 2001 5 (v2) Medium Pass DHCP Server Detection 05 May 2001 3.3 (v2) Low Pass Solaris snmpXdmid Long Indication Event Overﬂow (ELVISCICADA) CVE-2001-0236 03 May 2001 9.8 (v3) Critical 6

Pass IBM WebSphere Application Server 8.0 < Fix Pack 6 Multiple Vulnerabilities CVE-2012-4853 CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 CVE-2013-0458 CVE-2013-0459 CVE-2013-0461 CVE-2013-0462 CVE-2013-0482 CVE-2013-0541 CVE-2013-0542 CVE-2013-0543 CVE-2013-054410 May 2013 10 (v2) Critical Pass Apache mod_status /server-status Information Disclosure 28 May 2001 5.3 (v3) Medium Pass Apache mod_info /server-info Information Disclosure 28 May 2001 5.3 (v3) Medium Pass Web Server HTTP POST Method Handling Remote Overﬂow DoS 15 Jun 2001 9.3 (v2) High Pass PerlCal cal_make.pl p0 Parameter Traversal Arbitrary File Read CVE-2001-0463 10 May 2001 7.8 (v2) High Pass Netscape Enterprise Server Long Traversal Request Remote DoS CVE-2001-0252 15 Jun 2001 5 (v2) Medium Pass SSH 3.0.0 Locked Account Remote Authentication Bypass CVE-2001-0553 21 Jul 2001 5.1 (v2) Medium Pass SimpleServer:WWW Encoded Traversal Arbitrary Command Execution CVE-2001-1586 17 Jul 2001 10 (v2) Critical Pass BroadVision One-To-One Enterprise Nonexistent JSP Request Path Disclosure CVE-2001-0031 15 Jun 2001 5 (v2) Medium Pass Juniper Junos Security Bypass Stateless Firewall Deactivation (JSA10859) CVE-2018-0026 20 Jul 2018 4.7 (v3) Medium Pass Cisco IOS HTTP Conﬁguration Unauthorized Administrative Access CVE-2001-0537 02 Jul 2001 9.3 (v2) High Pass Palo Alto Networks PAN-OS 6.1.21 and earlier / 7.1.x < 7.1.19 / 8.0.x < 8.0.12 / 8.1.x < 8.1.3 Multiple VulnerabilitiesCVE-2018-10139 CVE-2018-10140 28 Aug 2018 6.1 (v3) Medium Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0001) (remote check) CVE-2009-0689 CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 CVE-2009-3274 CVE-2009-3370 CVE-2009-3372 CVE-2009-3373 CVE-2009-3374 CVE-2009-3375 CVE-2009-3376 CVE-2009-3380 CVE-2009-338208 Mar 2016 10 (v2) Critical Pass Sambar Server pagecount CGI Traversal Arbitrary File Overwrite CVE-2001-1010 29 Jul 2001 5 (v2) Medium Pass BEA WebLogic Hex Encoded Request JSP Source Disclosure 13 Aug 2001 5 (v2) Medium Pass Cisco Small Business RV Series Router Unsupported Detection 12 Apr 2021 9.8 (v3) Critical Pass MS01-035: Microsoft IIS FrontPage fp30reg.dll Remote Overﬂow (uncredentialed check) CVE-2001-0341 26 Jun 2001 7.5 (v2) High Pass NetCode NC Book book.cgi current Parameter Arbitrary Command Execution CVE-2001-1114 13 Aug 2001 7.5 (v2) High Pass SuSE Support Data Base sbsearch.cgi Arbitrary Command Execution CVE-2001-1130 13 Aug 2001 7.5 (v2) High Pass SIX-webboard generate.cgi 'content' Parameter Traversal Arbitrary File Access CVE-2001-1115 13 Aug 2001 5 (v2) Medium Pass SHOUTcast Server User-Agent / Host Header DoS CVE-2001-1304 13 Aug 2001 5 (v2) Medium Pass Apache Auth Module SQL Injection CVE-2001-1379 07 Sep 2001 7.3 (v3) High Pass 3Com Superstack 3 Switch Multiple Default Accounts CVE-1999-0508 29 Aug 2001 7.5 (v2) High Pass Zope < 2.3.3 ZClass Permission Mapping Modiﬁcation Local Privilege Escalation CVE-2001-0567 28 Sep 2001 4.6 (v2) Medium Pass Tripwire for Webpages Installation Disclosure 29 Aug 2001 5 (v2) Medium Pass Motorola Vanguard with No Password (telnet check) CVE-1999-0508 22 Jan 2003 10 (v2) Critical Pass Solaris in.ﬁngerd Unused Accounts Disclosure CVE-2001-1503 22 Oct 2001 5 (v2) Medium Pass FTGate4 IMAP EXAMINE Command Remote Overﬂow CVE-2005-3640 17 Nov 2005 10 (v2) Critical Pass Cisco TelePresence Codecs DoS CVE-2011-2577 24 Jul 2013 7.8 (v2) High Pass Network Solutions Rwhoisd Syslog Remote Format String CVE-2001-0913 25 Nov 2001 7.5 (v2) High Pass Multiple Linux rpc.mountd Remote Overﬂow CVE-1999-0002 12 Mar 2003 10 (v2) Critical Pass Multiple Vendor FTPD on Windows Floppy Request CPU Consumption DoS 06 Dec 2001 5 (v2) Medium Pass ColdFusion Debug Mode Information Disclosure 07 Nov 2001 5 (v2) Medium Pass Webalizer < 2.01-09 Multiple XSS CVE-2001-0835 03 Dec 2001 4.3 (v2) Medium Pass Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution CVE-2001-0871 03 Dec 2001 7.5 (v2) High Pass Horde Imp Webmail status.php3 message Parameter XSS CVE-2001-0857 10 Nov 2001 7.5 (v2) High Pass Interactive Story story.pl next Parameter Traversal Arbitrary File Access CVE-2001-0804 03 Dec 2001 7.8 (v2) High Pass SSH Protocol Version 1 Session Key Retrieval CVE-2001-0361 CVE-2001-0572 CVE-2001-1473 06 Mar 2002 7.5 (v2) High Pass ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check) CVE-2017-4904 CVE-2017-4905 31 Mar 2017 8.8 (v3) High Pass memcached No Newline Memory Consumption DoS CVE-2010-1152 20 Apr 2010 5 (v2) Medium Pass SilverStream Directory Listing 06 Feb 2002 5 (v2) Medium Pass Oracle 9iAS mod_plsql DAD Admin Interface Access CVE-2000-1235 07 Feb 2002 5 (v2) Medium Pass FAQManager 'faqmanager.cgi' 'toc' Parameter Arbitrary File Access CVE-2002-2033 25 Jan 2002 5 (v2) Medium Pass Microsoft ASP.NET Malformed File Request Path Disclosure 05 Feb 2002 5 (v2) Medium Pass SilverStream Database Structure Disclosure 06 Feb 2002 5 (v2) Medium Pass MPEi/X Default FTP Accounts CVE-1999-0502 05 Jun 2002 10 (v2) Critical Pass Altiris Deployment Solution Server < 6.9 SP4 DBManager DoS (SYM10-007) CVE-2010-0109 21 Apr 2010 3.3 (v2) Low Pass SSH Protocol Versions Supported 06 Mar 2002 None Pass X Display Manager Control Protocol (XDMCP) Detection 13 Mar 2002 4.3 (v2) Medium Pass Multiple Vulnerabilities in Cisco Uniﬁed Computing System (cisco-sa-20130424-ucsmulti) CVE-2013-1182 CVE-2013-1183 CVE-2013-1184 CVE-2013-1185 CVE-2013-1186 17 Sep 2013 10 (v2) Critical Pass Microsoft IIS ASP ISAPI Filter Multiple Overﬂows CVE-2002-0079 CVE-2002-0147 CVE-2002-0149 10 Apr 2002 7.5 (v2) High Pass Windows 98 FTP MS/DOS Device Name Request DoS 29 Mar 2002 7.5 (v3) High Pass EFTP .lnk File Handling Remote Overﬂow CVE-2001-1112 29 Mar 2002 10 (v2) Critical Pass Squid FTP URL Special Character Handling Remote Overﬂow CVE-2002-0068 27 Mar 2002 7.5 (v2) High Pass lighttpd < 1.3.8 Null Byte Request CGI Script Source Code Disclosure CVE-2005-0453 16 Feb 2005 5.3 (v3) Medium Pass Trend Micro Control Manager cgiShowClientAdm Security Bypass 28 Apr 2017 7.3 (v3) High Pass ServletExec 4.1 / JRun ISAPI Multiple DoS CVE-2002-0894 CVE-2000-0681 22 May 2002 10 (v2) Critical Pass Apple iTunes < 10.2 Multiple Vulnerabilities (uncredentialed check) CVE-2010-1205 CVE-2010-1824 CVE-2010-2249 CVE-2010-4008 CVE-2010-4494 CVE-2011-0111 CVE-2011-0112 CVE-2011-0113 CVE-2011-0114 CVE-2011-0115 CVE-2011-0116 CVE-2011-0117 CVE-2011-0118 CVE-2011-0119 CVE-2011-0120 CVE-2011-0121 CVE-2011-0122 CVE-2011-0123 CVE-2011-0124 CVE-2011-0125 CVE-2011-0126 CVE-2011-0127 CVE-2011-0128 CVE-2011-0129 CVE-2011-0130 CVE-2011-0131 CVE-2011-0132 CVE-2011-0133 CVE-2011-0134 CVE-2011-0135 CVE-2011-0136 CVE-2011-0137 CVE-2011-0138 CVE-2011-0139 CVE-2011-0140 CVE-2011-0141 CVE-2011-0142 CVE-2011-0143 CVE-2011-0144 CVE-2011-0145 CVE-2011-0146 CVE-2011-0147 CVE-2011-0148 CVE-2011-0149 CVE-2011-0150 CVE-2011-0151 CVE-2011-0152 CVE-2011-0153 CVE-2011-0154 CVE-2011-0155 CVE-2011-0156 CVE-2011-0164 CVE-2011-0165 CVE-2011-0168 CVE-2011-0170 CVE-2011-0191 CVE-2011-019203 Mar 2011 9.3 (v2) High Pass IBM WebSphere Application Server 6.1 < 6.1.0.37 Multiple Vulnerabilities CVE-2011-1308 CVE-2011-1321 CVE-2011-1322 CVE-2011-1683 18 Apr 2011 6.8 (v2) Medium Pass PHP 5.3 < 5.3.6 Multiple Vulnerabilities CVE-2011-0421 CVE-2011-0708 CVE-2011-1092 CVE-2011-1153 CVE-2011-1464 CVE-2011-1466 CVE-2011-1467 CVE-2011-1468 CVE-2011-1469 CVE-2011-147018 Mar 2011 7.5 (v2) High Pass IBM WebSphere Application Server 6.1 < 6.1.0.41 Multiple Vulnerabilities CVE-2011-1359 CVE-2011-1362 CVE-2011-1377 CVE-2011-3192 CVE-2011-5065 CVE-2011-5066 19 Jan 2012 10 (v2) Critical Pass Linksys Router Default Password CVE-1999-0508 05 Jun 2002 10 (v2) Critical Pass ActivePerl ﬁndtar Sample Script Remote Command Execution 08 Jun 2002 10 (v2) Critical Pass Xerver Web Server < 2.20 Crafted C:/ Request Remote DoS CVE-2002-0448 07 Jun 2002 5 (v2) Medium Pass ISC BIND < 9.2.1 rdataset Parameter Malformed DNS Packet DoS CVE-2002-0400 22 Jul 2002 7.8 (v2) High Pass Beanstalkd < 1.4.6 Remote Beanstalkd Command Injection CVE-2010-2060 14 Jun 2010 7.5 (v2) High Pass RemoteNC Backdoor Detection 29 Sep 2003 10 (v2) Critical Pass Microsoft Windows SMB Service Detection 05 Jun 2002 None Pass Wireless Access Point Detection 09 Jun 2002 None Pass HTTP Reverse Proxy Detection (Deprecated) CVE-2004-2320 CVE-2005-3398 CVE-2005-3498 CVE-2007-3008 02 Jul 2002 5.4 (v3) Medium Pass iPlanet Search Engine search CGI Arbitrary File Access CVE-2002-1042 10 Jul 2002 5 (v2) Medium Pass Resin MS-DOS Device Request Path Disclosure CVE-2002-2090 17 Jul 2002 5 (v2) Medium Pass MS10-012: Vulnerabilities in SMB Could Allow Remote Code Execution (971468) (uncredentialed check) CVE-2010-0020 CVE-2010-0021 CVE-2010-0022 CVE-2010-0231 13 Sep 2010 10 (v2) Critical Pass Sun AnswerBook2 Web Server dwhttpd GET Request Remote Format String 14 Aug 2002 10 (v2) Critical Pass RPC rusers Remote Information Disclosure CVE-1999-0626 03 Aug 2002 5 (v2) Medium Pass Trend Micro OﬃceScan tmlisten.exe Malformed Data Remote DoS CVE-2000-0203 03 Aug 2002 5 (v2) Medium Pass BadBlue Malformed GET Request Remote DoS CVE-2002-1023 06 Aug 2002 5 (v2) Medium Pass Apache Tomcat DOS Device Name XSS 10 Jul 2002 4.3 (v2) Medium Pass MySQL < 4.0.21 mysqlhotcopy Insecure Temporary File Creation CVE-2004-0457 23 Aug 2004 4.6 (v2) Medium Pass Web Server HTTP Header Memory Exhaustion DoS 18 Aug 2002 7.8 (v2) High Pass Sendmail -C Malformed Conﬁguration Privilege Escalation CVE-2001-0713 18 Aug 2002 5.9 (v3) Medium Pass Pi3Web < 2.0.1 CGI Handler Long Parameter Handling Overﬂow CVE-2002-0142 22 Aug 2002 5 (v2) Medium Pass Apache <= 2.0.39 Win32 Crafted Traversal Arbitrary File Access CVE-2002-0661 18 Aug 2002 7.3 (v3) High Pass WS_FTP Multiple Command Long Argument Overﬂow CVE-2001-1021 21 Aug 2002 10 (v2) Critical Pass Network UPS Tools < 2.6.4 addchar() Function Buﬀer Overﬂow CVE-2012-2944 22 Jun 2012 7.5 (v2) High Pass Canna SR_INIT Command Remote Overﬂow CVE-2000-0584 29 Aug 2002 7.5 (v2) High Pass Directory Manager edit_image.php Arbitrary Command Execution CVE-2001-1020 22 Aug 2002 7.5 (v2) High Pass xtelw Detection 13 Sep 2002 None Pass xtel Detection 13 Sep 2002 None Pass Radmin (Remote Administrator) Port 4899 Detection 15 Sep 2002 None Pass mldonkey Detection (telnet check) 17 Sep 2002 None Pass Mountain Network Systems webcart.cgi Arbitrary Command Execution CVE-2001-1502 21 Aug 2002 7.5 (v2) High Pass Palo Alto Networks PAN-OS < 6.1 / 7.x < 7.1 / 8.1.x < 8.1.4 Cross-Site Scripting Vulnerability (PAN-SA-2018-0014)CVE-2018-10141 14 Mar 2019 6.1 (v3) Medium Pass AnalogX Proxy SOCKS4a DNS Hostname Handling Remote Overﬂow CVE-2002-1001 21 Sep 2002 10 (v2) Critical Pass ISC BIND named SIG Resource Server Response RR Overﬂow CVE-2002-1219 12 Nov 2002 10 (v2) Critical Pass IBM WebSphere Edge Caching Proxy DoS CVE-2002-1169 25 Nov 2002 5 (v2) Medium Pass LiteServe HTTP Service Malformed URL Decoding Remote DoS 18 Nov 2002 5 (v2) Medium Pass Service Detection (HELP Request) 18 Nov 2002 None Pass Unknown Service Detection: Banner Retrieval 18 Nov 2002 None Pass IRC Daemon Version Detection 19 Nov 2002 None Pass Webserver 4D Plaintext Password Storage CVE-2002-1521 26 Oct 2002 2.1 (v2) Low Pass Savant Web Server cgitest.exe Overﬂow CVE-2002-2146 27 Nov 2002 7.5 (v2) High Pass Windows FTP Server NULL Administrator Password 21 Nov 2002 10 (v2) Critical Pass KeyFocus (KF) Web Server Null Byte Request Restricted File / Directory Access 25 Nov 2002 5 (v2) Medium Pass Samba Encrypted Password String Conversion Decryption Overﬂow CVE-2002-1318 25 Nov 2002 10 (v2) Critical Pass SWS Web Server Unﬁnished Line Remote DoS CVE-2002-2370 27 Nov 2002 5 (v2) Medium Pass myEvent Multiple Remote Vulnerabilities CVE-2006-1890 CVE-2006-1907 CVE-2006-1908 21 Apr 2006 7.5 (v2) High Pass 4553 Parasite Mothership Backdoor Detection 03 Dec 2002 10 (v2) Critical Pass phpPgAdmin sql.php goto Parameter Traversal Arbitrary File Access CVE-2001-0479 04 Sep 2002 5 (v2) Medium Pass Cyrus IMAP Server login Command Remote Overﬂow 20 Dec 2002 7.5 (v2) High Pass WebServer 4 Everyone Host Field Header Buﬀer Overﬂow CVE-2002-1941 25 Nov 2002 5 (v2) Medium Pass 3Com NBX ftpd CEL Command Remote Overﬂow (1) CVE-2002-2300 02 Dec 2002 7.5 (v2) High 7

Pass X Font Service Crafted XFS Query Remote Overﬂow CVE-2002-1317 04 Dec 2002 7.5 (v2) High Pass BitKeeper Daemon Mode diﬀ Shell Command Injection 16 Jan 2003 7.5 (v2) High Pass PlatinumFTPServer Multiple Vulnerabilities 18 Jan 2003 7.5 (v2) High Pass DB4Web Server db4web_c Filename Request Traversal Arbitrary File Access CVE-2002-1483 02 Dec 2002 5 (v2) Medium Pass WarFTPd CWD/MKD Command Overﬂow CVE-2000-0131 22 Jan 2003 4 (v2) Medium Pass IBM WebSphere HTTP Request Header Remote Overﬂow CVE-2002-1153 02 Dec 2002 5 (v2) Medium Pass Apache 2.2.x < 2.2.16 Multiple Vulnerabilities CVE-2010-1452 CVE-2010-2068 30 Jul 2010 5.3 (v3) Medium Pass Tomcat /status Information Disclosure 03 Feb 2003 6.5 (v3) Medium Pass WarFTPd USER/PASS Command Remote Overﬂow CVE-1999-0256 22 Jan 2003 7.5 (v2) High Pass RPC nibindd Service Detection 19 Oct 2003 5 (v2) Medium Pass Netscape / iPlanet .perf Remote Information Disclosure 06 Feb 2003 5 (v2) Medium Pass HTTP TRACE / TRACK Methods Allowed CVE-2003-1567 CVE-2004-2320 CVE-2010-0386 23 Jan 2003 5.3 (v3) Medium Pass LiteSpeed Web Server Source Code Information Disclosure CVE-2010-2333 04 Aug 2010 5 (v2) Medium Pass Web Server info.php / phpinfo.php Detection 12 Feb 2003 5.3 (v3) Medium Pass Stronghold swish Search Script Information Disclosure 12 Feb 2003 5 (v2) Medium Pass MS02-061: Microsoft SQL Server Multiple Vulnerabilities (uncredentialed check) CVE-2002-1137 CVE-2002-1138 CVE-2002-0649 CVE-2002-0650 CVE-2002-1145 CVE-2002-0644 CVE-2002-0645 CVE-2002-0721 25 Jan 2003 10 (v2) Critical Pass IBM WebSphere Application Server < 6.1.0.27 Multiple Vulnerabilities CVE-2009-0023 CVE-2009-1955 CVE-2009-1956 CVE-2009-2091 CVE-2009-2742 CVE-2009-2743 CVE-2009-2744 CVE-2009-3106 23 Sep 2009 5 (v2) Medium Pass Unpassworded 'root' Account CVE-1999-0502 CVE-2019-5021 20 Feb 2003 9.8 (v3) Critical Pass leafnode Cross-Posted Article Group Name Preﬁx DoS CVE-2002-1661 27 Oct 2009 5 (v2) Medium Pass ClarkConnect Linux clarkconnectd Remote Information Disclosure CVE-2003-1379 28 Feb 2003 5 (v2) Medium Pass CuteNews Multiple Script cutepath Parameter Arbitrary Command Execution CVE-2003-1240 28 Feb 2003 8.3 (v3) High Pass Cisco Catalyst Switches Embedded HTTP Server Long HTTP Request DoS (CSCdy26428) CVE-2002-1222 28 Feb 2003 7.5 (v3) High Pass Cisco VPN 3000 Concentrator PPTP/IPSEC Group Credential Authentication Bypass (CSCdv66718) CVE-2002-1092 01 Mar 2003 7.5 (v2) High Pass Cisco VPN 3000 Concentrator HTML Source Plaintext User Password Disclosure (CSCdv88230, CSCdw22408)CVE-2002-1096 01 Mar 2003 7.5 (v2) High Pass Cisco VPN 3000 Concentrator Multiple Vulnerabilities (CSCdx07754, CSCdx24622, CSCdx24632) CVE-2002-1100 CVE-2002-1098 01 Mar 2003 7.5 (v2) High Pass Cisco VPN 3000 Concentrator Certiﬁcate Management Page HTML Source Certiﬁcate Password DisclosurCVE-2002-1097e (CSCdw50657) 01 Mar 2003 7.5 (v2) High Pass WihPhoto sendphoto.php Traversal Arbitrary File Access CVE-2003-1239 27 Feb 2003 5 (v2) Medium Pass Usermin 'miniserv.pl' Base-64 String Metacharacter Handling Session Spooﬁng CVE-2003-0101 28 Feb 2003 7.5 (v2) High Pass Microsoft Windows SMTP Service NTLM Null Session Authorization Bypass (uncredentialed check) CVE-2002-0054 02 Mar 2003 6.4 (v2) Medium Pass Juniper Junos SRX crafted packets destined to fxp0 denial of service (JSA10927) CVE-2019-0038 19 Apr 2019 6.5 (v3) Medium Pass ISC BIND < 9.2.2 DNS Resolver Functions Remote Overﬂow CVE-2002-0684 04 Mar 2003 10 (v2) Critical Pass ISC BIND Dynamic Updates Unauthorized Resource Record Manipulation 04 Mar 2003 5 (v2) Medium Pass sshd scp Traversal Arbitrary File Overwrite CVE-2000-0992 10 Mar 2003 5 (v2) Medium Pass SSH1 SSH Daemon Logging Failure CVE-2001-0471 10 Mar 2003 7.1 (v2) High Pass WordPress Plugin 'LifterLMS' < 3.37.15 Arbitrary File Write CVE-2020-6008 30 Apr 2020 9.8 (v3) Critical Pass OpenSSH Client Unauthorized X11 Remote Forwarding CVE-2000-1169 10 Mar 2003 7.5 (v2) High Pass Sendmail < 8.6.8 -debug Local Privilege Escalation CVE-1999-1309 11 Mar 2003 8.4 (v3) High Pass SimpleBBS users disclosure 10 Mar 2003 5 (v2) Medium Pass Sendmail < 8.8.4 Group Write File Hardlink Privilege Escalation CVE-1999-0129 11 Mar 2003 5.9 (v3) Medium Pass NFS Exported Share Information Disclosure CVE-1999-0170 CVE-1999-0211 CVE-1999-0554 12 Mar 2003 10 (v2) Critical Pass FreeBSD 2.x lpd Long DNS Hostname Overﬂow CVE-1999-0299 12 Mar 2003 7.5 (v2) High Pass AIX lpd Multiple Functions Remote Overﬂow CVE-2001-0671 12 Mar 2003 10 (v2) Critical Pass Multiple Vendor NFS CD Command Arbitrary File/Directory Access CVE-1999-0166 12 Mar 2003 5 (v2) Medium Pass Sendmail < 8.9.3 Header Prescan Function Message Header DoS CVE-1999-0393 11 Mar 2003 5.3 (v3) Medium Pass NFS Predictable Filehandles Filesystem Access CVE-1999-0167 12 Mar 2003 4.6 (v2) Medium Pass Irix Performance Copilot Service Information Disclosure CVE-2000-0283 CVE-2000-1193 13 Mar 2003 6.4 (v2) Medium Pass CVS pserver Brute Force Access 14 Mar 2003 7.5 (v2) High Pass HP-UX ftpd glob() Expansion STAT Buﬀer Overﬂow CVE-2001-0248 13 Mar 2003 9.8 (v3) Critical Pass SunFTP Multiple Command Traversal Arbitrary File Creation/Deletion CVE-2001-0283 13 Mar 2003 7.8 (v2) High Pass Simple File Manager Directory / Filename XSS CVE-2003-1539 12 Mar 2003 4.3 (v2) Medium Pass Microsoft IIS fpcount.exe CGI Remote Overﬂow CVE-1999-1376 13 Mar 2003 7.5 (v2) High Pass Samba TNG < 0.3.1 Multiple Remote Vulnerabilities CVE-2003-0085 22 Mar 2003 10 (v2) Critical Pass HP OpenView Network Node Manager Multiple Scripts hostname Parameter Remote Command ExecutionCVE-2009-3845 14 Dec 2009 10 (v2) Critical Pass Samba < 2.2.8 Multiple Vulnerabilities CVE-2003-0085 CVE-2003-0086 15 Mar 2003 10 (v2) Critical Pass Serv-U < 2.5e Multiple Vulnerabilities (OF, Path Disc) CVE-2000-0176 CVE-1999-0838 15 Mar 2003 5 (v2) Medium Pass Thunderstone Software Texis Crafted Request Information Disclosure 15 Mar 2003 5 (v2) Medium Pass smb2www Unspeciﬁed Arbitrary Remote Command Execution CVE-2002-1342 13 Mar 2003 7.5 (v2) High Pass IBM Lotus Notes Detection 17 Mar 2003 None Pass IMAP Service Banner Retrieval 18 Mar 2003 None Pass Backup Files Disclosure 17 Mar 2003 5 (v2) Medium Pass Apache 2.0.x < 2.0.43 Multiple Vulnerabilities (Log Injection, Source Disc.) CVE-2002-1156 CVE-2003-0083 17 Mar 2003 5.3 (v3) Medium Pass ProFTPD 1.2.0rc2 Malformed cwd Command Format String CVE-2001-0318 17 Mar 2003 10 (v2) Critical Pass XOOPS 1.0 RC1 Multiple Vulnerabilities CVE-2002-0216 CVE-2002-0217 CVE-2002-1802 22 Mar 2003 7.5 (v2) High Pass Mozilla Bonsai Mutiple Flaws (Auth Bypass, XSS, Cmd Exec, PD) CVE-2003-0152 CVE-2003-0153 CVE-2003-0154 CVE-2003-0155 22 Mar 2003 10 (v2) Critical Pass Microsoft Windows Administrator Default Password Detection (W32/Deloder Worm Susceptibility) 24 Mar 2003 9.8 (v3) Critical Pass Microsoft FrontPage Unpassworded Installation 04 Apr 2003 7.5 (v2) High Pass OpenWebMail < 1.90 Multiple Vulnerabilities CVE-2002-1385 CVE-2002-2410 19 Mar 2003 10 (v2) Critical Pass Mambo Site Server 4.0.10 XSS CVE-2003-1203 22 Mar 2003 4.3 (v2) Medium Pass Kebi Academy Home Page Administration ﬁle Parameter Traversal Arbitrary File Access 24 Mar 2003 7.5 (v2) High Pass SimpleChat Information Disclosure 25 Mar 2003 5 (v2) Medium Pass paFileDB paﬁledb.php Multiple Parameter SQL Injection 26 Mar 2003 7.5 (v2) High Pass eMule Malformed Data Handling Remote DoS 25 Mar 2003 5 (v2) Medium Pass WebChat XSS 25 Mar 2003 4.3 (v2) Medium Pass VChat Multiple Remote Vulnerabilities 25 Mar 2003 5 (v2) Medium Pass DCP-Portal Multiple Script Path Disclosure CVE-2002-0282 26 Mar 2003 5 (v2) Medium Pass D-Link DSL Broadband Modem SNMP Cleartext ISP Credential Disclosure 27 Mar 2003 10 (v2) Critical Pass Sambar Server Default Accounts 28 Mar 2003 7.5 (v2) High Pass PostgreSQL < 7.2.3 Multiple Vulnerabilities CVE-2002-1397 CVE-2002-1398 CVE-2002-1399 CVE-2002-1400 CVE-2002-1401 CVE-2002-1402 24 Mar 2003 6.5 (v2) Medium Pass DCP-Portal lib.php root Parameter Remote File Inclusion 26 Mar 2003 8.3 (v3) High Pass FsSniﬀer Backdoor Detection 29 Sep 2003 9.4 (v2) High Pass Sambar Server Multiple Script XSS 28 Mar 2003 4.3 (v2) Medium Pass Advanced Poll info.php Remote Information Disclosure CVE-2003-1181 27 Mar 2003 5 (v2) Medium Pass l2tpd Malformed Data Remote DoS 28 Mar 2003 5 (v2) Medium Pass Justice Guestbook 1.3 Multiple Vulnerabilities CVE-2003-1534 CVE-2003-1535 30 Mar 2003 5 (v2) Medium Pass Beanwebb's Guestbook 1.0 Multiple Vulnerabilities 30 Mar 2003 7.5 (v2) High Pass XOOPS Glossary Module glossaire-aﬀ.php lettre Parameter XSS 03 Apr 2003 4.3 (v2) Medium Pass ScozBook scozbook/add.php Multiple Parameter XSS CVE-2003-1554 CVE-2003-1555 30 Mar 2003 5 (v2) Medium Pass CC GuestBook cc_guestbook.pl Multiple Parameter XSS CVE-2003-1556 30 Mar 2003 4.3 (v2) Medium Pass OpenSSH < 2.5.2 / 2.5.2p2 Multiple Information Disclosure Vulnerabilities CVE-2001-0361 CVE-2001-0572 04 Oct 2011 5 (v2) Medium Pass Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS CVE-2002-2272 04 Apr 2003 5 (v2) Medium Pass NETGEAR FM114P ProSafe Router Multiple Vulnerabilities 03 Apr 2003 7.5 (v2) High Pass Linksys Router Default Password (admin) 06 Apr 2003 7.5 (v2) High Pass Abyss Web Server Malformed GET Request Remote DoS CVE-2003-1364 06 Apr 2003 5 (v2) Medium Pass Ocean12 Guestbook XSS 14 Apr 2003 4.3 (v2) Medium Pass Check Point FireWall-1 Open Web Administration 04 Apr 2003 None Pass HP Instant TopTools hpnst.exe CGI DoS CVE-2003-0169 06 Apr 2003 5 (v2) Medium Pass AutomatedShops WebC.cgi Multiple Overﬂows 04 Apr 2003 7.5 (v2) High Pass Coppermine Photo Gallery Multiple Extension File Upload Arbitrary PHP Code Execution 07 Apr 2003 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.25 Multiple Vulnerabilities CVE-2007-6679 CVE-2008-0740 CVE-2008-0741 05 Apr 2010 10 (v2) Critical Pass SheerDNS < 1.0.1 Multiple Vulnerabilities 14 Apr 2003 5 (v2) Medium Pass Default Password for FTP 'admin' Account 15 Apr 2003 9.8 (v3) Critical Pass Xeneo Web Server %A Request Remote DoS CVE-2002-1248 23 Apr 2003 5 (v2) Medium Pass MDG Web Server 4D GET Request Remote Overﬂow 04 May 2003 5 (v2) Medium Pass BadBlue ISAPI Extension .hts Crafted File Extension Request Authentication Bypass CVE-2003-0332 27 Apr 2003 7.6 (v2) High Pass Xeneo Web Server 2.2.9.0 GET Request Remote Overﬂow DoS 23 Apr 2003 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 11 Multiple Vulnerabilities CVE-2010-0774 CVE-2010-0775 CVE-2010-0776 CVE-2010-0777 CVE-2010-0778 CVE-2010-0779 CVE-2010-1650 CVE-2010-1651 CVE-2010-2324 CVE-2010-2325 CVE-2010-2326 CVE-2010-2327 CVE-2010-232822 Jun 2010 10 (v2) Critical Pass Nokia IPSO Voyager WebGUI readﬁle.tcl ﬁle Parameter Arbitrary File Access 24 Apr 2003 5 (v2) Medium Pass IdeaBox include.php ideaDir Parameter Remote File Inclusion 29 Apr 2003 8.3 (v3) High Pass bttlxeForum login.asp Multiple Field SQL Injection CVE-2003-0215 24 Apr 2003 7.5 (v2) High Pass Coppermine Photo Gallery displayimage.php SQL Injection 04 May 2003 7.5 (v2) High Pass FTP Server root Directory .forward File Present 04 May 2003 5 (v2) Medium Pass FTP Server root Directory .rhosts File Present 04 May 2003 5 (v2) Medium 8

Pass WebWeaver FTP Aborted RETR Command Remote DoS 06 May 2003 5.3 (v3) Medium Pass thttpd Host Header Traversal Arbitrary File Access CVE-2002-1562 CVE-2003-0899 06 May 2003 5 (v2) Medium Pass FTGatePro Mail Server Multiple Command Remote Overﬂow CVE-2003-0263 06 May 2003 5 (v2) Medium Pass Sambar Server Cleartext Password Transmission 07 May 2003 4.3 (v2) Medium Pass FileMaker Pro Client Request User Passwords Remote Disclosure 07 May 2003 7.5 (v2) High Pass StockMan Shopping Cart shop.plx Path Disclosure 05 May 2003 5 (v2) Medium Pass Mike Bobbitt's album.pl Alternative Conﬁguration File Remote Command Execution CVE-2003-1456 06 May 2003 5 (v2) Medium Pass SLMail < 5.1.0.4433 Multiple Command Remote Overﬂows CVE-2003-0264 07 May 2003 7.5 (v2) High Pass ArGoSoft Mail Server HTTP Daemon GET Request Saturation DoS 11 Jun 2003 5 (v2) Medium Pass PT News Unauthorized Administrative Access 07 May 2003 6.4 (v2) Medium Pass SLMail WebMail Multiple Remote Overﬂows CVE-2003-0266 CVE-2003-0267 CVE-2003-0268 07 May 2003 7.5 (v2) High Pass mod_survey For Apache ENV Tags SQL Injection 09 May 2003 7.5 (v2) High Pass MailMaxWeb Cookie Application Path Disclosure 07 May 2003 5 (v2) Medium Pass BEA WebLogic SSIServlet Invocation Source Code Disclosure CVE-2000-0683 08 May 2003 5 (v2) Medium Pass Ikonboard FUNC.pm lang Cookie Arbitrary Command Execution CVE-2003-0770 08 May 2003 7.5 (v2) High Pass Cacti index.php/sql.php Login Action login_username Parameter SQL Injection CVE-2008-0785 13 Feb 2008 7.5 (v2) High Pass Eserv Non-Terminated Connection Saturation DoS 12 May 2003 7.8 (v2) High Pass VMware vCenter Server 6.0.x < 6.0u2 Unspeciﬁed HTTP Header Injection (VMSA-2016-0010) CVE-2016-5331 11 Aug 2016 6.1 (v3) Medium Pass Proxy Web Server XSS CVE-2003-0292 19 May 2003 4.3 (v2) Medium Pass Lovgate Virus Detection 19 May 2003 10 (v2) Critical Pass Juniper Junos OS Vulnerability (JSA11115) CVE-2019-8936 15 Apr 2021 7.5 (v3) High Pass MailMax IMAP Server SELECT Command Remote Overﬂow CVE-2003-0319 19 May 2003 6.5 (v2) Medium Pass BadBlue ISAPI Extension ext.dll LoadPage Parameter Arbitrary File Access 20 May 2003 7.6 (v2) High Pass WsMp3 Daemon (WsMp3d) HTTP Traversal Arbitrary File Execution/Access CVE-2003-0338 21 May 2003 7.5 (v2) High Pass BLNews objects.inc.php4 Server[path] Parameter Remote File Inclusion CVE-2003-0394 27 May 2003 8.3 (v3) High Pass Juniper Junos OS Vulnerability (JSA11152) CVE-2021-0261 15 Apr 2021 7.5 (v3) High Pass ShareMailPro POP3 Interface Error Message Account Enumeration 27 May 2003 5 (v2) Medium Pass SolarWinds Storage Resource Monitor Proﬁler addNewRule SQL Injection RCE 26 Jul 2016 10 (v2) Critical Pass Synchrologic Email Accelerator aggregate.asp User Account Disclosure 28 May 2003 5 (v2) Medium Pass TextPortal Default Passwords 28 May 2003 7.5 (v2) High Pass CafeLog B2 Multiple Script Remote File Inclusion 29 May 2003 8.3 (v3) High Pass Webfroot shoutbox.php conf Parameter Traversal Local File Inclusion 29 May 2003 7.5 (v2) High Pass iisPROTECT Unpassworded Administrative Interface 28 May 2003 7.5 (v2) High Pass Microsoft Media Services ISAPI nsiislog.dll Multiple Overﬂows CVE-2003-0227 CVE-2003-0349 28 May 2003 10 (v2) Critical Pass BaSoMail SMTP Multiple Command Remote Overﬂow DoS 02 Jun 2003 10 (v2) Critical Pass Bandmin 1.4 index.cgi Multiple Parameter XSS CVE-2003-0416 29 May 2003 4.3 (v2) Medium Pass Super-M Son hServer URI Traversal Arbitrary File Access CVE-2003-0417 02 Jun 2003 5 (v2) Medium Pass mod_gzip Detection 02 Jun 2003 5 (v2) Medium Pass ST FTP Service Arbitrary File/Directory Access CVE-2003-0392 02 Jun 2003 5.3 (v3) Medium Pass Linux NFS utils package (nfs-utils) mountd xlog Function Oﬀ-by-one Remote Overﬂow CVE-2003-0252 23 Jul 2003 10 (v2) Critical Pass IBM WebSphere Application Server < 6.1.0.17 Multiple Vulnerabilities CVE-2008-2550 CVE-2009-0435 10 Jun 2008 7.5 (v2) High Pass PostNuke Rating System DoS 02 Jun 2003 5 (v2) Medium Pass Xpressions Interactive Multiple Products login.asp SQL Injection 04 Jun 2003 7.5 (v2) High Pass Cisco IDS Device Manager Detection 03 Jun 2003 None Pass Juniper Junos OS Vulnerability (JSA11155) CVE-2021-0264 15 Apr 2021 7.5 (v3) High Pass zenTrack index.php conﬁgFile Parameter Traversal Arbitrary Files Access 09 Jun 2003 5 (v2) Medium Pass Gnutella Root Directory Misconﬁguration 11 Jun 2003 7.8 (v2) High Pass Avirt Multiple Product HTTP Proxy Overﬂow (deprecated) CVE-2002-0133 11 Jun 2003 7.5 (v2) High Pass Bugbear.B Web Backdoor Detection 09 Jun 2003 10 (v2) Critical Pass Oracle WebLogic Server Plug-in Remote Overﬂow (1166189) CVE-2008-5457 15 Jan 2009 10 (v2) Critical Pass Bugbear.B Worm Detection 11 Jun 2003 10 (v2) Critical Pass Inﬁnity CGI Exploit Scanner Multiple Vulnerabilities 16 Jun 2003 7.5 (v2) High Pass Secure HyperText Transfer Protocol (S-HTTP) Detection 11 Jun 2003 5 (v2) Medium Pass Proxomitron GET Request Overﬂow Remote DoS 18 Jun 2003 5 (v2) Medium Pass NGC Active FTPServer 2002 Multiple Command Remote DoS 18 Jun 2003 10 (v2) Critical Pass CUPS Printer List Disclosure 18 Jun 2003 5 (v2) Medium Pass pMachine lib.inc.php pm_path Parameter Remote File Inclusion CVE-2003-1086 16 Jun 2003 7.3 (v3) High Pass Psunami.CGI Command Execution 17 Jun 2003 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA11143) CVE-2021-0250 15 Apr 2021 7.5 (v3) High Pass Vignette StoryServer < 6.0.4 Arbitrary TCL Code Execution CVE-2003-0398 CVE-2003-0399 CVE-2003-0402 CVE-2003-0405 17 Jun 2003 7.5 (v2) High Pass PostgreSQL Authentication Module (mod_sql) for ProFTPD USER Name Parameter SQL Injection CVE-2003-0500 19 Jun 2003 7.5 (v2) High Pass Zope Invalid Query Path Disclosure 23 Jun 2003 5 (v2) Medium Pass TMaxSoft JEUS url.jsp URI XSS 19 Jun 2003 4.3 (v2) Medium Pass Cajun Switch Negative Integer Handling Remote DoS 18 Jun 2003 7.8 (v2) High Pass UPnP TCP Helper Detection 19 Jun 2003 None Pass Abyss Web Server GET Request Multiple Vulnerabilities CVE-2003-1337 30 Jun 2003 7.5 (v2) High Pass iXmail index.php password Parameter SQL Injection 27 Jun 2003 7.5 (v2) High Pass ProductCart Multiple Vulnerabilities CVE-2003-0522 CVE-2003-0523 CVE-2003-1304 08 Jul 2003 5 (v2) Medium Pass VP-ASP shopexd.asp catalogid Parameter SQL Injection CVE-2002-1919 08 Jul 2003 7.5 (v2) High Pass IBM BigFix Server 9.2.x < 9.2.8.74 .beswrpt File Handling XSS CVE-2016-0293 30 Aug 2016 6.1 (v3) Medium Pass UnrealIRCd OperServ Raw Channel Join DoS 21 Jul 2003 5 (v2) Medium Pass FTP Server Copyrighted Material Present 26 Jun 2003 None Pass Forum51/Board51/News51 Users Disclosure 21 Jul 2003 5 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11166) CVE-2021-0275 15 Apr 2021 8.8 (v3) High Pass WebCalendar long.php user_inc Parameter Traversal Arbitrary File Access 21 Jul 2003 6.8 (v2) Medium Pass TrueType Font Server for X11 (xfstt) Malformed Packet Remote Overﬂow CVE-2003-0581 01 Aug 2003 10 (v2) Critical Pass RIP Poisoning Routing Table Modiﬁcation 03 Sep 2003 7.5 (v2) High Pass TFTP Daemon Detection 13 Aug 2003 None Pass RIP Detection 28 Aug 2003 None Pass Dropbear SSH Server Username Remote Format String 20 Aug 2003 10 (v2) Critical Pass myPHPNuke phptonuke.php ﬁlnavn Parameter Traversal Arbitrary File Access CVE-2002-1913 31 Aug 2003 5 (v2) Medium Pass Stellar Docs Malformed Query Path Disclosure 11 Aug 2003 5 (v2) Medium Pass Sendmail < 8.12.10 prescan() Function Remote Overﬂow CVE-2003-0681 CVE-2003-0694 17 Sep 2003 10 (v3) Critical Pass WinMX Detection (uncredentialed check) 22 Sep 2003 5.3 (v3) Medium Pass FastTrack (FT) Crafted Packet Handling Remote Overﬂow CVE-2003-0397 22 Sep 2003 7.5 (v2) High Pass Exclude top-level domain wildcard hosts 18 Sep 2003 None Pass Overnet Detection 22 Sep 2003 None Pass Solaris sadmind AUTH_SYS Credential Remote Command Execution CVE-2003-0722 19 Sep 2003 10 (v2) Critical Pass myPHPNuke My_eGallery gallery/displayCategory.php basepath Parameter Remote File Inclusion CVE-2006-6795 12 Sep 2003 8.3 (v3) High Pass ISC BIND < 4.9.11 stub resolver (libresolv.a) DNS Response Overﬂow CVE-2002-0029 29 Sep 2003 10 (v2) Critical Pass MyServer 0.4.3 / 0.7 Crafted Traversal Arbitrary File Access CVE-2004-2516 26 Sep 2003 5 (v2) Medium Pass WordPress 'blog.header.php' Multiple Parameter SQL Injection 03 Oct 2003 7.5 (v2) High Pass EMC Documentum D2 4.5.x < 4.5 P15 / 4.6.x < 4.6 P03 r_object_id Handling Unauthenticated Document DisclosurCVE-2016-6644e (ESA-2016-108) 26 Sep 2016 5.3 (v3) Medium Pass Fluxay Sensor Detection 13 Oct 2003 10 (v2) Critical Pass Wollf Backdoor Detection 13 Oct 2003 10 (v2) Critical Pass OpenSSL ASN.1 Parser Multiple Remote DoS CVE-2003-0543 CVE-2003-0544 CVE-2003-0545 CVE-2005-1247 CVE-2005-1730 10 Oct 2003 9.3 (v2) High Pass XtraMail SMTP HELO Command Remote Overﬂow CVE-1999-1511 10 Nov 1999 10 (v2) Critical Pass Symantec Backup Exec System Recovery Manager FileUpload Class Unauthorized File Upload CVE-2008-0457 09 Feb 2008 10 (v2) Critical Pass myPHPcalendar Multiple Scripts cal_dir Parameter Remote File Inclusion CVE-2006-6812 12 Oct 2003 8.3 (v3) High Pass NIPrint LPD-LPR Print Server String Handling Remote Overﬂow CVE-2003-1141 17 Nov 2003 7.5 (v2) High Pass Monkey HTTP Daemon (monkeyd) Post_Method Function Crafted Content-Length Header DoS CVE-2002-1663 13 Nov 2003 5.3 (v3) Medium Pass TinyWeb cgi-bin Crafted HTTP GET Request DoS CVE-2003-1510 16 Oct 2003 7.8 (v2) High Pass Quagga / Zebra Malformed Telnet Command Denial of Service CVE-2003-0795 17 Nov 2003 5 (v2) Medium Pass SAP DB / MaxDB Detection 22 Nov 2003 None Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0007) (remote check) CVE-2009-3732 CVE-2010-1141 CVE-2010-1142 08 Mar 2016 10 (v2) Critical Pass Ebola AV Daemon < 0.1.5 Authentication Sequence Remote Overﬂow 10 Dec 2003 7.5 (v2) High Pass OpenSSL 0.9.8 < 0.9.8zb Multiple Vulnerabilities CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 08 Aug 2014 4.3 (v2) Medium Pass VP-ASP shopsearch SQL Injection 04 Dec 2003 4.4 (v2) Medium Pass SGDynamo sgdynamo.exe HTNAME Parameter Path Disclosure 18 Dec 2003 4.3 (v2) Medium Pass CVS PServer CVSROOT Passwd File Arbitrary Code Execution 01 Jan 2004 9 (v2) High Pass Jordan's Windows Telnet Server Password Handling Remote Overﬂow 01 Jan 2004 7.5 (v2) High Pass eScan Server Management Console (eserv.exe) FTP Server Arbitrary File Download CVE-2008-1221 07 Mar 2008 5 (v2) Medium 9

Pass Compaq Web-Based Management Agent Remote Overﬂow DoS 06 Jan 2004 5 (v2) Medium Pass KpyM Telnet Server DoS 07 Jan 2004 5 (v2) Medium Pass Bagle Worm Removal 21 Jan 2004 10 (v2) Critical Pass Zope < 2.6.3 Multiple Vulnerabilities 13 Jan 2004 5 (v2) Medium Pass Apache 2.2.x < 2.2.21 mod_proxy_ajp DoS CVE-2011-3348 16 Sep 2011 5.3 (v3) Medium Pass DNS Server Fingerprinting 16 Dec 2003 None Pass APSIS Pound Load Balancer Format String Overﬂow CVE-2004-2026 15 Jun 2004 7.5 (v2) High Pass Finjan SurﬁnGate Proxy FHTTP Command Admin Functions Authentication Bypass CVE-2004-2107 02 Feb 2004 7.5 (v2) High Pass JBrowser _admin/ Direct Request Admin Authentication Bypass CVE-2007-1156 02 Feb 2004 7.5 (v2) High Pass PJ CGI Neo PJreview_Neo.cgi p Parameter Traversal Arbitrary File Access CVE-2004-2132 02 Feb 2004 5 (v2) Medium Pass XTreme ASP Photo Gallery adminlogin.asp Multiple Parameter SQL Injection CVE-2004-2746 16 Jan 2004 7.5 (v2) High Pass Qualiteam X-Cart Multiple Script perl_binary Parameter Arbitrary Command Execution CVE-2004-0241 03 Feb 2004 10 (v2) Critical Pass Apache-SSL SSLVerifyClient SSLFakeBasicAuth Client Certiﬁcate Forgery CVE-2004-0009 06 Feb 2004 7.3 (v3) High Pass Mambo Site Server itemid Parameter XSS CVE-2004-2072 06 Feb 2004 4.3 (v2) Medium Pass MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028) (uncredentialed check) (HTTP) CVE-2003-0818 15 Feb 2004 7.5 (v2) High Pass BEA WebLogic conﬁg.xml Operator/Admin Password Disclosure CVE-2004-1757 05 Feb 2004 4.4 (v2) Medium Pass Google Search Appliance proxystylesheet Parameter Multiple Remote Vulnerabilities (XSS, Code Exec, ID)CVE-2005-3754 CVE-2005-3755 CVE-2005-3756 CVE-2005-3757 CVE-2005-3758 22 Nov 2005 7.5 (v2) High Pass vBulletin search.php query Parameter XSS CVE-2004-2076 16 Feb 2004 4.3 (v2) Medium Pass Bagle.B Worm Detection 17 Feb 2004 9.3 (v2) High Pass MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028) (uncredentialed check) (NTLM) CVE-2003-0818 13 Feb 2004 9.8 (v3) Critical Pass Serv-U MDTM Command Overﬂow CVE-2004-0330 26 Feb 2004 9 (v2) High Pass ASN.1 Multiple Integer Overﬂows (SMTP check) CVE-2003-0818 18 Feb 2004 10 (v2) Critical Pass APC SmartSlot Web/SNMP Management Card Default Password CVE-2004-0311 18 Feb 2004 10 (v2) Critical Pass Crob FTP Server Connection Saturation Remote DoS CVE-2004-0282 17 Feb 2004 5 (v2) Medium Pass Ecommerce Corp. Online Store Kit 3.0 Multiple Vulnerabilities CVE-2004-0300 CVE-2004-0301 17 Feb 2004 7.5 (v2) High Pass TalentSoft Web+ webplus.exe Path Disclosure 24 Feb 2004 5 (v2) Medium Pass TYPSoft FTP Server 1.10 Invalid Path Request DoS CVE-2004-0325 25 Feb 2004 7.8 (v2) High Pass Apache Tomcat Default Files 02 Mar 2004 5.3 (v3) Medium Pass WFTP 3.21 Multiple Vulnerabilities (OF, DoS) CVE-2004-0340 CVE-2004-0341 CVE-2004-0342 29 Feb 2004 7.2 (v2) High Pass DreamFTP Server username Remote Format String CVE-2004-2074 04 Mar 2004 7.3 (v3) High Pass Apache 2.0.x < 2.0.49 mod_ssl Plain HTTP Request DoS CVE-2004-0113 14 Mar 2004 5.3 (v3) Medium Pass Robo-FTP Pre-authentication Command Execution DoS 27 Feb 2004 5 (v2) Medium Pass HotOpentickets Privilege Escalation 04 Mar 2004 6.5 (v2) Medium Pass ShopCartCGI Multiple Script Traversal Arbitrary File Access CVE-2004-0293 17 Feb 2004 5 (v2) Medium Pass Courier < 0.45 Multiple Remote Overﬂows CVE-2004-0224 14 Mar 2004 10 (v2) Critical Pass Apache Tomcat source.jsp Arbitrary Directory Listing CVE-2002-2007 31 Mar 2004 5.3 (v3) Medium Pass Agobot.FO Backdoor Detection 05 Apr 2004 10 (v2) Critical Pass Invision Power Board index.php pop Parameter XSS CVE-2004-2279 14 Mar 2004 4.3 (v2) Medium Pass Oracle 9iAS iSQLplus XSS 17 Mar 2004 4.3 (v2) Medium Pass oftpd PORT Command Remote DoS CVE-2004-0376 04 Apr 2004 5 (v2) Medium Pass Web Server Incomplete Basic Authentication DoS (deprecated) 11 Apr 2004 7.5 (v2) High Pass Novell NetWare Web Handler Multiple Vulnerabilities CVE-2002-1436 CVE-2002-1437 CVE-2002-1438 21 Nov 2002 7.5 (v2) High Pass Novell Groupwise Servlet Manager Default Password CVE-2001-1195 31 Mar 2004 5 (v2) Medium Pass Aborior Encore WebForum display.cgi ﬁle Parameter Command Execution CVE-2004-1888 04 Apr 2004 7.5 (v2) High Pass Ultimate PHP Board add.php Direct Request Information Disclosure CVE-2002-2276 05 Apr 2004 5 (v2) Medium Pass XOOPS Article Module article.php id Parameter SQL Injection CVE-2008-2094 23 Apr 2008 7.5 (v2) High Pass CVS Client Traversal Arbitrary File Retrieval CVE-2004-0405 16 Apr 2004 5 (v2) Medium Pass TCP/IP Sequence Prediction Blind Reset Spooﬁng DoS CVE-2004-0230 25 Apr 2004 5 (v2) Medium Pass Web Server Load Balancer Detection 04 May 2004 2.6 (v2) Low Pass Web Server Reverse Proxy Detection 04 May 2004 5 (v2) Medium Pass MS04-011: Security Update for Microsoft Windows (835732) (uncredentialed check) CVE-2003-0533 15 Apr 2004 9.8 (v3) Critical Pass Helix RealServer HTTP GET Request DoS CVE-2004-0389 15 Apr 2004 7.8 (v2) High Pass Xerox WorkCentre Extensible Interface Platform Unspeciﬁed Security Bypass (XRX08-006) CVE-2008-2824 13 Jun 2008 10 (v2) Critical Pass Microsoft IIS Cookie information disclosure 06 May 2004 5 (v2) Medium Pass AppSocket & socketAPI Printers - Do Not Scan 19 May 2004 None Pass RPC bootparamd NIS Domain Name Disclosure 13 May 2004 5 (v2) Medium Pass NIS passwd.byname Map Disclosure 13 May 2004 5 (v2) Medium Pass IBM Lotus Domino ?ReadDesign Request Design Element Disclosure 26 May 2004 5 (v2) Medium Pass UoW imap Server (uw-imapd) Arbitrary Remote File Access CVE-2002-1782 26 May 2004 2.1 (v2) Low Pass mod_ssl ssl_util_uuencode_binary Remote Overﬂow CVE-2004-0488 29 May 2004 7.5 (v2) High Pass Terminal Services Web Detection 07 May 2004 None Pass H323 Protocol / VoIP Application Detection 20 May 2004 None Pass Subversion < 1.0.4 Pre-Commit-Hook Remote Overﬂow 08 Jun 2004 7.5 (v2) High Pass jPortal print.inc.php id Parameter SQL Injection CVE-2004-2036 29 May 2004 7.5 (v2) High Pass Qpopper Authentication Timing Response Account Enumeration 16 Jun 2004 5 (v2) Medium Pass Record Route 09 Jun 2004 None Pass US Robotics Broadband Router 8003 menu.htm Admin Password Disclosure 11 Jun 2004 10 (v2) Critical Pass MS04-017: Crystal Reports Web Viewer Could Allow Information Disclosure and DoS (842689) (uncredentialed check)CVE-2004-0204 11 Jun 2004 7.5 (v2) High Pass EDIMAX Wireless AP Default Password Check 11 Jun 2004 10 (v2) Critical Pass WordPress < 0.72 RC1 Multiple Vulnerabilities CVE-2003-1599 09 Jun 2003 7.3 (v3) High Pass Microsoft IIS Download.Ject Trojan Detection 25 Jun 2004 7.5 (v2) High Pass JetBrains TeamCity Agent XML-RPC Port RCE 10 Nov 2016 9.8 (v3) Critical Pass Unreal Engine Secure Query Remote Overﬂow CVE-2004-0608 22 Jun 2004 10 (v2) Critical Pass Horde Chora CVS Viewer diﬀ Utility Arbitrary Command Execution 21 Jun 2004 7.5 (v2) High Pass Citrix MetaFrame XP login.asp NFuse_Message Parameter XSS CVE-2003-1157 06 Jul 2004 4.3 (v2) Medium Pass Inktomi Search MS-DOS Device Name Request Path Disclosure CVE-2004-0050 06 Jul 2004 5 (v2) Medium Pass osTicket Arbitrary Attachment Disclosure CVE-2004-0613 14 Jul 2004 5 (v2) Medium Pass IMP Software Detection 10 Jul 2004 None Pass osTicket Form Field Modiﬁcation File Upload Size Restriction Bypass CVE-2004-0614 14 Jul 2004 5 (v2) Medium Pass osTicket Attachment Handling File Upload Arbitrary Code Execution CVE-2004-0613 14 Jul 2004 7.5 (v2) High Pass Splunk Enterprise 6.1.x < 6.1.3 Multiple Vulnerabilities CVE-2014-5197 CVE-2014-5198 18 Aug 2014 4.3 (v2) Medium Pass SquirrelMail Detection 11 Jul 2004 None Pass Mensajeitor Tag Board Admin Bypass 26 Jul 2004 5 (v2) Medium Pass Subversion < 1.0.6 mod_authz_svn Restricted File Access Bypass CVE-2004-1438 27 Jul 2004 5 (v2) Medium Pass Citadel/UX USER Command Remote Overﬂow CVE-2004-1705 30 Jul 2004 10 (v2) Critical Pass Horde Chora Software Detection 28 Jul 2004 None Pass RiSearch show.pl Open Proxy Relay CVE-2004-2061 02 Aug 2004 7.5 (v2) High Pass PowerPortal modules/private_messages/index.php Multiple Parameter XSS CVE-2004-2514 01 Aug 2004 4.3 (v2) Medium Pass Samba < 3.0.7 Multiple Remote DoS CVE-2004-0807 CVE-2004-0808 13 Sep 2004 5 (v2) Medium Pass Medal of Honor Multiple Remote Overﬂows CVE-2004-0735 10 Aug 2004 10 (v2) Critical Pass MySQL < 3.23.59 / 4.0.21 Multiple Vulnerabilities CVE-2004-0835 CVE-2004-0837 11 Oct 2004 7.5 (v2) High Pass Zincite.A (MyDoom.M) Backdoor Detection 02 Aug 2004 10 (v2) Critical Pass WebCam Watchdog sresult.exe XSS CVE-2004-2528 02 Aug 2004 4.3 (v2) Medium Pass Juniper Junos OS Multiple Vulnerabilities (JSA11171) CVE-2013-5211 CVE-2016-9310 15 Apr 2021 6.5 (v3) Medium Pass thttpd 2.0.7 Directory Traversal (Windows) CVE-2004-2628 09 Aug 2004 5 (v2) Medium Pass Polar HelpDesk Authentication Bypass CVE-2004-2736 02 Aug 2004 7.5 (v2) High Pass BasiliX Message Content XSS CVE-2002-1708 09 Aug 2004 4.3 (v2) Medium Pass Basilix Webmail id Variable SQL Injection CVE-2002-1709 09 Aug 2004 6.4 (v2) Medium Pass RiSearch show.pl Arbitrary File Access CVE-2004-2061 04 Aug 2004 5 (v2) Medium Pass BreakCalendar < 1.3 XSS 09 Aug 2004 4.3 (v2) Medium Pass Dropbear SSH Server DSS Veriﬁcation Failure Remote Privilege Escalation CVE-2004-2486 09 Aug 2004 7.5 (v2) High Pass GoScript go.cgi Arbitrary Command Execution CVE-2004-2776 09 Aug 2004 7.5 (v2) High Pass Knox Arkeia Network Backup Agent Default Account CVE-2005-0496 21 Feb 2005 10 (v2) Critical Pass CVSTrac cgi.c Multiple Overﬂows 17 Aug 2004 7.5 (v2) High Pass CVSTrac Database Plaintext Password Storage 17 Aug 2004 5 (v2) Medium Pass SNMP Scanner 15 Aug 2004 None Pass CVSTrac Invalid Ticket DoS 17 Aug 2004 5 (v2) Medium Pass BasiliX login.php3 username Variable Arbitrary Command Execution 09 Aug 2004 6.8 (v2) Medium Pass phpGroupWare Unspeciﬁed Remote File Inclusion 17 Aug 2004 7.5 (v2) High Pass CVS history.c File Existence Information Disclosure CVE-2004-0778 20 Aug 2004 5 (v2) Medium Pass CVSTrac Ticket Title Arbitrary Command Execution 17 Aug 2004 7.5 (v2) High Pass CVSTrac timeline.c timeline_page Function Overﬂow 17 Aug 2004 7.5 (v2) High 10

Pass Keene Digital Media Server Multiple Script XSS 08 Sep 2004 4.3 (v2) Medium Pass WordPress Trackback 'wp-trackback.php' 'tb_id' Parameter SQL Injection CVE-2007-0233 12 Jan 2007 7.5 (v2) High Pass PHP-Nuke PhotoADay Module pad_selected Parameter XSS 23 Aug 2004 4.3 (v2) Medium Pass MAILsweeper Archive File Filtering Bypass CVE-2003-0922 CVE-2003-0929 CVE-2003-0930 23 Aug 2004 7.5 (v2) High Pass Mailreader network.cgi enriched/richtext MIME Message XSS CVE-2005-0386 30 Mar 2005 4.3 (v2) Medium Pass SOCKS4 Server Recursive Connection Remote DoS 20 Feb 2005 7.8 (v2) High Pass eGroupWare <= 1.0.00.003 Multiple Module XSS CVE-2004-1467 23 Aug 2004 4.3 (v2) Medium Pass INL ulog-php port.php proto Parameter SQL Injection 24 Aug 2004 7.5 (v2) High Pass WebAPP Directory Traversal CVE-2004-1742 24 Aug 2004 5 (v2) Medium Pass Easy File Sharing Web Server disk_c Virtual Folder Request Arbitrary File Access CVE-2004-1743 26 Aug 2004 7.8 (v2) High Pass WS_FTP Server Path Parsing Remote DoS CVE-2004-1643 31 Aug 2004 7.8 (v2) High Pass WS_FTP Server CWD Command Remote DoS CVE-1999-0362 31 Aug 2004 5 (v2) Medium Pass Titan FTP Server Multiple Command Remote Overﬂow CVE-2004-1641 31 Aug 2004 10 (v2) Critical Pass External Scanner Service Identiﬁcation 05 Sep 2004 None Pass HastyMail HTML Attachment Script Execution CVE-2004-2704 25 Aug 2004 4.3 (v2) Medium Pass WebMatic Unspeciﬁed Login Function Access Vulnerability 26 Aug 2004 7.5 (v2) High Pass Merak Webmail / IceWarp Web Mail < 5.2.8 Multiple Vulnerabilities CVE-2004-1719 CVE-2004-1720 CVE-2004-1721 CVE-2004-1722 26 Aug 2004 7.5 (v2) High Pass WS_FTP Server STAT Command Remote Overﬂow 31 Aug 2004 10 (v2) Critical Pass TorrentTrader download.php id Parameter SQL Injection 01 Sep 2004 7.5 (v2) High Pass IlohaMail Attachment Arbitrary File Create/Overwrite 02 Sep 2004 5 (v2) Medium Pass IlohaMail index.php session Parameter Arbitrary File Access 02 Sep 2004 5 (v2) Medium Pass IlohaMail index.php init_lang Parameter Arbitrary File Access 02 Sep 2004 5 (v2) Medium Pass Xedus Web Server Traversal Arbitrary File Access CVE-2004-1646 03 Sep 2004 5 (v2) Medium Pass Cerbere HTTP Proxy Server Host: Header Remote DoS 02 Sep 2004 7.8 (v2) High Pass IlohaMail user Parameter XSS 02 Sep 2004 4.3 (v2) Medium Pass IlohaMail Multiple External Programs Arbitrary Command Execution 02 Sep 2004 7.5 (v2) High Pass SOCKS5 Server Recursive Connection Remote DoS 20 Feb 2005 5 (v2) Medium Pass eZ/eZphotoshare Connection Saturation Remote DoS 08 Sep 2004 5 (v2) Medium Pass TYPSoft FTP Server Empty Username DoS CVE-2004-0252 13 Sep 2004 5 (v2) Medium Pass TYPSoft FTP Server Crafted RETR Command Sequence Remote DoS 09 Sep 2004 5 (v2) Medium Pass TYPSoft FTP Server LIST Command Traversal Arbitrary Directory Listing CVE-2002-0558 13 Sep 2004 4 (v2) Medium Pass Subversion < 1.0.8 / 1.1.0-rc4 mod_authz_svn Unreadable Path Metadata Information Disclosure CVE-2004-0749 23 Sep 2004 5 (v2) Medium Pass OpenCA crypto-utils.lib libCheckSignature Function Signature Validation Weakness CVE-2004-0004 13 Sep 2004 7.5 (v2) High Pass Turbo Seek tseekdir.cgi location Parameter Arbitrary File Access 14 Sep 2004 5 (v2) Medium Pass BBS E-Market Professional index.php ﬁlename Parameter Traversal Arbitrary File Access 21 Sep 2004 5 (v2) Medium Pass Service Detection: 3 ASCII Digit Code Responses 17 Sep 2004 None Pass IP Protocols Scan 22 Sep 2004 None Pass Active WebCam Webserver <= 5.5 Multiple Vulnerabilities (DoS, Path Disc) CVE-2005-0730 CVE-2005-0731 CVE-2005-0732 CVE-2005-0733 CVE-2005-0734 12 Mar 2005 5 (v2) Medium Pass aspWebAlbum album.asp SQL Injection CVE-2004-1553 24 Sep 2004 6.8 (v2) Medium Pass Pinnacle ShowCenter Skin DoS CVE-2004-1699 27 Sep 2004 5 (v2) Medium Pass BroadBoard Multiple Script SQL Injection CVE-2004-1555 27 Sep 2004 7.5 (v2) High Pass Radmin (Remote Administrator) Port 10002 - Possible GDI Compromise CVE-2004-0200 28 Sep 2004 9.3 (v2) High Pass IRC Bot ident Server Detection 28 Sep 2004 10 (v2) Critical Pass WebCalendar Detection 28 Jun 2005 None Pass MyServer HTTP POST Request Remote Overﬂow DoS CVE-2004-2517 28 Sep 2004 5 (v2) Medium Pass Debian GNU/Linux Sendmail Default SASL Password CVE-2004-0833 28 Sep 2004 7.5 (v2) High Pass phpBB Detection 22 Nov 2004 None Pass Icecast Crafted URI Remote DoS CVE-2001-1083 01 Oct 2004 5 (v2) Medium Pass Icecast Multiple Unspeciﬁed Remote Overﬂows CVE-2001-1230 01 Oct 2004 7.5 (v2) High Pass w32.spybot.fcd Worm Infection Detection 20 Oct 2004 9.7 (v2) High Pass Cisco NX-OS Software ICMP Version 6 Memory Leak DoS (cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq) CVE-2021-1229 20 Apr 2021 5.3 (v3) Medium Pass EasyPHPCalendar Multiple Script serverPath Parameter Remote File Inclusion CVE-2005-2155 05 Jul 2005 6.8 (v2) Medium Pass Silent-Storm Portal Multiple Input Validation Vulnerabilities CVE-2004-1566 CVE-2004-1567 01 Oct 2004 7.5 (v2) High Pass Kerio MailServer < 6.0.3 Unspeciﬁed Vulnerability CVE-2004-2441 01 Oct 2004 10 (v2) Critical Pass PostgreSQL make_oidjoins_check Arbitrary File Overwrite CVE-2004-0977 04 Oct 2004 2.1 (v2) Low Pass Helix Universal Server Remote Integer Handling DoS 08 Oct 2004 5 (v2) Medium Pass ArGoSoft FTP Server XCWD Remote Overﬂow 08 Oct 2004 5.3 (v3) Medium Pass w-Agora Multiple Script Traversal Arbitrary File Access 08 Oct 2004 5 (v2) Medium Pass Microsoft Windows/Exchange SMTP DNS Lookup Overﬂow (885881) CVE-2004-0840 12 Oct 2004 10 (v2) Critical Pass MS04-036: Microsoft NNTP Component Remote Overﬂow (883935) (uncredentialed check) CVE-2004-0574 12 Oct 2004 10 (v2) Critical Pass Zanﬁ CMS Lite index.php inc Parameter Remote File Inclusion CVE-2004-2195 11 Oct 2004 7.3 (v3) High Pass DUware Products Multiple Remote Vulnerabilities (SQLi, XSS) CVE-2004-2198 CVE-2004-2199 CVE-2004-2200 CVE-2004-2201 CVE-2004-2202 11 Oct 2004 7.5 (v2) High Pass BugPort Attached File Handling Unspeciﬁed Issue 13 Oct 2004 7.5 (v2) High Pass XOOPS viewtopic.php Multiple Parameter XSS CVE-2004-2756 17 Oct 2004 4.3 (v2) Medium Pass Cisco ClamAV for Windows DLL Hijacking (cisco-sa-amp-imm-dll-tu79hvkO) CVE-2021-1386 15 Apr 2021 7.8 (v3) High Pass Hacker Defender Backdoor Detection 19 Oct 2004 10 (v2) Critical Pass OmniHTTPd Pro Long POST Request DoS CVE-2001-0613 25 Oct 2004 5 (v2) Medium Pass FuseTalk Forum img src Tag XSS CVE-2004-1594 17 Oct 2004 4.3 (v2) Medium Pass Open WebMail userstat.pl Arbitrary Command Execution 21 Oct 2004 7.5 (v2) High Pass Coppermine Photo Gallery Voting Restriction Bypass 21 Oct 2004 5 (v2) Medium Pass Abyss Web Server MS-DOS Device Name DoS 25 Oct 2004 7.8 (v2) High Pass Hydra: rexec 01 Dec 2004 7.5 (v2) High Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10759) (SWEET32) CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2016-0702 CVE-2016-0703 CVE-2016-0704 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2180 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6305 CVE-2016-6306 CVE-2016-630705 Jan 2017 9.8 (v3) Critical Pass MoonLit Virus Backdoor Detection 30 Oct 2004 10 (v2) Critical Pass Netbilling nbmember.cgi cmd Parameter Information Disclosure CVE-2004-2732 21 Oct 2004 4.3 (v2) Medium Pass Cisco NX-OS NXAPI Multiple Vulnerabilities. CVE-2018-0301 CVE-2018-0313 CVE-2018-0330 25 Jun 2018 9.8 (v3) Critical Pass IBM Lotus Notes/Domino Square Brackets Encoding Failure XSS CVE-2004-1621 19 Oct 2004 4.3 (v2) Medium Pass MailEnable Professional Webmail < 1.5.1 Unspeciﬁed Vulnerability 03 Nov 2004 7.5 (v2) High Pass Hydra: SAP R3 01 Dec 2004 7.5 (v2) High Pass Check Point InterSpect Detection 03 Nov 2004 None Pass Cherokee Web Server Malformed POST Request Remote DoS CVE-2003-1198 04 Nov 2004 5 (v2) Medium Pass ArGoSoft FTP Server .lnk Shortcut Upload Arbitrary File Manipulation CVE-2004-2672 04 Nov 2004 7.5 (v2) High Pass Caudium Web Server Malformed URI Remote DoS 04 Nov 2004 5 (v2) Medium Pass Cherokee Web Server auth_pam Authentication Format String CVE-2004-1097 03 Nov 2004 7.5 (v2) High Pass BNC IRC Server Incorrect Password Authentication Bypass CVE-2004-2612 13 Nov 2004 7.5 (v2) High Pass EGroupWare Multiple Vulnerabilities (SQLi, ID) CVE-2005-1129 CVE-2005-1202 CVE-2005-1203 13 Nov 2004 7.5 (v2) High Pass PostNuke Detection 13 Nov 2004 7.5 (v2) High Pass Cherokee Web Server Error Page XSS CVE-2004-2171 03 Nov 2004 4.3 (v2) Medium Pass TikiWiki tiki-error.php XSS 13 Nov 2004 4.3 (v2) Medium Pass TeeKai Tracking Online XSS CVE-2002-2055 13 Nov 2004 4.3 (v2) Medium Pass PowerPortal index.php index_page Parameter SQL Injection 18 Nov 2004 7.5 (v2) High Pass SlimFTPd Multiple Command Handling Overﬂow CVE-2004-2418 CVE-2005-2373 13 Nov 2004 9 (v2) High Pass Cisco NX-OS Software NX-API Command Injection Vulnerability CVE-2019-1614 11 Mar 2019 8.8 (v3) High Pass Juniper Junos SRX Series Gateway Chassis Cluster ﬂowd Multicast Session DoS (JSA10768) CVE-2017-2300 20 Jan 2017 6.5 (v3) Medium Pass Multiple Vendor DNS Response Flooding Denial Of Service CVE-2004-0789 18 Nov 2004 5 (v2) Medium Pass PHP < 3.0 mylog.html/mlog.html Arbitrary File Access CVE-1999-0068 CVE-1999-0346 13 Nov 2004 5 (v2) Medium Pass CCProxy Logging Compoent HTTP GET Request Remote Overﬂow CVE-2004-2416 20 Nov 2004 7.5 (v2) High Pass ZyXEL Prestige Router Conﬁguration Reset CVE-2004-1540 22 Nov 2004 5 (v2) Medium Pass Digital Mappings Systems POP3 Server (pop3svr.exe) Multiple Field Remote Overﬂow CVE-2004-1533 22 Nov 2004 5 (v2) Medium Pass eGroupWare Detection 13 Nov 2004 None Pass CVSTrac Detection 13 Nov 2004 None Pass phpMyAdmin < 2.6.0-pl3 Multiple XSS CVE-2004-1055 19 Nov 2004 4.3 (v2) Medium Pass CCProxy Application Proxy Detection 20 Nov 2004 None Pass Nucleus CMS < 3.15 Multiple Vulnerabilities 23 Nov 2004 7.5 (v2) High Pass Youngzsoft CMailServer < 5.2.1 Multiple Remote Vulnerabilities CVE-2004-1128 CVE-2004-1129 CVE-2004-1130 24 Nov 2004 10 (v2) Critical Pass Open DC Hub RedirectAll Value Remote Overﬂow CVE-2004-1127 25 Nov 2004 9.3 (v2) High Pass GuildFTPd Long SITE Command Overﬂow CVE-2001-0770 30 Nov 2004 7.5 (v2) High Pass POP2 Cleartext Logins Permitted 30 Nov 2004 2.6 (v2) Low Pass POP3 Cleartext Logins Permitted 30 Nov 2004 2.6 (v2) Low Pass IMAP Service Cleartext Login Permitted 30 Nov 2004 2.6 (v2) Low Pass PAFileDB Multiple Script Error Message Path Disclosure 06 Dec 2004 5 (v2) Medium Pass WS_FTP Server Multiple Command Remote Overﬂow DoS CVE-2004-1135 30 Nov 2004 10 (v2) Critical 11

Pass PHPNews sendtofriend.php 'mid' Parameter SQLi CVE-2004-2474 30 Nov 2004 7.5 (v2) High Pass SSL Certiﬁcate Expiry 03 Dec 2004 5.3 (v3) Medium Pass Hydra: POP3 01 Dec 2004 7.5 (v2) High Pass Hydra: SOCKS5 01 Dec 2004 7.5 (v2) High Pass Hydra: SSH2 01 Dec 2004 10 (v2) Critical Pass Hydra: VNC 01 Dec 2004 10 (v2) Critical Pass Hydra: NNTP 01 Dec 2004 7.5 (v2) High Pass Apache on Mac OS X HFS+ Arbitrary File Source Disclosure CVE-2004-1083 CVE-2004-1084 09 Dec 2004 5 (v2) Medium Pass OpenText FirstClass HTTP Daemon /Search Large Request Remote DoS CVE-2004-2496 11 Dec 2004 7.8 (v2) High Pass PunBB Search Dropdown Private Forum Disclosure 13 Dec 2004 5 (v2) Medium Pass F-Secure Policy Manager Path Disclosure CVE-2004-1223 10 Dec 2004 5 (v2) Medium Pass PunBB proﬁle.php XSS 13 Dec 2004 4.3 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1q Multiple DoS CVE-2015-3194 CVE-2015-3195 07 Dec 2015 5.3 (v3) Medium Pass SugarSales Multiple Module Traversal Arbitrary File Access 13 Dec 2004 5 (v2) Medium Pass UseModWiki wiki.pl XSS CVE-2004-1397 14 Dec 2004 4.3 (v2) Medium Pass ASP-Rider verify.asp username Parameter SQL Injection CVE-2004-1401 14 Dec 2004 7.5 (v2) High Pass PunBB < 1.1.2 install.php XSS 13 Dec 2004 4.3 (v2) Medium Pass Serendipity compat.php searchTerm Parameter XSS CVE-2004-2525 06 Dec 2004 4.3 (v2) Medium Pass Samba smbd Security Descriptor Parsing Remote Overﬂow CVE-2004-1154 16 Dec 2004 10 (v2) Critical Pass phpGroupWare Detection 16 Dec 2004 None Pass Ikonboard ikonboard.cgi Multiple Parameter SQL Injection CVE-2004-1406 16 Dec 2004 7.5 (v2) High Pass Singapore Gallery < 0.9.11 Multiple Vulnerabilities CVE-2004-1407 CVE-2004-1408 CVE-2004-1409 16 Dec 2004 6.5 (v2) Medium Pass ArGoSoft Mail Server Unspeciﬁed XSS 20 Dec 2004 5.8 (v2) Medium Pass Brightmail AntiSpam bmagent Multiple Remote Vulnerabilities (DoS, Traversal) CVE-2006-4013 CVE-2006-4014 04 Aug 2006 7.6 (v2) High Pass ViewCVS < 1.0.0 Multiple Vulnerabilities CVE-2004-1062 CVE-2005-4830 CVE-2005-4831 28 Dec 2004 4.3 (v2) Medium Pass Owl < 0.74.0 Multiple Vulnerabilities CVE-2005-0264 CVE-2005-0265 28 Dec 2004 7.5 (v2) High Pass SHOUTcast Server Filename Handling Format String CVE-2004-1373 28 Dec 2004 7.5 (v2) High Pass WU-FTPD wu_fnmatch() Function File Globbing Remote DoS CVE-2005-0256 23 Mar 2005 7.8 (v2) High Pass ISC BIND < 8.4.6 q_usedns Array Remote Overﬂow DoS CVE-2005-0033 26 Jan 2005 5 (v2) Medium Pass Squid NTLM Component fakeauth Multiple Remote DoS CVE-2005-0096 CVE-2005-0097 13 Jan 2005 5.3 (v3) Medium Pass Macallan Mail Solution Web Interface Authentication Bypass 13 Jan 2005 5 (v2) Medium Pass IlohaMail Conﬁguration Scripts Remote Disclosure 13 Jan 2005 5 (v2) Medium Pass Invision Community Blog Module eid Parameter SQL Injection CVE-2005-0217 13 Jan 2005 7.5 (v2) High Pass Symantec Web Security (SWS) Multiple Vulnerabilities CVE-2007-0563 CVE-2007-0564 07 Jun 2007 4.3 (v2) Medium Pass IlohaMail Multiple Conﬁguration Files Remote Information Disclosure 12 Jan 2005 5 (v2) Medium Pass Novell GroupWise WebAccess WebAccessUninstall.ini Information Disclosure 15 Jan 2005 5 (v2) Medium Pass Default Password (zebra) for Zebra 19 Jan 2005 10 (v2) Critical Pass SiteMinder smpwservicescgi.exe Arbitrary Site Redirect 17 Jan 2005 4.7 (v3) Medium Pass Novell GroupWise WebAccess Error Handler Authentication Bypass CVE-2005-0296 17 Jan 2005 5 (v2) Medium Pass BiTBOARD IMG BBCode Tag XSS CVE-2005-0374 18 Jan 2005 3.5 (v2) Low Pass ITA Forum Multiple Scripts SQL Injection 18 Jan 2005 7.5 (v2) High Pass pLog register.php Multiple Parameter XSS 19 Jan 2005 4.3 (v2) Medium Pass Chipmunk Forum Multiple SQL Injections 08 Feb 2005 7.5 (v2) High Pass JAWS index.php gadget Parameter Traversal Arbitrary File Access CVE-2004-2445 18 Jan 2005 5 (v2) Medium Pass FKey Arbitrary Remote File Disclosure 21 Jan 2005 5 (v2) Medium Pass Citadel/UX select() Bitmap Array Index Remote Oerﬂow 25 Jan 2005 10 (v2) Critical Pass VERITAS Backup Exec Agent Browser Registration Request Remote Overﬂow CVE-2004-1172 24 Jan 2005 10 (v2) Critical Pass ExBB Netsted BBcode XSS 20 Jan 2005 3.5 (v2) Low Pass Exponent CMS Multiple Script pathos_core_version Parameter Path Disclosure CVE-2005-0310 25 Jan 2005 5 (v2) Medium Pass WebWasher Classic Server Mode Arbitrary Proxy CONNECT Request CVE-2005-0316 31 Jan 2005 7.5 (v2) High Pass CoolForum Multiple SQL Injections 29 Jan 2005 7.5 (v2) High Pass ht://Dig htsearch.cgi conﬁg Parameter XSS CVE-2005-0085 08 Feb 2005 4.3 (v2) Medium Pass ArGoSoft FTP Server < 1.4.2.8 Multiple .LNK File Handling Vulnerabilities CVE-2005-0519 CVE-2005-0520 09 Feb 2005 10 (v2) Critical Pass Sami HTTP Server Multiple Remote Vulnerabilities 16 Feb 2005 6.4 (v2) Medium Pass Mambo Site Server mos_change_template XSS CVE-2004-1825 07 Feb 2005 4.3 (v2) Medium Pass PerlDesk kb.cgi view Parameter SQL Injection CVE-2005-0343 08 Feb 2005 7.5 (v2) High Pass ﬁngerd Remote Overﬂow 18 Feb 2005 10 (v2) Critical Pass HTTP Proxy CONNECT Loop DoS 20 Feb 2005 5 (v2) Medium Pass osCommerce contact_us.php enquiry Parameter XSS CVE-2005-0458 16 Feb 2005 4.3 (v2) Medium Pass Open WebMail openwebmail.pl logindomain Parameter XSS CVE-2005-0445 16 Feb 2005 4.3 (v2) Medium Pass MS11-004: Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256) (uncrCVE-2010-3972 edentialed check) 11 Feb 2011 9.8 (v3) Critical Pass Blazix Trailing Character JSP Source Disclosure CVE-2002-1451 19 Feb 2005 5 (v2) Medium Pass pMachine mail_autocheck.php Arbitrary Code Execution CVE-2005-0513 19 Feb 2005 7.3 (v3) High Pass News Server (NNTP) Anonymous Read / Write Access 23 Feb 2005 6.4 (v2) Medium Pass CA License Service Multiple Vulnerabilities CVE-2005-0581 CVE-2005-0582 CVE-2005-0583 10 Mar 2005 10 (v2) Critical Pass Tomcat Sample App cal2.jsp 'time' Parameter XSS CVE-2009-0781 09 Mar 2009 5.3 (v3) Medium Pass SocialEngine Blog Plugin category_id Parameter SQL Injection CVE-2009-0400 06 Feb 2009 7.5 (v2) High Pass RaidenHTTPD < 1.1.34 Multiple Remote Vulnerabilities 01 Mar 2005 10 (v2) Critical Pass PunBB < 1.2.2 Multiple Input Validation Vulnerabilities CVE-2005-0569 CVE-2005-0570 CVE-2005-0571 26 Feb 2005 7.5 (v2) High Pass Verity Ultraseek Search Request XSS CVE-2005-0514 28 Feb 2005 4.3 (v2) Medium Pass IDA Pro Disassembler Software Detection 03 Mar 2005 None Pass vBulletin Detection 07 Mar 2005 None Pass Stadtaus PHP Form Mail formmail.inc.php Remote File Inclusion CVE-2005-0678 07 Mar 2005 6.8 (v2) Medium Pass FCKeditor for PHP-Nuke Arbitrary File Upload CVE-2005-0613 01 Mar 2005 7.5 (v2) High Pass ESXi 5.1 < Build 3070626 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)CVE-2015-6933 15 Jan 2016 6.3 (v3) Medium Pass Nabopoll survey.inc.php path Parameter Remote File Inclusion CVE-2005-2157 05 Jul 2005 6.8 (v2) Medium Pass ZyXEL Routers Default Web Account CVE-2001-1135 CVE-1999-0571 10 Mar 2005 10 (v2) Critical Pass CopperExport XP_Publish.PHP SQL Injection Vulnerability CVE-2005-0697 10 Mar 2005 6.5 (v2) Medium Pass PlatinumFTPServer username Multiple Connection Handling Remote Format String CVE-2005-0779 14 Mar 2005 5 (v2) Medium Pass Fortinet FortiGate Web Console Management Detection 18 Mar 2005 None Pass Check Point Secure Platform Detection 21 Mar 2005 None Pass paBox pabox.php posticon Parameter XSS 16 Mar 2005 4.3 (v2) Medium Pass paFileDB <= 3.1 Multiple Vulnerabilities (2) CVE-2004-1219 CVE-2004-1551 CVE-2004-1975 CVE-2005-0326 CVE-2005-0327 CVE-2005-0723 CVE-2005-0724 CVE-2005-0781 CVE-2005-078215 Mar 2005 6.8 (v2) Medium Pass LSH lshd parse_kexinit() Function Malformed Key Exchange Message Remote DoS CVE-2005-0814 17 Mar 2005 5 (v2) Medium Pass NetWin SurgeMail Multiple Remote Unspeciﬁed Vulnerabilities CVE-2005-0845 CVE-2005-0846 22 Mar 2005 7.5 (v2) High Pass Cisco IOS Device TFTP Certiﬁcate Authority (CA) File Detection 16 Mar 2005 5 (v2) Medium Pass FileZilla FTP Server Multiple DoS CVE-2005-0850 CVE-2005-0851 22 Mar 2005 7.8 (v2) High Pass DeleGate < 8.11 Multiple Unspeciﬁed Overﬂows CVE-2005-0861 22 Mar 2005 10 (v2) Critical Pass NFX Series: Authentication Bypass Vulnerability Juniper Device Manager (JDM) (JSA10955) CVE-2019-0057 25 Oct 2019 7.8 (v3) High Pass Horde Parent Frame Page Title XSS CVE-2005-0961 30 Mar 2005 4.3 (v2) Medium Pass CPG Dragonﬂy Multiple XSS CVE-2005-0914 29 Mar 2005 4.3 (v2) Medium Pass Squirrelcart index.php Multiple Parameter SQL Injection CVE-2005-0962 30 Mar 2005 7.5 (v2) High Pass Apache mod_negotiation Multi-Line Filename Upload Vulnerabilities CVE-2008-0455 CVE-2008-0456 18 Nov 2011 5.3 (v3) Medium Pass Oracle HTTP Server (January 2006 CPU) CVE-2006-0286 CVE-2006-0287 21 Nov 2011 10 (v2) Critical Pass Apple iTunes < 8.2 itms: URI Handling Overﬂow (uncredentialed check) CVE-2009-0950 02 Jun 2009 9.3 (v2) High Pass Apache Mixed Platform AddType Directive Information Disclosure CVE-2007-6514 18 Nov 2011 5.6 (v3) Medium Pass OpenSSH < 1.2.2 sshd Local TCP Redirection Connection Masking Weakness CVE-2000-0143 18 Nov 2011 4.6 (v2) Medium Pass OpenSSH < 3.6.1p2 Multiple Vulnerabilities CVE-2002-0746 18 Nov 2011 7.2 (v2) High Pass Oracle 9i Application Server HTTP Request Smuggling CVE-2005-2093 18 Nov 2011 4.3 (v2) Medium Pass OpenSSL < 0.9.6b Predictable Random Generator CVE-2001-1141 04 Jan 2012 5 (v2) Medium Pass OpenSSH >= 2.3.0 AllowTcpForwarding Port Bouncing CVE-2004-1653 01 Dec 2011 6.4 (v2) Medium Pass OpenSSL < 0.9.6f Denial of Service CVE-2002-1568 04 Jan 2012 5 (v2) Medium Pass OpenSSL < 0.9.6k Denial of Service CVE-2003-0543 CVE-2003-0544 04 Jan 2012 5 (v2) Medium Pass OpenSSL < 0.9.6l Denial of Service CVE-2003-0851 04 Jan 2012 5 (v2) Medium Pass Cisco NX-OS DHCPv4 Crafted Packet DoS (cisco-sa-20161005-dhcp2) CVE-2015-6393 22 Nov 2016 7.5 (v3) High Pass OpenSSL < 0.9.7c ASN.1 Decoding Vulnerabilities CVE-2003-0543 CVE-2003-0544 CVE-2003-0545 04 Jan 2012 10 (v2) Critical Pass OpenSSL < 0.9.7k / 0.9.8c PKCS Padding RSA Signature Forgery Vulnerability CVE-2006-4339 04 Jan 2012 4.3 (v2) Medium Pass OpenSSL < 0.9.8 Weak Default Conﬁguration CVE-2005-2946 04 Jan 2012 5 (v2) Medium Pass OpenSSL < 0.9.8f Multiple Vulnerabilities CVE-2007-3108 CVE-2007-4995 04 Jan 2012 9.3 (v2) High Pass OpenSSL < 0.9.7-beta3 Buﬀer Overﬂow CVE-2002-0657 04 Jan 2012 7.5 (v2) High Pass Simple Form Subject Tags Arbitrary Mail Relay 13 Sep 2004 5 (v2) Medium Pass OpenSSL < vA.00.09.07l on HP-UX Local Denial of Service CVE-2007-5536 04 Jan 2012 4.9 (v2) Medium 12

Pass OpenSSL < 0.9.8j Signature Spooﬁng CVE-2008-5077 04 Jan 2012 5.8 (v2) Medium Pass Big Brother bb-hist.sh History Module Directory Traversal CVE-1999-1462 22 Jun 1999 5 (v2) Medium Pass MDaemon WebConﬁg HTTP Server URL Overﬂow DoS CVE-1999-0844 24 Nov 1999 5 (v2) Medium Pass Linux Kernel UDP Implementation IP Identiﬁcation Field Remote OS Disclosure CVE-2002-0510 20 Jan 2012 5.3 (v3) Medium Pass OpenSSH < 2.1.1p3 Format String Privilege Escalation CVE-2000-0999 18 Jan 2012 10 (v2) Critical Pass SiteEnable Multiple Input Validation Vulnerabilities CVE-2005-1011 CVE-2005-1012 05 Apr 2005 7.5 (v2) High Pass Google Mini Search Appliance search Script ie Parameter XSS CVE-2007-5255 02 Oct 2007 4.3 (v2) Medium Pass SurgeFTP LEAK Command Remote DoS CVE-2005-1034 08 Apr 2005 5 (v2) Medium Pass icat carbo.dll icatcommand Parameter Traversal Arbitrary File Access CVE-1999-1069 22 Jun 1999 5 (v2) Medium Pass RunCMS Remote Arbitrary File Upload CVE-2005-1031 06 Apr 2005 6 (v2) Medium Pass Active Auction Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1029 CVE-2005-1030 07 Apr 2005 7.5 (v2) High Pass ProﬁtCode PayProCart usrdetails.php sgnuptype Parameter XSS CVE-2005-1004 07 Apr 2005 4.3 (v2) Medium Pass Multiple Unix Netstat Service Remote Information Disclosure CVE-1999-0650 22 Jun 1999 5 (v2) Medium Pass MS05-017: Vulnerability in MSMQ Could Allow Code Execution (892944) (uncredentialed check) CVE-2005-0059 12 Apr 2005 10 (v2) Critical Pass CA BrightStor ARCserve Backup Universal Agent Remote Overﬂow (QO66526) CVE-2005-1018 13 Apr 2005 10 (v2) Critical Pass Comersus Cart comersus_searchItem.asp curPage Parameter XSS CVE-2005-1188 12 Apr 2005 4.3 (v2) Medium Pass HP StorageWorks MSA P2000 Hidden 'admin' User Default Credentials CVE-2010-4115 23 Dec 2010 9.8 (v3) Critical Pass PeerCast Detection 06 Jun 2005 None Pass Sun Java System Web Server Search Module XSS CVE-2008-2166 09 May 2008 4.3 (v2) Medium Pass Sun Java System Web Proxy Server Unspeciﬁed Remote Overﬂow CVE-2005-1232 21 Apr 2005 7.5 (v2) High Pass UBB.threads < 6.5.2 beta Multiple Vulnerabilities CVE-2005-1199 CVE-2005-2057 CVE-2005-2058 CVE-2005-2059 CVE-2005-2060 CVE-2005-2061 20 Apr 2005 7.5 (v2) High Pass MailEnable HTTPMail Service Authorization Header Remote Overﬂow 25 Apr 2005 10 (v2) Critical Pass Xerox WorkCentre Device Detection 26 Apr 2005 None Pass TFS SMTP 3.2 MAIL FROM overﬂow CVE-1999-1516 08 Sep 1999 7.5 (v2) High Pass Horde Chora common-footer.inc Page Title XSS 26 Apr 2005 4.3 (v2) Medium Pass Intersoft NetTerm Netftpd USER Command Remote Overﬂow CVE-2005-1323 26 Apr 2005 7.5 (v2) High Pass XtraMail Control Service Username Overﬂow CVE-1999-1511 10 Nov 1999 7.5 (v2) High Pass Trend Micro TMCM Console Management Detection 02 May 2005 5 (v2) Medium Pass Websense Reporting Console Detection 02 May 2005 5 (v2) Medium Pass MaxWebPortal <= 1.35 Multiple Vulnerabilities CVE-2005-1561 CVE-2005-1562 12 May 2005 7.5 (v2) High Pass EMC Avamar Server Incorrect Permission Assignment Vulnerability (DSA-2019-138) CVE-2019-3765 01 Nov 2019 8.1 (v3) High Pass PHP-Calendar includes/search.php Multiple Parameter SQL Injection CVE-2005-1397 29 Apr 2005 7.5 (v2) High Pass RM SafetyNet Plus snpﬁltered.pl u Parameter XSS 02 May 2005 4.3 (v2) Medium Pass Oracle Application Server Webcache Requests OHS mod_access Restriction Bypass CVE-2005-1383 02 May 2005 2.1 (v2) Low Pass Open WebMail Shell Escape Arbitrary Command Execution CVE-2005-1435 04 May 2005 6.5 (v2) Medium Pass Interspire ArticleLive Multiple Remote Vulnerabilities (XSS, Auth Bypass) CVE-2005-1482 CVE-2005-1483 05 May 2005 7.5 (v2) High Pass Kerio MailServer < 6.0.10 Multiple Mail Handling DoS 14 May 2005 4 (v2) Medium Pass Golden FTP Server Pro GET Traversal Arbitrary File Access CVE-2005-1484 04 May 2005 5.3 (v3) Medium Pass 602LAN SUITE Open Telnet Proxy 09 May 2005 5 (v2) Medium Pass PwsPHP proﬁl.php id Parameter XSS CVE-2005-1508 10 May 2005 6.8 (v2) Medium Pass Junos OS: srxpfe PIM DoS (JSA10976) CVE-2019-0075 04 Nov 2019 7.5 (v3) High Pass RaidenFTPD urlget Command Traversal Arbitrary File Access CVE-2005-1480 11 May 2005 5 (v2) Medium Pass McAfee E-Business Administration Agent Detection 27 Apr 2007 None Pass ITHouse Mail Server v1.04 To: Field Handling Overﬂow CVE-2000-0488 02 Jul 2000 10 (v2) Critical Pass JRun viewsource.jsp Directory Traversal Arbitrary File Access CVE-2000-0540 22 Jun 2000 5 (v2) Medium Pass boastMachine users.inc.php File Extension Validation Arbitrary File Upload CVE-2005-1580 12 May 2005 6.5 (v2) Medium Pass GoodTech SMTP Server Malformed RCPT TO Command DoS CVE-2005-1931 08 Jun 2005 5 (v2) Medium Pass TFTP Backdoor Detection 16 May 2005 10 (v2) Critical Pass Ultimate PHP Board < 1.9.7 viewforum.php Multiple Vulnerabilities CVE-2005-1614 CVE-2005-1615 CVE-2005-1616 14 May 2005 7.5 (v2) High Pass MailEnable HTTPMail Service Authorization Header Handling Remote DoS CVE-2004-2726 03 Sep 2004 5 (v2) Medium Pass CVSweb 1.80 cvsweb.cgi Arbitrary Command Execution CVE-2000-0670 15 Jul 2000 7.5 (v2) High Pass WebAPP apage.cgi f Parameter Arbitrary Command Execution CVE-2005-1628 17 May 2005 7.5 (v2) High Pass Allied Telesyn Router/Switch Default Password CVE-1999-0508 03 Jun 2005 10 (v2) Critical Pass Xerox DocuCentre / WorkCentre Postscript Interpreter Traversal (XRX05-001) 16 May 2005 7.8 (v2) High Pass Xerox Document Centre MicroServer Web Server Directory Navigation Crafted URL DoS (XRX05-004) 16 May 2005 7.8 (v2) High Pass ignitionServer < 0.3.6-P1 Multiple Vulnerabilities CVE-2005-1640 CVE-2005-1641 17 May 2005 7.5 (v2) High Pass Microsoft IIS Frontpage Server Extensions (FPSE) Malformed Form DoS CVE-2001-0096 22 Jul 2003 7.8 (v2) High Pass WebAPP Detection 17 May 2005 None Pass Junos OS: Insecure PKI key pair export ﬁle permissions (JSA10974) CVE-2019-0073 05 Nov 2019 7.1 (v3) High Pass Symantec Messaging Gateway 10.x < 10.6.3-266 Multiple Vulnerabilities (SYM17-004) CVE-2017-6324 CVE-2017-6325 CVE-2017-6326 30 Jun 2017 10 (v3) Critical Pass NETFile Default Credentials 17 May 2005 7.5 (v2) High Pass Fusion News comments.php X-Forwarded-For HTTP Header Arbitrary Code Injection 19 May 2005 7.5 (v2) High Pass Sambar Server Administrative Interface Multiple XSS 24 May 2005 4.3 (v2) Medium Pass Qpopper < 4.0.6 Multiple Insecure File Handling Local Privilege Escalation CVE-2005-1151 CVE-2005-1152 24 May 2005 7.2 (v2) High Pass SMTP Server Non-standard Port Detection 29 May 2005 5 (v2) Medium Pass Hosting Controller addsubsite.asp Security Bypass CVE-2005-1654 24 May 2005 5 (v2) Medium Pass Athena Web Registration athenareg.php pass Parameter Command Execution CVE-2004-1782 27 May 2005 7.5 (v2) High Pass MaxWebPortal memKey Parameter SQL Injection CVE-2005-1779 26 May 2005 7.5 (v2) High Pass IRC Bot Detection 29 May 2005 10 (v2) Critical Pass slident / fake identd Detection 27 May 2005 None Pass Entropy Gathering Daemon (EGD) Detection 29 May 2005 None Pass Apple iTunes < 12.6.2 Multiple Vulnerabilities (uncredentialed check) CVE-2017-7010 CVE-2017-7012 CVE-2017-7013 CVE-2017-7018 CVE-2017-7019 CVE-2017-7020 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7040 CVE-2017-7041 CVE-2017-7042 CVE-2017-7043 CVE-2017-7046 CVE-2017-7048 CVE-2017-7049 CVE-2017-7052 CVE-2017-7053 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-706425 Jul 2017 7.8 (v3) High Pass PeerCast URL Error Message Format String CVE-2005-1806 06 Jun 2005 7.5 (v2) High Pass Junos OS: SIP ALG ﬂowd DoS (JSA10953) CVE-2019-0055 05 Nov 2019 7.5 (v3) High Pass Juniper JSA10940 CVE-2015-6564 CVE-2015-8325 CVE-2016-6210 CVE-2016-6515 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 06 Nov 2019 7.8 (v3) High Pass Junos OS: MC-LAG DoS (JSA10966) CVE-2019-0067 06 Nov 2019 6.5 (v3) Medium Pass MiniShare Webserver HTTP GET Request Remote Overﬂow CVE-2004-2271 06 Jun 2005 7.5 (v2) High Pass Juniper JSA10949 CVE-2019-1559 06 Nov 2019 5.9 (v3) Medium Pass Enterasys Dragon Enterprise Reporting Detection 20 Jun 2005 None Pass Intrusion.com SecureNet Provider Detection 20 Jun 2005 None Pass Intrusion.com SecureNet Sensor Detection 20 Jun 2005 None Pass Juniper JSA10947 CVE-2019-0053 06 Nov 2019 7.8 (v3) High Pass Novell ZENworks Multiple Remote Pre-Authentication Overﬂows CVE-2005-1543 17 Jun 2005 10 (v2) Critical Pass VERITAS Backup Exec Agent for Windows CONNECT_CLIENT_AUTH Remote Overﬂow CVE-2005-0773 23 Jun 2005 10 (v2) Critical Pass SSH Tectia Server Host Authentication Authorization Bypass Vulnerability CVE-2005-4310 16 Dec 2005 7.5 (v2) High Pass Simple Machines Forum msg Parameter SQL Injection Vulnerability 23 Jun 2005 7.5 (v2) High Pass DUforum Multiple Scripts SQL Injection CVE-2005-2048 28 Jun 2005 7.5 (v2) High Pass DUportal Pro Multiple Scripts SQL Injection (2) CVE-2005-2045 28 Jun 2005 7.5 (v2) High Pass Zyxel D1000 CWMP Get Default Password 12 Jan 2017 9.8 (v3) Critical Pass Crob FTP Server < 3.6.1 build 263 Multiple Vulnerabilities CVE-2005-1873 CVE-2006-6558 20 Jul 2005 5 (v2) Medium Pass phpBB Fetch All < 2.0.12 Multiple Scripts SQL Injection 09 Aug 2004 7.5 (v2) High Pass K-COLLECT CSV_DB / i_DB csv_db.cgi ﬁle Parameter Arbitrary Command Execution 27 Jun 2005 7.5 (v2) High Pass GlobalSCAPE Secure FTP Server User Input Overﬂow CVE-2005-1415 06 Jul 2005 10 (v2) Critical Pass WPS Web-Portal-System wps_shop.cgi art Parameter Arbitrary Command Injection CVE-2005-2290 27 Jul 2005 7.5 (v2) High Pass Cisco IOS XE Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp) CVE-2017-3881 27 Mar 2017 9.8 (v3) Critical Pass phpBB < 2.0.16 viewtopic.php Highlighting Feature Arbitrary PHP Code Execution CVE-2005-2086 29 Jun 2005 7.5 (v2) High Pass DCE Services Enumeration 26 Aug 2001 None Pass Xerox WorkCentre Multiple Vulnerabilities (XRX05-006) CVE-2005-2200 CVE-2005-2201 CVE-2005-2202 08 Jul 2005 7.5 (v2) High Pass Symantec pcAnywhere Service Unrestricted Access CVE-1999-0508 07 Nov 2001 10 (v2) Critical Pass Sambar Server search.pl results.stm Overﬂow DoS 08 Jul 2005 7.5 (v2) High Pass Mac OS X < 10.3.4 Multiple Vulnerabilities CVE-2004-0171 CVE-2004-0430 CVE-2004-0485 CVE-2004-0513 CVE-2004-0514 CVE-2004-0515 CVE-2004-0516 CVE-2004-0517 CVE-2004-051801 Jun 2004 10 (v2) Critical Pass Sybase EAServer WebConsole jaqadmin Default Password 18 Jul 2005 7.5 (v2) High Pass SPiD lang.php lang_path Remote File Inclusion CVE-2005-2198 11 Jul 2005 6.8 (v2) Medium Pass PPA functions.inc.php conﬁg[ppa_root_path] Parameter Remote File Inclusion CVE-2005-2199 11 Jul 2005 7.5 (v2) High Pass PunBB < 1.2.6 Multiple Vulnerabilities CVE-2005-2193 10 Jul 2005 7.5 (v2) High Pass Hydra: MySQL 10 Jul 2005 7.5 (v2) High Pass SysV /bin/login Environment Remote Overﬂow (telnet check) CVE-2001-0797 15 Dec 2001 10 (v2) Critical Pass VP-ASP Multiple Script SQL Injection 20 Jul 2005 7.5 (v2) High Pass IBM Lotus Domino Server time/date Fields Remote Overﬂow CVE-2005-1101 20 Jul 2005 7.5 (v2) High Pass Puppet Enterprise 2015.x / 2016.x < 2016.4.0 Multiple Vulnerabilities CVE-2016-5715 29 Nov 2016 6.1 (v3) Medium Pass Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20100922-nat) CVE-2010-2831 CVE-2010-2832 CVE-2010-2833 10 Jan 2012 7.8 (v2) High Pass FTPshell Server 3.38 Malformed PORT/QUIT DoS CVE-2005-2426 27 Jul 2005 4 (v2) Medium 13

Pass BusinessMail Multiple SMTP Command Remote Buﬀer Overﬂows CVE-2005-2472 02 Aug 2005 10 (v2) Critical Pass Simplicity oF Upload download.php language Parameter Local File Inclusion CVE-2005-2607 01 Aug 2005 7.5 (v2) High Pass Check_MK 1.2.4 < 1.2.4p4 / 1.2.5 < 1.2.5i4 Multiple Vulnerabilities CVE-2014-5338 CVE-2014-5339 CVE-2014-5340 28 Jun 2017 8.1 (v3) High Pass Cisco VLAN Trunking Protocol Vulnerability (cisco-sr-20081105-vtp) CVE-2008-4963 10 Jan 2012 5.7 (v2) Medium Pass CA BrightStor ARCserve Backup Agent for Windows Long String Overﬂow CVE-2005-1272 05 Aug 2005 10 (v2) Critical Pass Jaws BlogModel.php path Parameter Remote File Inclusion CVE-2005-2179 08 Aug 2005 5 (v2) Medium Pass Linux lpd DVI Print Filter (dvips) Remote Command Execution CVE-2001-1002 08 Jun 2002 7.3 (v3) High Pass WordPress Cookie 'cache_lastpostdate' Parameter PHP Code Injection CVE-2005-2612 11 Aug 2005 6.8 (v2) Medium Pass w-Agora index.php site Parameter Traversal Arbitrary File Access CVE-2005-2648 22 Aug 2005 5 (v2) Medium Pass Cheops NG Unauthenticated Access 08 Nov 2005 6.4 (v2) Medium Pass VERITAS Backup Exec Remote Agent Static Password Arbitrary File Download CVE-2005-2611 12 Aug 2005 10 (v2) Critical Pass Apache Chunked Encoding Remote Overﬂow CVE-2002-0392 17 Jun 2002 7.3 (v3) High Pass Microsoft Windows NT 4.0 Unsupported Installation Detection 14 Sep 2005 10 (v2) Critical Pass HP Ignite-UX TFTP File Access Information Disclosure 26 Aug 2005 5 (v2) Medium Pass PHP TopSites setup.php Administration Authentication Bypass 24 Aug 2005 7.5 (v2) High Pass RunCMS <= 1.2 Multiple Vulnerabilities CVE-2005-2691 CVE-2005-2692 25 Aug 2005 7.5 (v2) High Pass VMware Virtual Machine Detection 27 Oct 2005 None Pass Boozt index.cgi Banner Creation Name Field Overﬂow CVE-2002-0098 18 Aug 2002 7.5 (v2) High Pass phpGraphy EXIF Data XSS CVE-2005-2735 27 Aug 2005 3.5 (v2) Low Pass eXtremail Multiple SMTP Command ﬂog Function Format String CVE-2001-1078 22 Aug 2002 7.5 (v2) High Pass MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (ECLIPSEDWING) (uncrCVE-2008-4250 edentialed check) 23 Oct 2008 9.8 (v3) Critical Pass Junos OS: Improper handling of speciﬁc IPv6 packets (JSA10982) CVE-2020-1603 21 Feb 2020 8.6 (v3) High Pass man2web Multiple Scripts Arbitrary Command Execution CVE-2005-2812 07 Sep 2005 7.5 (v2) High Pass Simple PHP Blog <= 0.4.0 Multiple Vulnerabilities CVE-2005-2733 CVE-2005-2787 27 Aug 2005 7.5 (v2) High Pass Looking Glass Multiple Vulnerabilities CVE-2005-2776 CVE-2005-2777 30 Aug 2005 7.5 (v2) High Pass Woltlab Burning Board modcp.php Multiple Parameter SQL Injection CVE-2005-2673 30 Aug 2005 4.6 (v2) Medium Pass Multiple OS /bin/login Remote Overﬂow CVE-2001-0797 03 Oct 2002 10 (v2) Critical Pass Xerox Document Centre MicroServer Web Server Multiple Vulnerabilities (XRX05-008) CVE-2005-2645 CVE-2005-2645 CVE-2005-2647 31 Aug 2005 7.5 (v2) High Pass DameWare Mini Remote Control Pre-Authentication Remote Overﬂow CVE-2003-1030 01 Sep 2005 10 (v2) Critical Pass DameWare Mini Remote Control Pre-Authentication Username Remote Overﬂow CVE-2005-2842 01 Sep 2005 10 (v2) Critical Pass Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak) CVE-2003-0001 14 Jan 2003 3.3 (v2) Low Pass CMSimple Guestbook Module index.php XSS 14 Sep 2005 4.3 (v2) Medium Pass Simple Machines Forum Avatar Information Disclosure Vulnerability CVE-2005-2817 31 Aug 2005 3.5 (v2) Low Pass Mac OS X 10.4.x < 10.4.10 IPv6 Type 0 Route Headers DoS CVE-2007-2242 21 Jun 2007 7.8 (v2) High Pass SlimFTPd Username/Password Overﬂow Remote DoS CVE-2005-2850 06 Sep 2005 5 (v2) Medium Pass Sun Java System Web Proxy Server Multiple Unspeciﬁed Remote DoS CVE-2005-4806 14 Sep 2005 5 (v2) Medium Pass CiscoWorks Management Console Detection 04 Sep 2005 None Pass Brightmail Control Center Default Password (symantec) for 'admin' Account 08 Sep 2005 7.5 (v2) High Pass MERCUR Messaging Control Server Multiple Buﬀer Overﬂows 08 Sep 2005 7.5 (v2) High Pass ATutor 1.5.1 Multiple Script XSS CVE-2005-2649 06 Sep 2005 4.3 (v2) Medium Pass NetVault Process Manager Service Detection 28 Jul 2007 None Pass ManageEngine Desktop Central statusUpdate Arbitrary File Upload RCE (intrusive check) CVE-2015-82001 25 Mar 2016 10 (v2) Critical Pass CGI Generic Cross-Site Request Forgery Detection (potential) 17 Nov 2011 6.5 (v3) Medium Pass HP Data Protector Detection 09 Sep 2005 None Pass OpenSSL < 0.9.6j / 0.9.7b Multiple Vulnerabilities CVE-2003-0078 CVE-2003-0131 CVE-2003-0147 20 Feb 2003 4.3 (v2) Medium Pass HP OpenView Topology Manager Daemon Detection 11 Sep 2005 None Pass HP OpenView UI Process Manager Daemon Detection 14 Sep 2005 None Pass HP OpenView NNM Alarm Service Detection 15 Sep 2005 None Pass Ventrilo Server Detection 17 Sep 2005 None Pass Ventrilo Server Malformed Status Query Remote DoS CVE-2005-2719 19 Sep 2005 5 (v2) Medium Pass Mac OS X 10.5.x < 10.5.1 Multiple Vulnerabilities CVE-2007-4702 CVE-2007-4703 CVE-2007-4704 16 Nov 2007 5.1 (v2) Medium Pass HP Integrated Lights-Out (iLO) Detection 09 Dec 2005 None Pass MERCUR Messaging < 2005 SP4 Multiple Remote DoS Vulnerabilities CVE-2006-7038 CVE-2006-7039 CVE-2006-7040 CVE-2006-7041 17 Jun 2006 7.8 (v2) High Pass Land Down Under HTTP Referer Header SQL Injection CVE-2005-4711 23 Sep 2005 6.8 (v2) Medium Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.17 / 7.0.x < 7.0.15 / 7.1.x < 7.1.10 / 8.0.x < 8.0.2 Multiple VulnerabilitiesCVE-2016-4971 CVE-2016-5696 CVE-2017-3731 CVE-2017-7409 CVE-2017-7644 CVE-2017-7945 25 May 2017 4.8 (v3) Medium Pass UW-IMAP Mailbox Name Buﬀer Overﬂow CVE-2005-2933 06 Oct 2005 6.5 (v2) Medium Pass Alkalay.Net Multiple Scripts Arbitrary Command Execution CVE-2005-3094 CVE-2005-3095 CVE-2005-3096 CVE-2005-3097 27 Sep 2005 7.5 (v2) High Pass Xen Guest Detection 10 Dec 2008 None Pass 3Com Network Supervisor Traversal Arbitrary File Access CVE-2005-2020 06 Oct 2005 7.8 (v2) High Pass CubeCart < 3.0.4 Multiple Script XSS CVE-2005-3152 06 Oct 2005 4.3 (v2) Medium Pass Mac OS X 10.6.x < 10.6.1 Multiple Vulnerabilities CVE-2009-1862 CVE-2009-1863 CVE-2009-1864 CVE-2009-1865 CVE-2009-1866 CVE-2009-1867 CVE-2009-1868 CVE-2009-1869 CVE-2009-187011 Sep 2009 10 (v2) Critical Pass IBM Tivoli Management Framework Endpoint addr URL Remote Buﬀer Overﬂow CVE-2011-1220 31 May 2011 9 (v2) High Pass FTP Service AUTH TLS Plaintext Command Injection CVE-2011-1575 09 May 2011 6.5 (v3) Medium Pass BMC Server Automation RSCD Agent ACL Bypass CVE-2016-1542 CVE-2016-1543 CVE-2016-5063 10 May 2016 5.3 (v3) Medium Pass Snitz Forums 2000 register.asp Email Parameter SQL Injection CVE-2003-0286 12 May 2003 7.5 (v2) High Pass IBM Storwize SSL/TLS RC4 Stream Cipher Key Invariance (Bar Mitzvah) CVE-2015-2808 16 Jun 2016 4.3 (v2) Medium Pass Apache 2.2.x < 2.2.18 APR apr_fnmatch DoS CVE-2011-0419 13 May 2011 5.3 (v3) Medium Pass Trend Micro OﬃceScan Client Detection 30 Oct 2005 None Pass e107 Detection 02 Nov 2005 None Pass Cheops-ng Cleartext Authentication Information Disclosure 08 Nov 2005 4.3 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 37 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-6167 CVE-2014-6174 CVE-2014-6457 CVE-2014-6512 CVE-2014-6558 CVE-2014-6593 CVE-2015-0400 CVE-2015-041017 Mar 2015 5 (v2) Medium Pass GO-Global Server Detection 10 Nov 2005 None Pass NetScaler Web Management ws/generic_api_call.pl standalone Parameter XSS CVE-2007-6037 06 Dec 2007 4.3 (v2) Medium Pass Multiple Vendor IRC Daemon Debug Format String CVE-2003-0478 27 Jun 2003 10 (v2) Critical Pass mod_mylo for Apache mylo_log Logging Function HTTP GET Overﬂow CVE-2003-0651 28 Jul 2003 7.5 (v2) High Pass Arista Networks EOS Mlag agent DOS (SA0032) CVE-2018-5255 21 Feb 2020 6.5 (v3) Medium Pass Cisco Wireless LAN Controller IPv6 UDP Packet Handling DoS (cisco-sa-20170405-wlc2) CVE-2016-9219 19 Apr 2017 7.5 (v3) High Pass Oracle GlassFish Server Multiple Vulnerabilities (July 2014 CPU) CVE-2013-1739 CVE-2013-1740 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2013-5855 CVE-2014-1490 CVE-2014-1491 CVE-2014-149218 Jul 2014 7.5 (v2) High Pass ProFTPD File Transfer Newline Character Overﬂow CVE-2003-0831 23 Sep 2003 9 (v2) High Pass MTA Open Mail Relaying Allowed (thorough test) CVE-1999-0512 CVE-2002-1278 CVE-2003-0285 26 Sep 2003 7.5 (v3) High Pass freeFTPd Multiple Command Malformed Argument Remote DoS CVE-2005-3812 29 Nov 2005 6.8 (v2) Medium Pass HP Smart Update Manager Remote Unauthorized Access. 24 Feb 2020 9.8 (v3) Critical Pass Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS - Cisco Systems CVE-2008-1152 01 Sep 2010 7.8 (v2) High Pass MySQL Enterprise Server 5.0 < 5.0.52 Multiple Vulnerabilities CVE-2007-5969 CVE-2007-6303 CVE-2007-6304 13 Dec 2007 4.6 (v2) Medium Pass Cisco IOS Secure Shell Denial of Service Vulnerabilities - Cisco Systems CVE-2008-1159 01 Sep 2010 7.5 (v2) High Pass NetInfo Arbitrary Remote File Access CVE-2001-1412 19 Oct 2003 5 (v2) Medium Pass Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks CVE-2008-1447 01 Sep 2010 6.4 (v2) Medium Pass ListManager < 8.9b Multiple Vulnerabilities CVE-2005-4143 CVE-2005-4144 CVE-2005-4146 CVE-2005-4147 CVE-2005-4148 12 Dec 2005 7.5 (v2) High Pass Les Visiteurs Multiple Remote File Inclusion CVE-2003-1148 27 Oct 2003 8.3 (v3) High Pass Novell NetMail IMAP Agent Long Verb Arguments Remote Overﬂow CVE-2005-3314 16 Dec 2005 7.5 (v2) High Pass Qualcomm WorldMail Multiple IMAP Command Remote Overﬂow CVE-2005-4267 20 Dec 2005 7.5 (v2) High Pass Golden FTP Server APPE Command Remote Overﬂow CVE-2005-4553 26 Dec 2005 7.5 (v2) High Pass Airport Administrative Traﬃc Detection (192/UDP) 27 Dec 2005 4.3 (v2) Medium Pass Webmin 'miniserv.pl' 'username' Parameter Format String CVE-2005-3912 26 Dec 2005 7.5 (v2) High Pass SandSurfer < 1.7.0 User Authentication Bypass CVE-2004-2087 16 Feb 2004 7.5 (v2) High Pass Sami HTTP Server 1.0.4 GET Request Remote Overﬂow CVE-2004-0292 22 Feb 2004 7.5 (v2) High Pass MS10-024: Microsoft Exchange Denial of Service (uncredentialed) CVE-2010-0024 CVE-2010-0025 CVE-2010-1689 CVE-2010-1690 03 Apr 2018 6.5 (v3) Medium Pass Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities CVE-2008-3799 CVE-2008-3800 CVE-2008-3801 CVE-2008-3802 01 Sep 2010 7.8 (v2) High Pass Cisco IOS Software Multiple Features IP Sockets Vulnerability CVE-2009-0630 01 Sep 2010 7.8 (v2) High Pass SpiderSales Shopping Cart SQL injection CVE-2004-0348 04 Mar 2004 10 (v2) Critical Pass cfWebStore Multiple Vulnerabilities (SQLi, XSS) CVE-2004-1806 14 Mar 2004 7.5 (v2) High Pass Geronimo Console Default Credentials 18 Jan 2006 7.5 (v2) High Pass ADOdb tmssql.php do Parameter Arbitrary PHP Function Execution CVE-2006-0147 10 Jan 2006 7.5 (v2) High Pass IBM Lotus Domino Server Crafted .nsf Request Traversal Arbitrary File Access CVE-2001-0009 25 May 2004 5 (v2) Medium Pass Lexmark / Dell Printer Unauthenticated Access CVE-1999-1061 13 May 2004 9 (v2) High Pass WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities CVE-2005-3187 CVE-2005-4085 10 Jan 2006 7.5 (v2) High Pass WinProxy < 6.1a Telnet Proxy Remote DoS CVE-2005-3654 10 Jan 2006 7.5 (v2) High Pass CORBA IIOP Listener Detection 17 Jan 2006 None Pass Farmers WIFE FTP Server Multiple Command Traversal Arbitrary File Creation CVE-2006-0319 20 Jan 2006 5 (v2) Medium Pass RPC rpcbind Non-standard Port Assignment Filter Bypass CVE-1999-0632 CVE-1999-0189 25 May 2007 4 (v2) Medium Pass Sun ONE Directory Server LDAP Malformed Packet DoS CVE-2006-0647 13 Feb 2006 5 (v2) Medium Pass Subversion < 1.0.5 svnserver svn:// Protocol Handler Remote Overﬂow CVE-2004-0413 22 Jun 2004 10 (v2) Critical 14

Pass Firebird / InterBase Database Server Detection 25 Aug 2006 None Pass MailEnable IMAP Server EXAMINE Command Remote DoS CVE-2006-0503 02 Feb 2006 5 (v2) Medium Pass TiVo Detection 29 Jan 2006 None Pass Inter-Asterisk eXchange Protocol Detection 01 Feb 2006 None Pass Pirelli AGE mB Router Default Password (microbusiness) for 'admin' Account CVE-1999-0502 09 Jul 2004 7.5 (v2) High Pass CommuniGate Pro Server < 5.0.7 LDAP BER Decoding Multiple Vulnerabilities CVE-2006-0468 31 Jan 2006 7.5 (v2) High Pass MailEnable Webmail Malformed Quoted-printable Email DoS (CVE-2006-0504) CVE-2006-0504 09 Feb 2006 5 (v2) Medium Pass LDAP Server Detection 10 Feb 2006 None Pass MS08-059: Microsoft Host Integration Server (HIS) SNA RPC Request Remote Overﬂow (956695) (uncredentialed check)CVE-2008-3466 15 Oct 2008 10 (v2) Critical Pass RunCMS Multiple Script bbPath Parameter Remote File Inclusion CVE-2006-0659 10 Feb 2006 6.8 (v2) Medium Pass NeoMail neomail.pl sort Parameter XSS CVE-2006-0536 16 Feb 2006 4.3 (v2) Medium Pass Phorum search.php subject Parameter XSS CVE-2004-2242 02 Aug 2004 4.3 (v2) Medium Pass Macallan IMAP Server Multiple Traversals Arbitrary File/Directory Manipulation CVE-2006-0798 17 Feb 2006 5.5 (v2) Medium Pass Xerox WorkCentre Multiple Vulnerabilities (XRX06-001) CVE-2006-0825 CVE-2006-0826 CVE-2006-0827 CVE-2006-0828 21 Feb 2006 7.5 (v2) High Pass 4D WebStar Arbitrary Multiple Vulnerabilities CVE-2004-0696 03 Aug 2004 5 (v2) Medium Pass Fedora Directory Server Crafted IFRAME adm.conf Admin Server Password Disclosure CVE-2005-3630 21 Feb 2006 5 (v2) Medium Pass ArGoSoft Mail Server _DUMP Command System Information Disclosure CVE-2006-0928 25 Feb 2006 5 (v2) Medium Pass Geeklog < 1.3.11sr4 / 1.4.0sr1 Multiple Remote Vulnerabilities (LFI, SQLi) CVE-2006-0823 CVE-2006-0824 22 Feb 2006 7.5 (v2) High Pass Arista Networks EOS/vEOS IP fragment DoS (SA0037) CVE-2018-5391 24 Feb 2020 7.5 (v3) High Pass TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products - Cisco Systems CVE-2008-4609 CVE-2009-0627 01 Sep 2010 7.8 (v2) High Pass MDaemon IMAP Server Mail Folder Name Format String CVE-2006-0925 28 Feb 2006 5 (v2) Medium Pass Cisco IOS Software Authentication Proxy Vulnerability - Cisco Systems CVE-2009-2863 01 Sep 2010 7.1 (v2) High Pass Cisco IOS Software H.323 Denial of Service Vulnerability - Cisco Systems CVE-2009-2866 01 Sep 2010 7.8 (v2) High Pass RaidenHTTPD Crafted Request Script Source Disclosure CVE-2006-0949 06 Mar 2006 5 (v2) Medium Pass Cisco Uniﬁed Operations Manager < 8.6 Multiple Vulnerabilities CVE-2011-0959 CVE-2011-0960 CVE-2011-0961 CVE-2011-0962 CVE-2011-0966 CVE-2011-2738 13 Oct 2011 10 (v2) Critical Pass Oracle Traﬃc Director Multiple Vulnerabilities (July 2014 CPU) CVE-2013-1739 CVE-2013-1740 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 31 Jul 2014 7.5 (v2) High Pass Cisco IOS Software Tunnels Vulnerability - Cisco Systems CVE-2009-2872 CVE-2009-2873 01 Sep 2010 7.1 (v2) High Pass Xerox WorkCentre Multiple Vulnerabilities (XRX06-002) CVE-2006-1136 CVE-2006-1137 CVE-2006-1138 08 Mar 2006 5 (v2) Medium Pass Cisco IOS Software H.323 Denial of Service Vulnerabilities (cisco-sa-20100324-h323) CVE-2010-0582 CVE-2010-0583 01 Sep 2010 7.8 (v2) High Pass PeerCast procConnectArgs() Function URL Handling Remote Overﬂow CVE-2006-1148 10 Mar 2006 7.5 (v2) High Pass Oracle Primavera Gateway (Apr 2021 CPU) CVE-2016-5725 CVE-2020-17521 22 Apr 2021 5.9 (v3) Medium Pass MERCUR Messaging IMAP Service Multiple Command Remote Overﬂow CVE-2006-1255 22 Mar 2006 10 (v2) Critical Pass Palo Alto Networks PAN-OS Firewall/Panorama WebUI Default Credentials 17 Dec 2013 7.3 (v3) High Pass Adobe Document Server File URI Arbitrary Resource Manipulation CVE-2006-1182 18 Mar 2006 2.6 (v2) Low Pass SynchronEyes Teacher Detection 13 Apr 2006 None Pass Jabber Studio jabberd SASL Negotiation Remote DoS CVE-2006-1329 23 Mar 2006 5 (v2) Medium Pass Multiple Slider Plugins for WordPress 'img' Parameter Local File Inclusion Vulnerability 13 Jan 2015 5 (v2) Medium Pass lighttpd on Windows < 1.4.10a Crafted Filename Request Script Source Disclosure CVE-2006-0814 27 Mar 2006 5.3 (v3) Medium Pass Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (cisco-sa-20100922-sip) CVE-2009-2051 CVE-2010-2835 22 Sep 2010 7.8 (v2) High Pass Zimbra Collaboration Server skin Parameter Traversal Local File Inclusion CVE-2013-7091 19 Feb 2014 5 (v2) Medium Pass Bitdefender GravityZone < 5.1.11.432 Information Disclosure CVE-2014-5350 25 Jul 2014 5 (v2) Medium Pass GlobalSCAPE Secure FTP Server (gsftps) Custom Command Long Parameter DoS CVE-2006-1693 07 Apr 2006 5 (v2) Medium Pass Novell eDirectory < 8.8 SP3 Multiple Vulnerabilities (OF, XSS, MC) CVE-2008-5091 CVE-2008-5092 CVE-2008-5093 CVE-2008-5094 CVE-2008-5095 16 Sep 2008 10 (v2) Critical Pass Mac OS X 10.6.x < 10.6.6 Multiple Vulnerabilities CVE-2010-4013 06 Jan 2011 7.6 (v2) High Pass Novell Messenger Messaging Agent Detection 19 Apr 2006 None Pass Coppermine Photo Gallery index.php ﬁle Parameter Local File Inclusion CVE-2006-1909 17 Apr 2006 7.5 (v2) High Pass Novell GroupWise Messenger Accept Language Remote Overﬂow CVE-2006-0992 19 Apr 2006 10 (v2) Critical Pass DeleGate DNS Response Message DoS CVE-2006-2072 26 Apr 2006 5 (v2) Medium Pass TLS Version 1.1 Protocol Detection (PCI DSS) 07 Aug 2020 8.2 (v3) High Pass ArGoSoft FTP Server RNTO Command Remote Buﬀer Overﬂow CVE-2006-2170 04 May 2006 6.4 (v2) Medium Pass EMC Retrospect Client Packet Handling Remote Overﬂow CVE-2006-2391 05 May 2006 7.5 (v2) High Pass Limbo CMS sql.php classes_dir Parameter Remote File Inclusion CVE-2006-2142 03 May 2006 6.4 (v2) Medium Pass Gene6 FTP Server Multiple Command Remote Overﬂows CVE-2006-2172 04 May 2006 7.5 (v2) High Pass Golden FTP Server Pro Multiple Command Remote Overﬂow DoS CVE-2006-2180 04 May 2006 6.4 (v2) Medium Pass XM Easy FTP Server USER Command Buﬀer Overﬂow CVE-2006-2225 11 May 2006 7.3 (v3) High Pass OpenVPN Unprotected Management Interface CVE-2006-2229 08 May 2006 4 (v2) Medium Pass Ipswitch WhatsUp Professional Multiple Vulnerabilities (XSS, Enum, ID) CVE-2006-2351 CVE-2006-2352 CVE-2006-2353 CVE-2006-2354 CVE-2006-2355 CVE-2006-2356 CVE-2006-2357 15 May 2006 5 (v2) Medium Pass WebCalendar Login Error Message User Account Enumeration CVE-2006-2247 16 May 2006 5 (v2) Medium Pass freeSSHd Key Exchange Algorithm String Remote Overﬂow CVE-2006-2407 22 May 2006 7.5 (v2) High Pass Resin for Windows Encoded URI Traversal Arbitrary File Access CVE-2006-1953 27 May 2006 7.8 (v2) High Pass BlackBerry Enterprise Service (BES) Management Console 12.x < 12.4.1 Multiple XSS CVE-2016-1916 CVE-2016-1917 CVE-2016-1918 CVE-2016-3126 03 Jun 2016 6.1 (v3) Medium Pass Sun Server Console Authentication Bypass CVE-2006-2513 26 May 2006 7.5 (v2) High Pass Cisco IOS Internet Key Exchange Vulnerability (cisco-sa-20120328-ike) CVE-2012-0381 02 Apr 2012 7.8 (v2) High Pass UBB.threads addpost_newpoll.php thispath Parameter Remote File Inclusion CVE-2006-2568 27 May 2006 5.1 (v2) Medium Pass Resin viewﬁle Servlet Arbitrary File Disclosure CVE-2006-2437 CVE-2006-2438 27 May 2006 5 (v2) Medium Pass Juniper Junos Multiple sﬁd Daemon Malformed Packet Remote DoS (PSN-2011-04-241) 22 Aug 2011 6.1 (v2) Medium Pass Juniper Junos debug.php J-Web Component Unauthenticated Debug Access (PSN-2011-02-158) 22 Aug 2011 4.8 (v2) Medium Pass SpamAssassin spamd Crafted Message Arbitrary Command Execution CVE-2006-2447 08 Jun 2006 5.1 (v2) Medium Pass WinGate POST Request Buﬀer Overﬂow CVE-2006-2926 09 Jun 2006 7.5 (v2) High Pass Cisco IOS Software Data-Link Switching Vulnerability (cisco-sa-20110928-dlsw) CVE-2011-0945 29 Sep 2011 7.8 (v2) High Pass IAXClient Open Source Library iax_net_read Function Packet Handling Remote Overﬂow CVE-2006-2923 12 Jun 2006 6.4 (v2) Medium Pass MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741) (uncredentialed check) CVE-2003-0813 CVE-2004-0116 CVE-2003-0807 CVE-2004-0124 16 Mar 2007 10 (v2) Critical Pass Cisco Application Policy Infrastructure Controller Privilege Escalation (cisco-sa-20190501-apic-priv-escalation)CVE-2019-1682 05 Aug 2020 7.8 (v3) High Pass IBM Lotus Domino SMTP Server Malformed Meeting Request (vCal) DoS CVE-2006-0119 29 Jun 2006 10 (v2) Critical Pass Juniper Junos MPC Malformed Route Preﬁx Remote DoS (PSN-2011-08-327) 10 Nov 2011 5.7 (v2) Medium Pass w-Agora inc_dir Parameter Remote File Inclusion 23 Jun 2006 7.5 (v2) High Pass Juniper Junos J-Web Administrator Logs XSS (PSN-2011-10-392) 10 Nov 2011 5 (v2) Medium Pass Apple iTunes AAC File Parsing Integer Overﬂow (uncredentialed check) CVE-2006-1467 30 Jun 2006 5.1 (v2) Medium Pass KVM / QEMU Guest Detection (uncredentialed check) 21 Nov 2011 None Pass phpFormGenerator Arbitrary File Upload 04 Jul 2006 7.5 (v2) High Pass Western Digital Arkeia lang Cookie Local File Inclusion 28 May 2014 5 (v2) Medium Pass McAfee Common Management Agent Traversal Arbitrary File Write CVE-2006-3623 14 Jul 2006 5.3 (v3) Medium Pass WinGate IMAP Server Directory Traversal Vulnerabilities CVE-2006-2917 11 Jul 2006 5.5 (v2) Medium Pass Juniper Junos MGD-CLI Arbitrary Command Execution (PSN-2011-11-418) 23 Jan 2012 7.2 (v2) High Pass Juniper Junos BGP UPDATE Malformed ATTR_SET Attribute Remote DoS (PSN-2012-01-472) 23 Jan 2012 4.3 (v2) Medium Pass Webmin Null Byte Filtering Information Disclosure CVE-2006-4542 02 Sep 2006 6.8 (v2) Medium Pass MyBB HTTP Header 'CLIENT-IP' Field SQLi CVE-2006-3775 17 Jul 2006 7.5 (v2) High Pass Juniper Junos BGP Multiple Remote DoS (PSN-2012-01-475) 23 Jan 2012 4.3 (v2) Medium Pass PatchLink Update Server proxyreg.asp Arbitrary Proxy Manipulation CVE-2006-3425 28 Jul 2006 7.5 (v2) High Pass eIQnetworks Enterprise Security Analyzer Syslog Server Multiple Remote Overﬂows CVE-2006-3838 02 Aug 2006 10 (v2) Critical Pass Hobbit Monitor conﬁg Method Traversal Arbitrary File Access CVE-2006-4003 08 Aug 2006 5 (v2) Medium Pass MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution (921883) (uncredentialed check)CVE-2006-3439 08 Aug 2006 10 (v2) Critical Pass ISC DHCP Server supersede_lease() Function DHCPDISCOVER Packet DoS CVE-2006-3122 04 Aug 2006 5 (v2) Medium Pass RMI Registry Detection 16 Aug 2006 None Pass Symantec SAVCE/Client Security Service Detection 21 Sep 2006 None Pass Informix Dynamic Server Multiple Remote Vulnerabilities CVE-2006-3853 CVE-2006-3855 CVE-2006-3856 CVE-2006-3857 CVE-2006-3858 CVE-2006-3860 CVE-2006-3861 CVE-2006-3862 16 Aug 2006 7.5 (v2) High Pass Cisco IOS Software Command Security Bypass (cisco-sa-20120328-pai) CVE-2012-0384 02 Apr 2012 8.8 (v3) High Pass IPCheck Server Monitor Traversal Arbitrary File Access CVE-2006-4140 14 Aug 2006 5 (v2) Medium Pass Juniper Junos J-Web CPU Utilization DoS (PSN-2012-04-547) 25 Apr 2012 5 (v2) Medium Pass osCommerce shopping_cart.php id Array Parameters SQL Injection CVE-2006-4297 23 Aug 2006 7.5 (v2) High Pass Zend Session Clustering Daemon PHP Session Identiﬁer Remote Overﬂow CVE-2006-4431 29 Aug 2006 7.5 (v2) High Pass Juniper Junos MPLS DoS (PSN-2012-04-546) 25 Apr 2012 5.4 (v2) Medium Pass Juniper Junos SRX Series for the Data Center Memory Corruption (PSN-2012-04-548) 25 Apr 2012 7.5 (v2) High Pass Fuji Xerox Printing Systems (FXPS) Print Engine Crafted Request HTTP Authentication Bypass CVE-2006-2113 29 Aug 2006 6.4 (v2) Medium Pass ISC BIND 9 Multiple Remote DoS CVE-2006-2073 CVE-2006-4095 CVE-2006-4096 07 Sep 2006 5 (v2) Medium Pass Juniper Junos SYN Cookie Protection DoS (PSN-2012-07-643) 17 Jul 2012 7.8 (v2) High Pass WebAdmin < 3.2.6 MDaemon Account Hijacking CVE-2006-4620 05 Sep 2006 4.6 (v2) Medium Pass MSRPC Service Detection 11 Sep 2006 None Pass IBM WebSphere Application Server 7.0 < Fix Pack 25 Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2012-3293 CVE-2012-3304 CVE-2012-3305 CVE-2012-3306 CVE-2012-3311 CVE-2012-3325 03 Oct 2012 6.8 (v2) Medium Pass Juniper Junos OpenSSL ASN.1 Memory Corruption (PSN-2012-07-645) CVE-2012-2110 CVE-2012-2131 17 Jul 2012 7.5 (v2) High Pass ColdFusion MX Server Detection 15 Sep 2006 None Pass Claroline Software Detection 18 Sep 2006 None 15

Pass Juniper Junos IS-IS hello DoS (PSN-2012-07-647) 17 Jul 2012 5.7 (v2) Medium Pass IBM Spectrum Protect Plus hostname Command Injection CVE-2020-4211 CVE-2020-4469 05 Aug 2020 9.8 (v3) Critical Pass Juniper Junos J-Web XSS (PSN-2012-07-649) CVE-2014-2712 17 Jul 2012 4.3 (v2) Medium Pass Mambo Open Source usercookie Parameter SQL Injection 06 Oct 2006 6.8 (v2) Medium Pass SOAP Server Detection 29 Sep 2006 None Pass Juniper Junos PIM DoS (PSN-2012-07-648) 17 Jul 2012 6.1 (v2) Medium Pass MailEnable SMTP Connector Multiple NTLM Authentication Vulnerabilities CVE-2006-5176 CVE-2006-5177 02 Oct 2006 7.5 (v2) High Pass Xerox WorkCentre WebUI Arbitrary Command Execution (XRX06-005) CVE-2006-5290 05 Oct 2006 7.5 (v2) High Pass CA BrightStor ARCserve Backup for Windows Multiple Remote Buﬀer Overﬂows (QO81201) CVE-2006-5142 CVE-2006-5143 06 Oct 2006 7.5 (v2) High Pass IBM DB2 Interrupt Port Detection 21 Sep 2006 None Pass Zabbix Server Detection 10 Oct 2006 None Pass Skinny Server Detection 19 Oct 2006 None Pass CA BrightStor ARCserve Backup DBASVR for Windows Multiple Remote Buﬀer Overﬂows CVE-2006-5142 CVE-2006-5143 06 Oct 2006 7.5 (v2) High Pass Juniper Junos UDP/IP DoS (PSN-2012-07-652) 17 Jul 2012 5.7 (v2) Medium Pass ELOG Web LogBook global Denial of Service CVE-2006-6318 20 Nov 2006 5 (v2) Medium Pass phpMyAdmin < 2.9.1 Multiple Vulnerabilities CVE-2006-5116 06 Oct 2006 5.1 (v2) Medium Pass Adobe Breeze Directory Traversal Arbitrary File Access CVE-2006-5200 14 Oct 2006 5 (v2) Medium Pass Novell eDirectory iMonitor HTTP Protocol Stack (httpstk) Host HTTP Header Remote Overﬂow CVE-2006-5478 23 Oct 2006 7.5 (v2) High Pass HP OpenView Storage Mirroring Server Detection 21 Nov 2006 None Pass DataWizard FTPXQ Default Accounts CVE-2006-5569 14 Nov 2006 6.4 (v2) Medium Pass Horde Ingo Software Detection 20 Oct 2006 None Pass Xerox WorkCentre Multiple Vulnerabilities (XRX06-006) CVE-2006-6427 CVE-2006-6428 CVE-2006-6429 CVE-2006-6430 CVE-2006-6431 CVE-2006-6432 01 Dec 2006 7.8 (v2) High Pass Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008) CVE-2007-3456 CVE-2007-4678 CVE-2007-2926 CVE-2005-0953 CVE-2005-1260 CVE-2007-4679 CVE-2007-4680 CVE-2007-0464 CVE-2007-4681 CVE-2007-4682 CVE-2007-3999 CVE-2007-4743 CVE-2007-3749 CVE-2007-4683 CVE-2007-4684 CVE-2007-4685 CVE-2006-6127 CVE-2007-4686 CVE-2007-4687 CVE-2007-4688 CVE-2007-4269 CVE-2007-4689 CVE-2007-4267 CVE-2007-4268 CVE-2007-4690 CVE-2007-4691 CVE-2007-0646 CVE-2007-4692 CVE-2007-4693 CVE-2007-4694 CVE-2007-4695 CVE-2007-4696 CVE-2007-4697 CVE-2007-4698 CVE-2007-3758 CVE-2007-3760 CVE-2007-4671 CVE-2007-3756 CVE-2007-4699 CVE-2007-4700 CVE-2007-470114 Nov 2007 10 (v2) Critical Pass Novell ZENworks Asset Management Collection Client Remote Overﬂow CVE-2006-6299 11 Dec 2006 10 (v2) Critical Pass Cisco IOS DHCP Client DoS (cisco-sa-20170322-dhcpc) CVE-2017-3864 28 Mar 2017 8.6 (v3) High Pass Land Down Under / Seditio polls.php id Parameter SQL Injection CVE-2006-6343 CVE-2006-6577 10 Dec 2006 6.8 (v2) Medium Pass WoltLab Burning Board Lite thread.php decode_cookie Function threadvisit Cookie Parameter SQL InjectionCVE-2006-6237 27 Nov 2006 7.5 (v2) High Pass Novell ZenWorks Asset Management Server Detection 11 Dec 2006 None Pass Mort Bay Jetty URL Multiple Slash Character Information Disclosure CVE-2007-6672 07 Jan 2008 5 (v2) Medium Pass OpenSSH < 3.6.2 Reverse DNS Lookup Bypass CVE-2003-0386 10 Jun 2003 7.5 (v2) High Pass Juniper Junos PIM Hello DoS (PSN-2012-10-732) 26 Oct 2012 7.1 (v2) High Pass JBoss Application Server (jbossas) JMX Console DeploymentFileRepository Traversal Arbitrary File ManipulationCVE-2006-5750 14 Dec 2006 7.5 (v2) High Pass JBoss JMX Console Unrestricted Access 14 Dec 2006 7.5 (v2) High Pass ARCserve Backup for Laptops & Desktops Server Admin Service Detection 26 Jan 2007 None Pass CA BrightStor ARCserve Backup Discovery Service Overﬂow CVE-2006-6379 12 Dec 2006 7.5 (v2) High Pass Juniper Junos web-authentication Policy Not Enforced (PSN-2012-10-735) 26 Oct 2012 5 (v2) Medium Pass Juniper Junos J-Web URL Encoding Heap-Based Buﬀer Overﬂow (PSN-2013-01-807) 14 Jan 2013 10 (v2) Critical Pass Mono XSP for ASP.NET Server Crafted Request Script Source Code Disclosure CVE-2006-6104 23 Dec 2006 5 (v2) Medium Pass Cisco Device Default Password CVE-1999-0508 23 Dec 2006 9.8 (v3) Critical Pass CA BrightStor ARCserve Backup Tape Engine Multiple Remote Overﬂows (QO84983) CVE-2006-6076 CVE-2007-0168 CVE-2007-0169 12 Jan 2007 10 (v2) Critical Pass IBM DB2 < 8.1 Fix Pack 13 CONNECT Processing Unspeciﬁed DoS CVE-2006-4257 23 Dec 2006 4.3 (v3) Medium Pass Teredo Server Detection 04 Jan 2007 None Pass WebDAV Directory Enumeration 11 Jan 2007 None Pass phpBB < 2.0.22 Multiple Vulnerabilities CVE-2006-4758 CVE-2006-6421 CVE-2006-6839 CVE-2006-6840 CVE-2006-6841 03 Jan 2007 10 (v2) Critical Pass WordPress Trackback Charset Decoding SQL Injection CVE-2007-0107 12 Jan 2007 6.8 (v2) Medium Pass Easy File Sharing FTP Server PASS Command Overﬂow CVE-2006-3952 17 Jan 2007 7.5 (v2) High Pass CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO84983) CVE-2006-5171 CVE-2006-5172 CVE-2006-6076 CVE-2006-6917 CVE-2007-0168 CVE-2007-0169 15 Jan 2007 10 (v2) Critical Pass Sambar FTP Server Malformed SIZE Command DoS CVE-2006-6624 17 Jan 2007 4 (v2) Medium Pass MS06-056: Vulnerabilities in ASP.NET could allow information disclosure (922770) (uncredentialed check) CVE-2006-3436 26 Jan 2007 4.3 (v2) Medium Pass Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities CVE-2003-0063 CVE-2006-1329 CVE-2008-4456 CVE-2008-5515 CVE-2008-7247 CVE-2009-0033 CVE-2009-0580 CVE-2009-0689 CVE-2009-0781 CVE-2009-0783 CVE-2009-1904 CVE-2009-2042 CVE-2009-2417 CVE-2009-2422 CVE-2009-2446 CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-2906 CVE-2009-3009 CVE-2009-3095 CVE-2009-3557 CVE-2009-3558 CVE-2009-3559 CVE-2009-4017 CVE-2009-4019 CVE-2009-4030 CVE-2009-4214 CVE-2010-0041 CVE-2010-0042 CVE-2010-0043 CVE-2010-0057 CVE-2010-0059 CVE-2010-0060 CVE-2010-0062 CVE-2010-0063 CVE-2010-0064 CVE-2010-0065 CVE-2010-0393 CVE-2010-0497 CVE-2010-0498 CVE-2010-0500 CVE-2010-0501 CVE-2010-0502 CVE-2010-0504 CVE-2010-0505 CVE-2010-0507 CVE-2010-0508 CVE-2010-0509 CVE-2010-0510 CVE-2010-0511 CVE-2010-0512 CVE-2010-0513 CVE-2010-0514 CVE-2010-0515 CVE-2010-0516 CVE-2010-0517 CVE-2010-0518 CVE-2010-0519 CVE-2010-0520 CVE-2010-0521 CVE-2010-0524 CVE-2010-0525 CVE-2010-0526 CVE-2010-0533 CVE-2010-0534 CVE-2010-0535 CVE-2010-053729 Mar 2010 10 (v2) Critical Pass Cisco IOS Software Protocol Translation Vulnerability (cisco-sa-20130327-pt) CVE-2013-1147 10 Apr 2013 7.8 (v2) High Pass Juniper Junos Unspeciﬁed DoS (PSN-2013-01-818) 07 May 2013 7.8 (v2) High Noise HyperText Transfer Protocol (HTTP) Information 30 Jan 2007 None Pass Microsoft .NET Custom Errors Not Set 26 Jan 2007 4.3 (v2) Medium Pass Juniper Junos Firewall Bypass DoS (PSN-2013-04-912) 20 May 2013 6.4 (v2) Medium Pass Juniper Junos J-Web Remote Code Execution (PSN-2013-04-914) 20 May 2013 9 (v2) High Pass CA eTrust Intrusion Detection System Key Exchange Remote DoS CVE-2007-1005 28 Feb 2007 7.8 (v2) High Pass DokuWiki Detection 26 Feb 2007 None Pass Trend Micro ServerProtect Detection 21 Feb 2007 None Pass Symantec Web Security Detection 07 Jun 2007 None Pass DevTrack Web Service UserName Field SQL Injection CVE-2007-0853 09 Feb 2007 7.5 (v2) High Pass Plain Old Webserver URI Traversal Arbitrary File Access CVE-2007-0872 19 Feb 2007 5 (v2) Medium Pass WFTPD APPE Command Buﬀer Overﬂow CVE-2006-5826 19 Feb 2007 5.8 (v2) Medium Pass Trend Micro ServerProtect TmRpcSrv.dll RPC Request Multiple Overﬂows CVE-2007-1070 21 Feb 2007 10 (v2) Critical Pass Cisco IOS SIP Packet Handling Remote DoS (CSCsh58082) CVE-2007-0648 01 Mar 2007 7.8 (v2) High Pass Juniper Junos Invalid Ether-type DoS (PSN-2013-04-916) 20 May 2013 6.1 (v2) Medium Pass Eudora WorldMail Mail Management Server (MAILMA.exe) Remote Overﬂow CVE-2006-6336 05 Mar 2007 10 (v2) Critical Pass Kiwi CatTools < 3.2.9 TFTP Server Traversal Arbitrary File Manipulation CVE-2007-0888 01 Mar 2007 10 (v2) Critical Pass Trend Micro ServerProtect for Linux splx_2376_info Cookie Authentication Bypass CVE-2007-1168 22 Feb 2007 7.5 (v2) High Pass Symantec Mail Security for SMTP Admin Center Default Credentials 05 Mar 2007 7.5 (v2) High Pass CA BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255) CVE-2006-6076 CVE-2007-0816 CVE-2007-1447 CVE-2007-1448 16 Mar 2007 10 (v2) Critical Pass Moodle 'moodledata/sessions' Session Files Remote Information Disclosure CVE-2007-1647 23 Mar 2007 5 (v2) Medium Pass Webapp.org WebAPP < 0.9.9.6 Multiple Vulnerabilities CVE-2007-1259 19 Mar 2007 7.5 (v2) High Pass IBM Tivoli Provisioning Manager OS Deployment Multiple Unspeciﬁed Input Validation Vulnerabilities CVE-2007-1868 07 Apr 2007 10 (v2) Critical Pass SNMP Version 3 Authentication Bypass Vulnerabilities (cisco-sa-20080610-snmpv3) CVE-2008-0960 31 May 2013 10 (v2) Critical Pass ProFTPD Auth API Multiple Auth Module Authentication Bypass CVE-2007-2165 19 Apr 2007 5.1 (v2) Medium Pass Sun Java Web Console LibWebconsole_Services.SO Remote Format String CVE-2007-1681 23 Apr 2007 7.5 (v2) High Pass Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overﬂow CVE-2007-2171 23 Apr 2007 10 (v2) Critical Pass Cisco NX-OS Malformed IP Packet DoS (cisco-sa-20120215-nxos) 31 May 2013 7.8 (v2) High Pass Plesk Multiple Script locale_id Parameter Traversal Arbitrary File Access CVE-2007-2268 27 Apr 2007 5 (v2) Medium Pass myGallery mygallerybrowser.php 'myPath' Parameter Remote File Inclusion CVE-2007-2426 30 Apr 2007 7.5 (v2) High Pass Trend Micro ServerProtect AgRpcCln.dll Buﬀer Overﬂow CVE-2007-2528 09 May 2007 10 (v2) Critical Pass Trend Micro ServerProtect EarthAgent RPC Request Remote Buﬀer Overﬂow CVE-2007-2508 09 May 2007 10 (v2) Critical Pass MERCUR Messaging IMAP Server NTLM Authentication NTLMSSP Argument Remote Overﬂow CVE-2007-1578 30 Apr 2007 10 (v2) Critical Pass Resin for Windows \WEB-INF Traversal Arbitrary File Access CVE-2007-2440 16 May 2007 5 (v2) Medium Pass Cisco Uniﬁed Communications Manager Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20120926-cucm)CVE-2012-3949 08 Jul 2013 7.8 (v2) High Pass CommuniGate Pro WebMail w/ MSIE STYLE Tag XSS CVE-2007-2718 14 May 2007 4.3 (v2) Medium Pass RunCMS < 1.5.3 debug_show.php Multiple Vulnerabilities CVE-2007-2538 CVE-2007-2539 08 May 2007 7.8 (v2) High Pass IBM WebSphere Application Server 8.5 < Fix Pack 2 Multiple Vulnerabilities CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 CVE-2013-0458 CVE-2013-0459 CVE-2013-0461 CVE-2013-0462 CVE-2013-0482 CVE-2013-0540 CVE-2013-0541 CVE-2013-0542 CVE-2013-0543 CVE-2013-0544 CVE-2013-056510 May 2013 10 (v2) Critical Pass SNMPc Management Server Default Credentials 05 Jun 2007 7.5 (v2) High Pass F-Secure Policy Manager Server fsmsh.dll module DoS CVE-2007-2964 04 Jun 2007 5 (v2) Medium Pass HP System Management Homepage < 2.1.2 Unspeciﬁed XSS CVE-2007-3062 01 Jun 2007 4.3 (v2) Medium Pass Juniper Junos SRX Series PIM DoS (JSA10573) CVE-2013-4684 16 Jul 2013 7.8 (v2) High Pass Juniper Junos SRX Series UAC Enforcer HTTP Remote Code Execution (JSA10574) CVE-2013-4685 16 Jul 2013 10 (v2) Critical Pass Symantec Ghost Solution Locate Server Detection 13 Jun 2007 None Pass Symantec Ghost Solution Status Server Detection 13 Jun 2007 None Pass Packeteer Web Management Interface Authentication 26 Jun 2007 None Pass Xerox WorkCentre Multiple OpenSSL Vulnerabilities (XRX07-001) CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4343 01 Jul 2007 7.8 (v2) High Pass Juniper Junos OpenSSL Multiple Vulnerabilities (JSA10575) CVE-2013-0166 CVE-2013-0169 16 Jul 2013 4.3 (v2) Medium Pass IBM Spectrum Protect / Tivoli Storage Manager Service Detection 03 Jul 2007 None Pass Ingres Data Access Server Detection 01 Jul 2007 None Pass IBM Tivoli Storage Manager Multiple Remote Overﬂows CVE-2006-5855 03 Jul 2007 10 (v2) Critical Pass OpenSSL 1.0.1 < 1.0.1n Multiple Vulnerabilities (Logjam) CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 12 Jun 2015 6.8 (v2) Medium Pass AsteriDex callboth.php Multiple Parameter CRLF Injection Arbitrary Command Execution CVE-2007-3621 06 Jul 2007 7.5 (v2) High Pass CA Multiple Products Message Queuing Server (Cam.exe) Remote Overﬂow CVE-2007-0060 26 Jul 2007 9.3 (v2) High Pass Juniper Junos proxy-arp/arp-resp DoS (JSA10576) CVE-2013-4686 16 Jul 2013 5.7 (v2) Medium Pass Juniper Junos SRX Series TCP ALG DoS (JSA10577) CVE-2013-4687 16 Jul 2013 7.8 (v2) High Pass Juniper Junos SRX Series MSRPC DoS (JSA10578) CVE-2013-4688 16 Jul 2013 7.8 (v2) High Pass Juniper Junos SRX1400/3400/3600 Etherleak Information Disclosure (JSA10579) CVE-2003-0001 CVE-2013-4690 16 Jul 2013 5 (v2) Medium Pass Sun Java System Directory Server Multiple Vulnerabilities CVE-2006-4175 CVE-2007-2466 CVE-2007-3224 CVE-2007-3225 12 Jul 2007 7.8 (v2) High Pass Symantec Backup Exec for Windows RPC Crafted ncacn_ip_tcp Request Remote Overﬂow CVE-2007-3509 16 Jul 2007 7.5 (v2) High Pass Juniper Junos SSL/TLS Renegotiation DoS (JSA10580) CVE-2011-1473 16 Jul 2013 4.3 (v2) Medium 16

Pass Cisco IOS Extensible Authentication Protocol Vulnerability (cisco-sr-20071019-eap) CVE-2007-5651 22 Jul 2013 7.1 (v2) High Pass Cisco Expressway Series and TelePresence Video Communication DoS (cisco-sa-expressway-vcs-dos-n6xxTMZB)CVE-2020-3596 09 Oct 2020 7.5 (v3) High Pass Puppet Enterprise 2015.x / 2016.x < 2016.4.0 Multiple Vulnerabilities CVE-2016-5715 09 Oct 2019 6.1 (v3) Medium Pass RealNetworks Helix DNA Server RTSP Service Crafted Require Header Remote Overﬂow CVE-2007-4561 28 Aug 2007 10 (v2) Critical Pass Cisco Web Security Appliance Version 26 Jul 2013 None Pass Mercury SMTP Server AUTH CRAM-MD5 Remote Buﬀer Overﬂow CVE-2007-4440 23 Aug 2007 7.5 (v2) High Pass Sybase ASA Client Connection Broadcast Remote Information Disclosure 22 Aug 2007 5 (v2) Medium Pass Sybase ASA Default Database Password 22 Aug 2007 7.5 (v2) High Pass Cisco Content Security Management Appliance Version 26 Jul 2013 None Pass Juniper Junos OSPF Protocol Vulnerability (JSA10582) CVE-2013-0149 CVE-2013-7313 02 Aug 2013 7.8 (v2) High Pass Trend Micro ServerProtect Multiple Remote Overﬂows CVE-2007-4218 CVE-2007-4219 CVE-2007-4731 22 Aug 2007 10 (v2) Critical Pass SIDVault < 2.0f LDAP Server Malformed Search Request Buﬀer Overﬂow CVE-2007-4566 28 Aug 2007 10 (v2) Critical Pass OSPF LSA Manipulation Vulnerability in Cisco IOS (cisco-sa-20130801-lsaospf) CVE-2013-0149 16 Aug 2013 5.8 (v2) Medium Pass OSPF LSA Manipulation Vulnerability in Cisco NX-OS (cisco-sa-20130801-lsaospf) CVE-2013-0149 16 Aug 2013 5.8 (v2) Medium Pass HP Switch Identiﬁcation 13 Aug 2013 None Pass OpenSSL 1.0.2 < 1.0.2d Multiple Vulnerabilities CVE-2015-1793 CVE-2015-3196 09 Jul 2015 6.5 (v3) Medium Pass Cisco Nexus 1000V VEM DoS (CSCtj17451) CVE-2011-0355 13 Aug 2013 7.8 (v2) High Pass lighttpd mod_fastcgi HTTP Request Header Remote Overﬂow CVE-2007-4727 17 Sep 2007 5.6 (v3) Medium Pass Kerio MailServer < 6.4.1 Attachment Filter Unspeciﬁed Vulnerability CVE-2007-3993 05 Sep 2007 10 (v2) Critical Pass OEJP Daemon Detection 28 Sep 2007 None Pass Web Server Transmits Cleartext Credentials 28 Sep 2007 2.6 (v2) Low Pass Hexamail Server pop3 Service USER Command Remote Overﬂow CVE-2007-4646 11 Sep 2007 10 (v2) Critical Pass BrightStor Hierarchical Storage Manager < r11.6 Multiple Remote Vulnerabilities CVE-2007-5082 CVE-2007-5083 CVE-2007-5084 04 Oct 2007 10 (v2) Critical Pass CA BrightStor HSM Engine Detection (UDP) 04 Oct 2007 None Pass Microsoft Windows SMB Blank Administrator Password CVE-1999-0504 CVE-1999-0505 CVE-1999-0506 CVE-2000-0222 CVE-2005-3595 04 Oct 2007 10 (v2) Critical Pass SSL Weak Cipher Suites Supported 08 Oct 2007 5.3 (v3) Medium Pass MagniComp SysInfo Agent Accessible 10 Oct 2007 5 (v2) Medium Pass CA BrightStor ARCserve Backup Multiple Remote Vulnerabilities (QO91094) CVE-2007-5325 CVE-2007-5326 CVE-2007-5327 CVE-2007-5328 CVE-2007-5329 CVE-2007-5330 CVE-2007-5331 CVE-2007-5332 12 Oct 2007 10 (v2) Critical Pass HP Linux Imaging and Printing Project (hplip) hpssd from Address Command Injection CVE-2007-5208 15 Oct 2007 7.6 (v2) High Pass CA Host-Based Intrusion Prevention System Server Default Credentials 23 Oct 2007 7.5 (v2) High Pass Datagram Transport Layer Security Detection 16 Oct 2007 None Pass HP Linux Imaging and Printing System HPSSD Daemon Detection 15 Oct 2007 None Pass K2 KeyServer Default Credentials 12 Oct 2007 7.5 (v2) High Pass Perdition IMAPD IMAP Tag Remote Format String Arbitrary Code Execution CVE-2007-5740 01 Nov 2007 7.5 (v2) High Pass Citrix Application Delivery Controller (ADC) / Citrix NetScaler Detection 06 Dec 2007 None Pass TikiWiki < 1.9.8.2 Multiple Scripts Local File Inclusion CVE-2007-5684 26 Oct 2007 5.1 (v2) Medium Pass Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20130123-wlc) CVE-2013-1102 CVE-2013-1103 CVE-2013-1104 CVE-2013-1105 25 Sep 2013 9 (v2) High Pass SNMP GETBULK Large max-repetitions Remote DoS CVE-2007-5846 09 Nov 2007 7.8 (v2) High Pass ManageEngine OpManager Login.do Multiple Parameter XSS CVE-2007-5891 07 Nov 2007 4.3 (v2) Medium Pass IBM Lotus Domino < 7.0.2 FP2 Multiple Vulnerabilities CVE-2007-5924 10 Nov 2007 10 (v2) Critical Pass IBM Lotus Domino < 6.5.6 FP2 Multiple Vulnerabilities CVE-2007-3510 CVE-2007-5924 10 Nov 2007 10 (v2) Critical Pass IBM Domino Detection (uncredentialed check) 10 Nov 2007 None Pass Mac OS X 10.8 < 10.8.5 Supplemental Update CVE-2013-5163 04 Oct 2013 6.6 (v2) Medium Pass Plumtree Portal Default Credentials 02 Dec 2007 7.5 (v2) High Pass I Hear U Detection 27 Nov 2007 None Pass NetScaler Web Management Successful Authentication 06 Dec 2007 None Pass ipMonitor Encoded Traversal Arbitrary File Access 13 Dec 2007 5 (v2) Medium Pass Rendezvous < 8.0.0 Crafted Packet Remote DoS CVE-2007-4158 02 Dec 2007 7.8 (v2) High Pass Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20130925-dhcp) CVE-2013-5475 07 Oct 2013 7.8 (v2) High Pass MS07-065: Vulnerability in Message Queuing Could Allow Remote Code Execution (937894) (uncredentialed check)CVE-2007-3039 12 Dec 2007 10 (v2) Critical Pass Fireﬂy Media Server Limited Directory Traversal Admin Credential Disclosure 10 Dec 2007 7.5 (v2) High Pass Websense Reporting Tools WsCgiLogin.exe username Parameter XSS CVE-2007-6312 11 Dec 2007 4.3 (v2) Medium Pass Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20130925-nat) CVE-2013-5479 CVE-2013-5480 CVE-2013-5481 07 Oct 2013 7.8 (v2) High Pass CUPS SNMP Back End (backend/snmp.c) asn1_get_string Function Crafted SNMP Response Remote OverCVE-2007-5849ﬂow 19 Dec 2007 9.3 (v2) High Pass WordPress 'query.php' is_admin() Function Information Disclosure 23 Dec 2007 5 (v2) Medium Pass Cisco IOS Software Queue Wedge Denial of Service Vulnerability (cisco-sa-20130925-wedge) CVE-2013-5477 07 Oct 2013 7.8 (v2) High Pass CuteNews search.php ﬁles_arch Array Arbitrary File Access 26 Dec 2007 5 (v2) Medium Pass ClamAV clamav-milter black-hole-mode Sendmail Recipient Field Arbitrary Command Execution CVE-2007-4560 03 Jan 2008 7.6 (v2) High Pass RunCMS Detection 07 Jan 2008 None Pass AXIS Camera Unconﬁgured Password Detection 09 Apr 2019 9.8 (v3) Critical Pass Cisco Open Network Environment Platform Unvalidated Pointer (CSCui51551) CVE-2013-5496 11 Oct 2013 6.3 (v2) Medium Pass Xerox WorkCentre Multiple Samba Vulnerabilities (XRX08-001) CVE-2007-2446 CVE-2007-2447 14 Jan 2008 10 (v2) Critical Pass Juniper Junos J-Web CSRF Protection Bypass (JSA10597) CVE-2013-4689 17 Oct 2013 9.3 (v2) High Pass Juniper Junos SRX Series ﬂowd Remote DoS (JSA10596) CVE-2013-6015 17 Oct 2013 7.8 (v2) High Pass Juniper Junos PIM Remote Denial of Service (JSA10548) CVE-2013-6170 17 Oct 2013 6.3 (v2) Medium Pass netOctopus Agent Detection (UDP) 14 Jan 2008 None Pass Blind Command Injection Vulnerability in Grandstream Products CVE-2019-10656 CVE-2019-10657 CVE-2019-10658 08 Apr 2019 8.8 (v3) High Pass Juniper Junos SRX Series ﬂowd telnet Messages Remote Code Execution (JSA10594) CVE-2013-6013 17 Oct 2013 10 (v2) Critical Pass Juniper Junos Unnumbered Interface Cache Poisoning Remote DoS and Information Disclosure (JSA10595)CVE-2013-6014 17 Oct 2013 6.1 (v2) Medium Pass Juniper Junos GNU libc glob Remote DoS (JSA10598) CVE-2010-2632 17 Oct 2013 6.8 (v2) Medium Pass IBM WebSphere Application Server 8.5 < Fix Pack 1 Multiple Vulnerabilities CVE-2012-2159 CVE-2012-2190 CVE-2012-2191 CVE-2012-3293 CVE-2012-3304 CVE-2012-3305 CVE-2012-3306 CVE-2012-3311 CVE-2012-3325 CVE-2012-3330 CVE-2012-4850 CVE-2012-4851 CVE-2012-485320 Nov 2012 7.5 (v2) High Pass Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST) CVE-2011-2391 CVE-2011-3389 CVE-2011-3427 CVE-2011-4944 CVE-2012-0845 CVE-2012-0876 CVE-2012-1150 CVE-2013-0249 CVE-2013-1667 CVE-2013-1944 CVE-2013-3950 CVE-2013-3954 CVE-2013-4073 CVE-2013-5135 CVE-2013-5138 CVE-2013-5139 CVE-2013-5141 CVE-2013-5142 CVE-2013-5145 CVE-2013-5165 CVE-2013-5166 CVE-2013-5167 CVE-2013-5168 CVE-2013-5169 CVE-2013-5170 CVE-2013-5171 CVE-2013-5172 CVE-2013-5173 CVE-2013-5174 CVE-2013-5175 CVE-2013-5176 CVE-2013-5177 CVE-2013-5178 CVE-2013-5179 CVE-2013-5180 CVE-2013-5181 CVE-2013-5182 CVE-2013-5183 CVE-2013-5184 CVE-2013-5185 CVE-2013-5186 CVE-2013-5187 CVE-2013-5188 CVE-2013-5189 CVE-2013-5190 CVE-2013-5191 CVE-2013-5192 CVE-2013-522923 Oct 2013 9.3 (v2) High Pass HTTP DoS Vulnerability in Cisco Wireless LAN Controllers CVE-2013-6684 03 Dec 2013 6.8 (v2) Medium Pass Citadel/UX lprintf() Function Remote Format String CVE-2004-1192 13 Dec 2004 10 (v2) Critical Pass HP Data Protector Multiple Vulnerabilities (HPSBMU02895 SSRT101253) CVE-2013-2344 CVE-2013-2345 CVE-2013-2346 CVE-2013-2347 CVE-2013-2348 CVE-2013-2349 CVE-2013-2350 CVE-2013-6194 CVE-2013-619506 Jan 2014 10 (v2) Critical Pass Symantec Messaging Gateway 10.x < 10.7.0 Information Disclosure Vulnerability (SYMSA1482) CVE-2019-9699 24 May 2019 4.5 (v3) Medium Pass Apple TV < 9.2.1 Multiple Vulnerabilities CVE-2016-1801 CVE-2016-1802 CVE-2016-1803 CVE-2016-1807 CVE-2016-1808 CVE-2016-1811 CVE-2016-1813 CVE-2016-1814 CVE-2016-1817 CVE-2016-1818 CVE-2016-1819 CVE-2016-1823 CVE-2016-1824 CVE-2016-1827 CVE-2016-1828 CVE-2016-1829 CVE-2016-1830 CVE-2016-1832 CVE-2016-1833 CVE-2016-1834 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-1841 CVE-2016-1847 CVE-2016-1854 CVE-2016-1855 CVE-2016-1856 CVE-2016-1857 CVE-2016-1858 CVE-2016-1859 CVE-2016-465024 May 2016 7.8 (v3) High Pass Juniper Junos XNM Command Remote DoS (JSA10607) CVE-2014-0613 16 Jan 2014 5 (v2) Medium Pass Juniper Junos CLI Multiple Privilege Escalation Vulnerabilities (JSA10608) CVE-2014-0615 16 Jan 2014 7.2 (v2) High Pass Juniper Junos CLI libc recomp() rpd DoS (JSA10612) CVE-2010-4051 CVE-2010-4052 16 Jan 2014 2.1 (v2) Low Pass Cisco Data Center Network Manager XSS (cisco-sa-dncm-xss-AvMyAwd2) CVE-2020-3348 CVE-2020-3349 28 Jul 2020 4.8 (v3) Medium Pass Juniper Junos SRX Series ﬂowd Remote DoS (JSA10610) CVE-2014-0617 16 Jan 2014 7.8 (v2) High Pass Cisco WLC Web-Based Management Interface XSS Vulnerability (CSCuf77810) CVE-2013-5519 12 Feb 2014 4.3 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 27 Multiple Vulnerabilities CVE-2012-3330 CVE-2012-4853 CVE-2013-0458 CVE-2013-0459 CVE-2013-0460 CVE-2013-0461 25 Jan 2013 6.8 (v2) Medium Pass Cisco ASA AnyConnect Client Authentication Attempt Handling Information Disclosure (cisco-sa-20160115-asa)CVE-2016-1295 06 Jul 2016 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 3.1.10 / 4.x < 4.0.5 Multiple Command Injections CVE-2012-6591 CVE-2012-6592 05 Mar 2014 10 (v2) Critical Pass Oracle GlassFish Server 3.1.2.x < 3.1.2.15 Multiple Vulnerabilities (July 2016 CPU) CVE-2015-3237 CVE-2016-3607 20 Jul 2016 9.8 (v3) Critical Pass Cisco RV110W, RV130W, and RV215W Routers Syslog Disclosure (cisco-sa-20190619-rv-ﬁleaccess) CVE-2019-1898 19 Jun 2019 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS < 3.1.10 / 4.x < 4.0.4 Multiple Command Injections CVE-2012-6593 CVE-2012-6602 05 Mar 2014 10 (v2) Critical Pass Palo Alto Networks PAN-OS < 3.1.11 / 4.0.x < 4.0.8 / 4.1.x < 4.1.1 Command Injection CVE-2012-6594 05 Mar 2014 9 (v2) High Pass ISC BIND Race Condition Vulnerability (CVE-2019-6471) CVE-2019-6471 28 Jun 2019 5.9 (v3) Medium Pass Palo Alto Networks PAN-OS < 4.0.9 / 4.1.x < 4.1.3 Information Disclosure CVE-2012-6596 05 Mar 2014 6.5 (v2) Medium Pass Palo Alto Networks PAN-OS < 4.0.8 / 4.1.x < 4.1.1 Command Injection CVE-2012-6599 05 Mar 2014 9 (v2) High Pass Siemens SCALANCE X-200IRT < 5.2.0 Session Hijacking CVE-2015-1049 16 Feb 2015 6.8 (v2) Medium Pass PHP 7.3.x < 7.3.7 Multiple Vulnerabilities. 12 Jul 2019 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS < 3.1.12 / 4.0.x < 4.0.10 / 4.1.x < 4.1.4 Multiple Vulnerabilities CVE-2012-6601 CVE-2012-6603 05 Mar 2014 10 (v2) Critical Pass Palo Alto Networks PAN-OS < 4.0.14 / 4.1.x < 4.1.11 / 5.0.x < 5.0.2 Security Bypass CVE-2013-5663 05 Mar 2014 4.3 (v2) Medium Pass Palo Alto Networks PAN-OS < 4.1.13 / 5.0.x < 5.0.6 XSS CVE-2013-5664 05 Mar 2014 3.5 (v2) Low Pass Palo Alto Networks PAN-OS < 5.0.10 / 5.1.x < 5.1.5 XSS 07 Mar 2014 3.5 (v2) Low Pass Apple TV < 9.2.2 Multiple Vulnerabilities CVE-2016-1684 CVE-2016-1836 CVE-2016-1863 CVE-2016-1865 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4582 CVE-2016-4583 CVE-2016-4584 CVE-2016-4585 CVE-2016-4586 CVE-2016-4587 CVE-2016-4588 CVE-2016-4589 CVE-2016-4591 CVE-2016-4592 CVE-2016-4594 CVE-2016-4607 CVE-2016-4608 CVE-2016-4609 CVE-2016-4610 CVE-2016-4612 CVE-2016-4614 CVE-2016-4615 CVE-2016-4616 CVE-2016-4619 CVE-2016-4622 CVE-2016-4623 CVE-2016-4624 CVE-2016-4626 CVE-2016-4627 CVE-2016-4631 CVE-2016-4632 CVE-2016-4637 CVE-2016-4642 CVE-2016-4643 CVE-2016-4644 CVE-2016-465321 Jul 2016 9.8 (v3) Critical Pass Juniper Junos J-Web Persistent XSS (JSA10619) CVE-2014-2711 14 Apr 2014 4.3 (v2) Medium Pass Palo Alto Networks PAN-OS 5.0.9 Multiple Vulnerabilities 05 Mar 2014 3.5 (v2) Low Pass McAfee Web Gateway < 7.3.2.6 / 7.4.1 Information Disclosure (SB10063) CVE-2014-2535 21 Mar 2014 4 (v2) Medium Pass Palo Alto Networks PAN-OS 4.1.x < 4.1.16 / 5.0.x < 5.0.10 / 5.1.x < 5.1.5 API Key Bypass Flaw 21 Mar 2014 3.5 (v2) Low Pass PHP 5.6.x < 5.6.3 'donote' DoS CVE-2014-3710 14 Nov 2014 5 (v2) Medium Pass Cisco Wireless LAN Controller 802.11i Management Frame DoS CVE-2015-6311 20 Jul 2016 6.1 (v2) Medium Pass Symantec Messaging Gateway 10.x < 10.6.2 Multiple Vulnerabilities (SYM16-015) (SYM16-016) CVE-2016-5309 CVE-2016-5310 CVE-2016-5312 22 Sep 2016 6.5 (v3) Medium Pass Juniper Junos SRX Series Dynamic IPsec VPN DoS (JSA10620) CVE-2014-0612 14 Apr 2014 5 (v2) Medium Pass Citrix NetScaler Version Detection 10 Mar 2014 None Pass Webmin 1.890 - 1.920 Remote Command Execution (CVE-2019-15107, CVE-2019-15231) CVE-2019-15107 CVE-2019-15231 19 Aug 2019 9.8 (v3) Critical Pass Juniper Junos Kernel IGMP Flood DoS (JSA10618) CVE-2014-0614 14 Apr 2014 7.1 (v2) High Pass Apple iTunes < 11.0.3 Multiple Vulnerabilities (uncredentialed check) CVE-2012-2824 CVE-2012-2857 CVE-2012-3748 CVE-2012-5112 CVE-2013-0879 CVE-2013-0912 CVE-2013-0948 CVE-2013-0949 CVE-2013-0950 CVE-2013-0951 CVE-2013-0952 CVE-2013-0953 CVE-2013-0954 CVE-2013-0955 CVE-2013-0956 CVE-2013-0958 CVE-2013-0959 CVE-2013-0960 CVE-2013-0961 CVE-2013-0991 CVE-2013-0992 CVE-2013-0993 CVE-2013-0994 CVE-2013-0995 CVE-2013-0996 CVE-2013-0997 CVE-2013-0998 CVE-2013-0999 CVE-2013-1000 CVE-2013-1001 CVE-2013-1002 CVE-2013-1003 CVE-2013-1004 CVE-2013-1005 CVE-2013-1006 CVE-2013-1007 CVE-2013-1008 CVE-2013-1010 CVE-2013-1011 CVE-2013-101417 May 2013 10 (v2) Critical 17

Pass Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685) (credentialed check) CVE-2008-0456 CVE-2012-2687 CVE-2012-3499 CVE-2012-4558 CVE-2013-1862 CVE-2013-1896 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-023120 Jul 2015 6.8 (v2) Medium Pass Juniper Junos MX and T4000 Series MPC Reboot DoS (JSA10621) CVE-2014-2713 14 Apr 2014 5 (v2) Medium Pass Cisco UCS Director Authentication Bypass (cisco-sa-20190821-imcs-ucs-cmdinj) CVE-2019-1936 24 Sep 2019 7.2 (v3) High Pass Unsupported Brocade Fabric OS 17 Apr 2014 10 (v2) Critical Pass Kibana ESA-2018-14 CVE-2018-3830 24 Sep 2018 6.1 (v3) Medium Pass ISC BIND Service Downgrade / Reﬂected DoS CVE-2020-8616 22 May 2020 8.6 (v3) High Pass Citrix NetScaler Gateway XSS (CTX140291) CVE-2014-1899 15 May 2014 4.3 (v2) Medium Pass McAfee Web Gateway OpenSSL Information Disclosure (SB10071) (Heartbleed) CVE-2014-0160 02 May 2014 7.5 (v3) High Pass Citrix NetScaler Multiple Vulnerabilities (CTX140651) CVE-2014-2881 CVE-2014-2882 15 May 2014 10 (v2) Critical Pass Apple TV < 6.1 Multiple Vulnerabilities CVE-2012-2088 CVE-2013-2909 CVE-2013-2926 CVE-2013-2928 CVE-2013-5196 CVE-2013-5197 CVE-2013-5198 CVE-2013-5199 CVE-2013-5225 CVE-2013-5228 CVE-2013-6625 CVE-2013-6629 CVE-2013-6635 CVE-2014-1267 CVE-2014-1269 CVE-2014-1270 CVE-2014-1271 CVE-2014-1272 CVE-2014-1273 CVE-2014-1275 CVE-2014-1278 CVE-2014-1279 CVE-2014-1280 CVE-2014-1282 CVE-2014-1287 CVE-2014-1289 CVE-2014-1290 CVE-2014-1291 CVE-2014-1292 CVE-2014-1293 CVE-2014-129412 Mar 2014 7.5 (v2) High Pass Cisco IOS XR Software IPv6 Malformed Packet DoS (cisco-sa-20140611-ipv6) CVE-2014-2176 30 Jun 2014 7.1 (v2) High Pass Puppet Enterprise < 2015.3.0 Information Disclosure Vulnerability CVE-2015-8470 09 Oct 2019 6.5 (v3) Medium Pass Puppet Enterprise < 2015.3.1 Information Disclosure Vulnerability CVE-2015-8470 09 Oct 2019 6.5 (v3) Medium Pass IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12.1 Multiple Vulnerabilities CVE-2015-4931 CVE-2015-4932 CVE-2015-4933 CVE-2015-4934 CVE-2015-4935 06 Aug 2015 10 (v2) Critical Pass macOS 10.12.x < 10.12.5 Multiple Vulnerabilities CVE-2017-2494 CVE-2017-2497 CVE-2017-2501 CVE-2017-2502 CVE-2017-2503 CVE-2017-2507 CVE-2017-2509 CVE-2017-2512 CVE-2017-2513 CVE-2017-2516 CVE-2017-2518 CVE-2017-2519 CVE-2017-2520 CVE-2017-2524 CVE-2017-2527 CVE-2017-2533 CVE-2017-2534 CVE-2017-2535 CVE-2017-2537 CVE-2017-2540 CVE-2017-2541 CVE-2017-2542 CVE-2017-2543 CVE-2017-2545 CVE-2017-2546 CVE-2017-2548 CVE-2017-6977 CVE-2017-6978 CVE-2017-6979 CVE-2017-6981 CVE-2017-6983 CVE-2017-6985 CVE-2017-6986 CVE-2017-6987 CVE-2017-6988 CVE-2017-6990 CVE-2017-6991 CVE-2017-7000 CVE-2017-7001 CVE-2017-7002 CVE-2017-7003 CVE-2017-700418 May 2017 7.8 (v3) High Pass McAfee Web Gateway < 7.3.2.2 DoS (SB10052) CVE-2013-4854 18 Jun 2014 7.8 (v2) High Pass IBM InfoSphere IGC Multiple Vulnerabilities CVE-2017-1350 CVE-2018-1432 CVE-2018-1454 08 Jun 2018 7.8 (v3) High Pass Puppet Enterprise 2018.x < 2018.1.1 Code Execution Vulnerability CVE-2018-6512 09 Oct 2019 9.8 (v3) Critical Pass Elasticsearch ESA-2017-10 CVE-2017-8442 22 Aug 2018 6.5 (v3) Medium Pass SuperMicro IPMI PSBlock File Plaintext Password Disclosure 25 Jun 2014 9.8 (v3) Critical Pass EMC RSA Archer 6.x < 6.4.10500.1006 Authorization Bypass Vulnerability CVE-2018-15780 10 Jan 2019 6.5 (v3) Medium Pass Citrix NetScaler nsconﬁgd Remote DoS (CTX139017) CVE-2013-6011 26 Jun 2014 7.8 (v2) High Pass Juniper Junos SRX Series SIP ALG Remote DoS (JSA10633) CVE-2014-3815 15 Jul 2014 7.8 (v2) High Pass Juniper Junos CLI Privilege Escalation (JSA10634) CVE-2014-3816 15 Jul 2014 7.2 (v2) High Pass Juniper Junos SRX Series NAT IPv6 to IPv4 Remote DoS (JSA10635) CVE-2014-3817 15 Jul 2014 7.8 (v2) High Pass OpenSSL 1.1.0 < 1.1.0j Multiple Vulnerabilities CVE-2018-0734 CVE-2018-0735 25 Jan 2019 5.9 (v3) Medium Pass Cisco Prime Infrastructure Cross-Site Scripting Vulnerability (cisco-sa-20190123-cpi-xss) CVE-2019-1643 20 Feb 2019 6.1 (v3) Medium Pass Juniper Junos SRX Series Web Authentication XSS (JSA10640) CVE-2014-3821 15 Jul 2014 4.3 (v2) Medium Pass Juniper Junos SRX Series NAT IPv6 to IPv4 Remote DoS (JSA10641) CVE-2014-3822 15 Jul 2014 5.4 (v2) Medium Pass Apple iTunes < 12.2 Multiple Vulnerabilities (uncredentialed check) CVE-2014-3192 CVE-2014-4452 CVE-2014-4459 CVE-2014-4466 CVE-2014-4468 CVE-2014-4469 CVE-2014-4470 CVE-2014-4471 CVE-2014-4472 CVE-2014-4473 CVE-2014-4474 CVE-2014-4475 CVE-2014-4476 CVE-2014-4477 CVE-2014-4479 CVE-2015-1068 CVE-2015-1069 CVE-2015-1070 CVE-2015-1071 CVE-2015-1072 CVE-2015-1073 CVE-2015-1074 CVE-2015-1075 CVE-2015-1076 CVE-2015-1077 CVE-2015-1078 CVE-2015-1079 CVE-2015-1080 CVE-2015-1081 CVE-2015-1082 CVE-2015-1083 CVE-2015-1119 CVE-2015-1120 CVE-2015-1121 CVE-2015-1122 CVE-2015-1124 CVE-2015-1152 CVE-2015-1153 CVE-2015-115426 Oct 2015 7.5 (v2) High Pass Citrix NetScaler Multiple Vulnerabilities (CTX140863) CVE-2014-4346 CVE-2014-4347 30 Jul 2014 5 (v2) Medium Pass Apple TV < 11.4 Multiple Vulnerabilities CVE-2018-4188 CVE-2018-4190 CVE-2018-4192 CVE-2018-4198 CVE-2018-4199 CVE-2018-4200 CVE-2018-4201 CVE-2018-4204 CVE-2018-4206 CVE-2018-4211 CVE-2018-4214 CVE-2018-4218 CVE-2018-4222 CVE-2018-4223 CVE-2018-4224 CVE-2018-4232 CVE-2018-4233 CVE-2018-4235 CVE-2018-4237 CVE-2018-4240 CVE-2018-4241 CVE-2018-4243 CVE-2018-4246 CVE-2018-4249 CVE-2018-538305 Jun 2018 7.8 (v3) High Pass Cisco IOS Software EnergyWise DoS (cisco-sa-20140806-energywise CVE-2014-3327 12 Aug 2014 7.5 (v3) High Pass Cisco IOS XR Software Static Punt Policer DoS (CSCun83985) CVE-2014-3308 07 Aug 2014 6.4 (v2) Medium Pass Cisco NX-OS Arbitrary File Read Vulnerability (CSCul05217 / CSCul23419) CVE-2013-6975 20 Aug 2014 4.6 (v2) Medium Pass Avirt Gateway Suite Telnet Proxy Arbitrary Command Execution CVE-2002-0134 21 Aug 2002 7.5 (v2) High Pass Cisco IOS Software Network Address Translation (NAT) ALG Module DoS (cisco-sa-20140924-nat) CVE-2014-3361 30 Sep 2014 7.1 (v2) High Pass Cisco IOS Software RSVP DoS (cisco-sa-20140924-rsvp) CVE-2014-3354 02 Oct 2014 7.8 (v2) High Pass Cisco Uniﬁed Communications Manager Multiple Arbitrary File Manipulation Vulnerabilities (CSCuo17199 / CSCuo17302)CVE-2014-3292 29 Sep 2014 5.4 (v3) Medium Pass HP Ignite-UX TFTP /etc/pass File Disclosure CVE-2004-0951 26 Aug 2005 5 (v2) Medium Pass pfSense < 2.2.5 Multiple Vulnerabilities (SA-15_08) CVE-2014-2653 CVE-2015-1283 CVE-2015-1416 CVE-2015-1418 CVE-2015-5600 CVE-2015-5675 CVE-2015-6563 CVE-2015-6564 CVE-2015-6565 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7803 CVE-2015-7804 CVE-2015-7848 CVE-2015-7849 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7853 CVE-2015-7854 CVE-2015-7855 CVE-2015-787131 Jan 2018 7.8 (v3) High Pass Juniper Junos SRX Series ALG 'ﬂowd' Remote DoS (JSA10650) CVE-2014-3825 14 Oct 2014 7.8 (v2) High Pass Oracle Application Express Listener Remote Information Disclosure Vulnerability (July 2012 CPU) CVE-2012-1740 07 Oct 2014 7.8 (v2) High Pass HPE Moonshot Provisioning Manager < 1.22 Multiple Vulnerabilities CVE-2017-8975 CVE-2017-8976 29 Jan 2018 9.8 (v3) Critical Pass Webmin chooser.cgi Cross-Site Scripting (< 1.330) CVE-2007-1276 22 Mar 2018 4.7 (v3) Medium Pass ManageEngine Desktop Central 9 < Build 92027 Multiple Vulnerabilities CVE-2018-8722 30 Mar 2018 6.1 (v3) Medium Pass Juniper Junos BGP UPDATE 'rpd' Remote DoS (JSA10653) CVE-2014-3818 14 Oct 2014 7.8 (v2) High Pass Juniper Junos RADIUS Security Bypass (JSA10654) CVE-2014-6379 14 Oct 2014 5.5 (v2) Medium Pass Cisco MDS 9000 VRRP DoS (CSCte27874) CVE-2013-5566 17 Oct 2014 5 (v2) Medium Pass HP Network Automation 9.x, 10.x < 10.00.022 / 10.1x.x < 10.11.03 / 10.20.x < 10.21.01 Multiple VulnerabilitiesCVE-2017-5810 CVE-2017-5811 CVE-2017-5812 CVE-2017-5813 CVE-2017-5814 12 May 2017 9.8 (v3) Critical Pass Apple TV < 10.2.1 Multiple Vulnerabilities CVE-2017-2499 CVE-2017-2501 CVE-2017-2502 CVE-2017-2504 CVE-2017-2505 CVE-2017-2507 CVE-2017-2513 CVE-2017-2515 CVE-2017-2518 CVE-2017-2519 CVE-2017-2520 CVE-2017-2521 CVE-2017-2524 CVE-2017-2525 CVE-2017-2530 CVE-2017-2531 CVE-2017-2536 CVE-2017-2549 CVE-2017-6979 CVE-2017-6980 CVE-2017-6984 CVE-2017-6987 CVE-2017-6989 CVE-2017-7003 CVE-2017-700517 May 2017 7.8 (v3) High Pass Palo Alto Networks PAN-OS < 5.0.14 / 5.1.x < 5.1.9 / 6.0.x < 6.0.4 OpenSSL MitM CVE-2014-0224 20 Oct 2014 6.8 (v2) Medium Pass Apple Time Capsule and AirPort Base Station Firmware < 7.5.2 (APPLE-SA-2010-12-16-1) CVE-2008-4309 CVE-2009-2189 CVE-2010-0039 CVE-2009-1574 CVE-2010-1804 17 Dec 2010 9.3 (v2) High Pass Sophos Web Appliance < 4.3.2 FTP Redirect Page Reﬂected XSS CVE-2017-9523 19 Jun 2017 6.1 (v3) Medium Pass WebChat deﬁnes.php WEBCHATPATH Parameter Remote File Inclusion CVE-2007-0485 03 Mar 2003 7.3 (v3) High Pass Sophos Web Appliance < 4.3.1 Multiple Remote Command Injection Vulnerabilities CVE-2016-9553 CVE-2016-9554 16 Jun 2017 7.2 (v3) High Pass Cisco Nexus 1000V Series Switches Arbitrary Command Execution Vulnerability (CSCui21340) CVE-2013-5556 04 Nov 2014 6.8 (v2) Medium Pass Check_MK < 1.4.0p6 webapi.py XSS CVE-2017-9781 28 Jun 2017 6.1 (v3) Medium Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 2 Self-Service Console Brute-force PIN Disclosure (ESA-2017-084)CVE-2017-8006 20 Jul 2017 5.9 (v3) Medium Pass Plex Media Server < 1.19.3 Authenticated RCE CVE-2020-5741 11 Jun 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS < 5.0.15 / 5.1.x < 5.1.10 / 6.0.x < 6.0.6 XSS CVE-2014-3764 29 Dec 2014 4.3 (v2) Medium Pass Cisco Uniﬁed Communications Manager Unspeciﬁed SQL Injection (CSCup88089) CVE-2014-3366 02 Dec 2014 6.5 (v2) Medium Pass Apache Tomcat 7.0.0 < 7.0.104 Remote Code Execution CVE-2020-9484 22 May 2020 7 (v3) High Pass ESXi 6.5 < Build 5969300 Multiple Vulnerabilities (VMSA-2017-0015) (remote check) CVE-2017-4924 CVE-2017-4925 21 Sep 2017 8.8 (v3) High Pass Citrix NetScaler Unspeciﬁed Remote Unauthorized Access (CTX200254) CVE-2014-8580 12 Feb 2015 4.9 (v2) Medium Pass Schneider Electric InduSoft Web Studio < 8.0 SP2 Patch 1 Unspeciﬁed Remote Command Execution (LFSEC00000121)CVE-2017-13997 23 Oct 2017 9.8 (v3) Critical Pass OpenSSL 1.1.0 < 1.1.0g RSA/DSA Unspeciﬁed Carry Issue CVE-2017-3735 CVE-2017-3736 06 Nov 2017 5.3 (v3) Medium Pass Juniper Junos Fragmented OSPFv3 Packet DoS (JSA10668) CVE-2014-6385 23 Jan 2015 5.7 (v2) Medium Pass Juniper Junos BGP FlowSpec rpd DoS (JSA10670) CVE-2014-6386 23 Jan 2015 7.1 (v2) High Pass IBM BigFix Platform 9.x < 9.1.9 / 9.2.x < 9.2.9 / 9.5.x < 9.5.4 Multiple Vulnerabilities CVE-2016-6082 CVE-2016-6084 CVE-2016-6085 19 Jan 2017 10 (v3) Critical Pass Palo Alto Networks PAN-OS <= 5.0.15 / 6.0.x <= 6.0.8 / 6.1.x <= 6.1.2 GNU C Library (glibc) Buﬀer Overﬂow (GHOST)CVE-2015-0235 04 Feb 2015 7.6 (v2) High Pass Subversion < 1.0.3 apr_time_t data Conversion Remote Overﬂow CVE-2004-0397 08 Jun 2004 7.5 (v2) High Pass Ansible Tower 3.x.x < 3.7.2 / 3.8.0 Data Exposure CVE-2020-14337 07 Aug 2020 5.8 (v3) Medium Pass Acme thttpd < 2.26 Multiple Vulnerabilities CVE-2006-1078 CVE-2006-1079 CVE-2006-4248 14 Feb 2017 7.8 (v3) High Pass IBM Tivoli Storage Manager FastBack Server Opcode 1329 Information Disclosure CVE-2015-1941 07 Jun 2016 7.8 (v2) High Pass Cisco TelePresence Conductor SDP Media Description Vulnerability CVE-2015-0652 19 Mar 2015 7.8 (v2) High Pass HP Intelligent Management Center SOM Module ﬁlePath Information Disclosure CVE-2017-5797 13 Apr 2017 7.5 (v3) High Pass Cisco IOS Software TCP CIP DoS CVE-2015-0647 CVE-2015-0648 CVE-2015-0649 03 Apr 2015 7.5 (v3) High Pass Cisco IOS Software mDNS Gateway DoS CVE-2015-0650 03 Apr 2015 7.8 (v2) High Pass Cisco Nexus 9000 Series Platform Manager Service DoS CVE-2015-0686 09 Apr 2015 6.3 (v2) Medium Pass Juniper Junos SRX Series 'log-out-on-disconnect' Persistent Admin Access (JSA10672) CVE-2015-3002 15 Apr 2015 6.9 (v2) Medium Pass Juniper Junos X-Frame-Options Clickjacking (JSA10675) CVE-2015-3004 15 Apr 2015 4.3 (v2) Medium Pass Juniper Junos SRX Series Dynamic VPN XSS (JSA10677) CVE-2015-3005 15 Apr 2015 4.3 (v2) Medium Pass Juniper Junos QFX Low Entropy Vulnerability (JSA10678) CVE-2015-3006 15 Apr 2015 6.8 (v2) Medium Pass Juniper Junos Multiple Privilege Escalation Vulnerabilities (JSA10674) CVE-2015-3003 15 Apr 2015 6.9 (v2) Medium Pass Cisco TelePresence Server HTTP Parsing Engine DoS (cisco-sa-20160406-cts1) CVE-2015-6313 15 Apr 2016 7.5 (v3) High Pass Cisco NX-OS DHCP POAP Command Injection Vulnerability CVE-2015-0658 27 Apr 2015 7.9 (v2) High Pass HP Data Protector Multiple Vulnerabilities (HPSBMU03321 SSRT101677) CVE-2015-2116 23 Apr 2015 9.8 (v3) Critical Pass EMC RSA Authentication Manager < 8.1 SP1 Patch 14 Multiple Vulnerabilities CVE-2016-0900 CVE-2016-0901 CVE-2016-0902 13 May 2016 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS < 5.0.16 / 6.0.x < 6.0.9 / 6.1.x < 6.1.3 XSS 26 May 2015 4.3 (v2) Medium Pass Eaton Network Shutdown Module Default Administrator Credentials 20 Jul 2012 7.5 (v2) High Pass Eaton Network Shutdown Module view_list.php paneStatusListSortBy Parameter eval() Call Remote PHP Code Execution 20 Jul 2012 10 (v2) Critical Pass Cisco APIC < 1.3(2f) Binary File Installation Handling Local Privilege Escalation CVE-2016-1420 21 Jun 2016 7.8 (v3) High Pass McAfee Agent Unsupported Version Detection 09 Jun 2015 10 (v3) Critical Pass Cisco Data Center Network Manager XSS (cisco-sa-dcnm-xss-3jkDLsLV) CVE-2020-3460 14 Aug 2020 6.1 (v3) Medium Pass Cisco IOS XE Software for 1000 Series Aggregation Services Routers H.323 DoS CVE-2015-0688 28 May 2015 7.1 (v2) High Pass Cisco NX-OS HSRP DoS (CSCup11309) CVE-2014-3295 30 May 2015 4.8 (v2) Medium Pass Juniper Junos SRX Series Network Security Daemon DoS (JSA10692) CVE-2015-5363 15 Jul 2015 5 (v2) Medium Pass Juniper Junos LAST_ACK State DoS (JSA10686) CVE-2015-5358 04 Aug 2015 7.1 (v2) High Pass Juniper Junos BGP-VPLS Advertisements RPD DoS (JSA10687) CVE-2015-5359 04 Aug 2015 7.1 (v2) High Pass Juniper Junos IPv6 sendd DoS (JSA10688) CVE-2015-5360 04 Aug 2015 5 (v2) Medium Pass Cisco Data Center Network Manager Path Traversal (cisco-sa-dcnm-path-trav-2xZOnJdR) CVE-2020-3383 12 Aug 2020 8.8 (v3) High Pass OpenSSL 1.1.0a read_state_machine() Function Message Handling RCE CVE-2016-6309 28 Sep 2016 9.8 (v3) Critical Pass Namazu < 2.0.14 Multiple Vulnerabilities CVE-2004-1318 23 Dec 2004 7.5 (v2) High Pass Junos Operating System On Extended Support 07 Aug 2015 None Pass W3 Total Cache Plugin For WordPress Cache Key XSS CVE-2014-8724 15 Jan 2015 4.3 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 19 Multiple Vulnerabilities CVE-2011-1355 CVE-2011-1356 CVE-2011-1359 CVE-2011-1362 CVE-2011-1411 19 Sep 2011 5.8 (v2) Medium Pass Symantec Endpoint Protection Manager < 12.1 RU6 MP1 Multiple Vulnerabilities (SYM15-007) CVE-2015-1486 CVE-2015-1487 CVE-2015-1489 13 Aug 2015 8.5 (v2) High Pass OpenSSL 1.0.0 < 1.0.0p Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 16 Jan 2015 5 (v2) Medium Pass Xerox WorkCentre 6400 OpenSSL RSA Temporary Key Handling EXPORT_RSA Ciphers Downgrade MitM (XRX15AP) (FREAK)CVE-2015-0204 11 Dec 2015 4.3 (v2) Medium Pass Cisco Prime Collaboration Assurance Default 'cmuser' Credentials (cisco-sa-20151209-pca) CVE-2015-6389 18 Dec 2015 8.6 (v3) High Pass Fortinet FortiOS SSH Undocumented Interactive Login Vulnerability CVE-2016-1909 13 Jan 2016 9.8 (v3) Critical 18

Pass Apache Solr < 4.1.0 Multiple XML External Entity Injections CVE-2012-6612 CVE-2013-6407 07 Jan 2014 7.5 (v2) High Pass OpenSSL < 0.9.8h Multiple Vulnerabilities CVE-2008-0891 CVE-2008-1672 CVE-2011-4354 02 Dec 2011 4.3 (v2) Medium Pass PHP 7.0.x < 7.0.3 Multiple Vulnerabilities CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 CVE-2016-2554 CVE-2016-4342 CVE-2016-434311 Feb 2016 9.8 (v3) Critical Pass SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened eNcryption) CVE-2016-0800 01 Mar 2016 5.9 (v3) Medium Pass VMware ESX / ESXi libxml2 RCE (VMSA-2013-0004) (remote check) CVE-2012-5134 04 Mar 2016 6.8 (v2) Medium Pass ESXi 5.1 < Build 2323231 glibc Library Multiple Vulnerabilities (remote check) CVE-2013-0242 CVE-2013-1914 15 Dec 2014 5 (v2) Medium Pass Cisco ASA SSL VPN Remote Information Disclosure (CSCuq65542) CVE-2014-3398 27 Feb 2015 5 (v2) Medium Pass MS11-035: Vulnerability in WINS Could Allow Remote Code Execution (2524426) (uncredentialed check) CVE-2011-1248 19 May 2011 9.3 (v2) High Pass OpenSSL 1.0.1 < 1.0.1m Multiple Vulnerabilities CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass Newsletter Plugin for WordPress 'preview.php' 'data' Parameter Directory Traversal CVE-2012-3588 01 Apr 2013 5 (v2) Medium Pass Apache Solr < 4.10.5 'plugin.js' XSS CVE-2014-3628 24 Mar 2015 4.3 (v2) Medium Pass Atmail Webmail 6.x / 7.x < 7.2.0 Multiple Vulnerabilities CVE-2013-6017 CVE-2013-6028 18 Apr 2014 6.8 (v2) Medium Pass iPlanet Directory Server Traversal Arbitrary File Access CVE-2000-1075 08 Jan 2001 5 (v2) Medium Pass Cisco TelePresence Server Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass ESXi 5.5 < Build 1623387 Multiple Vulnerabilities (remote check) CVE-2013-4332 CVE-2013-5211 22 May 2015 5 (v2) Medium Pass OpenSSL 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam) CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 12 Jun 2015 6.8 (v2) Medium Pass Apple TV < 7.0.3 Multiple Vulnerabilities CVE-2014-3192 CVE-2014-4455 CVE-2014-4459 CVE-2014-4465 CVE-2014-4466 CVE-2014-4468 CVE-2014-4469 CVE-2014-4470 CVE-2014-4471 CVE-2014-4472 CVE-2014-4473 CVE-2014-4474 CVE-2014-4475 CVE-2014-4476 CVE-2014-4477 CVE-2014-4479 CVE-2014-4480 CVE-2014-4481 CVE-2014-4483 CVE-2014-4484 CVE-2014-4485 CVE-2014-4486 CVE-2014-4487 CVE-2014-4488 CVE-2014-4489 CVE-2014-4491 CVE-2014-4492 CVE-2014-4495 CVE-2014-449603 Feb 2015 10 (v2) Critical Pass Cisco TelePresence DSP Card Crafted RTP Packet H.264 Bit Stream Handling DoS CVE-2013-1176 23 Sep 2013 7.1 (v2) High Pass Network Service Malformed Data Remote DoS CVE-1999-1196 08 Mar 2005 9 (v2) High Pass Sybase M-Business Anywhere (AvantGo) gsoap Module password Tag Handling Overﬂow 23 May 2011 10 (v2) Critical Pass McAfee Managed Agent FrameworkService.exe HTTP Request DoS (SB10055) CVE-2013-3627 11 Oct 2013 5.3 (v3) Medium Pass Cisco Prime LAN Management Solution Cross-Frame Scripting CVE-2013-5482 01 Oct 2013 4.3 (v2) Medium Pass MySQL debian.cnf Plaintext Credential Disclosure CVE-2013-2162 08 Jan 2014 1.9 (v2) Low Pass Synology DiskStation Manager 4.0-x < 4.0-2259 / 4.1-x / 4.2-x < 4.2-3243 SLICEUPLOAD Function Remote Code ExecutionCVE-2013-6955 05 Feb 2014 10 (v2) Critical Pass VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 DoS (VMSA-2018-0018) (remote check) CVE-2018-6972 24 Mar 2020 6.5 (v3) Medium Pass Cisco Uniﬁed Computing System Cisco Management Controller Denial of Service Vulnerability (CSCtg20734)CVE-2012-4081 13 Feb 2014 4.6 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.43 Multiple Vulnerabilities CVE-2011-1376 CVE-2011-1377 CVE-2011-4889 CVE-2012-0193 CVE-2012-0716 CVE-2012-0717 CVE-2012-0720 04 Apr 2012 5 (v2) Medium Pass Nagios XI < 2011R1.9 Multiple Vulnerabilities 06 Aug 2012 4.6 (v2) Medium Pass Lexmark Printer conﬁg.html Administrator Authentication Bypass CVE-2013-6032 03 Mar 2014 10 (v2) Critical Pass Apache 2.2.x < 2.2.27 Multiple Vulnerabilities CVE-2013-6438 CVE-2014-0098 08 Apr 2014 5.3 (v3) Medium Pass A10 Networks Remote Buﬀer Overﬂow CVE-2014-3976 14 Apr 2014 5 (v2) Medium Pass HP OﬃceJet Pro 8500 XSS CVE-2013-4845 02 Jun 2014 4.7 (v3) Medium Pass Cisco TelePresence MXP Series Software Multiple Vulnerabilities (cisco-sa-20140430-mxp) CVE-2014-2156 CVE-2014-2157 CVE-2014-2158 CVE-2014-2159 CVE-2014-2160 CVE-2014-2161 08 May 2014 7.8 (v2) High Pass Apple iTunes < 11.2.1 User Directory Insecure Permissions Vulnerability (uncredentialed check) CVE-2014-1347 19 May 2014 4.4 (v2) Medium Pass Western Digital Arkeia lang Cookie Crafted Local File Inclusion CVE-2014-2846 28 May 2014 7.5 (v2) High Pass Cisco Prime Data Center Network Manager 6.x XSS (uncredentialed check) CVE-2014-3329 15 Sep 2014 4.3 (v2) Medium Pass ESXi 5.5 < Build 1881737 OpenSSL Library Multiple Vulnerabilities (remote check) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 11 Jun 2014 5.8 (v2) Medium Pass OSSIM < 4.3.2 Multiple SQL Injection Vulnerabilities CVE-2013-5967 26 Jun 2014 7.5 (v2) High Pass Puppet < 2.7.26 / 3.6.2 and Enterprise 2.8.x < 2.8.7 Multiple Vulnerabilities CVE-2014-3248 CVE-2014-3249 CVE-2014-3250 02 Jul 2014 6.2 (v2) Medium Pass HP OneView < 1.10 OpenSSL Multiple Vulnerabilities (HPSBGN03068) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 24 Jul 2014 5.8 (v2) Medium Pass WP Source Control Plugin for WordPress Directory Traversal CVE-2014-5368 25 Aug 2014 5 (v2) Medium Pass IBM WebSphere Portal Dojo Module URI Traversal Arbitrary File Access CVE-2012-2181 10 Aug 2012 5 (v2) Medium Pass Oracle Fusion Middleware HTTP Server (July 2012 CPU) CVE-2012-1741 08 Oct 2014 5.8 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 35 Multiple Vulnerabilities CVE-2013-5704 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3021 CVE-2014-3083 CVE-2014-4770 CVE-2014-4816 21 Oct 2014 6.8 (v2) Medium Pass Apple TV < 7.0.1 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-4428 05 Nov 2014 5.4 (v2) Medium Pass Creative Contact Form Plugin for WordPress File Upload RCE CVE-2014-7969 24 Nov 2014 8.8 (v3) High Pass PHP 5.6.x < 5.6.1 'add_post_var' Code Execution CVE-2014-3622 07 Oct 2014 9.3 (v2) High Pass SSL Certiﬁcate Signed with the Publicly Known Cyberoam Key CVE-2012-3372 07 Aug 2012 5.8 (v2) Medium Pass MapServer for Windows (MS4W) Bundled Apache / PHP Conﬁguration Local File Inclusion CVE-2012-2950 01 Nov 2012 10 (v2) Critical Pass IBM Rational ClearQuest Multiple Script Information Disclosure CVE-2012-0744 29 Oct 2012 5 (v2) Medium Pass MiniUPnP < 1.4 Multiple Vulnerabilities CVE-2013-0229 CVE-2013-0230 31 Jan 2013 9.8 (v3) Critical Pass OpenSSL 1.0.0 < 1.0.0r Multiple Vulnerabilities CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass Oracle Application Express (Apex) CVE-2010-0076 CVE-2010-0076 20 Feb 2013 6 (v2) Medium Pass F5 Device Default Support Password CVE-1999-0508 06 Dec 2001 10 (v2) Critical Pass Novell Identity Manager Role Based Provisioning Module Unspeciﬁed Vulnerability CVE-2013-1083 10 Apr 2013 10 (v2) Critical Pass HP SiteScope XSS CVE-2011-1726 02 May 2011 4.3 (v2) Medium Pass Sophos Web Protection Appliance end-user-/errdoc.php 'msg' Parameter XSS CVE-2013-2643 18 Apr 2013 4.7 (v3) Medium Pass Cisco Prime Data Center Network Manager RMI Remote Code Execution (uncredentialed check) CVE-2007-1036 CVE-2012-5417 11 Jul 2013 9.8 (v3) Critical Pass GroundWork Monitor Enterprise Foundation Webapp Admin Interface Authentication Bypass CVE-2013-3499 28 Jun 2013 7.5 (v2) High Pass BigTree CMS index.php SQL Injection CVE-2013-4879 15 Aug 2013 7.5 (v2) High Pass ManageEngine SupportCenter Plus FileDownload.jsp path Parameter Traversal Arbitrary File Access 28 Jun 2011 5 (v2) Medium Pass Cisco Security Manager MySQL Accessible Without Authentication (cisco-sa-20090121-csm) CVE-2008-3820 12 Aug 2013 6.8 (v2) Medium Pass LeagueManager Plugin for WordPress 'wp-admin/admin.php' 'league_id' Parameter SQL Injection CVE-2013-1852 12 Sep 2013 7.5 (v2) High Pass Apache 2.0.x < 2.0.64 Multiple Vulnerabilities CVE-2008-2364 CVE-2008-2939 CVE-2009-1891 CVE-2009-2412 CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2010-0434 CVE-2010-1452 CVE-2010-162320 Oct 2010 7.3 (v3) High Pass Symantec Web Gateway login.php Blind SQL Injection (SYM11-001) CVE-2010-0115 20 Jul 2011 7.5 (v2) High Pass Adobe Flash Media Server < 3.0.7 / 3.5.5 / 4.0.1 Multiple Vulnerabilities (APSB10-27) CVE-2010-3633 CVE-2010-3634 CVE-2010-3635 11 Nov 2010 10 (v2) Critical Pass OpenSSH Legacy Certiﬁcate Signing Information Disclosure CVE-2011-0539 09 Feb 2011 4.3 (v2) Medium Pass Twitter Feed for WordPress Plugin 'url' Parameter XSS CVE-2010-4825 09 Dec 2010 4.3 (v2) Medium Pass Novell GroupWise WebAccess Arbitrary File Download CVE-2010-4715 23 Nov 2010 7.8 (v2) High Pass HP OpenView Performance Insight Server Backdoor Account CVE-2011-0276 02 Feb 2011 7.5 (v2) High Pass Novell eDirectory DHost Predictable Session ID CVE-2009-4655 19 Mar 2010 7.5 (v2) High Pass VMware Security Updates for vCenter Server (VMSA-2014-0012) CVE-2014-0015 CVE-2014-0138 CVE-2014-0191 CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4247 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 CVE-2014-4268 CVE-2014-837112 Dec 2014 10 (v2) Critical Pass Symantec LiveUpdate Administrator < 2.3 CSRF (SYM11-005) CVE-2011-1524 CVE-2011-0545 29 Mar 2011 5 (v2) Medium Pass Apple TV < 13.3.1 Multiple Vulnerabilities CVE-2020-3829 CVE-2020-3836 CVE-2020-3837 CVE-2020-3838 CVE-2020-3840 CVE-2020-3842 CVE-2020-3853 CVE-2020-3856 CVE-2020-3857 CVE-2020-3868 CVE-2020-3870 CVE-2020-3872 CVE-2020-3875 CVE-2020-387818 Feb 2020 8.8 (v3) High Pass Oracle GlassFish Server Administrative Console Authentication Bypass CVE-2011-1511 12 May 2011 10 (v2) Critical Pass MediaWiki Backslash Escaped CSS Comments XSS CVE-2011-1579 15 Apr 2011 5.8 (v2) Medium Pass MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) (remote check) CVE-2011-1966 17 Aug 2011 10 (v2) Critical Pass OpenSSL 1.x < 1.0.0e Multiple Vulnerabilities CVE-2011-1945 CVE-2011-3207 CVE-2011-3210 12 Sep 2011 5 (v2) Medium Pass FileZilla Server < 0.9.31 Denial of Service CVE-2009-0884 19 Mar 2010 5 (v2) Medium Pass Apache HTTP Server mod_proxy Reverse Proxy Information Disclosure CVE-2011-3368 CVE-2011-4317 29 Nov 2011 5 (v2) Medium Pass Mac OS X 10.11.x < 10.11.6 Multiple Vulnerabilities CVE-2013-7456 CVE-2014-9862 CVE-2016-0718 CVE-2016-1684 CVE-2016-1836 CVE-2016-1863 CVE-2016-1864 CVE-2016-1865 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4582 CVE-2016-4594 CVE-2016-4595 CVE-2016-4596 CVE-2016-4597 CVE-2016-4598 CVE-2016-4599 CVE-2016-4600 CVE-2016-4601 CVE-2016-4602 CVE-2016-4607 CVE-2016-4608 CVE-2016-4609 CVE-2016-4610 CVE-2016-4612 CVE-2016-4614 CVE-2016-4615 CVE-2016-4616 CVE-2016-4619 CVE-2016-4621 CVE-2016-4625 CVE-2016-4626 CVE-2016-4629 CVE-2016-4630 CVE-2016-4631 CVE-2016-4632 CVE-2016-4633 CVE-2016-4634 CVE-2016-4635 CVE-2016-4637 CVE-2016-4638 CVE-2016-4639 CVE-2016-4640 CVE-2016-4641 CVE-2016-4645 CVE-2016-4646 CVE-2016-4647 CVE-2016-4648 CVE-2016-4649 CVE-2016-4650 CVE-2016-4652 CVE-2016-5093 CVE-2016-5094 CVE-2016-509621 Jul 2016 9.8 (v3) Critical Pass Kernel vulnerabilities detected in banner reporting (PCI-DSS check) 23 Mar 2018 7.3 (v3) High Pass Unsupported linux kernel version detected in banner reporting (PCI-DSS check) 14 Feb 2019 9.8 (v3) Critical Pass CA eTrust Directory SNMP Packet Parsing Denial of Service CVE-2011-3849 06 Dec 2011 5 (v2) Medium Pass Oracle GlassFish Server 2.1.1 < 2.1.1.15 / 3.0.1 < 3.0.1.5 / 3.1.1 < 3.1.1.2 Hash Collision DoS CVE-2011-5035 22 Feb 2012 5 (v2) Medium Pass Splunk Enterprise 4.3.x / 5.0.x < 5.0.9 / 6.0.x < 6.0.5 / 6.1.x < 6.1.2 Multiple OpenSSL Vulnerabilities CVE-2014-0224 CVE-2014-3470 16 Jul 2014 5.8 (v2) Medium Pass op5 Conﬁg Arbitrary Command Execution CVE-2012-0262 17 Jan 2012 10 (v2) Critical Pass op5 Monitor Credential Leak CVE-2012-0623 17 Jan 2012 4 (v2) Medium Pass Citrix EdgeSight Load Tester Buﬀer Overﬂow 22 Aug 2011 10 (v2) Critical Pass Scrutinizer < 9.0.1 d4d/alarms.php Multiple Parameters SQLi CVE-2012-1259 04 May 2012 7.5 (v2) High Pass VMware vRealize Log Insight 4.x < 8.1.0 XSS Vulnerability (VMSA-2020-0007) CVE-2020-3953 CVE-2020-3954 23 Apr 2020 6.1 (v3) Medium Pass Log Rover pword Parameter SQL Injection CVE-2009-3532 20 Jul 2009 7.5 (v2) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 3 Multiple Vulnerabilities CVE-2011-1377 CVE-2012-0193 CVE-2012-0716 CVE-2012-0720 14 Jun 2012 10 (v2) Critical Pass RealNetworks Helix Server < 13.0.0 Multiple Remote DoS CVE-2009-2533 CVE-2009-2534 21 Jul 2009 5 (v2) Medium Pass ISC BIND Dynamic Update Message Handling Remote DoS CVE-2009-0696 29 Jul 2009 5 (v2) Medium Pass Microsoft Windows SMB Shares Unprivileged Access CVE-1999-0519 CVE-1999-0520 06 Nov 2009 7.5 (v2) High Pass Symantec LiveUpdate Administrator < 2.3.2 Privilege Escalation (SYM12-009) CVE-2012-0304 28 Jun 2012 6.9 (v2) Medium Pass MS04-011: Microsoft Windows SSL Library Malformed Message Remote DoS (835732) (uncredentialed check)CVE-2004-0120 13 Apr 2004 10 (v2) Critical Pass Asterisk IAX2 Call Number Exhaustion DoS CVE-2009-2346 08 Sep 2009 5 (v2) Medium Pass BuildBot WebStatus waterfall 'branch' Parameter XSS CVE-2009-2959 03 Nov 2009 4.3 (v2) Medium Pass Sun Java System Directory Proxy Server 6.x < 6.3.1.1 Multiple Vulnerabilities. CVE-2009-4440 CVE-2009-4441 CVE-2009-4442 CVE-2009-4443 30 Dec 2009 6.8 (v2) Medium Pass Cisco Prime Security Manager Log Retention DoS (cisco-sa-20120912-asacx) CVE-2012-4629 18 Sep 2012 7.8 (v2) High Pass Portable OpenSSH < 3.8p1 Multiple Vulnerabilities CVE-2004-2069 04 Oct 2011 5 (v2) Medium Pass DokuWiki ajax.php cmd[del] Parameter Security Bypass CVE-2010-0288 19 Jan 2010 7.5 (v2) High Pass rsync Traversal Arbitrary File Creation CVE-2004-0426 06 May 2004 5 (v2) Medium Pass Xerox WorkCentre Authorization Bypass Vulnerabilities (XRX10-002) CVE-2010-0548 01 Mar 2010 7.8 (v2) High Pass RealNetworks Helix Server 11.x / 12.x / 13.x Multiple Vulnerabilities CVE-2010-1317 CVE-2010-1318 CVE-2010-1319 15 Apr 2010 9.3 (v2) High Pass Computer Associates XOsoft SOAP Request Username Enumeration (CA20100406) CVE-2010-1221 13 Apr 2010 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 9 CVE-2010-0768 CVE-2010-0769 CVE-2010-0770 06 Apr 2010 4.3 (v2) Medium Pass Tembria Server Monitor < 5.6.1 Denial of Service CVE-2010-1316 30 Apr 2010 5 (v2) Medium Pass Adobe ColdFusion 'cfadminUserId' XSS (APSB10-11) CVE-2010-1293 24 May 2010 4.3 (v2) Medium Pass ManageEngine ADAudit Plus 'reportList' Parameter XSS CVE-2010-2049 02 Jun 2010 4.3 (v2) Medium 19

Pass Magnoware DataTrack System Information Disclosure CVE-2010-2079 11 Jun 2010 5 (v2) Medium Pass Oracle Secure Backup Administration Server login.php Authentication Bypass CVE-2010-0904 16 Jul 2010 9.7 (v2) High Pass PCS Daemon (pcsd) Cookie Signing Multiple Vulnerabilities CVE-2015-1848 CVE-2015-3983 19 Jun 2015 6.8 (v2) Medium Pass Microsoft SharePoint Services Help.aspx 'cid0' Parameter XSS CVE-2010-0817 01 Jul 2010 4.3 (v2) Medium Pass OpenX Open Flash Chart ofc_upload_image.php File Upload Arbitrary Code Execution CVE-2009-4140 17 Sep 2010 7.5 (v2) High Pass MS10-054: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) (remote check) CVE-2010-2550 CVE-2010-2551 CVE-2010-2552 23 Aug 2010 10 (v2) Critical Pass Apple iTunes < 10.0 Multiple Vulnerabilities (uncredentialed check) CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1789 CVE-2010-1790 CVE-2010-1791 CVE-2010-1792 CVE-2010-179302 Sep 2010 9.3 (v2) High Pass Wing FTP Server < 3.5.1 XSS CVE-2010-2428 09 Jul 2010 3.5 (v2) Low Pass WinComLPD LPD Monitoring Server Authentication Bypass CVE-2008-5158 06 Feb 2008 7.5 (v2) High Pass Mambo MOStlyCE Mambot Arbitrary File Rename CVE-2008-7215 28 Jan 2008 5.8 (v2) Medium Pass Sun Java Web Console < 3.0.5 Remote File Enumeration CVE-2008-1286 13 Mar 2008 5 (v2) Medium Pass Apache < 2.0.63 Multiple XSS Vulnerabilities CVE-2007-5000 CVE-2007-6203 CVE-2007-6388 CVE-2008-0005 07 Mar 2008 5.3 (v3) Medium Pass ListManager < 9.3b / 9.2c / 8.95d Multiple Vulnerabilities CVE-2007-6319 22 Feb 2008 6.8 (v2) Medium Pass Novell eDirectory < 8.8.2 FTF2 / 8.7.3 SP10b Multiple Remote Overﬂows CVE-2008-1809 CVE-2008-3159 07 Jul 2008 10 (v2) Critical Pass HP OpenView Network Node Manager OpenView5.exe Action Parameter Traversal Arbitrary File Access CVE-2008-0068 15 Apr 2008 5 (v2) Medium Pass SAP Internet Graphics Server (IGS) Directory Traversal Vulnerability CVE-2005-1691 25 Jul 2005 5 (v2) Medium Pass CGI Generic Path Traversal (quick test) 05 Nov 2010 5 (v2) Medium Pass ViewVC Direct Request CVSROOT Information Disclosure CVE-2008-1291 19 May 2008 5 (v2) Medium Pass Coppermine Photo Gallery include/functions.inc.php _data Cookie lang Parameter Traversal Local File InclusionCVE-2008-3486 01 Aug 2008 6.8 (v2) Medium Pass MailWatch for MailScanner mailscanner/docs.php doc Parameter Traversal Local File Inclusion CVE-2008-5991 26 Sep 2008 6.8 (v2) Medium Pass Security Center < 3.4.2.1 Directory Traversal Arbitrary File Access CVE-2008-4367 17 Oct 2008 4 (v2) Medium Pass IBM WebSphere Application Server 6.1 < Fix Pack 19 Multiple Flaws CVE-2008-4111 CVE-2009-0432 CVE-2009-0433 16 Sep 2008 7.5 (v2) High Pass Eaton Network Shutdown Module < 3.20 Authentication Bypass / Command Execution CVE-2008-6816 28 Oct 2008 10 (v2) Critical Pass MDaemon WorldClient < 10.0.2 Email Handling XSS CVE-2008-6967 21 Nov 2008 4.3 (v2) Medium Pass Oracle Secure Backup Administration Server login.php Arbitrary Command Injection CVE-2008-4006 CVE-2008-5448 14 Jan 2009 10 (v2) Critical Pass Sitecore CMS < 5.3.2 rev. 090212 Web Service Security Database Information Disclosure CVE-2009-1055 26 Mar 2009 5 (v2) Medium Pass Xerox WorkCentre Web Server Unspeciﬁed Command Injection (XRX09-002) CVE-2009-1656 15 May 2009 10 (v2) Critical Pass Novell eDirectory < 8.8 SP5 Multiple Vulnerabilities CVE-2009-0192 CVE-2009-2456 CVE-2009-2457 15 Jul 2009 5 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1p Multiple Vulnerabilities CVE-2015-1793 CVE-2015-3196 09 Jul 2015 6.5 (v3) Medium Pass Sawmill File Access Information Disclosure CVE-2000-0588 27 Jun 2000 5 (v2) Medium Pass AN-HTTPd Multiple Test CGIs Arbitrary Command Execution CVE-1999-0947 02 Nov 1999 7.5 (v2) High Pass Finger Recursive Request Arbitrary Site Redirection CVE-1999-0105 CVE-1999-0106 22 Jun 1999 5 (v2) Medium Pass MDaemon SMTP HELO Command Remote Overﬂow DoS CVE-1999-0284 22 Jun 1999 7.5 (v2) High Pass Sendmail DEBUG/WIZ Remote Command Execution CVE-1999-0095 CVE-1999-0145 22 Aug 1999 9.8 (v3) Critical Pass SGI InfoSearch infosrch.cgi fname Parameter Arbitrary Command Execution CVE-2000-0207 03 Mar 2000 7.5 (v2) High Pass Sendmail decode Alias Arbitrary File Overwrite CVE-1999-0096 30 Aug 1999 5.3 (v3) Medium Pass Sendmail mail from/rcpt to Pipe Arbitrary Command Execution CVE-1999-0163 22 Aug 1999 10 (v2) Critical Pass MySQL Unpassworded Account Check CVE-2002-1809 CVE-2004-1532 27 Jul 2000 7.3 (v3) High Pass CodeMeter Runtime Predictable Encryption Key CVE-2020-14517 06 May 2021 9.8 (v3) Critical Pass Shiva Integrator Default Password CVE-1999-0508 31 Aug 2000 7.5 (v2) High Pass Cart32 Backdoor Password Arbitrary Command Execution CVE-2000-0429 09 May 2000 7.5 (v2) High Pass ProFTPD Multiple Remote Overﬂows (palmetto) CVE-1999-0368 15 Jul 2000 10 (v2) Critical Pass Samba enum_csc_policy Data Structure Termination Remote Overﬂow CVE-2002-2196 29 Aug 2002 7.5 (v2) High Pass Microsoft IIS WebDAV SEARCH Method Arbitrary Directory Forced Listing CVE-2000-0951 05 Oct 2000 5 (v2) Medium Pass Trinity v3 Trojan Detection CVE-2000-0138 05 Sep 2000 10 (v2) Critical Pass SSH CRC-32 Compensation Attack Remote Overﬂow CVE-2001-0144 09 Feb 2001 10 (v2) Critical Pass UoW imapd (UW-IMAP) Multiple Command Remote Overﬂows CVE-2000-0284 01 Mar 2001 7.5 (v2) High Pass Kerberos Server Spoofed Packet Ampliﬁcation DoS (PingPong) CVE-2002-2443 25 Mar 2001 7.8 (v2) High Pass cﬁngerd < 1.4.4 Multiple Vulnerabilities CVE-1999-0243 CVE-1999-0708 CVE-2001-0609 16 Apr 2001 10 (v2) Critical Pass BSD Based telnetd telrcv Function Remote Command Execution CVE-2001-0554 24 Jul 2001 10 (v2) Critical Pass Cisco Multiple Devices Unpassworded Account CVE-1999-0508 07 Sep 2001 10 (v2) Critical Pass HPE Edgeline Infrastructure Manager Authentication Bypass (HPESBGN04124) CVE-2021-29203 04 Jun 2021 9.8 (v3) Critical Pass Tarantella Enterprise ttawebtop.cgi pg Parameter Traversal Arbitrary File Access CVE-2001-0805 20 Jun 2001 7.8 (v2) High Pass Textor Webmasters Ltd listrec.pl TEMPLATE Parameter Arbitrary Command Execution CVE-2001-0997 26 Sep 2001 7.5 (v2) High Pass Network Solutions Rwhoisd -soa Command Remote Format String CVE-2001-0838 25 Oct 2001 7.5 (v2) High Pass RealServer /admin/includes/ Remote Memory Content Disclosure CVE-2000-1181 20 Nov 2000 5 (v2) Medium Pass Savant Web Server Malformed Content-Length DoS CVE-2002-1828 27 Nov 2002 5 (v2) Medium Pass Apache-SSL < 1.3.23+1.46 i2d_SSL_SESSION Function SSL Client Certiﬁcate Overﬂow CVE-2002-0082 19 Mar 2002 7.3 (v3) High Pass mod_python < 2.7.8 Module Importing Privilege Function Execution CVE-2002-0185 02 May 2002 7.5 (v2) High Pass OpenSSH < 3.1 Channel Code Oﬀ by One Remote Privilege Escalation CVE-2002-0083 07 Mar 2002 10 (v2) Critical Pass Multiple Web Server on Windows MS/DOS Device Request Remote DOS CVE-2001-0386 CVE-2001-0493 CVE-2001-0391 CVE-2001-0558 CVE-2002-0200 CVE-2000-0168 CVE-2003-0016 CVE-2001-0602 29 Mar 2002 5 (v2) Medium Pass ServletExec 4.1 ISAPI com.newatlanta.servletexec.JSP10Servlet Traversal Arbitrary File Access CVE-2002-0893 22 May 2002 5 (v2) Medium Pass Apache < 1.3.27 Multiple Vulnerabilities (DoS, XSS) CVE-2002-0839 CVE-2002-0840 CVE-2002-0843 04 Oct 2002 7.3 (v3) High Pass Bugbear Worm Detection CVE-2001-0154 03 Oct 2002 10 (v2) Critical Pass MRTG mrtg.cgi cfg Parameter Traversal Arbitrary Files Access CVE-2002-0232 05 Jun 2002 5 (v2) Medium Pass Microsoft Site Server Multiple Script Information Disclosure CVE-2002-1769 08 Jun 2002 5 (v2) Medium Pass Ipswitch WhatsUp Gold Default Admin Account CVE-1999-0508 05 Jun 2002 7.5 (v2) High Pass Enhydra Multiserver Default Password CVE-1999-0508 22 Jan 2003 7.5 (v2) High Pass Sendmail < 8.10.0 mail.local Newline Handling Remote DoS CVE-2000-0319 11 Mar 2003 5.3 (v3) Medium Pass SSH ssh-keygen with Secure-RPC SUN-DES-1 Phrase Recovery CVE-2001-0259 10 Mar 2003 2.6 (v2) Low Pass Solaris sendmail .forward Local Privilege Escalation CVE-2003-1076 12 Mar 2003 7.2 (v2) High Pass rsync I/O Functions Multiple Signedness Errors RCE CVE-2002-0048 14 Mar 2003 10 (v2) Critical Pass Ipswitch IMail Web Interface URI Referer Session Token Disclosure CVE-2001-1286 25 Feb 2003 5 (v2) Medium Pass Apple iTunes < 10.6.3 Multiple Vulnerabilities (uncredentialed check) CVE-2012-0672 CVE-2012-0677 14 Jun 2012 9.3 (v2) High Pass Sendmail < 8.12.9 NOCHAR Control Value prescan Overﬂow CVE-2003-0161 29 Mar 2003 9.8 (v3) Critical Pass Kerberos 4 Realm Principle Impersonation CVE-2003-0138 03 Apr 2003 7.5 (v2) High Pass Monkey HTTP Daemon (monkeyd) PostMethod() Function Remote Overﬂow CVE-2003-0218 22 Apr 2003 7.6 (v2) High Pass Poster version.two index.php Account Manipulation Privilege Escalation CVE-2003-0307 14 May 2003 6.4 (v2) Medium Pass Polycom ViaVideo Web Server Incomplete HTTP Connection Saturation Remote DoS CVE-2002-1906 01 Sep 2003 5 (v2) Medium Pass Magic Winmail Server PASS Command Remote Format String CVE-2003-0391 17 Jun 2003 7.5 (v2) High Pass OpenTSDB yrange RCE (direct check) CVE-2020-35476 09 Jul 2021 9.8 (v3) Critical Pass SHOUTcast Server admin.cgi Long Argument Overﬂow CVE-2002-0199 11 Jun 2003 7.5 (v2) High Pass Exim < 4.22 smtp_in.c HELO/EHLO Remote Overﬂow CVE-2003-0743 02 Sep 2003 7.5 (v2) High Pass OpenSSH < 3.7.1p2 Multiple Remote Vulnerabilities CVE-2003-0786 CVE-2003-0787 23 Sep 2003 9.3 (v2) High Pass ISC BIND < 8.3.7 / 8.4.3 Negative Record Cache Poisoning CVE-2003-0914 27 Nov 2003 7.8 (v2) High Pass Apache Double Slash GET Request Forced Directory Listing CVE-2003-1138 27 Oct 2003 5.3 (v3) Medium Pass EasyDynamicPages Multiple Script edp_relative_path Parameter Remote File Inclusion CVE-2004-0073 02 Jan 2004 8.3 (v3) High Pass SGDynamo sgdynamo.exe HTNAME XSS CVE-2002-0375 18 Dec 2003 4.3 (v2) Medium Pass Exchange XEXCH50 Remote Buﬀer Overﬂow CVE-2003-0714 16 Oct 2003 7.5 (v2) High Pass smallftpd 1.0.3 Multiple DoS CVE-2004-0299 22 Feb 2004 5.3 (v3) Medium Pass Xlight FTP Server Multiple Remote Overﬂows CVE-2004-0255 CVE-2004-0287 16 Feb 2004 5 (v2) Medium Pass Apache < 1.3.31 / 2.0.49 Socket Connection Blocking Race Condition DoS CVE-2004-0174 16 Jun 2004 5 (v2) Medium Pass vHost < 3.10r1 Unspeciﬁed XSS CVE-2004-2278 14 Mar 2004 4.3 (v2) Medium Pass Emumail WebMail Multiple Remote Vulnerabilities (XSS, Disc) CVE-2004-2334 CVE-2004-2385 14 Mar 2004 4.3 (v2) Medium Pass Nuked-Klan index.php user_langue Parameter Traversal Arbitrary File Access CVE-2004-1937 13 Apr 2004 7.5 (v2) High Pass Default Password (12345678) for 'root' Account on MacOS X Server CVE-1999-0502 07 Jul 2004 9.8 (v3) Critical Pass BlackJumboDog FTP Server Multiple Command Overﬂow CVE-2004-1439 11 Aug 2004 7.5 (v2) High Pass EasyWeb FileManager pathtext Traversal Arbitrary File/Directory Access CVE-2004-2047 26 Jul 2004 4 (v2) Medium Pass Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS) CVE-2004-0681 CVE-2004-0682 02 Aug 2004 7.5 (v2) High Pass Nucleus CMS action.php itemid Parameter SQL Injection CVE-2004-2056 03 Aug 2004 7.5 (v2) High Pass Samba smbd FindNextPrintChangeNotify() Request Remote DoS CVE-2004-0829 26 Aug 2004 5 (v2) Medium Pass Intellipeer POP3 Server User Account Enumeration CVE-2004-2150 27 Sep 2004 5 (v2) Medium Pass XOOPS <= 1.0 Dictionary Module Multiple Scripts XSS CVE-2004-1640 01 Sep 2004 4.3 (v2) Medium Pass DasBlog Activity / Event Viewer Multiple HTTP Header XSS CVE-2004-1657 02 Sep 2004 4.3 (v2) Medium Pass OpenCA Client System Browser Form Input Field XSS CVE-2004-0787 09 Sep 2004 4.3 (v2) Medium Pass CuteNews index.php mod Parameter XSS CVE-2004-1659 06 Sep 2004 4.3 (v2) Medium Pass Icecast Encoded Traversal Arbitrary File Access CVE-2001-0784 01 Oct 2004 5 (v2) Medium Pass Icecast / libshout Multiple Remote Overﬂows CVE-2001-1229 01 Oct 2004 7.5 (v2) High Pass Icecast HTTP Header Processing Remote Overﬂow CVE-2004-1561 28 Sep 2004 7.5 (v2) High Pass MoniWiki < 1.0.9 wiki.php XSS CVE-2004-1632 25 Oct 2004 4.3 (v2) Medium Pass 04WebServer Multiple Vulnerabilities (XSS, DoS, more) CVE-2004-1512 CVE-2004-1513 CVE-2004-1514 13 Nov 2004 5 (v2) Medium Pass Apache mod_proxy Content-Length Overﬂow CVE-2004-0492 25 Oct 2004 10 (v2) Critical 20

Pass Microsoft Windows EFSRPC NTLM Reﬂection Elevation of Privilege (PetitPotam) (Remote) CVE-2021-36942 27 Jul 2021 5.3 (v3) Medium Pass Mercury Mail Remote IMAP Server Remote Overﬂow CVE-2004-1211 30 Nov 2004 9 (v2) High Pass TIPS MailPost append Parameter XSS CVE-2004-1101 04 Nov 2004 4.3 (v2) Medium Pass miniBB index.php user Parameter SQL Injection CVE-2004-2456 19 Nov 2004 7.5 (v2) High Pass Microsoft W3Who ISAPI w3who.dll Multiple Remote Vulnerabilities CVE-2004-1133 CVE-2004-1134 06 Dec 2004 10 (v2) Critical Pass ISC BIND < 9.3.1 Validator Self Checking Remote DoS CVE-2005-0034 26 Jan 2005 4.3 (v2) Medium Pass Berlios gpsd gpsd_report() Function Format String CVE-2004-1388 27 Jan 2005 7.5 (v2) High Pass CA BrightStor ARCserve/Enterprise Backup Persistent Default Administrator Account CVE-2005-0349 14 Feb 2005 10 (v2) Critical Pass Siteman < 1.1.11 Multiple Vulnerabilities CVE-2005-0305 19 Jan 2005 6.5 (v2) Medium Pass Chipmunk CMScore Multiple Script SQL Injection CVE-2005-0368 08 Feb 2005 7.5 (v2) High Pass Knox Arkeia Backup Client Type 77 Request Processing Buﬀer Remote Overﬂow CVE-2005-0491 21 Feb 2005 10 (v2) Critical Pass BadBlue ext.dll mfcisapicommand Parameter Remote Overﬂow CVE-2005-0595 01 Mar 2005 10 (v2) Critical Pass CitrusDB Static id_hash Admin Authentication Bypass CVE-2005-0408 16 Feb 2005 7.5 (v2) High Pass Ipswitch IMail IMAP EXAMINE Argument Buﬀer Overﬂow CVE-2005-0707 11 Mar 2005 9 (v2) High Pass MailEnable Standard SMTP mailto: Request Format String CVE-2005-0804 18 Mar 2005 5 (v2) Medium Pass Smail-3 < 3.2.0.121 Multiple Vulnerabilities CVE-2005-0892 CVE-2005-0893 25 Mar 2005 7.5 (v2) High Pass osCommerce ﬁle_manager.php ﬁlename Parameter Traversal Arbitrary File Access CVE-2004-2021 22 Mar 2005 5 (v2) Medium Pass PunBB proﬁle.php Multiple Parameter XSS CVE-2005-0818 18 Mar 2005 4.3 (v2) Medium Pass Oracle HTTP Server (October 2006 CPU) CVE-2006-5346 CVE-2006-5347 CVE-2006-5348 CVE-2006-5349 CVE-2006-5350 CVE-2006-5353 CVE-2006-5354 CVE-2006-5357 21 Nov 2011 10 (v2) Critical Pass OpenSSL < 0.9.2b Session Reuse CVE-1999-0428 12 Jan 2012 7.5 (v2) High Pass Oracle 8i/9i Database Server UTL_FILE Traversal Arbitrary File Manipulation CVE-2005-0701 30 Mar 2005 6.5 (v2) Medium Pass OpenSSL < 0.9.7f Insecure Temporary File Creation CVE-2004-0975 04 Jan 2012 2.1 (v2) Low Pass IBM Lotus Domino Web Service NLSCCSTR.DLL Malformed GET Request Overﬂow DoS CVE-2005-0986 07 Apr 2005 5 (v2) Medium Pass IBM AS400 and iSeries POP3 Server Remote Information Disclosure CVE-2005-1133 14 Apr 2005 5 (v2) Medium Pass Kerio MailServer Webmail Malformed Email Handling Resource Exhaustion DoS CVE-2005-1138 15 Apr 2005 7.1 (v2) High Pass Oracle WebLogic JSP Pages and Servlets Unspeciﬁed Information Disclosure (CVE-2008-5460) CVE-2008-5460 30 Nov 2011 2.6 (v2) Low Pass Oracle Application Server 9i Webcache < 9.0.4.0 Multiple Vulnerabilities CVE-2005-1381 CVE-2005-1382 02 May 2005 5 (v2) Medium Pass WebcamXP Chat Name XSS CVE-2005-1189 22 Apr 2005 4.3 (v2) Medium Pass Comersus Cart Account Username Field XSS CVE-2005-1010 06 Apr 2005 4.3 (v2) Medium Pass NETFile FTP/Web Server FTP Bounce Attack CVE-2005-1646 18 May 2005 5 (v2) Medium Pass Skull-Splitter Guestbook Multiple Field XSS CVE-2005-1620 16 May 2005 4.3 (v2) Medium Pass DUamazon Pro Multiple Scripts SQL Injection CVE-2005-2046 28 Jun 2005 7.5 (v2) High Pass Qualiteam X-Cart Multiple Vulnerabilities CVE-2005-1822 CVE-2005-1823 06 Jun 2005 7.5 (v2) High Pass Ipswitch IMail Web Calendaring Server GET Request Traversal Arbitrary File Access CVE-2005-1252 25 May 2005 5 (v2) Medium Pass Golden FTP Server <= 2.60 LS Command Traversal Information Disclosure CVE-2005-2142 05 Jul 2005 5.3 (v3) Medium Pass IBM Lotus Domino HTML Hidden Field Encrypted Password Disclosure CVE-2005-2428 27 Jul 2005 5 (v2) Medium Pass ASP-DEv XM Forum post.asp IMG Tag XSS CVE-2005-1008 23 May 2005 4.3 (v2) Medium Pass phpPgAdmin index.php formLanguage Parameter Local File Inclusion CVE-2005-2256 07 Jul 2005 5.1 (v2) Medium Pass phpSecurePages cfgProgDir Variable File Include Vulnerabilities CVE-2005-2251 10 Jul 2005 7.5 (v2) High Pass Fusebox index.cfm fuseaction Parameter XSS CVE-2005-2480 04 Aug 2005 4.3 (v2) Medium Pass Microsoft Exchange Server RCE (ProxyShell) CVE-2021-34473 11 Aug 2021 9.8 (v3) Critical Pass Ultimate PHP Board users.dat Multiple Vulnerabilities CVE-2005-2005 CVE-2005-2030 24 Aug 2005 5 (v2) Medium Pass phpLDAPadmin custom_welcome_page Parameter File Include Vulnerability CVE-2005-2792 CVE-2005-2793 31 Aug 2005 7.5 (v2) High Pass Barracuda Spam Firewall < 3.1.18 Multiple Vulnerabilities CVE-2005-2847 CVE-2005-2848 01 Sep 2005 7.5 (v2) High Pass PHPNews news.php prevnext Parameter SQL Injection CVE-2005-2156 06 Jul 2005 7.5 (v2) High Pass Apple TV < 6.0 Multiple Vulnerabilities CVE-2011-2391 CVE-2011-3102 CVE-2012-0841 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-5134 CVE-2013-0879 CVE-2013-0991 CVE-2013-0992 CVE-2013-0993 CVE-2013-0994 CVE-2013-0995 CVE-2013-0996 CVE-2013-0997 CVE-2013-0998 CVE-2013-0999 CVE-2013-1000 CVE-2013-1001 CVE-2013-1002 CVE-2013-1003 CVE-2013-1004 CVE-2013-1005 CVE-2013-1006 CVE-2013-1007 CVE-2013-1008 CVE-2013-1010 CVE-2013-1011 CVE-2013-1019 CVE-2013-1025 CVE-2013-1026 CVE-2013-1037 CVE-2013-1038 CVE-2013-1039 CVE-2013-1040 CVE-2013-1041 CVE-2013-1042 CVE-2013-1043 CVE-2013-1044 CVE-2013-1045 CVE-2013-1046 CVE-2013-1047 CVE-2013-2842 CVE-2013-3950 CVE-2013-3953 CVE-2013-3954 CVE-2013-5125 CVE-2013-5126 CVE-2013-5127 CVE-2013-5128 CVE-2013-5138 CVE-2013-5139 CVE-2013-5140 CVE-2013-5142 CVE-2013-514501 Oct 2013 9.3 (v2) High Pass PunBB < 1.2.8 Multiple Vulnerabilities CVE-2005-3078 CVE-2005-3079 23 Sep 2005 6.5 (v2) Medium Pass CuteNews ﬂood.db.php Client-IP HTTP Header Arbitrary Code Injection CVE-2005-3010 19 Sep 2005 7.5 (v2) High Pass Polipo < 0.9.9 Unspeciﬁed Traversal Arbitrary File Access CVE-2005-3163 06 Oct 2005 5 (v2) Medium Pass MS05-051: Vulnerabilities in MSDTC Could Allow Remote Code Execution (902400) (uncredentialed check)CVE-2005-2119 CVE-2005-1978 CVE-2005-1979 CVE-2005-1980 12 Oct 2005 10 (v2) Critical Pass TYPSoft FTP Server <= 1.10 Multiple DoS CVE-2005-3294 CVE-2009-1668 CVE-2009-4105 CVE-2012-5329 14 Oct 2005 5 (v2) Medium Pass WorldMail IMAP Server Traversal Arbitrary Mail Spool Access CVE-2005-3189 18 Nov 2005 5 (v2) Medium Pass Macromedia Flash Media Server Administration Service Crafted Packet Remote DoS CVE-2005-4216 14 Dec 2005 7.8 (v2) High Pass ONVIF Snapshot Username and Password Leak 15 Nov 2017 5.3 (v3) Medium Pass MyBB < 1.01 function_upload.php SQLi CVE-2005-4602 02 Jan 2006 7.5 (v2) High Pass Apache Tomcat / Geronimo Sample Script cal2.jsp time Parameter XSS CVE-2006-0254 18 Jan 2006 4.3 (v2) Medium Pass Lyris ListManager Subscription Form Administrative Command Injection CVE-2005-4142 25 Jan 2006 7.5 (v2) High Pass VMware Harbor User Enumeration (CVE-2019-3990) CVE-2019-3990 19 Aug 2021 4.3 (v3) Medium Pass IA eMailServer IMAP SEARCH Command Remote Overﬂow CVE-2006-0853 22 Feb 2006 6.5 (v2) Medium Pass ArGoSoft Mail Server Pro IMAP RENAME Command Traversal Arbitrary Directory Creation CVE-2006-0929 25 Feb 2006 4 (v2) Medium Pass Mercury Mail ph Server Remote Overﬂow CVE-2005-4411 27 Jan 2006 7.5 (v2) High Pass Dropbear SSH Authorization-pending Connection Saturation DoS CVE-2006-1206 08 Mar 2006 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.0 LDAP Authentication Bypass (PAN-SA-2015-0005) 19 Aug 2015 10 (v2) Critical Pass SAP DB / MaxDB WebDBM Client Database Name Remote Overﬂow CVE-2006-4305 06 Sep 2006 10 (v2) Critical Pass RaidenHTTPD workspace.php ulang Parameter Local File Inclusion CVE-2007-6453 19 Dec 2007 9.3 (v2) High Pass OpenSSL 1.1.1 < 1.1.1d Multiple Vulnerabilities CVE-2019-1547 CVE-2019-1549 CVE-2019-1552 CVE-2019-1563 23 Aug 2019 5.3 (v3) Medium Pass Cisco ADE-OS Prime Collaboration Assurance Detection 25 Sep 2015 None Pass Scrutinizer < 10.1.2 Multiple Vulnerabilities 06 Mar 2013 7.5 (v2) High Pass VMware Harbor Privilege Escalation (VMSA-2019-0015) (CVE-2019-16097) CVE-2019-16097 11 Oct 2019 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.19 Multiple Vulnerabilities CVE-2017-15940 CVE-2017-15942 CVE-2017-15943 CVE-2017-15944 15 Dec 2017 9.8 (v3) Critical Pass Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17) CVE-2018-0732 CVE-2018-0734 CVE-2018-0737 CVE-2018-5407 02 Jan 2019 5.9 (v3) Medium Pass VMware vCenter Server 6.5.x < 6.5u1f Multiple Vulnerabilities (VMSA-2018-0007) (Spectre-1) (Meltdown) CVE-2017-5753 CVE-2017-5754 22 Feb 2018 5.6 (v3) Medium Pass MS10-106: Microsoft Exchange Server Denial of Service (uncredentialed) CVE-2010-3937 03 Apr 2018 4.3 (v3) Medium Pass Cisco Prime Data Center Network Manager 10.1.x < 10.2.1 Multiple Vulnerabilities (remote check) CVE-2017-6639 CVE-2017-6640 22 Jun 2017 9.8 (v3) Critical Pass SolarWinds Log and Event Manager < 6.3.1 Hotﬁx 3 Jailbreak and Privilege Escalation CVE-2017-5198 CVE-2017-5199 31 Aug 2017 8.8 (v3) High Pass Jenkins < 2.89.4 / 2.107 Multiple Vulnerabilities CVE-2018-6356 CVE-2018-1000068 CVE-2018-1000102 CVE-2018-1000103 22 Feb 2018 5.3 (v3) Medium Pass IBM BigFix Platform 9.x < 9.1.9.1301 / 9.2.9.36 / 9.5.4.38 Multiple Vulnerabilities CVE-2016-6082 CVE-2016-6084 CVE-2016-6085 29 Dec 2016 10 (v3) Critical Pass Webmin 'miniserv.pl' Arbitrary File Disclosure CVE-2006-3392 30 Jun 2006 5 (v2) Medium Pass Bitrix bitrix.mpbuilder Module < 1.0.12 bitrix.mpbuilder_step2.php 'work[]' Path Traversal File Inclusion CVE-2015-8358 02 May 2017 7.2 (v3) High Pass Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability (cisco-sa-20150916-pcp)CVE-2015-4307 29 Sep 2015 9 (v2) High Pass McAfee Security Information and Event Management 9.3.x < 9.3.2.19 / 9.4.x < 9.4.2.9 / 9.5.x < 9.5.0.8 Authentication Bypass (SB10137)CVE-2015-8024 08 Apr 2016 7.3 (v3) High Pass VMware vCenter Server 5.0.x < 5.0u3e / 5.1.x < 5.1u3b / 5.5.x < 5.5u3 (Linux) / 5.5.x < 5.5u3b (Windows) / 6.0.x < 6.0.0b JMX Deserialization RCE (VMSA-2016-0005)CVE-2016-3427 25 May 2016 9 (v3) Critical Pass ESXi 5.0 < Build 515841 Multiple Vulnerabilities (remote check) CVE-2009-4536 CVE-2010-0296 CVE-2011-0536 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 13 Nov 2013 7.2 (v2) High Pass IBM WebSphere Application Server 7.0 < 7.0.0.43 / 8.0 < 8.0.0.13 / 8.5 < 8.5.5.10 / Liberty 16.0 < 16.0.0.2 CRLF Sequences HTTP Response SplittingCVE-2016-0359 04 Aug 2016 6.1 (v3) Medium Pass Cisco UCS Platform Emulator < 3.1(1ePE1) Multiple Vulnerabilities CVE-2016-1339 CVE-2016-1340 06 Jul 2016 8.4 (v3) High Pass Cisco IOS IPv6 Snooping DoS (cisco-sa-20150923-fhs) CVE-2015-6278 CVE-2015-6279 02 Oct 2015 7.8 (v2) High Pass Mac OS X < 10.11 Multiple Vulnerabilities (GHOST) CVE-2013-3951 CVE-2014-2532 CVE-2014-3618 CVE-2014-6277 CVE-2014-7186 CVE-2014-7187 CVE-2014-8080 CVE-2014-8090 CVE-2014-8146 CVE-2014-8147 CVE-2014-8611 CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0235 CVE-2015-0273 CVE-2015-0286 CVE-2015-0287 CVE-2015-1351 CVE-2015-1352 CVE-2015-1855 CVE-2015-2301 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3329 CVE-2015-3330 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-3785 CVE-2015-3801 CVE-2015-5522 CVE-2015-5523 CVE-2015-5764 CVE-2015-5765 CVE-2015-5767 CVE-2015-5780 CVE-2015-5788 CVE-2015-5789 CVE-2015-5790 CVE-2015-5791 CVE-2015-5792 CVE-2015-5793 CVE-2015-5794 CVE-2015-5795 CVE-2015-5796 CVE-2015-5797 CVE-2015-5798 CVE-2015-5799 CVE-2015-5800 CVE-2015-5801 CVE-2015-5802 CVE-2015-5803 CVE-2015-5804 CVE-2015-5805 CVE-2015-5806 CVE-2015-5807 CVE-2015-5808 CVE-2015-5809 CVE-2015-5810 CVE-2015-5811 CVE-2015-5812 CVE-2015-5813 CVE-2015-5814 CVE-2015-5815 CVE-2015-5816 CVE-2015-5817 CVE-2015-5818 CVE-2015-5819 CVE-2015-5820 CVE-2015-5821 CVE-2015-5822 CVE-2015-5823 CVE-2015-5824 CVE-2015-5825 CVE-2015-5826 CVE-2015-5827 CVE-2015-5828 CVE-2015-5830 CVE-2015-5831 CVE-2015-5833 CVE-2015-5836 CVE-2015-5839 CVE-2015-5840 CVE-2015-5841 CVE-2015-5842 CVE-2015-5847 CVE-2015-5849 CVE-2015-5851 CVE-2015-5853 CVE-2015-5854 CVE-2015-5855 CVE-2015-5858 CVE-2015-5860 CVE-2015-5862 CVE-2015-5863 CVE-2015-5864 CVE-2015-5865 CVE-2015-5866 CVE-2015-5867 CVE-2015-5868 CVE-2015-5869 CVE-2015-5870 CVE-2015-5871 CVE-2015-5872 CVE-2015-5873 CVE-2015-5874 CVE-2015-5875 CVE-2015-5876 CVE-2015-5877 CVE-2015-5878 CVE-2015-5879 CVE-2015-5881 CVE-2015-5882 CVE-2015-5883 CVE-2015-5884 CVE-2015-5885 CVE-2015-5887 CVE-2015-5888 CVE-2015-5889 CVE-2015-5890 CVE-2015-5891 CVE-2015-5893 CVE-2015-5894 CVE-2015-5896 CVE-2015-5897 CVE-2015-5899 CVE-2015-5900 CVE-2015-5901 CVE-2015-5902 CVE-2015-5903 CVE-2015-5912 CVE-2015-5913 CVE-2015-5914 CVE-2015-5915 CVE-2015-5917 CVE-2015-5922 CVE-2015-7760 CVE-2015-776105 Oct 2015 9.8 (v3) Critical Pass Juniper Junos J-Web Service Multiple Vulnerabilities (JSA10723) CVE-2016-1261 27 Apr 2016 6.8 (v2) Medium Pass Cisco Wireless LAN Controller Multiple DoS CVE-2016-9195 CVE-2017-3832 19 Apr 2017 7.5 (v3) High Pass Cisco Wireless LAN Controller 802.11 WME Packet Header Handling DoS (cisco-sa-20170405-wlc) CVE-2016-9194 19 Apr 2017 6.5 (v3) Medium Pass Cisco NX-OS Failed Authentication Handling Remote DoS (cisco-sa-20170315-nss1) CVE-2017-3879 14 Apr 2017 5.3 (v3) Medium Pass Cisco NX-OS Telnet Packet Header Handling Remote DoS (cisco-sa-20170315-nss) CVE-2017-3878 14 Apr 2017 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.18 / 7.0.x < 7.0.17 / 7.1.x < 7.1.12 / 8.0.x < 8.0.3 Multiple VulnerabilitiesCVE-2016-8610 CVE-2016-10229 CVE-2017-8390 CVE-2017-9458 CVE-2017-9459 CVE-2017-9467 CVE-2017-12416 30 Jun 2017 9.8 (v3) Critical Pass Juniper Junos ICMPv6 PTB Atomic Fragment DoS (JSA10780) CVE-2016-10142 06 Jul 2017 8.6 (v3) High Pass Juniper Junos sendmsg Local Privilege Escalation (JSA10797) CVE-2016-1887 31 Jul 2017 7.8 (v3) High Pass Juniper Junos SRX, vSRX, and J-Series ISC BIND DoS (JSA10799) CVE-2017-3135 31 Jul 2017 7.5 (v3) High Pass OpenSSL 1.0.1 < 1.0.1i Multiple Vulnerabilities CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-513908 Aug 2014 7.5 (v2) High Pass Juniper Junos PHP multiple vulnerabilities (JSA10804) CVE-2012-3365 CVE-2013-4113 CVE-2013-6420 CVE-2014-9425 31 Jul 2017 7.3 (v3) High Pass McAfee Web Gateway 7.6.x < 7.6.2.15 / 7.7.x < 7.7.2.3 Multiple Vulnerabilities (SB10205) CVE-2012-6706 CVE-2017-1000364 CVE-2017-1000366 CVE-2017-1000368 15 Aug 2017 9.8 (v3) Critical Pass Juniper Junos CLI XML Privilege Escalation (JSA10805) CVE-2017-10603 31 Jul 2017 7.8 (v3) High Pass Juniper Junos SRX Cluster Synchronization Failover Errors (JSA10806) CVE-2017-10604 31 Jul 2017 5.3 (v3) Medium Pass Cisco Wireless LAN Controller Multiple Vulnerabilities CVE-2016-1362 CVE-2016-1363 CVE-2016-1364 04 May 2016 9.8 (v3) Critical Pass macOS < 10.13 Multiple Vulnerabilities CVE-2016-0736 CVE-2016-2161 CVE-2016-4736 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2016-9042 CVE-2016-9063 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-0381 CVE-2017-3167 CVE-2017-3169 CVE-2017-6451 CVE-2017-6452 CVE-2017-6455 CVE-2017-6458 CVE-2017-6459 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-7074 CVE-2017-7077 CVE-2017-7078 CVE-2017-7080 CVE-2017-7082 CVE-2017-7083 CVE-2017-7084 CVE-2017-7086 CVE-2017-7114 CVE-2017-7119 CVE-2017-7121 CVE-2017-7122 CVE-2017-7123 CVE-2017-7124 CVE-2017-7125 CVE-2017-7126 CVE-2017-7127 CVE-2017-7128 CVE-2017-7129 CVE-2017-7130 CVE-2017-7132 CVE-2017-7138 CVE-2017-7141 CVE-2017-7143 CVE-2017-7144 CVE-2017-7149 CVE-2017-7150 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9233 CVE-2017-9788 CVE-2017-9789 CVE-2017-10140 CVE-2017-10989 CVE-2017-11103 CVE-2017-13782 CVE-2017-13807 CVE-2017-13808 CVE-2017-13809 CVE-2017-13810 CVE-2017-13811 CVE-2017-13812 CVE-2017-13813 CVE-2017-13814 CVE-2017-13815 CVE-2017-13816 CVE-2017-13817 CVE-2017-13818 CVE-2017-13819 CVE-2017-13820 CVE-2017-13821 CVE-2017-13822 CVE-2017-13823 CVE-2017-13824 CVE-2017-13825 CVE-2017-13827 CVE-2017-13828 CVE-2017-13829 CVE-2017-13830 CVE-2017-13831 CVE-2017-13832 CVE-2017-13833 CVE-2017-13834 CVE-2017-13836 CVE-2017-13837 CVE-2017-13838 CVE-2017-13839 CVE-2017-13840 CVE-2017-13841 CVE-2017-13842 CVE-2017-13843 CVE-2017-13846 CVE-2017-13850 CVE-2017-13851 CVE-2017-13853 CVE-2017-13854 CVE-2017-13873 CVE-2017-100037303 Oct 2017 9.8 (v3) Critical Pass Juniper Junos BGP PDU Vulnerability (JSA10810) CVE-2017-10607 20 Oct 2017 7.5 (v3) High Pass Juniper Junos SRX Flowd Crash Vulnerability (JSA10813) CVE-2017-10610 20 Oct 2017 7.5 (v3) High Pass Juniper Junos Kernel Vulnerability (JSA10816) CVE-2017-10613 20 Oct 2017 7.5 (v3) High Pass TYPO3 'AbstractController.php' 'BACK_PATH' Parameter Remote File Inclusion CVE-2011-4614 23 Dec 2011 6.8 (v2) Medium Pass Hosting Controller Multiple Script Arbitrary Directory Browsing CVE-2002-0466 17 Jun 2003 5 (v2) Medium Pass Cisco Wireless LAN Controllers 5500 Series (POODLE) CVE-2014-3566 03 Dec 2014 4.3 (v2) Medium Pass Citrix NetScaler Multiple Vulnerabilities (CTX230238, CTX230612) CVE-2017-17382 CVE-2017-17549 19 Dec 2017 5.9 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.14 Multiple Vulnerabilities CVE-2017-15940 CVE-2017-15943 CVE-2017-15944 15 Dec 2017 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 8.0.x < 8.0.6-h3 Web Interface Packet Capture Management Unspeciﬁed Remote Command InjectionCVE-2017-15940 15 Dec 2017 9.8 (v3) Critical 21

Pass Arista Networks EOS IPv6 Neighbor Discovery Packet DoS (SA0022) 28 Feb 2018 5.3 (v3) Medium Pass Arista Networks EOS tcp_input Challenge ACKs Shared Counter Disclosure (SA0023) CVE-2016-5696 28 Feb 2018 4.8 (v3) Medium Pass Default Password (0000) for 'user' on WIP5000 IP Phone 16 Sep 2008 7.5 (v2) High Pass macOS 10.13.3 Supplemental Update CVE-2018-4124 28 Feb 2018 9.8 (v3) Critical Pass Cisco Wireless LAN Controller CAPWAP DoS (cisco-sa-wlc-capwap-dos-Y2sD9uEw) CVE-2020-3262 28 Jul 2020 7.5 (v3) High Pass Arista Networks EOS Control Plane Packet Handling DoS (SA0025) CVE-2016-6894 28 Feb 2018 7.5 (v3) High Pass macOS 10.14.x < 10.14.3 Multiple Vulnerabilities CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 CVE-2019-6200 CVE-2019-6202 CVE-2019-6205 CVE-2019-6208 CVE-2019-6209 CVE-2019-6210 CVE-2019-6211 CVE-2019-6213 CVE-2019-6214 CVE-2019-6218 CVE-2019-6219 CVE-2019-6220 CVE-2019-6221 CVE-2019-6224 CVE-2019-6225 CVE-2019-6230 CVE-2019-6231 CVE-2019-623525 Jan 2019 10 (v3) Critical Pass Arista Networks EOS MPBGP Denial of Service (SA0029) CVE-2017-8231 28 Feb 2018 4.3 (v3) Medium Pass Citrix NetScaler Authentication Bypass Vulnerability (CTX232199) CVE-2018-5314 05 Jul 2018 7.5 (v3) High Pass Cisco NX-OS SNMP DoS. CVE-2018-0456 26 Oct 2018 7.7 (v3) High Pass Fireﬂy Media Server ws_getpostvars Function Content-Length Header HTTP Request Handling Overﬂow CVE-2008-1771 23 Apr 2008 7.5 (v2) High Pass Junos OS: FPC process crashes after J-Flow processes a malformed packet (JSA10914) CVE-2019-0014 11 Jan 2019 7.5 (v3) High Pass Juniper Junos vMX Predictable IP ID Sequence Numbers (JSA10903) CVE-2019-0007 11 Jan 2019 10 (v3) Critical Pass Junos OS: Kernel crash after processing speciﬁc incoming packet to the out of band management interface (JSA10911)CVE-2019-0011 16 Jan 2019 6.5 (v3) Medium Pass Junos OS: Deleted dynamic VPN users are allowed to establish VPN connections until reboot (JSA10915) CVE-2019-0015 07 Feb 2019 5.4 (v3) Medium Pass Cisco Prime Collaboration Provisioning Unauthorized Password Change Denial of Service Vulnerability (cisco-sa-20180801-pcp-dosCVE-2018-0391 01 Apr 2019 6.5 (v3) Medium Pass Axis 2400 Network Camera Multiple Vulnerabilities CVE-2003-1386 01 Mar 2003 6.4 (v2) Medium Pass Junos OS: EX2300 and EX3400 series: Certain stateless ﬁrewall ﬁlter rules might not take eﬀect (JSA10901)CVE-2019-0002 25 Jan 2019 9.8 (v3) Critical Pass Junos OS: EX2300 and EX3400 series: High disk I/O operations may disrupt the communication between RE and PFE (JSA10909)CVE-2019-0009 25 Jan 2019 5.5 (v3) Medium Pass Palo Alto Networks < 7.1.23 / 8.0.x < 8.0.16 / 8.1.x < 8.1.7 Denial of Service vulnerability (PAN-SA-2019-0007)CVE-2018-18065 02 Apr 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Unauthorized Directory Access Vulnerability CVE-2019-1600 24 May 2019 4.4 (v3) Medium Pass Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities CVE-2019-1597 CVE-2019-1598 24 May 2019 7.5 (v3) High Pass Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability CVE-2019-1596 30 Jul 2019 7.8 (v3) High Pass Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability CVE-2019-1601 30 Jul 2019 7.8 (v3) High Pass Cisco MDS 9700 Series Multilayer Directors and Nexus 7000/7700 Series Switches Software Patch SignaturCVE-2019-1808e Veriﬁcation Vulnerability 07 Jun 2019 4.4 (v3) Medium Pass Jenkins < 2.235.5 LTS / 2.243 Information Disclosure Vulnerability CVE-2019-17638 21 Aug 2020 9.4 (v3) Critical Pass Juniper JSA10938 CVE-2019-0046 26 Jul 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Fabric Services over IP Denial of Service Vulnerability (CVE-2019-1962) CVE-2019-1962 11 Sep 2019 7.5 (v3) High Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791) CVE-2019-1791 22 Aug 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service VulnerabilityCVE-2019-1963 12 Sep 2019 6.5 (v3) Medium Pass Cisco NX-OS Software Command Injection Vulnerability (cisco-sa-20190925-nxos-vman-cmd-inj) CVE-2019-12717 04 Oct 2019 7.8 (v3) High Pass Adobe ColdFusion Unsupported Version Detection 22 Jan 2014 10 (v3) Critical Pass Citrix and NetScaler SD-WAN Center Unauthenticated Directory Traversal File Write CVE-2019-12990 18 Dec 2019 9.8 (v3) Critical Pass Alcatel ADSL Modem Unpassworded Access CVE-2001-1424 08 Oct 2000 7.5 (v2) High Pass Cisco Catalyst Web Interface Remote Command Execution CVE-2000-0945 10 Nov 2000 10 (v2) Critical Pass Exchange Malformed MIME Header Handling DoS CVE-2000-1006 27 Nov 2000 6.4 (v2) Medium Pass Cisco NX-OS Software Simple Network Management Protocol DoS (cisco-sa-20190515-nxos-snmp-dos) CVE-2019-1858 18 Dec 2019 8.6 (v3) High Pass IBM BigFix Server 9.1.x < 9.1.1275.0 Multiple XSS CVE-2016-0269 CVE-2016-0293 30 Aug 2016 6.1 (v3) Medium Pass HP Universal Conﬁguration Management Database Server Authentication Bypass CVE-2014-7883 18 Mar 2015 5 (v2) Medium Pass Cisco IOS Multiple OpenSSL Vulnerabilities (CSCut46130) CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 14 Apr 2016 7.5 (v2) High Pass ProFTPD mod_copy Information Disclosure CVE-2015-3306 16 Jun 2015 9.8 (v3) Critical Pass IBM Lotus Domino Banner Nonexistent .pl File Request Path Disclosure CVE-2002-0245 CVE-2002-0408 08 Jun 2002 5 (v2) Medium Pass Lotus Domino /./ Request Database Locking DoS CVE-2001-0954 11 Jun 2003 5 (v2) Medium Pass MyServer <= 0.4.2 Multiple Remote DoS 23 Jun 2003 5 (v2) Medium Pass IBM DB2 JDBC Applet Server Detection 25 Sep 2006 None Pass eLDAPo index.php Plaintext Password Disclosure 18 Jun 2003 5 (v2) Medium Pass macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-3619 CVE-2016-4688 CVE-2016-5387 CVE-2016-5636 CVE-2016-7056 CVE-2016-7585 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2016-8740 CVE-2016-8743 CVE-2016-9533 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9538 CVE-2016-9539 CVE-2016-9540 CVE-2016-9586 CVE-2016-9935 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2017-2379 CVE-2017-2381 CVE-2017-2388 CVE-2017-2390 CVE-2017-2398 CVE-2017-2401 CVE-2017-2402 CVE-2017-2403 CVE-2017-2406 CVE-2017-2407 CVE-2017-2408 CVE-2017-2409 CVE-2017-2410 CVE-2017-2413 CVE-2017-2416 CVE-2017-2417 CVE-2017-2418 CVE-2017-2420 CVE-2017-2421 CVE-2017-2422 CVE-2017-2423 CVE-2017-2425 CVE-2017-2426 CVE-2017-2427 CVE-2017-2428 CVE-2017-2429 CVE-2017-2430 CVE-2017-2431 CVE-2017-2432 CVE-2017-2435 CVE-2017-2436 CVE-2017-2437 CVE-2017-2438 CVE-2017-2439 CVE-2017-2440 CVE-2017-2441 CVE-2017-2443 CVE-2017-2448 CVE-2017-2449 CVE-2017-2450 CVE-2017-2451 CVE-2017-2456 CVE-2017-2458 CVE-2017-2461 CVE-2017-2462 CVE-2017-2467 CVE-2017-2472 CVE-2017-2473 CVE-2017-2474 CVE-2017-2477 CVE-2017-2478 CVE-2017-2482 CVE-2017-2483 CVE-2017-2485 CVE-2017-2487 CVE-2017-2489 CVE-2017-2490 CVE-2017-5029 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 CVE-2017-6974 CVE-2017-707031 Mar 2017 9.8 (v3) Critical Pass Cisco IOS Multicast Routing Multiple DoS (cisco-sa-20160928-msdp) CVE-2016-6382 CVE-2016-6392 07 Oct 2016 7.5 (v3) High Pass Microsoft Windows Server 2003 Unsupported Installation Detection 14 Jul 2015 10 (v3) Critical Pass Foreman Smart-Proxy TFTP Remote Command Injection CVE-2014-0007 17 Jul 2014 8.8 (v3) High Pass HP SiteScope getFileInternal Arbitrary File Download 14 Sep 2012 7.8 (v2) High Pass Cisco Email Security Appliance Filter Bypass Vulnerability CVE-2017-12353 14 Dec 2017 5.8 (v3) Medium Pass Microsoft Exchange Server Unsupported Version Detection (Uncredentialed) 03 Apr 2018 10 (v3) Critical Pass IBM Tivoli Storage Manager FastBack Mount 6.1.x < 6.1.11.1 Multiple Vulnerabilities CVE-2015-0120 CVE-2015-1896 CVE-2015-1898 08 May 2015 10 (v2) Critical Pass Cisco TelePresence IP VCR Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass Cisco NX-OS Software Arbitrary File Overwrite Vulnerability CVE-2019-1729 02 Sep 2019 6 (v3) Medium Pass VMware ESX / ESXi Remotely Accessible Method Object Browser API 24 Jan 2019 10 (v3) Critical Pass Cisco NX-OS Software SNMP Access Control List Conﬁguration Name Bypass Vulnerability (CVE-2019-1969)CVE-2019-1969 13 Sep 2019 5.3 (v3) Medium Pass Symantec Messaging Gateway 10.x < 10.7.3 Multiple Vulnerabilities (SYMSA1501) CVE-2019-18377 CVE-2019-18378 CVE-2019-18379 18 Dec 2019 7.3 (v3) High Pass ASG-Sentry File Check Utility /snmx-cgi/fcheck.exe Arbitrary File Overwrite CVE-2008-1322 14 Oct 2008 7.8 (v2) High Pass Microsoft Windows 8 Unsupported Installation Detection 03 Feb 2016 10 (v2) Critical Pass Cisco Hyperﬂex HX-Series Software Weak Storage (cisco-sa-HYP-WSV-yT3j5hSB) CVE-2020-3389 25 Aug 2020 4.4 (v3) Medium Pass Check_MK Internal Server Error XSS CVE-2017-11507 14 Dec 2017 6.1 (v3) Medium Pass OpenSSL 1.0.1 < 1.0.1o ASN.1 Encoder Negative Zero Value Handling RCE CVE-2016-2108 04 May 2016 9.8 (v3) Critical Pass IBM DB2 10.1 < Fix Pack 5 Multiple Vulnerabilities (Bar Mitzvah) CVE-2014-0919 CVE-2014-3094 CVE-2014-3095 CVE-2014-6159 CVE-2014-6209 CVE-2014-6210 CVE-2014-8901 CVE-2014-8910 CVE-2015-0138 CVE-2015-0157 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 CVE-2015-280818 Jul 2015 9.8 (v3) Critical Pass ProFTPD TELNET IAC Escape Sequence Remote Buﬀer Overﬂow CVE-2010-4221 15 Oct 2013 9.8 (v3) Critical Pass Xerox WorkCentre Unspeciﬁed Remote Protocol Authorization Bypass (XRX13-008) 28 Oct 2013 10 (v2) Critical Pass Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Remote Overﬂow (MS03-051 / 813360)CVE-2003-0822 CVE-2003-0824 12 Nov 2003 7.5 (v2) High Pass TCP/IP Multicast Address Handling Remote DoS (spank.c) 22 Oct 2003 6.5 (v3) Medium Pass EZsite Forum Discloses Passwords to Remote Users 04 Sep 2003 5 (v2) Medium Pass Elasticsearch ESA-2017-03 CVE-2017-8449 22 Aug 2018 5.9 (v3) Medium Pass Bitvise SSH Server < 7.41 Multiple Vulnerabilities (remote) 01 Jun 2018 5.3 (v3) Medium Pass PHP < 4.3.3 Multiple Vulnerabilities CVE-2002-1396 CVE-2003-0442 CVE-2003-0860 CVE-2003-0861 24 Sep 2003 7.5 (v2) High Pass ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check) CVE-2009-3560 CVE-2009-3720 CVE-2010-0405 CVE-2010-1634 CVE-2010-2089 CVE-2011-1521 CVE-2012-1518 13 Nov 2013 8.3 (v2) High Pass Elasticsearch ESA-2018-10 CVE-2018-3826 22 Aug 2018 6.5 (v3) Medium Pass Elasticsearch ESA-2017-09 CVE-2017-8441 22 Aug 2018 4.3 (v3) Medium Pass Apache Hadoop YARN ResourceManager Unauthenticated RCE (Remote) (Xbash) 20 Sep 2018 10 (v3) Critical Pass PHP 7.2.x < 7.2.10 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass Icecast list.cgi User-Agent XSS CVE-2004-0781 27 Aug 2004 4.3 (v2) Medium Pass Bytes Interactive Web Shopper shopper.cgi Traversal Arbitrary File Access CVE-2000-0922 10 Oct 2000 5 (v2) Medium Pass Logstash ESA-2014-02 CVE-2014-4326 06 Dec 2018 7.3 (v3) High Pass Logstash ESA-2015-04 CVE-2015-4152 06 Dec 2018 6.5 (v3) Medium Pass AlienVault OSSIM get_fqdn() RCE 24 May 2017 9.8 (v3) Critical Pass EMC Cloud Tiering Appliance User Interface Default Credentials 07 Apr 2014 10 (v2) Critical Pass PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access CVE-2001-1204 17 Jan 2002 5 (v2) Medium Pass SSL Certiﬁcate Validity - Duration 08 Jan 2019 4.8 (v3) Medium Pass Adobe Connect <= 9.8.1 Session Token Exposure Vulnerability (ASPB19-05) CVE-2018-19718 11 Jan 2019 5.3 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Apr 2019 CPU) CVE-2019-2588 CVE-2019-2595 CVE-2019-2601 CVE-2019-2616 18 Apr 2019 8.2 (v3) High Pass Kibana ESA-2018-03 CVE-2018-3819 14 Jan 2019 6.1 (v3) Medium Pass Joomla! Extension 'JCK Suite' - 'jckeditor' =< 6.4.4 Privilege Escalation 21 Jan 2019 8.3 (v3) High Pass Pulse Connect Secure Multiple Vulnerabilities (SA44101) CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16513 CVE-2018-18284 CVE-2019-11507 CVE-2019-11508 CVE-2019-11509 CVE-2019-11510 CVE-2019-11538 CVE-2019-11539 CVE-2019-11540 CVE-2019-11541 CVE-2019-11542 CVE-2019-1154310 May 2019 10 (v3) Critical Pass ClusterLabs Pacemaker PCS Daemon Default Password CVE-2015-1842 07 May 2015 10 (v2) Critical Pass Juniper Junos Network Topology Loop DoS (JSA10719) CVE-2016-1260 22 Jan 2016 5 (v2) Medium Pass Juniper Junos HTTP Request Handling J-Web DoS (JSA10720) CVE-2016-1258 22 Jan 2016 5 (v2) Medium Pass Juniper Junos RTSP Packet Handling ﬂowd DoS (JSA10721) CVE-2016-1262 22 Jan 2016 4.3 (v2) Medium Pass Cisco Wireless LAN Controller Unauthorized Access Vulnerability CVE-2015-6314 22 Jan 2016 9.8 (v3) Critical Pass Oracle GlassFish Server URL normalization Denial of Service 19 Jun 2018 7.5 (v3) High Pass Cisco Nexus 9000 Series APIC Access Control Vulnerability (CSCut12998) CVE-2016-1302 12 Feb 2016 8.8 (v3) High Pass OpenSSL 1.1.1 < 1.1.1a Multiple Vulnerabilities CVE-2018-0734 CVE-2018-0735 25 Jan 2019 5.9 (v3) Medium Pass WordPress Plugin 'LearnDash' < 3.1.6 SQLi CVE-2020-6009 04 May 2020 9.8 (v3) Critical Pass Appointments Plugin for WordPress < 2.2.2 PHP Object Injection 05 Dec 2017 8.3 (v3) High Pass BuddyPress Plugin for WordPress < 2.9.2 Information Disclosure 18 Dec 2017 5.8 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2n Multiple Vulnerabilities CVE-2017-3737 CVE-2017-3738 15 Dec 2017 5.9 (v3) Medium Pass OpenSSL 1.1.0 < 1.1.0h AVX2 Montgomery Multiplication Private Key Derivation Weakness CVE-2017-3738 CVE-2018-0739 15 Dec 2017 5.9 (v3) Medium Pass Apple TV < 11.2 Multiple Vulnerabilities CVE-2017-7154 CVE-2017-7156 CVE-2017-7157 CVE-2017-7160 CVE-2017-7162 CVE-2017-13833 CVE-2017-13855 CVE-2017-13856 CVE-2017-13861 CVE-2017-13862 CVE-2017-13865 CVE-2017-13866 CVE-2017-13867 CVE-2017-13868 CVE-2017-13869 CVE-2017-13870 CVE-2017-1387605 Jan 2018 7.8 (v3) High Pass Cisco Wireless LAN Controller Client Disconnection DoS CVE-2015-6341 22 Jan 2016 5 (v2) Medium Pass IBM Tivoli Provisioning Manager for OS Deployment TFTPD Malformed PRQ Request DoS CVE-2007-3268 19 Jul 2007 5 (v2) Medium Pass Western Digital MyCloud Unauthenticated File Upload CVE-2017-17560 10 Jan 2018 9.8 (v3) Critical Pass pfSense < 2.1.3 Remote Denial of Service Vulnerability (SA-14_05) CVE-2014-3000 31 Jan 2018 8.2 (v3) High Pass pfSense < 2.1.4 Multiple Vulnerabilities (SA-14_08 - SA-14_12) CVE-2014-4687 CVE-2014-4688 CVE-2014-4689 CVE-2014-4690 CVE-2014-4691 CVE-2014-4692 31 Jan 2018 6.5 (v3) Medium Pass Nortel Meridian Integrated RAN Default Admin Credentials 24 Feb 2014 10 (v2) Critical Pass Cisco Prime Data Center Network Manager File Upload RCE (cisco-sa-20180502-prime-upload) CVE-2018-0258 13 Jun 2018 9.8 (v3) Critical 22

Pass Juniper Junos SRX Series FTP ALG ftps-extension TCP Port Exposure (JSA10706) CVE-2015-5361 26 Oct 2015 6.4 (v2) Medium Pass Juniper Junos Corrupt pam.conf Security Bypass (JSA10707) CVE-2015-7751 26 Oct 2015 6.9 (v2) Medium Pass NUUO NVRMini2 Multiple Vulnerabilities CVE-2018-1149 CVE-2018-1150 17 Sep 2018 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0 < Fix Pack 5 CVE-2009-0899 CVE-2009-1195 CVE-2009-1898 CVE-2009-1899 CVE-2009-1900 CVE-2009-1901 CVE-2009-2085 CVE-2009-2087 CVE-2009-2088 CVE-2009-2089 CVE-2009-0899 CVE-2009-2090 CVE-2009-2091 CVE-2009-209231 Aug 2009 6.8 (v2) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jul 2017 CPU) CVE-2016-3092 CVE-2017-10024 CVE-2017-10025 CVE-2017-10028 CVE-2017-10029 CVE-2017-10030 CVE-2017-10035 CVE-2017-10041 CVE-2017-10043 CVE-2017-10058 CVE-2017-10059 CVE-2017-10156 CVE-2017-1015704 Jul 2019 8.2 (v3) High Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jul 2019 CPU) CVE-2015-9251 CVE-2019-2742 CVE-2019-2767 CVE-2019-2768 CVE-2019-2771 17 Jul 2019 8.2 (v3) High Pass Cisco NX-OS Software IPv6 Denial of Service Vulnerability (cisco-sa-20190828-nxos-ipv6-dos) CVE-2019-1964 10 Jan 2020 7.5 (v3) High Pass PHP-Fusion extract() Global Variable Overwriting CVE-2006-4673 08 Sep 2006 2.6 (v2) Low Pass WP Smart Security Plugin for WordPress PHP Object Injection 08 Dec 2017 8.3 (v3) High Pass HP Operations Orchestration 10.x < 10.51 Java Object Deserialization RCE CVE-2016-1997 23 Mar 2016 9.8 (v3) Critical Pass Operating System Unsupported Version Detection in banner reporting (PCI-DSS check) 22 Feb 2019 10 (v3) Critical Pass Apple TV < 9.1.1 Multiple Vulnerabilities CVE-2015-7995 CVE-2016-1717 CVE-2016-1719 CVE-2016-1720 CVE-2016-1721 CVE-2016-1722 CVE-2016-1724 CVE-2016-1727 27 Jan 2016 8.8 (v3) High Pass MySQL 8.0.x < 8.0.17 Multiple Vulnerabilities (July 2019 CPU) CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2741 CVE-2019-2752 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2780 CVE-2019-2784 CVE-2019-2785 CVE-2019-2789 CVE-2019-2791 CVE-2019-2795 CVE-2019-2796 CVE-2019-2797 CVE-2019-2800 CVE-2019-2801 CVE-2019-2802 CVE-2019-2803 CVE-2019-2805 CVE-2019-2808 CVE-2019-2810 CVE-2019-2811 CVE-2019-2812 CVE-2019-2814 CVE-2019-2815 CVE-2019-2819 CVE-2019-2822 CVE-2019-2826 CVE-2019-2830 CVE-2019-2834 CVE-2019-2879 CVE-2019-2948 CVE-2019-2950 CVE-2019-2969 CVE-2019-300318 Jul 2019 7.5 (v3) High Pass OpenSSL 1.0.2 < 1.0.2g Multiple Vulnerabilities (DROWN) CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 02 Mar 2016 9.8 (v3) Critical Pass VMware ESX sudo Package Multiple Vulnerabilities (VMSA-2013-0007) (remote check) CVE-2012-2337 CVE-2012-3440 04 Mar 2016 7.2 (v2) High Pass NFX Series: Insecure sshd conﬁguration in Juniper Device Manager (JDM) and host OS (JSA10878) CVE-2018-0044 05 Jul 2019 8.1 (v3) High Pass pfSense < 2.1.5 Multiple Vulnerabilities (SA-14_15 - SA-14_17) 31 Jan 2018 9.8 (v3) Critical Pass OpenSSL 0.9.8 < 0.9.8zd Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 16 Jan 2015 5 (v2) Medium Pass Cisco HyperFlex Software Unauthenticated Root Access (cisco-sa-20190220-chn-root-access) CVE-2019-1664 25 Aug 2020 7.8 (v3) High Pass pfSense 2.3.x < 2.3.5-p1 / 2.4.x < 2.4.2-p1 Multiple Vulnerabilities (SA-17_10 / SA-17_11) CVE-2017-3737 CVE-2017-3738 31 Jan 2018 5.9 (v3) Medium Pass EMC Data Protection Advisor < 6.4.110 Database Hardcoded Password Vulnerability CVE-2018-1206 16 Mar 2018 7.8 (v3) High Pass Cisco HyperFlex Software Command Injection (cisco-sa-20190220-hyperﬂex-injection) CVE-2018-15380 25 Aug 2020 8.8 (v3) High Pass Web Form Sending Credentials Using GET (PCI-DSS check) 03 Apr 2018 5.3 (v3) Medium Pass OpenSSL 0.9.8 < 0.9.8zf Multiple Vulnerabilities CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2016-0703 CVE-2016-0704 24 Mar 2015 6.8 (v2) Medium Pass SonicWALL Global Management System (GMS) / Analyzer sgms Webapp File Deletion 04 May 2018 7.3 (v3) High Pass Splunk Enterprise < 5.0.19 / 6.0.15 / 6.1.14 / 6.2.14 / 6.3.11 Error Message Spooﬁng 16 Jun 2017 4.3 (v3) Medium Pass Cisco TelePresence TC and TE Software Multiple Vulnerabilities (cisco-sa-20150513-tc) CVE-2014-2174 CVE-2015-0722 20 May 2015 8.3 (v2) High Pass Microsoft IIS IDC Extension XSS 24 Oct 2002 4.3 (v2) Medium Pass Linksys Smart Wi-Fi Router CGI Scripts Information Disclosure 19 Jul 2017 5.3 (v3) Medium Pass MS04-031: Vulnerability NetDDE Could Allow Code Execution (841533) (uncredentialed check) CVE-2004-0206 27 Oct 2004 10 (v2) Critical Pass BlackBoard Internet Newsboard System checkdb.inc.php libpath Parameter Remote File Inclusion CVE-2004-1582 11 Oct 2004 7.5 (v2) High Pass SolarWinds Orion Multiple SQLi Vulnerabilities CVE-2014-9566 27 May 2015 7.5 (v2) High Pass Observium PHP Object Unserialization Remote File Writing Vulnerability 29 Nov 2016 9.8 (v3) Critical Pass ONVIF Username and Password leak 31 Oct 2017 5.3 (v3) Medium Pass SonicWALL Global Management System (GMS) 8.x < 8.2 Multiple Vulnerabilities 05 Jan 2017 8.3 (v3) High Pass Cisco Data Center Network Manager SQL Injection (cisco-sa-dcnm-sql-inject-8hk6PwmF) CVE-2020-3462 11 Aug 2020 6.3 (v3) Medium Pass Trend Micro InterScan VirusWall /interscan/cgi-bin/FtpSave.dll Unauthenticated Remote Conﬁguration ManipulationCVE-2001-0432 23 Aug 2001 10 (v2) Critical Pass IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12 Multiple Vulnerabilities CVE-2015-1923 CVE-2015-1924 CVE-2015-1925 CVE-2015-1929 CVE-2015-1930 CVE-2015-1938 CVE-2015-1941 CVE-2015-1942 CVE-2015-1948 CVE-2015-1949 CVE-2015-1953 CVE-2015-1954 CVE-2015-1962 CVE-2015-1963 CVE-2015-1964 CVE-2015-1965 CVE-2015-1986 CVE-2016-0212 CVE-2016-0213 CVE-2016-021607 Jul 2015 9.8 (v3) Critical Pass McAfee ePolicy Orchestrator Agent < 5.0.4.449 Log Viewer DoS CVE-2017-3896 16 Feb 2017 5.9 (v3) Medium Pass NetIQ Sentinel Java Object Deserialization RCE 20 Apr 2016 9.8 (v3) Critical Pass Trend Micro Control Manager download.php File Disclosure 17 Feb 2017 7.5 (v3) High Pass Cisco Data Center Network Manager Improper Authorization (cisco-sa-dcnm-improper-auth-7Krd9TDT) CVE-2020-3386 11 Aug 2020 8.8 (v3) High Pass Cisco Data Center Network Manager Information Disclosure (cisco-sa-dcnm-info-disclosure-tFX3KerC) CVE-2020-3461 12 Aug 2020 5.3 (v3) Medium Pass NetGain Enterprise Manager Command Injection 10 Mar 2017 9.8 (v3) Critical Pass Microsoft IIS 6.0 Unsupported Version Detection 17 Apr 2017 10 (v3) Critical Pass MySQL 8.0.x < 8.0.18 Multiple Vulnerabilities (Oct 2019 CPU) CVE-2019-2911 CVE-2019-2914 CVE-2019-2938 CVE-2019-2946 CVE-2019-2957 CVE-2019-2960 CVE-2019-2963 CVE-2019-2966 CVE-2019-2967 CVE-2019-2968 CVE-2019-2974 CVE-2019-2982 CVE-2019-2991 CVE-2019-2993 CVE-2019-2997 CVE-2019-2998 CVE-2019-3004 CVE-2019-3009 CVE-2019-3011 CVE-2019-3018 CVE-2019-5443 CVE-2020-2580 CVE-2020-2589 CVE-2020-2752 CVE-2021-2001 CVE-2021-216018 Oct 2019 7.8 (v3) High Pass Sophos Web Protection Appliance Multiple Vulnerabilities CVE-2013-4983 CVE-2013-4984 26 Sep 2013 10 (v3) Critical Pass Microsoft DNS Server Inverse Query Buﬀer Over-Read CVE-2016-82007 24 Mar 2016 4 (v2) Medium Pass MailEnable Webmail Malformed Encoded Quoted-printable Email DoS (CVE-2006-1338) CVE-2006-1338 22 Mar 2006 5 (v2) Medium Pass Cisco TelePresence Server Malformed STUN Packet Processing DoS (cisco-sa-20160406-cts2) CVE-2015-6312 15 Apr 2016 7.5 (v3) High Pass ESXi 6.5 / 6.7 XSS (VMSA-2020-0008) CVE-2020-3955 15 Jul 2020 9.3 (v3) Critical Pass Core FTP Server < 1.2 Build 588 32-bit Unspeciﬁed Overﬂow Vulnerability 27 Apr 2016 10 (v2) Critical Pass WP Mobile Detector Plugin for WordPress File Upload RCE 19 Jul 2016 7.5 (v2) High Pass SolarWinds Server & Application Monitor (SAM) Alert Handling Local Privilege Escalation 03 Jun 2016 6.8 (v2) Medium Pass IBM Domino 8.5.x < 8.5.3 FP 5 Multiple Vulnerabilities CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0401 CVE-2013-0402 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0437 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0445 CVE-2013-0446 CVE-2013-0448 CVE-2013-0449 CVE-2013-0450 CVE-2013-0809 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1479 CVE-2013-1480 CVE-2013-1481 CVE-2013-1488 CVE-2013-1489 CVE-2013-1491 CVE-2013-1493 CVE-2013-1500 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1561 CVE-2013-1563 CVE-2013-1564 CVE-2013-1569 CVE-2013-1571 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2400 CVE-2013-2407 CVE-2013-2412 CVE-2013-2414 CVE-2013-2415 CVE-2013-2416 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2425 CVE-2013-2426 CVE-2013-2427 CVE-2013-2428 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2432 CVE-2013-2433 CVE-2013-2434 CVE-2013-2435 CVE-2013-2436 CVE-2013-2437 CVE-2013-2438 CVE-2013-2439 CVE-2013-2440 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2462 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2467 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3006 CVE-2013-3007 CVE-2013-3008 CVE-2013-3009 CVE-2013-3010 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-3744 CVE-2013-400204 Nov 2013 10 (v2) Critical Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.1 Multiple Vulnerabilities CVE-2012-2098 CVE-2013-0460 CVE-2013-0464 CVE-2013-0467 CVE-2013-0599 CVE-2013-1862 CVE-2013-1896 CVE-2013-3029 CVE-2013-4004 CVE-2013-4005 CVE-2013-4006 CVE-2013-4052 CVE-2013-4053 CVE-2013-5414 CVE-2013-5417 CVE-2013-5418 CVE-2013-542505 Dec 2013 6.8 (v2) Medium Pass Sonatype Nexus Repository Manager Java Object Deserialization RCE 20 Jul 2016 10 (v2) Critical Pass Synology DiskStation Manager (DSM) Web Administration Interface Default Credentials 16 Sep 2016 9.8 (v3) Critical Pass Cisco IOS XR Software BGP EVPN DoS (cisco-sa-20200122-ios-xr-evpn) CVE-2019-16019 CVE-2019-16020 CVE-2019-16021 CVE-2019-16022 CVE-2019-16023 31 Jan 2020 8.6 (v3) High Pass pfSense 2.3.x < 2.3.5-p2 / 2.4.x < 2.4.3-p1 Multiple Vulnerabilities (SA-18_04 / SA-18_05) CVE-2018-6920 CVE-2018-6921 CVE-2018-8897 27 Dec 2018 7.8 (v3) High Pass CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO87569) CVE-2007-1785 CVE-2007-2139 25 Apr 2007 10 (v2) Critical Pass ManageEngine Desktop Central Tools Execution Status Update RCE (intrusive check) 21 Oct 2015 10 (v2) Critical Pass Symantec Reporting Server < 1.0.224.0 Multiple Vulnerabilities CVE-2007-3021 CVE-2007-3022 CVE-2007-3095 08 Jun 2007 9 (v2) High Pass ServerView Servername Parameter Arbitrary Command Execution CVE-2007-3011 06 Jul 2007 7.5 (v2) High Pass OpenSSL 0.9.8 < 0.9.8za Multiple Vulnerabilities CVE-2014-0076 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 06 Jun 2014 6.8 (v2) Medium Pass ESXi 5.0 < Build 3086167 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)CVE-2015-6933 15 Jan 2016 6.3 (v3) Medium Pass Cisco IOS Smart Install Packet Image List Parameter Handling DoS (cisco-sa-20160323-smi) CVE-2016-1349 06 Apr 2016 7.5 (v3) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 8 Multiple Vulnerabilities CVE-2013-0460 CVE-2013-4052 CVE-2013-4053 CVE-2013-5372 CVE-2013-5414 CVE-2013-5417 CVE-2013-5418 CVE-2013-5780 CVE-2013-5803 CVE-2013-6325 CVE-2013-672520 Jan 2014 6.8 (v2) Medium Pass Lexmark Markvision Enterprise Java Object Deserialization RCE CVE-2016-1487 17 Feb 2016 10 (v2) Critical Pass Apple TV < 11.3 Multiple Vulnerabilities CVE-2018-4101 CVE-2018-4104 CVE-2018-4113 CVE-2018-4114 CVE-2018-4115 CVE-2018-4118 CVE-2018-4119 CVE-2018-4120 CVE-2018-4121 CVE-2018-4122 CVE-2018-4125 CVE-2018-4127 CVE-2018-4128 CVE-2018-4129 CVE-2018-4130 CVE-2018-4142 CVE-2018-4143 CVE-2018-4144 CVE-2018-4146 CVE-2018-4150 CVE-2018-4155 CVE-2018-4157 CVE-2018-4161 CVE-2018-4162 CVE-2018-4163 CVE-2018-4165 CVE-2018-4166 CVE-2018-416716 Apr 2018 7.8 (v3) High Pass Microsoft IIS webhits.dll Hit-Highlighting Authentication Bypass CVE-2007-2815 25 Mar 2008 4.3 (v2) Medium Pass Seditio plug.php pag_sub Parameter SQL Injection CVE-2007-6202 02 Dec 2007 6.8 (v2) Medium Pass ESXi 5.0 < Build 1749766 Multiple Vulnerabilities (remote check) CVE-2013-5211 CVE-2014-8370 29 Jan 2015 6.4 (v2) Medium Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0004) (remote check) CVE-2008-3916 CVE-2008-4316 CVE-2008-4552 CVE-2009-0115 CVE-2009-0590 CVE-2009-1189 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-2695 CVE-2009-2849 CVE-2009-2904 CVE-2009-2905 CVE-2009-2908 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3560 CVE-2009-3563 CVE-2009-3612 CVE-2009-3613 CVE-2009-3620 CVE-2009-3621 CVE-2009-3720 CVE-2009-3726 CVE-2009-402208 Mar 2016 9.3 (v2) High Pass Cisco NX-OS Software Data Management Engine Remote Code Execution (cisco-sa-nxos-dme-rce-cbE3nhZS)CVE-2020-3415 02 Sep 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.1 Out-of-Sequence Packet Firewall Bypass 17 Jun 2016 5 (v2) Medium Pass Citrix SD-WAN Center Command Injection CVE-2019-10883 11 Apr 2019 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.4 Multiple Vulnerabilities (POODLE) CVE-2013-5704 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3021 CVE-2014-3566 CVE-2014-4770 CVE-2014-4816 CVE-2014-6164 CVE-2014-6166 CVE-2014-6167 CVE-2014-6174 CVE-2014-889007 Jan 2015 6.8 (v2) Medium Pass ESXi 6.0 / 6.5 / 6.7 Out-of-Bounds Read Vulnerability (VMSA-2018-0026) (Remote Check) CVE-2018-6974 26 Oct 2018 8.8 (v3) High Pass OpenDocMan Access Control Bypass 26 Jul 2004 4.3 (v2) Medium Pass Cisco Data Center Network Manager Authorization Bypass (cisco-sa-dcnm-auth-bypass-MYeFpFcF) CVE-2020-3522 01 Sep 2020 6.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.4 RCE (6258333)CVE-2020-4589 27 Aug 2020 9.8 (v3) Critical Pass VMware Security Updates for vCenter Server (VMSA-2015-0001) (POODLE) CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 03 Feb 2015 4.3 (v2) Medium Pass Apple TV < 11 Multiple Vulnerabilities CVE-2017-7080 CVE-2017-7081 CVE-2017-7083 CVE-2017-7086 CVE-2017-7087 CVE-2017-7090 CVE-2017-7091 CVE-2017-7092 CVE-2017-7093 CVE-2017-7094 CVE-2017-7095 CVE-2017-7096 CVE-2017-7098 CVE-2017-7099 CVE-2017-7100 CVE-2017-7102 CVE-2017-7103 CVE-2017-7104 CVE-2017-7105 CVE-2017-7107 CVE-2017-7108 CVE-2017-7109 CVE-2017-7110 CVE-2017-7111 CVE-2017-7112 CVE-2017-7114 CVE-2017-7115 CVE-2017-7116 CVE-2017-7117 CVE-2017-7120 CVE-2017-7127 CVE-2017-7128 CVE-2017-7129 CVE-2017-7130 CVE-2017-11120 CVE-2017-1112122 Sep 2017 9.8 (v3) Critical Pass IBM BigFix Platform 9.5.x < 9.5.12 Multiple Vulnerabilities CVE-2012-5883 CVE-2012-6708 CVE-2015-9251 CVE-2018-5407 CVE-2019-4013 03 May 2019 9.9 (v3) Critical Pass Apache Tomcat 8.5.x < 8.5.58 / 9.0.x < 9.0.38 HTTP/2 Request Mix-Up CVE-2020-13943 14 Oct 2020 4.3 (v3) Medium Pass Apple iTunes for Windows < 12.9.5 Multiple Vulnerabilities (uncredentialed check) CVE-2019-6237 CVE-2019-8571 CVE-2019-8577 CVE-2019-8583 CVE-2019-8584 CVE-2019-8586 CVE-2019-8587 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8598 CVE-2019-8600 CVE-2019-8601 CVE-2019-8602 CVE-2019-8607 CVE-2019-8608 CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 CVE-2019-8615 CVE-2019-8619 CVE-2019-8622 CVE-2019-8623 CVE-2019-862804 Jul 2019 9.8 (v3) Critical Pass Cisco Data Center Network Manager Path Traversal (cisco-sa-dcnm-patrav-pW9RkhyW) CVE-2020-3519 01 Sep 2020 8.1 (v3) High Pass ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (rCVE-2017-4903 CVE-2017-4904 CVE-2017-4905emote check) 31 Mar 2017 8.8 (v3) High Pass SSL/TLS EXPORT_DHE <= 512-bit Export Cipher Suites Supported (Logjam) CVE-2015-4000 21 May 2015 3.7 (v3) Low Pass Cisco Prime Infrastructure Cross-Site Scripting (cisco-sa-20191002-pi-xss-12713) CVE-2019-12713 02 Sep 2020 6.1 (v3) Medium Pass Marvell QConvergeConsole (QCC) FlashValidatorServiceImpl decryptFile Path Traversal RCE CVE-2020-15639 02 Sep 2020 9.8 (v3) Critical Pass ManageEngine Applications Manager DowntimeSchedulerServlet 'TASKID' Blind SQLi 17 Jun 2015 10 (v2) Critical Pass ManageEngine Applications Manager IT360UtilitiesServlet SQLi 17 Jun 2015 10 (v2) Critical Pass Apple iTunes < 10.7 Multiple Vulnerabilities (uncredentialed check) CVE-2011-3016 CVE-2011-3021 CVE-2011-3027 CVE-2011-3032 CVE-2011-3034 CVE-2011-3035 CVE-2011-3036 CVE-2011-3037 CVE-2011-3038 CVE-2011-3039 CVE-2011-3040 CVE-2011-3041 CVE-2011-3042 CVE-2011-3043 CVE-2011-3044 CVE-2011-3050 CVE-2011-3053 CVE-2011-3059 CVE-2011-3060 CVE-2011-3064 CVE-2011-3068 CVE-2011-3069 CVE-2011-3071 CVE-2011-3073 CVE-2011-3074 CVE-2011-3075 CVE-2011-3076 CVE-2011-3078 CVE-2011-3081 CVE-2011-3086 CVE-2011-3089 CVE-2011-3090 CVE-2011-3105 CVE-2011-3913 CVE-2011-3924 CVE-2011-3926 CVE-2011-3958 CVE-2011-3966 CVE-2011-3968 CVE-2011-3969 CVE-2011-3971 CVE-2012-0682 CVE-2012-0683 CVE-2012-1520 CVE-2012-1521 CVE-2012-2817 CVE-2012-2818 CVE-2012-2829 CVE-2012-2831 CVE-2012-2842 CVE-2012-2843 CVE-2012-3589 CVE-2012-3590 CVE-2012-3591 CVE-2012-3592 CVE-2012-3593 CVE-2012-3594 CVE-2012-3595 CVE-2012-3596 CVE-2012-3597 CVE-2012-3598 CVE-2012-3599 CVE-2012-3600 CVE-2012-3601 CVE-2012-3602 CVE-2012-3603 CVE-2012-3604 CVE-2012-3605 CVE-2012-3606 CVE-2012-3607 CVE-2012-3608 CVE-2012-3609 CVE-2012-3610 CVE-2012-3611 CVE-2012-3612 CVE-2012-3613 CVE-2012-3614 CVE-2012-3615 CVE-2012-3616 CVE-2012-3617 CVE-2012-3618 CVE-2012-3620 CVE-2012-3621 CVE-2012-3622 CVE-2012-3623 CVE-2012-3624 CVE-2012-3625 CVE-2012-3626 CVE-2012-3627 CVE-2012-3628 CVE-2012-3629 CVE-2012-3630 CVE-2012-3631 CVE-2012-3632 CVE-2012-3633 CVE-2012-3634 CVE-2012-3635 CVE-2012-3636 CVE-2012-3637 CVE-2012-3638 CVE-2012-3639 CVE-2012-3640 CVE-2012-3641 CVE-2012-3642 CVE-2012-3643 CVE-2012-3644 CVE-2012-3645 CVE-2012-3646 CVE-2012-3647 CVE-2012-3648 CVE-2012-3649 CVE-2012-3651 CVE-2012-3652 CVE-2012-3653 CVE-2012-3654 CVE-2012-3655 CVE-2012-3656 CVE-2012-3657 CVE-2012-3658 CVE-2012-3659 CVE-2012-3660 CVE-2012-3661 CVE-2012-3663 CVE-2012-3664 CVE-2012-3665 CVE-2012-3666 CVE-2012-3667 CVE-2012-3668 CVE-2012-3669 CVE-2012-3670 CVE-2012-3671 CVE-2012-3672 CVE-2012-3673 CVE-2012-3674 CVE-2012-3675 CVE-2012-3676 CVE-2012-3677 CVE-2012-3678 CVE-2012-3679 CVE-2012-3680 CVE-2012-3681 CVE-2012-3682 CVE-2012-3683 CVE-2012-3684 CVE-2012-3685 CVE-2012-3686 CVE-2012-3687 CVE-2012-3688 CVE-2012-3692 CVE-2012-3699 CVE-2012-3700 CVE-2012-3701 CVE-2012-3702 CVE-2012-3703 CVE-2012-3704 CVE-2012-3705 CVE-2012-3706 CVE-2012-3707 CVE-2012-3708 CVE-2012-3709 CVE-2012-3710 CVE-2012-3711 CVE-2012-371213 Sep 2012 10 (v2) Critical Pass MS16-047: Security Update for SAM and LSAD Remote Protocols (3148527) (Badlock) (uncredentialed check)CVE-2016-0128 13 Apr 2016 6.8 (v3) Medium Pass ESXi 5.5 / 6.0 / 6.5 / Hypervisor-Assisted Guest Remediation for Speculative Execution (VMSA-2018-0004) (SpectrCVE-2017-5715e) (remote check) 12 Jan 2018 5.6 (v3) Medium Pass VMware vCenter Server 5.0.x < 5.0u3g / 5.1.x < 5.1u3d / 5.5.x < 5.5u2d Reﬂected XSS (VMSA-2016-0009)CVE-2015-6931 20 Jun 2016 6.1 (v3) Medium Pass HP Onboard Administrator Multiple Vulnerabilities CVE-2012-0128 CVE-2012-0129 CVE-2012-0130 26 Sep 2013 7.6 (v2) High Pass Puppet Unauthenticated Remote Code Execution CVE-2013-3567 28 Oct 2013 7.5 (v2) High Pass WarFTPd dir Command Traversal Arbitrary Directory Listing CVE-2001-0295 22 Jan 2003 5 (v2) Medium Pass Juniper Junos EmbedThis AppWeb error Parameter XSS 15 Nov 2013 4.3 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1d Multiple Vulnerabilities CVE-2012-2686 CVE-2013-0166 CVE-2013-0169 09 Feb 2013 2.6 (v2) Low Pass vBulletin upgrade.php Accessible 05 Nov 2013 7.5 (v2) High Pass Cisco Prime Infrastructure Cross-Site Scripting (cisco-sa-20191002-pi-xss-12712) CVE-2019-12712 02 Sep 2020 6.1 (v3) Medium Pass SolarWinds Virtualization Manager Java Object Deserialization RCE CVE-2016-3642 13 Jul 2016 9.8 (v3) Critical Pass Oracle GlassFish Server 3.0.1.x < 3.0.1.14 Multiple Vulnerabilities (July 2016 CPU) CVE-2015-3237 CVE-2016-3607 CVE-2016-3608 CVE-2016-5477 20 Jul 2016 9.8 (v3) Critical Pass Pages Pro ﬁlenote Parameter Traversal Arbitrary File Modiﬁcation 06 Feb 2003 9.7 (v2) High Pass Synology DiskStation Manager < 4.3-3776 Update 2 Multiple Vulnerabilities 05 Feb 2014 7.1 (v2) High Pass Novell ZENworks Conﬁguration Management < 11.2.3a Monthly Update 1 Multiple Vulnerabilities (credentialed check)CVE-2013-1093 CVE-2013-1094 CVE-2013-1095 CVE-2013-1097 18 Jun 2013 5.8 (v2) Medium Pass Apple TV < 10 Multiple Vulnerabilities CVE-2016-4611 CVE-2016-4658 CVE-2016-4702 CVE-2016-4708 CVE-2016-4712 CVE-2016-4718 CVE-2016-4725 CVE-2016-4726 CVE-2016-4728 CVE-2016-4730 CVE-2016-4733 CVE-2016-4734 CVE-2016-4735 CVE-2016-4737 CVE-2016-4738 CVE-2016-4753 CVE-2016-4759 CVE-2016-4765 CVE-2016-4766 CVE-2016-4767 CVE-2016-4768 CVE-2016-4772 CVE-2016-4773 CVE-2016-4774 CVE-2016-4775 CVE-2016-4776 CVE-2016-4777 CVE-2016-4778 CVE-2016-513128 Sep 2016 9.8 (v3) Critical Pass HP Network Automation RMI Registry Java Object Deserialization RCE CVE-2016-4385 04 Oct 2016 7.3 (v3) High 23

Pass Apple TV < 10.0.1 Multiple Vulnerabilities CVE-2016-4613 CVE-2016-4660 CVE-2016-4664 CVE-2016-4665 CVE-2016-4666 CVE-2016-4669 CVE-2016-4673 CVE-2016-4675 CVE-2016-4677 CVE-2016-4679 CVE-2016-4680 CVE-2016-4688 CVE-2016-7578 CVE-2016-7579 CVE-2016-7584 CVE-2016-761327 Oct 2016 7.8 (v3) High Pass MySQL User-Deﬁned Functions Multiple Vulnerabilities CVE-2005-2572 18 Nov 2011 8.5 (v2) High Pass MS12-017: Vulnerability in DNS Server Could Allow Denial of Service (2647170) (uncredentialed check) CVE-2012-0006 05 Mar 2014 5 (v2) Medium Pass HP Integrated Lights-Out (iLO) Default Credentials 07 Mar 2014 10 (v2) Critical Pass NAT-PMP Detection (remote network) 20 Mar 2014 7.3 (v3) High Pass Cisco Prime Infrastructure Virtual Domain Privilege Escalation (cisco-sa-20190619-prime-privescal) CVE-2019-1906 04 Sep 2020 6.5 (v3) Medium Pass EMC Cloud Tiering Appliance XML External Entity (XXE) Arbitrary File Disclosure CVE-2014-0644 07 Apr 2014 7.8 (v2) High Pass Cisco TelePresence TC Software Parameter Authentication Bypass (CSCuv00604) CVE-2015-4271 10 Sep 2015 6.4 (v2) Medium Pass Cisco ONS 15454 Controller Card DoS (CSCug97348) CVE-2014-2140 10 Apr 2014 5 (v2) Medium Pass VMware vCenter Multiple Vulnerabilities (VMSA-2015-0007) CVE-2015-1047 CVE-2015-2342 02 Oct 2015 10 (v2) Critical Pass IceWarp webmail/basic/index.html _c Parameter Directory Traversal 09 Dec 2010 5 (v2) Medium Pass Oracle Identity Analytics / Sun Role Manager Unspeciﬁed Remote Vulnerability (April 2014 CPU) CVE-2014-2411 28 Apr 2014 6.5 (v2) Medium Pass Cisco NX-OS Software Border Gateway Protocol Multicast VPN DoS (cisco-sa-nxosbgp-nlri-dos-458rG2OQ)CVE-2020-3397 02 Sep 2020 8.6 (v3) High Pass VMware vCenter Server Arbitrary File Upload (VMSA-2021-0020) CVE-2021-22005 06 Oct 2021 9.8 (v3) Critical Pass Atlassian Jira Unauthenticated User Enumeration (CVE-2020-36289) CVE-2020-36289 13 Oct 2021 5.3 (v3) Medium Pass Zope Malformed XML RPC Request Path Disclosure 17 Feb 2003 5 (v2) Medium Pass Caldera '/costview3/xmlrpc_server/xmlrpc.php' XMLRPC Request Remote Command Execution CVE-2014-2935 05 Jun 2014 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < 6.1.0.35 Multiple Vulnerabilities CVE-2010-0783 CVE-2010-0785 CVE-2011-0315 CVE-2011-0316 CVE-2011-1310 CVE-2011-1313 CVE-2011-1319 CVE-2011-1320 13 Jan 2011 4.3 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1s Multiple Vulnerabilities (DROWN) CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 02 Mar 2016 9.8 (v3) Critical Pass VMware ESX / ESXi VMCI Privilege Escalation (VMSA-2013-0002) (remote check) CVE-2013-1406 04 Mar 2016 7.2 (v2) High Pass Trend Micro ServerProtect Authentication Bypass Vulnerability (CVE-2021-36745) CVE-2021-36745 22 Oct 2021 9.8 (v3) Critical Pass Juniper Junos Privilege Escalation Vulnerability (JSA10977) CVE-2019-0070 09 Sep 2020 8.8 (v3) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 17 Multiple Vulnerabilities CVE-2011-1209 CVE-2011-1683 17 Jun 2011 6.8 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.39 Multiple Vulnerabilities CVE-2011-1209 CVE-2011-1355 CVE-2011-1356 22 Jul 2011 5.8 (v2) Medium Pass Halon Security Router < 3.2r2 Multiple Vulnerabilities 11 Aug 2014 4.3 (v2) Medium Pass Computer Associates ARCserve D2D homepageServlet Servlet Information Disclosure CVE-2011-3011 28 Jul 2011 10 (v2) Critical Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.5 Multiple Vulnerabilities 07 Jul 2016 10 (v2) Critical Pass OpenSSL < 0.9.8p / 1.0.0e Double Free Vulnerability CVE-2010-2939 04 Jan 2012 4.3 (v2) Medium Pass OpenSSL < 0.9.8s Multiple Vulnerabilities CVE-2011-1945 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 09 Jan 2012 9.3 (v2) High Pass ESXi 5.1 < Build 1743201 Multiple Vulnerabilities (remote check) CVE-2013-5211 CVE-2014-8370 CVE-2015-1044 29 Jan 2015 6.4 (v2) Medium Pass OpenSSL < 0.9.8k Multiple Vulnerabilities CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-5146 04 Jan 2012 5 (v2) Medium Pass Cisco Content Security Management Appliance (SMA) Information Disclosure (cisco-sa-sma-wsa-esa-info-dis-vsvPzOHP)CVE-2020-3547 08 Sep 2020 6.5 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.14 / 9.0.x <= 9.0.0.9 XSS (729547)CVE-2018-1767 10 Sep 2020 6.1 (v3) Medium Pass RealNetworks Helix Server 14.x < 14.3.x Multiple Vulnerabilities CVE-2012-0942 CVE-2012-1923 CVE-2012-1984 CVE-2012-1985 CVE-2012-2267 CVE-2012-2268 12 Apr 2012 10 (v2) Critical Pass Oracle Enterprise Data Quality Multiple Vulnerabilities (October 2014 CPU) CVE-2014-0114 CVE-2014-0119 30 Oct 2014 7.5 (v2) High Pass HP SiteScope SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE) CVE-2014-3566 04 Dec 2014 4.3 (v2) Medium Pass Oracle GlassFish Server Multiple Vulnerabilities (April 2015 CPU) (POODLE) CVE-2013-4545 CVE-2014-1568 CVE-2014-3566 20 Apr 2015 7.5 (v2) High Pass DUPortal/DUPortal Pro Multiple Scripts SQL Injection (1) CVE-2005-1224 CVE-2005-1236 22 Apr 2005 7.5 (v2) High Pass WaveMaker < 6.4.6 Security Bypass 19 Jul 2012 7.5 (v2) High Pass EMail Security Virtual Appliance learn-msg.cgi Remote Code Execution 06 Sep 2012 7.5 (v2) High Pass OpenSSL 1.0.0 < 1.0.0s Multiple Vulnerabilities CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 12 Jun 2015 6.8 (v2) Medium Pass Apache mod_ssl ssl_hook_Access Error Handling DoS CVE-2005-3357 10 Jan 2006 5.9 (v3) Medium Pass SAP Host Control SOAP Web Service 'Database/Name' Command Execution (SAP Note 1341333) 25 Sep 2012 10 (v2) Critical Pass Apple iTunes < 10.5.1 Update Authenticity Veriﬁcation Weakness (uncredentialed check) CVE-2008-3434 18 Nov 2011 6.8 (v2) Medium Pass WANem index-advanced.php XSS 29 Oct 2012 4.3 (v2) Medium Pass ManageEngine OpStor availability730.do days Parameter XSS 01 Nov 2012 4.3 (v2) Medium Pass Novell eDirectory 8.8.x Multiple Security Vulnerabilities CVE-2012-0428 CVE-2012-0429 CVE-2012-0430 CVE-2012-0432 27 Dec 2012 10 (v2) Critical Pass Trend Micro OﬃceScan 7.3 Multiple Vulnerabilities CVE-2006-5157 CVE-2006-5211 CVE-2006-5212 CVE-2006-6178 CVE-2006-6179 14 Jul 2006 7.5 (v2) High Pass WordPress Poll Plugin 'poll_id' Parameter SQL Injection CVE-2013-1400 26 Feb 2013 7.5 (v2) High Pass Apache 2.4.x < 2.4.16 Multiple Vulnerabilities CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 23 Jul 2015 5.3 (v3) Medium Pass Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check) CVE-2011-3102 CVE-2012-0841 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-5134 CVE-2013-1024 CVE-2013-1037 CVE-2013-1038 CVE-2013-1039 CVE-2013-1040 CVE-2013-1041 CVE-2013-1042 CVE-2013-1043 CVE-2013-1044 CVE-2013-1045 CVE-2013-1046 CVE-2013-1047 CVE-2013-2842 CVE-2013-5125 CVE-2013-5126 CVE-2013-5127 CVE-2013-512824 Oct 2013 7.5 (v2) High Pass airVision NVR path Parameter Traversal Arbitrary File Access 04 Mar 2013 5 (v2) Medium Pass Novell ZENworks Conﬁguration Management < 11.2.4 Multiple Vulnerabilities CVE-2013-1084 CVE-2013-6344 CVE-2013-6345 CVE-2013-6346 CVE-2013-6347 01 Nov 2013 10 (v2) Critical Pass ESXi 5.0 < Build 702118 Multiple Vulnerabilities (remote check) CVE-2012-2448 CVE-2012-2449 CVE-2012-2450 13 Nov 2013 9 (v2) High Pass W3 Total Cache Plugin for WordPress Multiple Insecure PHP Code Inclusion Macros Remote Code ExecutionCVE-2013-2010 03 May 2013 8.8 (v3) High Pass Monitorix Built-in HTTP Server Remote Command Execution CVE-2013-7070 04 Dec 2013 10 (v2) Critical Pass Cerb Multiple Vulnerabilities 03 Apr 2013 4.3 (v2) Medium Pass HP Intelligent Management Center BIMS Module Information Disclosure CVE-2013-4823 09 Jan 2014 5 (v2) Medium Pass SSL Null Cipher Suites Supported 10 Jun 2013 5.3 (v3) Medium Pass CommuniGate Pro WebMail < 5.2.15 XSS 29 Jul 2009 4.3 (v2) Medium Pass Landing Pages Plugin for WordPress 'wp-admin/edit.php' 'post' Parameter SQL Injection CVE-2013-6243 27 Jan 2014 7.5 (v2) High Pass IceWarp /rpc/gw.html XML External Entity Arbitrary File Disclosure 19 Jul 2013 5 (v2) Medium Pass Cisco Prime Network / Wireless Control System Health Monitor Reﬂected XSS CVE-2012-5990 25 Jul 2013 4.3 (v2) Medium Pass HP SiteScope Multiple Unspeciﬁed Remote Code Execution Vulnerabilities CVE-2013-2367 CVE-2013-4835 CVE-2013-6207 02 Aug 2013 10 (v2) Critical Pass WP Online Store Plugin for WordPress Multiple Parameter File Disclosure 30 Aug 2013 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.3 Command Injection CVE-2020-2037 11 Sep 2020 7.2 (v3) High Pass Artica < 1.4.101900 mailattach Parameter Directory Traversal 25 Oct 2010 7.8 (v2) High Pass Multiple Vulnerabilities in Cisco Security Agent (cisco-sa-20100217-csa) CVE-2010-0146 CVE-2010-0147 CVE-2010-0148 18 Sep 2013 6.8 (v2) Medium Pass FileZilla Server < 0.9.44 OpenSSL Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 21 Apr 2014 7.5 (v3) High Pass Palo Alto Networks PAN-OS 10.0.x < 10.0.1 Buﬀer Overﬂow CVE-2020-2042 11 Sep 2020 7.2 (v3) High Pass Serv-U < 10.3.0.1 SFTP Authentication Bypass 19 Nov 2010 6.8 (v2) Medium Pass Atmail Webmail 4.x < 4.6.1 (4.61) 'Global.pm' XSS CVE-2006-6702 18 Apr 2014 6.8 (v2) Medium Pass jRSS Widget Plugin for WordPress proxy.php 'url' Parameter Arbitrary File Access 12 Nov 2010 5 (v2) Medium Pass CGI Generic Command Execution (time-based, intrusive) 14 Jan 2011 7.5 (v2) High Pass Cisco Small Business Series Switch Detection 12 Nov 2021 None Pass Altiris Deployment Solution Server < 6.9.430 Multiple Vulnerabilities (SYM09-011) CVE-2009-3107 CVE-2009-3108 CVE-2009-3109 CVE-2009-3110 08 Jan 2010 7.9 (v2) High Pass Crystal Reports Server InfoView logonAction Parameter XSS 28 Jan 2011 4.3 (v2) Medium Pass F-Secure Internet Gatekeeper for Linux Log Disclosure (FSC-2011-1) CVE-2011-0453 18 Feb 2011 5 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1h Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2015-0292 06 Jun 2014 7.5 (v2) High Pass Check Point Endpoint Security Server Information Disclosure 17 Feb 2011 5.3 (v3) Medium Pass IBM Lotus Sametime Server stconf.nsf messageString Parameter XSS CVE-2011-1038 14 Mar 2011 5.8 (v2) Medium Pass TaskFreak! loadByKey() SQL Injection CVE-2010-1583 04 May 2010 7.5 (v2) High Pass IBM Lotus Domino iCalendar Email Address ORGANIZER:mailto Header Remote Overﬂow CVE-2010-3407 22 Apr 2011 9.3 (v2) High Pass Courier Mail Server < 0.50.1 DNS SPF Record Lookup Failure Memory Corruption DoS CVE-2005-2151 06 Jul 2005 2.6 (v2) Low Pass NNTP Service STARTTLS Plaintext Command Injection CVE-2012-3523 09 May 2011 4 (v2) Medium Pass ManageEngine SupportCenter Plus Default Administrator Credentials 28 Jun 2011 7.5 (v2) High Pass ACAP Service STARTTLS Plaintext Command Injection 27 May 2011 4 (v2) Medium Pass Adobe RoboHelp FlashHelp Unspeciﬁed XSS (APSB11-09) (uncredentialed check) CVE-2011-0613 20 May 2011 5.8 (v2) Medium Pass Apple iTunes < 10.5 Multiple Vulnerabilities (uncredentialed check) CVE-2010-1823 CVE-2011-0164 CVE-2011-0200 CVE-2011-0204 CVE-2011-0215 CVE-2011-0218 CVE-2011-0221 CVE-2011-0222 CVE-2011-0223 CVE-2011-0225 CVE-2011-0232 CVE-2011-0233 CVE-2011-0234 CVE-2011-0235 CVE-2011-0237 CVE-2011-0238 CVE-2011-0240 CVE-2011-0253 CVE-2011-0254 CVE-2011-0255 CVE-2011-0259 CVE-2011-0981 CVE-2011-0983 CVE-2011-1109 CVE-2011-1114 CVE-2011-1115 CVE-2011-1117 CVE-2011-1121 CVE-2011-1188 CVE-2011-1203 CVE-2011-1204 CVE-2011-1288 CVE-2011-1293 CVE-2011-1296 CVE-2011-1440 CVE-2011-1449 CVE-2011-1451 CVE-2011-1453 CVE-2011-1457 CVE-2011-1462 CVE-2011-1774 CVE-2011-1797 CVE-2011-2338 CVE-2011-2339 CVE-2011-2341 CVE-2011-2351 CVE-2011-2352 CVE-2011-2354 CVE-2011-2356 CVE-2011-2359 CVE-2011-2788 CVE-2011-2790 CVE-2011-2792 CVE-2011-2797 CVE-2011-2799 CVE-2011-2809 CVE-2011-2811 CVE-2011-2813 CVE-2011-2814 CVE-2011-2815 CVE-2011-2816 CVE-2011-2817 CVE-2011-2818 CVE-2011-2820 CVE-2011-2823 CVE-2011-2827 CVE-2011-2831 CVE-2011-3219 CVE-2011-3232 CVE-2011-3233 CVE-2011-3234 CVE-2011-3235 CVE-2011-3236 CVE-2011-3237 CVE-2011-3238 CVE-2011-3239 CVE-2011-3241 CVE-2011-3244 CVE-2011-325212 Oct 2011 9.3 (v2) High Pass HP Intelligent Management Center Branch Intelligent Management Module 7.x < 7.0-E0201P02 Multiple VulnerabilitiesCVE-2014-2618 CVE-2014-2619 CVE-2014-2620 CVE-2014-2621 CVE-2014-2622 21 Jul 2014 8.5 (v2) High Pass IBM WebSphere Application Server 8.0 < Fix Pack 1 Multiple Vulnerabilities CVE-2011-1355 CVE-2011-1356 CVE-2011-1359 CVE-2011-1368 CVE-2011-1411 CVE-2011-3192 30 Sep 2011 7.8 (v2) High Pass NNTP Service Cleartext Login Permitted 19 Dec 2011 2.6 (v2) Low Pass Ipswitch WS_FTP Server Manager /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass CVE-2008-5692 08 Feb 2008 5 (v2) Medium Pass Puppet Enterprise 3.3.0 Bundled Oracle Java Vulnerabilities CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4247 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 CVE-2014-426820 Aug 2014 10 (v2) Critical Pass BasiliX Webmail Content-Type Header XSS 09 Aug 2004 4.3 (v2) Medium Pass Oracle GlassFish Server 3.0.1 / 3.1.1 < 3.0.1.5 / 3.1.1.3 Administration Component Unspeciﬁed VulnerabilityCVE-2012-0104 02 Feb 2012 5 (v2) Medium Pass HP Data Protector Media Operations DBServer opcode 0x10 Traversal Arbitrary File Access 19 Mar 2012 5 (v2) Medium Pass Symantec Endpoint Protection Manager TestConnection.jsp 'Msg' Parameter XSS (SYM11-009 & SYM12-001)CVE-2011-0550 01 Feb 2012 4.3 (v2) Medium Pass MySQL Enterprise Monitor < 2.1.2 Multiple XSRF Vulnerabilities 07 Jun 2010 6.8 (v2) Medium Pass HP OpenView Network Node Manager Multiple Code Execution Vulnerabilities (HPSBMU02712 SSRT100649)CVE-2011-3165 CVE-2011-3166 CVE-2011-3167 28 Mar 2012 10 (v2) Critical Pass Oracle Primavera P6 Enterprise Project Portfolio Management Multiple Vulnerabilities (Jul 2020 CPU) CVE-2017-12610 CVE-2018-1288 CVE-2018-17196 CVE-2020-10683 CVE-2020-14653 CVE-2020-14706 15 Jul 2020 9.8 (v3) Critical Pass Lenovo ThinkManagement Console RunAMTCommand Operation -PutUpdateFileCore Command Parsing Arbitrary File UploadCVE-2012-1195 10 Apr 2012 10 (v2) Critical Pass TIBCO Spotﬁre Analytics Server Web Application Multiple Vulnerabilities CVE-2011-3132 CVE-2011-3133 CVE-2011-3134 13 Oct 2014 7.5 (v2) High Pass OpenSSL 1.0.0 < 1.0.0i ASN.1 asn1_d2i_read_bio Memory Corruption CVE-2012-2110 19 Apr 2012 7.5 (v2) High Pass OpenSSL 0.9.8 < 0.9.8x DTLS CBC Denial of Service CVE-2012-2333 11 May 2012 5 (v2) Medium Pass HP OpenView Network Node Manager Multiple Services Remote Overﬂow CVE-2005-1056 15 Sep 2005 10 (v2) Critical Pass Sharebar Plugin for WordPress 'sharebar-admin.php' 'status' Parameter XSS 30 May 2012 4.3 (v2) Medium Pass DNSSEC NSEC Records 12 Jul 2012 5 (v2) Medium Pass Oracle iPlanet Web Server 7.0.x < 7.0.15 Multiple Vulnerabilities CVE-2012-0516 CVE-2012-1738 27 Jun 2012 6.8 (v2) Medium Pass OpenSSH < 4.5 Multiple Vulnerabilities CVE-2006-4925 CVE-2006-5794 CVE-2007-0726 04 Oct 2011 7.5 (v2) High Pass Ipswitch WS_FTP Server < 6.1.1 Multiple Vulnerabilities (uncredentialed check) CVE-2008-0590 CVE-2008-0608 CVE-2008-5692 CVE-2008-5693 24 Aug 2009 9 (v2) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20-h1 / 9.0.x < 9.0.14-h3 / 9.1.x < 9.1.11-h2 / 10.0.x < 10.0.8 / 10.1.x < 10.1.3 VCVE-2021-3061ulnerability 18 Nov 2021 7.2 (v3) High 24

Pass Samsung / Dell Printer SNMP Backdoor CVE-2012-4964 03 Dec 2012 7.5 (v2) High Pass NetIQ Privileged User Manager ldapagnt_eval() Function Remote Code Execution (version check) CVE-2012-5932 07 Dec 2012 10 (v2) Critical Pass Trapeze Service Shell - Admin Service Accessible 22 Oct 2009 7.5 (v2) High Pass OpenSSL < 0.9.8y Multiple Vulnerabilities CVE-2013-0166 CVE-2013-0169 09 Feb 2013 2.6 (v2) Low Pass OpenX install.php / install-plugin.php Admin Authentication Bypass CVE-2009-4830 12 Jan 2010 7.5 (v2) High Pass Prizm Content Connect default.aspx document Parameter Remote File Inclusion CVE-2012-5190 19 Feb 2013 7.5 (v2) High Pass ManageEngine Log360 < Build 5235 Database Conﬁguration Overwrite RCE CVE-2021-20136 19 Nov 2021 9.8 (v3) Critical Pass SilverNews < 2.0.4 Multiple Vulnerabilities CVE-2005-2478 08 Aug 2005 7.5 (v2) High Pass Cisco TelePresence CVE-2013-3378 Software Malformed SIP Packet Handling Remote DoS CVE-2013-3378 24 Jul 2013 7.8 (v2) High Pass OpenSSH With OpenPAM DoS CVE-2006-0883 04 Oct 2011 5 (v2) Medium Pass OCS Inventory NG Server Administration Console header.php login Parameter SQL Injection 04 Feb 2010 7.5 (v2) High Pass McAfee ePolicy Orchestrator < 4.6.7 Multiple XSS CVE-2013-4883 17 Jul 2013 4.3 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.13 Multiple Vulnerabilities CVE-2007-5798 CVE-2007-5799 CVE-2007-6679 05 Apr 2010 10 (v2) Critical Pass IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5 Multiple Vulnerabilities CVE-2013-0169 CVE-2013-0482 CVE-2013-0597 CVE-2013-1768 CVE-2013-2967 CVE-2013-2975 CVE-2013-2976 CVE-2013-3024 23 Jul 2013 7.5 (v2) High Pass CGI Generic XML Injection 30 Apr 2010 6.8 (v2) Medium Pass TaskFreak! Default Credentials 03 May 2010 7.5 (v2) High Pass toendaCMS < 0.6.2.1 Multiple Vulnerabilities CVE-2005-3550 CVE-2005-3551 CVE-2005-4422 08 Nov 2005 6.5 (v2) Medium Pass Dell OpenManage Server Administrator 'HelpViewer' Redirect 26 May 2010 4.7 (v3) Medium Pass Novell Teaming Default Credentials 20 Jul 2010 7.5 (v2) High Pass Yahoo Messenger Detection 14 Jan 2004 None Pass Citrix NetScaler Authentication Bypass Vulnerability (CTX227928) CVE-2017-14602 26 Sep 2017 7.2 (v3) High Pass D-Link DCC Protocol Security Bypass 06 Jul 2010 8.3 (v2) High Pass HP Systems Insight Manager logﬁle Parameter Arbitrary File Download CVE-2010-3286 26 Oct 2010 7.8 (v2) High Pass Unprotected QNX qconn Service 17 Aug 2010 10 (v2) Critical Pass CGI Generic On Site Request Forgery (OSRF) 26 Jul 2010 4.3 (v2) Medium Pass Quote of the Day (QOTD) Service Detection CVE-1999-0103 30 Nov 1999 6.5 (v3) Medium Pass Adobe ColdFusion login.cfm Query String XSS (APSB11-04) CVE-2011-0580 11 Feb 2011 4.3 (v2) Medium Pass Nagios XI < 2009R1.3B Multiple Unspeciﬁed XSS 06 Oct 2010 4.3 (v2) Medium Pass OpenSSH < 2.1.1 UseLogin Local Privilege Escalation CVE-2000-0525 10 Jun 2000 7.2 (v2) High Pass Default Password (changeme) for SHOUTcast Server Service Port 18 Feb 2008 7.5 (v2) High Pass OpenSSH 2.5.x - 2.9 Multiple Vulnerabilities CVE-2001-0816 CVE-2001-1380 28 Sep 2001 7.5 (v2) High Pass MikroTik RouterOS with Blank Password (telnet check) CVE-1999-0508 11 Feb 2008 10 (v2) Critical Pass Mura CMS link Parameter XSS 30 Sep 2010 4.3 (v2) Medium Pass Novell eDirectory eMBox Utility Unauthorized Access (uncredentialed check) CVE-2008-0926 11 Apr 2008 8.8 (v2) High Pass Asterisk IAX2 Multiple Method Handshake Spooﬁng DoS CVE-2008-1897 CVE-2008-1923 06 May 2008 5 (v2) Medium Pass IBM WebSphere Application Server < 6.1.0.29 Multiple Vulnerabilities CVE-2009-2746 CVE-2009-2747 CVE-2009-2748 31 Oct 2011 6.8 (v2) Medium Pass Resin viewﬁle Servlet ﬁle Parameter XSS CVE-2008-2462 30 Jun 2008 4.3 (v2) Medium Pass op5 Monitor Persistent Session Cookie CVE-2012-0264 17 Jan 2012 5 (v2) Medium Pass Dropbear SSH Server Channel Concurrency Use-after-free Remote Code Execution CVE-2012-0920 01 Mar 2012 7.1 (v2) High Pass Novell eDirectory < 8.7.3 SP10 FTF1 Multiple Vulnerabilities CVE-2008-4478 CVE-2008-4479 CVE-2008-4480 07 Oct 2008 10 (v2) Critical Pass Simple PHP Blog conﬁg/users.php Arbitrary User Password Hash Disclosure 08 Sep 2008 5 (v2) Medium Pass Web Server Uses Basic Authentication Without HTTPS 21 Nov 2008 2.6 (v2) Low Pass IBM Tivoli Storage Manager Client Multiple Vulnerabilities (swg21268775) CVE-2007-4880 CVE-2007-5022 25 Sep 2007 10 (v2) Critical Pass OpenSSL < 0.9.8u Multiple Vulnerabilities CVE-2006-7250 CVE-2011-4619 CVE-2012-0884 CVE-2012-1165 02 Apr 2012 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 21 Multiple Vulnerabilities CVE-2011-1376 CVE-2011-1377 CVE-2011-4889 04 Apr 2012 4.6 (v2) Medium Pass Apache Log4j Message Lookup Substitution RCE (Log4Shell) (Direct Check) CVE-2021-44228 10 Dec 2021 10 (v3) Critical Pass Oracle GlassFish Server 3.1.1 < 3.1.1.3 Multiple Vulnerabilities (April 2012 CPU) CVE-2012-0550 CVE-2012-0551 24 Apr 2012 9.3 (v2) High Pass Novell GroupWise MTA Web Console Accessible 21 Feb 2009 7.5 (v2) High Pass SIP Script Remote Command Execution via log4shell CVE-2021-44228 12 Dec 2021 10 (v3) Critical Pass VMware vCenter Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028) CVE-2021-44228 13 Dec 2021 10 (v3) Critical Pass SLMail HELO Command Remote Overﬂow CVE-1999-0284 22 Jun 1999 7.5 (v2) High Pass EMC RepliStor < 6.2 SP5/6.3 SP2 Multiple Heap Overﬂows CVE-2009-1119 29 Apr 2009 10 (v2) Critical Pass Apache Log4Shell RCE detection via Raw Socket Logging (Direct Check) CVE-2021-44228 14 Dec 2021 10 (v3) Critical Pass MS09-053: Microsoft IIS FTPd NLST Command Remote Buﬀer Overﬂow (975191) (uncredentialed check) CVE-2009-3023 13 Oct 2009 10 (v2) Critical Pass MS09-050: Microsoft Windows SMB2 _Smb2ValidateProviderCallback() Vulnerability (975497) (EDUCATEDSCHOLAR) (uncrCVE-2009-2532 CVE-2009-3103edentialed check) 08 Sep 2009 9.8 (v3) Critical Pass VICIDIAL Call Center Suite Default Administrative Credentials 26 May 2009 7.5 (v2) High Pass CGI Generic Header Injection 19 Jun 2009 4.3 (v2) Medium Pass CGI Generic Command Execution 19 Jun 2009 7.5 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check FTP) CVE-2021-44228 16 Dec 2021 10 (v3) Critical Pass Apache Log4Shell RCE detection via callback correlation (Direct Check SMTP) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass Apache Log4Shell RCE detection via callback correlation (Direct Check Telnet) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass IBM WebSphere Application Server 7.0 < Fix Pack 7 CVE-2009-2746 CVE-2009-2747 CVE-2009-2748 CVE-2009-3106 13 Nov 2009 5.8 (v2) Medium Pass NTP ntpd Mode 7 Error Response Packet Loop Remote DoS CVE-2009-3563 14 Dec 2009 6.4 (v2) Medium Pass Kuang2 the Virus Detection 17 Feb 2000 10 (v2) Critical Pass NTMail3 Arbitrary Mail Relay 22 Jun 1999 7.5 (v3) High Pass OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking CVE-2008-3259 04 Oct 2011 1.2 (v2) Low Pass Sendmail Redirection Relaying Allowed 25 Aug 1999 5.3 (v3) Medium Pass IRIX webdist.cgi Arbitrary Command Execution CVE-1999-0039 22 Jun 1999 7.5 (v2) High Pass Gauntlet CyberPatrol Content Monitoring System Overﬂow CVE-2000-0437 25 May 2000 10 (v2) Critical Pass AnalogX SimpleServer:WWW /cgi-bin/ Long GET Request DoS CVE-2000-0473 22 Jun 2000 7.5 (v2) High Pass IBM WebSphere Application Server 6.1 < 6.1.0.9 Cross-session Information Disclosure CVE-2007-3397 05 Apr 2010 5 (v2) Medium Pass Virtual Visions FTP ftp.pl dir Parameter Traversal Arbitrary File Access CVE-2000-0674 15 Jul 2000 5 (v2) Medium Pass Apache Log4Shell CVE-2021-45046 Bypass Remote Code Execution CVE-2021-45046 17 Dec 2021 9 (v3) Critical Pass Web Server HTTP Dangerous Method Detection 30 Aug 2000 7.3 (v3) High Pass Matt Kruse calendar_admin.pl Shell Metacharacter Arbitrary Command Execution CVE-2000-0432 10 Sep 2000 7.5 (v2) High Pass ProFTPD STAT Command Remote DoS 16 Mar 2001 7.1 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check DNS) CVE-2021-44228 23 Dec 2021 10 (v3) Critical Pass Cold Fusion Administration Page Overﬂow DoS CVE-2000-0538 19 Dec 2000 5 (v2) Medium Pass wwwwais QUERY_STRING Parameter Remote Overﬂow CVE-2001-0223 19 Jan 2001 7.5 (v2) High Pass Way-board way-board.cgi db Parameter Arbitrary File Access CVE-2001-0214 13 Feb 2001 5 (v2) Medium Pass zml.cgi Directory Traversal CVE-2001-1209 17 Jan 2002 5 (v2) Medium Pass ISC BIND < 8.3.4 Multiple Remote Vulnerabilities CVE-2002-1219 CVE-2002-1220 CVE-2002-1221 08 Mar 2002 9.3 (v2) High Pass OpenSSH Kerberos TGT/AFS Token Passing Remote Overﬂow CVE-2002-0575 12 May 2002 7.5 (v2) High Pass Advanced Guestbook index.php entry Parameter SQL Injection CVE-2005-1548 10 May 2005 7.5 (v2) High Pass Apache JServ Nonexistent JSP Request XSS 22 May 2002 4.3 (v2) Medium Pass Apache Log4Shell RCE detection via callback correlation (Direct Check NTP) CVE-2021-44228 23 Dec 2021 10 (v3) Critical Pass Novell NetWare ncp Service NDS Object Enumeration 04 Jun 2002 5.3 (v3) Medium Pass Compaq Web-enabled Management Software HTTP Server Arbitrary Traﬃc Proxy CVE-2001-0374 22 May 2002 7.5 (v2) High Pass Multiple Vendor Embedded FTP Service Any Username Authentication Bypass 05 Jun 2002 5 (v2) Medium Pass Cisco Devices Multiple SSH Information Disclosure Vulnerabilities CVE-2001-0361 CVE-2001-0572 05 Jun 2002 7.5 (v2) High Pass Shiva LanRover Blank Password CVE-1999-0508 05 Jun 2002 10 (v2) Critical Pass Titan FTP Server quote stat Command Traversal Arbitrary Directory Listing 03 Sep 2004 5 (v2) Medium Pass JRun Web Server (JWS) GET Request Traversal Arbitrary File Access CVE-2001-1544 05 Jun 2002 5 (v2) Medium Pass AlienForm2 alienform.cgi Traversal Arbitrary File Manipulation CVE-2002-0934 11 Jun 2002 6.4 (v2) Medium Pass Jigsaw Webserver MS/DOS Device Request Remote DoS CVE-2002-1052 17 Jul 2002 5 (v2) Medium Pass SMC 2652W AP Malformed HTTP Request Remote DoS 13 Oct 2002 5 (v2) Medium Pass NEC SOCKS4 Module Username Handling Remote Overﬂow CVE-2002-2368 25 Nov 2002 10 (v2) Critical Pass News Server (NNTP) Information Disclosure 28 Jun 2002 None Pass QMTP/QMQP Server Detection 22 Sep 2002 None Pass phpAdsNew helperfunction.php Remote File Inclusion CVE-2001-1054 22 Aug 2002 8.3 (v3) High Pass DB4Web Server Debug Mode TCP Port Scanning Proxy CVE-2002-1484 02 Dec 2002 5 (v2) Medium Pass Nortel Baystack Default Password 07 Mar 2003 7.8 (v2) High Pass Inframail FTP Server NLST Command Remote Overﬂow CVE-2005-2085 29 Jun 2005 9 (v2) High Pass ISMail Multiple Command Domain Name Handling Remote Overﬂow CVE-2003-1382 27 Feb 2003 7.5 (v2) High Pass CVS Malformed Directory Request Double-free Privilege Escalation CVE-2003-0015 14 Mar 2003 9 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check UPnP) CVE-2021-44228 29 Dec 2021 10 (v3) Critical Pass Webmin 'miniserv.pl' Base-64 String Metacharacter Handling Session Spooﬁng CVE-2003-0101 28 Feb 2003 10 (v2) Critical Pass 3com RAS 1500 Conﬁguration Disclosure 26 Mar 2003 5 (v2) Medium Pass MultiTech Proxy Server Default Null Password CVE-2002-1629 30 Mar 2003 10 (v2) Critical Pass Ubiquiti UniFi Network Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 31 Dec 2021 10 (v3) Critical Pass Ecartis HTML Field Manipulation Arbitrary User Password Reset CVE-2003-0162 30 Mar 2003 5.5 (v2) Medium Pass Vignette StoryServer TCL Server Crash Information Disclosure CVE-2002-0385 08 Apr 2003 5 (v2) Medium 25

Pass osTicket open.php Support Address Crafted Mail Loop Remote DoS 30 Jul 2004 7.8 (v2) High Pass IlohaMail Forged GET/POST Arbitrary Contacts Deletion 02 Sep 2004 5 (v2) Medium Pass PHP Topsites counter.php count_log_ﬁle Parameter Arbitrary File Overwrite 09 May 2003 5 (v2) Medium Pass 12Planet Chat Server Error Message Path Disclosure 07 May 2003 5 (v2) Medium Pass Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential (cisco-sa-rv110w-static-crCVE-2020-3330ed-BMTWBWTy) 21 Aug 2020 9.8 (v3) Critical Pass Apache OFBiz Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 05 Jan 2022 10 (v3) Critical Pass Helix Servers View Source Plug-in RTSP Parser Overﬂow CVE-2003-0725 21 May 2003 10 (v2) Critical Pass MAILsweeper for SMTP PowerPoint Document Processing DoS CVE-2003-1477 27 May 2003 7.8 (v2) High Pass Crob FTP Server user Field Remote Format String 02 Jun 2003 9.8 (v3) Critical Pass SMC2804WBR Router Default Password (smcadmin) 22 Feb 2004 7.5 (v2) High Pass P-News p-news.php Name Field Privilege Escalation 29 May 2003 6.5 (v2) Medium Pass CVSTrac chdir() chroot Jail Escape 17 Aug 2004 6.4 (v2) Medium Pass Leif Wright Web Blog blog.cgi ViewFile Request ﬁle Parameter Arbitrary Command Execution CVE-2004-2347 02 Feb 2004 7.5 (v2) High Pass iWebNegar Multiple Scripts SQL Injection CVE-2004-1402 15 Dec 2004 7.5 (v2) High Pass FTGate <= 4.4.002 Multiple Remote Vulnerabilities (OF, FS, XSS) CVE-2005-4567 CVE-2005-4568 CVE-2005-4569 21 Dec 2005 7.5 (v2) High Pass CVSTrac Malformed URI Inﬁnite Loop DoS 17 Aug 2004 5 (v2) Medium Pass Apache Log4Shell RCE detection via callback correlation (Direct Check RPCBIND) CVE-2021-44228 07 Jan 2022 10 (v3) Critical Pass Retrospect Backup Client Multiple Vulnerabilities (ESA-08-009) CVE-2008-3287 CVE-2008-3289 CVE-2008-3290 23 Jul 2008 5 (v2) Medium Pass AntiBoard antiboard.php Multiple Parameter SQL Injection CVE-2004-2062 CVE-2004-2063 02 Aug 2004 4.3 (v2) Medium Pass Kerio MailServer < 6.0.1 Embedded HTTP Server Unspeciﬁed Issue 16 Aug 2004 10 (v2) Critical Pass Xedus Webserver Multiple XSS CVE-2004-1645 03 Sep 2004 5 (v2) Medium Pass WS_FTP Server Multiple Vulnerabilities (OF, DoS, Cmd Exec) CVE-2004-1848 CVE-2004-1883 CVE-2004-1884 CVE-2004-1885 01 Sep 2004 10 (v2) Critical Pass IlohaMail Email Header XSS 02 Sep 2004 4.3 (v2) Medium Pass GeoHttpServer Unauthorized Image Access Vulnerability CVE-2005-1552 10 May 2005 5 (v2) Medium Pass bBlog rss.php p Parameter SQL Injection CVE-2004-1570 13 Oct 2004 7.5 (v2) High Pass MailMarshal Spam Quarantine Management (SQM) Multiple Component XSS CVE-2008-2831 03 Oct 2008 3.5 (v2) Low Pass PHP rfc1867.c $_FILES Array Crafted MIME Header Arbitrary File Upload CVE-2004-0959 17 Sep 2004 2.1 (v2) Low Pass Cherokee Web Server Port Bind Privilege Drop Weakness CVE-2001-1433 04 Nov 2004 7.5 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check MSRPC) CVE-2021-44228 12 Jan 2022 10 (v3) Critical Pass Ipswitch IMail IMAP Service DELETE Command Remote Overﬂow CVE-2004-1520 19 Nov 2004 4.6 (v2) Medium Pass JanaServer < 2.4.5 Multiple Remote DoS 30 Nov 2004 7.8 (v2) High Pass Microsoft IE FRAME/IFRAME/EMBED Tag Overﬂow (Bofra Worm Detection) CVE-2004-1050 17 Nov 2004 10 (v2) Critical Pass IBProArcade index.php Arcade Module gameid Parameter SQL Injection CVE-2004-1430 02 Jan 2005 7.5 (v2) High Pass Hydra: LDAP 01 Dec 2004 7.5 (v2) High Pass NFS Share User Mountable 16 Dec 2004 7.3 (v3) High Pass IlohaMail < 0.8.14RC1 Unspeciﬁed Vulnerability CVE-2004-2500 11 Dec 2004 10 (v2) Critical Pass CVSTrac < 1.1.5 Multiple XSS CVE-2004-1146 19 Dec 2004 4.3 (v2) Medium Pass MPM Guestbook Pro top.php Traversal Arbitrary File Access 14 Jan 2005 5 (v2) Medium Pass SunShop Shopping Cart index.php search Parameter XSS 08 Feb 2005 4.3 (v2) Medium Pass Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution (cisco-sa-rv-rCVE-2020-3323 ce-AQKREqp) 18 Aug 2020 9.8 (v3) Critical Pass Cisco Data Center Network Manager Command Injection (cisco-sa-20200102-dcnm-comm-inject) CVE-2019-15978 CVE-2019-15979 17 Sep 2020 7.2 (v3) High Pass Atmail WebMail <= 5.6.1 (5.61) webadmin/admin.php Multiple Parameter XSS CVE-2009-2455 30 Apr 2009 4.3 (v2) Medium Pass OpenSSH < 3.4p1 scp Traversal Arbitrary File Overwrite CVE-2004-0175 18 Nov 2011 4.3 (v2) Medium Pass TikiWiki File Upload temp Directory Arbitrary Script Execution CVE-2005-0200 24 Jan 2005 7.5 (v2) High Pass IBM WebSphere Commerce ResetPassword Servlet Caching Information Disclosure 16 Mar 2005 2.6 (v2) Low Pass OPIE w/ OpenSSH Account Enumeration CVE-2007-2768 18 Nov 2011 4.3 (v2) Medium Pass Oracle WebLogic JSP Pages Unspeciﬁed Information Disclosure (CVE-2008-2580) CVE-2008-2580 30 Nov 2011 5 (v2) Medium Pass Red Hat Enterprise Linux OpenSSH ChrootDirectory Local Privilege Escalation CVE-2009-2904 18 Nov 2011 6.8 (v2) Medium Pass OpenSSL < 0.9.6m / 0.9.7d Denial of Service CVE-2004-0079 CVE-2004-0112 04 Jan 2012 5 (v2) Medium Pass OpenSSL < 0.9.8i Denial of Service CVE-2009-1386 04 Jan 2012 5 (v2) Medium Pass macOS 10.12.x < 10.12.3 Multiple Vulnerabilities CVE-2016-1248 CVE-2016-8670 CVE-2016-8687 CVE-2016-9933 CVE-2016-9934 CVE-2017-2353 CVE-2017-2357 CVE-2017-2358 CVE-2017-2360 CVE-2017-2361 CVE-2017-2370 CVE-2017-237124 Jan 2017 7.8 (v3) High Pass Xerox WorkCentre MicroServer Multiple Vulnerabilities (XRX05-005) CVE-2005-0703 CVE-2005-1179 09 May 2005 7.5 (v2) High Pass PunBB proﬁle.php id Parameter SQL Injection CVE-2005-1051 08 Apr 2005 6.5 (v2) Medium Pass Apache Druid Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 14 Jan 2022 10 (v3) Critical Pass Rendezvous < 7.5.1 HTTP Admin Interface Remote Overﬂow CVE-2006-2830 10 Jun 2006 7.5 (v2) High Pass CVS < 1.11.20 / 1.12.12 Multiple Unspeciﬁed Vulnerabilities CVE-2005-0753 20 Apr 2005 10 (v2) Critical Pass Woltlab Burning Board verify_email Function SQL Injection CVE-2005-1642 17 May 2005 7.5 (v2) High Pass NetWin DMail Server Multiple Remote Vulnerabilities CVE-2005-1478 CVE-2005-1516 05 May 2005 6 (v2) Medium Pass Microsoft Windows SMB Guest Account Local User Access CVE-1999-0505 04 Oct 2007 7.5 (v2) High Pass Cisco Prime Infrastructure Multiple Vulnerabilities (cisco-sa-20190515-pi-rce) CVE-2019-1821 CVE-2019-1822 CVE-2019-1823 05 Nov 2019 9.8 (v3) Critical Pass BEA WebLogic <= 8.1 SP4 Multiple Vulnerabilities (XSS, DoS, ID, more) CVE-2005-1380 CVE-2005-1742 CVE-2005-1743 CVE-2005-1744 CVE-2005-1745 CVE-2005-1746 CVE-2005-1747 CVE-2005-1748 CVE-2005-174924 May 2005 7.5 (v2) High Pass Hummingbird InetD FTP Component (ftpdw.exe) Command Overﬂow CVE-2005-1815 30 May 2005 7.5 (v2) High Pass VMware vRealize Operations Manager Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028) CVE-2021-44228 21 Jan 2022 10 (v3) Critical Pass Cisco VG248 Unpassworded Account 04 Aug 2005 10 (v2) Critical Pass Yaws Web Server .yaws Script Null Byte Request Source Code Disclosure CVE-2005-2008 17 Jun 2005 5 (v2) Medium Pass PHP-Nuke Gallery Add-on modules.php include Parameter Traversal Arbitrary File Access CVE-2001-0900 25 Nov 2001 5 (v2) Medium Pass CA eTrust Intrusion Detection CPImportKey Function Overﬂow DoS CVE-2005-0968 21 Jun 2005 5 (v2) Medium Pass Inframail SMTP MAIL FROM Command Remote Overﬂow DoS CVE-2005-2085 29 Jun 2005 7.5 (v2) High Pass GoCD < 21.3.0 Path Traversal (Direct) 25 Jan 2022 10 (v3) Critical Pass Qpopper .qpopper-options Username Handling Overﬂow CVE-2001-1046 02 May 2002 10 (v2) Critical Pass SSH 3 AllowedAuthentications Remote Bypass CVE-2002-1646 24 May 2002 3.5 (v2) Low Pass Cisco IOS XSS and XSRF Vulnerabilities CVE-2008-3821 CVE-2009-0470 11 Jan 2012 4.3 (v2) Medium Pass TYPSoft FTP Server Malformed STOR / RETR Command DoS CVE-2001-1156 21 Aug 2002 5 (v2) Medium Pass Microsoft Data Access Components RDS Data Stub Remote Overﬂow CVE-2002-1142 22 Nov 2002 7.5 (v2) High Pass Red Hat Interchange INET Mode Detection CVE-2002-0874 21 Sep 2002 5 (v2) Medium Pass Ipswitch WhatsUp Gold <= 8.04 Multiple Vulnerabilities 12 Sep 2005 5 (v2) Medium Pass Sendmail 8.8.8 - 8.12.7 Multiple Vulnerabilities (Bypass, OF) CVE-2002-1165 CVE-2002-1337 05 Mar 2003 10 (v2) Critical Pass PHP-Nuke Detection CVE-2001-0292 CVE-2001-0320 CVE-2001-0854 CVE-2001-0911 CVE-2001-1025 CVE-2002-0206 CVE-2002-0483 CVE-2002-1242 CVE-2003-1400 CVE-2003-143517 Feb 2003 7.5 (v2) High Pass SaveWebPortal <= 3.4 Multiple Vulnerabilities 09 Sep 2005 7.5 (v2) High Pass Qpopper pop_msg() Macroname Remote Overﬂow CVE-2003-0143 13 Mar 2003 6.5 (v2) Medium Pass SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure CVE-2000-0525 CVE-2000-1169 CVE-2001-0361 CVE-2001-0529 CVE-2001-0572 CVE-2001-0816 CVE-2001-0872 CVE-2001-1380 CVE-2001-1382 CVE-2001-1459 CVE-2001-1507 CVE-2001-1585 CVE-2002-0083 CVE-2002-0575 CVE-2002-0639 CVE-2002-0640 CVE-2002-0765 CVE-2003-0190 CVE-2003-0386 CVE-2003-0682 CVE-2003-0693 CVE-2003-0695 CVE-2003-0786 CVE-2003-0787 CVE-2003-1562 CVE-2004-0175 CVE-2004-1653 CVE-2004-2069 CVE-2004-2760 CVE-2005-2666 CVE-2005-2797 CVE-2005-2798 CVE-2006-0225 CVE-2006-4924 CVE-2006-4925 CVE-2006-5051 CVE-2006-5052 CVE-2006-5229 CVE-2006-5794 CVE-2007-2243 CVE-2007-2768 CVE-2007-3102 CVE-2007-4752 CVE-2008-1483 CVE-2008-1657 CVE-2008-3259 CVE-2008-4109 CVE-2008-516129 Aug 2011 10 (v2) Critical Pass Snitz Forums 2000 3.4.03 Multiple Vulnerabilities CVE-2003-0492 CVE-2003-0494 07 May 2003 6.8 (v2) Medium Pass WebWasher < 4.4.1 Build 1613 Multiple XSS 06 Oct 2005 4.3 (v2) Medium Pass Mobius DocumentDirect ddicgi.exe Long GET Request Overﬂow CVE-2000-0826 11 Jun 2003 10 (v2) Critical Pass BEA WebLogic FileServlet Source Code Disclosure CVE-2000-0682 11 Jun 2003 5 (v2) Medium Pass Mac OS X 10.6.x < 10.6.2 Multiple Vulnerabilities CVE-2009-0023 CVE-2009-1191 CVE-2009-1195 CVE-2009-1574 CVE-2009-1632 CVE-2009-1890 CVE-2009-1891 CVE-2009-1955 CVE-2009-1956 CVE-2009-2202 CVE-2009-2203 CVE-2009-2285 CVE-2009-2408 CVE-2009-2409 CVE-2009-2411 CVE-2009-2412 CVE-2009-2414 CVE-2009-2416 CVE-2009-2666 CVE-2009-2798 CVE-2009-2799 CVE-2009-2808 CVE-2009-2810 CVE-2009-2818 CVE-2009-2820 CVE-2009-2823 CVE-2009-2825 CVE-2009-2830 CVE-2009-2832 CVE-2009-2834 CVE-2009-2835 CVE-2009-2836 CVE-2009-2837 CVE-2009-2839 CVE-2009-323509 Nov 2009 10 (v2) Critical Pass Cisco IOS L2TP Parsing DoS (cisco-sa-20170322-l2tp) CVE-2017-3857 28 Mar 2017 7.5 (v3) High Pass Reachable IPv6 address 02 Apr 2010 None Pass Microsoft Windows 2000 Unsupported Installation Detection 13 Jul 2010 10 (v2) Critical Pass Usermin Null Byte Filtering Information Disclosure CVE-2006-4542 16 Sep 2014 6.8 (v2) Medium Pass ManageEngine SupportCenter Plus HomePage.do fromCustomer Parameter XSS 01 Nov 2012 4.3 (v2) Medium Pass Internet Key Exchange (IKE) Aggressive Mode with Pre-Shared Key CVE-2002-1623 24 Oct 2012 5.3 (v3) Medium Pass NetIQ Privileged User Manager ldapagnt_eval() Function Remote Code Execution (intrusive check) CVE-2012-5932 21 Nov 2012 9.8 (v3) Critical Pass Apache Tomcat 9.0.35 < 9.0.58 multiple vulnerabilities CVE-2022-23181 26 Jan 2022 7 (v3) High Pass ManageEngine ADSelfService Plus Default Administrator Credentials 14 Oct 2011 7.5 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 23 Multiple Vulnerabilities CVE-2011-1377 CVE-2012-0193 CVE-2012-0716 CVE-2012-0717 CVE-2012-0720 CVE-2012-2170 27 Jun 2012 10 (v2) Critical Pass Traﬃc Analyzer Plugin for WordPress 'ta_loaded.js.php' 'aoid' Parameter XSS CVE-2013-3526 22 Apr 2013 4.3 (v2) Medium Pass IBM Lotus Domino 8.5.x < 8.5.3 Multiple Vulnerabilities CVE-2011-0914 CVE-2011-0915 CVE-2011-0916 CVE-2011-0917 CVE-2011-0920 CVE-2011-3575 26 Apr 2013 10 (v2) Critical Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.8 Multiple Vulnerabilities (PAN-SA-2016-0008 / PAN-SA-2016-0009)CVE-2016-2219 12 Aug 2016 5.3 (v3) Medium Pass Puppet Unsafe YAML Unserialization CVE-2013-1655 26 Apr 2013 7.5 (v2) High Pass Skype for Windows < 6.3.0.105 Multiple Vulnerabilities (uncredentialed check) 30 May 2013 10 (v2) Critical Pass IBM WebSphere Application Server < 6.1.0.15 Multiple Vulnerabilities CVE-2008-0740 CVE-2008-7274 05 Apr 2010 7.5 (v2) High Pass SolusVM Default Administrator Credentials 24 Jun 2013 7.5 (v2) High Pass Cisco TelePresence TC and TE Software Multiple Vulnerabilities (cisco-sa-20140430-tcte) CVE-2014-2162 CVE-2014-2163 CVE-2014-2164 CVE-2014-2165 CVE-2014-2166 CVE-2014-2167 CVE-2014-2168 CVE-2014-2169 CVE-2014-2170 CVE-2014-2171 CVE-2014-2172 CVE-2014-2173 CVE-2014-217508 May 2014 10 (v2) Critical Pass Cisco Prime Collaboration Provisioning < 12.1 Multiple Vulnerabilities (cisco-sa-20170517-pcp1 - cisco-sa-20170517-pcp3)CVE-2017-6621 CVE-2017-6622 CVE-2017-6635 22 May 2017 9.8 (v3) Critical Pass macOS < 10.12 Multiple Vulnerabilities CVE-2016-0755 CVE-2016-4617 CVE-2016-4658 CVE-2016-4682 CVE-2016-4694 CVE-2016-4696 CVE-2016-4697 CVE-2016-4698 CVE-2016-4699 CVE-2016-4700 CVE-2016-4701 CVE-2016-4702 CVE-2016-4703 CVE-2016-4706 CVE-2016-4707 CVE-2016-4708 CVE-2016-4709 CVE-2016-4710 CVE-2016-4711 CVE-2016-4712 CVE-2016-4713 CVE-2016-4715 CVE-2016-4716 CVE-2016-4717 CVE-2016-4718 CVE-2016-4722 CVE-2016-4723 CVE-2016-4724 CVE-2016-4725 CVE-2016-4726 CVE-2016-4727 CVE-2016-4736 CVE-2016-4738 CVE-2016-4739 CVE-2016-4742 CVE-2016-4745 CVE-2016-4748 CVE-2016-4750 CVE-2016-4752 CVE-2016-4753 CVE-2016-4755 CVE-2016-4771 CVE-2016-4772 CVE-2016-4773 CVE-2016-4774 CVE-2016-4775 CVE-2016-4776 CVE-2016-4777 CVE-2016-4778 CVE-2016-4779 CVE-2016-5131 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 CVE-2016-6174 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 CVE-2016-7580 CVE-2016-758223 Sep 2016 9.8 (v3) Critical Pass Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check) CVE-2009-1726 CVE-2010-0544 CVE-2010-1119 CVE-2010-1387 CVE-2010-1390 CVE-2010-1392 CVE-2010-1393 CVE-2010-1395 CVE-2010-1396 CVE-2010-1397 CVE-2010-1398 CVE-2010-1399 CVE-2010-1400 CVE-2010-1401 CVE-2010-1402 CVE-2010-1403 CVE-2010-1404 CVE-2010-1405 CVE-2010-1408 CVE-2010-1409 CVE-2010-1410 CVE-2010-1411 CVE-2010-1412 CVE-2010-1414 CVE-2010-1415 CVE-2010-1416 CVE-2010-1417 CVE-2010-1418 CVE-2010-1419 CVE-2010-1421 CVE-2010-1422 CVE-2010-1749 CVE-2010-1758 CVE-2010-1759 CVE-2010-1761 CVE-2010-1763 CVE-2010-1769 CVE-2010-1770 CVE-2010-1771 CVE-2010-177417 Jun 2010 9.3 (v2) High Pass BackWPup for WordPress Plugin Remote File Inclusion 29 Mar 2011 7.5 (v2) High Pass XMPP Service STARTTLS Plaintext Command Injection 27 May 2011 4 (v2) Medium Pass IBM Tivoli Management Framework Endpoint addr URL Default Credentials 07 Jun 2011 7.5 (v2) High Pass IBM Storwize Authenticated Information Disclosure CVE-2013-6737 03 Jul 2014 4 (v2) Medium Pass Apache 2.2.x < 2.2.8 Multiple Vulnerabilities (XSS, DoS) CVE-2007-5000 CVE-2007-6203 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 20 Feb 2008 5.3 (v3) Medium 26

Pass IBM GCM16 / GCM32 Global Console Manager KVM Switch Firmware Version < 1.20.20.23447 Multiple VulnerabilitiesCVE-2014-3080 CVE-2014-3081 CVE-2014-3085 05 Aug 2014 7.1 (v2) High Pass NGINX Unit 0.x > 0.3 / 1.x < 1.7.1 Heap Buﬀer Overﬂow (CVE-2019-7401) CVE-2019-7401 26 Apr 2019 9.8 (v3) Critical Pass MODx < 2.0.3-pl modahsh Parameter XSS CVE-2010-4883 20 Oct 2011 2.6 (v2) Low Pass Cisco Wireless LAN Controller Multiple Vulnerabilities CVE-2016-6375 CVE-2016-6376 18 Oct 2016 6.5 (v3) Medium Pass Cisco NX-OS SSH Connection Negotiation Remote Command Execution (cisco-sa-20161005-nxaaa) CVE-2015-0721 14 Oct 2016 8 (v3) High Pass Atlassian JIRA Unsupported Version Detection 24 Apr 2018 10 (v3) Critical Pass Apache < 2.0.55 Multiple Vulnerabilities CVE-2005-1268 CVE-2005-2088 CVE-2005-2491 CVE-2005-2700 CVE-2005-2728 CVE-2005-2970 26 Mar 2008 7.3 (v3) High Pass Juniper Junos User Authentication Bypass (JSA10802) CVE-2017-10601 31 Jul 2017 9.8 (v3) Critical Pass Apple iTunes < 10.6 Multiple Vulnerabilities (uncredentialed check) CVE-2011-2825 CVE-2011-2833 CVE-2011-2846 CVE-2011-2847 CVE-2011-2854 CVE-2011-2855 CVE-2011-2857 CVE-2011-2860 CVE-2011-2866 CVE-2011-2867 CVE-2011-2868 CVE-2011-2869 CVE-2011-2870 CVE-2011-2871 CVE-2011-2872 CVE-2011-2873 CVE-2011-2877 CVE-2011-3885 CVE-2011-3888 CVE-2011-3897 CVE-2011-3908 CVE-2011-3909 CVE-2012-0591 CVE-2012-0592 CVE-2012-0593 CVE-2012-0594 CVE-2012-0595 CVE-2012-0596 CVE-2012-0597 CVE-2012-0598 CVE-2012-0599 CVE-2012-0600 CVE-2012-0601 CVE-2012-0602 CVE-2012-0603 CVE-2012-0604 CVE-2012-0605 CVE-2012-0606 CVE-2012-0607 CVE-2012-0608 CVE-2012-0609 CVE-2012-0610 CVE-2012-0611 CVE-2012-0612 CVE-2012-0613 CVE-2012-0614 CVE-2012-0615 CVE-2012-0616 CVE-2012-0617 CVE-2012-0618 CVE-2012-0619 CVE-2012-0620 CVE-2012-0621 CVE-2012-0622 CVE-2012-0623 CVE-2012-0624 CVE-2012-0625 CVE-2012-0626 CVE-2012-0627 CVE-2012-0628 CVE-2012-0629 CVE-2012-0630 CVE-2012-0631 CVE-2012-0632 CVE-2012-0633 CVE-2012-0634 CVE-2012-0635 CVE-2012-0636 CVE-2012-0637 CVE-2012-0638 CVE-2012-0639 CVE-2012-064812 Mar 2012 9.3 (v2) High Pass Gallery PostNuke Integration Access Validation Privilege Escalation CVE-2005-2596 12 Aug 2005 4.6 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1a ASN.1 asn1_d2i_read_bio Memory Corruption CVE-2012-2110 19 Apr 2012 7.5 (v2) High Pass OpenSSL 1.0.1 < 1.0.1j Multiple Vulnerabilities (POODLE) CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 17 Oct 2014 4.3 (v2) Medium Pass Juniper Junos IPv6 Packet Handling Remote DoS (JSA10762) CVE-2016-4922 27 Oct 2016 7.5 (v3) High Pass GNU Mailutils imap4d Search Command Remote Format String CVE-2005-2878 09 Sep 2005 6.5 (v2) Medium Pass Attachmate Reﬂection for Secure IT UNIX server < 7.0 SP1 Multiple Vulnerabilities CVE-2006-2937 CVE-2006-2940 CVE-2007-3108 CVE-2008-1483 CVE-2008-1657 CVE-2008-6021 20 Aug 2008 10 (v3) Critical Pass SolarWinds Storage Manager Server LoginServlet loginName Parameter SQL Injection 16 May 2012 7.5 (v2) High Pass VMware Security Updates for vCenter Server (VMSA-2014-0008) CVE-2013-4322 CVE-2013-4590 CVE-2013-6629 CVE-2013-6954 CVE-2014-0050 CVE-2014-0114 CVE-2014-0429 CVE-2014-0432 CVE-2014-0446 CVE-2014-0449 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2401 CVE-2014-2402 CVE-2014-2403 CVE-2014-2409 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2420 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2014-242817 Sep 2014 10 (v2) Critical Pass Atlassian Crowd 2.1.x < 3.0.5 / 3.1.x < 3.1.6 / 3.2.x < 3.2.8 / 3.3.x < 3.3.5 / 3.4.x < 3.4.4 RCE (direct check)CVE-2019-11580 16 Jul 2020 9.8 (v3) Critical Pass OpenSSL 1.0.0 < 1.0.0h Multiple Vulnerabilities CVE-2006-7250 CVE-2011-4619 CVE-2012-0884 CVE-2012-1165 02 Apr 2012 5 (v2) Medium Pass Presto! PageManager Network Group Service Packet Network Request Parsing Arbitrary File Access 16 May 2012 7.8 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 1 CVE-2009-0504 CVE-2008-5411 CVE-2008-5412 CVE-2008-5413 CVE-2008-5414 CVE-2009-0434 CVE-2009-0438 10 Dec 2008 5.1 (v2) Medium Pass IBM WebSphere Application Server < 6.0.2.33 Multiple Vulnerabilities CVE-2009-0891 CVE-2009-0506 10 Apr 2009 7.5 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 29 Multiple Vulnerabilities CVE-2013-0169 CVE-2013-0482 CVE-2013-0541 CVE-2013-0542 CVE-2013-0543 CVE-2013-0544 CVE-2013-0597 CVE-2013-1768 CVE-2013-2967 CVE-2013-2976 CVE-2013-302919 Jul 2013 7.5 (v2) High Pass Web Server Directory Traversal Arbitrary File Access CVE-2000-0920 CVE-2007-6483 CVE-2008-5315 CVE-2010-1571 CVE-2010-3459 CVE-2010-3460 CVE-2010-3487 CVE-2010-3488 CVE-2010-3743 CVE-2010-4181 CVE-2011-1900 CVE-2011-2524 CVE-2011-4788 CVE-2012-0697 CVE-2012-1464 CVE-2012-5100 CVE-2012-5335 CVE-2012-5344 CVE-2012-5641 CVE-2013-2619 CVE-2013-3304 CVE-2014-374405 Nov 1999 10 (v2) Critical Pass VMware vCenter Update Manager XSS CVE-2009-1524 29 Jul 2010 4.3 (v2) Medium Pass Symantec SecurityExpressions Audit and Compliance Server Multiple XSS CVE-2009-3029 CVE-2009-3030 09 Oct 2009 4.3 (v2) Medium Pass IBM WebSphere Application Server 6.1 < 6.1.0.31 Multiple Vulnerabilities CVE-2010-0768 CVE-2010-0769 CVE-2010-0770 CVE-2010-0774 CVE-2010-0775 CVE-2010-0776 CVE-2010-0777 CVE-2010-1650 CVE-2010-1651 CVE-2011-131206 Apr 2010 4.3 (v2) Medium Pass JRun Multiple Sample Files Remote Information Disclosure CVE-2000-0539 CVE-2000-0540 05 Jun 2002 6.8 (v2) Medium Pass macOS 10.12.x < 10.12.2 Multiple Vulnerabilities CVE-2016-1777 CVE-2016-1823 CVE-2016-4688 CVE-2016-4691 CVE-2016-4693 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6303 CVE-2016-6304 CVE-2016-7141 CVE-2016-7167 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 CVE-2016-7588 CVE-2016-7591 CVE-2016-7594 CVE-2016-7595 CVE-2016-7596 CVE-2016-7600 CVE-2016-7602 CVE-2016-7603 CVE-2016-7604 CVE-2016-7605 CVE-2016-7606 CVE-2016-7607 CVE-2016-7608 CVE-2016-7609 CVE-2016-7612 CVE-2016-7615 CVE-2016-7616 CVE-2016-7617 CVE-2016-7618 CVE-2016-7619 CVE-2016-7620 CVE-2016-7621 CVE-2016-7622 CVE-2016-7624 CVE-2016-7625 CVE-2016-7627 CVE-2016-7628 CVE-2016-7629 CVE-2016-7633 CVE-2016-7636 CVE-2016-7637 CVE-2016-7643 CVE-2016-7644 CVE-2016-7655 CVE-2016-7657 CVE-2016-7658 CVE-2016-7659 CVE-2016-7660 CVE-2016-7661 CVE-2016-7662 CVE-2016-7663 CVE-2016-7714 CVE-2016-7742 CVE-2016-7761 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-862516 Dec 2016 7.8 (v3) High Pass IBM WebSphere Application Server < 6.0.2.31 Multiple Vulnerabilities CVE-2008-4111 CVE-2008-4678 CVE-2008-4679 CVE-2009-0434 27 Oct 2008 6.4 (v2) Medium Pass PHProjekt setup.php Authentication Bypass Arbitrary Code Execution CVE-2004-2739 05 Dec 2004 7.5 (v2) High Pass Apple iTunes < 12.10.4 Multiple Vulnerabilities (uncredentialed check) CVE-2020-3825 CVE-2020-3826 CVE-2020-3846 CVE-2020-3861 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-386805 Mar 2020 8.8 (v3) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 3 CVE-2009-0508 CVE-2009-0892 CVE-2009-0903 CVE-2009-1172 CVE-2009-1173 CVE-2009-1174 10 Apr 2009 7.5 (v2) High Pass CuteNews <= 1.3.6 Multiple XSS CVE-2005-0645 CVE-2005-2393 02 Mar 2005 1.9 (v2) Low Pass EMC Avamar ADS / AVE 7.3.0.x < 7.3.0 Hotﬁx 268253 / 7.3.1.x < 7.3.1 Hotﬁx 272363 Incorrect File Ownership Local Privilege Escalation (ESA-2016-146)CVE-2016-8214 02 Feb 2017 6.7 (v3) Medium Pass Calendarix Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1865 CVE-2005-1866 02 Jun 2005 7.5 (v2) High Pass Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003) CVE-2007-0719 CVE-2007-0467 CVE-2007-0720 CVE-2007-0721 CVE-2007-0722 CVE-2006-6061 CVE-2006-6062 CVE-2006-5679 CVE-2007-0229 CVE-2007-0267 CVE-2007-0299 CVE-2007-0723 CVE-2006-5330 CVE-2006-0300 CVE-2006-6097 CVE-2007-0318 CVE-2007-0724 CVE-2007-1071 CVE-2007-0733 CVE-2006-5836 CVE-2006-6129 CVE-2006-6173 CVE-2006-1516 CVE-2006-1517 CVE-2006-2753 CVE-2006-3081 CVE-2006-4031 CVE-2006-4226 CVE-2006-3469 CVE-2006-6130 CVE-2007-0236 CVE-2007-0726 CVE-2006-0225 CVE-2006-4924 CVE-2006-5051 CVE-2006-5052 CVE-2007-0728 CVE-2007-0588 CVE-2007-0730 CVE-2007-0731 CVE-2007-0463 CVE-2005-2959 CVE-2006-482913 Mar 2007 10 (v2) Critical Pass Jenkins < 2.204.2 LTS / 2.219 Multiple Vulnerabilities CVE-2020-2100 CVE-2020-2101 CVE-2020-2102 CVE-2020-2103 CVE-2020-2104 CVE-2020-2105 CVE-2020-2106 06 Feb 2020 5.4 (v3) Medium Pass Arista Networks EOS/vEOS SegmentSmack TCP DoS (SA0036) CVE-2018-5390 17 Feb 2020 7.5 (v3) High Pass Portable SDK for UPnP Devices (libupnp) < 1.6.18 Multiple Stack-based Buﬀer Overﬂows RCE CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2012-5961 CVE-2012-5962 CVE-2012-5963 CVE-2012-5964 CVE-2012-5965 01 Feb 2013 9.8 (v3) Critical Pass macOS 10.15.x < 10.15.1 / 10.14.x < 10.14.6 Security Update 2019-001 / 10.13.x < 10.13.6 Security Update 2019-006CVE-2017-7152 CVE-2018-12152 CVE-2018-12153 CVE-2018-12154 CVE-2019-8509 CVE-2019-8592 CVE-2019-8705 CVE-2019-8706 CVE-2019-8708 CVE-2019-8709 CVE-2019-8715 CVE-2019-8716 CVE-2019-8717 CVE-2019-8736 CVE-2019-8737 CVE-2019-8744 CVE-2019-8745 CVE-2019-8746 CVE-2019-8748 CVE-2019-8749 CVE-2019-8750 CVE-2019-8754 CVE-2019-8756 CVE-2019-8759 CVE-2019-8761 CVE-2019-8767 CVE-2019-8772 CVE-2019-8784 CVE-2019-8785 CVE-2019-8786 CVE-2019-8787 CVE-2019-8788 CVE-2019-8789 CVE-2019-8794 CVE-2019-8797 CVE-2019-8798 CVE-2019-8801 CVE-2019-8802 CVE-2019-8803 CVE-2019-8805 CVE-2019-8807 CVE-2019-8817 CVE-2019-8824 CVE-2019-8825 CVE-2019-8829 CVE-2019-8831 CVE-2019-8850 CVE-2019-8858 CVE-2019-11041 CVE-2019-11042 CVE-2019-1512613 Nov 2019 9.8 (v3) Critical Pass Apache Tomcat 8.5.0 < 8.5.40 Remote Code Execution Vulnerability (Windows) CVE-2019-0221 CVE-2019-0232 16 Apr 2019 8.1 (v3) High Pass Arista Networks EOS 4.17 Multiple Vulnerabilities (SA0024) (SWEET32) CVE-2016-2178 CVE-2016-2183 CVE-2016-6304 28 Feb 2018 7.5 (v3) High Pass Trend Micro Worry-Free Business Security (WFBS) Directory Traversal Vulnerability (1122250) CVE-2019-9489 06 Mar 2020 7.5 (v3) High Pass Arista Networks EOS kernel DoS (SA0040) CVE-2013-7470 06 Mar 2020 5.9 (v3) Medium Pass Arista Networks EOS Multiple Vulnerabilities (SA0018) (DROWN) CVE-2015-3197 CVE-2016-0703 CVE-2016-0800 28 Feb 2018 5.9 (v3) Medium Pass Arista Networks EOS ASN.1 Encoder RCE (SA0020) CVE-2016-2108 28 Feb 2018 9.8 (v3) Critical Pass Apple iTunes < 12.10.5 Multiple Vulnerabilities (uncredentialed check) (HT211105) CVE-2020-3885 CVE-2020-3887 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-3909 CVE-2020-3910 CVE-2020-3911 CVE-2020-978331 Mar 2020 9.8 (v3) Critical Pass Atlassian JIRA < 7.13.12 / 8.x < 8.5.4 / 8.6.x < 8.6.1 'Atlassian Application Links' Plugin Privilege EscalationCVE-2019-20105 20 Mar 2020 4.9 (v3) Medium Pass DNS Server Cache Snooping Remote Information Disclosure 27 Apr 2004 5.3 (v3) Medium Pass EMC RSA Authentication Manager < 8.4 P10 Multiple Vulnerabilites (DSA-2020-052) CVE-2020-5339 02 Apr 2020 4.8 (v3) Medium Pass ManageEngine Desktop Central < 10 Build 10.0.515 Information Disclosure CVE-2020-8509 03 Apr 2020 7.5 (v3) High Pass MikroTik RouterOS Winbox Unauthenticated Arbitrary File Read/Write Vulnerability CVE-2018-14847 06 Sep 2018 10 (v3) Critical Pass MySQL 5.6.x < 5.6.44 Multiple Vulnerabilities (Apr 2019 CPU) CVE-2019-1559 CVE-2019-2683 CVE-2019-2627 CVE-2019-2614 18 Apr 2019 5.9 (v3) Medium Pass IBM Spectrum Protect Plus username Command Injection CVE-2020-4213 21 Apr 2020 9.8 (v3) Critical Pass Apple TV < 13.4 Multiple Vulnerabilities CVE-2020-3883 CVE-2020-3885 CVE-2020-3887 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-3909 CVE-2020-3910 CVE-2020-3911 CVE-2020-3914 CVE-2020-3917 CVE-2020-3919 CVE-2020-9768 CVE-2020-9773 CVE-2020-9783 CVE-2020-978521 Apr 2020 9.8 (v3) Critical Pass SSL Certiﬁcate Chain Contains RSA Keys Less Than 2048 bits (PCI DSS) 10 Apr 2014 5.3 (v3) Medium Pass Dell EMC Data Protection Central 1.0, 1.0.1, 18.1, 18.2, 19.1 Improper Certiﬁcate Chain of Trust (DSA-2019-135)CVE-2019-3762 16 Apr 2020 7.5 (v3) High Pass Apache 2.2.x < 2.2.12 Multiple Vulnerabilities CVE-2009-0023 CVE-2009-1191 CVE-2009-1195 CVE-2009-1890 CVE-2009-1891 CVE-2009-1955 CVE-2009-1956 02 Aug 2009 8.2 (v3) High Pass Cisco NX-OS Cisco Fabric Services Multiple Vulnerabilities. CVE-2018-0304 CVE-2018-0305 CVE-2018-0308 CVE-2018-0310 CVE-2018-0311 CVE-2018-0312 CVE-2018-0314 25 Jun 2018 9.8 (v3) Critical Pass SSL Certiﬁcate Cannot Be Trusted 15 Dec 2010 6.5 (v3) Medium Pass Windows Deployment Services TFTP Server Remote Code Execution Vulnerability CVE-2019-0603 19 Mar 2019 7.5 (v3) High Pass SSL/TLS Services Support RC4 (PCI DSS) CVE-2013-2566 CVE-2015-2808 29 Jan 2018 5.9 (v3) Medium Pass WinShell Trojan Detection 06 Feb 2018 9.8 (v3) Critical Pass Multi-Threaded HTTP Server v1.1 for Zimbra 15 Mar 2018 5.3 (v3) Medium Pass Trend Micro Control Manager GetPassword() SQLi CVE-2018-3604 28 Jun 2018 7.3 (v3) High Pass pfSense < 2.3.1 Multiple Vulnerabilities (SA-16_03 / SA-16-04) CVE-2016-1886 CVE-2016-1887 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 31 Jan 2018 7.8 (v3) High Pass Cisco Email Security Appliance Multiple DoS Vulnerabilities (cisco-sa-20190109-esa-dos / cisco-sa-20190109-esa-url-dos)CVE-2018-15453 CVE-2018-15460 18 Jan 2019 8.6 (v3) High Pass Apache Server ETag Header Information Disclosure CVE-2003-1418 22 Jan 2016 5.3 (v3) Medium Pass jspwebshell Backdoor Detection 18 Dec 2015 7.5 (v2) High Pass Synology DiskStation Manager < 4.3-3810 Update 3 Multiple FileBrowser Component Directory Traversal VCVE-2013-6987ulnerabilities 05 Feb 2014 7.5 (v2) High Pass OpenSSL 1.1.1 < 1.1.1e-dev Procedure Overﬂow Vulnerability CVE-2019-1551 09 Jan 2020 5.3 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2u Procedure Overﬂow Vulnerability CVE-2019-1551 09 Jan 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 9.1.x < 9.1.2 Vulnerability CVE-2020-1995 21 May 2020 4.9 (v3) Medium Pass PHP 7.3.x < 7.3.17 Out of Bounds Read Vulnerability CVE-2020-7067 23 Apr 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2014 22 May 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.13 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Vulnerability CVE-2020-1994 22 May 2020 4.4 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x / 8.0.x / 8.1.x < 8.1.14 Buﬀer Overﬂow CVE-2020-2006 22 May 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2010 22 May 2020 7.2 (v3) High Pass MariaDB 10.3.0 < 10.3.9 Multiple Vulnerabilities CVE-2018-3058 CVE-2018-3060 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 05 Jun 2019 7.1 (v3) High Pass Plex Media Server Detection 05 Jun 2020 None Pass Cisco UCS Director for Role-Based Access Control (cisco-sa-ucsd-Ar6BAguz) CVE-2020-3329 04 Jun 2020 4.3 (v3) Medium Pass Atlassian JIRA 6.0 < 8.5.5 / 8.6 < 8.8.1 XSS (JRASERVER-70923) CVE-2020-4021 03 Jun 2020 5.4 (v3) Medium Pass Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability (cisco-sa-20190501-aci-hw-clock-util)CVE-2019-1592 03 Jun 2020 7.8 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability (cisco-sa-20190501-nexus9k-sshkey)CVE-2019-1804 03 Jun 2020 9.8 (v3) Critical Pass Plex Media Server < 1.18.2 Privilege Escalation CVE-2020-5740 11 Jun 2020 7.8 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation VCVE-2019-1803ulnerability (cisco-sa-20190501-nexus9k-rpe) 03 Jun 2020 6.7 (v3) Medium Pass Oracle 9iAS Nonexistent .jsp File Request Error Message Path Disclosure CVE-2001-1372 11 Feb 2003 5 (v2) Medium Pass EMC VMAX VASA Provider Virtual Appliance < 8.4.0 File Upload RCE CVE-2017-4997 28 Jul 2017 9.8 (v3) Critical Pass Cisco Prime Security Manager OpenSSL Alternative Chains Certiﬁcate Forgery (cisco-sa-20150710-openssl)CVE-2015-1793 23 Sep 2015 6.5 (v3) Medium Pass EMC VMAX VASA Provider Virtual Appliance < 8.4.0.512 Authentication Bypass Vulnerability CVE-2017-14375 03 Nov 2017 9.8 (v3) Critical Pass Netref cat_for_gen.php Arbitrary PHP Command Injection CVE-2005-1222 23 May 2005 7.5 (v2) High Pass Cisco Uniﬁed MeetingPlace Multiple Session Weaknesses CVE-2013-1168 CVE-2013-1169 23 Sep 2013 9.3 (v2) High Pass MailEnable HTTPMail Service Content-Length Header Overﬂow 03 Sep 2004 10 (v2) Critical Pass VMware VRealize Operations Manager 6.x Oracle JRE JMX Deserialization RCE (VMSA-2016-0005) CVE-2016-3427 26 May 2016 9 (v3) Critical Pass VMware vRealize Log Insight 2.x / 3.x < 3.6.0 Directory Traversal File Disclosure (VMSA-2016-0011) CVE-2016-5332 19 Aug 2016 5.3 (v3) Medium Pass OmniHTTPd Encoded Space Request Script Source Disclosure CVE-2001-0778 13 Aug 2001 5 (v2) Medium Pass VisNetic / Merak Mail Server Multiple Remote Vulnerabilities CVE-2005-4556 CVE-2005-4557 CVE-2005-4558 CVE-2005-4559 28 Dec 2005 7.3 (v3) High Pass PolarSSL Weak Signature Algorithm Negotiation CVE-2014-8627 07 Jan 2015 5.3 (v3) Medium Pass Multiple Server Crafted Request WEB-INF Directory Information Disclosure CVE-2002-1855 CVE-2002-1856 CVE-2002-1857 CVE-2002-1858 CVE-2002-1859 CVE-2002-1860 CVE-2002-1861 01 Jul 2002 5 (v2) Medium Pass Microsoft Outlook Web Access (OWA) owalogon.asp Redirection Account Enumeration CVE-2005-0420 28 Mar 2005 4.3 (v2) Medium Pass Nagios XI < 2011R3.0 Multiple XSS Vulnerabilities 23 Jul 2012 4.3 (v2) Medium Pass JGS-Portal for WoltLab Burning Board Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1633 CVE-2005-1634 17 May 2005 7.5 (v2) High Pass Linksys Multiple Vulnerabilities (OF, DoS, more) CVE-2005-2799 CVE-2005-2912 CVE-2005-2914 CVE-2005-2915 CVE-2005-2916 28 Oct 2005 10 (v2) Critical Pass Cisco ASA / IOS IKE Fragmentation Vulnerability CVE-2016-1287 CVE-2016-1344 29 Feb 2016 9.8 (v3) Critical Pass Oracle Application Express (Apex) CVE-2008-4005 CVE-2008-4005 20 Feb 2013 4.3 (v2) Medium Pass Oracle Application Express (Apex) Unspeciﬁed Issues (pre 3.1) 20 Feb 2013 10 (v2) Critical Pass POP3 Service STLS Plaintext Command Injection CVE-2011-0411 10 Mar 2011 4 (v2) Medium Pass OpenSSH MaxAuthTries Bypass CVE-2015-5600 24 Sep 2015 8.2 (v3) High Pass IBM Tivoli Directory Server TLS NULL Cipher (uncredentialed check) CVE-2012-0726 17 Oct 2012 6.4 (v2) Medium Pass OpenCA Multiple Signature Validation Bypass CVE-2003-0960 13 Sep 2004 7.5 (v2) High Pass CGI Generic Unseen Parameters Discovery 25 Jan 2010 6.8 (v2) Medium 27

Pass CGI Generic SQL Injection Detection (potential, 2nd order, 2nd pass) 30 Aug 2010 7.5 (v2) High Pass CGIWrap Charset Speciﬁcation Weakness Error Message XSS CVE-2008-2852 30 Jun 2008 4.3 (v2) Medium Pass Atlassian Jira 8.0 < 8.9.1 XSS in Quick Search (JRASERVER-71205) CVE-2020-14169 21 Sep 2020 6.1 (v3) Medium Pass CodeMeter < 6.90 License forging Vulnerability CVE-2020-14515 21 Sep 2020 7.5 (v3) High Pass CodeMeter < 7.10 Information Exﬁltration Vulnerability CVE-2020-16233 21 Sep 2020 7.5 (v3) High Pass Cisco DCNM Authentication Bypass (CVE-2019-15977) CVE-2019-15977 20 Jan 2020 7.5 (v3) High Pass Cisco Data Center Network Manager Authentication Bypass (cisco-sa-dcnm-auth-bypass-JkubGpu3) CVE-2020-3376 12 Aug 2020 9.8 (v3) Critical Pass Cisco Data Center Network Manager Authorization Bypass (cisco-sa-dcnm-bypass-auth-mVDR6ygT) CVE-2020-3540 25 Aug 2020 6.3 (v3) Medium Pass Cisco Data Center Network Manager Command Injection (cisco-sa-devmgr-cmd-inj-Umc8RHNh) CVE-2020-3377 11 Aug 2020 8.8 (v3) High Pass Cisco Data Center Network Manager XSS (cisco-sa-dcnm-xss-5TdMJRB3) CVE-2020-3523 25 Aug 2020 5.4 (v3) Medium Pass Cisco Data Center Network Manager XSS (cisco-sa-dcnm-xss-JnHSWG5C) CVE-2020-3518 01 Sep 2020 5.4 (v3) Medium Pass Cisco NX-OS Software IPv6 Protocol Independent Multicast DoS (cisco-sa-nxos-pim-memleak-dos-tC8eP7uw)CVE-2020-3338 28 Aug 2020 7.5 (v3) High Pass Cisco Data Center Network Manager Information Disclosure (cisco-sa-dcnm-infordisc-DOAXVvFV) CVE-2020-3520 01 Sep 2020 5.5 (v3) Medium Pass Juniper Junos MX Malformed Packet - DOS (JSA10900) CVE-2019-0001 07 Feb 2019 7.5 (v3) High Pass Cisco Data Center Network Manager Privilege Escalation (cisco-sa-20200219-dcnm-priv-esc) CVE-2020-3112 22 Sep 2020 8.8 (v3) High Pass Atlassian JIRA < 7.13.16 / 8.0.x < 8.5.7 / 8.6.x < 8.9.2 / 8.10.x < 8.10.1 Insecure Direct Object References (IDOR) (JRASERCVE-2020-14174VER-71275) 22 Jul 2020 4.3 (v3) Medium Pass Cisco ASA Remote Code Execution and Denial of Service Vulnerability (cisco-sa-20180129-asa1) (destructive check)CVE-2018-0101 26 Feb 2018 10 (v3) Critical Pass Barco/AWiND WePresent Command Port Detection 09 Apr 2019 None Pass Cisco TelePresence VCS < 14.0.5 Multiple Vulnerabilities (cisco-sa-expressway-ﬁlewrite-87Q5YRk) CVE-2022-20754 CVE-2022-20755 07 Mar 2022 7.2 (v3) High Pass SaltStack Salt Master Detection 20 May 2020 None Pass PALS Library System WebPALS pals-cgi Multiple Vulnerabilities CVE-2001-0216 CVE-2001-0217 13 Feb 2001 7.8 (v2) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.17 / 9.0.x <= 9.0.5.4 RCE (6255074)CVE-2020-4534 09 Sep 2020 8.8 (v3) High Pass Juniper JSA11002 CVE-2020-1619 03 Jun 2020 6.7 (v3) Medium Pass Tenable Nessus < 8.11.0 Stored XSS (TNS-2020-05) CVE-2020-5765 16 Jul 2020 5.4 (v3) Medium Pass Cisco Nexus 3000 and 9000 Series Switches Privilege Escalation (cisco-sa-n3n9k-priv-escal-3QhXJBC) CVE-2020-3394 01 Sep 2020 7.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.13 / 9.0.x < 9.0.7 Buﬀer Overﬂow CVE-2020-2027 01 Jul 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 / 9.1.x < 9.1.1 VulnerabilityCVE-2020-2003 02 Jul 2020 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2016 02 Jul 2020 7 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2005 02 Jul 2020 6.1 (v3) Medium Pass Juniper JSA11000 CVE-2020-1617 19 May 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 OS Command Injection CVE-2020-2029 01 Jul 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.13 / 9.0.x < 9.0.7 OS Command Injection CVE-2020-2028 01 Jul 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.9 Vulnerability CVE-2020-1996 22 May 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2009 22 May 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 / 9.1.x < 9.1.1 VulnerabilityCVE-2020-2015 22 May 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 Vulnerability CVE-2020-2008 22 May 2020 7.2 (v3) High Pass Juniper Junos OpenSSL Security Advisory (JSA11025) CVE-2019-1551 24 Jul 2020 5.3 (v3) Medium Pass Juniper Junos MX Series PFE DoS (JSA11038) CVE-2020-1651 24 Jul 2020 6.5 (v3) Medium Pass Juniper Junos DoS (JSA11006) CVE-2020-1627 29 Jul 2020 7.5 (v3) High Pass Junos OS: SRX Series: Uniﬁed Access Control (UAC) bypass vulnerability (JSA11018) CVE-2020-1637 29 Jul 2020 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2017 02 Jul 2020 6.1 (v3) Medium Pass Juniper Junos DoS (JSA11020) CVE-2020-1639 29 Jul 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.4 / 10.0.x < 10.0.1 DoS CVE-2020-2039 11 Sep 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 8.0.x / 8.1.x < 8.1.16 DoS CVE-2020-2041 11 Sep 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 9.0.x < 9.0.10 / 9.1.x < 9.1.4 / 10.0.x < 10.0.1 Command Injection CVE-2020-2038 11 Sep 2020 7.2 (v3) High Pass TYPO3 8.5.x < 8.7.27 / 9.x < 9.5.8 Session Hijacking (TYPO3-CORE-SA-2019-018) 17 Jul 2020 3.6 (v3) Low Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2007 22 May 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.13 Vulnerability CVE-2020-1981 19 Mar 2020 7.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.0.14 Open Redirection CVE-2020-1997 22 May 2020 6.1 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2011 22 May 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.8 Session Fixation CVE-2020-1993 22 May 2020 5.4 (v3) Medium Pass Junos OS Firewall Filters Failure Vulnerability (JSA10942) CVE-2019-0048 25 Mar 2020 5.8 (v3) Medium Pass Juniper Junos Privilege Escalation (JSA10978) CVE-2019-0071 23 Sep 2020 7.8 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x / 9.0.x / 9.1.x / 10.0.x Improper Input Validation CVE-2020-2035 09 Oct 2020 3 (v3) Low Pass SSL Certiﬁcate Null Character Spooﬁng Weakness 06 Oct 2009 8.3 (v2) High Pass Cisco Small Business Router SNMP Detection 12 Feb 2019 None Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.13 Vulnerability CVE-2020-1980 19 Mar 2020 7.8 (v3) High Pass IBM WebSphere Application Server 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.10 / 9.0.x < 9.0.0.1 DoS (CVE-2016-2960)CVE-2016-2960 30 Oct 2020 3.7 (v3) Low Pass Cisco Small Business RV Series Routers Information Disclosure (cisco-sa-rv-routers-Rj5JRfF8) CVE-2020-3150 28 Jul 2020 5.9 (v3) Medium Pass Cisco RV110W, RV130W, and RV215W Routers Syslog HTTP Access Information Disclosure Vulnerability (cisco-sa-20190619-rv-CVE-2019-1898 ﬁleaccess) 19 Jun 2019 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1 < 7.1.25 / 8.0 < 8.0.20 / 8.1 < 8.1.8 / 9.0 < 9.0.2 OpenSSL Vulnerability CVE-2019-1559 06 Mar 2020 5.9 (v3) Medium Pass IBM Spectrum Protect Plus File Upload RCE CVE-2020-4703 15 Oct 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5.x < 8.5.5.16 / 9.0.x < 9.0.5.0 XSS (CVE-2019-4271) CVE-2019-4271 15 Oct 2020 3.5 (v3) Low Pass Juniper JSA10970 CVE-2019-0047 CVE-2019-0050 CVE-2019-0054 CVE-2019-0055 CVE-2019-0057 CVE-2019-0058 CVE-2019-0059 CVE-2019-0060 CVE-2019-0062 CVE-2019-0063 CVE-2019-0064 CVE-2019-0066 CVE-2019-0067 CVE-2019-0068 CVE-2019-0073 CVE-2019-007529 Jan 2020 8.8 (v3) High Pass Juniper Stateless IP Firewall Bypass Vulnerability (JSA10983) CVE-2020-1604 17 Feb 2020 5.3 (v3) Medium Pass Juniper JSA10979 CVE-2020-1600 CVE-2020-1601 CVE-2020-1602 CVE-2020-1603 CVE-2020-1604 CVE-2020-1605 CVE-2020-1607 CVE-2020-1608 CVE-2020-160925 Feb 2020 8.8 (v3) High Pass Apache Multiviews Arbitrary Directory Listing CVE-2001-0731 16 Feb 2016 5.3 (v3) Medium Pass Juniper Junos OS: DoS Vulnerability (JSA11068) CVE-2020-1671 22 Oct 2020 7.5 (v3) High Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.11 / 9.0.x < 9.0.0.2 Information DisclosurCVE-2016-9736e (CVE-2016-9736) 20 Oct 2020 5.3 (v3) Medium Pass Cogent DataHub < 6.4.7 Incoming DDE Connection Handling Remote DoS 15 Jun 2016 5 (v2) Medium Pass PHP 5.4.x < 5.4.16 Multiple Vulnerabilities CVE-2013-2110 CVE-2013-4635 CVE-2013-4636 07 Jun 2013 5 (v2) Medium Pass IBM WebSphere Application Server 9.0.x < 9.0.5.3 DoS (CVE-2019-12406) CVE-2019-12406 20 Oct 2020 6.5 (v3) Medium Pass uStorekeeper ustorekeeper.pl ﬁle Parameter Traversal Arbitrary File Access CVE-2001-0466 03 Apr 2001 5 (v2) Medium Pass HIS AUktion auktion.cgi Traversal Arbitrary Command Execution CVE-2001-0212 25 Mar 2001 7.5 (v2) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 File TCVE-2019-4268raversal (CVE-2019-4268) 19 Oct 2020 5.3 (v3) Medium Pass MySQL Enterprise Monitor 8.0.x < 8.0.22.1262 DoS (Oct 2020 CPU) CVE-2020-13935 23 Oct 2020 7.5 (v3) High Pass Atlassian JIRA < 8.5.9 / 8.6.x < 8.12.3 / 8.13.x < 8.13.1 XSS (JRASERVER-71652) CVE-2020-14184 23 Oct 2020 5.4 (v3) Medium Pass Junos OS: Broadband Edge Service Denial of Service (DoS) Vulnerability (JSA10987) CVE-2020-1608 21 Jan 2020 7.5 (v3) High Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.14 / 8.5.x < 8.5.5.12 / 9.0.x < 9.0.0.5 Weak Security Bindings (CVE-2017-1501)CVE-2017-1501 23 Oct 2020 5.9 (v3) Medium Pass SuperMicro Device Uses Default SSL Certiﬁcate 19 Dec 2013 5.8 (v2) Medium Pass SSL Certiﬁcate Contains Weak RSA Key (Inﬁneon TPM / ROCA) CVE-2017-15361 17 Oct 2017 5.9 (v3) Medium Pass APT1-Related SSL Certiﬁcate Detected 19 Feb 2013 10 (v2) Critical Pass SSL Certiﬁcate Signed with the Revoked DigiNotar Certiﬁcate Authority 01 Sep 2011 6.4 (v2) Medium Pass Cisco Adaptive Security Appliance Software Web Services DoS (cisco-sa-asaftd-webdos-fBzM5Ynw) CVE-2020-3304 23 Oct 2020 8.6 (v3) High Pass IBM WebSphere Application Server 7.0.0.x < 7.0.0.45 / 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 Information DisclosurCVE-2017-1681 e (CVE-2017-1681) 23 Oct 2020 3.3 (v3) Low Pass miniBB bb_func_usernfo.php Website Name Field XSS 01 Jan 2004 4.3 (v2) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 Beanutils VCVE-2019-10086ulnerability (CVE-2019-10086) 23 Oct 2020 7.3 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information DisclosurCVE-2017-1743 e (CVE-2017-1743) 27 Oct 2020 4.3 (v3) Medium Pass Junos OS Multiple vulnerabilities (JSA11075) CVE-2020-1678 26 Oct 2020 6.5 (v3) Medium Pass Cisco IOS XE Software Consent Token Bypass (cisco-sa-iosxe-ctbypass-7QHAfHkK) CVE-2020-3404 29 Oct 2020 7.8 (v3) High Pass Thunderstone Software TEXIS Nonexistent File Request Path Disclosure CVE-2002-0266 15 Mar 2003 5.3 (v3) Medium Pass PHP Mail Function Header Spooﬁng CVE-2002-0985 CVE-2002-0986 23 Mar 2003 5 (v2) Medium Pass PHP < 7.3.24 Multiple Vulnerabilities 06 Nov 2020 7.5 (v3) High Pass Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass (cisco-sa-ftd-bypass-3eCfd24j)CVE-2020-3299 30 Oct 2020 5.8 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.11 / 8.5.x < 8.5.5.6 XSS (CVE-2014-8917) CVE-2014-8917 30 Oct 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.x < 9.0.0.10 Security Bypass (CVE-2014-7810)CVE-2014-7810 30 Oct 2020 5.3 (v3) Medium Pass 3Com 3CServer/3CDaemon FTP Server Multiple Vulnerabilities (OF, FS, PD, DoS) CVE-2005-0276 CVE-2005-0277 CVE-2005-0278 CVE-2005-0419 08 Feb 2005 10 (v2) Critical Pass VMware vCenter Server 6.5 / 6.7 / 7.0 DoS (VMSA-2020-0018) CVE-2020-3976 28 Aug 2020 5.3 (v3) Medium Pass Horde IMP status.php3 script Parameter XSS CVE-2002-0181 03 Nov 2004 4.3 (v2) Medium Pass Cisco NX-OS Software Cisco Fabric Services DoS (cisco-sa-fxos-nxos-cfs-dos-dAmnymbd) CVE-2020-3517 04 Nov 2020 8.6 (v3) High Pass Tenable Nessus < 8.12.1 Privilege Escalation Vulnerability (TNS-2020-08) CVE-2020-5793 30 Oct 2020 7.8 (v3) High Pass Cisco Application Policy Infrastructure Controller Linux Kernel IP Fragment Reassembly DoS CVE-2018-5391 27 Mar 2019 7.5 (v3) High Pass Cisco Application Policy Infrastructure Controller Custom Binary Privilege Escalation Vulnerability CVE-2017-6768 25 Aug 2017 7.8 (v3) High Pass Cisco Integrated Management Controller Authorization Bypass (cisco-sa-cimc-auth-zWkppJxL) CVE-2020-26063 06 Nov 2020 5.4 (v3) Medium Pass Juniper Junos OS Command Injection (JSA11108) CVE-2021-0218 14 Jan 2021 7.8 (v3) High Pass Cisco TelePresence Collaboration Endpoint Software Information Disclosure (cisco-sa-tele-info-DrEGLpDQ)CVE-2020-26086 12 Nov 2020 4.3 (v3) Medium Pass Apache Cassandra CQL Shell Service Detection 03 Nov 2020 None Pass Dell OpenManage Server Administrator Path Traversal (DSA-2020-172) CVE-2020-5377 06 Nov 2020 9.1 (v3) Critical Pass Cisco Uniﬁed Communications Manager IM and Presence Service DoS (cisco-sa-imp-dos-uTx2dqu2) CVE-2020-27121 06 Nov 2020 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.4 / 10.0.x < 10.0.1 Command Injection VCVE-2020-2000ulnerability 13 Nov 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.2 Information Exposure VulnerabilityCVE-2020-2048 13 Nov 2020 3.3 (v3) Low Pass Juniper Junos EX4300 Series DoS (JSA11067) CVE-2020-1670 01 Dec 2020 6.5 (v3) Medium 28

Pass Cisco IOS XE Software IOx Application Hosting Privilege Escalation (cisco-sa-iosxe-iox-app-host-mcZcnsBt)CVE-2020-3393 13 Nov 2020 7.8 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.4 Information Exposure CVE-2020-2043 14 Sep 2020 3.3 (v3) Low Pass Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check) CVE-2008-0166 15 May 2008 10 (v2) Critical Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.17 / 8.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.5 Vulnerability CVE-2020-1999 13 Nov 2020 5.3 (v3) Medium Pass SMTP Service Cleartext Login Permitted 19 May 2011 2.6 (v2) Low Pass Cisco Security Manager < 4.22 Static Credential Usage (cisco-sa-csm-rce-8gjUz9fW) CVE-2020-27125 17 Nov 2020 9.8 (v3) Critical Pass PHP-Calendar Multiple Script phpc_root_path Parameter Remote File Inclusion CVE-2004-1423 29 Dec 2004 8.3 (v3) High Pass Coppermine Photo Gallery album Password Cookie SQL Injection CVE-2007-3558 25 Feb 2008 7.5 (v2) High Pass Rockwell Automation MicroLogix 1100 PLC Default Credentials 07 Jul 2015 8.3 (v2) High Pass MyBB <= 1.00 RC4 Multiple SQL Injection Vulnerabilities CVE-2005-2580 CVE-2005-2697 CVE-2005-2778 30 Aug 2005 7.5 (v2) High Pass Cisco IoT Field Network Director SOAP API Authorization Bypass Vulnerability (cisco-sa-FND-AUTH-vEypBmmR)CVE-2020-26072 24 Nov 2020 8.7 (v3) High Pass Multiple Web Server printenv CGI Information Disclosure 16 Jul 2010 5 (v2) Medium Pass Cisco IOS XE SD-WAN Software Packet Filtering Bypass (cisco-sa-cedge-ﬁlt-bypass-Y6wZMqm4) CVE-2020-3444 20 Nov 2020 7.5 (v3) High Pass Cisco IOS Access Points DoS (cisco-sa-20190717-aironet-dos) CVE-2019-1920 20 Nov 2020 7.4 (v3) High Pass IBM WebSphere Application Server 7.0.0.x through 7.0.0.45 / 8.0.0.x through 8.0.0.15 / 8.5.x through to 8.5.5.17 / 9.0.x thrCVE-2020-4643ough to 9.0.5.5 XXE (CVE-2020-4643) 25 Sep 2020 7.5 (v3) High Pass ASP.NET DEBUG Method Enabled 27 Jun 2008 4.3 (v3) Medium Pass SAP Gateway 10Kblaze Remote Code Execution Vulnerability. 19 Jun 2019 9.4 (v3) Critical Pass Juniper Junos OS EX4300 / EX4600 / QFX5 Series DoS (JSA11084) CVE-2020-1687 25 Nov 2020 6.5 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.7 Information DisclosurCVE-2018-1621 e (715271) 10 Sep 2020 6.7 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.6 XSS (CVE-2020-4578)CVE-2020-4578 15 Oct 2020 5.4 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 Multiple Vulnerabilities (296865) CVE-2011-4343 CVE-2017-1583 20 Oct 2020 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.11 / 9.0.x < 9.0.0.1 FileUpload DoS (CVE-2016-3092)CVE-2017-1503 23 Oct 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information DisclosurCVE-2012-5783 e (CVE-2012-5783) 27 Oct 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.39 / 8.0.0.x < 8.0.0.12 / 8.5.x < 8.5.5.8 HTTP Response Splitting (CVE-2015-2017)CVE-2015-2017 03 Nov 2020 4.3 (v3) Medium Pass Cisco IoT Field Network Director Unauthenticated REST API (cisco-sa-FND-BCK-GHkPNZ5F) CVE-2020-3531 24 Nov 2020 9.8 (v3) Critical Pass Junos OS malformed IPv6 packet DoS (JSA11083) CVE-2020-1686 01 Dec 2020 7.5 (v3) High Pass Cisco DNA Spaces Connector Web Detection. 01 Dec 2020 None Pass Cisco IOS Software Internet Key Exchange Denial of Service Vulnerability CVE-2017-12237 06 Oct 2017 7.5 (v3) High Pass Cisco DNA Spaces Connector Command Injection Vulnerability (cisco-sa-dna-cmd-injection-rrAYzOwc) CVE-2020-3586 02 Dec 2020 9.8 (v3) Critical Pass PostNuke <= 0.760 RC4b Multiple Vulnerabilities CVE-2005-2689 CVE-2005-2690 30 Aug 2005 4.6 (v2) Medium Pass FTP Daemon Long Command XSRF 17 Jun 2010 5.3 (v3) Medium Pass VMware Workspace ONE Access HTTP Detection 08 Dec 2020 None Pass Netopia Router Crafted SNMP Request Remote Admin Password Disclosure 20 Sep 2006 10 (v2) Critical Pass Remote Help Default Credentials 24 Mar 2010 10 (v2) Critical Pass CMS Made Simple admin/lang.php nls Parameter Remote File Inclusion CVE-2005-2846 01 Sep 2005 6.8 (v2) Medium Pass Phorum register.php Username Field XSS CVE-2005-2836 06 Sep 2005 4.3 (v2) Medium Pass Web Server PROPFIND Method Internal IP Disclosure CVE-2002-0422 18 Mar 2004 2.6 (v2) Low Pass JBoss Administration Console Default Credentials 14 Jul 2010 7.5 (v2) High Pass X11 Server Unauthenticated Access CVE-1999-0526 10 Oct 2005 10 (v2) Critical Pass AttachmateWRQ Reﬂection for Secure IT Server SFTP Format String CVE-2006-0705 14 Feb 2006 5 (v2) Medium Pass Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password (cisco-sa-20181003-cpcp-passworCVE-2018-15389d) 21 Dec 2020 9.8 (v3) Critical Pass PHP-Fusion < 6.00.108 BBCode Nested URL Tag XSS CVE-2005-2783 08 Sep 2005 4.3 (v2) Medium Pass AMember Multiple Script conﬁg[root_dir] Parameter Remote File Inclusion CVE-2005-2865 08 Sep 2005 6.8 (v2) Medium Pass Tetrinet server detection 11 Sep 2005 None Pass Apache mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String CVE-2004-0700 16 Jul 2004 7.5 (v2) High Pass Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family WLAN Local Proﬁling DoS (cisco-sa-dclass-dos-VKh9D8k3)CVE-2020-3428 21 Dec 2020 6.5 (v3) Medium Pass Zorum <= 3.5 Multiple Remote Vulnerabilities CVE-2005-0675 CVE-2005-0676 CVE-2005-0677 CVE-2005-2651 CVE-2005-4619 CVE-2006-3332 11 Mar 2005 7.5 (v2) High Pass VMware ESX / ESXi Tools Folder Incorrect ACL Privilege Escalation (VMSA-2012-0007) (remote check) CVE-2012-1518 03 Mar 2016 8.3 (v2) High Pass VMware ESX / ESXi Tools Update Privilege Escalation (VMSA-2010-0018) (remote check) CVE-2010-4297 08 Mar 2016 7.2 (v2) High Pass Dada Mail Archived Message XSS CVE-2005-2595 12 Sep 2005 4.3 (v2) Medium Pass Cisco TelePresence Conductor Default Credentials (Web UI) 26 Nov 2014 7.5 (v2) High Pass Trend Micro Worry-Free Business Security Path Traversal Authentication Bypass (000245572) CVE-2020-8600 18 Aug 2020 9.8 (v3) Critical Pass WordPress Plugin 'Email Subscribers & Newsletters' < 4.5.6 Email Forgery/Spooﬁng Vulnerability. CVE-2020-5780 14 Sep 2020 5.3 (v3) Medium Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0006) (remote check) CVE-2011-2482 CVE-2011-3191 CVE-2011-4348 CVE-2011-4862 CVE-2012-1515 03 Mar 2016 10 (v2) Critical Pass Trend Micro Apex One Management Web Console Detection 03 May 2022 None Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0013) (remote check) CVE-2008-7270 CVE-2010-1321 CVE-2010-2054 CVE-2010-3170 CVE-2010-3173 CVE-2010-3541 CVE-2010-3548 CVE-2010-3549 CVE-2010-3550 CVE-2010-3551 CVE-2010-3552 CVE-2010-3553 CVE-2010-3554 CVE-2010-3555 CVE-2010-3556 CVE-2010-3557 CVE-2010-3558 CVE-2010-3559 CVE-2010-3560 CVE-2010-3561 CVE-2010-3562 CVE-2010-3563 CVE-2010-3565 CVE-2010-3566 CVE-2010-3567 CVE-2010-3568 CVE-2010-3569 CVE-2010-3570 CVE-2010-3571 CVE-2010-3572 CVE-2010-3573 CVE-2010-3574 CVE-2010-4180 CVE-2010-4422 CVE-2010-4447 CVE-2010-4448 CVE-2010-4450 CVE-2010-4451 CVE-2010-4452 CVE-2010-4454 CVE-2010-4462 CVE-2010-4463 CVE-2010-4465 CVE-2010-4466 CVE-2010-4467 CVE-2010-4468 CVE-2010-4469 CVE-2010-4470 CVE-2010-4471 CVE-2010-4472 CVE-2010-4473 CVE-2010-4474 CVE-2010-4475 CVE-2010-4476 CVE-2011-0002 CVE-2011-0802 CVE-2011-0814 CVE-2011-0815 CVE-2011-0862 CVE-2011-0864 CVE-2011-0865 CVE-2011-0867 CVE-2011-0871 CVE-2011-087304 Mar 2016 10 (v2) Critical Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0012) (remote check) CVE-2010-0296 CVE-2010-1083 CVE-2010-1323 CVE-2010-2492 CVE-2010-2798 CVE-2010-2938 CVE-2010-2942 CVE-2010-2943 CVE-2010-3015 CVE-2010-3066 CVE-2010-3067 CVE-2010-3078 CVE-2010-3086 CVE-2010-3296 CVE-2010-3432 CVE-2010-3442 CVE-2010-3477 CVE-2010-3699 CVE-2010-3858 CVE-2010-3859 CVE-2010-3865 CVE-2010-3876 CVE-2010-3877 CVE-2010-3880 CVE-2010-3904 CVE-2010-4072 CVE-2010-4073 CVE-2010-4075 CVE-2010-4080 CVE-2010-4081 CVE-2010-4083 CVE-2010-4157 CVE-2010-4158 CVE-2010-4161 CVE-2010-4238 CVE-2010-4242 CVE-2010-4243 CVE-2010-4247 CVE-2010-4248 CVE-2010-4249 CVE-2010-4251 CVE-2010-4255 CVE-2010-4263 CVE-2010-4343 CVE-2010-4346 CVE-2010-4526 CVE-2010-4655 CVE-2011-0281 CVE-2011-0282 CVE-2011-0521 CVE-2011-0536 CVE-2011-0710 CVE-2011-1010 CVE-2011-1071 CVE-2011-1090 CVE-2011-1095 CVE-2011-1478 CVE-2011-1494 CVE-2011-1495 CVE-2011-1658 CVE-2011-165904 Mar 2016 7.9 (v2) High Pass VMware ESX Third-Party Libraries and Components Multiple Vulnerabilities (VMSA-2010-0006) (remote check)CVE-2009-0798 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 08 Mar 2016 6 (v2) Medium Pass VMware ESXi Tools Guest OS Privilege Escalation (VMSA-2014-0005) CVE-2014-3793 30 Dec 2015 5.8 (v2) Medium Pass VMware ESX / ESXi vSphere Client RCE (VMSA-2014-0003) CVE-2014-1209 30 Dec 2015 9.3 (v2) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check) CVE-2011-4940 CVE-2011-4944 CVE-2012-0441 CVE-2012-0876 CVE-2012-1033 CVE-2012-1148 CVE-2012-1150 CVE-2012-1667 CVE-2012-3817 CVE-2012-570329 Feb 2016 8.5 (v2) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0014) (remote check) CVE-2007-6063 CVE-2008-0598 CVE-2008-2086 CVE-2008-2136 CVE-2008-2812 CVE-2008-3275 CVE-2008-3525 CVE-2008-4210 CVE-2008-5339 CVE-2008-5340 CVE-2008-5341 CVE-2008-5342 CVE-2008-5343 CVE-2008-5344 CVE-2008-5345 CVE-2008-5346 CVE-2008-5347 CVE-2008-5348 CVE-2008-5349 CVE-2008-5350 CVE-2008-5351 CVE-2008-5352 CVE-2008-5353 CVE-2008-5354 CVE-2008-5355 CVE-2008-5356 CVE-2008-5357 CVE-2008-5358 CVE-2008-5359 CVE-2008-5360 CVE-2009-0692 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1103 CVE-2009-1104 CVE-2009-1105 CVE-2009-1106 CVE-2009-1107 CVE-2009-189303 Mar 2016 10 (v2) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check) CVE-2007-2052 CVE-2007-4965 CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-5966 CVE-2007-6286 CVE-2008-0002 CVE-2008-1232 CVE-2008-1721 CVE-2008-1887 CVE-2008-1947 CVE-2008-2315 CVE-2008-2370 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CVE-2008-3528 CVE-2008-4307 CVE-2008-4864 CVE-2008-5031 CVE-2008-5515 CVE-2008-5700 CVE-2009-0028 CVE-2009-0033 CVE-2009-0159 CVE-2009-0269 CVE-2009-0322 CVE-2009-0580 CVE-2009-0675 CVE-2009-0676 CVE-2009-0696 CVE-2009-0745 CVE-2009-0746 CVE-2009-0747 CVE-2009-0748 CVE-2009-0778 CVE-2009-0781 CVE-2009-0783 CVE-2009-0787 CVE-2009-0834 CVE-2009-1072 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1103 CVE-2009-1104 CVE-2009-1105 CVE-2009-1106 CVE-2009-1107 CVE-2009-1192 CVE-2009-1252 CVE-2009-1336 CVE-2009-1337 CVE-2009-1385 CVE-2009-1388 CVE-2009-1389 CVE-2009-1439 CVE-2009-1630 CVE-2009-1633 CVE-2009-1895 CVE-2009-2406 CVE-2009-2407 CVE-2009-2414 CVE-2009-2416 CVE-2009-2417 CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2675 CVE-2009-2676 CVE-2009-2692 CVE-2009-2698 CVE-2009-2716 CVE-2009-2718 CVE-2009-2719 CVE-2009-2720 CVE-2009-2721 CVE-2009-2722 CVE-2009-2723 CVE-2009-2724 CVE-2009-2847 CVE-2009-284803 Mar 2016 10 (v2) Critical Pass VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0006) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 30 Dec 2015 5.8 (v2) Medium Pass VMware ESX Multiple Vulnerabilities (VMSA-2009-0008) (remote check) CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 03 Mar 2016 10 (v2) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2014-0002) CVE-2013-4332 CVE-2013-5211 30 Dec 2015 5 (v2) Medium Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0007) (remote check) CVE-2010-1323 CVE-2010-1324 CVE-2010-2240 CVE-2010-4020 CVE-2010-4021 CVE-2011-1785 CVE-2011-1786 04 Mar 2016 7.2 (v2) High Pass VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check) CVE-2006-6304 CVE-2007-4567 CVE-2009-0590 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1384 CVE-2009-1386 CVE-2009-1387 CVE-2009-2409 CVE-2009-2695 CVE-2009-2908 CVE-2009-2910 CVE-2009-3080 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3556 CVE-2009-3563 CVE-2009-3612 CVE-2009-3613 CVE-2009-3620 CVE-2009-3621 CVE-2009-3726 CVE-2009-3736 CVE-2009-3889 CVE-2009-3939 CVE-2009-4020 CVE-2009-4021 CVE-2009-4138 CVE-2009-4141 CVE-2009-4212 CVE-2009-4272 CVE-2009-4355 CVE-2009-4536 CVE-2009-4537 CVE-2009-4538 CVE-2010-0001 CVE-2010-0097 CVE-2010-0290 CVE-2010-0382 CVE-2010-0426 CVE-2010-042708 Mar 2016 10 (v2) Critical Pass VMware ESXi Multiple DoS (VMSA-2014-0008) CVE-2013-0242 CVE-2013-1914 30 Dec 2015 5 (v2) Medium Pass VMware ESX / ESXi libxml2 Multiple Vulnerabilities (VMSA-2012-0012) (remote check) CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 CVE-2011-3905 CVE-2011-3919 CVE-2012-0841 29 Feb 2016 9.3 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check) CVE-2005-4889 CVE-2010-2059 CVE-2010-2199 CVE-2010-3316 CVE-2010-3435 CVE-2010-3609 CVE-2010-3613 CVE-2010-3614 CVE-2010-3762 CVE-2010-385304 Mar 2016 7.2 (v2) High Pass VMware ESXi Multiple Vulnerabilities (VMSA-2014-0012) CVE-2013-1752 CVE-2013-2877 CVE-2013-4238 CVE-2014-0015 CVE-2014-0138 CVE-2014-0191 30 Dec 2015 6.4 (v2) Medium Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0008) (remote check) CVE-2011-0426 CVE-2011-1788 CVE-2011-1789 04 Mar 2016 5 (v2) Medium Pass VMware ESX / ESXi Multiple DoS (VMSA-2014-0001) CVE-2014-1207 CVE-2014-1208 30 Dec 2015 4.3 (v2) Medium Pass VMware ESX Multiple Vulnerabilities (VMSA-2009-0004) (remote check) CVE-2007-2953 CVE-2008-2712 CVE-2008-3432 CVE-2008-4101 CVE-2008-5077 CVE-2009-0025 03 Mar 2016 9.3 (v2) High Pass VMware ESX / ESXi Service Console and Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0001) (rCVE-2009-3560 CVE-2009-3720 CVE-2010-0547 CVE-2010-0787 CVE-2010-1634 CVE-2010-2059 CVE-2010-2089 CVE-2010-3493 CVE-2010-4649 CVE-2011-0695 CVE-2011-0711 CVE-2011-0726 CVE-2011-1015 CVE-2011-1044 CVE-2011-1078 CVE-2011-1079 CVE-2011-1080 CVE-2011-1093 CVE-2011-1163 CVE-2011-1166 CVE-2011-1170 CVE-2011-1171 CVE-2011-1172 CVE-2011-1182 CVE-2011-1494 CVE-2011-1495 CVE-2011-1521 CVE-2011-1573 CVE-2011-1576 CVE-2011-1577 CVE-2011-1593 CVE-2011-1678 CVE-2011-1745 CVE-2011-1746 CVE-2011-1763 CVE-2011-1776 CVE-2011-1780 CVE-2011-1936 CVE-2011-2022 CVE-2011-2192 CVE-2011-2213 CVE-2011-2482 CVE-2011-2491 CVE-2011-2492 CVE-2011-2495 CVE-2011-2517 CVE-2011-2519 CVE-2011-2522 CVE-2011-2525 CVE-2011-2689 CVE-2011-2694 CVE-2011-2901 CVE-2011-3378emote check) 03 Mar 2016 9.3 (v2) High Pass VMware ESX Multiple Vulnerabilities (VMSA-2009-0009) (remote check) CVE-2009-0034 CVE-2009-0037 CVE-2009-1185 03 Mar 2016 7.2 (v2) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0011) (remote check) CVE-2012-3288 CVE-2012-3289 29 Feb 2016 9.3 (v2) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0009) (remote check) CVE-2009-3080 CVE-2009-4536 CVE-2010-1188 CVE-2010-2240 CVE-2011-1787 CVE-2011-2145 CVE-2011-2146 CVE-2011-2217 04 Mar 2016 9.3 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check) CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2010-2761 CVE-2010-4180 CVE-2010-4252 CVE-2010-4410 CVE-2011-0014 CVE-2011-1020 CVE-2011-1089 CVE-2011-1833 CVE-2011-2484 CVE-2011-2496 CVE-2011-2699 CVE-2011-3188 CVE-2011-3209 CVE-2011-3363 CVE-2011-3597 CVE-2011-4108 CVE-2011-4109 CVE-2011-4110 CVE-2011-4128 CVE-2011-4132 CVE-2011-4324 CVE-2011-4325 CVE-2011-4576 CVE-2011-4577 CVE-2011-4609 CVE-2011-4619 CVE-2012-0050 CVE-2012-0060 CVE-2012-0061 CVE-2012-0207 CVE-2012-0393 CVE-2012-0815 CVE-2012-0841 CVE-2012-0864 CVE-2012-1569 CVE-2012-1573 CVE-2012-1583 CVE-2012-211029 Feb 2016 9.3 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check) CVE-2008-0085 CVE-2008-0086 CVE-2008-0106 CVE-2008-0107 CVE-2008-3825 CVE-2008-5416 CVE-2009-1384 CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-3548 CVE-2009-3555 CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0008 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0291 CVE-2010-0307 CVE-2010-0410 CVE-2010-0415 CVE-2010-0433 CVE-2010-0437 CVE-2010-0622 CVE-2010-0730 CVE-2010-0734 CVE-2010-0740 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 CVE-2010-0886 CVE-2010-1084 CVE-2010-1085 CVE-2010-1086 CVE-2010-1087 CVE-2010-1088 CVE-2010-1157 CVE-2010-1173 CVE-2010-1187 CVE-2010-1321 CVE-2010-1436 CVE-2010-1437 CVE-2010-1641 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2227 CVE-2010-2240 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 CVE-2010-2928 CVE-2010-2939 CVE-2010-3081 CVE-2010-3541 CVE-2010-3548 CVE-2010-3549 CVE-2010-3550 CVE-2010-3551 CVE-2010-3553 CVE-2010-3554 CVE-2010-3556 CVE-2010-3557 CVE-2010-3559 CVE-2010-3561 CVE-2010-3562 CVE-2010-3565 CVE-2010-3566 CVE-2010-3567 CVE-2010-3568 CVE-2010-3569 CVE-2010-3571 CVE-2010-3572 CVE-2010-3573 CVE-2010-3574 CVE-2010-386404 Mar 2016 7.8 (v3) High Pass VMware ESX Java Runtime Environment (JRE) Multiple Vulnerabilities (VMSA-2010-0002) (remote check) CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1103 CVE-2009-1104 CVE-2009-1105 CVE-2009-1106 CVE-2009-1107 CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2675 CVE-2009-2676 CVE-2009-2716 CVE-2009-2718 CVE-2009-2719 CVE-2009-2720 CVE-2009-2721 CVE-2009-2722 CVE-2009-2723 CVE-2009-2724 CVE-2009-3728 CVE-2009-3729 CVE-2009-3864 CVE-2009-3865 CVE-2009-3866 CVE-2009-3867 CVE-2009-3868 CVE-2009-3869 CVE-2009-3871 CVE-2009-3872 CVE-2009-3873 CVE-2009-3874 CVE-2009-3875 CVE-2009-3876 CVE-2009-3877 CVE-2009-3879 CVE-2009-3880 CVE-2009-3881 CVE-2009-3882 CVE-2009-3883 CVE-2009-3884 CVE-2009-3885 CVE-2009-388608 Mar 2016 10 (v2) Critical Pass ManageEngine Applications Manager REST API SQLi CVE-2020-15394 07 Jan 2021 9.8 (v3) Critical Pass Juniper Junos OS DoS (JSA11107) CVE-2021-0217 13 Jan 2021 7.4 (v3) High Pass OpenSSL 1.0.2 < 1.0.2zd Vulnerability CVE-2022-0778 16 Mar 2022 7.5 (v3) High Pass Cisco IOS DHCP Multiple Vulnerabilities CVE-2018-0172 CVE-2018-0173 CVE-2018-0174 17 Apr 2018 8.6 (v3) High Pass PHP 7.3.x < 7.3.26 / 7.4.x < 7.4.14 / 8.x < 8.0.1 Input Validation Error CVE-2020-7071 14 Jan 2021 5.3 (v3) Medium Pass SolarWinds Orion Platform 2019.4 HF5 / 2020.2.x < 2020.2.1 SUNBURST Malware Backdoor 14 Dec 2020 8.1 (v3) High Pass Juniper Junos OS Denial of Service (JSA11105) CVE-2021-0215 14 Jan 2021 6.5 (v3) Medium Pass X Server Unauthenticated Access: Screenshot CVE-1999-0526 08 May 2013 10 (v2) Critical Pass OS Identiﬁcation : RDP 17 Oct 2007 None Pass OpenSSL 3.0.0 < 3.0.2 Vulnerability CVE-2022-0778 16 Mar 2022 7.5 (v3) High Pass HP Power Manager Default Credentials 17 Nov 2009 7.5 (v2) High Pass Sawmill < 7.1.14 GET Request Query String XSS CVE-2005-2950 12 Sep 2005 4.3 (v2) Medium Pass CMSimple index.php search Function XSS CVE-2005-2392 14 Sep 2005 4.3 (v2) Medium Pass AVEVA InduSoft Web Studio / InTouch Edge HMI UniSoft.dll wcscpy() Stack Overﬂow CVE-2018-17916 31 Oct 2018 9.8 (v3) Critical Pass Schneider Electric IGSS Data Server Path Traversal (CVE-2022-24312) CVE-2022-24312 17 Mar 2022 9.8 (v3) Critical Pass Jumi Component for Joomla! 'ﬁleid' Parameter SQLi CVE-2009-2102 16 Nov 2009 7.3 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 Information DisclosurCVE-2020-4629 e (6339255) 19 Jan 2021 3.3 (v3) Low Pass OSSIM 'host/draw_tree.php' Access Restriction Weakness Information Disclosure CVE-2009-3441 02 Nov 2009 5 (v2) Medium Pass 4D WebSTAR Tomcat Plugin Remote Buﬀer Overﬂow CVE-2005-1507 09 May 2005 5.1 (v2) Medium Pass Aprox PHP Portal index.php Arbitrary File View CVE-2004-0237 02 Feb 2004 5 (v2) Medium Pass HP OpenView Network Node Manager webappmon.exe Command Injection (c01661610) CVE-2008-4559 12 Feb 2009 7.5 (v2) High Pass CodeThatShoppingCart Multiple Remote Vulnerabilities (SQLi, XSS, ID) CVE-2005-1593 CVE-2005-1594 CVE-2005-1595 14 May 2005 7.5 (v2) High Pass Novell iManager < 2.7.6 Patch 1 Multiple Vulnerabilities CVE-2013-1088 CVE-2013-3268 19 Apr 2013 10 (v2) Critical Pass Puppet Multiple Vulnerabilities (2013/03/12) CVE-2013-1640 CVE-2013-1652 CVE-2013-1654 CVE-2013-2275 26 Apr 2013 9 (v2) High Pass McAfee ePolicy Orchestrator 4.6.x Multiple Vulnerabilities (SB10042) CVE-2013-0140 CVE-2013-0141 04 May 2013 7.9 (v2) High Pass IBM Multiple Products login.php Query String XSS CVE-2010-0714 15 Mar 2010 4.3 (v2) Medium Pass OSSIM download.php Directory Traversal 17 Mar 2010 5 (v2) Medium Pass VMware ESX WebAccess Context Data XSS (VMSA-2010-0005) CVE-2009-2277 05 Apr 2010 4.3 (v2) Medium Pass Apache Tomcat 4.1 XSS CVE-2002-1567 14 Jul 2010 5.3 (v3) Medium Pass NetSupport Manager Gateway HTTP Protocol Information Disclosure CVE-2010-4184 10 Nov 2010 4.3 (v2) Medium 29

Pass NextGEN Smooth Gallery Plugin for WordPress 'galleryID' Parameter SQL Injection 07 Sep 2010 6.8 (v2) Medium Pass Ektron CMS400.NET Default Credentials 30 Apr 2010 7.5 (v2) High Pass Syncrify < 2.1 Build 420 Multiple Security Bypass Vulnerabilities 23 Sep 2010 7.5 (v2) High Pass Community Link Pro login.cgi ﬁle Parameter Arbitrary Command Execution CVE-2005-2111 27 Jul 2005 7.5 (v2) High Pass Land Down Under <= 800 Multiple Vulnerabilities CVE-2005-2674 CVE-2005-2675 CVE-2005-2780 06 Sep 2005 6.8 (v2) Medium Pass Red Hat Administration Server (redhat-ds-admin) Multiple Remote Vulnerabilities CVE-2008-0892 CVE-2008-0893 23 Apr 2008 9 (v2) High Pass MODx < 2.0.3-pl class_key Parameter Local File Inclusion CVE-2010-5278 20 Oct 2011 6.8 (v2) Medium Pass ManageEngine Desktop Central < 10.1.2137.9 Authentication Bypass (uncredentialed check) CVE-2021-44757 24 Mar 2022 9.1 (v3) Critical Pass Ipswitch WhatsUp Professional Crafted Header Authentication Bypass CVE-2006-2531 18 May 2006 7.5 (v2) High Pass Emulive Server4 Authentication Bypass CVE-2004-1695 CVE-2004-1696 23 Sep 2004 7.5 (v2) High Pass PHPSurveyor Multiple SQL Injections CVE-2005-4586 03 Jan 2006 7.5 (v2) High Pass McAfee WebShield UI Authentication Bypass (SB10026) CVE-2012-4595 16 May 2012 7.5 (v2) High Pass Pretty Link Plugin for WordPress 'pretty-bar.php' 'url' Parameter XSS CVE-2011-4595 06 Jun 2012 4.3 (v2) Medium Pass Woltlab Burning Board Multiple SQL Injections CVE-2005-3369 CVE-2006-1094 08 Mar 2006 7.5 (v2) High Pass Symantec Message Filter Multiple Vulnerabilities (SYM12-010) CVE-2012-0300 CVE-2012-0301 CVE-2012-0302 CVE-2012-0303 03 Jul 2012 6.8 (v2) Medium Pass Symantec Reporting Server Improper URL Handling Exposure CVE-2009-1432 01 May 2009 4.3 (v2) Medium Pass Adobe ColdFusion On Apache Double Encoded NULL Byte Request File Content Disclosure CVE-2009-1876 21 Aug 2009 5.3 (v3) Medium Pass WaveMaker Studio Requires No Authentication 19 Jul 2012 7.5 (v2) High Pass CoolForum Multiple Vulnerabilities (SQLi, XSS) CVE-2005-0857 CVE-2005-0858 22 Mar 2005 5.1 (v2) Medium Pass AXIGEN Webmail < 7.1.0 HTML Body Script Insertion CVE-2009-1484 27 May 2009 4.3 (v2) Medium Pass Oracle Secure Backup Administration Server Authentication Bypass CVE-2009-1977 14 Sep 2009 10 (v2) Critical Pass ASG-Sentry CGI Default Credentials 14 Oct 2008 7.5 (v2) High Pass Sun Java System Directory Server Online Help Feature Information Disclosure CVE-2009-1332 04 Jun 2009 5 (v2) Medium Pass McAfee Common Management Agent < 3.6.0.603 FrameworkService.exe AVClient DoS CVE-2008-1855 23 Nov 2009 5.3 (v3) Medium Pass BASE < 1.2.5 readRoleCookie() Auth Bypass 26 Jun 2009 7.5 (v2) High Pass WordPress Pingback File Information Disclosure CVE-2007-0541 25 Jan 2007 5 (v2) Medium Pass GOsa Multiple Script plugin Parameter Remote File Inclusion CVE-2003-1412 27 Feb 2003 8.3 (v3) High Pass CockroachDB < 2.1.12 / 19.x < 19.1.8 / 19.2.x < 19.2.4 Broken Access Control Direct Check (A42567) 04 Apr 2022 9.1 (v3) Critical Pass Microsoft IIS Translate f: ASP/ASA Source Disclosure CVE-2000-0778 23 Aug 2000 5 (v2) Medium Pass Directory Pro Traversal Arbitrary File Access CVE-2001-0780 29 May 2001 5 (v2) Medium Pass ht://Dig htsearch Multiple Vulnerabilities CVE-2001-0834 17 Oct 2001 5.8 (v2) Medium Pass HP Operations Orchestration 10.x < 10.22.001 XSRF CVE-2015-5451 02 Dec 2015 6.8 (v2) Medium Pass Novell 'modulemanager' Servlet Arbitrary File Upload (safe check) CVE-2010-0284 01 Jul 2010 10 (v2) Critical Pass LiteSpeed Web Server MIME Type Injection Null Byte Script Source Code Disclosure CVE-2007-5654 23 Oct 2007 5 (v2) Medium Pass Woppoware PostMaster <= 4.2.2 Multiple Vulnerabilities CVE-2005-1650 CVE-2005-1651 CVE-2005-1652 CVE-2005-1653 12 May 2005 5 (v2) Medium Pass Apache Tomcat Catalina org.apache.catalina.servlets.DefaultServlet Source Code Disclosure CVE-2002-1148 CVE-2002-1394 28 Nov 2002 5.3 (v3) Medium Pass TWiki 'rev' Parameter Arbitrary Command Execution CVE-2005-2877 15 Sep 2005 8.8 (v3) High Pass Spring Framework Spring4Shell (CVE-2022-22965) CVE-2022-22965 06 Apr 2022 9.8 (v3) Critical Pass WordPress < 1.5.1.3 XMLRPC SQL Injection CVE-2005-2108 01 Jul 2005 7.5 (v2) High Pass HP OpenView Network Node Manager Multiple CGI Remote Overﬂows CVE-2007-6204 07 Dec 2007 7.5 (v2) High Pass Site@School slideshow_full.php album_name Parameter SQL Injection CVE-2008-0129 04 Jan 2008 6.8 (v2) Medium Pass VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0011) CVE-2022-22954 CVE-2022-22955 CVE-2022-22956 CVE-2022-22957 CVE-2022-22958 CVE-2022-22959 CVE-2022-22960 CVE-2022-2296106 Apr 2022 9.8 (v3) Critical Pass Vignette Application Portal Diagnostic Utility Information Disclosure CVE-2004-0917 29 Sep 2004 5 (v2) Medium Pass Alexandria-dev Multiple Script Upload Spooﬁng Arbitrary File Access 28 Mar 2003 4 (v2) Medium Pass Mambo Site Server MD5 Hash Session ID Privilege Escalation CVE-2003-1245 12 Mar 2003 10 (v2) Critical Pass MPC SoftWeb Guestbook Multiple Vulnerabilities 07 May 2003 5 (v2) Medium Pass phPay admin/phpinfo.php Information Disclosure 14 Apr 2003 6.4 (v2) Medium Pass eZ Publish settings/site.ini Conﬁguration Disclosure 15 Apr 2003 5 (v2) Medium Pass MultiHTML multihtml.pl Traversal Arbitrary File Access CVE-2000-0912 16 Sep 2000 5 (v2) Medium Pass HappyMall Multiple Script Arbitrary Command Execution CVE-2003-0243 08 May 2003 10 (v2) Critical Pass ttCMS 2.2 Multiple Vulnerabilities CVE-2003-1458 CVE-2003-1459 19 May 2003 7.3 (v3) High Pass Symantec LiveUpdate Administrator < 2.3.2.110 Multiple Vulnerabilities (SYM14-005) CVE-2014-1644 CVE-2014-1645 31 Mar 2014 7.5 (v2) High Pass ATutor < 1.5.1-pl1 Multiple Remote Vulnerabilities (XSS, RFI, Command Exe) CVE-2005-3403 CVE-2005-3404 CVE-2005-3405 27 Oct 2005 7.5 (v2) High Pass GD Star Rating Plugin for WordPress 'export.php' Authentication Bypass Information Disclosure 27 Mar 2013 5 (v2) Medium Pass WF-Chat User Account Disclosure CVE-2003-1540 02 Jun 2003 5 (v2) Medium Pass IRCXPro Default Admin Password 03 Jun 2003 6.4 (v2) Medium Pass SquirrelMail Multiple Remote Vulnerabilities 18 Jun 2003 7.5 (v2) High Pass CGI Generic SQL Injection (2nd pass) 12 Nov 2009 7.5 (v2) High Pass PHPCatalog id Parameter SQL Injection 31 Dec 2003 7.5 (v2) High Pass Smart Publisher index.php ﬁledata Parameter Arbitrary Command Execution CVE-2008-0503 29 Jan 2008 8.8 (v3) High Pass Ocean12 ASP Calendar Administrative Access CVE-2004-1400 15 Dec 2004 7.5 (v2) High Pass Puppet Enterprise < 3.0.1 Multiple Vulnerabilities CVE-2013-4073 CVE-2013-4761 CVE-2013-4762 CVE-2013-4955 CVE-2013-4956 CVE-2013-4958 CVE-2013-4959 CVE-2013-4961 CVE-2013-4962 CVE-2013-4963 CVE-2013-4964 CVE-2013-4967 CVE-2013-496828 Oct 2013 6.9 (v2) Medium Pass HP Web JetAdmin <=7.0 Multiple Vulnerabilities (XSS, Code Exe, DoS, more) 05 May 2004 10 (v2) Critical Pass Novell iManager < 2.7 SP1 Property Book Pages Arbitrary Plug-in Studio Deletion CVE-2008-3488 12 Aug 2008 5 (v2) Medium Pass JBoss Enterprise Application Platform (EAP) Status Servlet Request Remote Information Disclosure CVE-2008-3273 CVE-2010-1429 13 Aug 2008 5 (v2) Medium Pass cformsII Plugin for WordPress 'rs' Parameter XSS CVE-2010-3977 08 Nov 2010 4.3 (v2) Medium Pass ELOG Web Logbook < 2.5.7 Multiple Remote Vulnerabilities (OF, Traversal) CVE-2005-0439 CVE-2005-0440 16 Feb 2005 7.5 (v2) High Pass Puppet Enterprise 3.x < 3.2.0 Multiple Vulnerabilities CVE-2013-4966 CVE-2013-4971 CVE-2014-0060 CVE-2014-0082 21 Mar 2014 6.4 (v2) Medium Pass CuteNews show_archives.php archive Parameter XSS 20 Aug 2004 4.7 (v3) Medium Pass Microsoft IIS global.asa Remote Information Disclosure 05 Jun 2002 1.9 (v2) Low Pass ManageEngine ServiceDesk Plus FileDownload.jsp FILENAME Parameter Traversal Arbitrary File Access CVE-2011-2755 CVE-2011-2756 CVE-2011-2757 28 Jun 2011 5 (v2) Medium Pass PerlDesk pdesk.cgi lang Parameter Traversal Arbitrary File Access CVE-2004-1678 15 Sep 2004 5 (v2) Medium Pass Dell KACE K2000 Web Backdoor Account CVE-2011-4046 09 Nov 2011 7.5 (v2) High Pass WordPress < 1.2.2 Multiple XSS CVE-2004-1559 28 Sep 2004 4.3 (v2) Medium Pass Symantec Web Gateway timer.php XSS (SYM12-006) CVE-2012-0296 15 May 2012 4.3 (v2) Medium Pass ocPortal index.php req_path Parameter Remote File Inclusion CVE-2004-1592 13 Oct 2004 8.3 (v3) High Pass Limbo CMS Multiple Vulnerabilities CVE-2005-4317 CVE-2005-4318 CVE-2005-4319 CVE-2005-4320 30 Jan 2006 7.5 (v2) High Pass paNews admin_setup.php Multiple Parameter Arbitrary PHP Code Injection CVE-2005-0647 23 Feb 2005 7.3 (v3) High Pass OpenConnect WebConnect < 6.5.1 Multiple Vulnerabilities CVE-2004-0465 CVE-2004-0466 24 Feb 2005 5 (v2) Medium Pass UBB.threads ubbthreads.php debug Parameter XSS CVE-2006-2755 31 May 2006 4.3 (v2) Medium Pass Greymatter 1.3 Multiple Vulnerabilities 08 Jan 2005 4.3 (v2) Medium Pass IBM Websphere Commerce Database Update Information Disclosure 15 Jan 2005 2.6 (v2) Low Pass Novell 'modulemanager' Servlet Arbitrary File Upload (intrusive check) CVE-2010-0284 01 Jul 2010 10 (v2) Critical Pass SmarterTools SmarterMail Attachment Upload XSS 31 Jan 2005 4.3 (v2) Medium Pass TYPO3 Default Credentials 22 Jan 2010 7.5 (v2) High Pass WebCalendar login.php webcalendar_session Cookie SQL Injection CVE-2005-0474 18 Feb 2005 7.3 (v3) High Pass Claroline add_course.php Multiple Parameter XSS 08 Feb 2005 4.3 (v2) Medium Pass Microsoft Outlook Web Access (OWA) Anonymous Access CVE-2001-0660 10 Oct 2001 5 (v2) Medium Pass CProxy 3.3.x - 3.4.4 Multiple Vulnerabilities CVE-2005-0657 05 Mar 2005 7.8 (v2) High Pass zFeeder admin.php Direct Request Admin Authentication Bypass CVE-2009-0807 09 Mar 2009 7.5 (v2) High Pass VICIDIAL Call Center Suite admin.php SQL Injection CVE-2009-2234 26 May 2009 6.8 (v2) Medium Pass Redhat Stronghold status / info Request Information Disclosure CVE-2001-0868 25 Nov 2001 5 (v2) Medium Pass Nuked-Klan 1.2b Multiple Vulnerabilities CVE-2003-1238 CVE-2003-1370 CVE-2003-1371 28 Feb 2003 5.8 (v2) Medium Pass PHP 5.6.x < 5.6.12 Multiple Vulnerabilities CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-8867 CVE-2015-8874 CVE-2015-8879 11 Aug 2015 7.3 (v3) High Pass HotNews Multiple Script Remote File Inclusion CVE-2004-1796 05 Jan 2004 8.3 (v3) High Pass Basilix Webmail Attachment Crafted POST Arbitrary File Access CVE-2002-1710 09 Aug 2004 5 (v2) Medium Pass Coppermine Photo Gallery init.inc.php X-Forwarded-For XSS CVE-2005-1172 18 Apr 2005 3.5 (v2) Low Pass Splunk Enterprise < 5.0.14 / 6.0.10 / 6.1.9 / 6.2.5 or Splunk Light < 6.2.5 Multiple Vulnerabilities CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1793 21 Aug 2015 6.8 (v2) Medium Pass MetaCart E-Shop productsByCategory.ASP Multiple Vulnerabilities CVE-2005-1361 CVE-2005-1363 CVE-2005-1622 17 May 2005 7.5 (v2) High Pass WP Symposium Plugin for WordPress forum_functions.php 'topic_id' Parameter SQLi 25 Aug 2015 7.5 (v2) High Pass ProductCart Multiple Input Validation Vulnerabilities CVE-2005-0994 CVE-2005-0995 06 Apr 2005 7.5 (v2) High Pass Splunk Enterprise 6.2.x < 6.2.6 / Splunk Light 6.2.x < 6.2.6 Splunk Web XSS 16 Sep 2015 4.3 (v2) Medium Pass WebHints hints.pl Arbitrary Command Execution CVE-2005-1950 13 Jun 2005 7.5 (v2) High Pass ezUpload <= 2.2 Multiple Remote Vulnerabilities (SQLi, RFI, LFI) CVE-2005-2616 CVE-2005-4308 CVE-2005-4309 10 Aug 2005 7.5 (v2) High Pass ManageEngine ServiceDesk Plus User and Domain Enumeration 20 Oct 2015 5 (v2) Medium Pass MercuryBoard User-Agent SQL Injection CVE-2005-2028 21 Jun 2005 6.5 (v2) Medium Pass DUclassmate Multiple Scripts SQL Injection CVE-2005-2049 28 Jun 2005 7.5 (v2) High Pass DUpaypal Pro Multiple Scripts SQL Injection CVE-2005-2047 CVE-2006-6365 28 Jun 2005 7.5 (v2) High Pass IBM InfoSphere Data Replication Dashboard User Enumeration CVE-2013-0584 10 Apr 2013 5 (v2) Medium Pass Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed Plus Line Cards DoS (cisco-sa-lsplus-Z6AQEOjk)CVE-2022-20714 22 Apr 2022 8.6 (v3) High Pass ManageEngine ServiceDesk Plus Multiple Vulnerabilities 16 Nov 2015 5 (v2) Medium Pass Gossamer Threads Links < 3.0.4 Multiple Script XSS 20 Jul 2005 4.7 (v3) Medium 30

Pass ModernBill <= 4.3.0 Multiple Vulnerabilities CVE-2005-1053 CVE-2005-1054 11 Apr 2005 6.8 (v2) Medium Pass paFileDB auth.php paﬁledbcookie Cookie SQL Injection CVE-2005-2723 25 Aug 2005 5.1 (v2) Medium Pass Gravity Board X <= 1.1 Multiple Vulnerabilities (SQLi, XSS, PD, Cmd Exe) CVE-2005-2562 CVE-2005-2563 CVE-2005-2564 CVE-2005-2565 08 Aug 2005 7.5 (v2) High Pass Limbo CMS index.php Itemid Parameter Arbitrary Command Execution CVE-2006-1662 03 Mar 2006 7.5 (v2) High Pass AutoLinks Pro 'al_initialize.php alpath Parameter Remote File Inclusion CVE-2005-2782 29 Aug 2005 6.8 (v2) Medium Pass VMware Workspace One Access / VMware Identity Manager Server-side Template Injection RCE (CVE-2022-22954)CVE-2022-22954 25 Apr 2022 9.8 (v3) Critical Pass SolarWinds Orion NPM < 10.7 Multiple Vulnerabilities CVE-2014-3459 12 May 2014 6.8 (v2) Medium Pass WebGUI < 6.7.3 Multiple Command Execution Vulnerabilities CVE-2005-2837 06 Sep 2005 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA69503) CVE-2022-22193 25 Apr 2022 5.5 (v3) Medium Pass Fortinet FortiAuthenticator Default Credentials 16 Feb 2015 10 (v2) Critical Pass RaidenHTTPD check.php SoftParserFileXml Parameter Remote File Inclusion CVE-2006-4723 11 Sep 2006 5.1 (v2) Medium Pass paFileDB paﬁledb.php id Parameter XSS CVE-2002-1931 CVE-2005-0952 26 Mar 2003 4.3 (v2) Medium Pass WP Super Cache Plugin for WordPress Multiple Insecure PHP Code Inclusion Macros Remote Code ExecutionCVE-2013-2009 CVE-2013-2011 03 May 2013 8.8 (v3) High Pass GNUMP3d < 2.9.6 Multiple Remote Vulnerabilities (XSS, Traversal) CVE-2005-3123 CVE-2005-3424 CVE-2005-3425 31 Oct 2005 5 (v2) Medium Pass phpMyDirectory review.php subcat Parameter XSS CVE-2005-0896 25 Mar 2005 4.3 (v2) Medium Pass phpAdsNew XML-RPC Library Remote Code Injection CVE-2005-1921 11 Nov 2005 7.3 (v3) High Pass Citrix Access Gateway 5.x < 5.0.4.223524 Unspeciﬁed Security Bypass CVE-2013-2263 12 Apr 2013 5 (v2) Medium Pass MyBB ratethread.php 'rating' Parameter SQLi CVE-2005-4200 17 Sep 2005 7.5 (v2) High Pass NetworkActiv Web Server Crafted Filename Request Script Source Disclosure CVE-2006-0815 27 Mar 2006 5 (v2) Medium Pass WebCalendar includes/functions.php noSet Variable Overwrite CVE-2007-1343 07 Mar 2007 7.5 (v2) High Pass Visual Mining NetCharts Server Default Credentials (Web UI) 17 Dec 2014 7.5 (v2) High Pass Philboard /database/philboard.mdb Direct Request Database Disclosure 02 Jun 2003 5 (v2) Medium Pass Symantec Web Gateway < 5.2.2 Authenticated OS Command Injection (SYM14-016) CVE-2014-7285 19 Dec 2014 6.5 (v2) Medium Pass Alibaba tst.bat Arbitrary Command Execution CVE-1999-0885 04 Nov 1999 5 (v2) Medium Pass Link-Local Multicast Name Resolution (LLMNR) Service Detection 28 Apr 2022 None Pass ColdFusion Web Server User-Agent HTTP Header Error Message XSS CVE-2007-0817 06 Feb 2007 4.3 (v2) Medium Pass ALCASAR 'index.php' Crafted HTTP Header RCE 20 Jan 2015 7.5 (v2) High Pass ManageEngine Password Manager Pro 6.5 < 7.1 Build 7105 Blind SQL Injection CVE-2014-8499 23 Jan 2015 6.3 (v3) Medium Pass ManageEngine Password Manager Pro < 7.0 Build 7003 SQL Injection CVE-2014-3996 CVE-2014-3997 23 Jan 2015 7.3 (v3) High Pass rot13sj.cgi Arbitrary File Access 03 Jun 2003 7.5 (v2) High Pass Fortinet FortiAuthenticator 'operation' Parameter XSS CVE-2015-1455 CVE-2015-1456 CVE-2015-1457 CVE-2015-1458 CVE-2015-1459 16 Feb 2015 7.5 (v2) High Pass Adobe ColdFusion Authentication Bypass (APSB13-13) CVE-2013-1389 14 May 2013 10 (v2) Critical Pass ManageEngine OpManager Default Credentials CVE-2015-7765 16 Feb 2015 9 (v2) High Pass ManageEngine OpManager 'probeName' SQL Injection Vulnerability CVE-2014-7867 16 Feb 2015 7.5 (v2) High Pass Symantec Data Center Security Server 'environment.jsp' Information Disclosure (SYM15-001) CVE-2014-9225 26 Feb 2015 4 (v2) Medium Pass wwwcount Count.cgi Remote Overﬂow CVE-1999-0021 22 Jun 1999 7.5 (v2) High Pass Symantec Data Center Security Server 'SSO-Error.jsp' XSS (SYM15-001) CVE-2014-9224 26 Feb 2015 3.5 (v2) Low Pass Symantec Data Center Security Server SQLi (SYM15-001) CVE-2014-7289 26 Feb 2015 6.5 (v2) Medium Pass ManageEngine Desktop Central NativeAppServlet UDID JSON RCE CVE-2014-9371 09 Mar 2015 10 (v2) Critical Pass NETGEAR SOAP Request Handling Remote Authentication Bypass 12 Mar 2015 8.8 (v3) High Pass HP Operations Orchestration 10.x Remote Information Disclosure CVE-2015-2108 12 May 2015 3.5 (v2) Low Pass Websense TRITON Unauthorized File Disclosure CVE-2015-2748 21 May 2015 5 (v2) Medium Pass SPIP < 1.8.2-g Multiple Vulnerabilities CVE-2006-0517 CVE-2006-0518 CVE-2006-0519 25 Feb 2006 7.5 (v2) High Pass Scrutinizer < 9.5.2 Multiple Vulnerabilities CVE-2012-2626 CVE-2012-2627 CVE-2012-3848 23 Aug 2012 9.4 (v2) High Pass alpha_auth_check() Function Remote Authentication Bypass CVE-2013-6026 15 Oct 2013 10 (v2) Critical Pass IBM DB2 Content Manager eClient < 8.4.1.1 Unspeciﬁed Security Vulnerability CVE-2009-1231 23 Sep 2013 10 (v2) Critical Pass phpMoAdmin saveObject Remote Command Execution CVE-2015-2208 16 Jun 2015 7.5 (v2) High Pass Western Digital Arkeia Virtual Appliance Unsupported Version Detection 28 May 2014 10 (v2) Critical Pass Western Digital Arkeia 10.1.x < 10.1.19 / 10.2.x < 10.2.9 Multiple Vulnerabilities (Heartbleed) CVE-2014-0160 CVE-2014-2846 02 Jun 2014 7.5 (v3) High Pass Splunk < 5.0.6 Unspeciﬁed XSS CVE-2013-6870 27 Nov 2013 4.3 (v2) Medium Pass Huawei Multiple Device Authentication Bypass CVE-2013-6031 24 Mar 2014 4.3 (v2) Medium Pass Oracle Containers for J2EE Component Unspeciﬁed XSS CVE-2013-5773 10 Jan 2014 4.3 (v2) Medium Pass Sophos Web Protection Appliance patience.cgi 'id' Parameter Directory Traversal CVE-2013-2641 09 Apr 2013 5.3 (v3) Medium Pass IBM Rational Focal Point Login Servlet File Disclosure CVE-2013-5397 06 Mar 2014 3.3 (v2) Low Pass Oracle Containers for J2EE Multiple Unspeciﬁed HTTP Vulnerabilities (April 2014 CPU) CVE-2014-0413 CVE-2014-0414 CVE-2014-0426 21 May 2014 5 (v2) Medium Pass Blackboard Learning System <= 8.0 SP6 Unspeciﬁed XSS CVE-2014-0811 13 Jun 2014 4.3 (v2) Medium Pass Inﬁnite Mobile Delivery Webmail Multiple Vulnerabilities (XSS, PD) CVE-2005-0323 CVE-2005-0324 31 Jan 2005 4.3 (v2) Medium Pass HP AutoPass License Server Remote Code Execution (HPSBMU03045) CVE-2013-6221 27 Jun 2014 10 (v2) Critical Pass ionCube loader-wizard.php Remote Information Disclosure 04 Apr 2014 5 (v2) Medium Pass Halon Security Router User Interface Default Credentials 11 Aug 2014 10 (v2) Critical Pass Riverbed SteelApp (Stingray) Traﬃc Manager < 9.7 Multiple XSS CVE-2014-5264 CVE-2014-5348 15 Sep 2014 4.3 (v2) Medium Pass Usermin 'miniserv.pl' Arbitrary File Disclosure CVE-2006-3392 16 Sep 2014 5 (v2) Medium Pass Elasticsearch Groovy Script RCE CVE-2015-1427 13 Mar 2015 7.5 (v2) High Pass PHP 5.6.0 Multiple Vulnerabilities CVE-2013-6712 CVE-2013-7226 CVE-2013-7327 CVE-2013-7345 CVE-2014-0185 CVE-2014-0207 CVE-2014-0236 CVE-2014-0237 CVE-2014-0238 CVE-2014-1943 CVE-2014-2270 CVE-2014-2497 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-3981 CVE-2014-4049 CVE-2014-4670 CVE-2014-4698 CVE-2014-4721 CVE-2014-512017 Oct 2014 7.3 (v3) High Pass Novell GroupWise WebAccess User.interface XSS CVE-2012-0410 19 Jul 2012 5 (v2) Medium Pass ArGoSoft Mail Server Pro <= 1.8.7.6 Multiple Vulnerabilities (XSS, Traversal, Priv Esc) CVE-2005-1282 CVE-2005-1283 CVE-2005-1284 26 Apr 2005 5 (v2) Medium Pass Nagios XI < 2011R1.9 login.php XSS 06 Aug 2012 4.3 (v2) Medium Pass RabidHamster R4 left_console.html cmd Parameter loadﬁle() Function Traversal Arbitrary File Access 09 Aug 2012 4.3 (v2) Medium Pass McAfee Agent 4.6.x < 4.8.0.1938 / 5.0.x < 5.0.1 Log View Clickjacking (SB10094) CVE-2015-2053 02 Jun 2015 4.7 (v3) Medium Pass West Wind Web Connection Unprotected Conﬁguration Editor Application 19 Sep 2012 10 (v2) Critical Pass Splunk 4.3.x < 4.3.6 Unspeciﬁed XSS CVE-2013-2766 19 Apr 2013 4.3 (v2) Medium Pass NetIQ Privileged User Manager Password Change Authentication Bypass (intrusive check) CVE-2012-5930 21 Nov 2012 6.4 (v2) Medium Pass IceWarp Webmail raw.php Information Disclosure 19 Dec 2012 5 (v2) Medium Pass Advanced Custom Fields Plugin for WordPress 'acf_abspath' Parameter Remote File Inclusion 21 Dec 2012 7.5 (v2) High Pass Trend Micro Threat Intelligence Manager sampleReporting.php 'fakename' Parameter File Disclosure CVE-2014-2204 22 Jul 2015 7.8 (v2) High Pass WebYaST Host Modiﬁcation MiTM CVE-2012-0435 25 Jan 2013 5.8 (v2) Medium Pass HP Diagnostics Server Default Credentials 05 Feb 2013 7.5 (v2) High Pass EMC Data Protection Advisor Web UI Directory Traversal CVE-2012-4616 20 Feb 2013 5 (v2) Medium Pass WP Symposium Plugin for WordPress 'symposium_groups_functions.php' 'gid' Parameter SQL Injection 26 Feb 2013 7.5 (v2) High Pass cPanel <= 9.1.0 Multiple Vulnerabilities CVE-2004-1769 CVE-2004-1770 CVE-2004-2308 14 Mar 2004 10 (v2) Critical Pass Adobe InDesign Server RunScript Arbitrary Command Execution 08 Mar 2013 7.5 (v2) High Pass Mambo Open Source Multiple Vulnerabilities CVE-2006-0871 CVE-2006-1794 27 Mar 2006 5.1 (v2) Medium Pass Git Repository Served by Web Server 27 Mar 2013 5 (v2) Medium Pass Apache Solr < 4.3.1 XML External Entity Injection CVE-2013-6408 07 Jan 2014 6.4 (v2) Medium Pass WordPress check_ajax_referer() Function SQL Injection CVE-2007-2821 23 May 2007 7.5 (v2) High Pass TalentSoft Web+ webplus CGI Traversal Arbitrary File Access CVE-2000-0282 12 Apr 2000 5 (v2) Medium Pass Sybase EAServer 6.x < 6.3.1 ESD#3 Multiple Code Execution Vulnerabilities 03 Jul 2013 10 (v2) Critical Pass OpenSSL 1.0.2 < 1.0.2ze Vulnerability CVE-2022-1292 04 May 2022 9.8 (v3) Critical Pass OSSIM tele_compress.php Directory Traversal CVE-2013-6056 18 Jun 2014 7.8 (v2) High Pass Splunk < 5.0.4 X-FRAME-OPTIONS Clickjacking Vulnerability 09 Aug 2013 5.8 (v2) Medium Pass HP LaserJet Pro /dev/save_restore.xml Administrative Password Disclosure CVE-2013-4807 09 Aug 2013 7.8 (v2) High Pass Blue Coat ICAP Patience Page XSS CVE-2008-4485 22 Aug 2013 4.3 (v2) Medium Pass FreeNAS 'exec_raw.php' Arbitrary Command Execution 08 Nov 2010 10 (v2) Critical Pass eclime index.php ref Parameter SQL Injection CVE-2010-4851 13 Dec 2010 7.5 (v2) High Pass SEO Tools Plugin for WordPress 'ﬁle' Parameter Arbitrary File Access 17 Nov 2010 5 (v2) Medium Pass Server Message Block (SMB) Protocol Version Detection 04 May 2022 None Pass Pandora FMS Console Default Credentials 06 Dec 2010 7.5 (v2) High Pass CGI Generic XSS (persistent, 2nd pass) 14 Jan 2011 4.3 (v2) Medium Pass Netscape PSCOErrPage.htm errPagePath Parameter Traversal Arbitrary File Access CVE-2000-1196 12 Apr 2000 5 (v2) Medium Pass HP OpenView Network Node Manager Remote Execution of Arbitrary Code (HPSBMA02621 SSRT100352)CVE-2010-2703 CVE-2011-0261 CVE-2011-0262 CVE-2011-0263 CVE-2011-0264 CVE-2011-0265 CVE-2011-0266 CVE-2011-0267 CVE-2011-0268 CVE-2011-0269 CVE-2011-0270 CVE-2011-027121 Jan 2011 10 (v2) Critical Pass ManageEngine Desktop Central statusUpdate Arbitrary File Upload RCE (intrusive check) CVE-2014-5005 25 Mar 2015 7.5 (v2) High Pass WoltLab Burning Board search.php Multiple Parameter SQL Injection CVE-2007-0388 18 Jan 2007 7.5 (v2) High Pass Miva htmlscript Traversal Arbitrary File Access CVE-1999-0264 22 Jun 1999 7.8 (v2) High Pass MDaemon WorldClient < 12.0.3 Summary Page Email Subject XSS 20 May 2011 4.3 (v2) Medium Pass Veri-NAC Appliance unauthenticated URL Directory Traversal 09 Jun 2011 5.3 (v3) Medium Pass Symantec Web Gateway forget.php Blind SQL Injection (SYM11-008) CVE-2011-0549 20 Jul 2011 7.5 (v2) High Pass IceWarp Multiple Script Remote File Inclusion CVE-2006-0817 CVE-2006-0818 20 Jul 2006 5 (v2) Medium Pass Trend Micro OﬃceScan Server CGI Modules Multiple Vulnerabilities CVE-2007-3454 CVE-2007-3455 29 Jun 2007 10 (v2) Critical Pass SAP DB / MaxDB Web Server DBM_INTERN_TEST Event Buﬀer Overﬂow CVE-2007-3614 10 Jul 2007 7.5 (v2) High Pass op5 Portal Arbitrary Command Execution CVE-2012-0261 17 Jan 2012 10 (v2) Critical Pass RunCMS xoopsOption Parameter Local File Inclusion 26 Nov 2007 5.1 (v2) Medium Pass ManageEngine DeviceExpert Default Administrator Credentials 22 Mar 2012 7.5 (v2) High 31

Pass PBLang 4.65 Multiple Vulnerabilities CVE-2005-2892 CVE-2005-2893 CVE-2005-2894 CVE-2005-2895 08 Sep 2005 7.5 (v2) High Pass CiscoWorks Common Services HTTP Response Splitting CVE-2011-4237 01 May 2012 4.3 (v2) Medium Pass MS15-087: Vulnerability in UDDI Services Could Allow Elevation of Privilege (3082459) (uncredentialed check)CVE-2015-2475 13 Aug 2015 4.3 (v2) Medium Pass Symantec Message Filter Management Interface Default Credentials 03 Jul 2012 7.5 (v2) High Pass Symantec Web Gateway Multiple Script Shell Command Execution (SYM12-011) CVE-2012-2957 CVE-2012-2976 06 Aug 2012 10 (v2) Critical Pass osCommerce ﬁle_manager.php Arbitrary PHP Code Injection (intrusive check) 03 Nov 2009 8.8 (v3) High Pass Sun Secure Global Desktop / Tarantella < 4.20.983 Multiple XSS CVE-2006-4958 CVE-2006-4959 03 Oct 2006 6.8 (v2) Medium Pass McAfee WebShield UI ProcessTextFile bodyStyle Parameter XSS (SB10020) CVE-2012-4580 03 Apr 2012 4.3 (v2) Medium Pass op5 Monitor < 6.1.0 Information Disclosure and Security Bypass Vulnerabilities 27 Jun 2013 5 (v2) Medium Pass CGI Generic Local File Inclusion (2nd pass) 19 Nov 2009 6.8 (v2) Medium Pass GitLab < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Multiple Vulnerabilities CVE-2022-1124 CVE-2022-1428 06 May 2022 4.3 (v3) Medium Pass MS10-072: Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048) (remote check) CVE-2010-3243 CVE-2010-3324 18 Oct 2010 4.3 (v2) Medium Pass SAP BusinessObjects viewError.jsp 'error' Parameter XSS 01 Feb 2010 4.3 (v2) Medium Pass VMware Host Agent Directory Traversal (VMSA-2009-0015) CVE-2009-3733 17 Feb 2010 5 (v2) Medium Pass GroundWork Monitor Enterprise Foundation Webapp Admin Arbitrary File Access CVE-2013-3500 28 Jun 2013 7.5 (v2) High Pass NetIQ Access Manager 4.0 < 4.0 SP1 Hotﬁx 3 Multiple Vulnerabilities CVE-2014-5214 CVE-2014-5215 CVE-2014-5216 CVE-2014-5217 18 Feb 2015 6.8 (v2) Medium Pass AjaXplorer checkInstall.php Arbitrary Command Injection 12 Apr 2010 7.5 (v2) High Pass CuteNews Multiple Script Traversal Privilege Escalation CVE-2005-3507 04 Nov 2005 7.5 (v2) High Pass Contact Form 7 Plugin for WordPress CAPTCHA Validation Bypass CVE-2014-2265 20 Jun 2014 5 (v2) Medium Pass NolaPro Default Credentials 24 May 2010 7.5 (v2) High Pass TaskFreak! logout.php tznMessage Parameter XSS CVE-2010-1520 30 Jun 2010 4.3 (v2) Medium Pass Microsoft IIS / Site Server showcode.asp source Parameter Traversal Arbitrary File Access CVE-1999-0736 08 Jul 1999 7.8 (v2) High Pass Simple:Press Plugin for WordPress 'value' parameter SQL Injection 08 Jul 2010 7.5 (v2) High Pass Splunk Default Administrator Credentials (Splunk Web) 01 Sep 2010 7.5 (v2) High Pass phpMyAdmin error.php BBcode Tag XSS (PMASA-2010-9) CVE-2010-4480 06 Jan 2011 4.3 (v2) Medium Pass FireStats window-add-excluded-ip.php 'edit' parameter XSS 16 Jul 2010 4.3 (v2) Medium Pass WordPress AdServe 'adclick.php' 'id' Parameter SQL Injection CVE-2008-0507 30 Jan 2008 7.5 (v2) High Pass ManageEngine OpManager Multiple Directory Traversal Vulnerabilities CVE-2014-6034 CVE-2014-6035 CVE-2014-6036 16 Feb 2015 7.5 (v2) High Pass Centreon GetXMLTrapsForVendor.php 'mnftr_id' Parameter SQLi CVE-2014-3828 23 Dec 2014 10 (v2) Critical Pass Apache Hadoop Jetty XSS CVE-2009-1524 24 Aug 2011 4.3 (v2) Medium Pass Splunk Enterprise 6.2.x < 6.2.2 Multiple Vulnerabilities (FREAK) CVE-2014-3572 CVE-2015-0204 13 Mar 2015 5 (v2) Medium Pass ISS ICEcap Default Password CVE-2000-0350 18 May 2000 5 (v2) Medium Pass Symantec Backup Exec System Recovery Manager Traversal Arbitrary File Access CVE-2008-2512 29 May 2008 5 (v2) Medium Pass Apache Tomcat 10.1.0.M1 < 10.1.0.M15 vulnerability CVE-2022-29885 10 May 2022 7.5 (v3) High Pass Basilix Webmail .class / .inc Direct Request Remote Information Disclosure CVE-2001-1044 25 Jan 2001 5 (v2) Medium Pass w-Agora 4.1.6a Multiple Input Validation Vulnerabilities CVE-2004-1562 CVE-2004-1563 CVE-2004-1564 CVE-2004-1565 01 Oct 2004 7.5 (v2) High Pass DokuWiki conﬁg_cascade Parameter Remote File Inclusion CVE-2009-1960 27 May 2009 6.8 (v2) Medium Pass Alt-N WebAdmin Multiple Remote Vulnerabilities (XSS, Bypass Access) CVE-2005-0317 CVE-2005-0318 CVE-2005-0319 28 Jan 2005 6 (v2) Medium Pass Puppet Enterprise 3.x < 3.1.1 Multiple Vulnerabilities CVE-2013-4164 CVE-2013-4363 CVE-2013-4491 CVE-2013-4969 CVE-2013-6414 CVE-2013-6415 CVE-2013-6417 21 Mar 2014 6.8 (v2) Medium Pass Jetty CookieDump.java Sample Application Persistent XSS CVE-2009-3579 13 Nov 2009 4.3 (v2) Medium Pass Symantec Messaging Gateway 9.5.x Multiple Vulnerabilities (SYM12-013) CVE-2012-0307 CVE-2012-0308 CVE-2012-3579 CVE-2012-3580 CVE-2012-3581 CVE-2012-4347 07 Sep 2012 7.9 (v2) High Pass Sambar Server /session/sendmail Arbitrary Mail Relay 25 May 2000 5 (v2) Medium Pass Mini SQL CGI content-length Field Remote Overﬂow CVE-2000-0012 03 Jan 2000 10 (v2) Critical Pass Sojourn Search Engine sojourn.cgi cat Parameter Traversal Arbitrary File Access CVE-2000-0180 17 Mar 2000 5 (v2) Medium Pass Sawmill Weak Password Encryption Scheme Information Disclosure CVE-2000-0589 27 Jun 2000 7.5 (v2) High Pass WebsitePro Remote Request Overﬂow CVE-2000-0623 22 Jul 2000 7.5 (v2) High Pass Anaconda Foundation Directory apexec.pl template Parameter Traversal Arbitrary File Retrieval CVE-2000-0975 14 Oct 2000 5 (v2) Medium Pass Verity UltraSeek 3.1.x Malformed URL Remote DoS CVE-2000-1019 01 Nov 2000 5 (v2) Medium Pass Master Index search.cgi Traversal Arbitrary File/Directory Access CVE-2000-0924 28 Nov 2000 5 (v2) Medium Pass SiteScope Web Service Unpassworded Access CVE-1999-0508 28 Sep 2001 10 (v2) Critical Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.23 / 9.0.x < 9.0.16 / 9.1.x < 9.1.13 / 10.0.x < 10.0.10 / 10.1.x < 10.1.5 VCVE-2022-0024ulnerability 11 May 2022 7.2 (v3) High Pass csSearch csSearch.cgi setup Parameter Arbitrary Command Execution CVE-2002-0495 27 Mar 2002 7.5 (v2) High Pass Tivoli Provisioning Manager Express for Software Distribution Multiple SQL Injections CVE-2012-0199 29 Mar 2012 7.5 (v2) High Pass PHP 5.2 < 5.2.15 Multiple Vulnerabilities CVE-2010-3436 CVE-2010-3709 CVE-2010-4150 CVE-2010-4697 CVE-2010-4698 CVE-2011-0752 13 Dec 2010 6.8 (v2) Medium Pass PHP < 4.2.x mail Function CRLF Injection CVE-2002-0986 22 Jul 2002 7.5 (v2) High Pass Symantec Web Gateway < 5.0.3 Multiple Vulnerabilities (SYM12-006) (version check) CVE-2012-0296 CVE-2012-0297 CVE-2012-0298 CVE-2012-0299 21 May 2012 10 (v2) Critical Pass MondoSearch MsmMask.exe Arbitrary Script Source Disclosure CVE-2002-1528 25 Nov 2002 5 (v2) Medium Pass Oracle Database Secure Enterprise Search search/query/search search_p_groups Parameter XSS CVE-2009-1968 11 Aug 2009 4.3 (v2) Medium Pass N/X Web Content Management Multiple Script Remote File Inclusion CVE-2003-1251 17 Feb 2003 8.3 (v3) High Pass cPanel guestbook.cgi template Parameter Arbitrary Command Execution CVE-2003-1425 28 Feb 2003 7.5 (v2) High Pass GTcatalog index.php custom Parameter Remote File Inclusion 04 Mar 2003 10 (v3) Critical Pass WebWho+ whois.pl time Parameter Arbitrary Command Execution CVE-2000-0010 09 Mar 2003 7.5 (v2) High Pass Wordit Logbook logbook.pl ﬁle Parameter Arbitrary File Access 12 Mar 2003 5 (v2) Medium Pass Cross-Referencing Linux (lxr) CGI v Parameter Traversal Arbitrary File Access CVE-2003-0156 12 Mar 2003 5 (v2) Medium Pass VPOPMail for SquirrelMail vpopmail.php Arbitrary Command Execution 15 Mar 2003 7.5 (v2) High Pass Instaboard index.cfm Multiple Parameter SQL Injection 14 Apr 2003 7.5 (v2) High Pass OpenBB index.php CID Parameter SQL Injection 26 Apr 2003 7.5 (v2) High Pass StockMan Shopping Cart shop.plx page Parameter Arbitrary Command Execution 05 May 2003 7.5 (v2) High Pass webERP Conﬁguration File Remote Access CVE-2003-1383 20 May 2003 7.5 (v2) High Pass D-Link 704p Web Interface syslog.htm Malformed Query Remote DoS 27 May 2003 7.8 (v2) High Pass ImageFolio Default Password 05 Jun 2003 7.5 (v2) High Pass NetWin CWmail.exe Item Parameter Remote Overﬂow CVE-2002-0273 11 Jun 2003 4.6 (v2) Medium Pass ION ion-p.exe page Parameter Traversal Arbitrary File Retrieval CVE-2002-1559 11 Jun 2003 5 (v2) Medium Pass AspUpload Test11.asp Arbitrary File Upload CVE-2001-0938 17 Jun 2003 7.5 (v2) High Pass iXmail Multiple Script Arbitrary File Manipulation 27 Jun 2003 6.5 (v2) Medium Pass paFileDB <= 3.1 Multiple Vulnerabilities (1) CVE-2004-1219 CVE-2004-1551 CVE-2004-1975 CVE-2005-0326 CVE-2005-0327 CVE-2005-0723 CVE-2005-0724 CVE-2005-0781 CVE-2005-078224 Jul 2003 7.5 (v2) High Pass AtomicBoard Multiple Remote Vulnerabilities (Traversal, Path Disc) 21 Jul 2003 5 (v2) Medium Pass ATutor Password Reminder SQL Injection CVE-2005-2954 20 Sep 2005 7.5 (v2) High Pass QuikStore Shopping Cart quikstore.cgi template Parameter Traversal Arbitrary File Access 01 Jan 2004 5 (v2) Medium Pass PHPix index.phtml Multiple Parameter Arbitrary Command Execution 20 Jan 2004 7.5 (v2) High Pass Aztek Forum Multiple Script XSS CVE-2004-2725 22 Nov 2004 4.3 (v2) Medium Pass Java (.java / .class) Source Code Disclosure 20 May 2004 5 (v2) Medium Pass osTicket setup.php Accessibility 14 Jul 2004 6.4 (v2) Medium Pass MyServer 0.6.2 math_sum.mscgi Multiple Vulnerabilities 02 Aug 2004 7.5 (v2) High Pass Simple Form Multiple Parameter Arbitrary Mail Relaying 17 Aug 2004 5 (v2) Medium Pass CVSTrac ﬁlediﬀ Arbitrary Remote Code Execution CVE-2004-1456 09 Aug 2004 7.5 (v2) High Pass WackoWiki TextSearch phrase Parameter XSS CVE-2004-2624 09 Aug 2004 4.3 (v2) Medium Pass CVSTrac CVSROOT/passwd Arbitrary Account Deletion 17 Aug 2004 6.4 (v2) Medium Pass CVSTrac history.c history_update Function Overﬂow 17 Aug 2004 7.5 (v2) High Pass Basilix Webmail tmp Directory Permission Weakness Attachment Disclosure CVE-2002-1711 09 Aug 2004 2.1 (v2) Low Pass Cerberus Helpdesk GUI Agent < 2.7.1 Multiple Remote Vulnerabilities (SQLi, XSS) CVE-2005-4427 CVE-2005-4428 29 Dec 2005 7.5 (v2) High Pass Apache Tomcat 8.5.0 < 8.5.76 vulnerability CVE-2022-25762 13 May 2022 8.6 (v3) High Pass ColdFusion / JRun on IIS Double Encoded NULL Byte Request File Content Disclosure CVE-2006-5858 08 Feb 2007 5.3 (v3) Medium Pass IlohaMail Unspeciﬁed Database Password Disclosure Weakness 02 Sep 2004 5 (v2) Medium Pass Help Center Live Multiple Vulnerabilities (SQLi, XSS, CSRF) CVE-2005-1672 CVE-2005-1673 CVE-2005-1674 18 May 2005 6.8 (v2) Medium Pass Sawmill < 7.1.6 Multiple Vulnerabilities CVE-2005-1900 CVE-2005-1901 17 Jun 2005 6.5 (v2) Medium Pass Interchange < 5.0.2 / 5.2.1 Multiple Vulnerabilities (SQLi, Code Exe) CVE-2005-3072 CVE-2005-3073 26 Sep 2005 7.5 (v2) High Pass IceWarp Web Mail Multiple Flaws (1) CVE-2004-1669 CVE-2004-1670 CVE-2004-1671 CVE-2004-1672 CVE-2004-1673 CVE-2004-1674 13 Oct 2004 7.5 (v2) High Pass UBB.threads dosearch.php SQL injection CVE-2004-1622 25 Oct 2004 7.5 (v2) High Pass ELOG < 2.6.1 Multiple Remote Vulnerabilities (Traversal, FS) CVE-2006-0347 CVE-2006-0348 20 Jan 2006 5 (v2) Medium Pass KorWeblog < 1.6.2 Multiple Vulnerabilities CVE-2004-1426 CVE-2004-1427 CVE-2004-1543 24 Nov 2004 4.4 (v2) Medium Pass PunBB IMG Tag Client Side Scripting XSS 13 Dec 2004 4.3 (v2) Medium Pass PunBB URL Quote Tag XSS 13 Dec 2004 4.3 (v2) Medium Pass Symantec Messaging Gateway 10.x < 10.5.2 Management Console XSS (SYM14-006) CVE-2014-1648 24 Apr 2014 4.3 (v2) Medium Pass ManageEngine Password Manager Pro REST API Restriction Bypass (CVE-2022-29081) CVE-2022-29081 13 May 2022 9.8 (v3) Critical Pass PHPWind Board faq.php skin Parameter Remote File Inclusion 10 Jan 2005 7.5 (v2) High Pass Cisco Firepower Management Center < 6.6.1 sftunnel MitM (cisco-sa-ftdfmc-sft-mitm-tc8AzFs2) CVE-2020-3549 13 May 2022 8.1 (v3) High Pass Minis minis.php month Parameter Traversal Arbitrary File Access CVE-2005-0293 17 Jan 2005 5 (v2) Medium Pass Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.10 / 2.332.2.6 Multiple Vulnerabilities (CloudBees Security Advisory 2022-04-12)CVE-2022-29036 CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 CVE-2022-29047 CVE-2022-29048 CVE-2022-29049 CVE-2022-29050 CVE-2022-29051 CVE-2022-2905216 May 2022 8.8 (v3) High Pass McAfee Common Management Agent < 3.6.0.546 Multiple Vulnerabilities CVE-2006-5271 CVE-2006-5272 CVE-2006-5273 CVE-2006-5274 10 Jul 2007 8.1 (v3) High Pass PunBB include/common.php language Parameter Local File Inclusion CVE-2006-5735 03 Nov 2006 7.3 (v3) High Pass BizMail bizmail.cgi Arbitrary Mail Relay CVE-2005-0493 22 Feb 2005 5 (v2) Medium 32

Pass paNews comment.php showpost Parameter XSS CVE-2005-0485 16 Feb 2005 4.3 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA69494) CVE-2022-22186 16 May 2022 6.5 (v3) Medium Pass UBB.threads editpost.php Number Parameter SQL Injection CVE-2005-0726 12 Mar 2005 7.5 (v2) High Pass Zeroboard < 4.1pl6 Multiple XSS CVE-2005-0495 23 Feb 2005 4.3 (v2) Medium Pass ASP PortalApp Multiple SQL Injection CVE-2005-0948 CVE-2005-0949 30 Mar 2005 7.5 (v2) High Pass MaxWebPortal <= 1.33 Multiple Vulnerabilities CVE-2005-1016 CVE-2005-1017 CVE-2005-1417 02 Apr 2005 7.5 (v2) High Pass Matt Wright FormHandler.cgi Arbitrary File Access CVE-1999-1050 13 Dec 1999 5.3 (v3) Medium Pass Microsoft IIS idq.dll Traversal Arbitrary File Access CVE-2000-0126 08 Feb 2000 5 (v2) Medium Pass Juniper Junos OS FPC Crash (JSA11229) CVE-2021-31367 18 May 2022 6.5 (v3) Medium Pass XAMPP < 1.4.14 Multiple Vulnerabilities CVE-2005-1077 CVE-2005-1078 CVE-2005-2043 13 Apr 2005 5.1 (v2) Medium Pass Lyris ListManager Multiple XSS 25 Sep 2009 4.3 (v2) Medium Pass PHP < 4.3.11 / 5.0.3 Multiple Unspeciﬁed Vulnerabilities 13 Apr 2005 7.5 (v2) High Pass RSA Security RSA Authentication Agent For Web For IIS XSS CVE-2005-1118 09 May 2005 4.3 (v2) Medium Pass NETFile FTP/Web Server Directory Traversal Arbitrary File Access 14 May 2005 6 (v2) Medium Pass OpenBB < 1.0.9 Multiple Vulnerabilities CVE-2005-1612 CVE-2005-1613 14 May 2005 7.5 (v2) High Pass GitLab 8.12 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure CVE-2022-1406 18 May 2022 6.5 (v3) Medium Pass mvnForum Search Parameter XSS CVE-2005-1183 23 May 2005 4.3 (v2) Medium Pass Episodex Guestbook Multiple Vulnerabilities (Auth Bypass, XSS) CVE-2005-1684 CVE-2005-1685 24 May 2005 7.5 (v2) High Pass Listserv < 14.3-2005a Multiple Vulnerabilities CVE-2005-1773 27 May 2005 7.5 (v2) High Pass Exhibit Engine list.php Multiple Parameter SQL Injection CVE-2005-1875 06 Jun 2005 7.5 (v2) High Pass ProductCart Multiple Scripts SQL Injection CVE-2005-1967 CVE-2005-2445 08 Jun 2005 7.5 (v2) High Pass Jinzora Multiple Script include_path Parameter Remote File Inclusion (2) CVE-2005-2249 08 Jul 2005 6.8 (v2) Medium Pass JBoss org.jboss.web.WebServer Class Multiple Vulnerabilities (Source Disc, ID) CVE-2005-2006 CVE-2006-0656 18 Jun 2005 5 (v2) Medium Pass i-Gallery <= 3.3 Multiple Vulnerabilities CVE-2005-2033 CVE-2005-2034 21 Jun 2005 5 (v2) Medium Pass webadmin.php show Parameter Arbitrary File Access 29 Jun 2005 7.8 (v2) High Pass WebCalendar assistant_edit.php Unauthorized Access CVE-2005-2320 28 Jun 2005 7.5 (v2) High Pass Juniper Junos OS Evolved DoS (JSA69516) CVE-2022-22183 18 May 2022 7.5 (v3) High Pass Mailreader 2.3.30 - 2.3.31 Multiple Vulnerabilities CVE-2002-1581 CVE-2002-1582 26 Jun 2003 5 (v2) Medium Pass Atomic Photo Album apa_phpinclude.inc.php apa_module_basedir Parameter Remote File Inclusion CVE-2005-2413 25 Jul 2005 7.5 (v2) High Pass Checkbox Survey 6.12 <= 6.18 RCE CVE-2021-27852 18 May 2022 9.8 (v3) Critical Pass Advanced Guestbook User-Agent Header HTML Injection 27 Jul 2005 4.3 (v2) Medium Pass VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0014) CVE-2022-22972 CVE-2022-22973 18 May 2022 9.8 (v3) Critical Pass SysCP < 1.2.11 Multiple Script Command Execution Vulnerabilities CVE-2005-2568 CVE-2005-2567 10 Aug 2005 7.5 (v2) High Pass PHP Surveyor Multiple Vulnerabilities CVE-2005-2380 CVE-2005-2381 CVE-2005-2398 CVE-2005-2399 24 Aug 2005 7.5 (v2) High Pass PHP 5.6.x < 5.6.4 'process_nested_data' RCE CVE-2014-8142 02 Jan 2015 7.5 (v2) High Pass phpLDAPadmin Anonymous Bind Security Bypass Vulnerability CVE-2005-2654 31 Aug 2005 4.3 (v2) Medium Pass PBLang < 4.66z Multiple Vulnerabilities 08 Sep 2005 7.5 (v2) High Pass Microsoft IIS Translate f: ASP/ASA Source Disclosure (IIS 5.1) CVE-2000-0778 08 Sep 2005 5 (v2) Medium Pass Sendcard sendcard.php id Parameter SQL Injection CVE-2005-2404 19 Sep 2005 7.5 (v2) High Pass Truegalerie admin.php loggedin Parameter Admin Authentication Bypass CVE-2003-1488 06 May 2003 6.8 (v2) Medium Pass Cisco IOS Software Web Services DoS (cisco-sa-http-dos-svOdkdBS) CVE-2022-20697 19 May 2022 8.6 (v3) High Pass Winmail Server <= 4.2 Build 0824 Multiple Vulnerabilities CVE-2005-3692 CVE-2005-3811 20 Nov 2005 5 (v2) Medium Pass IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.5 Identity Spooﬁng (6586734) CVE-2022-22475 19 May 2022 6.5 (v3) Medium Pass Apple iTunes < 12.12.4 Multiple Vulnerabilities (uncredentialed check) CVE-2022-26711 CVE-2022-26717 CVE-2022-26751 CVE-2022-26773 CVE-2022-26774 19 May 2022 9.8 (v3) Critical Pass Open WebMail vacation.pl Arbitrary Command Execution CVE-2004-2284 06 Jul 2004 7.5 (v2) High Pass AppServ appserv/main.php appserv_root Parameter Remote File Inclusion CVE-2006-0125 10 Jan 2006 5 (v2) Medium Pass Listserv < 14.5 Multiple Buﬀer Overﬂows CVE-2006-1044 06 Mar 2006 7.5 (v2) High Pass NeoMail Session ID Weakness neomail-prefs.pl Arbitrary Mail-folder Manipulation CVE-2006-0711 16 Feb 2006 5 (v2) Medium Pass ArGoSoft Mail Server Pro Webmail viewheaders Multiple Field XSS CVE-2006-0978 28 Feb 2006 4.3 (v2) Medium Pass CuteNews inc/function.php archive Parameter Arbitrary File Access CVE-2006-1339 22 Mar 2006 5 (v2) Medium Pass Citrix NetScaler Unspeciﬁed Remote Code Execution (CTX200206) CVE-2014-7140 06 Nov 2014 7.5 (v2) High Pass Winmail Server Webmail Unspeciﬁed Vulnerability CVE-2006-1250 14 Apr 2006 10 (v2) Critical Pass Simple PHP Blog install05.php blog_language Parameter Local File Inclusion CVE-2006-1243 15 Mar 2006 7.5 (v2) High Pass IBM Rational License Key Server Administration and Reporting Tool 8.1.4.x < 8.1.4.4 Multiple VulnerabilitiesCVE-2014-0909 CVE-2014-3079 CVE-2014-4756 16 Sep 2014 5 (v2) Medium Pass Symantec AntiVirus Scan Engine Web Interface Multiple Remote Vulnerabilities CVE-2006-0230 CVE-2006-0231 CVE-2006-0232 24 Apr 2006 10 (v2) Critical Pass Ruby on Rails Routing Code URL Code Evaluation DoS CVE-2006-4112 14 Aug 2006 7.5 (v2) High Pass WEBalbum skin2 Cookie Parameter Traversal Local File Inclusion CVE-2006-1480 03 May 2006 5.1 (v2) Medium Pass phpMyAgenda rootagenda Parameter File Include Vulnerability CVE-2006-2009 03 May 2006 7.5 (v2) High Pass SugarCRM <= 4.2.0a Multiple Script sugarEntry Parameter Remote File Inclusion CVE-2006-2460 16 May 2006 6.4 (v2) Medium Pass ManageEngine PAM360 REST API Restriction Bypass (CVE-2022-29081) CVE-2022-29081 23 May 2022 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.8 / 2.303.x < 2.303.30.0.7 / 2.332.1.5 Multiple VCVE-2022-27195 CVE-2022-27196 CVE-2022-27197 CVE-2022-27198 CVE-2022-27199 CVE-2022-27200 CVE-2022-27201 CVE-2022-27202 CVE-2022-27203 CVE-2022-27204 CVE-2022-27205 CVE-2022-27206 CVE-2022-27207 CVE-2022-27208 CVE-2022-27209 CVE-2022-27210 CVE-2022-27211 CVE-2022-27212 CVE-2022-27213 CVE-2022-27214 CVE-2022-27215 CVE-2022-27216 CVE-2022-27217 CVE-2022-27218ulnerabilities (CloudBees Security Advisory 2022-03-15) 23 May 2022 8.8 (v3) High Pass BDPDT for DotNetNuke (.net nuke) uploadﬁlepopup.aspx File Upload Privilege Escalation CVE-2006-3601 23 Jun 2006 10 (v2) Critical Pass Synology DiskStation Manager uistrings.cgi lang Parameter Directory Traversal 05 Feb 2014 5 (v2) Medium Pass Easy Address Book Web Server Query Remote Format String CVE-2006-4654 05 Sep 2006 5.1 (v2) Medium Pass Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3567 CVE-2014-5466 04 Dec 2014 4.3 (v2) Medium Pass Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.13 / 2.332.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-05-17)CVE-2022-30945 CVE-2022-30946 CVE-2022-30947 CVE-2022-30948 CVE-2022-30949 CVE-2022-30950 CVE-2022-30951 CVE-2022-30952 CVE-2022-30953 CVE-2022-30954 CVE-2022-30955 CVE-2022-30956 CVE-2022-30957 CVE-2022-30958 CVE-2022-30959 CVE-2022-30960 CVE-2022-30961 CVE-2022-30962 CVE-2022-30963 CVE-2022-30964 CVE-2022-30965 CVE-2022-30966 CVE-2022-30967 CVE-2022-30968 CVE-2022-30969 CVE-2022-30970 CVE-2022-30971 CVE-2022-3097224 May 2022 10 (v3) Critical Pass Apache 2.4.x < 2.4.52 mod_lua Buﬀer Overﬂow CVE-2021-44790 24 May 2022 9.8 (v3) Critical Pass SWAT Unauthenticated Access (Demo Mode) 05 Oct 2007 7.5 (v2) High Pass CuteNews 1.4.5 Multiple Script XSS 07 Dec 2006 4.3 (v2) Medium Pass ColdFusion MX Null Byte Tag XSS Protection Bypass CVE-2006-6483 06 Feb 2007 4.3 (v2) Medium Pass Openﬁre Admin Console Remote Privilege Escalation CVE-2007-2975 29 May 2007 7.5 (v2) High Pass Kaspersky Anti-Spam Control Center Web Conﬁg aslic_status.cgi Directory Listing CVE-2007-3502 29 Jun 2007 7.5 (v2) High Pass Adobe Connect Enterprise Server Information Disclosure CVE-2007-4651 12 Sep 2007 5 (v2) Medium Pass Apache Tomcat Sample App cal2.jsp 'time' Parameter XSS (CVE-2006-7196) CVE-2006-7196 24 Sep 2007 5.3 (v3) Medium Pass Calendar Express Multiple Vulnerabilities (SQLi, XSS) CVE-2007-3627 19 Sep 2005 7.5 (v2) High Pass HP OpenView Client Conﬁguration Manager Default Credentials 07 Nov 2007 7.5 (v2) High Pass Web Server Malicious JavaScript Link Detection 08 Jan 2008 10 (v2) Critical Pass phpBB up.php Arbitrary File Upload CVE-2005-1047 11 Apr 2005 7.5 (v2) High Pass McAfee Web Gateway < 7.1.0.5 / 7.1.5.2 XSS 18 Jun 2014 4.3 (v2) Medium Pass Monkey HTTP Daemon (monkeyd) < 0.9.1 Multiple Vulnerabilities CVE-2005-1122 CVE-2005-1123 15 Apr 2005 7.5 (v2) High Pass Blue Coat ProxyAV 3.5.1.1 - 3.5.1.6 Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 16 May 2014 7.5 (v3) High Pass Western Digital ShareSpace WEB GUI Information Disclosure 18 Jul 2012 5 (v2) Medium Pass SquidClamav clwarn.cgi url Parameter XSS CVE-2012-4667 10 Sep 2012 4.3 (v2) Medium Pass SolarWinds Log and Event Manager < 6.2.0 Multiple Remote Command Execution Vulnerabilities CVE-2015-7839 CVE-2015-7840 19 Oct 2015 7.5 (v2) High Pass Foscam 11.37.2.x < 11.37.2.49 Directory Traversal CVE-2013-2560 24 Mar 2013 7.8 (v2) High Pass Puppet 2.7.x / 3.2.x < 2.7.23 / 3.2.4 and Enterprise 2.8.x / 3.0.x < 2.8.3 / 3.0.1 Multiple Vulnerabilities CVE-2013-4761 CVE-2013-4956 28 Oct 2013 5.1 (v2) Medium Pass IBM WebSphere Portal Dojo Module Arbitrary File Download CVE-2012-4834 29 Nov 2012 5 (v2) Medium Pass Informix SQL Web DataBlade Module Traversal Arbitrary File Access CVE-2001-0924 25 Nov 2001 5 (v2) Medium Pass Dell KACE K1000 < 5.5 Multiple SQL Injection Vulnerabilities CVE-2014-1671 07 Feb 2014 6.5 (v2) Medium Pass Participants Database Plugin for WordPress < 1.5.4.9 'query' Parameter SQL Injection CVE-2014-3961 16 Jun 2014 7.5 (v2) High Pass Adobe ColdFusion HTTP Response Splitting (APSB12-15) CVE-2012-2041 26 Jun 2012 4.3 (v2) Medium Pass HP Smart Update Manager 6.x < 6.4.1 Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-2608 CVE-2014-3470 24 Jul 2014 6.8 (v2) Medium Pass SolarWinds Log and Event Manager < 6.0.1 HyperSQL Remote Code Execution CVE-2014-5504 07 Nov 2014 7.5 (v2) High Pass Cisco IOS XR Software Health Check Open Port (cisco-sa-iosxr-redis-ABJyE5xK) CVE-2022-20821 26 May 2022 6.5 (v3) Medium Pass Moodle Multiple XSS CVE-2014-3548 CVE-2014-3551 30 Sep 2014 4.3 (v2) Medium Pass Oracle GlassFish Server Administration Console GET Request Authentication Bypass CVE-2011-0807 17 Aug 2011 10 (v3) Critical Pass Forums Plugin for WordPress 'url' Parameter Arbitrary File Disclosure CVE-2012-4920 25 Jan 2013 5.3 (v3) Medium Pass Symantec Web Gateway < 5.1.1 Multiple Vulnerabilities (SYM13-008) CVE-2013-1616 CVE-2013-1617 CVE-2013-4670 CVE-2013-4671 CVE-2013-4672 CVE-2013-4673 01 Aug 2013 8.3 (v2) High Pass PHP 5.3.x < 5.3.22 Multiple Vulnerabilities CVE-2013-1635 CVE-2013-1643 04 Mar 2013 7.5 (v2) High Pass Splunk Enterprise 5.0.x < 5.0.10 / 6.1.x < 6.1.4 Multiple Vulnerabilities CVE-2014-3511 CVE-2014-8301 CVE-2014-8302 CVE-2014-8303 04 Dec 2014 4.3 (v2) Medium Pass MySQL Enterprise Monitor 3.0.x < 3.0.11 Multiple Vulnerabilities CVE-2014-0050 CVE-2014-0094 CVE-2014-0112 CVE-2014-0113 CVE-2014-0116 08 May 2015 7.5 (v2) High Pass HP Power Manager < 4.2.10 CVE-2009-2685 CVE-2009-3999 CVE-2009-4000 21 Jan 2010 10 (v2) Critical Pass phpMyAdmin 3.4.x < 3.4.10.1 XSS (PMASA-2012-1) CVE-2012-1190 22 Feb 2012 4.3 (v2) Medium Pass Cisco Expressway Series / TelePresence VCS Multiple Vulnerabilities (cisco-sa-expressway-ﬁlewrite-bsFVwueV)CVE-2022-20806 CVE-2022-20807 CVE-2022-20809 27 May 2022 5.5 (v3) Medium Pass Tenable Nessus 10.x < 10.2.0 Third-Party Vulnerabilities (TNS-2022-11) CVE-2018-25032 CVE-2021-41182 CVE-2021-41183 CVE-2021-41184 CVE-2022-23852 CVE-2022-23990 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-2531527 May 2022 9.8 (v3) Critical Pass Apache Tomcat Implicit Objects XSS CVE-2006-7195 09 Jul 2010 5.3 (v3) Medium Pass SandSurfer < 1.7.1 XSS CVE-2004-2550 04 Mar 2004 4.3 (v2) Medium Pass GIT gitweb git_snapshot / git_object Shell Metacharacter Arbitrary Command Execution CVE-2008-5517 21 Feb 2010 7.5 (v2) High Pass TikiWiki < 1.8.2 Multiple Input Validation Vulnerabilities CVE-2004-1923 CVE-2004-1924 CVE-2004-1925 CVE-2004-1926 CVE-2004-1927 CVE-2004-1928 24 Aug 2004 7.5 (v2) High Pass MyDMS < 1.4.3 Multiple Vulnerabilities CVE-2004-1732 CVE-2004-1733 22 Aug 2004 7.5 (v2) High Pass Apache Tomcat allowLinking UTF-8 Traversal Arbitrary File Access CVE-2008-2938 12 Aug 2008 5.3 (v3) Medium Pass Home Free search.cgi Traversal Arbitrary File Access CVE-2000-0054 09 Jan 2000 5 (v2) Medium 33

Pass PHPix album Parameter Encoded Traversal Arbitrary File/Directory Access CVE-2000-0919 11 Dec 2000 5 (v2) Medium Pass A1Stats Multiple Script Traversal Arbitrary File Access CVE-2001-0561 14 May 2001 5 (v2) Medium Pass DeluxeBB Multiple Scripts SQL Injection CVE-2005-2989 19 Sep 2005 7.5 (v2) High Pass ManageEngine Security Manager Plus 'f' Directory Traversal Arbitrary File Access 10 Dec 2012 5 (v2) Medium Pass Sambar Server Multiple CGI Environment Variable Disclosure CVE-2003-1284 25 Jun 2003 5 (v2) Medium Pass Icecast MP3 Client HTTP GET Request Remote Overﬂow CVE-2002-0177 01 Oct 2004 7.5 (v2) High Pass WHM AutoPilot < 2.5.20 Multiple Remote Vulnerabilities CVE-2004-1420 CVE-2004-1421 CVE-2004-1422 28 Dec 2004 7.3 (v3) High Pass bBlog <= 0.7.4 Multiple Vulnerabilities (SQLi, XSS) CVE-2004-1570 CVE-2004-1865 CVE-2005-1309 CVE-2005-1310 03 May 2005 7.5 (v2) High Pass FUDforum < 2.7.1 Avatar Upload Extension Validation Weakness Arbitrary Code Execution CVE-2005-2781 29 Aug 2005 6.5 (v2) Medium Pass PunBB < 1.2.7 Multiple Vulnerabilities CVE-2005-4665 15 Sep 2005 4.3 (v2) Medium Pass Trend Micro ControlManager < 3.0 SP5 Multiple Vulnerabilities CVE-2005-1929 13 Jan 2006 7.5 (v2) High Pass ViRobot Linux Server ﬁlescan Authentication Bypass CVE-2006-0864 22 Feb 2006 10 (v2) Critical Pass UBB.threads doeditconﬁg Arbitrary Command Injection CVE-2006-5137 30 Sep 2006 8.8 (v3) High Pass Splunk 4.0.x < 4.0.11 / 4.1.x < 4.1.2 Directory Traversal CVE-2010-2502 07 Jul 2010 9 (v2) High Pass Eucalyptus Walrus REST Interface Key Veriﬁcation Authentication Bypass (ESA-03) CVE-2012-3240 21 Aug 2012 7.5 (v2) High Pass PHP 5.x < 5.2 Multiple Vulnerabilities CVE-2006-1015 CVE-2006-1549 CVE-2006-2660 CVE-2006-4486 CVE-2006-4625 CVE-2006-4812 CVE-2006-5465 CVE-2006-5706 CVE-2006-7205 CVE-2007-0448 CVE-2007-1381 CVE-2007-1584 CVE-2007-1888 CVE-2007-2844 CVE-2007-542425 Mar 2008 7.5 (v2) High Pass Discuz! <= 4.0.0 rc4 Arbitrary File Upload CVE-2005-2614 19 Sep 2005 4.6 (v2) Medium Pass Greymatter Comment Name Field Control Panel Log XSS CVE-2005-2816 19 Sep 2005 4.3 (v2) Medium Pass phpGroupWare < 0.9.16 Addressbook Unspeciﬁed Vulnerability 19 Sep 2005 None Pass phpGroupWare Main Screen Message Body XSS CVE-2005-2761 19 Sep 2005 4.3 (v2) Medium Pass Tofu Server Detection 19 Sep 2005 None Pass vBulletin <= 3.0.9 Multiple Vulnerabilities CVE-2005-3019 CVE-2005-3020 CVE-2005-3024 CVE-2005-3025 19 Sep 2005 8.3 (v3) High Pass Lotus Domino Multiple Script Src / BaseTarget XSS CVE-2005-3015 20 Sep 2005 4.3 (v2) Medium Pass PHP Advanced Transfer Manager <= 1.30 Multiple Vulnerabilities 21 Sep 2005 5 (v2) Medium Pass Digital Scribe login.php SQL Injection CVE-2005-2987 21 Sep 2005 7.5 (v2) High Pass phpMyFAQ < 1.5.2 Multiple Vulnerabilities CVE-2005-3049 26 Sep 2005 6.8 (v2) Medium Pass WEBppliance ocw_login_username Parameter XSS CVE-2005-3014 27 Sep 2005 4.3 (v2) Medium Pass IceWarp Web Mail Multiple Flaws (4) CVE-2005-3131 CVE-2005-3132 CVE-2005-3133 30 Sep 2005 9.7 (v2) High Pass GuppY < 4.5.6a Multiple Vulnerabilities CVE-2005-2853 CVE-2005-3156 06 Oct 2005 4.3 (v2) Medium Pass HP iNode Management Center Detection 19 Aug 2011 None Pass phpMyAdmin grab_globals.lib.php subform Parameter Traversal Local File Inclusion CVE-2005-3299 11 Oct 2005 5.1 (v2) Medium Pass phpWebSite index.php Search Module SQL Injection CVE-2005-4792 14 Oct 2005 7.5 (v2) High Pass PunBB search.php old_searches Parameter SQL Injection CVE-2005-3518 17 Oct 2005 4.3 (v2) Medium Pass Splunk Enterprise 8.1.x < 8.1.6 MFA Bypass CVE-2021-26253 31 May 2022 8.1 (v3) High Pass Gallery main.php g2_itemId Parameter Traversal Arbitrary File Access CVE-2005-3251 18 Oct 2005 5 (v2) Medium Pass Terminal Services Encryption Level is Medium or Low 25 Jan 2012 4.3 (v2) Medium Pass w-Agora <= 4.2.0 Multiple Vulnerabilities 20 Oct 2005 7.5 (v2) High Pass Xerver < 4.20 Multiple Vulnerabilities CVE-2005-3293 CVE-2005-4774 20 Oct 2005 5 (v2) Medium Pass e107 resetcore.php user Field SQL Injection CVE-2005-3521 21 Oct 2005 7.5 (v2) High Pass phpMyAdmin < 2.6.4-pl3 Multiple Vulnerabilities CVE-2005-3300 CVE-2005-3301 26 Oct 2005 5.1 (v2) Medium Pass HP LaserJet Web Server Unspeciﬁed Admin Component Traversal Arbitrary File Access CVE-2008-4419 10 Apr 2009 7.8 (v2) High Pass PHP iCalendar index.php phpicalendar Parameter Remote File Inclusion CVE-2005-3366 27 Oct 2005 6.8 (v2) Medium Pass YIFF Sound Server Detection 27 Oct 2005 None Pass Mantis < 0.19.3 Multiple Vulnerabilities CVE-2005-3091 CVE-2005-3335 CVE-2005-3336 CVE-2005-3337 CVE-2005-3338 CVE-2005-3339 27 Oct 2005 6.8 (v2) Medium Pass PHP < 4.4.1 / 5.0.6 Multiple Vulnerabilities CVE-2002-0229 CVE-2005-2491 CVE-2005-3388 CVE-2005-3389 CVE-2005-3390 01 Nov 2005 7.5 (v2) High Pass Invision Gallery index.php st Parameter SQL Injection CVE-2005-3395 01 Nov 2005 7.5 (v2) High Pass Comersus BackOﬃce comersus_backoﬃce_menu.asp Multiple Parameter SQL Injection 02 Nov 2005 7.5 (v2) High Pass phpBB <= 2.0.17 Multiple Vulnerabilities CVE-2005-3415 CVE-2005-3416 CVE-2005-3417 CVE-2005-3418 CVE-2005-3419 CVE-2005-3420 CVE-2005-3536 CVE-2005-3537 02 Nov 2005 7.5 (v2) High Pass vCard deﬁne.inc.php match Parameter Remote File Inclusion CVE-2005-3332 02 Nov 2005 7.3 (v3) High Pass VERITAS NetBackup Agent Detection 07 Nov 2005 None Pass Cheops NG Agent Detection 08 Nov 2005 None Pass PHPFM Arbitrary File Upload CVE-2005-4423 08 Nov 2005 8.8 (v3) High Pass Horde Admin Account Default Password CVE-2005-3344 08 Nov 2005 10 (v2) Critical Pass MailWatch authenticate() Function SQL Injection CVE-2005-3470 10 Nov 2005 6.8 (v2) Medium Pass GO-Global for Windows _USERSA_ Remote Overﬂow CVE-2005-3483 10 Nov 2005 10 (v2) Critical Pass VERITAS NetBackup Volume Manager Daemon Buﬀer Overﬂow CVE-2005-3116 11 Nov 2005 10 (v2) Critical Pass SolarWinds Dameware Mini Remote Control Client Public Key Buﬀer Over-read CVE-2019-3956 27 Jun 2019 7.4 (v3) High Pass TikiWiki < 1.8.6 / 1.9.1 Multiple Vulnerabilities CVE-2005-1925 14 Nov 2005 6.4 (v2) Medium Pass StreamSets Data Collector Web Detection 10 Jul 2019 None Pass Sonatype Nexus Repository Manager Missing Access Controls RCE CVE-2019-7238 26 Jul 2019 9.8 (v3) Critical Pass Xerox WorkCentre Multiple Vulnerabilities (XRX19-016) (URGENT/11) CVE-2019-12255 CVE-2019-12256 CVE-2019-12257 CVE-2019-12258 CVE-2019-12259 CVE-2019-12260 CVE-2019-12261 CVE-2019-12262 CVE-2019-12263 CVE-2019-12264 CVE-2019-1226529 Jul 2019 9.8 (v3) Critical Pass OpenSSL 1.1.1 < 1.1.1m Vulnerability CVE-2021-4160 28 Jan 2022 5.9 (v3) Medium Pass Moodle < 1.5.3 Multiple SQL Injection Vulnerabilities CVE-2005-3648 16 Nov 2005 7.5 (v2) High Pass Exponent CMS < 0.96.4 Multiple Remote Vulnerabilities (XSS, SQLi, Code Exe, Disc) CVE-2005-3762 CVE-2005-3763 CVE-2005-3764 CVE-2005-3765 CVE-2005-3766 CVE-2005-3767 16 Nov 2005 10 (v2) Critical Pass XOOPS xoopsConﬁg[language] Parameter Local File Inclusion (XOOPS_WFd205_xpl) CVE-2005-3680 16 Nov 2005 6.4 (v2) Medium Pass CodeGrrl Applications Remote File Inclusion Vulnerabilities CVE-2005-3571 16 Nov 2005 5 (v2) Medium Pass phpSysInfo < 2.4.1 Multiple Vulnerabilities CVE-2003-0536 CVE-2005-0870 CVE-2005-3347 CVE-2005-3348 16 Nov 2005 6.8 (v2) Medium Pass phpwcms 1.2.5 Multiple Vulnerabilities CVE-2005-3789 16 Nov 2005 5 (v2) Medium Pass Mambo Open Source / Joomla! GLOBALS Variable Remote File Include CVE-2005-3738 17 Nov 2005 8.1 (v3) High Pass Help Center Live module.php ﬁle Parameter Local File Inclusion CVE-2005-3639 18 Nov 2005 7.5 (v2) High Pass PHP Doc System index.php show Parameter Local File Inclusion CVE-2005-3878 29 Nov 2005 6.4 (v2) Medium Pass GuppY <= 4.5.9 Multiple Remote Vulnerabilities (Traversal, Code Exec) CVE-2005-3926 CVE-2005-3927 29 Nov 2005 8.8 (v3) High Pass PHPX admin/index.php username Parameter SQL Injection CVE-2005-3968 02 Dec 2005 7.5 (v2) High Pass Trac Ticket Query Module group Parameter SQL Injection CVE-2005-3980 02 Dec 2005 7.5 (v2) High Pass DUware Multiple Products type.asp iType Parameter SQL Injection CVE-2005-3976 CVE-2006-6354 CVE-2006-6367 02 Dec 2005 7.5 (v2) High Pass MediaWiki Language Option eval() Function Arbitrary PHP Code Execution CVE-2005-4031 05 Dec 2005 7.5 (v2) High Pass SugarCRM <= 4.0 beta acceptDecline.php Remote File Inclusion CVE-2005-4086 CVE-2005-4087 10 Dec 2005 7.5 (v2) High Pass Contenido contenido/classes/class.inuse.php Multiple Parameter Remote File Inclusion CVE-2005-4132 12 Dec 2005 7.5 (v2) High Pass FlatNuke index.php id Parameter Traversal Arbitrary File Access CVE-2005-2813 CVE-2005-4208 12 Dec 2005 5 (v2) Medium Pass The Includer includer.cgi Arbitrary Command Execution CVE-2005-0689 12 Dec 2005 7.5 (v2) High Pass phpCOIN < 1.2.2 2005-12-13 Fix-File Multiple Vulnerabilities CVE-2005-4211 CVE-2005-4212 CVE-2005-4213 14 Dec 2005 7.5 (v2) High Pass VMware ESX/GSX Server detection 14 Dec 2005 None Pass SimpleBBS topics.php name Parameter Arbitrary Command Execution CVE-2005-4135 14 Dec 2005 8.8 (v3) High Pass vTiger < 4.5a2 Multiple Vulnerabilities CVE-2005-3818 CVE-2005-3819 CVE-2005-3820 CVE-2005-3821 CVE-2005-3822 CVE-2005-3823 CVE-2005-3824 16 Dec 2005 7.5 (v2) High Pass ELOG Remote Buﬀer Overﬂow Vulnerabilities CVE-2005-4439 19 Dec 2005 7.8 (v2) High Pass Plogger plog-admin-functions.php conﬁg Parameter Remote File Inclusion CVE-2005-4573 21 Dec 2005 7.5 (v2) High Pass PhpGedView PGV_BASE_DIRECTORY Parameter Remote File Inclusion CVE-2005-4467 CVE-2005-4468 CVE-2005-4469 21 Dec 2005 7.5 (v2) High Pass Network Block Device (NBD) Server Request Handling Remote Overﬂow CVE-2005-3534 24 Dec 2005 7.5 (v2) High Pass MyBB calendar.php 'month' Parameter SQLi CVE-2005-4199 CVE-2005-4200 24 Dec 2005 10 (v2) Critical Pass Cerberus Support Center Multiple Remote Vulnerabilities (SQLi, XSS) CVE-2005-4427 CVE-2005-4428 29 Dec 2005 7.5 (v2) High Pass phpDocumentor <= 1.3.0 RC4 Local And Remote File Inclusion CVE-2005-4593 02 Jan 2006 7.5 (v2) High Pass Web Wiz check_user.asp txtUserName Parameter SQL Injection CVE-2005-4606 03 Jan 2006 7.5 (v2) High Pass PHP Support Tickets index.php Multiple Parameter SQL Injection CVE-2005-4264 04 Jan 2006 7.5 (v2) High Pass ADOdb server.php sql Parameter SQL Injection CVE-2006-0146 10 Jan 2006 7.5 (v2) High Pass Juniper NetScreen Security Manager (NSM) guiSrv/devSrv Crafted String Remote DoS CVE-2005-4587 10 Jan 2006 7.8 (v2) High Pass Eudora Internet Mail Server Admin Server Detection 16 Jan 2006 None Pass RCBlog index.php post Parameter Traversal Arbitrary File Access CVE-2006-0370 CVE-2006-0371 30 Jan 2006 5 (v2) Medium Pass Snitz Forums 2000 post.asp type Parameter XSS CVE-2005-3411 01 Feb 2006 4.3 (v2) Medium Pass Invision Power Board Dragoran Portal Module index.php site Parameter SQL Injection CVE-2006-0520 01 Feb 2006 7.5 (v2) High Pass MyBB index.php 'referrer' Parameter SQLi CVE-2006-1974 02 Feb 2006 7.5 (v2) High Pass Website Baker Admin Login SQL Injection CVE-2005-4140 02 Feb 2006 7.5 (v2) High Pass Grandstream Networks UCM6200 Series SQLi (Web UI) CVE-2020-5722 05 May 2022 9.8 (v3) Critical Pass Loudblog backend_settings.php Multiple Parameter Remote File Inclusion CVE-2006-0565 05 Feb 2006 7.5 (v2) High Pass PHP iCalendar Multiple Script Remote File Inclusion CVE-2006-0648 09 Feb 2006 5 (v2) Medium Pass PHP Xdebug Module Unauthenticated RCE (exploit) 31 Aug 2018 9.8 (v3) Critical Pass AXIS Multiple Vulnerabilities (ACV-128401) CVE-2018-10658 CVE-2018-10659 CVE-2018-10660 CVE-2018-10661 CVE-2018-10662 CVE-2018-10663 CVE-2018-10664 02 Oct 2018 9.8 (v3) Critical Pass Supermicro IPMI Baseboard Management Controller Default Credentials 05 Oct 2018 9.8 (v3) Critical Pass Rockwell Automation RSLinx Classic ENGINE.dll Stack Buﬀer Overﬂow CVE-2018-14829 28 Nov 2018 9.8 (v3) Critical Pass Rockwell Automation RSLinx Classic ENGINE.dll Stack Buﬀer Overﬂow (CVE-2019-6553) CVE-2019-6553 22 Mar 2019 9.8 (v3) Critical Pass AVEVA InduSoft Web Studio / InTouch Edge HMI TCP/IP Server Detection 22 Jan 2018 None Pass CyberArk Password Vault Web Access Detection 10 Apr 2018 None Pass GE Multilin UR / URPlus / B95Plus Protection Relay Cryptographic Algorithm Weakness Information DisclosurCVE-2017-7905e (UR-2017-0001) 26 May 2017 9.8 (v3) Critical 34

Pass Comelit Intercom Detection 21 Apr 2017 None Pass ManageEngine Firewall Analyzer Detection 13 Apr 2016 None Pass Allen-Bradley MicroLogix 1400 Multiple Vulnerabilities CVE-2012-4690 CVE-2012-6435 CVE-2012-6436 CVE-2012-6437 CVE-2012-6438 CVE-2012-6439 CVE-2012-6440 CVE-2012-6441 CVE-2012-644227 May 2016 10 (v2) Critical Pass MicroLogix 1400 PLC Web Server Multiple Vulnerabilities CVE-2015-6486 CVE-2015-6488 CVE-2015-6491 CVE-2015-6492 31 May 2016 7.5 (v3) High Pass MicroLogix 1400 PLC Web Server Request Handling RCE CVE-2015-6490 31 May 2016 9.8 (v3) Critical Pass TeamSpeak 3 Server Detection 12 Sep 2016 None Pass OMRON FINS TCP Protocol Detection 27 Oct 2016 None Pass X2Engine Detection 23 Feb 2015 None Pass Siemens SIMATIC S7-1200 PLC < 4.1 Open Redirection CVE-2015-1048 02 Mar 2015 4.3 (v2) Medium Pass Honeywell XL Web Controller FTP Directory Traversal CVE-2015-0984 26 Mar 2015 10 (v2) Critical Pass Modbus/TCP Device Identiﬁcation 10 May 2015 5.8 (v3) Medium Pass HP WebInspect REST API Unauthorized Access 15 Jun 2015 7.5 (v2) High Pass Rockwell Automation MicroLogix 1100 PLC < Series B FRN 13.0 Multiple Vulnerabilities CVE-2012-6435 CVE-2012-6436 CVE-2012-6437 CVE-2012-6438 CVE-2012-6439 CVE-2012-6441 CVE-2012-6442 07 Jul 2015 10 (v2) Critical Pass Rockwell Automation MicroLogix 1100 PLC < FRN 10.0 Authentication Mechanism DoS CVE-2009-3739 07 Jul 2015 10 (v2) Critical Pass HP LaserJet Printers Multiple Vulnerabilities CVE-2013-4828 CVE-2013-4829 16 Oct 2013 4.3 (v2) Medium Pass eScan Agent Detection 24 May 2007 None Pass MikroTik Neighbor Discovery Protocol Detection 25 Nov 2013 None Pass MikroTik MAC Telnet Protocol Detection 03 Dec 2013 None Pass Emerson Network Power Avocent MergePoint Unity KVM Switch Detection 05 Feb 2014 None Pass F5 Networks BIG-IQ Detection 09 May 2014 None Pass Advantech WebAccess Default Credential Check 14 Apr 2014 7.5 (v2) High Pass Oracle Identity Analytics Detection 28 Apr 2014 None Pass Cisco Network Registrar Web UI Detection 29 Apr 2014 None Pass Cisco TelePresence Supervisor Detection 18 Jun 2014 None Pass Palo Alto Networks PAN-OS < 5.0.15 / 5.1.x < 5.1.10 / 6.0.x < 6.0.6 / 6.1.x < 6.1.1 Bash Shell Remote Code Execution (Shellshock)CVE-2014-6271 CVE-2014-7169 20 Oct 2014 10 (v2) Critical Pass Cisco NX-OS GNU Bash Environment Variable Command Injection Vulnerability (cisco-sa-20140926-bash) (Shellshock)CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 27 Oct 2014 10 (v2) Critical Pass Honeywell Excel (XL) Web Controller Detection 25 Aug 2014 None Pass McAfee Web Gateway GNU Bash Code Injection (SB10085) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 12 Nov 2014 10 (v2) Critical Pass Cisco TelePresence Conductor Detection 26 Nov 2014 None Pass Sielco Sistemi Winlog Arbitrary File Disclosure CVE-2012-4356 10 Aug 2012 4.3 (v2) Medium Pass Novell File Reporter Agent VOL Tag Remote Code Execution (uncredentialed check) 10 Sep 2012 10 (v2) Critical Pass Magnum MNS-6K Hardcoded Admin Account CVE-2012-3014 05 Oct 2012 7.7 (v2) High Pass HP LaserJet Pro Printers Unauthorized Data Access CVE-2012-5215 19 Mar 2013 8.8 (v2) High Pass VNC Server Unauthenticated Access: Screenshot 22 Apr 2013 7.5 (v2) High Pass HP LaserJet Pro Printers Unauthorized Data Access (April 2013) CVE-2012-5221 09 May 2013 5 (v2) Medium Pass HP Data Protector Components Version Detection 01 Jul 2013 None Pass Tridium Niagara AX Web Server Multiple Vulnerabilities CVE-2012-3024 CVE-2012-3025 CVE-2012-4027 CVE-2012-4028 03 Jul 2013 7.8 (v2) High Pass IPMI Cipher Suites Supported 17 Jul 2013 None Pass HP LaserJet Pro Printers Multiple Information Disclosures (July 2013) CVE-2013-4807 09 Aug 2013 7.8 (v2) High Pass iSCSI Unauthenticated Target Detection 23 Dec 2010 7.5 (v2) High Pass Movicon TcpUploadServer Data Leakage (remote check) 25 Mar 2011 5 (v2) Medium Pass Samsung Data Management Server < 1.4.3 verifyUser Method SQL Injection CVE-2010-4284 11 May 2011 7.5 (v2) High Pass H3C / HP Intelligent Management Center Detection 08 Jun 2011 None Pass Novell File Reporter Engine RECORD Element Tag Parsing Overﬂow (uncredentialed check) CVE-2011-2220 08 Jul 2011 9.7 (v2) High Pass Symantec Veritas Enterprise Administrator Service (vxsvc) Detection 20 Sep 2011 None Pass MS11-082: Vulnerabilities in Host Integration Server Could Allow Denial of Service (2607670) (uncredentialed check)CVE-2011-2007 CVE-2011-2008 25 Oct 2011 5 (v2) Medium Pass Novell Messenger Server Process Memory Remote Information Disclosure CVE-2011-3179 14 Nov 2011 5 (v2) Medium Pass GE D20 Default Credentials 19 Jan 2012 7.5 (v2) High Pass MicroLogix 1100 PLC Default Credentials 19 Jan 2012 6.4 (v2) Medium Pass SEL Controller Default Credentials 19 Jan 2012 7.5 (v2) High Pass Sensitive information can be obtained from the GE D20 Remote Terminal Unit via TFTP 19 Jan 2012 9.4 (v2) High Pass Multiple Cisco Products brstart sm_read_string_length Remote Code Execution CVE-2011-2738 17 Feb 2012 10 (v2) Critical Pass Terminal Services Doesn't Use Network Level Authentication (NLA) Only 23 Mar 2012 4 (v3) Medium Pass Measuresoft ScadaPro < 4.0.1.0 service.exe RF Command Arbitrary File Disclosure CVE-2011-3495 18 Jun 2012 10 (v2) Critical Pass IBM AIX TCP Large Send Denial of Service Vulnerability CVE-2012-0194 11 Jul 2012 7.1 (v2) High Pass Wyse Thin Client hagent.exe Unspeciﬁed Buﬀer Overﬂow 02 Sep 2009 10 (v2) Critical Pass Alert Standard Format / Remote Management and Control Protocol Detection 16 Apr 2010 None Pass Cisco CiscoWorks Internetwork Performance Monitor Remote Command Execution CVE-2008-1157 19 Aug 2008 10 (v2) Critical Pass CiscoWorks Server Common Services Login Page XSS CVE-2007-5582 19 Aug 2008 4.3 (v2) Medium Noise UDP Scanner 04 Feb 2009 None Pass Symantec Backup Exec for Windows Multiple Vulnerabilities CVE-2008-5407 CVE-2008-5408 20 Nov 2008 10 (v2) Critical Pass IBM Baseboard Management Controller Default Credentials 11 Jun 2009 10 (v2) Critical Pass DNP3 Binary Inputs Access Remote Information Disclosure 11 Dec 2006 5 (v2) Medium Pass ICCP/COTP (ISO 8073) Protocol Detection 11 Dec 2006 7.4 (v3) High Pass Tamarack IEC 61850 Server Detection 11 Dec 2006 None Pass Modbus/TCP Coil Access 11 Dec 2006 9.1 (v3) Critical Pass Modbus/TCP Discrete Input Access 11 Dec 2006 5 (v2) Medium Pass Modicon Modbus/TCP Programming Function Code Access 11 Dec 2006 6.5 (v3) Medium Pass Modicon PLC Embedded HTTP Server Detection 11 Dec 2006 5 (v2) Medium Pass Modicon PLC Modbus Slave Mode SNMP Request Modbus Mode Remote Disclosure 11 Dec 2006 5 (v2) Medium Pass iSCSI Target Detection 23 Dec 2010 None Pass Citrix SD-WAN Center Detection 11 Apr 2019 None Pass Symantec Management Center Web Detection 08 May 2019 None Pass Rockwell Automation MicroLogix 1100/1400 and CompactLogix 5370 Controllers Open Redirection VulnerabilityCVE-2019-10955 21 May 2019 6.1 (v3) Medium Pass Commvault Web Console Detection 07 Jun 2019 None Pass Cisco Energy Management Web Detection 09 Sep 2019 None Pass Cisco Integrated Management Controller Detection 13 Oct 2014 None Pass Hyper-V Virtual Machine Detection 09 Jun 2015 None Pass Adobe Experience Manager Web Detection 15 Jan 2020 None Pass Buﬀalo TeraStation Web detection 16 Jul 2018 None Pass PostgreSQL Unauthenticated Version Detection 10 Jul 2018 None Pass Isilon OneFS FTP Detection 14 Aug 2018 None Pass Isilon OneFS Web Interface Detection 14 Aug 2018 None Pass Isilon OneFS NTP Detection 14 Aug 2018 None Pass Isilon OneFS uname Detection 14 Aug 2018 None Pass Ansible Tower WebUI Detection 31 Aug 2018 None Pass Zinwave Series 3000 DAS Web Interface Detection 13 Sep 2018 None Pass AXIS FTP Server Detection 02 Oct 2018 None Pass HPE Intelligent Management Center dbman Detection 10 Oct 2018 None Pass DNP3 Detection of Device attributes 02 Nov 2018 None Pass Detect PROFINET targets listening on the Network Layer. 08 Jan 2019 None Pass Oracle WebLogic Web Services Test Client Detection 28 Jan 2019 None Pass Kubernetes Web API Detection 30 Jan 2019 None Pass ShareFile Storage Zones Controller Web Detection 02 Jun 2020 None Pass Trading Technologies Messaging (ttm_cmd) Detection 03 Jun 2020 None Pass IBM Storwize V7000 Uniﬁed 1.3.x < 1.4.3.5 / 1.5.x < 1.5.0.4 Multiple Vulnerabilities (Shellshock) CVE-2014-6271 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2014-6277 CVE-2014-6278 25 Aug 2015 10 (v2) Critical Pass Trend Micro Control Manager Detection (uncredentialed) 17 Feb 2017 None Pass Unitrends Backup Detection 04 May 2017 None Pass Cisco APIC-EM WebUI Detection 05 Feb 2016 None Pass Tenable SecurityCenter Unsupported Version Detection 16 Dec 2013 9.8 (v3) Critical Pass OpenSSL 1.0.1 < 1.0.1g Multiple Vulnerabilities (Heartbleed) CVE-2014-0076 CVE-2014-0160 08 Apr 2014 7.5 (v3) High Pass OpenVPN Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 14 Apr 2014 7.5 (v3) High Pass HP System Management Homepage OpenSSL Multiple Vulnerabilities (Heartbleed) CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2014-0160 18 Apr 2014 7.5 (v3) High Pass HP LaserJet Pro Printers OpenSSL Heartbeat Information Disclosure (HPSBPI03014) (Heartbleed) CVE-2014-0160 01 May 2014 7.5 (v3) High Pass VMware Horizon Workspace 1.8 < 1.8.1 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)CVE-2014-0076 CVE-2014-0160 06 May 2014 7.5 (v3) High Pass ESXi 5.5 < Build 1746974 / 5.5 Update 1 < Build 1746018 OpenSSL Library Multiple Vulnerabilities (remote check) (Heartbleed)CVE-2014-0076 CVE-2014-0160 08 May 2014 7.5 (v3) High Pass Western Digital Arkeia Virtual Appliance Detection 28 May 2014 None Pass Caldera Detection 05 Jun 2014 None Pass Kerio Connect 8.2.x < 8.2.4 Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 08 Jul 2014 7.5 (v3) High Pass Oracle E-Business (January 2014 CPU) CVE-2013-5874 CVE-2013-5890 CVE-2014-0366 CVE-2014-0398 17 Jan 2014 5.5 (v2) Medium Pass Ipswitch IMail Server 11.x / 12.x < 12.4.1.15 Multiple Vulnerabilities (Heartbleed) CVE-2014-0076 CVE-2014-0160 CVE-2014-3878 14 Jul 2014 7.5 (v3) High Pass Patch Management: Host information from VMware Go (deprecated) 06 Dec 2011 None 35

Pass Juniper Junos OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed) CVE-2014-0160 18 Apr 2014 7.5 (v3) High Pass IBM Spectrum Protect Operations Center Detection 19 Nov 2020 None Pass Atlassian Conﬂuence 7.4.x < 7.4.17 / 7.13.x < 7.13.7 / 7.14.x < 7.14.3 / 7.15.x < 7.15.2 / 7.16.x < 7.16.4 / 7.17.x < 7.17.4 / 7.18.x < 7.18.1 (CONFSERVER-79017) 06 Jun 2022 None Pass VMware Cloud Foundation Web Detection 06 Jun 2022 None Pass Oracle E-Business (July 2013 CPU) CVE-2013-3747 CVE-2013-3749 CVE-2013-3756 CVE-2013-3767 CVE-2013-3777 CVE-2013-3778 CVE-2013-3788 27 Sep 2013 5.5 (v2) Medium Pass Oracle E-Business Multiple Vulnerabilities (October 2014 CPU) CVE-2014-4278 CVE-2014-4281 CVE-2014-4285 CVE-2014-6471 CVE-2014-6472 CVE-2014-6479 CVE-2014-6523 CVE-2014-6539 CVE-2014-6550 CVE-2014-656117 Oct 2014 7.5 (v2) High Pass HP Data Protector < A.06.20 Multiple Vulnerabilities CVE-2011-1728 CVE-2011-1729 CVE-2011-1730 CVE-2011-1731 CVE-2011-1732 CVE-2011-1733 CVE-2011-1734 CVE-2011-1735 CVE-2011-1736 CVE-2011-239910 May 2011 10 (v2) Critical Pass Symantec pcAnywhere Unsupported 08 Feb 2012 10 (v3) Critical Pass HP Data Protector Unsupported 05 Feb 2013 10 (v2) Critical Pass Cisco Uniﬁed Communications Manager SIP DoS (CSCub85597) CVE-2013-3461 24 Sep 2013 7.1 (v2) High Pass Cisco Uniﬁed Communications Manager UDP Memory Leak DoS (CSCub85597) CVE-2013-3460 24 Sep 2013 7.8 (v2) High Pass Cisco Uniﬁed Communications Manager Remote Buﬀer Overﬂow (CSCud54358) CVE-2013-3462 24 Sep 2013 8.5 (v2) High Pass Cisco Uniﬁed Communications Manager Registration Messages DoS (CSCuf93466) CVE-2013-3459 24 Sep 2013 7.8 (v2) High Pass Cisco Uniﬁed Communications Manager Multiple DoS Vulnerabilities (cisco-sa-20130227-cucm) CVE-2013-1133 CVE-2013-1134 25 Sep 2013 7.8 (v2) High Pass Juniper NSM Servers < 2012.2R5 Multiple Vulnerabilities CVE-2012-0022 CVE-2012-5568 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2013 5 (v2) Medium Pass NAS4Free Version 14 Apr 2014 None Pass Cisco Uniﬁed Communications Manager Multiple Reﬂected XSS CVE-2014-3372 CVE-2014-3373 CVE-2014-3374 06 Nov 2014 4.3 (v2) Medium Pass CUCM IM and Presence Service GNU Bash Environment Variable Handling Command Injection (CSCur05454) (Shellshock)CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 11 Nov 2014 10 (v2) Critical Pass Cisco Uniﬁed Communications Manager SSLv3 Information Disclosure (cisco-sa-20141015-poodle) (POODLE)CVE-2014-3566 12 Nov 2014 4.3 (v2) Medium Pass Cisco TelePresence Conductor Bash Remote Code Execution (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 26 Nov 2014 10 (v2) Critical Pass Cisco Uniﬁed Communications Manager TLS SAN Field MitM (CSCuq86376) CVE-2014-7991 29 Dec 2014 4.3 (v2) Medium Pass Cisco Uniﬁed Communications Manager Remote Buﬀer Overﬂow (CSCus66650) (GHOST) CVE-2015-0235 26 Feb 2015 10 (v2) Critical Pass Cisco TelePresence Conductor Login Security Bypass Vulnerability CVE-2015-0653 20 Mar 2015 10 (v2) Critical Pass Cisco Uniﬁed Communications Manager SQL Injection (CSCut33447 / CSCut33608) CVE-2015-0715 14 May 2015 6.5 (v2) Medium Pass Cisco Uniﬁed Communications Manager SIP Memory Leak DoS (CSCuv39370) CVE-2016-1350 01 Apr 2016 7.5 (v3) High Pass Delta Electronics DIAEnergie Blind SQLi (CVE-2021-38391) CVE-2021-38391 06 Jun 2022 9.8 (v3) Critical Pass Delta Electronics DIAEnergie Detection 06 Jun 2022 None Pass HP Data Protector 7.0x < 7.03 build 108 / 8.1x < 8.15 / 9.0x < 9.06 Multiple Vulnerabilities (HPSBGN03580) (Bar Mitzvah)CVE-2015-2808 CVE-2016-2004 CVE-2016-2005 CVE-2016-2006 CVE-2016-2007 CVE-2016-2008 29 Apr 2016 9.8 (v3) Critical Pass Cisco Uniﬁed Communications Manager Java Object Deserialization RCE (CSCux34835) CVE-2015-6420 10 Oct 2016 9.8 (v3) Critical Pass IBM Domino Unsupported Version Detection 17 Apr 2017 10 (v3) Critical Pass Cisco Uniﬁed Communications Manager SIP UDP Throttling DoS (CSCuz72455) CVE-2017-3808 27 Apr 2017 7.5 (v3) High Pass Cisco Uniﬁed Communications Manager XSS (cisco-sa-20170517-ucm) CVE-2017-6654 25 May 2017 6.1 (v3) Medium Pass HP Data Protector 8.x < 8.17 / 9.x < 9.09 Multiple Vulnerabilities (HPSBGN03732) CVE-2017-5807 CVE-2017-5808 CVE-2017-5809 11 Aug 2017 9.8 (v3) Critical Pass Cisco Uniﬁed Communication Manager HTTP Interface Information Disclosure Vulnerability (CSCvf20218) CVE-2018-0266 27 Apr 2018 4.3 (v3) Medium Pass Ansible Tower 3.1.x < 3.1.8 / 3.2.x < 3.2.6 CSRF vulnerability CVE-2018-10884 31 Aug 2018 8.8 (v3) High Pass Ansible Tower Unsupported Version 31 Aug 2018 10 (v3) Critical Pass Cisco Uniﬁed Communication Manager Apache Struts RCE (CSCvm14042) CVE-2018-11776 05 Sep 2018 8.1 (v3) High Pass IBM Spectrum Protect 7.1.x < 7.1.9.300 / 8.1.x < 8.1.8 Multiple Vulnerabilities CVE-2018-1922 CVE-2018-1923 CVE-2018-1936 CVE-2018-1978 CVE-2018-1980 CVE-2019-4014 CVE-2019-4015 CVE-2019-4016 CVE-2019-409424 Jul 2019 7.8 (v3) High Pass Ansible Tower 3.6.x < 3.6.1 Information Disclosure CVE-2019-14890 06 Dec 2019 8.8 (v3) High Pass Dell iDRAC Improper Authorization (DSA-2019-137) CVE-2019-3764 06 Dec 2019 4.3 (v3) Medium Pass DNN (DotNetNuke) 6.0.0 <= 9.3.2 Multiple Vulnerabilities 06 Dec 2019 6.1 (v3) Medium Pass Citrix SD-WAN Center trace_route Unauthenticated Remote Command Injection CVE-2019-12986 18 Dec 2019 9.8 (v3) Critical Pass Oracle E-Business (July 2014 CPU) CVE-2014-0224 CVE-2014-2482 CVE-2014-4213 CVE-2014-4235 CVE-2014-4248 18 Jul 2014 5.8 (v2) Medium Pass Ansible Tower 3.5.x < 3.5.4 / 3.6.x < 3.6.2 Multiple Vulnerabilities CVE-2019-14864 CVE-2019-19340 CVE-2019-19341 CVE-2019-19342 20 Dec 2019 8.2 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.49 Privilege Escalation CVE-2019-12418 27 Dec 2019 7 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.50 Privilege Escalation Vulnerability CVE-2019-17563 27 Dec 2019 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.30 Privilege Escalation Vulnerability CVE-2019-17563 27 Dec 2019 7.5 (v3) High Pass Atlassian JIRA < 7.7.1 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-67108) CVE-2017-18102 06 Jan 2020 5.4 (v3) Medium Pass Atlassian JIRA 6.2.1 < 7.4.4 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-66719) CVE-2017-18039 06 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.4.2 XSS vulnerability (JRASERVER-66624) CVE-2017-16864 07 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.13.6 / 8.x < 8.4.0 XSS (JRASERVER-69795) CVE-2019-8450 09 Jan 2020 4.8 (v3) Medium Pass Atlassian JIRA < 7.13.3 / 8.x < 8.1 XSS vulnerability (JRASERVER-68855) CVE-2018-20239 09 Jan 2020 5.4 (v3) Medium Pass Atlassian JIRA < 7.13.9 / 8.x < 8.3.3 XSS (JRASERVER-69790) CVE-2019-14996 09 Jan 2020 6.1 (v3) Medium Pass Atlassian JIRA < 7.13.12 / 8.x < 8.4.3 / 8.5.x < 8.5.2 Authorization Bypass (JRASERVER-70405) CVE-2019-15013 09 Jan 2020 4.3 (v3) Medium Pass Atlassian JIRA < 7.6.1 CSRF vulnerability (JRASERVER-66643) CVE-2017-18033 09 Jan 2020 6.5 (v3) Medium Pass nginx 0.8.x < 0.8.33 / 0.7.x < 0.7.65 Windows Filename Pseudonyms (CORE-2010-0121) 13 Jan 2020 3.7 (v3) Low Pass Microsoft Open Management Infrastructure RCE (CVE-2021-38647) CVE-2021-38647 20 Sep 2021 9.8 (v3) Critical Pass Flexera FlexNet Publisher lmadmin < 11.16.5.1 Multiple Vulnerabilities CVE-2019-8960 CVE-2019-8961 20 Jan 2020 7.5 (v3) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Jan 2020 CPU) CVE-2020-2566 CVE-2020-2582 CVE-2020-2586 CVE-2020-2587 CVE-2020-2591 CVE-2020-2596 CVE-2020-2597 CVE-2020-2603 CVE-2020-2651 CVE-2020-2652 CVE-2020-2653 CVE-2020-2657 CVE-2020-2658 CVE-2020-2661 CVE-2020-2662 CVE-2020-2665 CVE-2020-2666 CVE-2020-2667 CVE-2020-2668 CVE-2020-2669 CVE-2020-2670 CVE-2020-2671 CVE-2020-267224 Jan 2020 9.9 (v3) Critical Pass Redis EVAL Lua Sandbox Escape 30 Apr 2018 9 (v3) Critical Pass PostgreSQL STARTTLS Support 19 Oct 2018 None Pass IBM Spectrum Protect Server 7.1.x < 7.1.9.100 / 8.1.x < 8.1.6 Information Disclosure Vulnerability CVE-2018-1788 08 Nov 2018 4.4 (v3) Medium Pass Tenable Nessus < 8.2.2 Stored XSS Vulnerability (TNS-2019-01) CVE-2019-3923 06 Feb 2019 5.4 (v3) Medium Pass HPE Intelligent Management Center dbman Command 10018 Multiple Vulnerabilities CVE-2019-5390 CVE-2019-5391 11 Feb 2020 9.8 (v3) Critical Pass Atlassian Jira 8.2.x < 8.6.0 Improper Authorization on Project Titles Information Disclosure Vulnerability (JRASERCVE-2019-20404VER_70569) 30 Mar 2020 4.3 (v3) Medium Pass Atlassian Jira 8.2 < 8.5.4 Support Files Improper Authorization Vulnerability (JRASERVER-70564) CVE-2019-20402 30 Mar 2020 4.9 (v3) Medium Pass Ansible Tower 3.4.x < 3.4.6 / 3.5.x < 3.5.6 / 3.6.x < 3.6.4 Denial of Service Vulnerability CVE-2020-10697 02 Apr 2020 4.4 (v3) Medium Pass Jenkins < (2.204.6 / 2.222.1) LTS / 2.228 Multiple Vulnerabilities CVE-2020-2160 CVE-2020-2161 CVE-2020-2162 CVE-2020-2163 02 Apr 2020 8.8 (v3) High Pass Dell iDRAC Buﬀer Overﬂow Vulnerability (CVE-2020-5344) CVE-2020-5344 03 Apr 2020 9.8 (v3) Critical Pass Atlassian Jira 7.13 < 8.5.5 Jira Project Key Information Disclosure (JRASERVER-70565) CVE-2019-20403 06 Apr 2020 5.3 (v3) Medium Pass Atlassian Jira < 7.1.9 Role Name XSS (JRASERVER-61861) CVE-2016-4318 08 Apr 2020 4.8 (v3) Medium Pass Apache 2.4.x < 2.4.42 Multiple Vulnerabilities CVE-2020-1927 CVE-2020-1934 10 Apr 2020 6.1 (v3) Medium Pass Pulse Connect Secure XSS (SA3877) CVE-2018-20808 17 Apr 2020 6.1 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2020 CPU)CVE-2020-2594 CVE-2020-2706 17 Apr 2020 6.5 (v3) Medium Pass Atlassian Jira 7.6 < 8.5.2 XSRF (JRASERVER-70406) CVE-2019-20401 21 Apr 2020 6.5 (v3) Medium Pass MongoDB 2.x, 3.0.x < 3.0.15, 3.1.x < 3.2.14, 3.3.x < 3.3.14 Mongo Shell Information Disclosure Vulnerability (SERCVE-2016-6494VER-25335) 23 Apr 2020 5.5 (v3) Medium Pass PHP 7.2.x < 7.2.30 Multiple Vulnerabilities CVE-2020-7067 23 Apr 2020 7.5 (v3) High Pass PHP 7.4.x < 7.4.5 urldecode OOB Read CVE-2020-7067 24 Apr 2020 7.5 (v3) High Pass ManageEngine PAM360 Detection 23 May 2022 None Pass Jenkins plugins Multiple Vulnerabilities (2022-04-12) CVE-2022-29036 CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 CVE-2022-29047 CVE-2022-29048 CVE-2022-29049 CVE-2022-29050 CVE-2022-29051 CVE-2022-2905223 May 2022 8.8 (v3) High Pass Cisco UCS Director JavaScript Cross-Site Scripting Vulnerability CVE-2022-20765 23 May 2022 4.8 (v3) Medium Pass Jenkins Security Advisory 2019-01-08 Multiple Vulnerabilities CVE-2019-1003000 CVE-2019-1003001 CVE-2019-1003002 24 Sep 2019 8.8 (v3) High Pass PHP 7.3.x < 7.3.10 Heap-Based Buﬀer Overﬂow Vulnerability. 04 Oct 2019 8.1 (v3) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Oct 2019 CPU) CVE-2019-2925 CVE-2019-2930 CVE-2019-2942 CVE-2019-2990 CVE-2019-2994 CVE-2019-2995 CVE-2019-3000 CVE-2019-3022 CVE-2019-3024 CVE-2019-302718 Oct 2019 8.2 (v3) High Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (Oct 2019 CPU) CVE-2017-12626 CVE-2019-11358 CVE-2019-12086 CVE-2019-14379 CVE-2019-14439 21 Oct 2019 9.8 (v3) Critical Pass Default Password ('scpuser') for 'scpuser' Account 21 Oct 2019 9.8 (v3) Critical Pass vBulletin 'widget_php' Command Execution CVE-2019-16759 23 Oct 2019 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway 12.5.x < 12.5.4 XSS CVE-2019-12705 25 Oct 2019 6.1 (v3) Medium Pass PHP < 7.1.33 / 7.2.x < 7.2.24 / 7.3.x < 7.3.11 Remote Code Execution Vulnerability. CVE-2019-11043 25 Oct 2019 9.8 (v3) Critical Pass Citrix SD-WAN Center and NetScaler SD-WAN Center addModifyZTDProxy Unauthenticated Remote Command InjectionCVE-2019-12988 29 Oct 2019 9.8 (v3) Critical Pass Tenable Nessus < 8.7.0 DoS (TNS-2019-06) CVE-2019-3982 01 Nov 2019 6.5 (v3) Medium Pass HP Data Protector Backup Agent RCE CVE-2006-4201 14 Aug 2006 7.5 (v2) High Pass HP Data Protector OmniInet.exe MSG_PROTOCOL Command RCE CVE-2007-2280 05 Jan 2010 10 (v2) Critical Pass jQuery UI Detection 31 Dec 2021 None Pass IBM Spectrum Protect 7.1.x < 7.1.10.100 / 8.1.x < 8.1.9.300 Stack-based Buﬀer Overﬂow CVE-2020-4415 13 May 2020 9.8 (v3) Critical Pass vBulletin 'getIndexableContent' SQL Injection (direct check) CVE-2020-12720 15 May 2020 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.31 / 7.3.x < 7.3.18, 7.4.x < 7.4.6 Denial of Service (DoS) CVE-2019-11048 21 May 2020 5.3 (v3) Medium Pass Cisco IOS XE Software Web UI REST API Authentication Bypass Vulnerability CVE-2017-12229 02 Oct 2017 9.8 (v3) Critical Pass Oracle WebCenter Content Unspeciﬁed Vulnerability (April 2018 CPU) CVE-2018-2828 22 May 2020 8.2 (v3) High Pass Cisco IOS XE Software Plug-and-Play PKI API Certiﬁcate Validation Vulnerability CVE-2017-12228 06 Oct 2017 5.9 (v3) Medium Pass Atlassian JIRA < 8.7.0 SSRF (JRASERVER-71204) CVE-2019-20408 09 Jul 2020 5.3 (v3) Medium Pass Atlassian Jira < 7.13.14 / 8.5.x < 8.5.5 / 8.8.x < 8.8.2 / 8.9.0 < 8.9.1 MitM (JRASERVER-71198) CVE-2020-14168 09 Jul 2020 5.9 (v3) Medium Pass Atlassian JIRA < 7.13.14 / 8.5.x < 8.5.5 / 8.8.x < 8.8.2 / 8.9.x < 8.9.1 DoS (JRASERVER-71197) CVE-2020-14167 10 Jul 2020 7.5 (v3) High Pass TYPO3 10.4.x < 10.4.2 Information Disclosure (TYPO3-CORE-SA-2020-001) CVE-2020-11063 13 Jul 2020 3.7 (v3) Low Pass Atlassian JIRA < 8.4.2 Information disclosure in Application links plugin CVE-2019-15011 CVE-2019-15013 20 Dec 2019 4.3 (v3) Medium Pass Cisco IOS Software for Catalyst 2960-L Series Switches and Catalyst CDB-8P Switches 802.1X Authentication Bypass VCVE-2020-3231ulnerability (cisco-sa-c2960L-DpWA9Re4) 26 Jun 2020 4.7 (v3) Medium Pass Oracle Oracle E-Business Suite (Jul 2020 CPU) CVE-2020-14534 CVE-2020-14554 CVE-2020-14555 CVE-2020-14582 CVE-2020-14590 CVE-2020-14596 CVE-2020-14598 CVE-2020-14599 CVE-2020-14610 CVE-2020-14635 CVE-2020-14657 CVE-2020-14658 CVE-2020-14659 CVE-2020-14660 CVE-2020-14661 CVE-2020-14665 CVE-2020-14666 CVE-2020-14667 CVE-2020-14668 CVE-2020-14670 CVE-2020-14671 CVE-2020-14679 CVE-2020-14681 CVE-2020-14682 CVE-2020-14686 CVE-2020-14688 CVE-2020-14716 CVE-2020-14717 CVE-2020-14719 CVE-2020-1472015 Jul 2020 9.1 (v3) Critical Pass Cisco IOS XE Software Static Credential Vulnerability CVE-2018-0150 29 Mar 2018 9.8 (v3) Critical Pass SolarWinds Web Help Desk - Web Detection 24 Mar 2022 None Pass SolarWinds Orion Platform 2020.2.0 < 2020.2.6 HF1 Multiple Vulnerabilities XSS CVE-2021-35219 CVE-2021-35220 CVE-2021-35221 CVE-2021-35222 CVE-2021-35238 CVE-2021-35239 CVE-2021-35240 17 Nov 2021 9.6 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11138) CVE-2021-0245 15 Apr 2021 7.8 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11175) CVE-2021-0255 CVE-2021-0256 15 Apr 2021 7.8 (v3) High 36

Pass Juniper Junos OS Vulnerability (JSA11129) CVE-2021-0234 15 Apr 2021 5.8 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11151) CVE-2021-0260 15 Apr 2021 7.3 (v3) High Pass Juniper Junos OS Vulnerability (JSA11133) CVE-2021-0238 15 Apr 2021 5.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11146) CVE-2021-0253 15 Apr 2021 7.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11130) CVE-2021-0235 15 Apr 2021 7.3 (v3) High Pass Cisco Catalyst 9200 Series Switches Jumbo Frame DoS (cisco-sa-JP-DOS-g5FfGm8y) CVE-2020-3527 23 Apr 2021 8.6 (v3) High Pass Cisco NX-OS Precision Time Protocol (PTP) Denial of Service Vulnerability CVE-2018-0378 17 Sep 2019 8.6 (v3) High Pass Cisco NX-OS Software Call Home Command Injection (cisco-sa-callhome-cmdinj-zkxzSCY) CVE-2020-3454 03 Sep 2020 7.2 (v3) High Pass Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service VulnerabilityCVE-2019-1594 10 Jul 2019 7.4 (v3) High Pass WordPress Plugin Detection 20 Jul 2017 None Pass Jenkins Enterprise and Operations Center < 2.249.33.0.1 / 2.277.42.0.1 / 2.303.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2021-10-06)CVE-2014-3577 CVE-2021-21682 CVE-2021-21683 CVE-2021-21684 22 Nov 2021 6.5 (v3) Medium Pass ThinkPHP < 5.0.24 RCE CVE-2019-9082 10 Dec 2021 8.8 (v3) High Pass Cisco IOS XE Software Errdisable Vulnerabilities (cisco-sa-20180926-errdisable) CVE-2018-0480 05 Oct 2018 6.1 (v3) Medium Pass Cisco IOS XE Software IPsec DoS Vulnerability (cisco-sa-20180926-ipsec) CVE-2018-0472 05 Oct 2018 8.6 (v3) High Pass Cisco IOS XE Software IPv6 Hop-by-Hop DoS Vulnerability (cisco-sa-20180926-ipv6hbh) CVE-2018-0467 05 Oct 2018 8.6 (v3) High Pass Cisco IOS XE Software Command Injection Vulnerabilities (cisco-sa-20180926-iosxe-cmdinj) CVE-2018-0477 CVE-2018-0481 05 Oct 2018 6.7 (v3) Medium Pass VMware vCenter Server Virtual SAN Health Check plug-in RCE (CVE-2021-21985) (direct check) CVE-2021-21985 03 Jun 2021 9.8 (v3) Critical Pass GitLab SSRF (CVE-2021-22214) CVE-2021-22214 11 Aug 2021 8.6 (v3) High Pass Nagios XI < 5.8.5 Multiple Vulnerabilities CVE-2021-33177 CVE-2021-33179 CVE-2021-36363 CVE-2021-36364 CVE-2021-36365 CVE-2021-36366 CVE-2021-37343 CVE-2021-37345 CVE-2021-37347 CVE-2021-37348 CVE-2021-37349 CVE-2021-37350 CVE-2021-37351 CVE-2021-3735224 Sep 2021 9.8 (v3) Critical Pass ManageEngine EventLog Analyzer < Build 12201 REST API Restriction Bypass RCE CVE-2021-40539 04 Oct 2021 9.8 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (January 2015 CPU) CVE-2014-6525 CVE-2014-6556 CVE-2014-6572 CVE-2014-6581 CVE-2014-6582 CVE-2014-6583 CVE-2015-0380 CVE-2015-0393 CVE-2015-0404 CVE-2015-041523 Jan 2015 6.4 (v2) Medium Pass Apache Log4Shell RCE detection via Path Enumeration (Direct Check HTTP) CVE-2021-44228 12 Dec 2021 10 (v3) Critical Pass Apache Log4Shell RCE detection via callback correlation (Direct Check IMAP) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass VMware Horizon Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028) CVE-2021-44228 07 Jan 2022 10 (v3) Critical Pass Cisco Small Business Wireless Access Point Web Detection 10 Jan 2022 None Pass Oracle E-Business Multiple Vulnerabilities (April 2015 CPU) CVE-2015-0447 CVE-2015-0504 CVE-2015-2565 16 Apr 2015 4.3 (v2) Medium Pass Atlassian Jira < 8.19.0 Broken Access Control (JRASERVER-72737) CVE-2021-39119 27 Jan 2022 5.3 (v3) Medium Pass Microsoft Windows 10 Version 20H2 Unsupported Version Detection 07 Jun 2022 10 (v3) Critical Pass Tenable Nessus 10.x < 10.1.1 / 8.x < 8.15.3 Third-Party Vulnerabilities (TNS-2022-05) CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-23852 CVE-2022-2399008 Feb 2022 9.8 (v3) Critical Pass Western Digital MyCloud Web Interface Detection 10 Jan 2018 None Pass Oracle GoldenGate Manager Version Detection 05 Jun 2017 None Pass Splunk Enterprise 8.1.x < 8.1.7.2 / 8.2.x < 8.2.3.3 Log4j CVE-2021-44228 CVE-2021-45046 25 Feb 2022 10 (v3) Critical Pass ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2022-0004) CVE-2021-22040 CVE-2021-22041 CVE-2021-22042 CVE-2021-22043 CVE-2021-22050 01 Mar 2022 7.8 (v3) High Pass Symantec pcAnywhere Default Accounts 17 Apr 2018 9.8 (v3) Critical Pass Huawei Versatile Routing Platform Version Detection 25 Jul 2014 None Pass Cisco Application Policy Infrastructure Controller Arbitrary File Read and Write (cisco-sa-capic-frw-Nt3RYxR2)CVE-2021-1577 10 Feb 2022 9.1 (v3) Critical Pass Cisco NX-OS Software MPLS OAM DoS (cisco-sa-nxos-mpls-oam-dos-sGO9x5GM) CVE-2021-1588 11 Feb 2022 8.6 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (April 2016 CPU) CVE-2016-0697 CVE-2016-3434 CVE-2016-3436 CVE-2016-3437 CVE-2016-3439 CVE-2016-3447 CVE-2016-3466 20 Apr 2016 9.1 (v3) Critical Pass Apache APISIX HTTP Detection 20 Apr 2022 None Pass GitLab < 14.3.6 / 14.4.x < 14.4.4 / 14.5.x < 14.5.2 Invalid Authorization CVE-2022-0549 14 Mar 2022 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11189) CVE-2021-0287 15 Mar 2022 6.5 (v3) Medium Pass SSL Certiﬁcate Signed Using Weak Hashing Algorithm (Known CA) CVE-2004-2761 08 Dec 2016 None Pass MySQL Enterprise Monitor (MEM) Web Detection 07 Jun 2010 None Pass Juniper Junos OS Buﬀer Overﬂow (JSA11142) CVE-2021-0249 24 May 2021 9.8 (v3) Critical Pass SSL Certiﬁcate Signed Using Weak Hashing Algorithm CVE-2004-2761 05 Jan 2009 7.5 (v3) High Pass mDNS Detection (Remote Network) 28 Apr 2004 5 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11164) CVE-2021-0273 15 Apr 2021 5.3 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11140) CVE-2021-0247 15 Apr 2021 5.5 (v3) Medium Pass IBM DB2 Unsupported Version Detection 26 Jul 2011 10 (v2) Critical Pass Cisco IOS XE Version 10 Jul 2013 None Pass IBM WebSphere Java Object Deserialization RCE CVE-2015-7450 02 Dec 2015 9.8 (v3) Critical Pass Nessus Unsupported Version Detection 16 Dec 2013 10 (v2) Critical Pass Apple iTunes < 12.11.3 Multiple Vulnerabilities (uncredentialed check) CVE-2020-7463 CVE-2021-1811 CVE-2021-1825 CVE-2021-1857 27 Apr 2021 6.5 (v3) Medium Pass Rockwell Automation MicroLogix 1400 PLC Default Credentials 20 Apr 2016 10 (v2) Critical Pass Cisco IOS XE Software IP Detail Record DoS (cisco-sa-20160928-ipdr) CVE-2016-6379 12 Nov 2019 7.5 (v3) High Pass Emerson SM-Ethernet Web Interface Default Credentials 01 Dec 2015 7.5 (v2) High Pass Cisco NX-OS Software IPv6 Netstack DoS (cisco-sa-nxos-ipv6-netstack-edXPGV7K) CVE-2021-1387 06 May 2021 8.6 (v3) High Pass Juniper Junos OS Information Disclosure (JSA11126) CVE-2021-0231 13 May 2021 6.5 (v3) Medium Pass Cisco Telepresence Management Suite Web Detection 10 Jul 2019 None Pass Cisco NX-OS Software IPv6 Access Control List Bypass (cisco-sa-ipv6-acl-CHgdYk8j) CVE-2021-1389 12 Feb 2021 6.5 (v3) Medium Pass FNET TCP/IP Stack - HTTP Detection 14 May 2021 None Pass Keil TCPnet TCP/IP Stack - HTTP Detection 14 May 2021 None Pass Sybase ASE Login Possible 16 Dec 2019 None Pass uIP/Contiki TCP/IP Stack - HTTP Detection 14 May 2021 None Pass Nut/Net TCP/IP Stack - HTTP Detection 14 May 2021 None Pass lwIP TCP/IP Stack - HTTP Detection 14 May 2021 None Pass emNet TCP/IP Stack - HTTP Detection 14 May 2021 None Pass Cisco Application Services Engine (ASE) Detection 14 May 2021 None Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access (cisco-sa-n9kaci-unauth-access-5PWzDx2w)CVE-2021-1228 11 May 2021 6.5 (v3) Medium Pass CMX-TCP/IP Stack - HTTP Detection 17 May 2021 None Pass NicheStack TCP/IP Stack - HTTP Detection 17 May 2021 None Pass emNet TCP/IP Stack - FTP Detection 18 May 2021 None Pass CMX-TCP/IP Stack - FTP Detection 18 May 2021 None Pass Keil TCPnet TCP/IP Stack - FTP Detection 18 May 2021 None Pass Juniper Junos OS DoS (JSA11131) CVE-2021-0236 20 May 2021 6.5 (v3) Medium Pass Juniper Junos OS DoS (JSA11125) CVE-2021-0230 20 May 2021 7.5 (v3) High Pass Cisco Web Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-gY2AEz2H) CVE-2021-1516 21 May 2021 6.5 (v3) Medium Pass Cisco Email Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-gY2AEz2H) CVE-2021-1516 21 May 2021 6.5 (v3) Medium Pass Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol DoS (cisco-sa-20180620-nxos-cdp)CVE-2018-0331 09 Jul 2020 6.5 (v3) Medium Pass iLO 3 < 1.65 / iLO 4 < 1.32 Multiple Vulnerabilities CVE-2013-4842 CVE-2013-4843 14 Feb 2019 6.1 (v3) Medium Pass Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution (cisco-sa-20180620-fxnxos-dos)CVE-2018-0303 09 Jul 2020 8.8 (v3) High Pass Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution (cisco-sa-20180620-fxnxos-dos)CVE-2018-0303 09 Jul 2020 8.8 (v3) High Pass Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol DoS (cisco-sa-20180620-nxos-cdp)CVE-2018-0331 09 Jul 2020 6.5 (v3) Medium Pass iLO 3 < 1.50 / iLO 4 < 1.13 Information Disclosure Vulnerability CVE-2012-3271 14 Feb 2019 7.5 (v3) High Pass Cisco NX-OS Software Role-Based Access Control Elevated Privileges (cisco-sa-20180620-nxosrbac) CVE-2018-0293 09 Jul 2020 8.8 (v3) High Pass iLO 3 < 1.85 / iLO 4 < 2.22 Denial of Service Vulnerability CVE-2015-5435 14 Feb 2019 5.3 (v3) Medium Pass CoDeSys Unprotected Gateway Service 11 Mar 2013 7.5 (v2) High Pass Cisco IOS XE Software Privilege Escalation (cisco-sa-XE-FSM-Yj8qJbJc) CVE-2021-1391 29 Mar 2021 6.7 (v3) Medium Pass Cisco IOS Software for Industrial Routers Virtual LPWA Unauthorized Access (cisco-sa-ios-lpwa-access-cXsD7PRA)CVE-2020-3426 02 Apr 2021 9.1 (v3) Critical Pass iLO 5 < 1.40 Cross Site Scripting (XSS) Vulnerability CVE-2018-7117 17 Apr 2019 6.1 (v3) Medium Pass iLO 3 < 1.90 / iLO 4 < 2.61 / iLO 5 < 1.35 Remote Code Execution Vulnerability (HPESBHF03866) CVE-2018-7105 27 Mar 2020 7.2 (v3) High Pass Cisco NX-OS Software CLI Arbitrary Command Execution (cisco-sa-20180620-nx-os-cli-execution) CVE-2018-0306 09 Jul 2020 7.8 (v3) High Pass OS Identiﬁcation : SSH 21 May 2007 None Pass iLO 4 < 2.60 / iLO 5 < 1.30 Multiple Vulnerabilities CVE-2018-7078 CVE-2018-7101 08 Feb 2019 7.2 (v3) High Pass HP iLO 4 <= 2.52 RCE CVE-2017-12542 28 Aug 2017 10 (v3) Critical Pass MySQL 8.0.x < 8.0.16 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU) CVE-2019-1559 CVE-2019-2566 CVE-2019-2580 CVE-2019-2581 CVE-2019-2584 CVE-2019-2585 CVE-2019-2587 CVE-2019-2589 CVE-2019-2592 CVE-2019-2593 CVE-2019-2596 CVE-2019-2606 CVE-2019-2607 CVE-2019-2614 CVE-2019-2617 CVE-2019-2620 CVE-2019-2623 CVE-2019-2624 CVE-2019-2625 CVE-2019-2626 CVE-2019-2627 CVE-2019-2628 CVE-2019-2630 CVE-2019-2631 CVE-2019-2632 CVE-2019-2634 CVE-2019-2635 CVE-2019-2636 CVE-2019-2644 CVE-2019-2681 CVE-2019-2683 CVE-2019-2685 CVE-2019-2686 CVE-2019-2687 CVE-2019-2688 CVE-2019-2689 CVE-2019-2691 CVE-2019-2693 CVE-2019-2694 CVE-2019-2695 CVE-2019-2755 CVE-2019-2798 CVE-2019-3822 CVE-2018-16890 CVE-2019-382318 Apr 2019 9.8 (v3) Critical Pass HSTS Missing From HTTPS Server (RFC 6797) 17 Nov 2020 6.5 (v3) Medium Pass Cisco Web Security Appliance XSS (cisco-sa-wsa-xss-mVjOWchB) CVE-2021-1490 13 May 2021 6.1 (v3) Medium Pass iLO 2 <= 2.23 Denial of Service Vulnerability CVE-2014-2601 18 Feb 2019 7.5 (v3) High Pass Cisco Firepower Threat Defense Software IP Fragment Memory Leak (cisco-sa-asaftd-frag-memleak-mCtqdP9n)CVE-2020-3373 24 May 2021 8.6 (v3) High Pass Schneider Electric C-Gate Detection 26 May 2021 None Pass Juniper Junos OS Multiple DoS Vulnerabilities (JSA11167) CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 26 May 2021 7.5 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation DoS (cisco-sa-n9kaci-bgp-De9dPKSK)CVE-2021-1230 26 May 2021 7.5 (v3) High Pass Nagios XI < 5.7.5 Multiple Vulnerabilities CVE-2020-28648 CVE-2020-28906 28 May 2021 8.8 (v3) High Pass Nagios XI < 5.7 Code Injection CVE-2021-3273 28 May 2021 7.2 (v3) High Pass Nagios XI < 5.8 Privilege Escalatioon CVE-2020-28910 28 May 2021 9.8 (v3) Critical Pass EMC RSA Archer < 6.6.0.6 and < 6.7.0.3 authorization bypass CVE-2020-5333 21 Aug 2020 4.3 (v3) Medium Pass EMC RSA Archer < 6.5.0.7, < 6.6.0.6 and < 6.7.0.1 Multiple Vulnerabilities CVE-2020-5336 CVE-2020-5337 21 Aug 2020 6.1 (v3) Medium Pass EMC RSA Archer < 6.7.0.3 Multiple Vulnerabilities CVE-2020-5331 CVE-2020-5332 08 May 2020 7.2 (v3) High Pass EMC RSA Archer < 6.5.0.7, < 6.6.0.6 and < 6.7.0.2 Multiple Vulnerabilities CVE-2020-5334 CVE-2020-5335 21 Aug 2020 8.8 (v3) High Pass EMC RSA Archer 6.8 < 6.8.0.4 / 6.9 < 6.9.0.1 URL Injection CVE-2020-26884 02 Dec 2020 6.1 (v3) Medium Pass VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0004) (Heartbleed) CVE-2014-0076 CVE-2014-0160 30 Dec 2015 7.5 (v3) High 37

Pass Oracle E-Business Multiple Vulnerabilities (July 2015 CPU) CVE-2014-3571 CVE-2015-1926 CVE-2015-2610 CVE-2015-2615 CVE-2015-2618 CVE-2015-2630 CVE-2015-2645 CVE-2015-2652 CVE-2015-4728 CVE-2015-4739 CVE-2015-4741 CVE-2015-4743 CVE-2015-476515 Jul 2015 5.5 (v2) Medium Pass Oracle E-Business Multiple Vulnerabilities (October 2015 CPU) CVE-2015-4762 CVE-2015-4798 CVE-2015-4839 CVE-2015-4845 CVE-2015-4846 CVE-2015-4849 CVE-2015-4851 CVE-2015-4854 CVE-2015-4865 CVE-2015-4884 CVE-2015-4886 CVE-2015-489821 Oct 2015 10 (v2) Critical Pass Oracle E-Business Multiple Vulnerabilities (October 2016 CPU) CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 CVE-2016-5489 CVE-2016-5517 CVE-2016-5532 CVE-2016-5557 CVE-2016-5562 CVE-2016-5567 CVE-2016-5570 CVE-2016-5571 CVE-2016-5575 CVE-2016-5581 CVE-2016-5583 CVE-2016-5585 CVE-2016-5586 CVE-2016-5587 CVE-2016-5589 CVE-2016-5591 CVE-2016-5592 CVE-2016-5593 CVE-2016-5595 CVE-2016-559620 Oct 2016 8.2 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (July 2018 CPU) CVE-2018-2934 CVE-2018-2953 CVE-2018-2988 CVE-2018-2991 CVE-2018-2993 CVE-2018-2994 CVE-2018-2995 CVE-2018-2996 CVE-2018-2997 CVE-2018-3008 CVE-2018-3012 CVE-2018-3017 CVE-2018-301820 Jul 2018 8.2 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (Jan 2019 CPU) CVE-2019-2396 CVE-2019-2400 CVE-2019-2440 CVE-2019-2445 CVE-2019-2447 CVE-2019-2453 CVE-2019-2470 CVE-2019-2485 CVE-2019-2488 CVE-2019-2489 CVE-2019-2491 CVE-2019-2492 CVE-2019-2496 CVE-2019-2497 CVE-2019-2498 CVE-2019-254618 Jan 2019 9.1 (v3) Critical Pass DNP3 Outstation Unsolicited Messaging Support 11 Dec 2006 5 (v2) Medium Pass Juniper Junos OS Spooﬁng (JSA11240) CVE-2021-31375 25 Mar 2022 5.3 (v3) Medium Pass ArubaOS-CX < 10.04.2000 Memory Corruption (ARUBA-PSA-2020-009) CVE-2020-7122 01 Jun 2021 7.5 (v3) High Pass ArubaOS-CX < 10.04.3031 Memory Corruption (ARUBA-PSA-2020-009) CVE-2020-7121 01 Jun 2021 7.5 (v3) High Pass Sybase EAServer 6.3.1 < 6.3.1.07 Build 63107 / 6.2 < 6.2.0.12 Build 62012 Multiple Vulnerabilities 27 Jun 2013 10 (v2) Critical Pass Multiple Web Server Encoded Space (%20) Request ASP Source Disclosure CVE-2001-1248 CVE-2007-3407 14 Aug 2002 5.3 (v3) Medium Pass Cisco Email Security Appliance MP3 Content Filter Bypass (cisco-sa-20191120-esa-mp3-bypass) CVE-2019-15971 29 Jul 2020 4.3 (v3) Medium Pass Sybase EAServer XML External Entity (XXE) Arbitrary File Disclosure 31 Jul 2013 7.8 (v2) High Pass CA iTechnology iGateway Service Content-Length Buﬀer Overﬂow CVE-2005-3653 24 Jan 2006 10 (v2) Critical Pass Cisco UCS Director Authentication Bypass (cisco-sa-20190821-imcs-ucs-authby) CVE-2019-1937 26 Aug 2019 9.8 (v3) Critical Pass Adobe Connect < 11.0.5 XSS (ASPB20-69) CVE-2020-24442 CVE-2020-24443 12 Nov 2020 6.1 (v3) Medium Pass ManageEngine Desktop Central 10 < Build 100282 Remote Privilege Escalation CVE-2018-13411 CVE-2018-13412 21 Sep 2018 8.8 (v3) High Pass ManageEngine Desktop Central < 10 Build 10.0.533 Integer Overﬂow CVE-2020-15588 06 Aug 2020 9.8 (v3) Critical Pass ISC BIND Zone Update Vulnerability (cve-2020-8624) CVE-2020-8624 27 Aug 2020 4.3 (v3) Medium Pass ISC BIND 9.x < 9.11.22, 9.12.x < 9.16.6, 9.17.x < 9.17.4 DoS CVE-2020-8622 27 Aug 2020 6.5 (v3) Medium Pass Juniper Junos BGP DoS (JSA11024) CVE-2020-1640 10 Sep 2020 7.5 (v3) High Pass Cisco UCS Director Authentication Bypass (cisco-sa-20190821-imcs-ucs-authbypass) CVE-2019-1974 09 Jun 2020 9.8 (v3) Critical Pass Juniper Junos MX Series PFE Large Packet DoS (JSA11041) CVE-2020-1655 24 Jul 2020 5.3 (v3) Medium Pass Juniper Junos Denial of Service (DoS) JSA11030 CVE-2020-1643 17 Jul 2020 5.5 (v3) Medium Pass Juniper Junos RPD Crash DoS (JSA11032) CVE-2020-1644 24 Jul 2020 7.5 (v3) High Pass Juniper Junos Kernel Crash (vmcore) or FPC Crash (JSA11040) CVE-2020-1653 24 Jul 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.19 / 8.0.x < 8.0.12 / 8.1.x < 8.1.3 Vulnerability CVE-2019-1579 19 Jul 2019 8.1 (v3) High Pass Cisco Email Security Appliance URL Filtering Bypass (cisco-sa-esa-url-bypass-zZtugtg3) CVE-2020-3568 09 Oct 2020 5.8 (v3) Medium Pass Juniper Junos MX/EX9200 Series: DDoS Vulnerability (JSA11062) CVE-2020-1665 23 Oct 2020 5.3 (v3) Medium Pass Juniper Junos SNMP DoS (JSA11080) CVE-2020-1683 23 Oct 2020 7.5 (v3) High Pass Juniper Junos NFX350 Series Readable Password Hashes Vulnerability (JSA11066) CVE-2020-1669 22 Oct 2020 6.3 (v3) Medium Pass Juniper Junos OS PTX/QFX Series: Unexpected Packet Forwarding Vulnerability (JSA11076) CVE-2020-1679 23 Oct 2020 7.5 (v3) High Pass Juniper Junos OS SRX Series: High CPU Load Utilization Vulnerability (JSA11081) CVE-2020-1684 23 Oct 2020 7.5 (v3) High Pass IBM MQ 8.0 < 8.0.0.15 / 8.1 < 8.1.0.5 HPE/ 9.1 < 9.1.0.5 LTS / 9.1 < 9.2 CD DoS CVE-2020-4376 02 Sep 2020 6.5 (v3) Medium Pass Juniper Junos OS Privilege Escalation (JSA11237) CVE-2021-31372 29 Mar 2022 8.8 (v3) High Pass Juniper Junos OS DoS (JSA11239) CVE-2021-31374 29 Mar 2022 7.5 (v3) High Pass Oracle Containers for J2EE Detection 21 May 2014 None Pass Juniper JSA11147 CVE-2021-0254 13 May 2021 9.8 (v3) Critical Pass Cisco TANDBERG MXP < 9.0 SNMP Packet Handling DoS 10 Sep 2013 7.8 (v2) High Pass Cisco Email Security Appliance Zip Content Filter Bypass (cisco-sa-esa-zip-bypass-gbU4gtTg) CVE-2020-26082 21 May 2021 5.8 (v3) Medium Pass Nagios Fusion < 4.1.9 Multiple Vulnerabilities CVE-2020-28900 CVE-2020-28901 CVE-2020-28902 CVE-2020-28903 CVE-2020-28904 CVE-2020-28905 CVE-2020-28906 CVE-2020-28907 CVE-2020-28908 CVE-2020-28909 CVE-2020-2891128 May 2021 9.8 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (July 2017 CPU) (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6305 CVE-2016-6306 CVE-2016-6307 CVE-2016-6308 CVE-2016-6309 CVE-2016-7052 CVE-2017-3562 CVE-2017-10112 CVE-2017-10113 CVE-2017-10130 CVE-2017-10143 CVE-2017-10144 CVE-2017-10170 CVE-2017-10171 CVE-2017-10174 CVE-2017-10175 CVE-2017-10177 CVE-2017-10179 CVE-2017-10180 CVE-2017-10184 CVE-2017-10185 CVE-2017-10186 CVE-2017-10191 CVE-2017-10192 CVE-2017-10244 CVE-2017-10245 CVE-2017-1024620 Jul 2017 9.8 (v3) Critical Pass ArubaOS-Switch 16.08 < 16.08.0009 / 16.09 < 16.09.0007 / 16.10 < 16.10.0003 (ARUBA-PSA-2020-001) CVE-2019-5322 01 Jun 2021 7.5 (v3) High Pass ManageEngine SupportCenter Plus < 7.9 Build 7917 attach Parameter Directory Traversal 03 Feb 2014 7.7 (v3) High Pass CockroachDB 19.2 < 19.2.12 / 20.1 < 20.1.11 / 20.2 < 20.2.4 DoS (A58932) CVE-2021-3121 04 Apr 2022 8.6 (v3) High Pass Juniper Junos OS Blocking Unexpected Traﬃc (JSA11095) CVE-2021-0205 02 Jun 2021 5.8 (v3) Medium Pass Symantec Messaging Gateway 9.5.x Multiple Vulnerabilities (SYM12-018) 27 Nov 2012 4.3 (v2) Medium Pass nginx ngx_http_proxy_module.c Memory Disclosure CVE-2013-2070 29 May 2013 6.5 (v3) Medium Pass Juniper Junos OS Privilege Escalation in J-Web (JSA11100) CVE-2021-0210 04 Feb 2021 6.8 (v3) Medium Pass Pivotal RabbitMQ Management Plugin 3.4.x / 3.5.x / 3.6.x < 3.6.9 Multiple Vulnerabilities CVE-2017-4965 CVE-2017-4966 CVE-2017-4967 19 May 2017 6.1 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.6 Directory TCVE-2021-20354raversal (CVE-2021-20354) 25 Feb 2021 7.5 (v3) High Pass Cisco Content Security Management Appliance Information Disclosure (cisco-sa-esa-sma-info-disclo-VOu2GHbZ)CVE-2021-1425 05 Mar 2021 4.3 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.13 / 9.0.x < 9.0.7 RCE CVE-2020-1990 16 Apr 2020 7.2 (v3) High Pass Cisco Email Security Appliance Information Disclosure (cisco-sa-esa-sma-info-disclo-VOu2GHbZ) (deprecated)CVE-2021-1425 05 Mar 2021 4.3 (v3) Medium Pass Artifactory Detect 12 Mar 2014 None Pass Cisco IOS XE Software Denial of Service (cisco-sa-ewlc-dos-AnvKvMxR) CVE-2020-3206 18 Jun 2020 4.7 (v3) Medium Pass OS Security Patch Assessment Checks Not Supported 26 Jun 2018 None Pass Trend Micro SafeSync for Enterprise (SSFE) Detection 05 Jun 2017 None Pass Kibana Detection 21 May 2018 None Pass ManageEngine SupportCenter Plus < 7.9 Build 7905 Multiple Vulnerabilities 03 May 2012 7.4 (v3) High Pass MacOS root Authentication Bypass Direct check over VNC Server (unauthenticated) 30 Nov 2017 9.8 (v3) Critical Pass CoDeSys Unauthenticated Command-line Access CVE-2012-6068 02 Nov 2012 9.8 (v3) Critical Pass nginx < 1.0.14 / 1.1.17 HTTP Header Response Memory Disclosure CVE-2012-1180 21 Mar 2012 5.3 (v3) Medium Pass Apache Druid Detection 30 Mar 2021 None Pass nginx HTTP Request Multiple Vulnerabilities CVE-2009-2629 CVE-2009-3896 24 Sep 2009 7.3 (v3) High Pass HP OﬃceJet Printer Detection 02 Jun 2014 None Noise SYN Scanner 04 Feb 2009 None Pass Adobe Connect <11.2.2 Privilege Escalation (ASPB21-36) CVE-2021-28579 10 Jun 2021 4.3 (v3) Medium Pass Oracle Database Unsupported Version Detection 09 Aug 2011 10 (v2) Critical Pass DTLS Service Detection 14 Sep 2020 None Pass Adobe Experience Manager 6.3 < 6.4.8.4 / 6.5 < 6.5.8.0 Multiple Vulnerabilities (APSB21-15) CVE-2021-21083 CVE-2021-21084 12 May 2021 6.1 (v3) Medium Pass Citrix SD-WAN Center 10.2.x < 10.2.8 / 11.1.x < 11.1.2b / 11.2.x < 11.2.2 Multiple Vulnerabilities (CTX285061)CVE-2020-8271 CVE-2020-8272 CVE-2020-8273 13 Nov 2020 9.8 (v3) Critical Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M6 vulnerability CVE-2020-11996 21 Jun 2021 7.5 (v3) High Pass VMware vCenter Server 6.5 / 6.7 Session Hijack (VMSA-2020-0023) CVE-2020-3994 24 Jun 2021 7.4 (v3) High Pass ArubaOS-Switch Multiple Vulnerabilities (ARUBA-PSA-2020-007) CVE-2019-5320 CVE-2019-5321 24 Jun 2021 8.8 (v3) High Pass Apache on Windows mod_alias URL Validation Canonicalization CGI Source Information Disclosure CVE-2006-4110 18 Nov 2011 5.6 (v3) Medium Pass Cisco IOS XE Software Web UI Privilege Escalation Vulnerability CVE-2017-12230 02 Oct 2017 8.8 (v3) High Pass Cisco IOS XE Software HTTP DoS Vulnerability (cisco-sa-20180926-webdos) CVE-2018-0470 05 Oct 2018 8.6 (v3) High Pass Cisco Application Services Engine Unauthorized Access Vulnerabilities (cisco-sa-case-mvuln-dYrDPC6w) CVE-2021-1393 CVE-2021-1396 28 Jun 2021 9.8 (v3) Critical Pass VMware Carbon Black App Control Web Console Detection 29 Jun 2021 None Pass Easy WP SMTP Plugin for WordPress < 1.4.4 Sensitive Information Disclosure 30 Jun 2021 7.4 (v3) High Pass IBM Spectrum Protect Plus OpenSSH Remote Command Injection CVE-2020-15778 30 Jun 2021 7.8 (v3) High Pass Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability CVE-2018-0151 29 Mar 2018 9.8 (v3) Critical Pass Cisco IOS XE Software Linux Kernel IP Fragment DoS (cisco-sa-20180824-linux-ip-fragment) CVE-2018-5391 29 Mar 2019 7.5 (v3) High Pass Cisco IOS XE Software Link Layer Discovery Protocol Buﬀer Overﬂow Vulnerabilities (cisco-sa-20180328-lldp)CVE-2018-0167 CVE-2018-0175 06 Apr 2018 8.8 (v3) High Pass Cisco IOS XE Software IP Fragment Reassembly DoS (cisco-sa-20160928-frag) CVE-2016-6386 14 Nov 2019 7.5 (v3) High Pass Tenable Nessus 8.x.x < 8.14.0 Privilege Escalation (TNS-2021-07) CVE-2021-20079 05 May 2021 6.7 (v3) Medium Pass ArubaOS-Switch Memory Corruption Vulnerability (ARUBA-PSA-2021-003) CVE-2020-27337 14 Jun 2021 7.3 (v3) High Pass ArubaOS-CX < 10.3.0001 (ARUBA-PSA-2020-010) CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 31 May 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11119) CVE-2021-0224 15 Apr 2021 6.5 (v3) Medium Pass Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass (cisco-sa-mso-authbyp-bb5GmBQv)CVE-2021-1388 28 Jun 2021 10 (v3) Critical Pass Cisco IOS XE Software SD WAN Arbitrary Command Execution (cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3)CVE-2021-1432 06 Jul 2021 7.3 (v3) High Pass GitLab < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.9.2 Multiple Vulnerabilities CVE-2022-1099 CVE-2022-1120 CVE-2022-1121 CVE-2022-1157 18 Apr 2022 6.5 (v3) Medium Pass GitLab 12.2.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Information Disclosure CVE-2022-1189 18 Apr 2022 4.3 (v3) Medium Pass GitLab 13.7.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 DoS CVE-2022-1174 18 Apr 2022 7.5 (v3) High Pass Netscape NSS Library SSLv2 Challenge Overﬂow CVE-2004-0826 24 Aug 2004 7.5 (v2) High Pass Cisco Integrated Management Controller Username Enumeration (cisco-sa-cimc-enum-CyheP3B7) CVE-2020-26062 09 Jul 2021 5.3 (v3) Medium Pass GitLab 13.1.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 DoS CVE-2022-1100 18 Apr 2022 4.3 (v3) Medium Pass GitLab 12.1.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 SSRF CVE-2022-1188 18 Apr 2022 5.3 (v3) Medium Pass GitLab 7.8.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Improper Authorization CVE-2022-0740 18 Apr 2022 4.3 (v3) Medium Pass GitLab 10.7.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Improper Access Control CVE-2022-1193 18 Apr 2022 4.3 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11194) (deprecated) 14 Jul 2021 7.5 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port DoS (cisco-sa-apic-lldap-dos-WCVE-2021-1231erV9CFj) 07 Jul 2021 4.7 (v3) Medium Pass Apache Shiro HTTP Detection 18 Apr 2022 None Pass Cisco Small Business Routers RV016, RV042, RV042G, and RV082 Arbitrary Command Execution (cisco-sa-20191106-sbrv-cmd-x)CVE-2019-15271 08 Jul 2021 8.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11208) 14 Jul 2021 7.5 (v3) High Pass Siemens SCALANCE X-200 Authentication Bypass CVE-2013-5944 21 Oct 2013 10 (v2) Critical Pass Apache APISIX 1.2 <= 1.5 Information Disclosure CVE-2020-13945 20 Apr 2022 6.5 (v3) Medium Pass ForgeRock Access Management Detection 02 Jul 2021 None Pass GitLab 12.10.0 < 14.2.6 / 13.0.0 < 14.3.4 / 13.1.0 < 14.4.1 Improper Access Control CVE-2021-39904 20 Apr 2022 4.3 (v3) Medium Pass GitLab 13.7.0 < 14.2.6 / 13.8.0 < 14.3.4 / 13.9.0 < 14.4.1 Information Disclosure CVE-2021-39911 20 Apr 2022 4.3 (v3) Medium Pass GitLab 11.9.x < 13.8.8 / 13.9.0 < 13.9.6 / 13.10.0 < 13.10.3 Remote Code Execution CVE-2021-22205 20 Apr 2022 10 (v3) Critical 38

Pass Linux/Cdorked.A Backdoor 13 May 2013 10 (v2) Critical Pass GitLab 0.8.0 < 14.4.1 Code Injection CVE-2021-39908 20 Apr 2022 7.5 (v3) High Pass GitLab 13.7.0 < 14.2.6 / 14.3.0 < 14.3.4 / 14.4.0 < 14.4.1 Denial of Service CVE-2021-39912 20 Apr 2022 5.3 (v3) Medium Pass GitLab 13.7.0 < 14.2.6 / 14.3.0 < 14.3.4 / 14.4.0 < 14.4.1 Denial Of Service CVE-2021-39907 20 Apr 2022 5.3 (v3) Medium Pass Cisco Web Security Appliance Privilege Escalation (cisco-sa-scr-web-priv-esc-k3HCGJZ) CVE-2021-1359 15 Jul 2021 8.8 (v3) High Pass StruxureWare SCADA Expert ClearSCADA Remote Security Bypass CVE-2014-5412 05 Jan 2015 5 (v2) Medium Pass HPE Edgeline Infrastructure Manager Detection 24 Feb 2021 None Pass SolarWinds Orion Web Performance Monitor (WPM) Remote Detection 01 Mar 2021 None Pass Apache Tomcat 9.0.0.M1 < 9.0.43 Multiple Vulnerabilities CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 05 Mar 2021 7.5 (v3) High Pass Symantec Veritas Enterprise Administrator Service (vxsvc) Multiple Integer Overﬂows CVE-2011-0547 20 Sep 2011 10 (v2) Critical Pass PRTG Network Monitor < 20.1.57.1745 Information Disclosure (direct check) CVE-2020-11547 04 Mar 2021 5.3 (v3) Medium Pass Atlassian Bitbucket Detection 28 Jun 2018 None Pass Oracle WebLogic IIOP JNDI Lookup RCE Direct Check CVE-2020-2551 15 Jul 2020 9.8 (v3) Critical Pass JBoss Remoting Detection 31 Jan 2019 None Pass Samhain SRP Protocol Implementation Authentication Bypass CVE-2009-4810 17 Mar 2009 5.8 (v2) Medium Pass DNP3 Link Layer Brute Force Addressing Disclosure 11 Dec 2006 5 (v2) Medium Pass DrayTek Vigor Detection 22 Oct 2020 None Pass OS Security Patch Assessment Failed 23 Jun 2006 None Pass Cisco IOS SYNful Knock Implant 25 Sep 2015 10 (v2) Critical Pass Janitza Multiple UMG Devices Remote Debug Interface RCE CVE-2015-3971 13 Jan 2016 7.3 (v3) High Pass Skype Stack Version Detection 11 Apr 2006 None Pass GitLab 12.0 < 14.3.6 / 14.4.0 < 14.4.4 / 14.5.0 < 14.5.2 DoS CVE-2021-39942 20 Apr 2022 6.5 (v3) Medium Pass GitLab 8.4 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.3 Incorrect Port Validation CVE-2021-39927 20 Apr 2022 4.3 (v3) Medium Pass GitLab 12.10 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 DoS CVE-2022-0151 20 Apr 2022 4.9 (v3) Medium Pass ProRat Detection 04 May 2016 10 (v2) Critical Pass GitLab 13.10 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 Unauthorized Access CVE-2022-0152 20 Apr 2022 6.5 (v3) Medium Pass GitLab 13.2 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 IP Restriction Bypass CVE-2022-0172 20 Apr 2022 6.5 (v3) Medium Pass WordPress Plugin LearnDash Detection 04 May 2020 None Pass GitLab < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.1 Expired Credentials CVE-2022-0093 20 Apr 2022 4.3 (v3) Medium Pass Cisco UCS Director Detection 31 Oct 2014 None Pass Cisco ADE-OS Prime Collaboration Provisioning Detection 29 Sep 2015 None Pass GitLab < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.1 Bad Input Validation CVE-2022-0124 20 Apr 2022 4.3 (v3) Medium Pass GitLab 7.7.x < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 CSRF CVE-2022-0154 20 Apr 2022 8 (v3) High Pass Cogent DataHub < 6.4.3 OPC Client Reconnection Saturation Remote DoS 15 Jun 2016 5 (v2) Medium Pass HP LoadRunner 11.52 Buﬀer Overﬂow RCE (uncredentialed check) CVE-2015-2110 04 Jun 2015 10 (v2) Critical Pass CoDeSys Authentication Bypass Directory Traversal CVE-2012-6068 CVE-2012-6069 02 Nov 2012 10 (v2) Critical Pass Siemens SIMATIC S7-1200 PLC < 4.1.3 XSRF CVE-2015-5698 08 Sep 2015 7.5 (v2) High Pass Solaris XDR RPC Request Handling RCE (April 2017 CPU) (EBBISLAND / EBBSHAVE) CVE-2017-3623 28 Sep 2017 10 (v3) Critical Pass Citrix SD-WAN Detection 25 Jan 2019 None Pass StruxureWare SCADA Expert ClearSCADA Weak Hashing Algorithm CVE-2014-5413 28 Jan 2015 5 (v2) Medium Pass Schneider Electric Accutech Manager 'RFManagerService' SQL Injection 15 Nov 2013 10 (v2) Critical Pass IGSS Data Server Directory Traversal Arbitrary File Access CVE-2011-1565 24 Mar 2011 5 (v2) Medium Pass Schneider Electric InduSoft Web Studio / InTouch Machine Edition < 8.1 RCE CVE-2017-14024 22 Jan 2018 9.8 (v3) Critical Pass AVEVA InduSoft Web Studio / InTouch Edge HMI Command 66 RCE CVE-2019-6543 CVE-2019-6545 14 Feb 2019 9.8 (v3) Critical Pass Cisco IOS XE Software NETCONF Over SSH DoS (cisco-sa-ncossh-dos-ZAkfOdq8) CVE-2022-20692 21 Apr 2022 6.5 (v3) Medium Pass Juniper Junos OS DoS (JSA69493) CVE-2022-22185 22 Apr 2022 7.5 (v3) High Pass Oracle E-Business Suite (Apr 2022 CPU) CVE-2022-21468 CVE-2022-21477 22 Apr 2022 6.1 (v3) Medium Pass Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities (cisco-sa-cdb-cmicrCVE-2022-20661 CVE-2022-20731-vulns-KJjFtNb) 22 Apr 2022 6.8 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA69519) CVE-2022-22182 22 Apr 2022 6.1 (v3) Medium Pass Apache APISIX < 2.10.4 / 2.11.x < 2.12.1 RCE CVE-2022-24112 26 Apr 2022 9.8 (v3) Critical Pass WSO2 Multiple Products File Upload Remote Command Execution (CVE-2022-29464) CVE-2022-29464 26 Apr 2022 9.8 (v3) Critical Pass Advantech WebAccess Webeye ActiveX Control Stack Based Buﬀer Overﬂow Vulnerability CVE-2014-8388 12 Mar 2015 7.2 (v2) High Pass Cisco Uniﬁed Communications Products XSS (cisco-sa-cucm-xss-6MCe4kPF) CVE-2022-20788 27 Apr 2022 6.1 (v3) Medium Pass Apache APISIX Dashboard < 2.10.1 Authentication Bypass CVE-2021-45232 28 Apr 2022 9.8 (v3) Critical Pass Cisco Uniﬁed Communications Products Arbitrary File Write (cisco-sa-cucm-arb-write-74QzruUU) CVE-2022-20789 29 Apr 2022 6.5 (v3) Medium Pass Cisco Uniﬁed Communications Products Arbitrary File Read (cisco-sa-ucm-ﬁle-read-h8h4HEJ3) CVE-2022-20790 29 Apr 2022 6.5 (v3) Medium Pass Cisco Adaptive Security Appliance Software Software WebVPN Portal Access Rule Bypass (cisco-sa-asaftd-rule-bypass-P73ABNWQ)CVE-2020-3578 02 May 2022 6.5 (v3) Medium Pass Cisco Firepower Threat Defense Software WebVPN Portal Access Rule Bypass Vulnerability Vulnerability (cisco-sa-asaftd-rule-bypass-P73ABNWQ)CVE-2020-3578 02 May 2022 6.5 (v3) Medium Pass McAfee Web Gateway Detection 21 Mar 2014 None Pass Juniper Junos OS Vulnerability (JSA11190) 14 Jul 2021 7.5 (v3) High Pass OpenSSL 3.0.0 < 3.0.3 Multiple Vulnerabilities CVE-2022-1292 CVE-2022-1343 CVE-2022-1434 CVE-2022-1473 03 May 2022 9.8 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11182) 14 Jul 2021 8.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11192) 14 Jul 2021 6.2 (v3) Medium Pass Juniper Junos OS Multiple Vulnerabilities (JSA11200) CVE-2021-0283 CVE-2021-0284 14 Jul 2021 7.5 (v3) High Pass Visualware MyConnection Server Remote Agent Default Password 02 Apr 2015 7.5 (v2) High Pass Dell OpenManage Server Administrator Authentication Bypass (DSA-2021-040) CVE-2021-21513 20 Apr 2021 9.8 (v3) Critical Pass SCADA Engine BACnet OPC Server < 2.1.371.24 Multiple Vulnerabilities CVE-2015-0979 CVE-2015-0980 CVE-2015-0981 09 Apr 2015 9 (v2) High Pass QNAP Photo Station WebUI Detection 03 Oct 2018 None Pass Open Access Management Detection 29 Jul 2021 None Pass Grandstream Networks UCM6200 Series SQLi (Phone Web UI) CVE-2020-5722 05 May 2022 9.8 (v3) Critical Pass Grandstream Networks UCM6200 Series SQLi (SIP) CVE-2020-5722 05 May 2022 9.8 (v3) Critical Pass Java JMX Agent Insecure Conﬁguration 10 Oct 2018 7.3 (v3) High Pass ManageEngine SharePoint Manager Plus < 4329 Multiple Vulnerabilities CVE-2022-24305 CVE-2022-24306 05 May 2022 9.8 (v3) Critical Pass Serv-U FTP Server <= 15.2.3 Hotﬁx 1 Memory Escape Vulnerability CVE-2021-35211 15 Jul 2021 10 (v3) Critical Pass Atlassian Jira < 7.2.15 OAuth Plugin IconUriServlet Internal Network Resource Disclosure CSRF CVE-2017-9506 28 Jun 2018 6.1 (v3) Medium Pass Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.23 Content-Length HTTP Request Smuggling CVE-2005-2090 18 Nov 2011 5.3 (v3) Medium Pass Atlassian Crowd < 2.11.2 OAuth Plugin IconUriServlet Internal Network Resource Disclosure CSRF CVE-2017-9506 28 Jun 2018 6.1 (v3) Medium Pass Apache Tomcat RequestDispatcher Directory Traversal Arbitrary File Access CVE-2008-5515 18 Jun 2009 5.3 (v3) Medium Pass Atlassian Bitbucket < 4.14.4 OAuth Plugin IconUriServlet Internal Network Resource Disclosure CSRF CVE-2017-9506 28 Jun 2018 6.1 (v3) Medium Pass Kubernetes unprivileged API access 28 Jun 2018 8.8 (v3) High Pass Apache Tomcat 5.x < 5.5.21 Multiple Vulnerabilities CVE-2007-1358 CVE-2008-0128 CVE-2008-4308 11 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat 6.x < 6.0.9 Information Disclosure CVE-2008-0128 11 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat 4.x < 4.1.37 Multiple Vulnerabilities CVE-2005-3164 CVE-2007-1355 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3383 CVE-2007-3385 CVE-2007-5333 CVE-2007-546116 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat < 6.0.18 Multiple Vulnerabilities CVE-2008-1232 CVE-2008-1947 CVE-2008-2370 01 Jul 2010 5.3 (v3) Medium Pass Cisco IOS Version 27 Jul 2010 None Pass Apache Tomcat 6.0.x < 6.0.30 Multiple Vulnerabilities CVE-2010-3718 CVE-2010-4172 CVE-2010-4312 CVE-2011-0013 14 Feb 2011 6.5 (v3) Medium Pass Apache Tomcat 7.x < 7.0.6 Manager Interface XSS CVE-2011-0013 14 Feb 2011 5.3 (v3) Medium Pass Apache Tomcat 7.0.12 / 7.0.13 Security Constraint Bypass CVE-2011-1582 18 May 2011 5.6 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (July 2011 CPU) CVE-2011-0811 CVE-2011-0816 CVE-2011-0822 CVE-2011-0830 CVE-2011-0831 CVE-2011-0832 CVE-2011-0835 CVE-2011-0838 CVE-2011-0848 CVE-2011-0852 CVE-2011-0870 CVE-2011-0875 CVE-2011-0876 CVE-2011-0877 CVE-2011-0879 CVE-2011-0880 CVE-2011-0881 CVE-2011-0882 CVE-2011-2230 CVE-2011-2231 CVE-2011-2232 CVE-2011-2238 CVE-2011-2239 CVE-2011-2240 CVE-2011-2242 CVE-2011-2243 CVE-2011-2244 CVE-2011-2248 CVE-2011-2253 CVE-2011-225720 Jul 2011 7.1 (v2) High Pass Oracle Database Multiple Vulnerabilities (October 2005 CPU) CVE-2005-3202 CVE-2005-3203 CVE-2005-3204 CVE-2005-3205 CVE-2005-3206 CVE-2005-3207 16 Nov 2011 6.8 (v2) Medium Pass Oracle Database Multiple Vulnerabilities (July 2006 CPU) CVE-2006-3698 CVE-2006-3699 CVE-2006-3700 CVE-2006-3701 CVE-2006-3702 CVE-2006-3703 CVE-2006-3704 CVE-2006-3705 16 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (October 2006 CPU) CVE-2006-5332 CVE-2006-5333 CVE-2006-5334 CVE-2006-5335 CVE-2006-5336 CVE-2006-5337 CVE-2006-5338 CVE-2006-5339 CVE-2006-5340 CVE-2006-5341 CVE-2006-5342 CVE-2006-5343 CVE-2006-5344 CVE-2006-534516 Nov 2011 8.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2007 CPU) CVE-2007-0268 CVE-2007-0269 CVE-2007-0270 CVE-2007-0271 CVE-2007-0272 CVE-2007-0273 CVE-2007-0274 CVE-2007-0275 CVE-2007-0276 CVE-2007-0277 CVE-2007-027816 Nov 2011 8.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (July 2007 CPU) CVE-2007-3853 CVE-2007-3854 CVE-2007-3855 CVE-2007-3856 CVE-2007-3857 CVE-2007-3858 CVE-2007-3859 16 Nov 2011 9 (v2) High Pass Oracle Database Multiple Vulnerabilities (July 2008 CPU) CVE-2008-2587 CVE-2008-2590 CVE-2008-2591 CVE-2008-2592 CVE-2008-2600 CVE-2008-2602 CVE-2008-2603 CVE-2008-2604 CVE-2008-2605 CVE-2008-2607 CVE-2008-2608 CVE-2008-2611 CVE-2008-261316 Nov 2011 6.5 (v2) Medium Pass Oracle Database Multiple Vulnerabilities (October 2008 CPU) CVE-2008-2624 CVE-2008-2625 CVE-2008-3976 CVE-2008-3980 CVE-2008-3982 CVE-2008-3983 CVE-2008-3984 CVE-2008-3989 CVE-2008-3990 CVE-2008-3991 CVE-2008-3992 CVE-2008-3994 CVE-2008-3995 CVE-2008-3996 CVE-2008-400516 Nov 2011 6.5 (v2) Medium Pass Oracle Database Multiple Vulnerabilities (January 2009 CPU) CVE-2008-3973 CVE-2008-3974 CVE-2008-3978 CVE-2008-3979 CVE-2008-3997 CVE-2008-3999 CVE-2008-4015 CVE-2008-5436 CVE-2008-5437 CVE-2008-543916 Nov 2011 6.5 (v2) Medium Pass Oracle Database Multiple Vulnerabilities (April 2009 CPU) CVE-2009-0972 CVE-2009-0973 CVE-2009-0975 CVE-2009-0976 CVE-2009-0977 CVE-2009-0978 CVE-2009-0979 CVE-2009-0980 CVE-2009-0981 CVE-2009-0984 CVE-2009-0985 CVE-2009-0986 CVE-2009-0988 CVE-2009-0991 CVE-2009-0992 CVE-2009-099716 Nov 2011 8.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (July 2009 CPU) CVE-2009-0987 CVE-2009-1015 CVE-2009-1019 CVE-2009-1020 CVE-2009-1021 CVE-2009-1963 CVE-2009-1966 CVE-2009-1967 CVE-2009-1968 CVE-2009-1969 CVE-2009-1970 CVE-2009-197316 Nov 2011 9 (v2) High Pass Apache Tomcat 7.x < 7.0.22 Multiple Vulnerabilities CVE-2011-3375 CVE-2011-3376 12 Dec 2011 5.3 (v3) Medium Pass Apache Tomcat 7.x < 7.0.23 Hash Collision DoS CVE-2011-4858 CVE-2012-0022 13 Jan 2012 5.3 (v3) Medium Pass Apache Tomcat 9.0.0 < 9.0.10 Multiple Vulnerabilites CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 24 Jul 2018 9.8 (v3) Critical Pass Apache Tomcat 8.5.0 < 8.5.32 Multiple Vulnerabilities CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 13 Jul 2018 9.8 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (April 2012 CPU) CVE-2012-0510 CVE-2012-0511 CVE-2012-0512 CVE-2012-0519 CVE-2012-0520 CVE-2012-0525 CVE-2012-0526 CVE-2012-0527 CVE-2012-0528 CVE-2012-0534 CVE-2012-0552 CVE-2012-170819 Apr 2012 9 (v2) High Pass Apache Tomcat 8.0.0 < 8.0.53 Security Constraint Weakness CVE-2018-8014 CVE-2018-8034 13 Jul 2018 9.8 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (July 2012 CPU) CVE-2012-1737 CVE-2012-1745 CVE-2012-1746 CVE-2012-1747 CVE-2012-3132 CVE-2012-3134 19 Jul 2012 6.8 (v2) Medium Pass Apache Tomcat 7.0.41 < 7.0.90 Multiple Vulnerabilities CVE-2018-8014 CVE-2018-8034 24 Jul 2018 9.8 (v3) Critical Pass Apache Tomcat 7.0.x < 7.0.28 Multiple DoS CVE-2012-2733 CVE-2012-4534 21 Nov 2012 5.3 (v3) Medium Pass Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities CVE-2012-2733 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2012 5.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (April 2013 CPU) CVE-2013-1534 CVE-2013-1538 CVE-2013-1554 17 Apr 2013 10 (v2) Critical Pass Default Password 'admin123' for 'admin' Account 17 Jul 2018 9.8 (v3) Critical Pass SNMP Version 3 Authentication Vulnerabilities (cisco-sa-20080610-snmpv3) CVE-2008-0960 14 Dec 2013 10 (v2) Critical 39

Pass Cisco IOS XR Software Multiprotocol Label Switching Packet Vulnerability (cisco-sa-20100324-ldp) CVE-2010-0576 14 Dec 2013 7.8 (v2) High Pass Cisco IOS XR Software Route Processor Denial of Service Vulnerability (cisco-sa-20120530-iosxr) CVE-2012-2488 14 Dec 2013 7.8 (v2) High Pass Cisco IOS XR Software Malformed Border Gateway Protocol Attribute Vulnerability (cisco-sa-20120926-bgp)CVE-2012-4617 14 Dec 2013 7.1 (v2) High Pass Cisco IOS XR Software Route Processor Denial of Service Vulnerability (cisco-sa-20131023-iosxr) CVE-2013-5549 14 Dec 2013 7.1 (v2) High Pass Apache Tomcat 6.0.x < 6.0.39 Multiple Vulnerabilities CVE-2013-1571 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 25 Feb 2014 4.8 (v3) Medium Pass Apache Tomcat 8.0.x < 8.0.3 Content-Type DoS CVE-2014-0050 25 Feb 2014 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.54 XML Parser Information Disclosure CVE-2014-0119 30 May 2014 6.5 (v3) Medium Pass Apache Tomcat 8.0.x < 8.0.6 XML Parser Information Disclosure CVE-2014-0119 30 May 2014 6.5 (v3) Medium Pass Cisco IOS XR Typhoon-based Line Cards and Network Processor (NP) Chip DoS CVE-2014-3322 29 Jul 2014 6.1 (v2) Medium Pass Cisco IOS XR GNU C Library (glibc) Buﬀer Overﬂow (GHOST) CVE-2015-0235 02 Mar 2015 10 (v2) Critical Pass Apache Tomcat 6.0.x < 6.0.44 Multiple Vulnerabilities (FREAK) CVE-2014-0230 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-7810 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-029315 May 2015 7.5 (v3) High Pass Cisco IOS XR Typhoon-based Line Cards and Network Processor (NP) Chip DoS CVE-2015-0695 24 Apr 2015 7.8 (v2) High Pass Tenable SecurityCenter Multiple Apache Vulnerabilities (TNS-2015-11) CVE-2015-3183 CVE-2015-3185 25 Aug 2015 5.8 (v3) Medium Pass Cisco IOS Software IKEv1 State Machine DoS (CSCuw08236) CVE-2015-6429 08 Jan 2016 5.3 (v3) Medium Pass Cisco IOS DHCPv6 Relay Message Handling DoS (cisco-sa-20160323-dhcpv6) CVE-2016-1348 06 Apr 2016 7.5 (v3) High Pass PHP 7.3.0 [alpha|beta] < 7.3.0 Multiple vulnerabilities CVE-2018-19518 CVE-2018-19935 CVE-2018-20783 20 Jul 2018 7.5 (v3) High Pass Cisco IOS Malformed LISP Packet DoS (CSCuu64279) CVE-2016-1351 01 Apr 2016 7.5 (v3) High Pass PHP 7.0.x < 7.0.31 Use After Free Arbitrary Code Execution in EXIF CVE-2018-12882 CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 20 Jul 2018 9.8 (v3) Critical Pass Cisco IOS SIP Memory Leak DoS (CSCuj23293) CVE-2016-1350 01 Apr 2016 7.5 (v3) High Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (July 2018 CPU)CVE-2018-2960 CVE-2018-2961 CVE-2018-2962 CVE-2018-2963 20 Jul 2018 6.1 (v3) Medium Pass PHP 7.1.x < 7.1.20 exif_thumbnail_extract() DoS CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 24 Jul 2018 7.5 (v3) High Pass PHP 5.6.x < 5.6.37 exif_thumbnail_extract() DoS CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 24 Jul 2018 7.5 (v3) High Pass AVEVA InduSoft Web Studio / InTouch Machine Edition Command 81 mbstowcs() Stack Overﬂow CVE-2018-10620 31 Jul 2018 9.8 (v3) Critical Pass Tenable SecurityCenter < 5.3.2 Multiple Vulnerabilities (TNS-2016-09) CVE-2016-3074 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-454424 Jun 2016 9.8 (v3) Critical Pass Atlassian JIRA 7.6.7 / 7.7.x < 7.7.5 / 7.8.x < 7.8.5 / 7.9.x < 7.9.3 / 7.10.x < 7.10.2 XSS CVE-2018-13387 CVE-2018-13395 03 Aug 2018 6.1 (v3) Medium Pass Tenable SecurityCenter < 5.4.0 Multiple Vulnerabilities (TNS-2016-12) CVE-2016-0739 CVE-2016-0787 CVE-2016-4802 26 Jul 2016 7.8 (v3) High Pass Cisco IOS XE Software Border Gateway Protocol Message Processing DoS (cisco-sa-20160715-bgp) CVE-2016-1459 26 Aug 2016 5.3 (v3) Medium Pass Dell iDRAC Products Multiple Vulnerabilities (June 2018) CVE-2018-1212 CVE-2018-1243 CVE-2018-1244 CVE-2018-1249 09 Aug 2018 8.8 (v3) High Pass Cisco IOS XR Software Command-Line Interface Privilege Escalation (cisco-sa-20161005-iosxr) CVE-2016-6428 28 Oct 2016 7.8 (v3) High Pass Mail Transfer Agent and Mail Delivery Agent Remote Command Execution via Shellshock CVE-2014-6271 CVE-2014-7169 28 Oct 2014 10 (v2) Critical Pass Jenkins < 2.121.2 / 2.133 Multiple Vulnerabilities CVE-2018-1999001 CVE-2018-1999002 CVE-2018-1999003 CVE-2018-1999004 CVE-2018-1999005 CVE-2018-1999006 CVE-2018-199900709 Aug 2018 7.5 (v3) High Pass Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Multiple Vulnerabilities (cisco-sa-rv340-cmdinj-rCVE-2021-1609 CVE-2021-1610cedos-pY8J3qfy) 04 Aug 2021 9.8 (v3) Critical Pass Cisco Small Business RV160 and RV260 Series VPN Routers RCE (cisco-sa-rv-code-execution-9UVJr7k4)CVE-2021-1602 04 Aug 2021 9.8 (v3) Critical Pass MySQL 5.6.x < 5.6.41 Multiple Vulnerabilities (July 2018 CPU) 20 Jul 2018 7.1 (v3) High Pass MySQL 5.5.x < 5.5.61 Multiple Vulnerabilities (July 2018 CPU) CVE-2018-2767 CVE-2018-3058 CVE-2018-3063 CVE-2018-3066 CVE-2018-3070 CVE-2018-3081 20 Jul 2018 5 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Admin Console DirCVE-2018-1770 ectory Traversal Vulnerability (CVE-2018-1770) 14 Dec 2018 6.5 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.0.x < 9.0.0.9 Installation VeriCVE-2018-1643ﬁcation Tool Cross-site Scripting (XSS) Vulnerability (CVE-2018-1643) 14 Dec 2018 6.1 (v3) Medium Pass nginx < 0.7.64 / 0.8.x < 0.8.23 Multiple Vulnerabilities CVE-2009-3555 CVE-2009-4487 09 Mar 2018 6.5 (v3) Medium Pass nginx < 0.7.63 / 0.8.x < 0.8.17 Directory Traversal CVE-2009-3898 09 Mar 2018 5.4 (v3) Medium Pass Oracle WebLogic Server Deserialization RCE (CVE-2018-2893) CVE-2018-2893 13 Aug 2018 9.8 (v3) Critical Pass MikroTik RouterOS < 6.40.9 / 6.42.7 / 6.43 multiple vulnerabilities. CVE-2018-1156 CVE-2018-1157 CVE-2018-1158 CVE-2018-1159 24 Aug 2018 8.8 (v3) High Pass CODESYS V3 Runtime Service Detection 26 Feb 2019 None Pass Cisco Small Business RV Series Arbitrary Code Execution (cisco-sa-code-exec-wH3BNFb) CVE-2020-3331 28 Jul 2020 9.8 (v3) Critical Pass Symantec Encryption Management Server < 3.4.2 MP1 Denial of Service Vulnerability (SYMSA1458) CVE-2018-5243 28 Aug 2018 7.5 (v3) High Pass Apache ActiveMQ 5.x < 5.15.5 Multiple Vulnerabilities CVE-2012-0881 CVE-2014-0114 CVE-2015-5182 CVE-2016-3092 CVE-2016-5425 CVE-2016-6325 CVE-2016-8735 CVE-2018-7489 CVE-2018-800630 Aug 2018 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway < 8.11 DoS CVE-2018-0409 31 Aug 2018 7.5 (v3) High Pass Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway DoS (cisco-sa-alg-dos-hbBS7SZE) CVE-2021-1446 02 Aug 2021 7.5 (v3) High Pass Jenkins < 2.121.3 / 2.138 Multiple Vulnerabilities CVE-2018-1999042 CVE-2018-1999043 CVE-2018-1999044 CVE-2018-1999045 CVE-2018-1999046 CVE-2018-1999047 06 Sep 2018 5.4 (v3) Medium Pass Atlassian JIRA ProﬁleLinkUserFormat Information Disclosure Vulnerability CVE-2018-13391 07 Sep 2018 5.3 (v3) Medium Pass PHP 7.0.x < 7.0.32 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.x <= 7.0.0.45 / 8.x <= 8.0.0.15 / 8.5.x < 8.5.5.21 / 9.x < 9.0.5.11 DoSCVE-2021-38951 13 Jan 2022 7.5 (v3) High Pass VMware Harbor Information Disclosure (CVE-2019-19030) CVE-2019-19030 10 Aug 2021 5.3 (v3) Medium Pass Cisco Firepower Device Manager On-Box Software RCE (cisco-sa-fdm-rce-Rx6vVurq) CVE-2021-1518 12 Aug 2021 8.8 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.5 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 3.7 (v3) Low Pass Microsoft Azure CycleCloud Privilege Escalation (CVE-2021-36943) CVE-2021-36943 13 Aug 2021 7.8 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.12 Open Redirect Weakness CVE-2018-11784 10 Oct 2018 4.3 (v3) Medium Pass Apache Tomcat 8.5.x < 8.5.34 Open Redirect Weakness CVE-2018-11784 10 Oct 2018 4.3 (v3) Medium Pass Citrix NetScaler Management and Analytics System Default Administrator Credentials 12 Oct 2018 7.3 (v3) High Pass Apple iTunes < 12.11.4 Multiple Vulnerabilities (uncredentialed check) CVE-2021-30779 CVE-2021-30785 23 Aug 2021 7.8 (v3) High Pass nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability CVE-2016-4450 16 Oct 2018 7.5 (v3) High Pass Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities CVE-2018-1000406 CVE-2018-1000407 CVE-2018-1000408 CVE-2018-1000409 CVE-2018-1000410 CVE-2018-1000997 CVE-2018-199904316 Oct 2018 6.5 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (October 2018 CPU)CVE-2018-3241 CVE-2018-3281 CVE-2018-11039 18 Oct 2018 6.1 (v3) Medium Pass Tenable Nessus < 8.0.0 Multiple Vulnerabilities (TNS-2018-14) CVE-2018-0732 CVE-2018-0737 26 Oct 2018 5.9 (v3) Medium Pass nginx 1.x < 1.14.1 / 1.15.x < 1.15.6 Multiple Vulnerabilities CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 14 Nov 2018 6.1 (v3) Medium Pass VMware Harbor User Enumeration (CVE-2020-13794) CVE-2020-13794 19 Aug 2021 4.3 (v3) Medium Pass Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20140305-wlc) CVE-2014-0701 CVE-2014-0703 CVE-2014-0704 CVE-2014-0705 CVE-2014-0706 CVE-2014-0707 14 Mar 2014 7.8 (v2) High Pass IBM Spectrum Protect Plus vsnap Static Credential Vulnerability CVE-2020-4854 18 Feb 2021 9.8 (v3) Critical Pass ManageEngine ADSelfService Plus < Build 6102 RCE CVE-2021-28958 19 Aug 2021 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.19 / 9.0.x < 9.0.14 / 9.1.x < 9.1.10 Vulnerability CVE-2021-3045 12 Aug 2021 4.9 (v3) Medium Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0605P06 Multiple Vulnerabilities CVE-2018-7114 CVE-2018-7115 CVE-2018-7116 10 Dec 2018 9.8 (v3) Critical Pass Cisco Evolved Programmable Network Manager Information Disclosure (cisco-sa-epnm-info-disc-PjTZ5r6C)CVE-2021-34707 13 Aug 2021 6.5 (v3) Medium Pass OpenSSL 1.1.1 < 1.1.1l Vulnerability CVE-2021-3711 CVE-2021-3712 24 Aug 2021 9.8 (v3) Critical Pass Atlassian JIRA < 8.5.14 / 8.6.x < 8.13.6 / 8.14.x < 8.16.1 XSS (JRASERVER-72392) CVE-2021-26078 26 Aug 2021 6.1 (v3) Medium Pass OpenSSL 1.1.1 < 1.1.1k Multiple Vulnerabilities CVE-2021-3449 CVE-2021-3450 25 Mar 2021 7.4 (v3) High Pass Cisco IOS Software Plug-and-Play PKI API Certiﬁcate Validation Vulnerability CVE-2017-12228 06 Oct 2017 5.9 (v3) Medium Pass Juniper Junos OS Improper Certiﬁcate Validation (JSA11264) CVE-2022-22156 18 Mar 2022 7.4 (v3) High Pass Cisco Energy Management Suite Default PostgreSQL Password Vulnerability CVE-2018-0468 20 Aug 2021 7.8 (v3) High Pass Tenable SecurityCenter PHP < 5.6.27 Multiple Vulnerabilities CVE-2016-9137 26 Jun 2017 9.8 (v3) Critical Pass Dell iDRAC Products Multiple Vulnerabilities (December 2018) CVE-2018-15774 CVE-2018-15776 21 Dec 2018 8.8 (v3) High Pass Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2n Multiple Vulnerabilities CVE-2017-3737 CVE-2017-3738 CVE-2018-0733 CVE-2018-0739 02 Feb 2018 5.9 (v3) Medium Pass Cisco IOS XR Software Event Management Service gRPC Handling DoS (cisco-sa-20170503-ios-xr) CVE-2017-3876 04 May 2017 7.5 (v3) High Pass nginx < 1.13.3 Integer Overﬂow Vulnerability CVE-2017-7529 18 Dec 2017 7.5 (v3) High Pass Tenable SecurityCenter PHP < 5.6.26 Multiple Vulnerabilities CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 26 Jun 2017 9.8 (v3) Critical Pass Tenable SecurityCenter Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (TNS-2017-04) (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 26 Jun 2017 7.5 (v3) High Pass Tenable SecurityCenter OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-630626 Jun 2017 9.8 (v3) Critical Pass Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities (TNS-2017-04) CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 26 Jun 2017 5.9 (v3) Medium Pass Tenable SecurityCenter PHP < 5.6.25 Multiple Vulnerabilities (TNS-2016-09) CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-713226 Jun 2017 9.8 (v3) Critical Pass Cisco Integrated Management Controller User Session Hijacking Vulnerability CVE-2017-6617 10 Aug 2017 5.4 (v3) Medium Pass Cisco Integrated Management Controller Remote Code Execution Vulnerability CVE-2017-6616 10 Aug 2017 8.8 (v3) High Pass Cisco Integrated Management Controller Privilege Escalation Vulnerability CVE-2017-6619 10 Aug 2017 8.8 (v3) High Pass Cisco Integrated Management Controller Cross-Site Scripting Vulnerability CVE-2017-6618 10 Aug 2017 5.4 (v3) Medium Pass Apache Tomcat 8.0.0.RC1 < 8.0.45 Cache Poisoning CVE-2017-7674 18 Aug 2017 4.3 (v3) Medium Pass Apache Tomcat 9.0.0M1 < 9.0.0.M22 Multiple Vulnerabilities CVE-2017-7674 CVE-2017-7675 18 Aug 2017 7.5 (v3) High Pass Tenable SecurityCenter PHP < 5.6.31 Multiple Vulnerabilities (TNS-2017-12 CVE-2017-6004 CVE-2017-7890 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 CVE-2017-11142 CVE-2017-11143 CVE-2017-11144 CVE-2017-11145 CVE-2017-11628 CVE-2017-1293312 Sep 2017 9.8 (v3) Critical Pass Cisco Uniﬁed Communications Manager SQL Injection Vulnerability CVE-2017-3886 27 Sep 2017 4.9 (v3) Medium Pass Cisco Uniﬁed Communications Manager Cross-Site Scripting Vulnerability CVE-2017-3888 27 Sep 2017 5.4 (v3) Medium Pass Cisco Uniﬁed Communications Manager Denial of Service Vulnerability CVE-2017-3808 27 Sep 2017 7.5 (v3) High Pass Apache Tomcat 7.0.x < 7.0.82 Multiple Vulnerabilities CVE-2017-12617 11 Oct 2017 8.1 (v3) High Pass Oracle Database Multiple Vulnerabilities (October 2017 CPU) CVE-2016-6814 CVE-2016-8735 CVE-2017-10190 CVE-2017-10261 CVE-2017-10292 CVE-2017-10321 19 Oct 2017 9.8 (v3) Critical Pass Tenable SecurityCenter 5.5.0 <= 5.5.2 SQLi (TNS-2017-13) CVE-2017-11508 02 Nov 2017 8.8 (v3) High Pass Junos OS 12.1X46 SRX 210, 240, 650 series ﬁrewalls (KRACK) CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 08 Jan 2018 6.8 (v3) Medium Pass MySQL 5.5.x < 5.5.59 Multiple Vulnerabilities (January 2018 CPU) CVE-2018-2562 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 17 Jan 2018 7.1 (v3) High Pass MySQL 5.7.x < 5.7.21 Multiple Vulnerabilities (January 2018 CPU) CVE-2017-3737 CVE-2018-2562 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2591 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665 CVE-2018-2667 CVE-2018-2668 CVE-2018-2696 CVE-2018-270317 Jan 2018 5.5 (v3) Medium Pass Apache Tomcat 8.0.45 < 8.0.48 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 3.7 (v3) Low Pass Apache Tomcat 7.0.0 < 7.0.85 Security Constraint Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 5.9 (v3) Medium Pass IBM WebSphere Application Server 9.0.0.0 < 9.0.0.8 Spoof Attack Vulnerability CVE-2017-1788 30 Mar 2018 5.3 (v3) Medium Pass Cisco IOS Software Smart Install Remote Code Execution Vulnerability CVE-2018-0171 29 Mar 2018 9.8 (v3) Critical Pass Cisco IOS XR Software Link Layer Discovery Protocol Buﬀer Overﬂow Vulnerabilities (cisco-sa-20180328-lldp)CVE-2018-0167 06 Apr 2018 8.8 (v3) High Pass Apache Struts XStream Handler REST Plugin XML Request Handling Remote DoS (S2-056) CVE-2018-1327 30 Mar 2018 7.5 (v3) High Pass Cisco IOS Software DNS Forwarder Denial of Service Vulnerability (cisco-sa-20160928-dns) CVE-2016-6380 10 Apr 2018 8.1 (v3) High Pass MySQL 5.5.x < 5.5.60 Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2755 CVE-2018-2758 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2805 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-281919 Apr 2018 5.5 (v3) Medium Pass MySQL 5.6.x < 5.6.40 Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2755 CVE-2018-2758 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2805 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-281919 Apr 2018 5.5 (v3) Medium 40

Pass MySQL 5.7.x < 5.7.22 Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762 CVE-2018-2766 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 CVE-2018-2780 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787 CVE-2018-2810 CVE-2018-2812 CVE-2018-2813 CVE-2018-2816 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 CVE-2018-2839 CVE-2018-284619 Apr 2018 5.5 (v3) Medium Pass Cisco IOS SNMP Community string write privileges. 18 Apr 2018 None Pass Cisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability (cisco-sa-20180418-iosxr)CVE-2018-0241 27 Apr 2018 7.4 (v3) High Pass Atlassian JIRA < 4.2.1 Multiple Vulnerabilities 24 Apr 2018 6.3 (v3) Medium Pass Pulse Connect Secure Multiple Vulnerabilities (SA43730) CVE-2007-5846 CVE-2016-2125 CVE-2016-2126 CVE-2016-10142 CVE-2018-9849 18 May 2018 6.5 (v3) Medium Pass Apache Struts 2.0.x < 2.0.9 RCE (S2-001) 10 Sep 2018 9.8 (v3) Critical Pass Oracle Database Server CVE-2018-3110 CVE-2018-3110 14 Aug 2018 9.9 (v3) Critical Pass D-Link DIR Router Authenication Bypass 11 Oct 2017 8.3 (v3) High Pass Cisco Prime Collaboration Provisioning Hard-Coded Password Vulnerability (cisco-sa-20180307-cpcp CVE-2018-0141 09 Mar 2018 8.4 (v3) High Pass Cisco Prime Collaboration Provisioning XSS (cisco-sa-prime-collab-xss-fQMDE5GO) CVE-2021-34732 03 Sep 2021 6.1 (v3) Medium Pass Cisco Prime Collaboration Provisioning Information Disclosure (cisco-sa-prim-collab-disclo-FAnX4DKB) CVE-2020-3193 19 Mar 2020 5.3 (v3) Medium Pass Cisco Uniﬁed Communications Products Vulnerabilities (cisco-sa-imp-trav-inj-dM687ZD6) CVE-2021-1282 05 Feb 2021 4.9 (v3) Medium Pass Apache Struts 2.x < 2.3.14.2 Multiple Vulnerabilities (S2-014) CVE-2013-1966 CVE-2013-2115 10 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.2.1 OGNL RCE (S2-005) CVE-2010-1870 10 Sep 2018 5.3 (v3) Medium Pass Apache Struts 2.x < 2.3.15.1 Multiple Vulnerabilities (S2-016) (S2-017) CVE-2013-2248 CVE-2013-2251 10 Sep 2018 9.8 (v3) Critical Pass Cisco IOS Software Cluster Management Protocol DoS Vulnerability (cisco-sa-20180926-cmp) CVE-2018-0475 05 Oct 2018 7.4 (v3) High Pass Apache Struts 2.x < 2.2.3 Multiple XSS (S2-006) CVE-2011-1772 10 Sep 2018 4.3 (v3) Medium Pass Apache Struts 2.0.x < 2.2.1 Security Bypass Vulnerability (S2-003) 10 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.15.3 Broken Access Control Vulnerability (S2-018) CVE-2013-4310 10 Sep 2018 6.5 (v3) Medium Pass Apache Struts 2.x < 2.3.16.2 Multiple Vulnerabilities (S2-020) CVE-2014-0050 CVE-2014-0094 10 Sep 2018 7.3 (v3) High Pass Apache Struts 2.x < 2.3.15.2 Dynamic Method Invocation Multiple Vulnerabilities (S2-019) CVE-2013-4316 11 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.1.2 RCE (S2-009) CVE-2011-3923 11 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.20 Multiple ClassLoader Manipulation Vulnerabilities (S2-021) CVE-2014-0112 CVE-2014-0113 12 Sep 2018 7.3 (v3) High Pass Cisco IOS Software IPv6 Hop-by-Hop DoS Vulnerability (cisco-sa-20180926-ipv6hbh) CVE-2018-0467 05 Oct 2018 8.6 (v3) High Pass Cisco IOS Software OSPFv3 DoS Vulnerability (cisco-sa-20180926-ospfv3-dos) CVE-2018-0466 05 Oct 2018 6.5 (v3) Medium Pass Apache Tomcat 9.0.0.M1 < 9.0.8 Denial of Service Vulnerability CVE-2018-1336 27 Feb 2019 7.5 (v3) High Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod Multi-Site TCP DoS (cisco-sa-n9kaci-tcp-dos-YXukt6gM)CVE-2021-1586 21 Feb 2022 8.6 (v3) High Pass F5 BIG-IP RCE (CVE-2022-1388) CVE-2022-1388 09 May 2022 9.8 (v3) Critical Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (October 2018 CPU) CVE-2017-5645 CVE-2018-3204 CVE-2018-8013 03 Jan 2019 9.8 (v3) Critical Pass nginx <= 1.3.13 Insecure Log Permissions CVE-2013-0337 05 Mar 2019 7.3 (v3) High Pass Atlassian JIRA < 7.6.7 / 7.7.x < 7.11.0 Information Disclosure CVE-2017-18104 05 Mar 2019 5.9 (v3) Medium Pass Atlassian JIRA < 7.5.3 Cross-Site Scripting CVE-2017-16863 05 Mar 2019 6.1 (v3) Medium Pass Atlassian JIRA < 7.6.1 Multiple Vulnerabilities CVE-2017-16865 CVE-2017-18097 CVE-2017-18098 05 Mar 2019 6.1 (v3) Medium Pass Atlassian JIRA < 7.6.2 Cross-Site Request Forgery CVE-2017-16862 05 Mar 2019 4.3 (v3) Medium Pass Atlassian JIRA < 7.6.5 / 7.7.x < 7.7.3 / 7.8.x < 7.8.3 Limited Authentication Bypass CVE-2017-18101 05 Mar 2019 6.5 (v3) Medium Pass Palo Alto Networks < 7.1.23 / 8.0.x < 8.0.16 / 8.1.x < 8.1.7 Integer Overﬂow Vulnerability (PAN-SA-2019-0006)CVE-2018-14634 25 Mar 2019 7.8 (v3) High Pass Cisco IOS Software Hot Standby Router Protocol Information Leak Vulnerability CVE-2019-1761 05 Apr 2019 4.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 Admin Console Denial of Service (DoS) VCVE-2019-4080 ulnerability (CVE-2019-4080) 12 Apr 2019 6.5 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 Information DisclosurCVE-2018-1996 e Vulnerability (CVE-2018-1996) 12 Apr 2019 5.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 / Liberty < 19.0.0.4 Request Header Denial of Service (DoS) VCVE-2019-4046 ulnerability (CVE-2019-4046) 12 Apr 2019 7.5 (v3) High Pass Tenable Nessus < 8.1.1 Multiple Vulnerabilities (TNS-2018-16) CVE-2018-0734 CVE-2018-5407 02 Jan 2019 5.9 (v3) Medium Pass 3S CODESYS Runtime 3.x < 3.5.14.0 Insuﬃcient Access Control Vulnerability CVE-2018-10612 CVE-2018-20025 CVE-2018-20026 03 Jan 2019 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 Form Login SpooCVE-2018-1695ﬁng Vulnerability (CVE-2018-1695) 03 May 2019 5.6 (v3) Medium Pass Juniper JSA10936 CVE-2019-0044 10 May 2019 7.5 (v3) High Pass Atlassian JIRA Server-Side Request Forgery (SSRF) Vulnerability (JRASERVER-68527) CVE-2018-13404 10 May 2019 4.1 (v3) Medium Pass Atlassian JIRA Cross-Site Scripting (XSS) Vulnerability (JRASERVER-68614) CVE-2018-20232 10 May 2019 5.4 (v3) Medium Pass IBM Spectrum Protect Client 7.1.x < 7.1.8.4 / 8.1.x < 8.1.6.1 Denial of Service Vulnerability (CVE-2018-1786)CVE-2018-1786 03 Jan 2019 7.5 (v3) High Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.9 TLS Downgrade Vulnerability (CVE-2018-1719)CVE-2018-1719 30 May 2019 5.9 (v3) Medium Pass IBM WebSphere Application Server Virtual Enterprise 7.0.x / Network Deployment 8.5.x < 8.5.5.16 / Network Deployment 9.0.0.x <= 9.0.0.11 Remote Code Execution VCVE-2019-4279 ulnerability (CVE-2019-4279) 31 May 2019 9.8 (v3) Critical Pass Juniper JSA10889 CVE-2018-0055 07 Jun 2019 5.3 (v3) Medium Pass Apache Tomcat 9.0.0.M1 < 9.0.16 DoS CVE-2019-0199 27 Jun 2019 7.5 (v3) High Pass MySQL 5.6.x < 5.6.45 Multiple Vulnerabilities (Jul 2019 CPU) CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2805 CVE-2019-2819 CVE-2019-2969 18 Jul 2019 6.2 (v3) Medium Pass Cisco Uniﬁed Communications Manager Session Initiation Protocol Denial of Service Vulnerability CVE-2019-1887 12 Jul 2019 7.5 (v3) High Pass Cisco IOS Software Network Plug-and-Play Agent Certiﬁcate Validation Vulnerability CVE-2019-1748 26 Jul 2019 7.4 (v3) High Pass Cisco IOS Software Information Disclosure Vulnerability (cisco-sa-20190327-info) CVE-2019-1762 29 Jul 2019 4.4 (v3) Medium Pass Atlassian JIRA worklog Information Disclosure CVE-2019-8445 29 Aug 2019 5.3 (v3) Medium Pass Atlassian JIRA < 7.13.4 / 8.0.x < 8.1.0 Epic Name DoS (SB19-182) CVE-2019-11583 29 Aug 2019 6.5 (v3) Medium Pass Atlassian JIRA Authentication Bypass Vulnerability (JRASERVER-69239) CVE-2018-20826 03 Sep 2019 4.3 (v3) Medium Pass Atlassian JIRA Information Disclosure Vulnerability (JRASERVER-69797) CVE-2019-8448 03 Sep 2019 5.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Information DisclosurCVE-2019-4477e (CVE-2019-4477) 20 Sep 2019 6.5 (v3) Medium Pass Atlassian JIRA 7.7.x < 7.13.1 XSS vulnerability (JRASERVER-69238) CVE-2018-20824 25 Sep 2019 6.1 (v3) Medium Pass Cisco Uniﬁed Communications Manager Cross-Site Scripting (XSS) Vulnerability CVE-2019-12715 25 Oct 2019 6.1 (v3) Medium Pass Cisco IOS Denial of Service Vulnerability (cisco-sa-20190925-sip-dos) CVE-2019-12654 08 Oct 2019 7.5 (v3) High Pass Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability (cisco-sa-20190925-ios-gos-auth)CVE-2019-12648 08 Oct 2019 8.8 (v3) High Pass Cisco IOS ISDN Interface Denial of Service Vulnerability CVE-2019-1752 11 Oct 2019 7.5 (v3) High Pass Cisco Uniﬁed Communications Manager Cross-Site Scripting (XSS) Vulnerability CVE-2019-12716 11 Oct 2019 6.1 (v3) Medium Pass Cisco IOS XR gRPC Software Denial of Service Vulnerability CVE-2019-12647 18 Oct 2019 7.5 (v3) High Pass Cisco Wireless LAN Controller Secure Shell (SSH) Denial of Service Vulnerability (cisco-sa-20191016-wlc-ssh-dos)CVE-2019-15262 25 Oct 2019 7.5 (v3) High Pass MySQL 5.6.x < 5.6.46 Multiple Vulnerabilities (Oct 2019 CPU) CVE-2019-2910 CVE-2019-2911 CVE-2019-2922 CVE-2019-2923 CVE-2019-2924 CVE-2019-2974 18 Oct 2019 5.3 (v3) Medium Pass Cisco IOS Software IP Service Level Agreement Denial of Service Vulnerability CVE-2019-1737 21 Oct 2019 8.6 (v3) High Pass Atlassian Jira 7.6.x < 7.6.13, 7.7.0 < 7.13.3, 8.x < 8.1.1 Information Disclosure Vulnerability CVE-2019-3401 25 Oct 2019 5.3 (v3) Medium Pass Atlassian Jira 7.13.x < 7.13.3 / 8.0.x < 8.0.4 / 8.1.x < 8.1.1 Information Disclosure Vulnerability CVE-2019-3403 25 Oct 2019 5.3 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (April 2016 CPU) CVE-2014-3576 CVE-2016-0468 CVE-2016-0479 25 Oct 2019 6.1 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jul 2016 CPU) CVE-2016-3432 CVE-2016-3433 CVE-2016-3446 CVE-2016-3474 CVE-2016-3544 25 Oct 2019 8.3 (v3) High Pass Cisco Uniﬁed Communications Manager SQLi (cisco-sa-20191002-cuc-inject) CVE-2019-12710 30 Oct 2019 4.9 (v3) Medium Pass Junos OS: Clear Text Authentication Credentials (JSA10969) CVE-2019-0069 01 Nov 2019 5.5 (v3) Medium Pass Juniper JSA10956 CVE-2019-0058 01 Nov 2019 7.8 (v3) High Pass Cisco Uniﬁed Communications Manager XSS (cisco-sa-20191002-cuc-xss) CVE-2019-12707 31 Oct 2019 6.1 (v3) Medium Pass Atlassian Jira 7.13.x < 7.13.4, 8.x < 8.2.2 CSRF vulnerability (JRASERVER-69858) CVE-2019-14999 05 Nov 2019 4.3 (v3) Medium Pass Cisco IOS IP Detail Record DoS (cisco-sa-20160928-ipdr) CVE-2016-6379 12 Nov 2019 7.5 (v3) High Pass Cisco Uniﬁed Communications Manager Cross-Site Request Forgery (XSRF) Vulnerability (cisco-sa-20191002-cucm-csrf)CVE-2019-1915 07 Nov 2019 6.5 (v3) Medium Pass Cisco IOS H.323 Message Validation DoS (cisco-sa-20160928-h323) CVE-2016-6384 12 Nov 2019 7.5 (v3) High Pass Cisco IOS Smart Install Memory Leak (cisco-sa-20160928-smi) CVE-2016-6385 12 Nov 2019 7.5 (v3) High Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1735) CVE-2019-1735 13 Nov 2019 7.8 (v3) High Pass Cisco NX-OS Software Multiple Vulnerabilities (cisco-sa-20190515-nxos-cmdinj-1774-1775) CVE-2019-1774 CVE-2019-1775 13 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1770) CVE-2019-1770 14 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1790) CVE-2019-1790 14 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1783) CVE-2019-1783 14 Nov 2019 6.7 (v3) Medium Pass Cisco IOS Autonomic Control Plane Channel Information Disclosure (cisco-sa-20170726-aniacp) CVE-2017-6665 18 Nov 2019 6.5 (v3) Medium Pass Cisco IOS AAA Login DoS (cisco-sa-20160928-aaados) CVE-2016-6393 21 Nov 2019 7.5 (v3) High Pass Cisco NX-OS Software NX-API Denial of Service Vulnerability CVE-2020-3170 05 Mar 2020 5.3 (v3) Medium Pass Cisco IOS Autonomic Networking Infrastructure DoS (cisco-sa-20170726-anidos) CVE-2017-6663 22 Nov 2019 6.5 (v3) Medium Pass Cisco IOS Software Smart Install DoS (cisco-sa-20180328-smi) CVE-2018-0156 27 Nov 2019 7.5 (v3) High Pass Cisco IOS Software Internet Key Exchange Memory Leak (cisco-sa-20180328-ike) CVE-2018-0158 27 Nov 2019 8.6 (v3) High Pass Cisco IOS Software Secure Shell Connection on VRF (cisco-sa-20190109-ios-ssh-vrf) CVE-2018-0484 06 Dec 2019 6.5 (v3) Medium Pass Cisco NX-OS Software OSPF LSA Manipulation (cisco-sa-20170727-ospf) CVE-2017-6770 27 Nov 2019 4.2 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1795) CVE-2019-1795 04 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190306-nxos-cmdinj-1611) CVE-2019-1611 04 Dec 2019 6.7 (v3) Medium Pass Junos OS: processing of speciﬁc transit IP packets in ﬂowd, leading to Denial of Service (JSA10959) CVE-2019-0060 16 Dec 2019 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Directory Traversal VCVE-2019-4442ulnerability 06 Dec 2019 4.3 (v3) Medium Pass Cisco IOS Software Software Plug and Play Agent Memory Leak(cisco-sa-20180926-pnp-memleak) CVE-2018-15377 13 Dec 2019 8.6 (v3) High Pass nginx < 1.17.7 Information Disclosure CVE-2019-20372 05 Mar 2020 5.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information DisclosurCVE-2019-4441 e (CVE-2019-4441) 16 Dec 2019 5.3 (v3) Medium Pass Cisco NX-OS Software Privilege Escalation Vulnerability CVE-2019-1602 18 Dec 2019 7.8 (v3) High Pass Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability CVE-2020-3175 05 Mar 2020 8.6 (v3) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (Cisco-Sa-20190306-Nxos-Cmdinj-1609) CVE-2019-1609 27 Dec 2019 6.7 (v3) Medium Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Information Disclosure (CVE-2018-1614)CVE-2018-1614 28 Jan 2020 7.5 (v3) High Pass SSL/TLS Deprecated Ciphers Unsupported 06 Jan 2020 None Pass SSLv2-Only Open Ports Unsupported 06 Jan 2020 None Pass Cisco Data Center Network Manager < 11.3(1) Multiple Vulnerabilities CVE-2019-15975 CVE-2019-15976 CVE-2019-15977 CVE-2019-15978 CVE-2019-15979 CVE-2019-15980 CVE-2019-15981 CVE-2019-15982 CVE-2019-15983 CVE-2019-15984 CVE-2019-15985 CVE-2019-1599909 Jan 2020 9.8 (v3) Critical Pass Cisco IOS Software NAT64 Denial of Service Vulnerability CVE-2019-1751 09 Jan 2020 7.5 (v3) High Pass MySQL 5.6.x < 5.6.47 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-1547 CVE-2020-2574 CVE-2020-2579 16 Jan 2020 4.7 (v3) Medium 41

Pass Cisco IOS Web UI Cross-Site Request Forgery (cisco-sa-20200108-ios-csrf) CVE-2019-16009 16 Jan 2020 8.8 (v3) High Pass MySQL 8.0.x < 8.0.19 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-1547 CVE-2019-5482 CVE-2019-16168 CVE-2020-2570 CVE-2020-2572 CVE-2020-2573 CVE-2020-2574 CVE-2020-2577 CVE-2020-2579 CVE-2020-2584 CVE-2020-2588 CVE-2020-2627 CVE-2020-2660 CVE-2020-2679 CVE-2020-2686 CVE-2020-2761 CVE-2020-2770 CVE-2020-2774 CVE-2020-2779 CVE-2020-2814 CVE-2020-2853 CVE-2020-292216 Jan 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1840)CVE-2018-1840 28 Jan 2020 8.1 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Remote Code Execution (CVE-2018-1567)CVE-2018-1567 28 Jan 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 9.0.x < 9.0.5.0 Information Disclosure (CVE-2019-4269) CVE-2019-4269 28 Jan 2020 7.5 (v3) High Pass IBM WebSphere Application Server Virtual Enterprise 7.0.x <= 7.0.0.6 / Virtual Enterprise 8.0.x / 8.5.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 Information DisclosurCVE-2019-4505 e (CVE-2019-4505) 30 Jan 2020 5.3 (v3) Medium Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Cross-Site Request Forgery (CVE-2018-1926)CVE-2018-1926 28 Jan 2020 8.8 (v3) High Pass Cisco Uniﬁed Communications Manager Cross-Site Request Forgery Vulnerability (cisco-sa-20200122-cuc-info-disclosurCVE-2019-15963e) 31 Jan 2020 6.5 (v3) Medium Pass Cisco Uniﬁed Communications Manager Cross-Site Request Forgery Vulnerability (cisco-sa-ucm-csrf-NbhZTxL)CVE-2020-3135 31 Jan 2020 8.8 (v3) High Pass Cisco IOS SM-1T3/E3 Service Module DoS (cisco-sa-20180926-sm1t3e3) CVE-2018-0485 05 Feb 2020 8.6 (v3) High Pass Cisco IOS XR Software Cisco Discovery Protocol Denial of Service Vulnerability (cisco-sa-20200205-fxnxos-iosxrCVE-2020-3120-cdp-dos) 14 Feb 2020 6.5 (v3) Medium Pass Cisco NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability (cisco-sa-20200205-fxnxos-iosxrCVE-2020-3120-cdp-dos) 14 Feb 2020 6.5 (v3) Medium Pass Cisco Aggregation Services Router 9000 Series IPv6 Fragment Header DoS (cisco-sa-20180131-ipv6) CVE-2018-0136 21 Feb 2020 8.6 (v3) High Pass Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability (cisco-sa-20190515-iosxr-evpn-dos)CVE-2019-1849 18 Feb 2020 6.5 (v3) Medium Pass Junos OS Multiple vulnerabilities (JSA10981) CVE-2020-1602 CVE-2020-1605 CVE-2020-1609 24 Feb 2020 8.8 (v3) High Pass Atlassian JIRA 8.5.x / 8.6.x 'Atlassian Application Links' Plugin CSRF CVE-2019-20100 21 Feb 2020 4.7 (v3) Medium Pass Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation (cisco-sa-20190925-xr-asr9k-privesc)CVE-2019-12709 28 Feb 2020 6.7 (v3) Medium Pass Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability (cisco-sa-20200226-nxos-arp) CVE-2020-3174 06 Mar 2020 4.7 (v3) Medium Pass Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass (cisco-sa-20191120-iosxr-ssh-bypass) CVE-2019-15998 28 Feb 2020 5.3 (v3) Medium Pass Cisco IOS XR Software Secure Shell Authentication Vulnerability (cisco-sa-20190605-iosxr-ssh) CVE-2019-1842 02 Mar 2020 5.4 (v3) Medium Pass Cisco NX-OS Software Authenticated Simple Network Management Protocol DoS (cisco-sa-20180620-nxossnmp)CVE-2018-0291 05 Mar 2020 6.5 (v3) Medium Pass Cisco NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and DoS (cisco-sa-20200226-fxos-nxos-cdp)CVE-2020-3172 06 Mar 2020 8.8 (v3) High Pass Cisco IOS XR Software IPsec Packet Processor DoS (cisco-sa-iosxr-ipsec-dos-q8UPX6m) CVE-2020-3190 13 Mar 2020 5.8 (v3) Medium Pass Cisco Nexus 1000V Switch for VMware vSphere Secure Login Enhancements Denial of Service VulnerabilityCVE-2020-3168 11 Mar 2020 7.5 (v3) High Pass Cisco IOS XR Software Intermediate System-to-Intermediate System DoS (cisco-sa-20200122-ios-xr-dos)CVE-2019-16027 13 Mar 2020 6.5 (v3) Medium Pass Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability (cisco-sa-prime-collab-xss-RjRCe9n7)CVE-2020-3192 19 Mar 2020 6.1 (v3) Medium Pass Cisco IOS XR Software BGP EVPN Operational Routes DoS (cisco-sa-20200122-ios-xr-routes) CVE-2019-16018 13 Apr 2020 6.5 (v3) Medium Pass Cisco Uniﬁed Computing System Fabric Interconnect Root Privilege Escalation (cisco-sa-20190828-ucs-privescalation)CVE-2019-1966 16 Apr 2020 7.8 (v3) High Pass Junos OS Default Credentials Vulnerability (JSA10998) CVE-2020-1615 16 Apr 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 CrCVE-2018-1798oss-Site Scripting Vulnerability 30 Apr 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.15 / 9.0.0.0 <= 9.0.0.10 Connection SpooCVE-2018-1902 ﬁng Vulnerability 20 Apr 2020 4.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.x < 9.0.0.10 XSS (CVE-2018-1794)CVE-2018-1794 21 Apr 2020 6.1 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.17 / 9.0.0.0 <= 9.0.5.3 Privilege Escalation (CVE-2020-4362)CVE-2020-4362 17 Apr 2020 8.8 (v3) High Pass IBM WebSphere Application Server 7.x / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 Directory TCVE-2018-1797raversal Vulnerability 30 Apr 2020 5.5 (v3) Medium Pass IBM WebSphere Application Server 7.0 < 7.0.0.46 / 8.0 < 8.0.0.16 / 8.5 < 8.5.5.18 / 9.0 < 9.0.5.4 / Liberty 17.0.0.3 < 20.0.0.5 Information DisclosurCVE-2020-4329 e 08 May 2020 4.3 (v3) Medium Pass Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability (cisco-sa-20190515-nxos-rpm-injec)CVE-2019-1732 12 May 2020 6.4 (v3) Medium Pass Cisco NX-OS Software Sensitive File Read Information Disclosure Vulnerability (cisco-sa-20190515-nxos-fxos-info)CVE-2019-1734 12 May 2020 5.5 (v3) Medium Pass Junos OS Invalid BGP Update Termination Denial Of Service Vulnerability (JSA11013) CVE-2020-1632 25 May 2020 8.6 (v3) High Pass IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSSCVE-2018-1793 27 May 2020 6.1 (v3) Medium Pass Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Inter-VM Channel Command Injection (cisco-sa-ios-iot-udp-vds-inj-f2D5Jzrt)CVE-2020-3205 05 Jun 2020 8.8 (v3) High Pass Juniper Junos RCE (JSA10871) CVE-2018-0037 02 Jun 2020 9.8 (v3) Critical Pass Cisco IOS Software Simple Network Management Protocol DoS (cisco-sa-snmp-dos-USxSyTk5) CVE-2020-3235 05 Jun 2020 7.7 (v3) High Pass IBM WebSphere Application Server 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (CVE-2020-4450) CVE-2020-4450 12 Jun 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 Remote Code Execution (CVE-2020-4448)CVE-2020-4448 12 Jun 2020 9.8 (v3) Critical Pass Cisco IOS Tcl DoS (cisco-sa-tcl-dos-MAZQUnMF) CVE-2020-3201 17 Jun 2020 6 (v3) Medium Pass Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability (cisco-sa-sxp-68TEVzR)CVE-2020-3228 19 Jun 2020 8.6 (v3) High Pass Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution (cisco-sa-tcl-ace-C9KuVKmm) CVE-2020-3204 18 Jun 2020 6.7 (v3) Medium Pass Cisco Data Center Network Manager Multiple Stored Cross-Site Scripting Vulnerablities (June 2020) CVE-2020-3354 CVE-2020-3355 CVE-2020-3356 26 Jun 2020 6.1 (v3) Medium Pass Cisco IOS Software One Platform Kit Remote Code Execution Vulnerability (cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC)CVE-2020-3217 01 Jul 2020 8.8 (v3) High Pass Cisco NX-OS Software One Platform Kit Remote Code Execution Vulnerability (cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC)CVE-2020-3217 01 Jul 2020 8.8 (v3) High Pass Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service (cisco-sa-cipdos-hkfTZXEx)CVE-2020-3225 01 Jul 2020 8.6 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 Information DisclosurCVE-2020-4449 e (CVE-2020-4449) 03 Jul 2020 7.5 (v3) High Pass Cisco NX-OS Software Cisco Fabric Services Arbitrary Code Execution (cisco-sa-20180620-fxnxos-ace) CVE-2018-0304 14 Jul 2020 9.8 (v3) Critical Pass MySQL Denial of Service (Jul 2020 CPU) CVE-2020-14567 16 Jul 2020 4.9 (v3) Medium Pass Cisco Uniﬁed Communications Manager Cross-Site Scripting (cisco-sa-cucm-cuc-imp-xss-OWuSYAp) CVE-2020-3282 31 Jul 2020 6.1 (v3) Medium Pass MySQL 5.7.x < 5.7.31 Multiple Vulnerabilities (Jul 2020 CPU) CVE-2020-1967 CVE-2020-14539 CVE-2020-14540 CVE-2020-14547 CVE-2020-14550 CVE-2020-14553 CVE-2020-14559 CVE-2020-14576 CVE-2021-2001 CVE-2021-216017 Jul 2020 4.3 (v3) Medium Pass MySQL 5.6.x < 5.6.49 Multiple Vulnerabilities (Jul 2020 CPU) CVE-2020-1967 CVE-2020-14539 CVE-2020-14550 CVE-2020-14559 17 Jul 2020 4.3 (v3) Medium Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (6250059)CVE-2020-4464 23 Jul 2020 8.8 (v3) High Pass Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Multiple Vulnerabilities (cisco-sa-ios-iot-gos-vuln-s9qS8kYL)CVE-2020-3199 CVE-2020-3257 28 Jul 2020 8.8 (v3) High Pass IBM WebSphere Application Server 8.5.x < 8.5.5.18 Server-side Request Forgery (6209099) CVE-2020-4365 29 Jul 2020 4.3 (v3) Medium Pass Cisco Small Business RV Series RCE (cisco-sa-rv-rce-m4FEEGWX) CVE-2020-3145 CVE-2020-3146 29 Jul 2020 8.8 (v3) High Pass Cisco UCS Director Stored Cross-Site Scripting Vulnerability (cisco-sa-ucs-director-xss-O7T8ORYR) CVE-2020-3464 07 Aug 2020 4.8 (v3) Medium Pass Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities (cisco-sa-ios-iot-rCVE-2020-3198 CVE-2020-3258ce-xYRSeMNH) 17 Aug 2020 9.8 (v3) Critical Pass Cisco NX-OS Directory Traversal (cisco-sa-20190501-fabric-traversal) CVE-2019-1836 25 Aug 2020 7.1 (v3) High Pass Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials (cisco-sa-ios-iot-vds-crCVE-2020-3234ed-uPMp9zbY) 28 Aug 2020 8.8 (v3) High Pass Cisco IOS Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW) CVE-2020-3408 05 Oct 2020 8.6 (v3) High Pass Cisco IOS Software ISDN Q.931 DoS (cisco-sa-iosxe-isdn-q931-dos-67eUZBTf) CVE-2020-3511 12 Oct 2020 7.4 (v3) High Pass Cisco IOS Software MP BGP EVPN DoS (cisco-sa-ios-bgp-evpn-dos-LNfYJxfF) CVE-2020-3479 07 Oct 2020 7.5 (v3) High Pass MySQL 5.6.x < 5.6.50 Multiple Vulnerabilities (Oct 2020 CPU) CVE-2020-14672 CVE-2020-14765 CVE-2020-14769 CVE-2020-14793 CVE-2020-14812 CVE-2020-14867 22 Oct 2020 6.5 (v3) Medium Pass Cisco IOS Software PROFINET DoS (cisco-sa-proﬁnet-J9QMCHPB) CVE-2020-3409 05 Nov 2020 7.4 (v3) High Pass Cisco IOS XR Software for ASR 9000 Series Slow Path Forwarding DoS (cisco-sa-xr-cp-dos-ej8VB9QY) CVE-2020-26070 13 Nov 2020 8.6 (v3) High Pass OpenSSL 1.0.2 < 1.0.2x Null Pointer Dereference Vulnerability CVE-2020-1971 10 Dec 2020 5.9 (v3) Medium Pass SolarWinds Orion Platform < 2020.2.1 HF2 Multiple Vulnerabilities CVE-2019-11358 CVE-2020-14005 CVE-2020-27869 CVE-2020-27870 CVE-2020-27871 18 Dec 2020 8.8 (v3) High Pass MySQL 5.6.x < 5.6.51 Multiple Vulnerabilities (Jan 2021 CPU) CVE-2021-2001 CVE-2021-2010 CVE-2021-2022 CVE-2021-2060 22 Jan 2021 4.2 (v3) Medium Pass MySQL 5.7.x < 5.7.33 Multiple Vulnerabilities (Jan 2021 CPU) CVE-2020-1971 CVE-2021-2010 CVE-2021-2011 CVE-2021-2014 CVE-2021-2022 CVE-2021-2032 CVE-2021-2060 CVE-2021-2178 CVE-2021-220222 Jan 2021 4.3 (v3) Medium Pass Cisco IOS XR Software Unauthorized Information Disclosure (cisco-sa-ios-infodisc-4mtm9Gyt) CVE-2021-1128 05 Feb 2021 5.5 (v3) Medium Pass Cisco IOS XR Software IPv6 Access Control List Bypass (cisco-sa-ipv6-acl-CHgdYk8j) CVE-2021-1389 12 Feb 2021 6.5 (v3) Medium Pass Cisco IOS XR Software for 8000 Series Routers Network Convergence System 540 Series Routers Privilege Escalation (cisco-sa-iosxrCVE-2021-1370 -pe-QpzCAePe) 16 Mar 2021 7.8 (v3) High Pass MySQL 5.7.x < 5.7.34 Multiple Vulnerabilities (Apr 2021 CPU) CVE-2021-2146 CVE-2021-2154 CVE-2021-2162 CVE-2021-2166 CVE-2021-2169 CVE-2021-2171 CVE-2021-2174 CVE-2021-2179 CVE-2021-2180 CVE-2021-2194 CVE-2021-2226 CVE-2021-2307 CVE-2021-3449 CVE-2021-2384122 Apr 2021 6.1 (v3) Medium Pass MySQL 8.0.x < 8.0.24 Multiple Vulnerabilities (Apr 2021 CPU) CVE-2020-28196 CVE-2021-2146 CVE-2021-2162 CVE-2021-2164 CVE-2021-2166 CVE-2021-2169 CVE-2021-2170 CVE-2021-2171 CVE-2021-2172 CVE-2021-2174 CVE-2021-2179 CVE-2021-2180 CVE-2021-2193 CVE-2021-2194 CVE-2021-2196 CVE-2021-2201 CVE-2021-2203 CVE-2021-2208 CVE-2021-2212 CVE-2021-2215 CVE-2021-2217 CVE-2021-2226 CVE-2021-2230 CVE-2021-2232 CVE-2021-2278 CVE-2021-2293 CVE-2021-2298 CVE-2021-2299 CVE-2021-2300 CVE-2021-2301 CVE-2021-2304 CVE-2021-2305 CVE-2021-2307 CVE-2021-2308 CVE-2021-2444 CVE-2021-3449 CVE-2021-2384122 Apr 2021 6.1 (v3) Medium Pass Atlassian Conﬂuence < 6.13.23 / 6.14 < 7.4.11 / 7.5 < 7.11.6 / 7.12 < 7.12.5 Webwork OGNL Injection (CONFSERCVE-2021-26084VER-67940) 26 Aug 2021 9.8 (v3) Critical Pass Cisco NX-OS Software VXLAN OAM DoS (cisco-sa-nxos-ngoam-dos-LTDb9Hv) CVE-2021-1587 27 Aug 2021 8.6 (v3) High Pass Cisco Application Policy Infrastructure Controller App Privilege Escalation (cisco-sa-capic-chvul-CKfGYBh8)CVE-2021-1579 02 Sep 2021 8.8 (v3) High Pass Cisco IOS Software IOx Application Environment Path Traversal (cisco-sa-iox-pt-hWGcPf7g) CVE-2021-1385 08 Sep 2021 6.5 (v3) Medium Pass Trend Micro Apex Central Management Web Console Detection 19 Apr 2022 None Pass Cisco IOS XR Software Unauthorized Information Disclosure (cisco-sa-iosxr-infodisc-CjLdGMc5) CVE-2021-34771 10 Sep 2021 5.5 (v3) Medium Pass Cisco IOS XR Software Authenticated User Privilege Escalation (cisco-sa-iosxr-privescal-dZYMrKf) CVE-2021-34719 CVE-2021-34728 10 Sep 2021 7.8 (v3) High Pass Cisco IOS XR Software IP Service Level Agreements Two Way Active Measurement Protocol DoS (cisco-sa-ipsla-ZA3SRrpP)CVE-2021-34720 10 Sep 2021 8.6 (v3) High Pass Cisco IOS XR Software Arbitrary File Read and Write (cisco-sa-iosxr-scp-inject-QwZOCv2) CVE-2021-34718 10 Sep 2021 8.1 (v3) High Pass Cisco IOS XR Software Command Injection (cisco-sa-iosxr-cmd-inj-wbZKvPxc) CVE-2021-34721 CVE-2021-34722 10 Sep 2021 6.7 (v3) Medium Pass Cisco TelePresence Video Communication Server GNU glibc gethostbyname Function Buﬀer Overﬂow Vulnerability (GHOST)CVE-2015-0235 18 Feb 2015 10 (v3) Critical Pass Cisco IOS XR Software Command Injection (cisco-sa-xr-cmdinj-vsKGherc) CVE-2021-1485 13 Apr 2021 7.8 (v3) High Pass Cisco TelePresence Video Communication Server SIP DoS CVE-2014-0662 28 Jan 2014 7.5 (v3) High Pass Kaseya VSA < 9.5.7a Multiple Vulnerabilities CVE-2021-30116 CVE-2021-30119 CVE-2021-30120 12 Jul 2021 9.8 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11211) CVE-2021-0297 13 Oct 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11218) CVE-2021-31353 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11215) CVE-2021-31350 13 Oct 2021 8.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11251) CVE-2021-31383 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11230) CVE-2021-31368 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11232) CVE-2021-31370 13 Oct 2021 6.5 (v3) Medium Pass LiveZilla < 5.1.2.1 Multiple Vulnerabilities CVE-2013-7003 CVE-2013-7032 CVE-2013-7033 CVE-2013-7034 18 Dec 2013 7.5 (v2) High Pass Nagios XI < 2012R2.4 tfPassword Parameter SQL Injection CVE-2013-6875 26 Dec 2013 7.5 (v2) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check SNMP) CVE-2021-44228 23 Dec 2021 10 (v3) Critical Pass HP Intelligent Management Center APM Module < 7.0 E0101 SQL Injection CVE-2013-4827 09 Jan 2014 7.5 (v2) High Pass IBM Domino 8.5.x < 8.5.3 FP6 iNotes Multiple XSS (uncredentialed check) CVE-2013-4063 CVE-2013-4064 CVE-2013-4065 08 Jan 2014 4.3 (v2) Medium Pass Serv-U FTP Server < 15.0.0.0 Multiple Security Vulnerabilities 08 Jan 2014 5 (v2) Medium Pass HP Intelligent Management Center < 7.0 E0102 DES / ECB Weak Decryption Key CVE-2013-4825 09 Jan 2014 7.5 (v2) High Pass Apache JSPWiki Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 07 Jan 2022 10 (v3) Critical Pass HP Intelligent Management Center Branch Intelligent Management Module Multiple Vulnerabilities CVE-2013-4822 CVE-2013-4823 09 Jan 2014 10 (v2) Critical Pass HP Intelligent Management Center SOM Module < 7.0 E0101 Multiple Vulnerabilities CVE-2013-4824 CVE-2013-4826 09 Jan 2014 7.5 (v2) High Pass Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003) (exploit) CVE-2019-6340 27 Feb 2019 8.1 (v3) High Pass GPON ONT Home Gateway Authenticated Remote Command Execution (CVE-2019-3920) CVE-2019-3920 28 Mar 2019 8.8 (v3) High 42

Pass Oracle XDB Default Accounts 23 May 2018 9.8 (v3) Critical Pass Oracle Integrated Lights Out Manager Default Credentials 23 Aug 2012 9.8 (v3) Critical Pass Siemens SIMATIC Logon Authentication Bypass CVE-2017-2684 10 Mar 2017 9 (v3) Critical Pass Samba 'AndX' Request Heap-Based Buﬀer Overﬂow CVE-2012-0870 13 Mar 2012 10 (v2) Critical Pass HP Network Node Manager Detection 28 Mar 2012 None Pass IBM iSeries Default Password 06 Feb 2012 9.8 (v3) Critical Pass Modicon PLC IO Scan Status SNMP Request Scan Status Remote Disclosure 11 Dec 2006 5 (v2) Medium Pass Siemens SIMATIC WinCC Default Password Authentication Bypass CVE-2010-2772 16 Jul 2010 7.5 (v2) High Pass MS09-001: Microsoft Windows SMB Vulnerabilities Remote Code Execution (958687) (uncredentialed check)CVE-2008-4834 CVE-2008-4835 CVE-2008-4114 13 Jan 2009 10 (v2) Critical Pass Microsoft Windows 10 Version 1511 Unsupported Version Detection 17 Oct 2017 10 (v3) Critical Pass Microsoft Windows 10 Version 1703 Unsupported Version Detection 02 Nov 2018 10 (v3) Critical Pass Cisco IOS XE Software ARP Resource Management Exhaustion Denial of Service (cisco-sa-arp-mtfhBfjE) CVE-2021-1377 30 Mar 2021 5.8 (v3) Medium Pass Microsoft Windows Version 1709 Unsupported Version Detection 17 Apr 2019 10 (v3) Critical Pass Joomla! Extension Detection 21 Jan 2019 None Pass Microsoft Windows 10 Version 1809 Unsupported Version Detection 14 Jan 2021 10 (v3) Critical Pass Cisco IOS Software ARP Resource Management Exhaustion Denial of Service (cisco-sa-arp-mtfhBfjE) CVE-2021-1377 30 Mar 2021 5.8 (v3) Medium Pass PHP 5.4.x < 5.4.24 Multiple Vulnerabilities CVE-2013-6712 13 Jan 2014 5 (v2) Medium Pass Apache Tomcat < 9.0.0.M3 Multiple Vulnerabilities CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 11 Jan 2019 8.8 (v3) High Pass Apache Tomcat < 8.0.30 Directory Disclosure CVE-2015-5345 11 Jan 2019 5.3 (v3) Medium Pass Apache Tomcat < 8.0.0-RC10 Multiple Vulnerabilities CVE-2013-4322 CVE-2013-4590 11 Jan 2019 3.7 (v3) Low Pass Apache Tomcat 7.0.x < 7.0.88 Denial of Service CVE-2018-1336 11 Jan 2019 7.5 (v3) High Pass Apache Tomcat 7.0.x < 7.0.76 / 8.0.x < 8.0.42 / 8.5.x < 8.5.12 / 9.0.x < 9.0.0.M18 Improper Access ControlCVE-2017-5648 11 Jan 2019 9.1 (v3) Critical Pass Cisco Prime Security Manager GNU Bash Environment Variable Handling Command Injection (cisco-sa-20140926-bash) (Shellshock)CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 03 Nov 2014 10 (v2) Critical Pass HP LoadRunner < 11.52 SSL Connection Handling Stack Buﬀer Overﬂow RCE CVE-2013-4800 15 Aug 2013 9.3 (v2) High Pass Rocket Software UniRPC Version Detection 19 Jan 2011 None Pass Apache Tomcat 7.0.x < 7.0.70 / 8.0.x < 8.0.36 / 8.5.x < 8.5.3 / 9.0.x < 9.0.0.M8 Denial of Service CVE-2016-3092 11 Jan 2019 7.5 (v3) High Pass Apache Tomcat < 7.0.67 Session Fixation CVE-2015-5346 11 Jan 2019 8.1 (v3) High Pass Apache Tomcat 7.0.x < 7.0.65 / 8.0.x < 8.0.27 Directory Traversal CVE-2015-5174 11 Jan 2019 4.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.47 / 8.0.x < 8.0.0-RC3 Information Disclosure CVE-2013-4286 11 Jan 2019 6.5 (v3) Medium Pass Apache Tomcat < 7.0.2 Denial of Service and Information Disclosure CVE-2010-2227 11 Jan 2019 6.5 (v3) Medium Pass Novell File Reporter Engine Detection 08 Jul 2011 None Pass GPON ONT Home Gateway Router is vulnerable to authentication bypass (CVE-2018-10561) CVE-2018-10561 19 Dec 2018 9.8 (v3) Critical Pass Apache Tomcat < 6.0.14 Multiple Vulnerabilities CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3385 CVE-2007-3386 11 Jan 2019 4.3 (v3) Medium Pass Apache Tomcat < 6.0.10 Directory Traversal CVE-2007-0450 11 Jan 2019 5.3 (v3) Medium Pass PHP 7.2.x < 7.2.13 Multiple vulnerabilities CVE-2018-19518 CVE-2018-20783 19 Dec 2018 7.5 (v3) High Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Jan 2019 CPU)CVE-2018-0732 CVE-2018-0737 CVE-2019-2512 18 Jan 2019 5.9 (v3) Medium Pass PHP 5.5.x < 5.5.8 Multiple Vulnerabilities CVE-2013-6712 13 Jan 2014 5 (v2) Medium Pass PHP 7.1.x < 7.1.25 Multiple vulnerabilities CVE-2018-19518 CVE-2018-20783 19 Dec 2018 7.5 (v3) High Pass memcached < 1.4.17 Multiple Vulnerabilities CVE-2013-7239 CVE-2013-7290 CVE-2013-7291 30 Jan 2014 4.8 (v2) Medium Pass memcached SASL Authentication Security Bypass CVE-2013-7239 30 Jan 2014 4.8 (v2) Medium Pass Jenkins LTS < 2.289.2 / Jenkins weekly < 2.300 Multiple Vulnerabilities CVE-2021-21670 CVE-2021-21671 CVE-2021-21672 CVE-2021-21673 CVE-2021-21674 30 Jun 2021 7.5 (v3) High Pass Adobe Connect < 11.2.3 Privilege Escalation (ASPB21-66) CVE-2021-36061 CVE-2021-36062 CVE-2021-36063 11 Aug 2021 6.1 (v3) Medium Pass Patch Report 08 Jul 2013 None Pass Adobe Experience Manager 6.5.0.0 < 6.5.10.0 Multiple Vulnerabilities (APSB21-82) CVE-2021-40711 CVE-2021-40712 CVE-2021-40713 CVE-2021-40714 15 Sep 2021 6.1 (v3) Medium Pass Cisco TelePresence Video Communication Server Expressway Default SSL Certiﬁcate CVE-2014-0675 01 Feb 2014 6.5 (v3) Medium Pass Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service (cisco-sa-ewlc-ipv6-dos-NMYCVE-2021-34767eCnZv) 22 Sep 2021 7.4 (v3) High Pass Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution (cisco-sa-ewlc-capwap-rCVE-2021-34770 ce-LYgj8Kf) 22 Sep 2021 7.2 (v3) High Pass Jenkins Enterprise and Operations Center < 2.249.32.0.2 / 2.277.41.0.2 / 2.303.1.6 Multiple Vulnerabilities (CloudBees Security Advisory 2021-08-31)CVE-2021-21677 CVE-2021-21678 CVE-2021-21679 CVE-2021-21680 CVE-2021-21681 06 Oct 2021 8.8 (v3) High Pass Jenkins Enterprise and Operations Center < 2.249.31.0.6 / 2.277.40.0.1 / 2.289.2.2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-06-30)CVE-2021-21670 CVE-2021-21671 11 Oct 2021 7.5 (v3) High Pass Adobe Connect < 11.2.3 Multiple Vulnerabilities (ASPB21-91) CVE-2021-40719 CVE-2021-40721 14 Oct 2021 9.8 (v3) Critical Pass H2 Database JNDI Lookup RCE (CVE-2021-42392) CVE-2021-42392 22 Feb 2022 9.8 (v3) Critical Pass Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface DoS (cisco-sa-smb-switches-web-dos-xMyFFkt8)CVE-2021-40127 12 Nov 2021 5.3 (v3) Medium Pass D-Link DIR-825 R1 Device < 3.0.2 RCE (CVE-2020-29557) CVE-2020-29557 12 Nov 2021 9.8 (v3) Critical Pass Schneider Electric ISGG dc.exe File Upload RCE (CVE-2021-22803) CVE-2021-22803 12 Nov 2021 9.8 (v3) Critical Pass Nucleus Net TCP/IP Stack - FTP Detection 18 May 2021 None Pass WordPress Plugin 'SRS Simple Hits Counter' Information Disclosure (direct check) CVE-2020-5766 28 Jun 2021 7.5 (v3) High Pass Oracle Primavera Uniﬁer (Oct 2021 CPU) CVE-2021-23337 CVE-2021-28657 CVE-2021-36090 CVE-2021-36374 20 Oct 2021 7.2 (v3) High Pass MySQL 5.7.x < 5.7.36 Multiple Vulnerabilities (Oct 2021 CPU) CVE-2021-3711 CVE-2021-22926 CVE-2021-35604 CVE-2021-35624 20 Oct 2021 9.8 (v3) Critical Pass Oracle MySQL Enterprise Monitor (Oct 2021 CPU) CVE-2021-3712 CVE-2021-22112 CVE-2021-22118 CVE-2021-29425 CVE-2021-33037 20 Oct 2021 8.8 (v3) High Pass Kaseya VSA < 9.3.0.35 / 9.4 < 9.4.0.36 / 9.5 < 9.5.0.5 RCE CVE-2018-20753 10 May 2022 9.8 (v3) Critical Pass Apache Tomcat 8.5.38 < 8.5.79 vulnerability CVE-2022-29885 10 May 2022 7.5 (v3) High Pass Apache Tomcat 10.0.0.M1 < 10.0.21 vulnerability CVE-2022-29885 10 May 2022 7.5 (v3) High Pass Apache Tomcat 9.0.13 < 9.0.63 vulnerability CVE-2022-29885 10 May 2022 7.5 (v3) High Pass Apache 2.4.x < 2.4.38 Multiple Vulnerabilities CVE-2018-17189 CVE-2018-17199 CVE-2019-0190 24 Jan 2019 7.5 (v3) High Pass Jenkins < 2.150.2 LTS / 2.160 Multiple Vulnerabilities CVE-2019-1003003 CVE-2019-1003004 23 Jan 2019 7.2 (v3) High Pass PHP 5.6.x < 5.6.40 Multiple vulnerabilities. CVE-2016-10166 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9023 CVE-2019-9024 06 Feb 2019 9.8 (v3) Critical Pass ThinkPHP Multiple Parameter RCE CVE-2018-20062 CVE-2019-9082 06 Feb 2019 9.8 (v3) Critical Pass Apache 2.4.x < 2.4.33 Multiple Vulnerabilities CVE-2017-15710 CVE-2017-15715 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 08 Feb 2019 9.8 (v3) Critical Pass ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check) (PCI-DSS check) CVE-2017-4902 CVE-2017-4903 28 Mar 2022 8.8 (v3) High Pass SonicWall NSv Next-Gen Virtual Firewall SSL VPN 28 Mar 2022 None Pass MongoDB 2.6.x < 2.6.9, 3.0.x < 3.0.14, 3.2.x < 3.2.8 mongod CVE-2014-2917 CVE-2014-3971 CVE-2014-8964 CVE-2015-2705 CVE-2017-12926 15 Feb 2019 7.2 (v3) High Pass PHP 7.2.x < 7.2.0 Heap-based Buﬀer Overﬂow Vulnerability CVE-2017-12932 01 Mar 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.9 Heap-based Buﬀer Overﬂow Vulnerability CVE-2017-12932 01 Mar 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.8 Denial of Service Vulnerability CVE-2017-11143 01 Mar 2019 7.5 (v3) High Pass PHP 7.1.x < 7.1.3 Denial of Service Vulnerability CVE-2017-11142 01 Mar 2019 7.5 (v3) High Pass PHP 7.1.x < 7.1.0 Multiple Vulnerabilities. CVE-2016-9933 CVE-2016-9934 CVE-2016-9936 01 Mar 2019 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.23 Heap-based Buﬀer Overﬂow Vulnerability CVE-2017-12932 01 Mar 2019 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.22 Denial of Service Vulnerability CVE-2017-11143 01 Mar 2019 7.5 (v3) High Pass Oracle Application Express (APEX) / REST Data Services Listener Installation Detection 07 Oct 2014 None Pass Oracle Default SID 19 Jul 2006 None Pass Apache Log4Shell RCE detection via callback correlation (Direct Check SSH) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass PHP 7.0.x < 7.0.17 Denial of Service Vulnerability CVE-2017-11142 01 Mar 2019 7.5 (v3) High Pass Apache Struts CVE-2018-11776 Results With No Namespace Remote Code Execution (S2-057) (remote) CVE-2018-11776 23 Aug 2018 8.1 (v3) High Pass Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability (cisco-sa-20190123-rv-info) (rCVE-2019-1653emote check) 25 Jan 2019 7.5 (v3) High Pass Drupal Remote Code Execution Vulnerability (SA-CORE-2018-002) (exploit) CVE-2018-7600 13 Apr 2018 9.8 (v3) Critical Pass DNN (DotNetNuke) 5.2.0 < 9.1.1 Multiple Vulnerabilities CVE-2017-9822 12 Jul 2017 8.8 (v3) High Pass Symantec Messaging Gateway 10.x < 10.6.3-267 Multiple Vulnerabilities (SYM17-006) CVE-2017-6327 CVE-2017-6328 16 Aug 2017 8.8 (v3) High Pass Apache Struts 2 REST Plugin XStream XML Request Deserialization RCE CVE-2017-9805 06 Sep 2017 8.1 (v3) High Pass Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta Multipart Parser RCE (remote) CVE-2017-5638 08 Mar 2017 10 (v3) Critical Pass Microsoft Windows Server 2003 IIS 6.0 WebDAV PROPFIND Request Handling RCE (EXPLODINGCAN) CVE-2017-7269 20 Apr 2017 9.8 (v3) Critical Pass Trend Micro ServerProtect for Windows (SpntSvc.exe) StRpcSrv.dll Arbitrary Remote Code Execution CVE-2007-6507 18 Dec 2007 10 (v2) Critical Pass Oracle WebLogic Java Object Deserialization RCE CVE-2015-4852 23 Nov 2015 9.8 (v3) Critical Pass Oracle Reports Servlet Remote File Access CVE-2012-3152 20 Mar 2014 6.4 (v2) Medium Pass Atlassian Conﬂuence < 6.6.12 / 6.7.x < 6.12.3 / 6.13.x < 6.13.3 / 6.14.x < 6.14.2 Template Injection CVE-2019-3396 11 Apr 2019 9.8 (v3) Critical Pass Advantech WebAccess webvrpcs.exe Arbitrary File Download CVE-2019-3941 26 Apr 2019 7.5 (v3) High Pass Cisco Small Business RV320 and RV325 Routers Multiple Vulnerabilities (cisco-sa-20190123-rv-inject, cisco-sa-20190123-rv-info)CVE-2019-1652 CVE-2019-1653 15 Apr 2019 7.5 (v3) High Pass Atlassian Crowd 2.1.x < 3.0.5 / 3.1.x < 3.1.6 / 3.2.x < 3.2.8 / 3.3.x < 3.3.5 / 3.4.x < 3.4.4 RCE Vulnerability CVE-2019-11580 28 May 2019 9.8 (v3) Critical Pass Pulse Secure Pulse Connect Secure SSL VPN Unauthenticated Path Traversal (CVE-2019-11510) CVE-2019-11510 16 Aug 2019 10 (v3) Critical Pass Unsupported Cisco Operating System 19 Feb 2014 10 (v3) Critical Pass Apache Solr < 8.4.0 Remote Code Execution CVE-2019-17558 02 Jan 2020 7.5 (v3) High Pass SSL/TLS Deprecated Ciphers (deprecated) 26 Nov 2019 None Pass ManageEngine Desktop Central 10 < Build 100479 Remote Code Execution (direct check) CVE-2020-10189 10 Apr 2020 9.8 (v3) Critical Pass WordPress Plugin 'Duplicator' < 1.3.28 Unauthenticated Arbitrary File Download CVE-2020-11738 21 Feb 2020 7.5 (v3) High Pass Microsoft DNS Server Remote Code Execution (SIGRed) CVE-2020-1350 16 Jul 2020 10 (v3) Critical Pass PHP 7.0.x < 7.0.0 Multiple Vulnerabilities CVE-2014-9767 CVE-2015-8867 CVE-2015-8874 CVE-2015-8879 01 Mar 2019 7.5 (v3) High Pass Nacos Detection 26 Oct 2021 None Pass PHP 5.4.x < 5.4.0 Multiple Vulnerabilities CVE-2011-2483 CVE-2011-3389 CVE-2011-4153 04 Mar 2019 7.5 (v3) High Pass Trend Micro Control Manager CmdProcessor.exe Remote Buﬀer Overﬂow (uncredentialed check) CVE-2011-5001 24 Jan 2012 10 (v2) Critical Pass PHP 7.3.x < 7.3.2 Information Disclosure. CVE-2019-9022 11 Mar 2019 7.5 (v3) High Pass vBulletin CVE-2019-16759 Bypass Remote Code Execution (CVE-2020-17496) (direct check) CVE-2019-16759 CVE-2020-17496 10 Aug 2020 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.33 Multiple vulnerabilities CVE-2018-19518 CVE-2018-20783 13 Mar 2019 7.5 (v3) High Pass HP Printer Firmware Signing Disabled CVE-2011-4161 01 Mar 2012 10 (v2) Critical 43

Pass Symantec pcAnywhere awhost32 Remote Code Execution CVE-2011-3478 22 Feb 2012 10 (v2) Critical Pass Firewall Detection (2) (deprecated) 26 Oct 2007 None Pass PHP 5.6.x < 5.6.35 Security Bypass Vulnerability CVE-2018-10545 04 Mar 2019 4.7 (v3) Medium Pass Pulse Policy Secure < 9.1R8.2 (SA44588) CVE-2020-8238 CVE-2020-8243 CVE-2020-8256 09 Oct 2020 7.2 (v3) High Pass Selligent Message Studio Struts Code Execution (CVE-2017-5638) CVE-2017-5638 20 Oct 2020 10 (v3) Critical Pass Pulse Connect Secure < 9.1R9 (SA44601) CVE-2015-9251 CVE-2019-11358 CVE-2020-8255 CVE-2020-8260 CVE-2020-8261 CVE-2020-8262 CVE-2020-8263 CVE-2020-15352 30 Oct 2020 7.2 (v3) High Pass Oracle WebLogic Server RCE (CVE-2020-14882) CVE-2020-14750 CVE-2020-14882 06 Nov 2020 9.8 (v3) Critical Pass SolarWinds Orion Platform < 2019.4 HF6 / 2020.2 < 2020.2.1 HF2 Authentication Bypass (SUPERNOVA) CVE-2020-10148 28 Dec 2020 9.8 (v3) Critical Pass SAP BusinessObjects Business Intelligence Platform SSRF Vulnerability (direct check) CVE-2020-6308 08 Feb 2021 5.3 (v3) Medium Pass SSH Weak Key Exchange Algorithms Enabled 13 Oct 2021 3.7 (v3) Low Pass SSH Host Keys < 2048 Bits Considered Weak 13 Oct 2021 3.7 (v3) Low Pass Cisco IOS XE Software Smart Install Remote Code Execution Vulnerability CVE-2018-0171 29 Mar 2018 9.8 (v3) Critical Pass Comelit Intercom Master Detection 21 Apr 2017 None Pass VMware vRealize Operations Manager Web UI Detection 26 May 2016 None Pass Trend Micro OﬃceScan Multiple Vulnerabilities (000263632) CVE-2020-24557 CVE-2020-24558 29 Apr 2021 7.8 (v3) High Pass Trend Micro Apex One Multiple Vulnerabilities (000263632) CVE-2020-24556 CVE-2020-24557 CVE-2020-24558 CVE-2020-24562 30 Apr 2021 7.8 (v3) High Pass Advantech WebAccess < 8.0.2015.08.16 Unspeciﬁed DLL String Handling Arbitrary Code Execution CVE-2014-9202 17 Nov 2015 6.9 (v2) Medium Pass HPE Intelligent Management Center dbman Command 10001 Information Disclosure CVE-2019-5392 10 Oct 2018 5.3 (v3) Medium Pass Kibana ESA-2019-01, ESA-2019-02, ESA-2019-03 CVE-2019-7608 CVE-2019-7609 CVE-2019-7610 04 Mar 2019 10 (v3) Critical Pass HP Universal Conﬁguration Management Database Server Detection 18 Mar 2015 None Pass Siemens SIMATIC Logon Detection 10 Mar 2017 None Pass RuggedCom RuggedOS Known Hardcoded SSL RSA Private Key CVE-2012-4698 16 Oct 2012 4.3 (v2) Medium Pass Websense TRITON Detection 21 May 2015 None Pass Advantech / BroadWin WebAccess webvrpcs.exe Service Remote Code Execution (uncredentialed check) (deprCVE-2011-4041ecated) 02 Dec 2011 10 (v2) Critical Pass IBM iSeries Server Detection 06 Feb 2012 None Pass Magento Detection 11 May 2015 None Pass EtherNet/IP CIP List of Active Object Classes 14 May 2015 None Pass EtherNet/IP CIP Device Identiﬁcation 14 May 2015 None Pass Inductive Automation Ignition Detection 02 Jun 2015 None Pass MS12-020: Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) (uncredentialed check)CVE-2012-0002 CVE-2012-0152 22 Mar 2012 9.3 (v2) High Pass MS08-067: Vulnerability in Server Service Could Allow Remote Code Execution (958644) (ECLIPSEDWING) (uncrCVE-2008-4250edentialed check / IPS) 21 Nov 2008 9.8 (v3) Critical Pass LDAP Server NULL Bind Connection Information Disclosure 13 Aug 2001 5.3 (v3) Medium Pass 3S CoDeSys Runtime Toolkit NULL Pointer Dereference (uncredentialed check) CVE-2014-0757 18 Feb 2014 5 (v2) Medium Pass Ubiquiti airCam Detection 19 Feb 2014 None Pass McAfee Web Gateway User Interface Detection 21 Feb 2014 None Pass A10 Networks Advanced Core OS Device Detection 03 Apr 2014 None Pass RuggedCom RuggedOS SNMP Protocol Unspeciﬁed DoS CVE-2014-1966 15 Apr 2014 7.8 (v2) High Pass Exim deliver_message() Function Remote Command Execution Vulnerability (Remote) CVE-2019-10149 29 Jul 2019 9.8 (v3) Critical Pass Microsoft RDP RCE (CVE-2019-0708) (BlueKeep) (uncredentialed check) CVE-2019-0708 22 May 2019 9.8 (v3) Critical Pass GPON ONT Home Gateway Router Detection 19 Dec 2018 None Pass Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027) (Direct Check) CVE-2019-19781 09 Jan 2020 9.8 (v3) Critical Pass Microsoft Remote Desktop Gateway Multiple RCE Vulnerabilities (uncredentialed check) CVE-2020-0609 CVE-2020-0610 CVE-2020-0612 29 Jan 2020 9.8 (v3) Critical Pass Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02) CVE-2016-4055 CVE-2017-18214 CVE-2019-1559 28 Mar 2019 5.9 (v3) Medium Pass F5 Networks BIG-IP : TMUI RCE (CVE-2020-5902) (Direct Check) CVE-2020-5902 06 Jul 2020 9.8 (v3) Critical Pass Tenable Nessus < 7.1.0 Multiple Vulnerabilities (TNS-2018-05) CVE-2018-1147 CVE-2018-1148 24 May 2018 6.5 (v3) Medium Pass EMC AutoStart ftAgent Version Detection 02 Aug 2012 None Pass JoomGallery for Joomla! < 3.3.4 SQL Injection 02 Jan 2018 6.6 (v3) Medium Pass CoDeSys Gateway Service Detection 11 Mar 2013 None Pass CA ARCserve Backup Remote Code Execution (CA20121018) (uncredentialed check) CVE-2012-2971 04 Dec 2012 10 (v3) Critical Pass VMware Workspace One Access / VMware Identity Manager Command Injection Vulnerability (VMSA-2020-0027)CVE-2020-4006 08 Dec 2020 9.1 (v3) Critical Pass Novell Privileged User Manager Daemon Detection 02 Sep 2009 None Pass EMC Replication Manager irccd.exe RunProgram Message Handling Arbitrary Command Execution 02 Sep 2009 10 (v2) Critical Pass EMC Replication Manager Client Detection 02 Sep 2009 None Pass EMC Replication Manager Server Detection 02 Sep 2009 None Pass Cisco ASA 5500 Series Adaptive Security Appliance NTLMv1 Authentication Bypass (cisco-sa-20100217-asa)CVE-2010-0568 01 Mar 2010 7.8 (v2) High Pass Wyse Device Manager HAgent Service Detection 02 Sep 2009 None Pass Web Application Firewall Detection 10 Dec 2009 None Pass Mac OS X AFP Shared Folders Unauthenticated Access (Security Update 2010-006) (uncredentialed check)CVE-2010-1820 21 Sep 2010 7.5 (v2) High Pass Cisco Secure Access Control Server Detection 19 Aug 2008 None Pass Atlassian JIRA Detection 20 Apr 2010 None Pass PHP 5.6.x < 5.6.33 Multiple Vulnerabilities CVE-2018-5711 CVE-2018-5712 12 Jan 2018 6.1 (v3) Medium Pass PHP 7.0.x < 7.0.27 Multiple Vulnerabilities CVE-2018-5711 CVE-2018-5712 CVE-2018-14884 12 Jan 2018 6.1 (v3) Medium Pass PHP 7.1.x < 7.1.13 Multiple Vulnerabilities CVE-2018-5711 CVE-2018-5712 CVE-2018-14884 12 Jan 2018 6.1 (v3) Medium Pass Atlassian JIRA Plugins Detection 23 Sep 2019 None Pass PHP 7.2.x < 7.2.1 Multiple Vulnerabilities CVE-2018-5711 CVE-2018-5712 CVE-2018-14884 12 Jan 2018 6.1 (v3) Medium Pass Oracle Primavera Uniﬁer Platform Component Unspeciﬁed Remote Issue (January 2018 CPU) CVE-2018-2620 19 Jan 2018 8.1 (v3) High Pass VMware vCenter Server 6.5 / 6.7 / 7.0 Information Disclosure (VMSA-2022-0009) CVE-2022-22948 29 Mar 2022 6.5 (v3) Medium Pass SSH Multiple Device Default Credentials 30 Jan 2018 9.8 (v3) Critical Pass Default Password 'St0r@ge!' for 'administrator' Account 08 Mar 2018 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.34 Stack Buﬀer Overﬂow CVE-2018-7584 08 Mar 2018 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.28 Stack Buﬀer Overﬂow CVE-2018-7584 08 Mar 2018 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.15 Stack Buﬀer Overﬂow CVE-2018-7584 08 Mar 2018 9.8 (v3) Critical Pass ManageEngine EventLog Analyzer XSS Vulnerability CVE-2018-8721 24 Mar 2018 6.1 (v3) Medium Pass MikroTik RouterOS < 6.40.7 or 6.41.x < 6.41.3 SMB Buﬀer Overﬂow CVE-2018-7445 22 Mar 2018 9.8 (v3) Critical Pass SSH Multiple Device Default Credentials (PCI) 03 Apr 2018 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.3 Stack Buﬀer Overﬂow CVE-2018-7584 08 Mar 2018 9.8 (v3) Critical Pass nginx < 0.7.66 / 0.8.x < 0.8.40 Information Disclosure CVE-2010-2263 09 Mar 2018 5.3 (v3) Medium Pass nginx < 0.7.67 / 0.8.x < 0.8.41 DoS CVE-2010-2266 09 Mar 2018 5.3 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (April 2018 CPU)CVE-2018-2849 19 Apr 2018 7.7 (v3) High Pass Dell iDRAC Products Multiple Vulnerabilities (Mar 2018) CVE-2018-1207 CVE-2018-1211 CVE-2018-1000116 20 Apr 2018 9.8 (v3) Critical Pass Schneider Electric InduSoft Web Studio / InTouch Machine Edition Opcode 50 mbstowcs() Stack OverﬂowCVE-2018-8840 23 Apr 2018 9.8 (v3) Critical Pass CKEditor 4.5.11 < 4.9.2 Enhanced Image Plugin XSS CVE-2018-9861 27 Apr 2018 6.1 (v3) Medium Pass Oracle WebLogic Server Deserialization RCE (CVE-2018-2628) CVE-2018-2628 30 Apr 2018 9.8 (v3) Critical Pass Jenkins < 2.107.2 / 2.116 Multiple Vulnerabilities CVE-2018-1000169 CVE-2018-1000170 03 May 2018 5.3 (v3) Medium Pass PHP 5.6.x < 5.6.36 Multiple Vulnerabilities CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 04 May 2018 8.8 (v3) High Pass PHP 7.0.x < 7.0.30 Multiple Vulnerabilities CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 04 May 2018 8.8 (v3) High Pass PHP 7.1.x < 7.1.17 Multiple Vulnerabilities CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 04 May 2018 8.8 (v3) High Pass HP Service Manager 9.30.x / 9.31.x / 9.32.x / 9.33.x / 9.34.x / 9.35.x < 9.35.6007 / 9.40.x / 9.41.x < 9.41.6000 / 9.50.x / 9.51.x Remote SQL InjectionCVE-2018-6494 18 May 2018 5.4 (v3) Medium Pass PHP 7.1.x < 7.1.5 Multiple Vulnerabilities CVE-2017-8923 CVE-2017-9119 25 May 2017 9.8 (v3) Critical Pass HP OﬃceJet Pro and PageWide Pro PJL Interface Directory Traversal RCE CVE-2017-2741 26 May 2017 9.8 (v3) Critical Pass Mount iSCSI Targets with 'None' Authentication 31 May 2017 5.3 (v3) Medium Pass Oracle Primavera Uniﬁer (Jan 2022 CPU) CVE-2020-8908 CVE-2021-2351 CVE-2021-29425 CVE-2021-37714 CVE-2021-38153 CVE-2021-42575 CVE-2021-44832 19 Jan 2022 9.8 (v3) Critical Pass Oracle GoldenGate Manager < 12.2.0.1.1 OBEY Command ggserr.log File Handling RCE 05 Jun 2017 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.39 Multiple vulnerabilities CVE-2018-19518 CVE-2018-19935 CVE-2018-20783 19 Dec 2018 7.5 (v3) High Pass Advantech WebAccess Authentication Bypass CVE-2017-5152 30 Jan 2017 9.1 (v3) Critical Pass NUUO NVR Web Interface Detection 18 Oct 2017 None Pass AVTech Web Interface Detection 23 Oct 2017 None Pass Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543) CVE-2017-8543 22 Aug 2017 9.8 (v3) Critical Pass Advantech WebAccess webvprcs IOCTL 70603 Stack Overﬂow CVE-2019-3975 24 Sep 2019 9.8 (v3) Critical Pass FreeBSD TCP/IP Stack - HTTP Detection 17 May 2021 None Pass Pivotal RabbitMQ Management Plugin Detection 19 May 2017 None Pass Belkin Web Interface Detection 10 Jul 2017 None Pass GPON ONT Home Gateway Authenticated Remote Command Execution (CVE-2019-3919) CVE-2019-3919 25 Mar 2019 8.8 (v3) High Pass SonicWall Secure Remote Access (SRA) Pre-Authentication SQLi (CVE-2019-7481) CVE-2019-7481 11 Jun 2021 7.5 (v3) High Pass Johnson Controls exacqVision Web Service Detection 30 Jun 2021 None Pass Johnson Controls exacqVision Web Service Information Disclosure (JCI-PSA-2021-03) CVE-2021-27656 30 Jun 2021 7.5 (v3) High Pass Serendipity < 2.1.1 Multiple Vulnerabilities CVE-2016-9681 CVE-2016-10082 CVE-2017-5474 CVE-2017-5475 CVE-2017-5476 14 Jun 2017 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.20 Multiple Vulnerabilities 15 Jun 2017 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.6 Multiple Vulnerabilities 15 Jun 2017 9.8 (v3) Critical Pass Veritas NetBackup Appliance 2.7.x / 3.0.x Remote Command Execution (VTS17-005) (exploit) CVE-2017-8859 22 May 2017 9.8 (v3) Critical Pass DNN (DotNetNuke) 3.0.0 < 9.1.0 SWF File Handling XSS 12 Jul 2017 4.7 (v3) Medium Pass Apache 2.4.x < 2.4.27 Multiple Vulnerabilities CVE-2017-9788 CVE-2017-9789 18 Jul 2017 9.1 (v3) Critical 44

Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (July 2017 CPU)CVE-2016-5019 CVE-2017-10038 CVE-2017-10046 CVE-2017-10131 CVE-2017-10160 21 Jul 2017 9.8 (v3) Critical Pass Apache Shiro Default Cipher Key (CVE-2016-4437) CVE-2016-4437 30 Mar 2022 8.1 (v3) High Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (July 2017 CPU) CVE-2017-10149 CVE-2017-10150 21 Jul 2017 4.8 (v3) Medium Pass Zabbix 3.2.x < 3.2.7 Multiple Vulnerabilities 15 Aug 2017 9.8 (v3) Critical Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0506 Multiple Vulnerabilities CVE-2017-12487 CVE-2017-12488 CVE-2017-12489 CVE-2017-12490 CVE-2017-12491 CVE-2017-12492 CVE-2017-12493 CVE-2017-12494 CVE-2017-12495 CVE-2017-12496 CVE-2017-12497 CVE-2017-12498 CVE-2017-12499 CVE-2017-12500 CVE-2017-12501 CVE-2017-12502 CVE-2017-12503 CVE-2017-12504 CVE-2017-12505 CVE-2017-12506 CVE-2017-12507 CVE-2017-12508 CVE-2017-12509 CVE-2017-12510 CVE-2017-12511 CVE-2017-12512 CVE-2017-12513 CVE-2017-12514 CVE-2017-12515 CVE-2017-12516 CVE-2017-12517 CVE-2017-12518 CVE-2017-12519 CVE-2017-12520 CVE-2017-12521 CVE-2017-12522 CVE-2017-12523 CVE-2017-12524 CVE-2017-12525 CVE-2017-12526 CVE-2017-12527 CVE-2017-12528 CVE-2017-12529 CVE-2017-12530 CVE-2017-12531 CVE-2017-12532 CVE-2017-12533 CVE-2017-12534 CVE-2017-12535 CVE-2017-12536 CVE-2017-12537 CVE-2017-12538 CVE-2017-12539 CVE-2017-12540 CVE-2017-1254115 Aug 2017 8.8 (v3) High Pass Default Password '5SaP9I26' for 'remotessh' Account CVE-2017-14115 01 Sep 2017 8.1 (v3) High Pass Apache Struts 2.3.x Struts 1 plugin RCE (remote) CVE-2017-9791 01 Sep 2017 9.8 (v3) Critical Pass HP System Management Homepage < 7.6.1 Multiple Vulnerabilities (HPSBMU03753) CVE-2016-8743 CVE-2017-12544 CVE-2017-12545 CVE-2017-12546 CVE-2017-12547 CVE-2017-12548 CVE-2017-12549 CVE-2017-12550 CVE-2017-12551 CVE-2017-12552 CVE-2017-1255328 Sep 2017 5.6 (v3) Medium Pass Cisco IOS XE Software Interface Queue Wedge DoS (cisco-sa-quewedge-69BsHUBW) CVE-2021-1621 18 Oct 2021 7.4 (v3) High Pass Wind River VxWorks <= 6.8 RCE CVE-2021-29999 27 Oct 2021 9.8 (v3) Critical Pass Citrix Gateway HTTP Detection 30 Mar 2022 None Pass H3C / HPE Intelligent Management Center PLAT <= 7.3 E0501P01 Multiple Vulnerabilities CVE-2017-12555 11 Oct 2017 6.5 (v3) Medium Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0506P03 Multiple RCE CVE-2017-8958 CVE-2017-8961 CVE-2017-8962 CVE-2017-8963 CVE-2017-8964 CVE-2017-8965 CVE-2017-8966 CVE-2017-8967 11 Oct 2017 8.8 (v3) High Pass MikroTik RouterOS < 6.39.3 / 6.40.4 / 6.41rc (KRACK) CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13083 CVE-2017-13084 CVE-2017-13085 CVE-2017-13086 CVE-2017-1308716 Oct 2017 8.1 (v3) High Pass IBM OpenAdmin Tool welcomeService.php Remote Code Execution CVE-2017-1092 23 Oct 2017 9.8 (v3) Critical Pass PHP 7.4.x < 7.4.24 Arbitrary File Write CVE-2021-21706 28 Oct 2021 6.5 (v3) Medium Pass Nacos < 1.4.1 Authentication Bypass (CVE-2021-29441) CVE-2021-29441 26 Oct 2021 9.8 (v3) Critical Pass Apache HTTP Server 2.4.49 & 2.4.50 Path Traversal (CVE-2021-42013) CVE-2021-42013 18 Nov 2021 9.8 (v3) Critical Pass Liferay Portal 6.2.x < 6.2.5 / 7.0.x < 7.0.6 / 7.1.x < 7.1.3 / 7.2.x < 7.2.1 RCE CVE-2020-7961 23 Nov 2021 9.8 (v3) Critical Pass CODESYS V3 Web Server Heap-based Buﬀer Overﬂow (CVE-2021-33485) CVE-2021-33485 08 Dec 2021 9.8 (v3) Critical Pass Jenkins < 2.73.3 / 2.89 Multiple Vulnerabilities CVE-2017-1000391 CVE-2017-1000392 16 Nov 2017 7.3 (v3) High Pass Vanilla Forums Detection 17 Nov 2017 None Pass Zabbix 3.0.x < 3.0.13 / 3.2.x < 3.2.10 / 3.4.x < 3.4.4 Multiple Vulnerabilities 17 Nov 2017 7.3 (v3) High Pass Default Password (CenturyL1nk) for 'admin' Account 01 Dec 2017 9.8 (v3) Critical Pass Microsoft Windows 10 Version 1909 Unsupported Version Detection 11 May 2021 10 (v3) Critical Pass PHP 5.6.x < 5.6.29 Multiple Vulnerabilities CVE-2016-9935 15 Dec 2016 9.8 (v3) Critical Pass Apple TV < 14.6 Multiple Vulnerabilities CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30677 CVE-2021-30682 CVE-2021-30685 CVE-2021-30686 CVE-2021-30687 CVE-2021-30689 CVE-2021-30697 CVE-2021-30700 CVE-2021-30701 CVE-2021-30704 CVE-2021-30705 CVE-2021-30707 CVE-2021-30710 CVE-2021-30715 CVE-2021-30720 CVE-2021-30724 CVE-2021-30727 CVE-2021-30734 CVE-2021-30736 CVE-2021-30737 CVE-2021-30740 CVE-2021-30744 CVE-2021-3074927 May 2021 8.8 (v3) High Pass Cisco ADE-OS Local File Inclusion (cisco-sa-ade-xcvAQEOZ) CVE-2021-1306 27 May 2021 3.4 (v3) Low Pass ForgeRock Access Management < 7.0 RCE CVE-2021-35464 02 Jul 2021 9.8 (v3) Critical Pass Cisco ASA Software and FTD Software Web Services Interface XSS (cisco-sa-asaftd-xss-multiple-FCB3vPZe) (DirCVE-2020-3580ect Check) 07 Jul 2021 6.1 (v3) Medium Pass PHP 7.0.x < 7.0.14 Multiple Vulnerabilities CVE-2016-9935 CVE-2016-9936 15 Dec 2016 9.8 (v3) Critical Pass NetIQ Sentinel Java Object Deserialization RCE 13 Jan 2017 9.8 (v3) Critical Pass Buﬀalo Routers Multiple Vulnerabilities (TRA-2021-13) CVE-2021-20090 CVE-2021-20091 CVE-2021-20092 04 Aug 2021 9.8 (v3) Critical Pass Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta Multipart Parser RCE (S2-045) (S2-046) CVE-2017-5638 07 Mar 2017 10 (v3) Critical Pass Cisco IOS XR Software Cisco Discovery Protocol Remote Code Execution Vulnerability (cisco-sa-20200205-iosxrCVE-2020-3118-cdp-rce) 10 Feb 2020 8.8 (v3) High Pass Microsoft Windows 10 Version 1803 Unsupported Version Detection 24 Jun 2020 10 (v3) Critical Pass ManageEngine ServiceDesk Plus < 10.0 Build 10012 Arbitrary File Upload CVE-2019-8394 09 Dec 2020 6.5 (v3) Medium Pass ManageEngine ADSelfService Plus < build 6114 REST API Authentication Bypass CVE-2021-40539 08 Sep 2021 9.8 (v3) Critical Pass Cisco IOS XE Software SD WAN Arbitrary File Overwrite (cisco-sa-sd-wan-GjR5pGOm) CVE-2021-1612 22 Sep 2021 7.1 (v3) High Pass Juniper Junos OS Vulnerability (JSA11225) CVE-2021-31363 13 Oct 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11231) CVE-2021-31369 13 Oct 2021 5.3 (v3) Medium Pass Serv-U FTP Server < 15.3 Improper Input Validation CVE-2021-35247 20 Jan 2022 5.3 (v3) Medium Pass Cisco IOS XE Software Multiple Products CLI Command Injection (cisco-sa-cli-cmdinj-4MttWZPB) CVE-2022-20655 20 Jan 2022 8.8 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11222) CVE-2021-31359 CVE-2021-31360 13 Oct 2021 7.8 (v3) High Pass Oracle Primavera P6 Enterprise Project Portfolio Management (Jan 2022 CPU) CVE-2021-2351 CVE-2021-44832 20 Jan 2022 7.5 (v3) High Pass Oracle Primavera Gateway (Jan 2022 CPU) CVE-2021-44832 20 Jan 2022 6.6 (v3) Medium Pass PHP 7.4.x < 7.4.25 CVE-2021-21703 22 Oct 2021 7 (v3) High Pass PHP 7.3.x < 7.3.32 CVE-2021-21703 28 Oct 2021 7 (v3) High Pass Advantech WebAccess < 7.2-2013.11.14 Multiple Vulnerabilities CVE-2014-0763 CVE-2014-0764 CVE-2014-0765 CVE-2014-0766 CVE-2014-0767 CVE-2014-0768 CVE-2014-0770 CVE-2014-0771 CVE-2014-0772 CVE-2014-077317 Aug 2015 7.5 (v2) High Pass Tenable Nessus <= 8.15.2 Local Privilege Escalation (TNS-2021-18) CVE-2021-20135 01 Nov 2021 6.7 (v3) Medium Pass Cisco Uniﬁed Communications Manager Path Traversal (cisco-sa-cucm-path-trav-dKCvktvO) CVE-2021-34701 05 Nov 2021 4.3 (v3) Medium Pass Cisco Small Business RV Series Routers Command Injection (cisco-sa-sbrv-cmdinjection-Z5cWFdK) CVE-2021-40120 05 Nov 2021 7.2 (v3) High Pass ManageEngine ADSelfServicePlus Authentication Bypass (CVE-2021-40539) CVE-2021-40539 08 Nov 2021 9.8 (v3) Critical Pass Nagios XI < 5.6.6 RCE CVE-2019-15949 05 Nov 2021 8.8 (v3) High Pass Sonatype Nexus Repository Manager 3.x < 3.21.2 RCE CVE-2020-10199 08 Nov 2021 8.8 (v3) High Pass Checkbox Survey Web Detection 16 May 2022 None Pass Buﬀalo Router Path Traversal (CVE-2021-20090) CVE-2021-20090 09 Nov 2021 9.8 (v3) Critical Pass Cisco Prime Infrastructure Stored XSS (cisco-sa-pi-epnm-xss-U2JK537j) CVE-2021-34784 10 Nov 2021 5.4 (v3) Medium Pass Advantech WebAccess < 8.1-2015.12.30 Multiple Vulnerabilities CVE-2015-3943 CVE-2015-3946 CVE-2015-3947 CVE-2015-3948 CVE-2015-6467 CVE-2016-0851 CVE-2016-0852 CVE-2016-0853 CVE-2016-0854 CVE-2016-0855 CVE-2016-0856 CVE-2016-0857 CVE-2016-0858 CVE-2016-0859 CVE-2016-086003 Mar 2016 7.5 (v3) High Pass WMI IIS ISAPI Extension Enumeration 20 Dec 2013 None Pass Zimbra Collaboration Server Web Detection 19 Feb 2014 None Pass Canon PIXMA Printer HTTP Detection 07 Apr 2014 None Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX330728) CVE-2021-22955 CVE-2021-22956 18 Nov 2021 7.5 (v3) High Pass Jenkins Enterprise and Operations Center < 2.249.31.0.1 / 2.277.3.1 DoS (CloudBees Security Advisory 2021-04-20)CVE-2021-28165 18 Nov 2021 7.5 (v3) High Pass Jenkins Enterprise and Operations Center < 2.222.43.0.4 / 2.249.30.0.4 / 2.277.2.3 Multiple Vulnerabilities (CloudBees Security Advisory 2021-04-07)CVE-2021-21639 CVE-2021-21640 CVE-2021-21641 CVE-2021-22510 CVE-2021-22511 CVE-2021-22512 CVE-2021-22513 18 Nov 2021 6.5 (v3) Medium Pass Advantech WebAccess Stored Cross-Site Scripting CVE-2013-2299 14 Apr 2014 3.5 (v2) Low Pass Jenkins Enterprise and Operations Center < 2.249.31.0.1-2 / 2.277.3.1-2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-04-21)CVE-2021-21642 CVE-2021-21643 CVE-2021-21644 CVE-2021-21645 CVE-2021-21646 CVE-2021-21647 19 Nov 2021 8.8 (v3) High Pass Jenkins Enterprise and Operations Center < 2.277.43.0.2 / 2.303.3.3 Multiple Vulnerabilities (CloudBees Security Advisory 2021-11-04)CVE-2021-21685 CVE-2021-21686 CVE-2021-21687 CVE-2021-21688 CVE-2021-21689 CVE-2021-21690 CVE-2021-21691 CVE-2021-21692 CVE-2021-21693 CVE-2021-21694 CVE-2021-21695 CVE-2021-21696 CVE-2021-21697 CVE-2021-2169819 Nov 2021 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center < 2.222.43.0.2 rev3 / 2.249.30.0.2 rev3 / 2.263.4.1 rev2 Multiple VCVE-2021-21616 CVE-2021-21617 CVE-2021-21618 CVE-2021-21619 CVE-2021-21620 CVE-2021-21621 CVE-2021-21622ulnerabilities (CloudBees Security Advisory 2021-02-24) 19 Nov 2021 8.8 (v3) High Pass Advantech WebAccess Web Administration Interface Detection 14 Apr 2014 None Pass Jenkins Enterprise and Operations Center < 2.222.43.0.3 rev2 / 2.249.30.0.3 rev2 / 2.277.1.2 rev2 Multiple VCVE-2021-21623 CVE-2021-21624 CVE-2021-21625 CVE-2021-21626 CVE-2021-21627ulnerabilities (CloudBees Security Advisory 2021-03-18) 19 Nov 2021 8.8 (v3) High Pass PHP 5.6.x < 5.6.30 Multiple DoS CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10167 CVE-2016-10168 CVE-2017-11147 26 Jan 2017 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.15 Multiple Vulnerabilities CVE-2015-2787 CVE-2016-7479 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10162 CVE-2016-10167 CVE-2016-10168 CVE-2017-5340 CVE-2017-1114726 Jan 2017 9.8 (v3) Critical Pass Cisco Secure ACS Unauthorized Password Change CVE-2011-0951 11 Apr 2013 5 (v2) Medium Pass Cisco Small Business RV Series Routers RCE (cisco-sa-sbrv-rce-OYLQbL9u) CVE-2022-20753 12 May 2022 7.2 (v3) High Pass IPMI Cipher Suite Zero Authentication Bypass CVE-2013-4782 CVE-2013-4783 CVE-2013-4784 CVE-2014-2955 16 Jul 2013 10 (v3) Critical Pass JBoss Enterprise Application Platform '/jmx-console' Authentication Bypass CVE-2010-0738 08 Apr 2011 5 (v2) Medium Pass Samsung Data Management Server Default Password (rkwjsdusrnth) for 'root' Account 11 May 2011 10 (v2) Critical Pass MS11-048: Vulnerability in SMB Server Could Allow Denial of Service (2536275) (remote check) CVE-2011-1267 21 Jun 2011 7.5 (v3) High Pass Modicon Quantum TFTP Arbitrary File Upload 19 Jan 2012 9 (v2) High Pass PHP 7.1.x < 7.1.1 Multiple Vulnerabilities CVE-2016-7479 CVE-2016-10158 CVE-2016-10161 CVE-2016-10162 CVE-2016-10167 CVE-2016-10168 CVE-2017-5340 CVE-2017-1114726 Jan 2017 9.8 (v3) Critical Pass Tenable Nessus 6.x < 6.9.3 Multiple Stored XSS CVE-2017-5179 27 Jan 2017 5.4 (v3) Medium Pass PHP 7.0.x < 7.0.16 Multiple Vulnerabilities 23 Feb 2017 9.8 (v3) Critical Pass JBoss Enterprise Application Platform '/web-console' Authentication Bypass CVE-2010-1428 29 Apr 2010 5 (v2) Medium Pass Cisco Secure Access Control Server UCP service Detection 19 Aug 2008 None Pass PHP 7.1.x < 7.1.2 Multiple Vulnerabilities 23 Feb 2017 9.8 (v3) Critical Pass Modicon Modbus/TCP UnityPro Programming Function Code Access 28 Feb 2017 6.5 (v3) Medium Pass IBM Spectrum Protect Server 7.1.1.0 - 7.1.7.0 SELECT Command RCE CVE-2016-8998 03 Mar 2017 7.2 (v3) High Pass Jenkins < 2.44 / 2.32.x < 2.32.2, Jenkins Operations Center < 1.625.22.1 / 2.7.22.0.1 / 2.32.2.1, and Jenkins Enterprise < 1.651.22.1 / 2.7.22.0.1 / 2.32.2.1 Multiple VCVE-2011-4969 CVE-2015-0886 CVE-2016-9887 CVE-2017-2598 CVE-2017-2599 CVE-2017-2600 CVE-2017-2601 CVE-2017-2602 CVE-2017-2603 CVE-2017-2604 CVE-2017-2606 CVE-2017-2607 CVE-2017-2608 CVE-2017-2609 CVE-2017-2610 CVE-2017-2611 CVE-2017-2612 CVE-2017-2613 CVE-2017-1000362ulnerabilities 08 Mar 2017 8.8 (v3) High Pass HPE Intelligent Management Center 7.2 E0403P06 Multiple Vulnerabilities CVE-2017-5791 CVE-2017-5793 CVE-2017-5794 CVE-2017-5795 28 Mar 2017 9.8 (v3) Critical Pass Default Password 'adminIWSS85' for 'root' Account CVE-1999-0502 07 Apr 2017 9.8 (v3) Critical Pass Apache ActiveMQ 5.x < 5.14.5 ControlCommand DoS CVE-2015-7559 25 Apr 2017 4.9 (v3) Medium Pass H3C / HPE Intelligent Management Center RMI Java Object Deserialization RCE CVE-2017-5792 28 Apr 2017 9.8 (v3) Critical Pass Spring Cloud Function SPEL Expression Injection (direct check) CVE-2022-22963 31 Mar 2022 9.8 (v3) Critical Pass Tenable Nessus 10.x < 10.1.2 / 8.x < 8.15.4 Third-Party Vulnerability (TNS-2022-06) CVE-2022-0778 31 Mar 2022 7.5 (v3) High Pass Cisco Security Manager Java Object Deserialization RCE (CSCux34671) CVE-2015-6420 02 May 2017 9.8 (v3) Critical Pass DNN (DotNetNuke) 6.2.x < 9.0.2 User Proﬁle Information Disclosure 01 May 2017 5.3 (v3) Medium Pass MikroTik RouterOS HTTP Server Arbitrary Write RCE (ChimayRed) 01 May 2017 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.33 Multiple Vulnerabilities CVE-2016-3141 CVE-2016-3142 17 Mar 2016 9.8 (v3) Critical Pass Cisco Small Business RV Series Routers Command Injection Vulnerability (cisco-sa-smb-rv-cmd-inj-8Pv9JMJD)CVE-2022-20799 CVE-2022-20801 12 May 2022 7.2 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.21 vulnerability CVE-2022-25762 13 May 2022 8.6 (v3) High Pass PHP 8.0.x < 8.0.12 CVE-2021-21703 21 Oct 2021 7 (v3) High Pass Oracle Primavera Gateway (Oct 2021 CPU) CVE-2021-2351 CVE-2021-23337 CVE-2021-29425 CVE-2021-36090 CVE-2021-36374 21 Oct 2021 7.5 (v3) High Pass Trend Micro OﬃceScan Client Version 22 Jun 2006 None Pass Advantech WebAccess webvrpcs.exe 0x138bd IOCTL RCE CVE-2018-7499 03 May 2019 9.8 (v3) Critical Pass Microsoft Windows SMB NULL Session Authentication CVE-1999-0519 CVE-1999-0520 CVE-2002-1117 04 Oct 2007 7.3 (v3) High Pass Apache Pluto Web Interface Detection 18 Jul 2019 None Pass Apache Niﬁ Web Interface Detection 14 Aug 2019 None Pass macOS 10.14.3 Supplemental Update CVE-2019-6223 CVE-2019-7286 CVE-2019-7288 01 Mar 2019 9.8 (v3) Critical Pass Atlassian JIRA < 8.5.15 / 8.6.x < 8.13.7 / 8.14.x < 8.17.0 Unauth User Enum (JRASERVER-71559) CVE-2020-36289 13 Oct 2021 5.3 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11220) CVE-2021-31355 13 Oct 2021 5.4 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11245) CVE-2020-25659 13 Oct 2021 5.9 (v3) Medium 45

Pass Juniper Junos OS Vulnerability (JSA11228) CVE-2021-31366 13 Oct 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11236) CVE-2021-31371 13 Oct 2021 5.3 (v3) Medium Pass Apache Tomcat 8.5.60 < 8.5.72 vulnerability CVE-2021-42340 14 Oct 2021 7.5 (v3) High Pass Apache Tomcat 10.0.0.M10 < 10.0.12 vulnerability CVE-2021-42340 14 Oct 2021 7.5 (v3) High Pass Apache Tomcat 9.0.40 < 9.0.54 vulnerability CVE-2021-42340 14 Oct 2021 7.5 (v3) High Pass PHP 5.6.x < 5.6.19 Multiple Vulnerabilities CVE-2016-3141 CVE-2016-3142 17 Mar 2016 9.8 (v3) Critical Pass Jenkins LTS < 2.319.2 / Jenkins weekly < 2.330 Multiple Vulnerabilities CVE-2022-20612 CVE-2022-20613 CVE-2022-20614 CVE-2022-20615 CVE-2022-20616 CVE-2022-20617 CVE-2022-20618 CVE-2022-20619 CVE-2022-20620 CVE-2022-20621 CVE-2022-23105 CVE-2022-23106 CVE-2022-23107 CVE-2022-23108 CVE-2022-23109 CVE-2022-23110 CVE-2022-23111 CVE-2022-23112 CVE-2022-23113 CVE-2022-23114 CVE-2022-23115 CVE-2022-23116 CVE-2022-23117 CVE-2022-2311821 Jan 2022 8.8 (v3) High Pass MobileIron Core Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 21 Jan 2022 10 (v3) Critical Pass PHP 7.0.x < 7.0.4 Multiple Vulnerabilities CVE-2016-3185 CVE-2016-4344 CVE-2016-4345 CVE-2016-4346 17 Mar 2016 9.8 (v3) Critical Pass Apache ActiveMQ Web Console Missing X-Frame-Options Clickjacking CVE-2016-0734 18 Mar 2016 6.1 (v3) Medium Pass WordPress User Enumeration 21 Mar 2016 5 (v2) Medium Pass DNN (DotNetNuke) < 8.0.1 Multiple Vulnerabilities 25 Mar 2016 6.8 (v2) Medium Pass Apache Jetspeed Portal URI Path Reﬂected XSS CVE-2016-0712 28 Mar 2016 6.1 (v3) Medium Pass HP System Management Homepage < 7.2.6 Multiple Vulnerabilities (FREAK) CVE-2014-0015 CVE-2014-0138 CVE-2014-0139 CVE-2014-2522 CVE-2014-2641 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3143 CVE-2015-3145 CVE-2015-314829 Mar 2016 7.5 (v2) High Pass PHP 5.5.x < 5.5.34 Multiple Vulnerabilities CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 06 Apr 2016 9.8 (v3) Critical Pass Cisco SPA ATA Web Interface Detection 17 Oct 2019 None Pass Adobe ColdFusion File Upload (APSB18-33) (CVE-2018-15961) CVE-2018-15961 25 Oct 2019 9.8 (v3) Critical Pass 3S CODESYS V3 CmpWebServer Multiple Vulnerabilities CVE-2019-13532 CVE-2019-13548 30 Sep 2019 9.8 (v3) Critical Pass Arista Networks Device Detection 28 Feb 2018 None Pass CODESYS Gateway V3 DoS CVE-2019-9012 31 Oct 2019 7.5 (v3) High Pass macOS 10.14.x < 10.14.1 Multiple Vulnerabilities CVE-2018-3640 CVE-2018-4340 CVE-2018-4342 CVE-2018-4368 CVE-2018-4369 CVE-2018-4371 CVE-2018-4389 CVE-2018-4398 CVE-2018-4400 CVE-2018-4402 CVE-2018-4403 CVE-2018-4410 CVE-2018-4413 CVE-2018-4415 CVE-2018-4419 CVE-2018-4420 CVE-2018-4422 CVE-2018-4423 CVE-2018-4424 CVE-2018-442531 Oct 2018 7.8 (v3) High Pass SolarWinds Dameware Mini Remote Control Unauthenticated RCE CVE-2019-3980 01 Nov 2019 9.8 (v3) Critical Pass Siemens SINEMA Remote Connect Server Detection 02 Dec 2019 None Pass Microsoft Windows 10 Version 1607 Unsupported Version Detection 02 Nov 2018 10 (v3) Critical Pass macOS 10.14.x < 10.14.2 Multiple Vulnerabilities CVE-2018-4303 CVE-2018-4431 CVE-2018-4434 CVE-2018-4435 CVE-2018-4447 CVE-2018-4449 CVE-2018-4450 CVE-2018-4460 CVE-2018-4461 CVE-2018-4462 CVE-2018-4463 CVE-2018-446521 Dec 2018 7.8 (v3) High Pass Apache Tomcat AJP Connector Request Injection (Ghostcat) CVE-2020-1745 CVE-2020-1938 24 Mar 2020 9.8 (v3) Critical Pass Atlassian JIRA global-translations.jsp XSS (JRASERVER-61888) CVE-2016-6285 16 Jan 2020 6.1 (v3) Medium Pass SaltStack < 2019.2.4 / 3000.x < 3000.2 Authentication Bypass (CVE-2020-11651) CVE-2020-11651 08 May 2020 9.8 (v3) Critical Pass ShareFile Documents Unauthenticated Access (CVE-2020-7473) CVE-2020-7473 CVE-2020-8982 CVE-2020-8983 02 Jun 2020 7.5 (v3) High Pass Trend Micro Worry-Free Business Security Detection 18 Aug 2020 None Pass WordPress Plugin 'Duplicator' Directory Traversal (CVE-2020-11738) CVE-2020-11738 02 Sep 2020 7.5 (v3) High Pass WordPress Plugin 'File Manager' elFinder Remote Code Execution 10 Sep 2020 10 (v3) Critical Pass PHP 5.6.x < 5.6.20 Multiple Vulnerabilities CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 06 Apr 2016 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.5 Multiple Vulnerabilities CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 06 Apr 2016 9.8 (v3) Critical Pass Apache Tomcat 8.x < 8.5.78 Spring4Shell (CVE-2022-22965) Mitigations 01 Apr 2022 None Pass Apache Tomcat 10.x < 10.0.20 Spring4Shell (CVE-2022-22965) Mitigations 01 Apr 2022 None Pass Apache Tomcat 9.x < 9.0.62 Spring4Shell (CVE-2022-22965) Mitigations 01 Apr 2022 None Pass Open Source Point Of Sale Default Credentials 07 Apr 2016 7.3 (v3) High Pass ManageEngine Firewall Analyzer Default Credentials 13 Apr 2016 7.5 (v2) High Pass Piwik < 2.16.0 Unspeciﬁed XSS 15 Apr 2016 4.3 (v2) Medium Pass Piwik < 2.16.1-rc1 Multiple Vulnerabilities 15 Apr 2016 10 (v2) Critical Pass HP System Management Homepage (SMH) AddXECert Remote DoS 21 Apr 2016 2.6 (v2) Low Pass HP Device Manager Unauthenticated 'HPDM Server RMI' SQLi (CVE-2020-6926) (remote) CVE-2020-6926 09 Oct 2020 10 (v3) Critical Pass Cisco Security Manager < 4.23 Path Traversal Vulnerability (direct check) CVE-2020-27130 24 Nov 2020 9.1 (v3) Critical Pass SaltStack Unauthenticated RCE (direct check) CVE-2020-16846 CVE-2020-25592 15 Feb 2021 9.8 (v3) Critical Pass Liferay Portal Remote Code Execution (direct check) CVE-2020-7961 25 Feb 2021 9.8 (v3) Critical Pass Citrix SD-WAN Center Remote Code Execution (direct check) CVE-2020-8271 26 Mar 2021 9.8 (v3) Critical Pass JetBrains TeamCity Web Interface Detection 30 Mar 2021 None Pass Tenable Nessus 6.0.x < 6.6 Multiple Vulnerabilities CVE-2016-82012 CVE-2016-82013 28 Apr 2016 6.5 (v3) Medium Pass Trend Micro InterScan Web Security Virtual Appliance (IWSVA) DecryptPasswd Stack-based Buﬀer OverﬂowCVE-2020-28578 06 Apr 2021 9.8 (v3) Critical Pass IBM Net.Commerce orderdspc.d2w order_rn Option SQL Injection CVE-2001-0319 08 Jun 2002 7.5 (v2) High Pass PHP-Nuke Network Tools Add-On Arbitrary Command Execution CVE-2001-0899 22 Aug 2002 7.5 (v2) High Pass WebLogic Servlets Multiple Vulnerabilities CVE-2003-0151 CVE-2003-1095 27 Mar 2003 7.5 (v2) High Pass SquirrelMail decodeHeader Arbitrary HTML Injection CVE-2004-1036 13 Nov 2004 6.8 (v2) Medium Pass macOS 10.15.x < 10.15.4 / 10.14.x < 10.14.6 Security Update 2020-002 / 10.13.x < 10.13.6 Security Update 2020-002CVE-2019-8853 CVE-2019-14615 CVE-2019-19232 CVE-2020-3851 CVE-2020-3881 CVE-2020-3883 CVE-2020-3884 CVE-2020-3889 CVE-2020-3892 CVE-2020-3893 CVE-2020-3898 CVE-2020-3903 CVE-2020-3904 CVE-2020-3905 CVE-2020-3906 CVE-2020-3907 CVE-2020-3908 CVE-2020-3909 CVE-2020-3910 CVE-2020-3911 CVE-2020-3912 CVE-2020-3913 CVE-2020-3914 CVE-2020-3915 CVE-2020-3918 CVE-2020-3919 CVE-2020-9769 CVE-2020-9773 CVE-2020-9776 CVE-2020-9785 CVE-2020-9786 CVE-2020-978727 Mar 2020 9.8 (v3) Critical Pass Splunk Information Disclosure Vulnerability (SP-CAAAP5E) CVE-2018-11409 14 Jan 2019 5.3 (v3) Medium Pass Splunk Information Exposure (SP-CAAAP5E CVE-2018-11409 14 Jan 2019 5.3 (v3) Medium Pass HPE Intelligent Management Center dbman Opcode 10008 Command Injection CVE-2017-5816 19 Jun 2017 9.8 (v3) Critical Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Detection 21 Jul 2017 None Pass ISC BIND Denial of Service CVE-2020-8617 22 May 2020 7.5 (v3) High Pass Patch Management: Red Hat Satellite Server Get Managed Servers 17 Jun 2015 None Pass ManageEngine ServiceDesk Plus 9.2.0 < Build 9228 Multiple Vulnerabilities CVE-2016-4888 CVE-2016-4890 27 Oct 2016 5.3 (v3) Medium Pass ManageEngine ServiceDesk Plus 9.1.0 < Build 9103 Multiple Vulnerabilities 24 Aug 2015 7.3 (v3) High Pass Oracle Oracle E-Business Suite (Apr 2020 CPU) CVE-2020-2750 CVE-2020-2753 CVE-2020-2772 CVE-2020-2789 CVE-2020-2794 CVE-2020-2796 CVE-2020-2807 CVE-2020-2808 CVE-2020-2809 CVE-2020-2810 CVE-2020-2813 CVE-2020-2815 CVE-2020-2817 CVE-2020-2818 CVE-2020-2819 CVE-2020-2820 CVE-2020-2821 CVE-2020-2822 CVE-2020-2823 CVE-2020-2824 CVE-2020-2825 CVE-2020-2826 CVE-2020-2827 CVE-2020-2831 CVE-2020-2832 CVE-2020-2833 CVE-2020-2834 CVE-2020-2835 CVE-2020-2836 CVE-2020-2837 CVE-2020-2838 CVE-2020-2839 CVE-2020-2840 CVE-2020-2841 CVE-2020-2842 CVE-2020-2843 CVE-2020-2844 CVE-2020-2845 CVE-2020-2846 CVE-2020-2847 CVE-2020-2848 CVE-2020-2849 CVE-2020-2850 CVE-2020-2852 CVE-2020-2854 CVE-2020-2855 CVE-2020-2856 CVE-2020-2857 CVE-2020-2858 CVE-2020-2860 CVE-2020-2861 CVE-2020-2862 CVE-2020-2863 CVE-2020-2864 CVE-2020-2866 CVE-2020-2870 CVE-2020-2871 CVE-2020-2872 CVE-2020-2873 CVE-2020-2874 CVE-2020-2876 CVE-2020-2877 CVE-2020-2878 CVE-2020-2879 CVE-2020-2880 CVE-2020-2881 CVE-2020-2882 CVE-2020-2885 CVE-2020-2886 CVE-2020-2887 CVE-2020-2888 CVE-2020-2889 CVE-2020-2890 CVE-2020-295615 Apr 2020 8.6 (v3) High Pass Patch Management: Patch Schedule From Red Hat Satellite Server 17 Jun 2015 None Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.7 Vulnerability CVE-2013-0337 CVE-2016-4450 22 May 2020 7.5 (v3) High Pass Patch Management: Red Hat Satellite Server Get System Information 17 Jun 2015 None Pass TURCK BL20/BL67 Hardcoded Admin Account CVE-2012-4697 10 Feb 2014 9.8 (v3) Critical Pass Patch Management: Red Hat Satellite Get Installed Packages 17 Jun 2015 None Pass TYPO3 8.x < 8.7.30 / 9.x < 9.5.12 / 10.x < 10.2.2 Multiple Vulnerabilities CVE-2019-19848 CVE-2019-19849 CVE-2019-19850 15 Jul 2020 8.8 (v3) High Pass EA Need For Speed Underground Detection 01 Mar 2011 None Pass TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities CVE-2020-11064 CVE-2020-11066 CVE-2020-11067 CVE-2020-11069 13 Jul 2020 10 (v3) Critical Pass ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2020-0026) CVE-2020-4004 CVE-2020-4005 24 Nov 2020 8.2 (v3) High Pass Adobe Experience Manager 6.2 <= 6.2 SP1-CFP20 / 6.3 <= 6.3.3.8 / 6.4 < 6.4.8.3 / 6.5 < 6.5.7.0 Multiple VCVE-2020-24444 CVE-2020-24445ulnerabilities (APSB20-01) 10 Dec 2020 9 (v3) Critical Pass Oracle Primavera Uniﬁer (Oct 2020 CPU) CVE-2015-1832 CVE-2017-9096 CVE-2018-17196 CVE-2019-17558 CVE-2020-9488 CVE-2020-9489 21 Oct 2020 9.1 (v3) Critical Pass ManageEngine ServiceDesk Plus 8.0.0 < Build 8015 Multiple XSS Vulnerabilities 22 Dec 2011 6.1 (v3) Medium Pass IBM Tivoli Directory Server SASL Bind Request Buﬀer Overﬂow (uncredentialed check) CVE-2011-1206 01 Jun 2011 10 (v2) Critical Pass GitLab 13.11.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Improper Access Control CVE-2022-1105 18 Apr 2022 4.3 (v3) Medium Pass Web Application Default Username ('super'/'1502') / Password ('super'/'1502') - deprecated CVE-2004-1920 13 Apr 2004 9 (v2) High Pass Oracle Database Detection 19 Jul 2006 None Pass Palo Alto Networks PAN-OS Version Detection 05 Mar 2014 None Pass Cisco Data Center Network Manager SQL Injection Vulnerabilities (cisco-sa-dcnm-sql-inj-OAQOObP) CVE-2021-1247 CVE-2021-1248 28 Jan 2021 8.8 (v3) High Pass Splashtop Streamer remote detection 04 Feb 2019 None Pass Apple TV < 14.3 Multiple Vulnerabilities CVE-2020-15969 CVE-2020-27943 CVE-2020-27944 CVE-2020-27946 CVE-2020-27948 CVE-2020-29611 CVE-2020-29617 CVE-2020-29618 CVE-2020-29619 CVE-2020-2962412 Feb 2021 8.8 (v3) High Pass ManageEngine ServiceDesk Plus < 11.2 Build 11200 Unauthenticated Stored XSS CVE-2021-20080 12 Apr 2021 6.1 (v3) Medium Pass VMware vCenter REST API Data Collection 25 Jan 2021 None Pass F5 BIG-IP RCE (CVE-2021-22986) CVE-2021-22986 24 Mar 2021 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.0.21 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Multiple VulnerabilitiesCVE-2018-20685 CVE-2019-6109 CVE-2019-6111 25 Mar 2021 6.8 (v3) Medium Pass Juniper Junos OS Multiple Vulnerabilities (JSA11169) CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 15 Apr 2021 7.8 (v3) High Pass Jenkins LTS < 2.277.2 / Jenkins weekly < 2.287 Multiple Vulnerabilities CVE-2021-21639 CVE-2021-21640 CVE-2021-21641 CVE-2021-22510 CVE-2021-22511 CVE-2021-22512 CVE-2021-22513 09 Apr 2021 6.5 (v3) Medium Pass Pulse Connect Secure < 9.1R11.4 (SA44784) CVE-2021-22893 CVE-2021-22894 CVE-2021-22899 CVE-2021-22900 20 Apr 2021 10 (v3) Critical Pass DNN (DotNetNuke) 9.2 <= 9.2.2 Weak Encryption Algorithm Vulnerability CVE-2018-15811 CVE-2018-18325 29 Oct 2021 7.5 (v3) High Pass Sophos XG Firewall User Portal and Webadmin Authentication Bypass (CVE-2022-1040) CVE-2022-1040 13 May 2022 9.8 (v3) Critical Pass Cisco Firepower Threat Defense Software < 6.6.1 sftunnel MitM (cisco-sa-ftdfmc-sft-mitm-tc8AzFs2) CVE-2020-3549 13 May 2022 8.1 (v3) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check NetBIOS) CVE-2021-44228 20 Dec 2021 10 (v3) Critical Pass Adobe Connect <= 11.3 Arbitrary File System Write Vulnerability (APSB21-112) CVE-2021-43014 20 Dec 2021 None Pass GitLab 14.4.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 XSS CVE-2022-1175 18 Apr 2022 6.1 (v3) Medium Pass PHP 5.5.x < 5.5.35 Multiple Vulnerabilities CVE-2016-3074 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-454405 May 2016 9.8 (v3) Critical Pass GitLab 11.5.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Improper Authorization CVE-2022-1148 18 Apr 2022 6.5 (v3) Medium Pass GitLab 10.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 DoS CVE-2022-1185 18 Apr 2022 6.5 (v3) Medium Pass GitLab 8.3.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 XSS CVE-2022-1190 18 Apr 2022 5.4 (v3) Medium Pass SolarWinds Orion Platform 2020.2.6 < 2020.2.6 HF3 SQLI CVE-2021-35234 20 Dec 2021 8.8 (v3) High Pass SMB Server DOUBLEPULSAR Backdoor / Implant Detection (EternalRocks) CVE-2017-0144 18 Apr 2017 8.1 (v3) High Pass Advantech WebAccess webvrpcs.exe Path Traversal RCE CVE-2017-16720 10 Sep 2018 9.8 (v3) Critical Pass MobileIron Core 10.3.0.x < 10.3.0.4-19 / 10.4.0.x < 10.4.0.4-22 / 10.5.1.1 < 10.5.1.1-22 / 10.5.2.1 < 10.5.2.1-14 / 10.6.0.1 < 10.6.0.1-19 / 10.7.0.0 < 10.7.0.0-28CVE-2020-15505 CVE-2020-15506 CVE-2020-15507 12 Oct 2020 9.8 (v3) Critical Pass Citrix SD-WAN WANOP 10.2.x Multiple Vulnerabilities (CTX276688) CVE-2020-8191 CVE-2020-8193 CVE-2020-8194 CVE-2020-8195 CVE-2020-8196 CVE-2020-8198 02 Sep 2020 6.5 (v3) Medium Pass Pulse Policy Secure < 9.1R9 (SA44601) CVE-2015-9251 CVE-2019-11358 CVE-2020-8255 CVE-2020-8260 CVE-2020-8261 CVE-2020-8262 CVE-2020-8263 CVE-2020-15352 30 Oct 2020 7.2 (v3) High Pass Cisco Adaptive Security Device Manager (ASDM) Detection 21 Jan 2022 None Pass Cisco IOS XR Software for ASR 9000 Series Routers DoS (cisco-sa-npspin-QYpwdhFD) CVE-2021-34713 21 Jan 2022 7.4 (v3) High Pass Cisco ASDM Information Disclosure (cisco-sa-asdm-logging-jnLOY422) CVE-2022-20651 21 Jan 2022 5.5 (v3) Medium Pass VMware vRealize Operations Manager 7.5.x / 8.x Multiple Vulnerabilities (VMSA-2021-0004) CVE-2021-21975 CVE-2021-21983 31 Mar 2021 7.5 (v3) High Pass Oracle MySQL Enterprise Monitor Multiple Vulnerabilities (Apr 2021 CPU) CVE-2020-17527 CVE-2020-17530 CVE-2021-3450 CVE-2021-23841 CVE-2021-25122 26 Apr 2021 9.8 (v3) Critical 46

Pass GitLab 14.7.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Default Password CVE-2022-1162 18 Apr 2022 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.21 Multiple Vulnerabilities CVE-2016-3074 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-454405 May 2016 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.6 Multiple Vulnerabilities CVE-2016-3074 CVE-2016-3078 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-454405 May 2016 9.8 (v3) Critical Pass Citrix SD-WAN Cookie Command Injection CVE-2017-6316 25 Jan 2019 9.8 (v3) Critical Pass Advantech WebAccess webvrpcs.exe IOCTL 70022 Stack Overﬂow CVE-2018-18999 21 Dec 2018 7.3 (v3) High Pass Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspeciﬁed Vulnerability (January 2018 CPU) CVE-2015-7501 CVE-2015-7940 CVE-2016-0635 CVE-2016-1182 CVE-2016-2107 CVE-2016-2179 CVE-2017-3732 CVE-2017-5645 CVE-2017-9798 CVE-2017-10068 CVE-2017-10262 CVE-2017-10273 CVE-2017-10352 CVE-2017-12617 CVE-2018-2561 CVE-2018-2564 CVE-2018-2584 CVE-2018-2594 CVE-2018-2595 CVE-2018-2596 CVE-2018-2601 CVE-2018-2610 CVE-2018-2625 CVE-2018-2711 CVE-2018-2713 CVE-2018-2715 CVE-2018-273325 Jan 2018 9.8 (v3) Critical Pass ManageEngine Firewall Analyzer < 12.0 Multiple Vulnerabilities 13 Apr 2016 6.5 (v2) Medium Pass NETGEAR Multiple Model PHP Remote Command Injection CVE-2016-1555 22 May 2017 9.8 (v3) Critical Pass Cisco IOS Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp) (destructive check)CVE-2017-3881 11 Oct 2017 9.8 (v3) Critical Pass VMware ESX / ESXi NFC and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0003) (remote check)CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-2110 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5078 CVE-2012-5079 CVE-2012-5080 CVE-2012-5081 CVE-2012-5082 CVE-2012-5083 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 CVE-2013-165904 Mar 2016 9.8 (v3) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2013-0012) (remote check) CVE-2013-1500 CVE-2013-1571 CVE-2013-2400 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2462 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2467 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3743 CVE-2013-3744 CVE-2013-597004 Mar 2016 10 (v2) Critical Pass IBM Endpoint Manager Mobile Device Management Component Unauthenticated Remote Code Execution (swg21691701)CVE-2014-6140 20 Jan 2015 9.3 (v2) High Pass Cisco Prime Data Center Network Manager < 7.1(1) Directory Traversal Vulnerability CVE-2015-0666 13 Apr 2015 7.5 (v3) High Pass MySQL Enterprise Monitor < 2.3.14 Apache Struts Multiple Vulnerabilities CVE-2013-2251 CVE-2013-4316 08 May 2015 10 (v2) Critical Pass Apache Tomcat / JBoss EJBInvokerServlet / JMXInvokerServlet Multiple Vulnerabilities CVE-2007-1036 CVE-2012-0874 CVE-2013-4810 14 Oct 2013 10 (v2) Critical Pass VMware Security Updates for vCenter Server (VMSA-2013-0012) CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2437 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3743 CVE-2013-597125 Oct 2013 10 (v2) Critical Pass Apache PHP-CGI Remote Code Execution CVE-2012-1823 CVE-2012-2311 CVE-2012-2335 CVE-2012-2336 01 Nov 2013 8.8 (v3) High Pass IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (uncredentialed check) CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0401 CVE-2013-0402 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0437 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0445 CVE-2013-0446 CVE-2013-0448 CVE-2013-0449 CVE-2013-0450 CVE-2013-0809 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1479 CVE-2013-1480 CVE-2013-1481 CVE-2013-1488 CVE-2013-1489 CVE-2013-1491 CVE-2013-1493 CVE-2013-1500 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1561 CVE-2013-1563 CVE-2013-1564 CVE-2013-1569 CVE-2013-1571 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2400 CVE-2013-2407 CVE-2013-2412 CVE-2013-2414 CVE-2013-2415 CVE-2013-2416 CVE-2013-2417 CVE-2013-2418 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2425 CVE-2013-2426 CVE-2013-2427 CVE-2013-2428 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2432 CVE-2013-2433 CVE-2013-2434 CVE-2013-2435 CVE-2013-2436 CVE-2013-2437 CVE-2013-2438 CVE-2013-2439 CVE-2013-2440 CVE-2013-2442 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2462 CVE-2013-2463 CVE-2013-2464 CVE-2013-2465 CVE-2013-2466 CVE-2013-2467 CVE-2013-2468 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3006 CVE-2013-3007 CVE-2013-3008 CVE-2013-3009 CVE-2013-3010 CVE-2013-3011 CVE-2013-3012 CVE-2013-3743 CVE-2013-3744 CVE-2013-4002 CVE-2013-4063 CVE-2013-4064 CVE-2013-406508 Jan 2014 10 (v2) Critical Pass QNAP QTS/QES/QuTS hero - Web Detection 29 Nov 2021 None Pass ManageEngine ADAudit Plus Detection 29 Nov 2021 None Pass Elasticsearch 'source' Parameter RCE CVE-2014-3120 17 Jul 2014 6.8 (v2) Medium Pass Apache Archiva 1.2.x <= 1.2.2 / 1.3.x <= 1.3.6 Multiple Vulnerabilities CVE-2013-2187 CVE-2013-2251 29 Apr 2014 9.3 (v2) High Pass Vulnerability in TLS Could Allow Information Disclosure (2655992) (uncredentialed check) CVE-2012-1870 18 Jul 2012 5.3 (v3) Medium Pass Plesk Panel Apache Arbitrary PHP Code Injection CVE-2012-1823 CVE-2013-4878 07 Jun 2013 7.5 (v2) High Pass Exim string_format Function Remote Overﬂow CVE-2010-4344 15 Dec 2010 8.8 (v3) High Pass Apache Struts 2 'action:' Parameter Arbitrary Remote Command Execution CVE-2013-2251 19 Jul 2013 10 (v3) Critical Pass HP iNode Management Center Buﬀer Overﬂow (HPSB3C02687) (remote check) CVE-2011-1867 19 Aug 2011 10 (v2) Critical Pass Adobe ColdFusion 'locale' Parameter Directory Traversal CVE-2010-2861 16 Aug 2010 7.5 (v2) High Pass HP OpenView Network Node Manager Multiple Scripts Remote Command Execution CVE-2005-2773 01 Sep 2005 7.5 (v2) High Pass phpMyAdmin setup.php save Action Arbitrary PHP Code Injection (PMASA-2009-3) CVE-2009-1151 16 Apr 2009 7.5 (v2) High Pass Citrix SD-WAN Appliance < 10.2.3 Unauthenticated Blind SQL Injection CVE-2019-12989 CVE-2019-12991 03 Jul 2019 9.8 (v3) Critical Pass Cisco Small Business RV132W and RV134W Remote Code Execution (cisco-sa-20180207-rv13x) CVE-2018-0125 10 Oct 2019 9.8 (v3) Critical Pass Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST) CVE-2011-3026 CVE-2011-3048 CVE-2011-3368 CVE-2011-3389 CVE-2011-3607 CVE-2011-4313 CVE-2011-4317 CVE-2011-4599 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0643 CVE-2012-0652 CVE-2012-0668 CVE-2012-0670 CVE-2012-0671 CVE-2012-0831 CVE-2012-1172 CVE-2012-1173 CVE-2012-1667 CVE-2012-1823 CVE-2012-2143 CVE-2012-2311 CVE-2012-2386 CVE-2012-2688 CVE-2012-3716 CVE-2012-3719 CVE-2012-3721 CVE-2012-3722 CVE-2012-372320 Sep 2012 10 (v2) Critical Pass Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities CVE-2011-4313 CVE-2012-0831 CVE-2012-1172 CVE-2012-1667 CVE-2012-1823 CVE-2012-2143 CVE-2012-2311 CVE-2012-2386 CVE-2012-2688 CVE-2012-3718 CVE-2012-372020 Sep 2012 10 (v2) Critical Pass Cisco IOS Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp) CVE-2017-3881 27 Mar 2017 9.8 (v3) Critical Pass PHP 7.4.x < 7.4.0 Multiple Vulnerabilities. CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 06 Dec 2019 9.8 (v3) Critical Pass Oracle Solaris PAM parse_user_name() buﬀer overﬂow (CVE-2020-14871) CVE-2020-14871 11 Nov 2020 10 (v3) Critical Pass PHP 5.5.x < 5.5.36 Multiple Vulnerabilities CVE-2013-7456 CVE-2016-4343 CVE-2016-5093 CVE-2016-5094 CVE-2016-5096 02 Jun 2016 8.6 (v3) High Pass PHP 5.6.x < 5.6.22 Multiple Vulnerabilities CVE-2013-7456 CVE-2016-5093 CVE-2016-5094 CVE-2016-5096 02 Jun 2016 8.6 (v3) High Pass HP LaserJet Printers Unspeciﬁed Denial of Service (HPSBPI02938) CVE-2013-6193 17 Dec 2013 5 (v2) Medium Pass IPMI Versions Supported 21 Jan 2014 None Pass StruxureWare SCADA Expert ClearSCADA < 2013 R2 Remote DoS CVE-2013-6142 29 Jan 2014 4.3 (v2) Medium Pass PHP 7.0.x < 7.0.7 Multiple Vulnerabilities CVE-2013-7456 CVE-2016-5093 02 Jun 2016 8.6 (v3) High Pass Apache Struts 2 REST Plugin OGNL Expression Handling RCE CVE-2016-4438 24 Jun 2016 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.37 Multiple Vulnerabilities CVE-2015-8874 CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-577301 Jul 2016 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.8 Multiple Vulnerabilities CVE-2016-4473 CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-577301 Jul 2016 9.8 (v3) Critical Pass Default Password (ucspe) for 'ucspe' Account 06 Jul 2016 9.8 (v3) Critical Pass HPE LoadRunner Shared Memory Name Construction RCE CVE-2016-4359 07 Jul 2016 9.8 (v3) Critical Pass Tenable Nessus 6.x < 6.8 Multiple Vulnerabilities CVE-2016-0718 CVE-2016-1000028 CVE-2016-1000029 20 Jul 2016 9.8 (v3) Critical Pass VMware vCenter Server 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2021-0010) CVE-2021-21985 CVE-2021-21986 25 May 2021 9.8 (v3) Critical Pass Apache Log4Shell RCE detection via callback correlation (Direct Check SMB) CVE-2021-44228 21 Dec 2021 10 (v3) Critical Pass HTTP_PROXY Environment Variable Namespace Collision Vulnerability (httpoxy) CVE-2016-5385 CVE-2016-5386 CVE-2016-5387 CVE-2016-5388 CVE-2016-1000109 CVE-2016-1000110 25 Jul 2016 8.1 (v3) High Pass PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy) CVE-2016-5385 CVE-2016-5399 CVE-2016-6207 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6293 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-629726 Jul 2016 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy) CVE-2016-5385 CVE-2016-5399 CVE-2016-6207 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6293 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-629726 Jul 2016 9.8 (v3) Critical Pass Oracle WebLogic Server Java Object Deserialization RCE (July 2016 CPU) CVE-2016-3510 28 Jul 2016 9.8 (v3) Critical Pass Pgbouncer 1.6 Invalid User Authentication Bypass CVE-2015-6817 17 Aug 2016 8.1 (v3) High Pass PHP 7.0.x < 7.0.10 Multiple Vulnerabilities CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7133 CVE-2016-713423 Aug 2016 9.8 (v3) Critical Pass Cisco Firepower Threat Defense Software Web Services Interface Multiple Vulnerabilities (cisco-sa-asaftd-xss-multiple-FCB3vPZe)CVE-2020-3580 CVE-2020-3581 CVE-2020-3582 CVE-2020-3583 24 Jun 2021 6.1 (v3) Medium Pass Plex Media Server < 1.25.0.5282 Privilege Escalation CVE-2021-42835 29 Dec 2021 7 (v3) High Pass Python Information Disclosure in PyDoc (CVE-2021-3426) CVE-2021-3426 27 Aug 2021 5.7 (v3) Medium Pass Cisco IOS Software IKEv2 AutoReconnect Feature DoS (cisco-sa-ikev2-ebFrwMPr) CVE-2021-1620 30 Nov 2021 7.7 (v3) High Pass Liferay Portal 7.3.2 < 7.3.6 XSS CVE-2021-29045 30 Nov 2021 6.1 (v3) Medium Pass Cisco IOS XE Software IKEv2 AutoReconnect Feature DoS (cisco-sa-ikev2-ebFrwMPr) CVE-2021-1620 30 Nov 2021 7.7 (v3) High Pass Wind River VxWorks < 7 Build 21.03 DoS CVE-2021-29997 30 Nov 2021 5.3 (v3) Medium Pass Apache Struts CVE-2018-11776 Results With No Namespace Possible Remote Code Execution (S2-057) CVE-2018-11776 22 Aug 2018 8.1 (v3) High Pass Jenkins Plugins Multiple Vulnerabilities (Jenkins Security Advisory 2021-03-30) CVE-2021-21628 CVE-2021-21629 CVE-2021-21630 CVE-2021-21631 CVE-2021-21632 CVE-2021-21633 CVE-2021-21634 CVE-2021-21635 CVE-2021-21636 CVE-2021-21637 CVE-2021-2163830 Nov 2021 8.8 (v3) High Pass Teradata Database Detection 05 Dec 2019 None Pass Apache Solr 8.1.1, 8.2.0 Remote JMX RMI Deserialization Vulnerability CVE-2019-12409 19 Dec 2019 9.8 (v3) Critical Pass Xerox Printer SNMP Detection 16 Jan 2020 None Pass Palo Alto Expedition Web Detection 02 Jan 2020 None Pass Trend Micro OﬃceScan Directory Traversal Vulnerability (000151730) CVE-2019-18187 28 Jan 2020 7.5 (v3) High Pass NetApp SANtricity Web Services Proxy Detection 06 Jul 2018 None Pass RedLion Crimson Protocol Detection 17 Jul 2018 None Pass ASUSTOR Data Master (ADM) Detection 24 Jul 2018 None Pass Juniper Junos OS Vulnerability (JSA11242) CVE-2021-31377 13 Oct 2021 5.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11224) CVE-2021-31362 13 Oct 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11254) CVE-2021-31386 13 Oct 2021 5.9 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11219) CVE-2021-31354 13 Oct 2021 8.8 (v3) High Pass Juniper Junos OS Vulnerability (JSA11241) CVE-2021-31376 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11223) CVE-2021-31361 13 Oct 2021 5.3 (v3) Medium Pass SolarWinds Orion Platform < 2020.2.1 XSS CVE-2020-13169 17 Dec 2020 9 (v3) Critical Pass Oracle WebLogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.3 Java Object Deserialization RCE (CVE-2018-3191) CVE-2018-3191 25 Feb 2019 9.8 (v3) Critical Pass SolarWinds Orion Platform < 2020.2.5 Multiple Vulnerabilities CVE-2020-35856 CVE-2021-3109 26 Mar 2021 8.8 (v3) High Pass Pulse Connect Secure < 9.1R12.1 DoS (SA44899) CVE-2021-22965 27 Oct 2021 7.5 (v3) High Pass Apache Tomcat 9.x < 9.0.40 Information Disclosure CVE-2020-17527 CVE-2021-24122 10 Dec 2020 7.5 (v3) High Pass PostgreSQL 9.5.x < 9.5.24 / 9.6.x < 9.6.20 / 10.x < 10.15 / 11.x < 11.10 / 12.x < 12.5 / 13.x < 13.1 Multiple VCVE-2020-25694 CVE-2020-25695 CVE-2020-25696ulnerabilities 10 Dec 2020 8.8 (v3) High Pass Dell iDRAC XSS (DSA-2020-268) CVE-2020-26198 06 Jan 2021 6.1 (v3) Medium Pass Oracle Primavera P6 Enterprise Project Portfolio Management (Jan 2021 CPU) CVE-2020-5421 22 Jan 2021 6.5 (v3) Medium Pass Atlassian JIRA < 8.5.11 / 8.6.x < 8.13.3 / 8.14.x < 8.14.1 Information Disclosure (JRASERVER-72000) CVE-2020-29451 19 Feb 2021 4.3 (v3) Medium Pass Atlassian JIRA < 8.13.2 / 8.14.x < 8.14.1 Information Disclosure (JRASERVER-71950) CVE-2020-36235 19 Feb 2021 5.3 (v3) Medium Pass Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers RCE (cisco-sa-sb-rv34x-rce-8bfG2h6b)CVE-2021-1413 CVE-2021-1414 CVE-2021-1415 16 Apr 2021 6.3 (v3) Medium Pass Atlassian Jira < 8.5.11 / 8.13.3 / 8.15.0 Arbitrary File Read (JRASERVER-72014) CVE-2020-29453 25 Feb 2021 5.3 (v3) Medium Pass Zabbix 5.4.x < 5.4.9 Multiple Vulnerabilities CVE-2022-23131 CVE-2022-23132 CVE-2022-23133 CVE-2022-23134 28 Feb 2022 9.8 (v3) Critical Pass DNN (DotNetNuke) < 8.0.4 Multiple Vulnerabilities 29 Aug 2016 4.3 (v3) Medium Pass Centreon GetXmlTree.php 'sid' Parameter SQLi CVE-2015-1560 31 Aug 2016 7.3 (v3) High Pass PHP 5.6.x < 5.6.26 Multiple Vulnerabilities CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 22 Sep 2016 9.8 (v3) Critical Pass ManageEngine ADManager Plus < 7111 RCE CVE-2021-37539 CVE-2021-37741 CVE-2021-37761 CVE-2021-37762 CVE-2021-37918 CVE-2021-37922 CVE-2021-37926 CVE-2021-37928 CVE-2021-37929 CVE-2021-37930 CVE-2021-3793109 Sep 2021 9.8 (v3) Critical Pass VMware vCenter Server 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2021-0027) CVE-2021-21980 CVE-2021-22049 02 Dec 2021 9.8 (v3) Critical Pass ManageEngine ServiceDesk Plus < 11.3 Build 11306 / ManageEngine ServiceDesk Plus MSP < 10.5 Build 10530 RCECVE-2021-44077 06 Dec 2021 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.11 Multiple Vulnerabilities CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 22 Sep 2016 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.27 Multiple Vulnerabilities 18 Oct 2016 9.8 (v3) Critical Pass D-Link DIR Router Web Interface Detection 11 Sep 2017 None Noise Web Application Cookies Are Expired 07 Jun 2017 None Pass Grandstream Networking Solutions Device Web Detection 28 Mar 2019 None Pass Sophos XG Firewall Detection 04 Jan 2017 None Pass Checkpoint Gaia Portal WebUI Detection 22 Nov 2017 None Pass CA Uniﬁed Management Portal (UMP) Detection 09 Dec 2016 None Pass Micro Focus Network Automation Detection 25 Mar 2016 None Pass McAfee ESM SIEM Detection 07 Oct 2015 None Pass iniNet SpiderControl SCADA Web Server Detection 27 Jan 2016 None Pass Oracle Real User Experience Insight Detection 26 Jan 2015 None Pass Visualware MyConnection Server Web Default Credentials 02 Apr 2015 7.5 (v2) High 47

Pass Siemens SCALANCE S612 Firewall Detection 06 May 2015 None Pass VMware vCenter Operations Manager Web UI Detection 10 Apr 2015 None Pass Atlassian Conﬂuence < 6.13.18 / 6.14 < 7.4.6 / 7.5 < 7.8.3 Arbitrary File Read (CONFSERVER-60469) CVE-2020-29448 26 Feb 2021 5.3 (v3) Medium Pass Citrix ADC and Citrix NetScaler Gateway Reﬂected Code Injection (CTX276688) (Direct Check) CVE-2020-8194 02 Mar 2021 6.5 (v3) Medium Pass Oracle Secure Global Desktop Administration Console Detection 01 Nov 2013 None Pass Oracle Portal Detection 22 Nov 2013 None Pass Tenable SecurityCenter Detection 02 Dec 2013 None Pass Web Site Hosting Malicious Binaries 21 Nov 2013 8.3 (v3) High Pass ManageEngine Desktop Central Detection 04 Dec 2013 None Pass HP AutoPass License Server Detection 27 Jun 2014 None Pass Ericom AccessNow Server Detection 30 Jun 2014 None Pass F5 Networks ARX Data Manager Web Interface Detection 01 Jul 2014 None Pass Silver Peak VX Detection 25 Sep 2014 None Pass Oracle MapViewer Detection 08 Oct 2014 None Pass Cisco Integrated Management Controller WebUI Detection 13 Oct 2014 None Pass Apache Log4Shell RCE detection via callback correlation (Direct Check POP3) CVE-2021-44228 17 Dec 2021 10 (v3) Critical Pass TIBCO Spotﬁre Server Detection 13 Oct 2014 None Pass Oracle Endeca Information Discovery Studio Detection 21 Oct 2014 None Pass Novell GroupWise Internet Agent Request Content-Length Header Parsing Remote Overﬂow CVE-2012-0271 02 Oct 2012 10 (v2) Critical Pass Clorius Controls ISC SCADA Detection 14 May 2013 None Pass JBossWS Endpoint Uses Unsafe Encryption CVE-2011-1096 23 Apr 2013 5 (v2) Medium Pass Tridium Niagara AX Web Server Detection 03 Jul 2013 None Pass Tridium Niagara AX Web Server Directory Traversal 'conﬁg.bog' Disclosure Remote Compromise CVE-2012-4701 03 Jul 2013 9.3 (v2) High Pass Clorius Controls ISC SCADA Information Disclosure 14 May 2013 5 (v2) Medium Pass HTTP Cookie 'secure' Property Transport Mismatch 10 Sep 2013 None Pass MS10-075: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679) (uncrCVE-2010-3225edentialed check) 18 Oct 2010 9.3 (v2) High Pass Patch Management: VMware Go Server Settings (deprecated) 06 Dec 2011 None Pass MS11-100: ASP.NET Could Allow Denial of Service (2638420) (uncredentialed check) CVE-2011-3414 16 Jan 2012 5 (v2) Medium Pass Patch Management: Missing updates from VMware Go (deprecated) 06 Dec 2011 None Pass EMC SMARTS Application Server Detection 17 Feb 2012 None Pass Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances (cisco-sa-20100217-asa) CVE-2010-0149 CVE-2010-0150 CVE-2010-0151 CVE-2010-0565 CVE-2010-0566 CVE-2010-0567 CVE-2010-0568 CVE-2010-0569 25 Feb 2010 9.4 (v2) High Pass Splunk Management API Detection 01 Sep 2010 None Pass Cisco Secure Access Control Server (ACS) CSuserCGI.exe Multiple Remote Overﬂows CVE-2008-0532 19 Aug 2008 10 (v2) Critical Pass Cisco Secure Access Control Server (ACS) CSUserCGI.exe Help Facility XSS CVE-2008-0533 19 Aug 2008 4.3 (v2) Medium Pass Oracle WebLogic Server Java Object Deserialization RCE (CVE-2020-2883) CVE-2020-2883 02 Jul 2020 9.8 (v3) Critical Pass Apache Tomcat 8.0.0.RC1 < 8.0.47 Multiple Vulnerabilities CVE-2017-12617 06 Oct 2017 8.1 (v3) High Pass Apache Tomcat 6.0.x < 6.0.24 Multiple Vulnerabilities CVE-2017-5647 CVE-2017-5664 CVE-2017-12615 CVE-2017-12617 02 Nov 2017 8.1 (v3) High Pass Atlassian JIRA < 8.5.11 / 8.6.x < 8.13.3 / 8.14.x < 8.15.0 Multiple XSS CVE-2020-36234 CVE-2020-36236 12 Mar 2021 6.1 (v3) Medium Pass Tenable Nessus 8.9.0 < 8.13.2 Multiple Vulnerabilities (TNS-2021-05) CVE-2021-3449 CVE-2021-3450 02 Apr 2021 7.4 (v3) High Pass Juniper Junos Local File Include Vulnerability (JSA11021) CVE-2020-1631 01 May 2020 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 8.0.x < 8.1.15 / 8.1.x < 8.1.15 / 9.0.x < 9.0.9 / 9.1.x < 9.1.3 Authentication Bypass in SAML Authentication (CVE-2020-2021)CVE-2020-2021 29 Jun 2020 10 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (July 2016 CPU) CVE-2016-3491 CVE-2016-3512 CVE-2016-3520 CVE-2016-3522 CVE-2016-3523 CVE-2016-3524 CVE-2016-3525 CVE-2016-3528 CVE-2016-3532 CVE-2016-3533 CVE-2016-3534 CVE-2016-3535 CVE-2016-3536 CVE-2016-3541 CVE-2016-3542 CVE-2016-3543 CVE-2016-3545 CVE-2016-3546 CVE-2016-3547 CVE-2016-3548 CVE-2016-3549 CVE-2016-3558 CVE-2016-355920 Jul 2016 9.1 (v3) Critical Pass Oracle Primavera Uniﬁer (Apr 2021 CPU) CVE-2020-11022 CVE-2020-11023 CVE-2020-13956 CVE-2020-17521 22 Apr 2021 6.1 (v3) Medium Pass Oracle E-Business Suite (Jan 2022 CPU) CVE-2019-10086 CVE-2020-6950 CVE-2022-21250 CVE-2022-21251 CVE-2022-21255 CVE-2022-21273 CVE-2022-21274 CVE-2022-21354 CVE-2022-2137320 Jan 2022 8.1 (v3) High Pass Dell iDRAC XSS (DSA-2021-073) CVE-2021-21542 23 Apr 2021 4.8 (v3) Medium Pass Dell iDRAC Multiple Vulnerabilities (DSA-2021-073) CVE-2021-21539 CVE-2021-21540 CVE-2021-21541 CVE-2021-21543 CVE-2021-21544 23 Apr 2021 8.1 (v3) High Pass Cisco Uniﬁed Communications Manager RCE (cisco-sa-cucm-rce-pqVYwyb) CVE-2021-1362 23 Apr 2021 8.8 (v3) High Pass Johnson Controls exacqVision Web Service Information Disclosure (JCI-PSA-2021-16) CVE-2021-27664 02 Nov 2021 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.12 Multiple Vulnerabilities 18 Oct 2016 9.8 (v3) Critical Pass Default Password '888888' for '888888' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'password' for 'admin1' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1111111' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1234' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '12345' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '123456' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Apache Tomcat 8.5.55 < 8.5.75 multiple vulnerabilities CVE-2022-23181 26 Jan 2022 7 (v3) High Pass Default Password '4321' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '54321' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '7ujMko0admin' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'admin1234' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'meinsm' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'pass' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'smcadmin' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1234' for 'administrator' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'meinsm' for 'Administrator' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'f****r' for 'mother' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '00000000' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1111' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '1234' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '12345' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '123456' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '54321' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass CodeMeter Runtime Buﬀer Over-read (WIBU-210423-01) CVE-2021-20093 23 Jun 2021 9.1 (v3) Critical Pass Default Password '7ujMko0admin' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '7ujMko0vizxv' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '888888' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'Zte521' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'anko' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'dreambox' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'hi3518' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'ikwb' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'juantech' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'jvbzd' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass ManageEngine ADAudit Plus < Build 7006 File Upload RCE CVE-2021-42847 29 Nov 2021 9.8 (v3) Critical Pass Default Password 'klv1234' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'pass' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'realtek' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'system' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass HP PageWide Printer Web Interface Detection 06 Dec 2021 None Pass Modicon Quantum HTTP Server 'formTest' 'name' Parameter XSS CVE-2018-7810 26 Nov 2018 6.1 (v3) Medium Pass TP-Link Unauthenticated CGI Cross-Site Request Forgery (Remote) CVE-2018-11714 CVE-2018-15702 01 Oct 2018 9.8 (v3) Critical Pass Default Password 'user' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'vizxv' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass SQLi scanner 04 Mar 2019 8.3 (v3) High Pass Default Password 'xmhdipc' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass NetApp OnTAP Web Detection 06 Jun 2018 None Pass Default Password 'zlxx.' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'service' for 'service' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'tech' for 'tech' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'ubnt' for 'ubnt' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Hikvision IP Camera Web Interface Detection 28 Feb 2018 None Pass Trend Micro Smart Protection Server Detection 08 Mar 2018 None Pass Oracle WebLogic Server Java Object Deserialization RCE (October 2016 CPU) CVE-2016-5535 03 Nov 2016 9.8 (v3) Critical Pass JBoss Enterprise Application Platform doFilter() Method Insecure Deserialization RCE CVE-2017-12149 24 Apr 2018 9.8 (v3) Critical Pass Western Digital TV Web Interface Detection 08 Sep 2017 None Pass Open Network Video Interface Forum (ONVIF) Protocol Detection 17 Oct 2017 None Pass Pulse Policy Secure Detection 08 Sep 2017 None Pass Brother Printer Debut Embedded HTTP Server Detection 30 Nov 2017 None Pass HP System Management Homepage < 7.6 Multiple Vulnerabilities (HPSBMU03653) (httpoxy) CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-3739 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4342 CVE-2016-4343 CVE-2016-4393 CVE-2016-4394 CVE-2016-4395 CVE-2016-4396 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-5385 CVE-2016-5387 CVE-2016-538809 Nov 2016 8.8 (v3) High Pass Bitrix Product and Modules Detection 02 May 2017 None Pass Open Source Point Of Sale Detection 07 Apr 2016 None Pass Rockwell Automation MicroLogix 1400 PLC Web Server Detection 20 Apr 2016 None 48

Pass Acme thttpd Detection 14 Feb 2017 None Pass Default Password 'P@ssw0rd' for 'admin' Account CVE-1999-0502 10 Nov 2016 9.8 (v3) Critical Pass PowerFolder Server Detection 24 Jun 2016 None Pass BlackBerry Enterprise Service (BES) Management Console Detection 03 Jun 2016 None Pass Cisco UCS Central Software Web UI Detection 25 Aug 2016 None Pass Advantech WebAccess < 7.0-2011.08.27 Multiple ActiveX RCE 19 Aug 2015 6.8 (v2) Medium Pass Veritas NetBackup Appliance 2.6.0.x / 2.6.1.x / 2.7.x RCE (VTS16-002) CVE-2016-7399 10 Nov 2016 9.8 (v3) Critical Pass IBM Network Security Protection XGS Remote Code Execution (swg21690823) (credentialed attack) CVE-2014-6183 02 Jan 2015 4 (v2) Medium Pass IBM Network Security Protection XGS WebUI Detection 02 Jan 2015 None Pass Graylog2 Web Interface Detection 10 Feb 2015 None Pass Fortinet FortiAuthenticator Appliance Web Interface Detection 16 Feb 2015 None Pass .bash_history Files Disclosed via Web Server 12 May 2015 5.3 (v3) Medium Pass Siemens SCALANCE S612 Firewall > 2.1 and < 2.3.0.3 Multiple Vulnerabilities (SSA-268149) CVE-2012-1799 CVE-2012-1800 06 May 2015 10 (v2) Critical Pass Rockwell Automation MicroLogix 1100 PLC Web Server Detection 07 Jul 2015 None Pass Patch Management: Red Hat Satellite Server Settings 17 Jun 2015 None Pass Schneider Electric InduSoft Web Studio Detection 18 Jun 2015 None Pass Trend Micro Threat Intelligence Manager Web Console Detection 22 Jul 2015 None Pass XEROX ColorQube Device Detection 10 Oct 2013 None Pass ClearSCADA Web Server Remote Denial of Service 15 Oct 2013 7.8 (v2) High Pass Zimbra Collaboration Server Aspell Spell Check Service Detection 24 Feb 2014 None Pass Oracle WebCenter Sites Detection 03 Mar 2014 None Pass F5 Networks BIG-IQ Conﬁguration Utility Login Page Detection 09 May 2014 None Pass Usermin Detection 16 Sep 2014 None Pass Novell GroupWise Administration Console Detection 02 Sep 2014 None Pass Novell File Reporter Agent XML Parsing Remote Code Execution CVE-2011-0994 10 Sep 2012 10 (v2) Critical Pass RuggedCom RuggedOS < 3.12.1 Web UI Multiple Security Vulnerabilities 06 Feb 2013 10 (v2) Critical Pass Patch Management: HCL BigFix Get Installed Packages 27 Mar 2013 None Pass Apple OS X Proﬁle Manager Device Management Private Interface Managed Device Enumeration CVE-2012-3721 25 Mar 2013 5 (v2) Medium Pass Novell File Reporter Agent Detection 09 May 2011 None Pass Adobe Flex SDK Cross-Site Scripting (APSB11-25) (deprecated) CVE-2011-2461 01 Dec 2011 4.3 (v2) Medium Pass Do not scan printers 01 Dec 2003 None Pass Modicon Quantum HTTP Server Default Credentials 11 Dec 2006 7.5 (v2) High Pass Web mirroring 04 May 2001 None Pass Symantec Content Analysis Web Detection 21 May 2019 None Pass Jenkins Plugins Detection 20 Sep 2019 None Pass Drupal PHPUnit/Mailchimp Code Execution Vulnerability CVE-2017-9841 06 Sep 2019 9.8 (v3) Critical Pass Siemens SIMATIC S7-1200 PLC UDP Denial of Service (CVE-2019-10936) CVE-2019-10936 06 Dec 2019 7.5 (v3) High Pass Rancher Web Interface Detection 13 Dec 2018 None Pass Lenel OnGuard License Administrator 29 Jan 2019 None Pass Cisco Small Business Router Web UI Detection 23 Jul 2020 None Pass SAP NetWeaver : Authentication Bypass (CVE-2020-6287) (Direct Check) CVE-2020-6287 20 Jul 2020 10 (v3) Critical Pass Trend Micro InterScan Web Security Virtual Appliance Detection 28 Jul 2020 None Pass Apache Struts 2.x < 2.5.26 RCE (S2-061) (direct check) CVE-2020-17530 17 Dec 2020 9.8 (v3) Critical Pass Selligent Message Studio Struts Code Execution (CVE-2013-2251) CVE-2013-2251 05 Nov 2020 10 (v3) Critical Pass SonicWall Secure Mobile Access (SMA) Web Detection 03 Feb 2021 None Pass SAP Solution Manager Web Detection 26 Jan 2021 None Pass Apache Flink local ﬁle inclusion Vulnerability (direct check) CVE-2020-17519 09 Feb 2021 7.5 (v3) High Pass Apache Druid < 0.20.1 RCE (Direct Check) CVE-2021-25646 30 Mar 2021 8.8 (v3) High Pass SonicWall Email Security Web Interface Detected 26 Apr 2021 None Pass Trend Micro ServerProtect Information Server Detection 22 Oct 2021 None Pass Cisco Integrated Management Controller GUI DoS (cisco-sa-imc-gui-dos-TZjrFyZh) CVE-2021-34736 22 Oct 2021 7.5 (v3) High Pass Cisco IOS XE Software SD WAN Command Injection (cisco-sa-sd-wan-rhpbE34A) CVE-2021-1529 22 Oct 2021 7.8 (v3) High Pass PHP 5.4.x < 5.4.44 Multiple Vulnerabilities CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-8867 11 Aug 2015 7.3 (v3) High Pass Apache ActiveMQ Blob Message Directory Traversal CVE-2015-1830 21 Aug 2015 5 (v2) Medium Pass Cisco TelePresence VCS Expressway 8.5.3 XML External Entity (XXE) Injection CVE-2015-4315 26 Aug 2015 6.4 (v3) Medium Pass PHP 5.6.x < 5.6.28 Multiple Vulnerabilities CVE-2016-7478 CVE-2016-9933 CVE-2016-9934 18 Nov 2016 7.5 (v3) High Pass Cisco TelePresence VCS Expressway Series 8.5.1 Information Disclosure CVE-2015-4314 26 Aug 2015 4.3 (v3) Medium Pass Cisco TelePresence VCS Expressway Series 8.5.2 Multiple Vulnerabilities CVE-2015-4303 CVE-2015-4316 CVE-2015-4317 CVE-2015-4318 CVE-2015-4319 CVE-2015-4320 26 Aug 2015 6.3 (v3) Medium Pass CockroachDB < 2.1.10 / 19.x < 19.1.6 / 19.2.x < 19.2.2 Information Disclosure Direct Check (A44348) 04 Apr 2022 5.3 (v3) Medium Pass CockroachDB < 2.1.12 / 19.x < 19.1.8 / 19.2 < 19.2.4 Information Disclosure (A44348) 04 Apr 2022 5.3 (v3) Medium Pass CockroachDB < 2.1.10 / 19.1.x < 19.1.16 / 19.2.x < 19.2.2 Broken Access Control Vulnerability (A42567) 04 Apr 2022 9.1 (v3) Critical Pass PHP 5.4.x < 5.4.45 Multiple Vulnerabilities CVE-2014-9767 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 10 Sep 2015 7.3 (v3) High Pass PHP 5.5.x < 5.5.29 Multiple Vulnerabilities CVE-2014-9767 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 10 Sep 2015 7.3 (v3) High Pass PHP 5.6.x < 5.6.13 Multiple Vulnerabilities CVE-2014-9767 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 10 Sep 2015 7.3 (v3) High Pass Persistent Systems Radia Client Automation Agent Command Injection 25 Sep 2015 10 (v2) Critical Pass TLS Version 1.1 Protocol Deprecated 04 Apr 2022 6.5 (v3) Medium Pass PHP 5.5.x < 5.5.30 Multiple Vulnerabilities CVE-2015-7803 CVE-2015-7804 06 Oct 2015 8.6 (v3) High Pass OpenSSH PCI Disputed Vulnerabilities. CVE-2016-20012 CVE-2020-15778 CVE-2021-36368 04 Apr 2022 7.8 (v3) High Pass PHP 5.6.x < 5.6.14 Multiple Vulnerabilities CVE-2015-7803 CVE-2015-7804 06 Oct 2015 8.6 (v3) High Pass VISAM Automation Base (VBASE) Web-Remote Path Traversal (CVE-2020-7008) CVE-2020-7008 01 Mar 2022 7.5 (v3) High Pass VISAM Automation Base (VBASE) Web-Remote Detection 01 Mar 2022 None Pass Persistent Systems Radia Client Automation Agent Command Injection CVE-2015-1497 19 Oct 2015 10 (v2) Critical Pass DNN (DotNetNuke) < 7.4.2 Multiple Vulnerabilities 20 Oct 2015 4.3 (v2) Medium Pass Cisco TelePresence VCS Expressway 8.5.1 / 8.5.2 request-xconfdump Symbolic Link Local File Manipulation (cisco-sa-20141007-vcs)CVE-2015-6318 22 Oct 2015 9.3 (v3) Critical Pass 3S CODESYS Runtime Toolkit < 2.4.7.48 PLCWinNT DoS CVE-2015-6482 23 Oct 2015 5 (v2) Medium Pass Atlassian Bamboo 2.2.x < 5.8.5 / 5.9.x < 5.9.7 Unspeciﬁed Resource Deserialization RCE CVE-2015-6576 04 Nov 2015 8.8 (v3) High Pass nginx 1.9.x < 1.9.6 HTTPv2 PRI Double-Free DoS 16 Nov 2015 7.5 (v3) High Pass Jenkins < 1.638 / 1.625.2 Java Object Deserialization RCE CVE-2015-8103 17 Nov 2015 7.5 (v2) High Pass Crestron QM-RMC Service Detection 22 Dec 2015 None Pass PHP 7.0.x < 7.0.1 Multiple Vulnerabilities CVE-2015-8616 CVE-2015-8617 22 Dec 2015 9.8 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (January 2016 CPU) CVE-2015-3195 CVE-2015-4926 CVE-2016-0454 CVE-2016-0456 CVE-2016-0457 CVE-2016-0459 CVE-2016-0507 CVE-2016-0509 CVE-2016-0510 CVE-2016-0511 CVE-2016-0512 CVE-2016-0513 CVE-2016-0514 CVE-2016-0515 CVE-2016-0516 CVE-2016-0517 CVE-2016-0518 CVE-2016-0519 CVE-2016-0520 CVE-2016-0521 CVE-2016-0523 CVE-2016-0524 CVE-2016-0525 CVE-2016-0526 CVE-2016-0527 CVE-2016-0528 CVE-2016-0529 CVE-2016-0530 CVE-2016-0531 CVE-2016-0532 CVE-2016-0533 CVE-2016-0534 CVE-2016-0536 CVE-2016-0537 CVE-2016-0538 CVE-2016-0539 CVE-2016-0542 CVE-2016-0543 CVE-2016-0544 CVE-2016-0545 CVE-2016-0547 CVE-2016-0548 CVE-2016-0549 CVE-2016-0550 CVE-2016-0551 CVE-2016-0552 CVE-2016-0553 CVE-2016-0554 CVE-2016-0555 CVE-2016-0556 CVE-2016-0557 CVE-2016-0558 CVE-2016-0559 CVE-2016-0560 CVE-2016-0561 CVE-2016-0562 CVE-2016-0563 CVE-2016-0564 CVE-2016-0565 CVE-2016-0566 CVE-2016-0567 CVE-2016-0568 CVE-2016-0569 CVE-2016-0570 CVE-2016-0571 CVE-2016-0575 CVE-2016-0576 CVE-2016-0578 CVE-2016-0579 CVE-2016-0580 CVE-2016-0581 CVE-2016-0582 CVE-2016-0583 CVE-2016-0584 CVE-2016-0585 CVE-2016-0586 CVE-2016-0588 CVE-2016-058921 Jan 2016 6.4 (v2) Medium Pass Cisco TelePresence VCS 8.5.1 Unspeciﬁed XSRF (cisco-sa-20151120-tvcs) CVE-2015-6376 02 Feb 2016 7.3 (v3) High Pass PHP prior to 5.5.x < 5.5.31 / 5.6.x < 5.6.17 Multiple Vulnerabilities CVE-2016-1903 CVE-2016-5114 10 Feb 2016 9.1 (v3) Critical Pass PHP 7.x < 7.0.2 Multiple Vulnerabilities CVE-2016-1903 CVE-2016-1904 CVE-2016-5114 10 Feb 2016 7.3 (v3) High Pass PHP 5.6.x < 5.6.18 Multiple Vulnerabilities CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 CVE-2016-2554 CVE-2016-4342 CVE-2016-4343 CVE-2016-1071211 Feb 2016 9.8 (v3) Critical Pass Symantec Encryption Management Server 3.3.2 < 3.3.2 MP12 Multiple Vulnerabilities (SYM16-002) CVE-2015-8148 CVE-2015-8149 CVE-2015-8150 CVE-2015-8151 23 Feb 2016 7.8 (v3) High Pass Tenable Nessus < 6.5.5 Host Details Scan Results XSS CVE-2016-82000 23 Feb 2016 3.4 (v3) Low Pass Jenkins < 1.642.2 / 1.650 Java Object Deserialization RCE CVE-2016-0792 29 Feb 2016 8.8 (v3) High Pass Jenkins < 1.642.2 / 1.650 Java Object Deserialization RCE CVE-2016-0788 07 Mar 2016 9.8 (v3) Critical Pass Centreon Default Administrator Password 23 Dec 2014 7.5 (v2) High Pass PHP 5.4.x < 5.4.36 'process_nested_data' RCE CVE-2014-8142 02 Jan 2015 7.5 (v2) High Pass PHP 5.5.x < 5.5.20 'process_nested_data' RCE CVE-2014-8142 02 Jan 2015 7.5 (v2) High Pass Centreon 'insertLog()' Function RCE 05 Jan 2015 7.5 (v2) High Pass Dell iDRAC Products IPMI Arbitrary Command Injection Vulnerability CVE-2014-8272 09 Jan 2015 5 (v2) Medium Pass IBM Endpoint Manager Enrollment and Apple iOS Management Extender Detection 20 Jan 2015 None Pass IBM Tivoli Storage Manager Server 6.2 < 6.2.7 / 6.3 < 6.3.5 / 7.1 < 7.1.1 GSKit X.509 Certiﬁcate Chain DoSCVE-2013-6747 13 Jan 2015 7.1 (v2) High Pass Oracle OpenSSO SAML Multiple Vulnerabilities (January 2015 CPU) CVE-2014-6592 CVE-2015-0389 27 Jan 2015 3.5 (v2) Low Pass QNAP QTS / QuTS Hero Arbitrary Code Execution (QSA-21-57) 05 Apr 2022 9.8 (v3) Critical Pass Cisco IOS XR Software Border Gateway Protocol DoS (cisco-sa-20090818-bgp) CVE-2009-1154 CVE-2009-2055 CVE-2009-2056 05 Apr 2022 5.9 (v3) Medium Pass PHP 5.4.x < 5.4.37 Multiple Vulnerabilities CVE-2014-9427 CVE-2014-9652 CVE-2015-0231 CVE-2015-0232 29 Jan 2015 7.3 (v3) High Pass PHP 5.5.x < 5.5.21 Multiple Vulnerabilities CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 29 Jan 2015 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.5 Multiple Vulnerabilities CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 29 Jan 2015 9.8 (v3) Critical Pass Cisco Catalyst PON Series Web Detection 15 Nov 2021 None Pass Apache 2.4.x < 2.4.12 Multiple Vulnerabilities CVE-2013-5704 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 02 Feb 2015 5.3 (v3) Medium Pass Pandora FMS <= 5.0 SP2 SQLi 03 Feb 2015 7.5 (v2) High Pass Default Password (changeme) for 'splunkadmin' Account CVE-1999-0502 04 Feb 2015 9.8 (v3) Critical Pass Symantec Encryption Management Server < 3.3.2 MP7 Multiple Vulnerabilities CVE-2014-7287 CVE-2014-7288 05 Feb 2015 9 (v2) High Pass Atmail Webmail Unsupported Version Detection 05 Feb 2015 10 (v2) Critical Pass Atmail Webmail 7.x < 7.2.2 Multiple Vulnerabilities 05 Feb 2015 6.8 (v2) Medium Pass FreePBX /recordings/index.php 'ari_auth' Cookie Authentication Bypass CVE-2014-7235 05 Feb 2015 10 (v2) Critical Pass DNN (DotNetNuke) < 7.4.0 Unspeciﬁed Persistent XSS CVE-2015-1566 12 Feb 2015 4.3 (v2) Medium Pass Apache ActiveMQ Web Console Default Credentials 16 Feb 2015 7.5 (v2) High 49

Pass ManageEngine EventLog Analyzer 'agentHandler' Information Disclosure CVE-2014-6038 CVE-2014-6039 18 Feb 2015 5 (v2) Medium Pass Tivoli Storage Manager Server Unauthorized Access Vulnerability CVE-2012-5944 24 Feb 2015 4.6 (v2) Medium Pass PHP 5.4.x < 5.4.38 Multiple Vulnerabilities (GHOST) CVE-2014-9705 CVE-2015-0235 CVE-2015-0273 25 Feb 2015 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.22 Multiple Vulnerabilities (GHOST) CVE-2014-9705 CVE-2015-0235 CVE-2015-0273 CVE-2015-2301 CVE-2015-8866 25 Feb 2015 9.8 (v3) Critical Pass SSH SHA-1 HMAC Algorithms Enabled (PCI DSS) 05 Apr 2022 3.7 (v3) Low Pass PHP 5.6.x < 5.6.6 Multiple Vulnerabilities (GHOST) CVE-2014-9705 CVE-2015-0235 CVE-2015-0273 CVE-2015-2301 CVE-2015-8866 25 Feb 2015 9.8 (v3) Critical Pass TYPO3 Anchor-only Links Remote Spooﬁng Vulnerability CVE-2014-9508 27 Feb 2015 4.7 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE) CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-513905 Mar 2015 7.3 (v3) High Pass ManageEngine NetFlow Analyzer Multiple Path Traversal and File Access CVE-2014-5445 CVE-2014-5446 16 Mar 2015 5 (v2) Medium Pass Cisco TelePresence VCS / Expressway Series < 8.2 SDP Media Description Vulnerability CVE-2015-0652 19 Mar 2015 7.5 (v3) High Pass Cisco TelePresence VCS / Expressway Series < 7.2.4 / 8.1.2 / 8.2.2 Login Security Bypass Vulnerability CVE-2015-0653 20 Mar 2015 9.8 (v3) Critical Pass PHP 5.4.x < 5.4.39 Multiple Vulnerabilities CVE-2015-0231 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-4147 CVE-2015-4148 24 Mar 2015 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.23 Multiple Vulnerabilities CVE-2015-0231 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-4147 CVE-2015-4148 24 Mar 2015 9.8 (v3) Critical Pass QNAP QTS / QuTS hero Information Disclosure (QSA-21-53) CVE-2021-34347 06 Apr 2022 7.5 (v3) High Pass SSL Certiﬁcate with no Common Name 06 Apr 2022 None Pass SSL Certiﬁcate with no Subject 06 Apr 2022 None Pass SSL/TLS Recommended Cipher Suites (PCI DSS) 06 Apr 2022 4.8 (v3) Medium Pass Oracle E-Business Multiple Vulnerabilities (October 2017 CPU) CVE-2017-3444 CVE-2017-3445 CVE-2017-3446 CVE-2017-10066 CVE-2017-10077 CVE-2017-10303 CVE-2017-10322 CVE-2017-10323 CVE-2017-10324 CVE-2017-10325 CVE-2017-10326 CVE-2017-10328 CVE-2017-10329 CVE-2017-10330 CVE-2017-10331 CVE-2017-10332 CVE-2017-10387 CVE-2017-10409 CVE-2017-10410 CVE-2017-10411 CVE-2017-10412 CVE-2017-10413 CVE-2017-10414 CVE-2017-10415 CVE-2017-10416 CVE-2017-1041720 Oct 2017 9.1 (v3) Critical Pass Apache 2.4.x < 2.4.39 Multiple Vulnerabilities CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 02 Apr 2019 7.8 (v3) High Pass pfSense Web Interface Detection 19 Jan 2018 None Pass Web Site Accepts Credit Card Data 06 Apr 2022 None Pass Web Site Accepts Credit Card Data over cleartext HTTP 06 Apr 2022 4.8 (v3) Medium Pass Nokia VitalQIP Web Client Detection 09 Feb 2018 None Pass HPE Moonshot Provisioning Manager Detection 29 Jan 2018 None Pass PHP 5.6.x < 5.6.7 Multiple Vulnerabilities CVE-2015-0231 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-4147 CVE-2015-4148 24 Mar 2015 9.8 (v3) Critical Pass Riverbed SteelHead CX WAN Traﬃc Manager Web UI Detection 26 Feb 2018 None Pass Oracle Enterprise Manager Database Express (EM Express) Detection 19 Mar 2018 None Pass IBM BigFix Compliance Detection 09 Jun 2017 None Pass HooToo TripMate Web Interface Detection 29 Jun 2017 None Pass Check_MK Server WebUI Detection 28 Jun 2017 None Pass GNU Bash Incomplete Fix Remote Code Injection (Shellshock) CVE-2014-6278 06 Apr 2015 9.8 (v3) Critical Pass Grandstream Phone Web Interface Detection 27 Sep 2017 None Pass Sonatype Nexus Repository Manager Detection 20 Jul 2016 None Pass QlikView Server Web UI Detection 23 Jun 2016 None Pass VMware vRealize Log Insight Web UI Detection 10 Aug 2016 None Pass SonicWALL Universal Management Suite Detection 15 Aug 2016 None Pass Symantec Protection Engine Detection 07 Sep 2016 None Pass EMC vApp Manager Detection 03 Nov 2016 None Pass Veritas NetBackup Appliance Web Console Detection 10 Nov 2016 None Pass Adobe Connect Detection 14 Nov 2016 None Pass IBM DB2 10.5 < Fix Pack 5 Multiple DoS Vulnerabilities CVE-2014-6209 CVE-2014-6210 CVE-2014-8901 16 Apr 2015 4.3 (v3) Medium Pass Accellion Secure File Transfer Appliance Detection 27 Jul 2015 None Pass Oracle iPlanet Web Server Detection 07 Aug 2015 None Pass Microsoft UDDI Services Detection 13 Aug 2015 None Pass IBM BigFix Web Reports Detection 18 Nov 2016 None Pass Schneider Electric InduSoft Web Studio < 7.1.3.5 Local Plaintext Password Information Disclosure (SEVD-2015-100-01)CVE-2015-1009 14 Aug 2015 1.7 (v2) Low Pass Advantech WebAccess < 7.0-2009.06.29 Multiple Vulnerabilities CVE-2011-4521 CVE-2011-4522 CVE-2011-4523 CVE-2011-4524 CVE-2011-4525 CVE-2011-4526 CVE-2012-0233 CVE-2012-0234 CVE-2012-0235 CVE-2012-0236 CVE-2012-0237 CVE-2012-0238 CVE-2012-0239 CVE-2012-0240 CVE-2012-0241 CVE-2012-0242 CVE-2012-0243 CVE-2012-0244 CVE-2012-123428 Aug 2015 10 (v2) Critical Pass Siemens SIMATIC S7-1200 PLC Web Server Detection 02 Mar 2015 None Pass Symantec Data Center Security Web Administration Interface Detection 26 Feb 2015 None Pass Loxone Smart Home Miniserver Web Server Version Detection 13 Mar 2015 None Pass WordPress Plugin 'Social Warfare' < 3.5.3 XSS CVE-2019-9978 07 Apr 2022 6.1 (v3) Medium Pass LiveZilla Detection 14 Dec 2013 None Pass QNAP QTS / QuTS hero Out-of-Bounds Read (QSA-21-40) CVE-2021-3712 07 Apr 2022 7.4 (v3) High Pass ManageEngine Access Manager Plus Detection 07 Apr 2022 None Pass Quantum vmPRO Web Administration Interface Detection 24 Mar 2014 None Pass QNAP QTS / QuTS hero Out-of-Bounds Read (QSA-21-27) CVE-2021-20254 07 Apr 2022 6.8 (v3) Medium Pass ManageEngine Access Manager Plus Authentication Bypass (CVE-2021-44676) CVE-2021-44676 07 Apr 2022 9.8 (v3) Critical Pass trixbox Web Detection 15 Apr 2014 None Pass Postﬁx Admin Detection 30 Apr 2014 None Pass VMware Horizon Workspace Detection 06 May 2014 None Pass QNAP QTS / QuTS hero Multiple Buﬀer Overﬂow Vulnerabilities (QSA-21-33) CVE-2021-28816 CVE-2021-34343 07 Apr 2022 8.8 (v3) High Pass McAfee VirusScan Enterprise for Linux User Interface Detection 03 May 2014 None Pass WebTitan Detect 18 Jul 2014 None Pass Symantec Data Insight Management Console Detection 03 Jul 2014 None Pass Foreman Smart-Proxy TFTP Detection 17 Jul 2014 None Pass HP Smart Update Manager Detection 24 Jul 2014 None Pass Barco ClickShare Device Detect 19 Aug 2014 None Pass Web Server Generic XSS CVE-2002-1060 CVE-2002-1700 CVE-2003-1543 CVE-2005-2453 CVE-2006-1681 CVE-2012-3382 30 Nov 2001 6.1 (v3) Medium Pass Oracle Enterprise Data Quality Dashboard Detection 30 Oct 2014 None Pass Oracle Enterprise Data Quality Director Detection 30 Oct 2014 None Pass Oracle Business Transaction Management Detection 31 Oct 2014 None Pass Goverlan Agent Remote Detection 12 Feb 2019 None Pass Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027) CVE-2019-19781 24 Dec 2019 9.8 (v3) Critical Pass Trend Micro OﬃceScan Multiple Vulnerabilities (000245571) CVE-2020-8467 CVE-2020-8468 CVE-2020-8470 CVE-2020-8598 CVE-2020-8599 18 Mar 2020 9.8 (v3) Critical Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX276688) CVE-2019-18177 CVE-2020-8187 CVE-2020-8190 CVE-2020-8191 CVE-2020-8193 CVE-2020-8194 CVE-2020-8195 CVE-2020-8196 CVE-2020-8197 CVE-2020-8198 CVE-2020-819908 Jul 2020 8.8 (v3) High Pass MySQL Enterprise Monitor 3.4.x < 3.4.10 / 4.x < 4.0.7 / 8.x < 8.0.3 Multiple Vulnerabilities (Oct 2018 CPU)CVE-2018-1258 CVE-2018-8014 CVE-2018-11776 24 Jul 2020 9.8 (v3) Critical Pass HPE Edgeline Infrastructure Manager Authentication Bypass CVE-2020-7199 24 Feb 2021 9.8 (v3) Critical Pass Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path TCVE-2020-3452raversal (cisco-sa-asaftd-ro-path-KJuQhB86) 29 Jul 2020 7.5 (v3) High Pass Python Unsupported Version Detection 07 Apr 2021 10 (v3) Critical Pass Oracle E-Business Multiple Vulnerabilities (April 2018 CPU) CVE-2018-2804 CVE-2018-2864 CVE-2018-2865 CVE-2018-2866 CVE-2018-2867 CVE-2018-2868 CVE-2018-2869 CVE-2018-2870 CVE-2018-2871 CVE-2018-2872 CVE-2018-2873 CVE-2018-287420 Apr 2018 9.1 (v3) Critical Pass SonicWall Email Security 10.0.x < 10.0.9.6173 / 6177 Multiple Vulnerabilities CVE-2021-20021 CVE-2021-20022 CVE-2021-20023 28 Apr 2021 9.8 (v3) Critical Pass Juniper NSM < 2012.2R11 Multiple OpenSSL Vulnerabilities (JSA10679) (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 21 Apr 2015 5 (v2) Medium Pass PHP 5.4.x < 5.4.40 Multiple Vulnerabilities CVE-2014-9709 CVE-2015-1352 CVE-2015-2301 CVE-2015-2783 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-460523 Apr 2015 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.24 Multiple Vulnerabilities CVE-2015-1351 CVE-2015-1352 CVE-2015-2783 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-460523 Apr 2015 9.8 (v3) Critical Pass PCI DSS Compliance : Point-of-Sale (POS) Software Using Default Credentials 07 Apr 2022 4.8 (v3) Medium Pass PHP 5.6.x < 5.6.8 Multiple Vulnerabilities CVE-2015-1351 CVE-2015-1352 CVE-2015-2783 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-460523 Apr 2015 9.8 (v3) Critical Pass Magento Mage_Adminhtml_Block_Report_Search_Grid Class 'popularity' Parameter SQLi CVE-2015-1397 11 May 2015 6.5 (v2) Medium Pass Magento XML-RPC XXE Arbitrary File Disclosure CVE-2012-6091 12 May 2015 5 (v2) Medium Pass EMC AutoStart < 5.5.0 HF4 ftAgent Remote Code Execution CVE-2015-0538 14 May 2015 9.3 (v2) High Pass GPON ONT Home Gateway Router is vulnerable to authenticated remote command execution (CVE-2018-10562)CVE-2018-10562 19 Dec 2018 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.26 Multiple vulnerabilities. CVE-2016-10166 CVE-2018-19935 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 31 Jan 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.11 Multiple Vulnerabilities CVE-2016-1283 CVE-2017-16642 16 Nov 2017 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway < 8.8.2 Received Packet Parser DoS CVE-2017-3790 22 Feb 2017 8.6 (v3) High Pass PowerFolder Java Object Deserialization RCE 24 Jun 2016 10 (v2) Critical Pass Default Password 'xc3511' for 'root' Account CVE-1999-0502 CVE-2016-1000245 28 Oct 2016 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.11 awk Magic Parsing BEGIN DoS CVE-2013-7345 08 Apr 2014 5 (v2) Medium Pass IBM Domino 8.5.x < 8.5.3 Fix Pack 5 Interim Fix 1 iNotes Buﬀer Overﬂow CVE-2013-4068 28 May 2014 7.1 (v2) High Pass PHP 5.3.x < 5.3.15 Multiple Vulnerabilities CVE-2012-2688 CVE-2012-3365 20 Jul 2012 10 (v2) Critical Pass PHP 5.3.x < 5.3.29 Multiple Vulnerabilities CVE-2013-6712 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049 CVE-2014-472120 Aug 2014 7.3 (v3) High Pass eLouai's Force Download Script ﬁle Parameter File Disclosure 08 Nov 2010 5 (v2) Medium Pass Default Password (merlin) for 'mg3500' Account CVE-1999-0502 CVE-2010-4233 15 Nov 2010 9.8 (v3) Critical Pass HP Intelligent Management Center Multiple Vulnerabilities CVE-2011-1848 CVE-2011-1849 CVE-2011-1850 CVE-2011-1851 CVE-2011-1852 CVE-2011-1853 CVE-2011-1854 08 Jun 2011 10 (v2) Critical Pass Milter Detection 26 Jan 2008 None Pass DNN (DotNetNuke) Language Flag Selector Culture XSS 21 May 2013 4.3 (v2) Medium Pass HP Data Protector Local Privilege Escalation CVE-2012-5220 24 Jun 2013 7.2 (v2) High Pass Acajoom Component for Joomla! 'mailingid' Parameter SQLi CVE-2008-1427 19 Mar 2008 7.3 (v3) High Pass SmarterMail Subject Field XSS CVE-2008-0872 07 Apr 2008 4.3 (v2) Medium Pass dotCMS search-results.dot search_query Parameter XSS CVE-2008-2397 04 Jun 2008 4.3 (v2) Medium Pass Adobe Flex 3 History Management historyFrame.html XSS CVE-2008-2640 18 Jun 2008 4.3 (v2) Medium Pass Sun GlassFish Enterprise < 2.1 Patch 02 Denial of Service 09 Jun 2009 2.1 (v2) Low Pass CGI Generic Path Traversal 19 Jun 2009 5.3 (v3) Medium Pass Basic Analysis and Security Engine Authentication Check 26 Jun 2009 5 (v2) Medium 50

Pass Microsoft SQL Server Default Credentials 13 Feb 2002 9.8 (v3) Critical Pass ViewCVS viewcvs.cgi Multiple Parameter XSS CVE-2002-0771 27 Sep 2004 4.3 (v2) Medium Pass Cayman DSL Router Single Character String Authentication Bypass. CVE-2001-1430 13 Aug 2001 7.5 (v2) High Pass MDaemon File Creation Local Privilege Escalation CVE-2004-2504 24 Nov 2004 7.2 (v2) High Pass SquirrelMail S/MIME Plug-in Remote Command Execution CVE-2005-0239 03 Mar 2005 6.5 (v2) Medium Pass SimpGB guestbook.php quote Parameter SQL Injection CVE-2005-0786 15 Mar 2005 7.5 (v2) High Pass Netquery <= 3.11 nquser.php host Parameter Arbitrary Command Execution CVE-2005-2684 25 Aug 2005 7.5 (v2) High Pass MyBB misc.php Multiple SQL Injection Vulnerabilities CVE-2005-2888 17 Sep 2005 7.5 (v2) High Pass SSL Version 2 and 3 Protocol Detection 12 Oct 2005 9.8 (v3) Critical Pass Comersus Cart /comersus/database/comersus.mdb Direct Request Datbase Disclosure 02 Nov 2005 5 (v2) Medium Pass phpWebThings Multiple Scripts SQL Injection CVE-2005-3585 CVE-2005-4218 08 Nov 2005 7.5 (v2) High Pass Zen Cart password_forgotten.php admin_email Parameter SQL Injection CVE-2005-3996 03 Dec 2005 5.1 (v2) Medium Pass dotProject docs/ Directory Multiple Script Information Disclosure CVE-2006-0756 15 Feb 2006 5 (v2) Medium Pass MODx < 0.9.1a Multiple Vulnerabilities CVE-2006-1820 CVE-2006-1821 17 Apr 2006 6.4 (v2) Medium Pass X7 Chat help/index.php help_ﬁle Parameter Local File Inclusion CVE-2006-2156 03 May 2006 6.4 (v2) Medium Pass eFiction < 2.0.2 Multiple Remote Vulnerabilities (SQLi, XSS, Disc) CVE-2005-4167 CVE-2005-4168 CVE-2005-4169 CVE-2005-4170 CVE-2005-4171 CVE-2005-4172 CVE-2005-4173 CVE-2005-4174 29 Dec 2005 7.5 (v2) High Pass Loudblog index.php id Parameter SQL Injection CVE-2006-3832 25 Jul 2006 7.5 (v2) High Pass IBM Lotus Domino IMAP Service Mailbox Name Overﬂow CVE-2007-3510 24 Oct 2007 9 (v2) High Pass Plogger plog-rss.php id Parameter SQL Injection CVE-2007-6587 23 Dec 2007 7.5 (v2) High Pass mvnForum activatemember Multiple Parameter XSS CVE-2006-3245 27 Jun 2006 2.6 (v2) Low Pass PHP 5.4.x < 5.4.41 Multiple Vulnerabilities CVE-2006-7243 CVE-2015-2325 CVE-2015-2326 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 18 May 2015 9.8 (v3) Critical Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Oct 2019 CPU)CVE-2017-12626 CVE-2019-2976 CVE-2019-3020 18 Oct 2019 9.3 (v3) Critical Pass CMS Made Simple modules/TinyMCE/content_css.php templateid Parameter SQL Injection CVE-2007-6656 02 Jan 2008 7.5 (v2) High Pass Apache Tomcat 9.0.0 < 9.0.35 Remote Code Execution CVE-2020-9484 22 May 2020 7 (v3) High Pass Dotnetnuke 5.0.x < 9.6.1 (09.06.01) 12 Jun 2020 6.1 (v3) Medium Pass Oracle E-Business Suite Multiple Vulnerabilities (April 2021 CPU) CVE-2017-14735 CVE-2019-10086 CVE-2020-1967 CVE-2020-9488 CVE-2021-2150 CVE-2021-2153 CVE-2021-2155 CVE-2021-2156 CVE-2021-2181 CVE-2021-2182 CVE-2021-2183 CVE-2021-2184 CVE-2021-2185 CVE-2021-2186 CVE-2021-2187 CVE-2021-2188 CVE-2021-2189 CVE-2021-2190 CVE-2021-2195 CVE-2021-2197 CVE-2021-2198 CVE-2021-2199 CVE-2021-2200 CVE-2021-2205 CVE-2021-2206 CVE-2021-2209 CVE-2021-2210 CVE-2021-2222 CVE-2021-2223 CVE-2021-2224 CVE-2021-2225 CVE-2021-2227 CVE-2021-2228 CVE-2021-2229 CVE-2021-2231 CVE-2021-2233 CVE-2021-2235 CVE-2021-2236 CVE-2021-2237 CVE-2021-2238 CVE-2021-2239 CVE-2021-2241 CVE-2021-2246 CVE-2021-2247 CVE-2021-2249 CVE-2021-2251 CVE-2021-2252 CVE-2021-2254 CVE-2021-2255 CVE-2021-2258 CVE-2021-2259 CVE-2021-2260 CVE-2021-2261 CVE-2021-2262 CVE-2021-2263 CVE-2021-2267 CVE-2021-2268 CVE-2021-2269 CVE-2021-2270 CVE-2021-2271 CVE-2021-2272 CVE-2021-2273 CVE-2021-2274 CVE-2021-2275 CVE-2021-2276 CVE-2021-2288 CVE-2021-2289 CVE-2021-2290 CVE-2021-2292 CVE-2021-2295 CVE-2021-2314 CVE-2021-231623 Apr 2021 9.1 (v3) Critical Pass TYPO3 9.5.12 < 9.5.17 / 10.2 < 10.4.2 XSS (TYPO3-CORE-SA-2020-003) CVE-2020-11065 13 Jul 2020 5.4 (v3) Medium Pass PHP 5.5.x < 5.5.25 Multiple Vulnerabilities CVE-2006-7243 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 18 May 2015 7.5 (v3) High Pass PHP 5.6.x < 5.6.9 Multiple Vulnerabilities CVE-2006-7243 CVE-2015-2325 CVE-2015-2326 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 18 May 2015 9.8 (v3) Critical Pass eFront < 3.6.15.4 Build 18023 Multiple Vulnerabilities 26 May 2015 6.5 (v2) Medium Pass SSL/TLS Diﬃe-Hellman Modulus <= 1024 Bits (Logjam) CVE-2015-4000 28 May 2015 3.7 (v3) Low Pass Jenkins < 1.565.3 / 1.586 Multiple Vulnerabilities CVE-2014-9634 CVE-2014-9635 03 Jun 2015 5.3 (v3) Medium Pass Dell NetVault Backup 10.0.x < 10.0.5 RCE CVE-2015-4067 CVE-2015-5696 05 Jun 2015 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (July 2013 CPU) CVE-2013-3751 CVE-2013-3758 CVE-2013-3774 CVE-2013-3760 CVE-2013-3771 CVE-2013-3789 CVE-2013-3790 17 Jul 2013 9.9 (v3) Critical Pass SSL/TLS Recommended Cipher Suites 20 Jan 2022 None Pass IBM WebSphere Application Server Admin Console 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSSCVE-2018-1777 27 May 2020 5.4 (v3) Medium Pass SSH SHA-1 HMAC Algorithms Enabled 23 Sep 2021 None Pass Jenkins plugins Multiple Vulnerabilities (2022-03-29) CVE-2022-28133 CVE-2022-28134 CVE-2022-28135 CVE-2022-28136 CVE-2022-28137 CVE-2022-28138 CVE-2022-28139 CVE-2022-28140 CVE-2022-28141 CVE-2022-28142 CVE-2022-28143 CVE-2022-28144 CVE-2022-28145 CVE-2022-28146 CVE-2022-28147 CVE-2022-28148 CVE-2022-28149 CVE-2022-28150 CVE-2022-28151 CVE-2022-28152 CVE-2022-28153 CVE-2022-28154 CVE-2022-28155 CVE-2022-28156 CVE-2022-28157 CVE-2022-28158 CVE-2022-28159 CVE-2022-2816031 Mar 2022 8.8 (v3) High Pass SonicWall Secure Mobile Access (SMA) SQLi (SNWLID-2021-0017) CVE-2021-20028 04 Apr 2022 9.8 (v3) Critical Pass Cisco IOS XR Software Border Gateway Protocol DoS (cisco-sa-20100827-bgp) CVE-2010-3035 05 Apr 2022 7.5 (v3) High Pass IBM WebSphere Application Server 9.x < 9.0.5.12 Clickjacking CVE-2021-39038 03 Mar 2022 5.4 (v3) Medium Pass GitLab 12.10.x < 14.6.5 / 14.7.x < 14.7.4 / 14.8.x < 14.8.2 Multiple Vulnerabilities CVE-2022-0735 CVE-2022-0741 CVE-2022-0751 03 Mar 2022 9.8 (v3) Critical Pass PHP 5.4.x < 5.4.42 Multiple Vulnerabilities CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-464424 Jun 2015 9.8 (v3) Critical Pass PHP 5.5.x < 5.5.26 Multiple Vulnerabilities CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-464424 Jun 2015 9.8 (v3) Critical Pass Jenkins LTS < 2.303.3 / Jenkins weekly < 2.319 Multiple Vulnerabilities CVE-2021-21685 CVE-2021-21686 CVE-2021-21687 CVE-2021-21688 CVE-2021-21689 CVE-2021-21690 CVE-2021-21691 CVE-2021-21692 CVE-2021-21693 CVE-2021-21694 CVE-2021-21695 CVE-2021-21696 CVE-2021-21697 CVE-2021-2169804 Nov 2021 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.10 Multiple Vulnerabilities CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-464424 Jun 2015 9.8 (v3) Critical Pass PHP 5.4.x < 5.4.43 Multiple Vulnerabilities (BACKRONYM) CVE-2015-3152 CVE-2015-5589 CVE-2015-5590 CVE-2015-8838 10 Jul 2015 9.8 (v3) Critical Pass Dell EMC iDRAC8 < 2.83.83.83 (DSA-2022-069) CVE-2022-24423 11 Apr 2022 7.5 (v3) High Pass PHP 5.5.x < 5.5.27 Multiple Vulnerabilities (BACKRONYM) CVE-2015-3152 CVE-2015-5589 CVE-2015-5590 CVE-2015-8838 10 Jul 2015 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.11 Multiple Vulnerabilities (BACKRONYM) CVE-2015-3152 CVE-2015-5589 CVE-2015-5590 CVE-2015-8838 10 Jul 2015 9.8 (v3) Critical Pass IBM DB2 10.5 <= Fix Pack 5 Multiple Vulnerabilities CVE-2014-8910 CVE-2015-0157 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 18 Jul 2015 9.8 (v3) Critical Pass HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK) CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8142 CVE-2014-8275 CVE-2014-9427 CVE-2014-9652 CVE-2014-9653 CVE-2014-9705 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-1787 CVE-2015-2134 CVE-2015-2301 CVE-2015-2331 CVE-2015-2348 CVE-2015-278722 Jul 2015 7.5 (v2) High Pass Moodle 'external.php' 'badge' Parameter XSS CVE-2013-5674 20 Sep 2013 4.3 (v2) Medium Pass Polycom HDX < 3.1.1.2 Multiple Vulnerabilities 23 Sep 2013 10 (v2) Critical Pass Cisco IronPort PostX < 6.2.9.1 Multiple Vulnerabilities CVE-2010-0143 CVE-2010-0144 CVE-2010-0145 23 Sep 2013 10 (v2) Critical Pass ManageEngine ADSelfService Plus < build 6121 XSS CVE-2022-24681 13 Apr 2022 6.1 (v3) Medium Pass Cisco IOS XE Software Tool Command Language Privilege Escalation (cisco-sa-iosxe-priv-esc-grbtubU) CVE-2022-20676 13 Apr 2022 6.7 (v3) Medium Pass Cisco IOS XE Software for Catalyst 9000 Family Switches Catalyst 9000 Family Wireless Controllers Privilege Escalation (cisco-sa-ewlc-priv-esc-ybvHKO5)CVE-2022-20681 13 Apr 2022 7.8 (v3) High Pass HP System Management Homepage ginkgosnmp.inc Command Injection CVE-2013-3576 25 Sep 2013 9 (v2) High Pass Apache Struts 2 'action:' Parameter Preﬁx Security Constraint Bypass CVE-2013-4310 CVE-2013-4316 27 Sep 2013 6.5 (v3) Medium Pass Dell iDRAC6 / iDRAC7 Login Page 'ErrorMsg' Parameter XSS CVE-2013-3589 13 Oct 2013 4.3 (v2) Medium Pass IBM DB2 10.1 < Fix Pack 3 Multiple Vulnerabilities CVE-2013-3475 CVE-2013-4032 CVE-2013-4033 16 Oct 2013 8.8 (v3) High Pass AjaXplorer < 5.0.1 Multiple Command Execution Vulnerabilities CVE-2013-4267 18 Oct 2013 6.5 (v2) Medium Pass Schneider Electric C-Gate < 2.11.6 Multiple Vulnerabilities CVE-2021-22717 CVE-2021-22719 CVE-2021-22720 26 May 2021 8.8 (v3) High Pass Cogent DataHub < 7.3.0 Multiple Vulnerabilities CVE-2013-0680 CVE-2013-0681 CVE-2013-0682 CVE-2013-0683 22 Oct 2013 7.5 (v2) High Pass Default Password (netoptics) for 'admin' Account CVE-1999-0502 23 Oct 2013 9.8 (v3) Critical Pass Net Optics Director Default Credentials 23 Oct 2013 7.5 (v2) High Pass Zabbix Web Interface Default Administrator Credentials 11 Nov 2013 7.5 (v2) High Pass Drupal Google Site Search Module API Data Handling XSS CVE-2013-4384 15 Nov 2013 4.3 (v2) Medium Pass Oracle JavaServer Faces Multiple Partial Directory Traversals CVE-2013-3827 19 Nov 2013 5 (v2) Medium Pass PineApp Mail-SeCure admin/confnetworking.html Multiple Parameter Remote Command Injection CVE-2013-6829 CVE-2013-6830 22 Nov 2013 8.8 (v3) High Pass nginx < 1.4.4 / 1.5.7 ngx_parse_http Security Bypass CVE-2013-4547 27 Nov 2013 7.3 (v3) High Pass Nagios Looking Glass Addon for Nagios server/s3_download.php File Disclosure 02 Dec 2013 5 (v2) Medium Pass IBM Domino Web Administrator Multiple Vulnerabilities CVE-2013-4050 CVE-2013-4051 CVE-2013-4055 03 Dec 2013 6 (v2) Medium Pass Jenkins Accessible without Credentials 04 Dec 2013 7.5 (v2) High Pass PHP 5.3.x < 5.3.28 Multiple OpenSSL Vulnerabilities CVE-2013-4073 CVE-2013-4248 CVE-2013-6420 14 Dec 2013 7.3 (v3) High Pass ThoughtWorks GoCD Default Administrator Access 25 Jan 2022 9.8 (v3) Critical Pass Microsoft Windows Server Version 2004 Unsupported Version Detection 25 Jan 2022 10 (v3) Critical Pass Microsoft Windows 10 Version 2004 Unsupported Version Detection 25 Jan 2022 10 (v3) Critical Pass GoCD < 21.3.0 Path Traversal 25 Jan 2022 10 (v3) Critical Pass ThoughtWorks GoCD Web interface detection 25 Jan 2022 None Pass PHP 5.4.x < 5.4.23 OpenSSL openssl_x509_parse() Memory Corruption CVE-2013-6420 14 Dec 2013 7.5 (v2) High Pass PHP 5.5.x < 5.5.7 OpenSSL openssl_x509_parse() Memory Corruption CVE-2013-6420 14 Dec 2013 7.5 (v2) High Pass LiveZilla 'mobile/php/translation/index.php' 'g_language' Parameter Local File Inclusion CVE-2013-6225 14 Dec 2013 7.5 (v2) High Pass LiveZilla < 5.1.1.0 Multiple Vulnerabilities CVE-2013-6223 CVE-2013-6224 CVE-2013-6225 CVE-2013-7002 14 Dec 2013 4.3 (v2) Medium Pass Cisco Data Center Network Manager Authorization Bypass Vulnerabilities (cisco-sa-dcnm-authbypass-OHBPbxu)CVE-2021-1269 CVE-2021-1270 01 Jul 2021 6.5 (v3) Medium Pass Tenable Passive Vulnerability Scanner Unsupported Version Detection (remote check) 16 Dec 2013 10 (v2) Critical Pass MySQL 8.0.x < 8.0.26 Multiple Vulnerabilities (Jul 2021 CPU) CVE-2019-17543 CVE-2021-2339 CVE-2021-2340 CVE-2021-2342 CVE-2021-2352 CVE-2021-2354 CVE-2021-2356 CVE-2021-2357 CVE-2021-2367 CVE-2021-2370 CVE-2021-2372 CVE-2021-2374 CVE-2021-2383 CVE-2021-2384 CVE-2021-2385 CVE-2021-2387 CVE-2021-2389 CVE-2021-2390 CVE-2021-2399 CVE-2021-2402 CVE-2021-2410 CVE-2021-2411 CVE-2021-2417 CVE-2021-2418 CVE-2021-2422 CVE-2021-2424 CVE-2021-2425 CVE-2021-2426 CVE-2021-2427 CVE-2021-2429 CVE-2021-2437 CVE-2021-2440 CVE-2021-2441 CVE-2021-3450 CVE-2021-22884 CVE-2021-22901 CVE-2021-25122 CVE-2021-35537 CVE-2021-35583 CVE-2021-3562922 Jul 2021 8.1 (v3) High Pass Oracle Database Server Multiple Vulnerabilities (Jul 2021 CPU) CVE-2018-21010 CVE-2019-12415 CVE-2019-12973 CVE-2019-17545 CVE-2019-17566 CVE-2020-7760 CVE-2020-8908 CVE-2020-10543 CVE-2020-10878 CVE-2020-11987 CVE-2020-11988 CVE-2020-12723 CVE-2020-13956 CVE-2020-15389 CVE-2020-25649 CVE-2020-26870 CVE-2020-27193 CVE-2020-27814 CVE-2020-27841 CVE-2020-27842 CVE-2020-27843 CVE-2020-27844 CVE-2020-27845 CVE-2020-28196 CVE-2021-2326 CVE-2021-2328 CVE-2021-2329 CVE-2021-2330 CVE-2021-2333 CVE-2021-2334 CVE-2021-2335 CVE-2021-2336 CVE-2021-2337 CVE-2021-2351 CVE-2021-2438 CVE-2021-2460 CVE-2021-2333623 Jul 2021 9.8 (v3) Critical Pass Oracle Primavera Gateway (Jul 2021 CPU) CVE-2019-17195 CVE-2020-8203 CVE-2020-25649 CVE-2020-36189 CVE-2021-21290 CVE-2021-21409 22 Jul 2021 9.8 (v3) Critical Pass Oracle E-Business Suite Multiple Vulnerabilities (July 2021 CPU) CVE-2021-2343 CVE-2021-2355 CVE-2021-2359 CVE-2021-2360 CVE-2021-2361 CVE-2021-2362 CVE-2021-2363 CVE-2021-2364 CVE-2021-2365 CVE-2021-2380 CVE-2021-2393 CVE-2021-2398 CVE-2021-2405 CVE-2021-2406 CVE-2021-2415 CVE-2021-2434 CVE-2021-243623 Jul 2021 9.1 (v3) Critical Pass VMware vRealize Operations Manager 7.5.x / 8.x Multiple Vulnerabilities (VMSA-2021-0018) CVE-2021-22022 CVE-2021-22023 CVE-2021-22024 CVE-2021-22025 CVE-2021-22026 CVE-2021-22027 27 Aug 2021 7.5 (v3) High Pass Cisco Application Policy Infrastructure Controller Multiple Vulnerabilities (cisco-sa-capic-mdvul-HBsJBuvW)CVE-2021-1580 CVE-2021-1581 01 Sep 2021 9.1 (v3) Critical Pass MySQL 8.0.x < 8.0.21 Multiple Vulnerabilities (Jul 2020 CPU) CVE-2019-1551 CVE-2020-1967 CVE-2020-5258 CVE-2020-14539 CVE-2020-14540 CVE-2020-14547 CVE-2020-14550 CVE-2020-14553 CVE-2020-14559 CVE-2020-14568 CVE-2020-14575 CVE-2020-14576 CVE-2020-14586 CVE-2020-14591 CVE-2020-14597 CVE-2020-14614 CVE-2020-14619 CVE-2020-14620 CVE-2020-14623 CVE-2020-14624 CVE-2020-14631 CVE-2020-14632 CVE-2020-14633 CVE-2020-14634 CVE-2020-14641 CVE-2020-14643 CVE-2020-14651 CVE-2020-14654 CVE-2020-14656 CVE-2020-14663 CVE-2020-14678 CVE-2020-14680 CVE-2020-14697 CVE-2020-14702 CVE-2020-14725 CVE-2020-14799 CVE-2021-1998 CVE-2021-2012 CVE-2021-202016 Jul 2020 7.5 (v3) High Pass MySQL 5.7.x < 5.7.32 Multiple Vulnerabilities (Oct 2020 CPU) CVE-2020-14672 CVE-2020-14760 CVE-2020-14765 CVE-2020-14769 CVE-2020-14771 CVE-2020-14775 CVE-2020-14776 CVE-2020-14789 CVE-2020-14790 CVE-2020-14793 CVE-2020-14812 CVE-2020-14827 CVE-2020-14867 CVE-2020-1486922 Oct 2020 6.5 (v3) Medium Pass ManageEngine NCM < 12.5.465 SQLi CVE-2021-41081 01 Feb 2022 9.8 (v3) Critical Pass ManageEngine Network Conﬁguration Manager (NCM) Detection 01 Feb 2022 None Pass VMware vCenter Server < 6.7 Multiple Vulnerabilities (VMSA-2021-0020) CVE-2021-21991 CVE-2021-21992 CVE-2021-21993 CVE-2021-22005 CVE-2021-22006 CVE-2021-22007 CVE-2021-22008 CVE-2021-22009 CVE-2021-22010 CVE-2021-22011 CVE-2021-22014 CVE-2021-22015 CVE-2021-22016 CVE-2021-22017 CVE-2021-22019 CVE-2021-2202022 Sep 2021 9.8 (v3) Critical Pass VMware vCenter Server < 7.0 U2c Multiple Vulnerabilities (VMSA-2021-0020) CVE-2021-21991 CVE-2021-21992 CVE-2021-21993 CVE-2021-22005 CVE-2021-22006 CVE-2021-22007 CVE-2021-22008 CVE-2021-22009 CVE-2021-22010 CVE-2021-22014 CVE-2021-22015 CVE-2021-22019 CVE-2021-2202022 Sep 2021 9.8 (v3) Critical Pass VMware vCenter Server < 6.5 U3q Multiple Vulnerabilities (VMSA-2021-0020) CVE-2021-21991 CVE-2021-21992 CVE-2021-21993 CVE-2021-22008 CVE-2021-22009 CVE-2021-22011 CVE-2021-22012 CVE-2021-22013 CVE-2021-22014 CVE-2021-22015 CVE-2021-22017 CVE-2021-2201922 Sep 2021 7.8 (v3) High Pass Apache Traﬃc Server Version 04 Apr 2012 None Pass PolarSSL 'asn1_get_sequence_of' Function Uninitialized Pointer RCE CVE-2015-1182 28 Jan 2015 10 (v3) Critical Pass LDAP NULL BASE Search Access 13 Aug 2001 5 (v2) Medium Pass Apache Traﬃc Server - HTTP Smuggling and Cache poisoning CVE-2018-8004 28 May 2020 6.5 (v3) Medium Pass Atlassian Jira < 8.21.0 Broken Access Control (JRASERVER-73071) CVE-2021-43946 27 Jan 2022 6.5 (v3) Medium Pass Jenkins LTS < 2.303.2 / Jenkins weekly < 2.315 Multiple Vulnerabilities CVE-2014-3577 CVE-2021-21682 CVE-2021-21683 CVE-2021-21684 13 Oct 2021 6.5 (v3) Medium Pass SolarWinds Orion Platform < 2020.2.6 HF1 Multiple Vulnerabilities CVE-2021-35219 CVE-2021-35220 CVE-2021-35221 CVE-2021-35222 CVE-2021-35238 CVE-2021-35239 CVE-2021-35240 22 Oct 2021 9.6 (v3) Critical Pass EtherNet/IP CIP EDS Metadata 27 May 2016 None Pass Cisco UCS Platform Emulator Web UI Detection 06 Jul 2016 None Pass Citrix XenDesktop Director Detection 04 Nov 2013 None Pass HP Data Protector 8.x Arbitrary Command Execution (HPSBMU03072) CVE-2014-2623 21 Jul 2014 10 (v2) Critical Pass SonicWall SonicOS Firewall Multiple Management Vulnerabilities (URGENT/11) CVE-2019-12255 CVE-2019-12256 CVE-2019-12257 CVE-2019-12258 CVE-2019-12259 CVE-2019-12260 CVE-2019-12261 CVE-2019-12262 CVE-2019-12263 CVE-2019-12264 CVE-2019-1226529 Jul 2019 9.8 (v3) Critical 51

Pass Pulse Connect Secure Arbitrary File Read Vulnerability (CVE-2019-11510) CVE-2019-11510 16 Aug 2019 10 (v3) Critical Pass Apple AirPlay Web Detection 14 Aug 2019 None Pass Jenkins Enterprise and Operations Center < 2.249.31.0.4 / 2.277.4.3 Multiple Vulnerabilities (CloudBees Security Advisory 2021-05-11)CVE-2021-21648 CVE-2021-21649 CVE-2021-21650 CVE-2021-21651 CVE-2021-21652 CVE-2021-21653 CVE-2021-21654 CVE-2021-21655 CVE-2021-2165608 Nov 2021 7.1 (v3) High Pass QNAP QTS / QuTS hero Multiple Vulnerabilities in Samba (QSA-22-03) CVE-2021-44141 CVE-2021-44142 CVE-2022-0336 05 Apr 2022 8.8 (v3) High Pass QNAP QTS / QuTS Hero DEADBOLT Ransomware (QSA-22-02) 05 Apr 2022 9.8 (v3) Critical Pass QNAP QTS / QuTS hero Insuﬃcient HTTP Security Headers (QSA-21-03) CVE-2018-19957 07 Apr 2022 6.1 (v3) Medium Pass QNAP QTS / QuTS hero Command Injection (QSA-21-05) CVE-2020-2509 19 Apr 2022 9.8 (v3) Critical Pass Oracle MySQL Enterprise Monitor (Apr 2022 CPU) CVE-2021-41184 CVE-2021-42340 CVE-2021-44832 CVE-2022-0778 CVE-2022-22965 CVE-2022-23181 CVE-2022-23305 20 Apr 2022 9.8 (v3) Critical Pass Cisco IOS XE Software IOx Application Hosting Environment (cisco-sa-iox-yuXQ6hFj) CVE-2022-20677 CVE-2022-20718 CVE-2022-20719 CVE-2022-20720 CVE-2022-20721 CVE-2022-20722 CVE-2022-20723 CVE-2022-20724 CVE-2022-20725 CVE-2022-2072722 Apr 2022 7.5 (v3) High Pass OpenSSL 1.1.1 < 1.1.1o Vulnerability CVE-2022-1292 03 May 2022 9.8 (v3) Critical Pass GitLab 1.0.2 < 14.8.6 Multiple Vulnerabilities CVE-2022-1413 CVE-2022-1416 CVE-2022-1423 06 May 2022 8.8 (v3) High Pass ManageEngine Access Manager Plus REST API Restriction Bypass (CVE-2022-29081) CVE-2022-29081 09 May 2022 9.8 (v3) Critical Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M5 vulnerability CVE-2020-9484 22 Jun 2021 7 (v3) High Pass Apache Struts Unsupported Version Detection 13 Sep 2018 10 (v3) Critical Pass Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge DoS (cisco-sa-n9kaci-queue-wedge-cLDDEfKF)CVE-2021-1523 21 Feb 2022 8.6 (v3) High Pass ManageEngine ADManager Plus < Build 7115 RCE CVE-2021-42002 25 Feb 2022 9.8 (v3) Critical Pass Cisco NX-OS Software NX-API Command Injection (cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2) CVE-2022-20650 03 Mar 2022 8.8 (v3) High Pass Cisco NX-OS Software Cisco Fabric Services Over IP DoS (cisco-sa-cfsoip-dos-tpykyDr) CVE-2022-20624 03 Mar 2022 7.5 (v3) High Pass Cisco TelePresence Video Communication Server Bash Remote Code Execution (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 21 Oct 2014 10 (v2) Critical Pass Intel Management Engine Insecure Read / Write Operations RCE (INTEL-SA-00075) (remote check) CVE-2017-5689 03 May 2017 9.8 (v3) Critical Pass Pgbouncer Service Detection 17 Aug 2016 None Pass VMware ESX Multiple Bash Vulnerabilities (VMSA-2014-0010) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 30 Dec 2015 10 (v2) Critical Pass Visual Mining NetCharts Server Web UI Detection 02 Dec 2014 None Pass GNU Bash Local Environment Variable Handling Command Injection via Telnet (CVE-2014-7169) (Shellshock)CVE-2014-7169 25 Sep 2014 10 (v2) Critical Pass Gurock TestRail Detection 21 Aug 2014 None Pass EMC Documentum D2 Detection (credentialed) 21 Aug 2014 None Pass VMware Workspace Portal Multiple Bash Shell Vulnerabilities (VMSA-2014-0010) (Shellshock) CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 04 Nov 2014 10 (v2) Critical Pass Cisco Wireless LAN Controller Multiple Vulnerabilities CVE-2018-0417 CVE-2018-0441 CVE-2018-0442 CVE-2018-0443 26 Oct 2018 7.5 (v3) High Pass Apache Solr Conﬁg API Velocity Template RCE (Direct Check) CVE-2019-17558 06 Dec 2019 7.5 (v3) High Pass Cisco Small Business RV Series Routers Multiple Vulnerabilities (cisco-sa-sb-rv-bypass-inject-Rbhgvfdx) CVE-2021-1472 CVE-2021-1473 15 Apr 2021 9.8 (v3) Critical Pass VMware vCenter Server RCE (direct check) CVE-2021-21972 25 Feb 2021 9.8 (v3) Critical Pass Trend Micro ServerProtect Static Credential (CVE-2022-25329) CVE-2022-25329 07 Mar 2022 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.6 / 2.303.x < 2.303.30.0.5 / 2.319.3.3 Multiple DoS (CloudBees Security Advisory 2022-02-09)CVE-2021-43859 CVE-2022-0538 07 Mar 2022 7.5 (v3) High Pass IBM WebSphere Application Server 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.20 / 9.0.x < 9.0.5.8 Multiple VulnerabilitiesCVE-2011-1498 CVE-2012-6153 CVE-2014-3577 CVE-2015-5262 20 May 2021 8.1 (v3) High Pass Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST) CVE-2011-3389 07 Feb 2014 4.3 (v2) Medium Pass Citrix SD-WAN Center Test Build Network DoS (CTX297155) CVE-2020-8299 18 Jun 2021 6.5 (v3) Medium Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX297155) CVE-2020-8299 CVE-2020-8300 18 Jun 2021 6.5 (v3) Medium Pass PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities CVE-2013-7226 CVE-2013-7327 CVE-2013-7328 CVE-2014-2020 14 Feb 2014 6.8 (v2) Medium Pass Symantec Encryption Management Server < 3.3.2 Information Disclosure CVE-2014-1643 14 Feb 2014 4 (v2) Medium Pass JForum jforum.page start Parameter XSS CVE-2012-5337 14 Feb 2014 4.3 (v2) Medium Pass MediaWiki thumb.php 'w' Parameter Remote Shell Command Injection CVE-2014-1610 21 Feb 2014 8.8 (v3) High Pass Serv-U FTP Server < 15.0.1.20 DoS 24 Feb 2014 5 (v2) Medium Pass PostgreSQL 8.4 < 8.4.20 / 9.0 < 9.0.16 / 9.1 < 9.1.12 / 9.2 < 9.2.7 / 9.3 < 9.3.3 Multiple Vulnerabilities CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-2669 24 Feb 2014 9.8 (v3) Critical Pass Cisco IOS HTTP Client Information Disclosure Vulnerability (cisco-sa-20190925-http-client) CVE-2019-12665 10 Oct 2019 7.4 (v3) High Pass Cisco IOS XR Software for Cisco 8000 and NCS 540 Routers Image Veriﬁcation Vulnerabilities (cisco-sa-ioxrCVE-2021-1136 CVE-2021-1244-l-zNhcGCBt) 11 Mar 2021 6.7 (v3) Medium Pass MailEnable IMAP Server SEARCH Command Remote DoS CVE-2004-2194 17 Oct 2004 5 (v2) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.11 / 10.0.x < 10.0.7 / 10.1.x < 10.1.2 VCVE-2021-3054ulnerability 08 Sep 2021 6.6 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.10 / 10.0.x < 10.0.6 Vulnerability CVE-2021-3055 08 Sep 2021 6.5 (v3) Medium Pass Serendipity Multiple Script HTTP Response Splitting CVE-2004-1620 21 Oct 2004 4.3 (v2) Medium Pass Juniper Junos OS DoS (JSA11185) CVE-2021-0281 14 Sep 2021 7.5 (v3) High Pass Cisco Small Business RV Series Routers Link Layer Discovery Protocol Multiple Vulnerabilities (cisco-sa-rv-multi-lldp-u7e4chCe)CVE-2021-1251 CVE-2021-1308 CVE-2021-1309 14 Sep 2021 8.8 (v3) High Pass SquirrelMail < 1.2.11 Multiple Script XSS CVE-2004-0639 06 Aug 2004 4.3 (v2) Medium Pass IBM WebSphere Application Server Information Disclosure (6489485) CVE-2021-29842 23 Sep 2021 5.3 (v3) Medium Pass Moodle 'post.php' 'reply' Parameter XSS CVE-2004-1711 11 Aug 2004 4.3 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11226) CVE-2021-0283 CVE-2021-31364 13 Oct 2021 7.5 (v3) High Pass Juniper Junos OS DoS (JSA11285) CVE-2022-22179 18 Jan 2022 6.5 (v3) Medium Pass phpMyFAQ index.php action Parameter Local File Inclusion CVE-2004-2255 11 Aug 2004 5 (v2) Medium Pass WowBB <= 1.61 Multiple Vulnerabilities CVE-2004-2180 CVE-2004-2181 25 Oct 2004 7.5 (v2) High Pass PostNuke Trojaned Distribution 26 Oct 2004 7.5 (v2) High Pass Unpassworded 'bash' Backdoor Account CVE-1999-0502 30 Oct 2004 9.8 (v3) Critical Pass Web Server SSL Port HTTP Traﬃc Detection 01 Nov 2004 None Pass YaPiG < 0.92.2 Multiple Scripts Arbitrary Command Execution 13 Aug 2004 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA11196) CVE-2021-0294 19 Nov 2021 5.3 (v3) Medium Pass Adobe Experience Manager 6.5.0.0 < 6.5.11.0 Multiple Vulnerabilities (APSB21-103) CVE-2021-40711 CVE-2021-40712 CVE-2021-40722 CVE-2021-42725 CVE-2021-43761 CVE-2021-43762 CVE-2021-43764 CVE-2021-43765 CVE-2021-44176 CVE-2021-44177 CVE-2021-4417814 Dec 2021 9.8 (v3) Critical Pass Jenkins < 1.551 / 1.532.2 and Jenkins Enterprise 1.509.x / 1.532.x < 1.509.5.1 / 1.532.2.2 Multiple VulnerabilitiesCVE-2013-5573 CVE-2013-7285 CVE-2013-7330 CVE-2014-2058 CVE-2014-2060 CVE-2014-2061 CVE-2014-2062 CVE-2014-2063 CVE-2014-2064 CVE-2014-2065 CVE-2014-2066 CVE-2014-206825 Feb 2014 7.5 (v2) High Pass Jenkins < 1.545 Subversion Plugin Information Disclosure CVE-2013-6372 28 Feb 2014 2.1 (v2) Low Pass Grails resources plug-in WEB-INF / META-INF File Disclosure CVE-2014-0053 CVE-2014-2857 CVE-2014-2858 01 Mar 2014 5 (v2) Medium Pass Oracle WebCenter Sites Default Credentials Check 03 Mar 2014 7.5 (v2) High Pass IBM Domino < 8.5.3 FP 6 IF 1 / 9.0.1 IF 2 DoS CVE-2014-0822 04 Mar 2014 7.8 (v2) High Pass IBM Rational Focal Point Default Credentials 06 Mar 2014 7.5 (v2) High Pass Horde Application Framework Help Window Multiple Parameter XSS CVE-2004-2741 02 Nov 2004 4.3 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11262) CVE-2022-22154 12 Jan 2022 6.8 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11272) CVE-2022-22164 12 Jan 2022 5.3 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11283) CVE-2022-22177 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11265) CVE-2022-22157 CVE-2022-22167 12 Jan 2022 9.8 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11269) CVE-2022-22161 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11261) CVE-2022-22153 12 Jan 2022 7.5 (v3) High Pass Moodle < 1.4.3 Multiple Vulnerabilities CVE-2004-1424 CVE-2004-1425 CVE-2004-2232 06 Nov 2004 7.5 (v2) High Pass PHP 5.4.x < 5.4.26 Multiple Vulnerabilities CVE-2014-1943 CVE-2014-2270 07 Mar 2014 5 (v2) Medium Pass PHP 5.5.x < 5.5.10 Multiple Vulnerabilities CVE-2014-1943 CVE-2014-2270 07 Mar 2014 5 (v2) Medium Pass HP System Management Homepage < 7.3 Multiple Vulnerabilities CVE-2013-4846 CVE-2013-6188 12 Mar 2014 6.8 (v2) Medium Pass phpGroupWare index.php Addressbook XSS CVE-2003-0504 17 Aug 2004 4.3 (v2) Medium Pass Apache 2.4.x < 2.4.8 Multiple Vulnerabilities CVE-2013-6438 CVE-2014-0098 18 Mar 2014 5.3 (v3) Medium Pass Oracle Reports Servlet Parsequery Function Remote Database Credentials Exposure CVE-2012-3153 20 Mar 2014 6.4 (v2) Medium Pass Oracle BI Publisher Default Credentials Check 20 Mar 2014 7.5 (v2) High Pass IceWarp Web Mail Multiple Flaws (2) 06 Nov 2004 4.3 (v2) Medium Pass Oracle Business Intelligence Publisher (October 2012 CPU) CVE-2012-3193 CVE-2012-3194 20 Mar 2014 4.3 (v2) Medium Pass DNN (DotNetNuke) < 7.2.2 Unspeciﬁed XSS 24 Mar 2014 3.5 (v2) Low Pass phpGroupWare Admin/Setup Password Plaintext Cookie Storage CVE-2004-2578 17 Aug 2004 5 (v2) Medium Pass Apache Struts 2 'class' Parameter ClassLoader Manipulation CVE-2014-0094 26 Mar 2014 5.3 (v3) Medium Pass PHP PHP_RSHUTDOWN_FUNCTION Security Bypass CVE-2012-1171 01 Apr 2014 5 (v2) Medium Pass Default Password (ironport) for 'enablediag' Account CVE-1999-0502 02 Apr 2014 9.8 (v3) Critical Pass Jenkins HP Application Automation Tools Plugin Password Encryption Security Weakness 02 Apr 2014 5 (v2) Medium Pass PHP 5.4.x < 5.4.27 awk Magic Parsing BEGIN DoS CVE-2013-7345 04 Apr 2014 5 (v2) Medium Pass Default Password (rain) for 'root' Account CVE-1999-0502 07 Apr 2014 9.8 (v3) Critical Pass HP LeftHand OS Unmanaged Host Detection 10 Apr 2014 10 (v2) Critical Pass RuggedCom RuggedOS HTTP Traﬃc Handling Remote DoS CVE-2014-2590 15 Apr 2014 5 (v2) Medium Pass phpGroupWare Calendar Module Holiday File Save Extension Feature Arbitrary File Execution CVE-2004-0016 17 Aug 2004 7.5 (v2) High Pass nginx < 1.4.7 / 1.5.12 SPDY Heap Buﬀer Overﬂow CVE-2014-0133 15 Apr 2014 5.6 (v3) Medium Pass Liferay Portal 6.2.0 CE GA1 Multiple XSS 15 Apr 2014 4.3 (v2) Medium Pass phpGroupWare Multiple Module SQL Injection CVE-2004-0017 17 Aug 2004 7.5 (v2) High Pass CommonSpot < 7.0.2 / 8.0.3 / 9.0.0 Multiple Vulnerabilities CVE-2014-2859 CVE-2014-2860 CVE-2014-2861 CVE-2014-2862 CVE-2014-2863 CVE-2014-2864 CVE-2014-2865 CVE-2014-2866 CVE-2014-2867 CVE-2014-2868 CVE-2014-2869 CVE-2014-2870 CVE-2014-2871 CVE-2014-2872 CVE-2014-2873 CVE-2014-287418 Apr 2014 10 (v2) Critical Pass Atmail Webmail 3.x < 3.6.4 (3.64) Multiple Vulnerabilities 18 Apr 2014 6.8 (v2) Medium Pass Atmail Webmail 4.5.1 (4.51) / 5.x < 5.0.3 (5.03) util.pl Cross-Site Request Forgery CVE-2006-6701 18 Apr 2014 7.5 (v2) High Pass Atmail Webmail < 5.4.2 (5.42) Multiple Information Disclosure Vulnerabilities CVE-2008-3395 CVE-2008-3579 18 Apr 2014 7.8 (v2) High Pass Atmail Webmail < 6.3.5 Multiple XSS Vulnerabilities 18 Apr 2014 4.3 (v2) Medium Pass Atmail Webmail < 6.6.2 Exim Buﬀer Overﬂow CVE-2012-5671 18 Apr 2014 6.8 (v2) Medium Pass Atmail Webmail 6.6.x < 6.6.3 / 7.x < 7.0.3 File Name Parameter XSS CVE-2013-2585 18 Apr 2014 4.3 (v2) Medium Pass Default Password (nas4free) for 'root' Account CVE-1999-0502 14 Apr 2014 9.8 (v3) Critical Pass Trend Micro Scanmail for Domino nsf File Information Disclosure CVE-2004-1003 19 Aug 2004 6.4 (v2) Medium Pass ZixForum ZixForum.mdb DIrect Request Database Disclosure CVE-2007-0543 22 Aug 2004 5 (v2) Medium Pass Oracle OpenSSO Multiple Vulnerabilities (April 2014 CPU) CVE-2014-0465 CVE-2014-2425 CVE-2014-2426 28 Apr 2014 4.9 (v2) Medium 52

Pass phpGroupWare phpgw.inc.php phpgw_info Parameter Remote File Inclusion CVE-2001-0043 13 Nov 2004 10 (v2) Critical Pass ManageEngine ServiceDesk Plus Multiple Versions Authentication Bypass CVE-2021-37415 04 Feb 2022 9.8 (v3) Critical Pass Nagios NRPE Command Argument Processing Enabled CVE-2014-2913 29 Apr 2014 7.5 (v2) High Pass Apache Struts 2 ClassLoader Manipulation Incomplete Fix for Security Bypass CVE-2014-0112 CVE-2014-0113 29 Apr 2014 7.5 (v2) High Pass Nortel Multiple Default Accounts 13 Nov 2004 7.5 (v3) High Pass PHP 5.4.x < 5.4.28 FPM Unix Socket Insecure Permission Escalation CVE-2014-0185 05 May 2014 7.2 (v2) High Pass PHP 5.5.x < 5.5.12 FPM Unix Socket Insecure Permission Escalation CVE-2014-0185 05 May 2014 7.2 (v2) High Pass Apache Struts ClassLoader Manipulation CVE-2014-0114 08 May 2014 7.5 (v2) High Pass IBM Domino 9.x < 9.0.1 Fix Pack 1 Multiple Vulnerabilities (uncredentialed check) CVE-2013-0408 CVE-2013-3829 CVE-2013-4002 CVE-2013-4041 CVE-2013-5372 CVE-2013-5375 CVE-2013-5456 CVE-2013-5457 CVE-2013-5458 CVE-2013-5772 CVE-2013-5774 CVE-2013-5776 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5787 CVE-2013-5788 CVE-2013-5789 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5805 CVE-2013-5806 CVE-2013-5809 CVE-2013-5812 CVE-2013-5814 CVE-2013-5817 CVE-2013-5818 CVE-2013-5819 CVE-2013-5820 CVE-2013-5823 CVE-2013-5824 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5831 CVE-2013-5832 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5848 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851 CVE-2013-5878 CVE-2013-5884 CVE-2013-5887 CVE-2013-5888 CVE-2013-5889 CVE-2013-5893 CVE-2013-5896 CVE-2013-5898 CVE-2013-5899 CVE-2013-5902 CVE-2013-5904 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0375 CVE-2014-0376 CVE-2014-0387 CVE-2014-0403 CVE-2014-0410 CVE-2014-0411 CVE-2014-0415 CVE-2014-0416 CVE-2014-0417 CVE-2014-0418 CVE-2014-0422 CVE-2014-0423 CVE-2014-0424 CVE-2014-0428 CVE-2014-089212 May 2014 10 (v2) Critical Pass IBM Domino 8.5.3 FP6 / 9.0.1 < 8.5.3 FP6 IF2 / 9.0.1 FP1 iNotes XSS CVE-2014-0913 19 May 2014 4.3 (v2) Medium Pass Juniper NSM Remote Code Execution (JSA10625) CVE-2014-3411 22 May 2014 10 (v2) Critical Pass Open Web Analytics owa_email_address SQL Injection CVE-2014-1206 27 May 2014 7.5 (v2) High Pass Western Digital Arkeia Virtual Appliance Blank Password 28 May 2014 7.5 (v2) High Pass IBM Domino 9.0 < 9.0.0 Interim Fix 4 iNotes Buﬀer Overﬂow CVE-2013-4068 28 May 2014 7.1 (v2) High Pass PHP 5.4.x < 5.4.29 'src/cdf.c' Multiple Vulnerabilities CVE-2014-0237 CVE-2014-0238 03 Jun 2014 5 (v2) Medium Pass PHP 5.5.x < 5.5.13 'src/cdf.c' Multiple Vulnerabilities CVE-2014-0237 CVE-2014-0238 03 Jun 2014 5 (v2) Medium Pass IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities CVE-2013-0169 CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 18 Jun 2014 7.5 (v3) High Pass IBM DB2 10.5 < Fix Pack 3a Multiple Vulnerabilities CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 18 Jun 2014 7.5 (v3) High Pass IBM DB2 9.5 <= Fix Pack 9 or 10 Multiple Vulnerabilities CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 18 Jun 2014 7.5 (v3) High Pass IBM DB2 9.7 < Fix Pack 9a Multiple Vulnerabilities CVE-2013-6744 CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 18 Jun 2014 7.5 (v3) High Pass IBM DB2 9.8 <= Fix Pack 5 Multiple Vulnerabilities CVE-2013-6747 CVE-2014-0907 CVE-2014-0963 CVE-2014-8910 CVE-2015-0157 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-193518 Jun 2014 9.8 (v3) Critical Pass IBM DB2 Stored Procedure Infrastructure Privilege Escalation Vulnerability CVE-2013-6744 18 Jun 2014 8.8 (v3) High Pass AWStats rawlog.pm logﬁle Parameter Arbitrary Command Execution 23 Aug 2004 7.5 (v2) High Pass AlienVault OSSIM 'av-centerd' Remote Code Execution CVE-2014-3805 23 Jun 2014 10 (v2) Critical Pass AlienVault OSSIM 'av-centerd' get_ﬁle() Information Disclosure CVE-2014-4153 25 Jun 2014 7.8 (v2) High Pass Revive Adserver < 3.0.5 Multiple CSRF Vulnerabilities CVE-2013-5954 26 Jun 2014 6.8 (v2) Medium Pass Revive Adserver 'www/delivery/axmlrpc.php' 'what' Parameter SQL Injection CVE-2013-7149 26 Jun 2014 8.8 (v3) High Pass PHP 5.4.x < 5.4.30 Multiple Vulnerabilities CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049 CVE-2014-472127 Jun 2014 7.5 (v2) High Pass PHP 5.5.x < 5.5.14 Multiple Vulnerabilities CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049 CVE-2014-472127 Jun 2014 7.5 (v2) High Pass Ericom AccessNow Server < 3.3.1.4095 Stack-Based Buﬀer Overﬂow CVE-2014-3913 30 Jun 2014 10 (v2) Critical Pass OpenX Source Unsupported Software Detection 30 Jun 2014 10 (v2) Critical Pass PHP-Fusion Database Backup Disclosure CVE-2004-1724 23 Aug 2004 5 (v2) Medium Pass Apache 2.4.x < 2.4.10 Multiple Vulnerabilities CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 21 Jul 2014 7.3 (v3) High Pass HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 02 Jul 2014 6.8 (v2) Medium Pass PHP 5.5.x < 5.5.15 Multiple Vulnerabilities CVE-2014-4670 CVE-2014-4698 25 Jul 2014 4.6 (v2) Medium Pass PHP 5.4.x < 5.4.31 CLI Server 'header' DoS 25 Jul 2014 2.6 (v2) Low Pass HP StoreVirtual 4000 and StoreVirtual VSA Software < 11.5 Multiple Vulnerabilities CVE-2014-2605 CVE-2014-2606 30 Jul 2014 9 (v2) High Pass IBM Tivoli Storage Manager Server 5.5.x Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2013-0169 11 Aug 2014 2.6 (v2) Low Pass IBM Tivoli Storage Manager Server 6.1.x Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2013-0169 11 Aug 2014 2.6 (v2) Low Pass IBM Tivoli Storage Manager Server 6.2.x < 6.2.6.0 Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2013-0169 11 Aug 2014 2.6 (v2) Low Pass IBM Tivoli Storage Manager Server 6.3.x < 6.3.4.200 Information Disclosure CVE-2013-0169 11 Aug 2014 2.6 (v2) Low Pass Oracle Business Intelligence Publisher April 2012 Critical Patch Update CVE-2012-0543 15 Aug 2014 4.3 (v2) Medium Pass Gurock TestRail < 3.1.3 XSS CVE-2014-4857 21 Aug 2014 4.3 (v2) Medium Pass TikiWiki Unauthorized Page Access 23 Aug 2004 5 (v2) Medium Pass phpScheduleIt 1.0.0 RC1 Multiple XSS CVE-2004-1651 01 Sep 2004 4.3 (v2) Medium Pass Oracle Database Multiple Remote Vulnerabilities (Mar 2005) CVE-2004-0637 CVE-2004-0638 CVE-2004-1362 CVE-2004-1363 CVE-2004-1364 CVE-2004-1365 CVE-2004-1366 CVE-2004-1367 CVE-2004-1368 CVE-2004-1369 CVE-2004-1370 CVE-2004-137102 Sep 2004 7.5 (v2) High Pass MailEnable Professional HTTPMail GET Request Remote Overﬂow CVE-2004-2727 03 Sep 2004 4.3 (v2) Medium Pass Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642) CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2012-0031 CVE-2012-0053 CVE-2012-5081 CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 CVE-2013-1537 CVE-2013-2407 CVE-2013-2451 CVE-2013-2457 CVE-2013-2461 CVE-2013-4002 CVE-2013-5780 CVE-2013-5802 CVE-2013-5803 CVE-2013-5823 CVE-2013-5825 CVE-2013-5830 CVE-2014-0411 CVE-2014-0423 CVE-2014-0453 CVE-2014-046022 Aug 2014 10 (v2) Critical Pass PHP 5.4.x < 5.4.32 Multiple Vulnerabilities CVE-2014-2497 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670 CVE-2014-4698 CVE-2014-5120 27 Aug 2014 6.8 (v2) Medium Pass PHP 5.5.x < 5.5.16 Multiple Vulnerabilities CVE-2014-2497 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-5120 27 Aug 2014 6.8 (v2) Medium Pass Apache Tomcat 8.0.x < 8.0.11 Multiple OpenSSL Vulnerabilities CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 02 Sep 2014 9.3 (v3) Critical Pass Ipswitch IMail Server < 8.13 Multiple Remote DoS CVE-2004-2422 CVE-2004-2423 08 Sep 2004 5 (v2) Medium Pass phpGroupWare Wiki Module XSS CVE-2004-0875 13 Sep 2004 4.3 (v2) Medium Pass ManageEngine EventLog Analyzer 'j_username' XSS CVE-2014-5103 02 Sep 2014 4.3 (v2) Medium Pass IBM DB2 10.5 < Fix Pack 4 Multiple Vulnerabilities CVE-2013-6371 CVE-2014-3094 CVE-2014-3095 CVE-2014-4805 09 Sep 2014 8.8 (v3) High Pass MailEnable SMTP Connector Service DNS MX Response DoS 13 Sep 2004 5 (v2) Medium Pass IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check) CVE-2013-6629 CVE-2013-6954 CVE-2014-0429 CVE-2014-0446 CVE-2014-0448 CVE-2014-0449 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-0963 CVE-2014-1876 CVE-2014-2398 CVE-2014-2401 CVE-2014-2402 CVE-2014-2409 CVE-2014-2412 CVE-2014-2414 CVE-2014-2420 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2014-242823 Sep 2014 10 (v2) Critical Pass GNU Bash Environment Variable Handling Code Injection (Shellshock) CVE-2014-6271 24 Sep 2014 9.8 (v3) Critical Pass Postﬁx Script Remote Command Execution via Shellshock CVE-2014-6271 CVE-2014-7169 29 Sep 2014 10 (v2) Critical Pass Qmail Remote Command Execution via Shellshock CVE-2014-6271 CVE-2014-7169 29 Sep 2014 10 (v2) Critical Pass Cisco VPN 3000 Concentrator Multiple Service Banner System Information Disclosure (CSCdu35577 HTTP Check)CVE-2002-1094 14 Sep 2004 5 (v2) Medium Pass HP System Management Homepage < 7.4 Multiple Vulnerabilities CVE-2013-4545 CVE-2013-6420 CVE-2013-6422 CVE-2013-6712 CVE-2014-2640 CVE-2014-2641 CVE-2014-2642 08 Oct 2014 7.5 (v2) High Pass nginx < 1.6.2 / 1.7.5 SSL Session Reuse CVE-2014-3616 13 Oct 2014 5.3 (v3) Medium Pass Drupal Database Abstraction API SQLi CVE-2014-3704 16 Oct 2014 7.5 (v2) High Pass PHP 5.4.x < 5.4.34 Multiple Vulnerabilities CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 17 Oct 2014 7.5 (v2) High Pass PHP 5.5.x < 5.5.18 Multiple Vulnerabilities CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 17 Oct 2014 7.5 (v2) High Pass PHP 5.6.x < 5.6.2 Multiple Vulnerabilities CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 17 Oct 2014 7.5 (v2) High Pass Cisco TelePresence VCS / Expressway Series < 8.2 Multiple DoS Vulnerabilities CVE-2014-3368 CVE-2014-3369 CVE-2014-3370 22 Oct 2014 7.5 (v3) High Pass Cisco UCS Director Default Credentials (Web UI) 31 Oct 2014 7.5 (v2) High Pass SIP Script Remote Command Execution via Shellshock CVE-2014-6271 03 Nov 2014 9.8 (v3) Critical Pass Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple VCVE-2013-2186 CVE-2014-1869 CVE-2014-3661 CVE-2014-3662 CVE-2014-3663 CVE-2014-3664 CVE-2014-3666 CVE-2014-3667 CVE-2014-3678 CVE-2014-3679 CVE-2014-3680 CVE-2014-3681ulnerabilities 04 Nov 2014 9.8 (v3) Critical Pass Default Password (password) for 'cmc' Account CVE-1999-0502 07 Nov 2014 9.8 (v3) Critical Pass PHP 5.4.x < 5.4.35 'donote' DoS CVE-2014-3710 14 Nov 2014 5 (v2) Medium Pass PHP 5.5.x < 5.5.19 'donote' DoS CVE-2014-3710 14 Nov 2014 5 (v2) Medium Pass LiveZilla < 5.3.0.8 XSS 21 Nov 2014 4.3 (v2) Medium Pass Default Password (TANDBERG) for 'root' Account CVE-1999-0502 26 Nov 2014 9.8 (v3) Critical Pass LogAnalyzer < 3.6.6 index.php / detail.php 'hostname' Parameter XSS CVE-2014-6070 05 Dec 2014 4.3 (v2) Medium Pass Eudora WorldMail Unsupported 18 Jul 2012 10 (v2) Critical Pass PHP 5.4.x < 5.4.5 _php_stream_scandir Overﬂow CVE-2012-2688 20 Jul 2012 10 (v2) Critical Pass Apache Struts struts-examples upload-submit.do 'theText' Parameter XSS CVE-2012-1007 23 Jul 2012 4.3 (v2) Medium Pass Apache Struts 2 struts2-rest-showcase orders 'clientName' Parameter Persistent XSS CVE-2012-1006 23 Jul 2012 4.3 (v2) Medium Pass Apache Struts 2 struts2-showcase edit-person.action Persistent XSS CVE-2012-1006 23 Jul 2012 4.3 (v2) Medium Pass Serendipity comment.php url Parameter SQL Injection CVE-2012-2762 23 Jul 2012 7.5 (v2) High Pass IBM DB2 9.1 < Fix Pack 12 Multiple Vulnerabilities CVE-2012-0711 CVE-2012-2194 CVE-2012-2196 CVE-2012-2197 23 Jul 2012 7.3 (v3) High Pass nginx on Windows Directory Aliases Access Restriction Bypass CVE-2011-4963 02 Aug 2012 5.3 (v3) Medium Pass Atmail Email Server WebAdmin Control Panel dbconﬁg.ini Information Disclosure 06 Aug 2012 5.3 (v3) Medium Pass Horde Kronolith js/kronolith.js Multiple View XSS CVE-2012-6620 07 Aug 2012 4.3 (v2) Medium Pass WebLogic < 8.1 SP3 Multiple Vulnerabilities CVE-2004-2320 14 Sep 2004 7.8 (v2) High Pass PostNuke News Module article.php sid Parameter XSS 15 Sep 2004 4.3 (v2) Medium Pass EMC AutoStart ftAgent Multiple Remote Code Execution Vulnerabilities (ESA-2012-020) CVE-2012-0409 10 Aug 2012 7.5 (v2) High Pass Umbraco codeEditorSave.asmx SaveDLRScript Operation Traversal File Upload Arbitrary Command Execution 13 Aug 2012 7.5 (v2) High Pass TUTOS < 1.2 Multiple Input Validation Vulnerabilities CVE-2003-0481 CVE-2004-2161 CVE-2004-2162 21 Sep 2004 7.5 (v2) High Pass vBulletin authorize.php x_invoice_num Parameter SQL Injection CVE-2004-2695 21 Sep 2004 7.5 (v2) High Pass phpMyBackupPro < 1.0.0 Unspeciﬁed Input Validation Issues 21 Sep 2004 7.5 (v2) High Pass LogAnalyzer index.php 'ﬁlter' Parameter XSS 17 Sep 2012 4.3 (v2) Medium Pass LogAnalyzer index.php 'highlight' Parameter XSS CVE-2012-3790 17 Sep 2012 4.3 (v2) Medium Pass phpMyAdmin server_sync.php Backdoor (PMASA-2012-5) CVE-2012-5159 26 Sep 2012 8.8 (v3) High Pass Advanced Message Queuing Protocol Detection 27 Sep 2012 None Pass HP SAN/iQ <= 10.0 Root Shell Command Injection CVE-2012-2986 21 Aug 2012 7.7 (v2) High Pass TikiWiki unserialize() Function Arbitrary Code Execution CVE-2012-0911 30 Aug 2012 8.8 (v3) High Pass Erlang Port Mapper Daemon Detection 27 Sep 2012 None Pass MediaWiki index.php 'uselang' Parameter XSS CVE-2012-2698 28 Sep 2012 4.3 (v2) Medium Pass IBM DB2 10.1 < Fix Pack 1 Multiple Vulnerabilities CVE-2012-2194 CVE-2012-2196 CVE-2012-2197 CVE-2012-3324 28 Sep 2012 9.9 (v3) Critical Pass Poweradmin index.php XSS 01 Oct 2012 4.3 (v2) Medium Pass IBM DB2 9.5 < Fix Pack 10 Multiple Vulnerabilities CVE-2012-0713 CVE-2012-2194 CVE-2012-2196 CVE-2012-2197 18 Oct 2012 7.5 (v3) High Pass vBulletin newreply.php WYSIWYG_HTML Parameter XSS CVE-2004-0620 22 Sep 2004 4.3 (v2) Medium Pass IBM DB2 9.7 < Fix Pack 7 Multiple Vulnerabilities CVE-2012-2194 CVE-2012-2196 CVE-2012-2197 CVE-2012-4826 25 Oct 2012 8.8 (v3) High Pass Mutiny < 4.5-1.12 Unspeciﬁed Network Interface Menu Remote Command Injection CVE-2012-3001 26 Oct 2012 8.5 (v2) High Pass Zabbix Web Interface popup_bitem.php itemid Parameter SQL Injection CVE-2012-3435 30 Oct 2012 7.5 (v2) High Pass Temenos T24 Detection 31 Oct 2012 None Pass Symphony Password Retrieval Script XSS 05 Nov 2012 4.3 (v2) Medium Pass TUTOS < 1.1.20040412 Multiple Input Validation Issues 22 Sep 2004 7.5 (v2) High 53

Pass Traq admincp/common.php authenticate() Function Authentication Bypass Remote Code Execution 12 Nov 2012 8.8 (v3) High Pass HP LoadRunner < 11.00 Patch 4 Code Execution (intrusive check) CVE-2011-4789 13 Nov 2012 10 (v2) Critical Pass Liferay Portal 6.1.0 / 6.1.10 Arbitrary File Deletion 15 Nov 2012 5.5 (v2) Medium Pass Freestyle Support Portal Component for Joomla! 'prodid' Parameter SQLi 16 Nov 2012 7.3 (v3) High Pass Freestyle Testimonials Component for Joomla! Unspeciﬁed SQLi 16 Nov 2012 7.3 (v3) High Pass Zenphoto Verisign_logon.php redirect Parameter XSS 28 Nov 2012 4.3 (v2) Medium Pass Piwik core/Loader.php Trojaned Distribution 28 Nov 2012 7.5 (v2) High Pass Narcissus backend.php release Parameter Remote Command Execution 30 Nov 2012 7.5 (v2) High Pass RWCards Component for Joomla! 'mosConﬁg_absolute_path' Parameter Remote File Include 10 Dec 2012 9.8 (v3) Critical Pass Ektron CMS XslCompiledTransform Class Request Parsing Remote Code Execution CVE-2012-5357 12 Dec 2012 9.8 (v3) Critical Pass HP Intelligent Management Center User Access Manager Datagram Parsing Code Execution CVE-2012-3274 14 Dec 2012 10 (v2) Critical Pass MDaemon < 6.5.2 Multiple Remote Buﬀer Overﬂows CVE-2004-1546 23 Sep 2004 7.5 (v2) High Pass Prado Framework sr Parameter Directory Traversal 11 Jan 2013 5 (v2) Medium Pass MoinMoin twikidraw.py Traversal File Upload Arbitrary File Overwrite CVE-2012-6081 CVE-2012-6495 21 Jan 2013 8.8 (v3) High Pass Horde IMP js/compose-dimp.js XSS CVE-2012-5565 21 Jan 2013 4.3 (v2) Medium Pass Movable Type mt-upgrade.cgi Remote Command Execution CVE-2013-0209 25 Jan 2013 8.8 (v3) High Pass Default Password (raspberry) for 'pi' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass Default Password (openelec) for 'root' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass Default Password (raspi) for 'root' Account CVE-1999-0502 28 Jan 2013 9.8 (v3) Critical Pass ViArt Shop sips_response.php DATA Parameter Request Parsing Remote Shell Command Execution 30 Jan 2013 8.8 (v3) High Pass Incapsula Component for Joomla! 'token' Parameter Multiple XSS 06 Feb 2013 4.7 (v3) Medium Pass LogAnalyzer userchange.php 'viewid' Parameter XSS 06 Feb 2013 4.3 (v2) Medium Pass MantisBT search.php match_type Parameter XSS CVE-2013-0197 07 Feb 2013 4.3 (v2) Medium Pass php-Charts url.php Remote PHP Code Execution 11 Feb 2013 8.8 (v3) High Pass Microsoft ASP.NET MS-DOS Device Name DoS (PCI-DSS check) CVE-2007-2897 13 Feb 2013 5 (v2) Medium Pass HP LeftHand Virtual SAN Appliance < 10.0 hydra Service Multiple RCE CVE-2012-3282 CVE-2012-3283 CVE-2012-3284 CVE-2012-3285 CVE-2013-2343 14 Feb 2013 10 (v2) Critical Pass PostgreSQL 8.3 < 8.3.23 / 8.4 < 8.4.16 / 9.0 < 9.0.12 / 9.1 < 9.1.8 / 9.2 < 9.2.3 Denial of Service CVE-2013-0255 18 Feb 2013 5.3 (v3) Medium Pass ImpressPages cm_group Parameter Remote PHP Code Execution CVE-2011-4932 19 Feb 2013 7.5 (v2) High Pass EMC Data Protection Advisor CXML Service Detection 20 Feb 2013 None Pass Bugzilla show_bug.cgi id Parameter XSS CVE-2013-0785 25 Feb 2013 4.3 (v2) Medium Pass Apache 2.4.x < 2.4.4 Multiple XSS Vulnerabilities CVE-2012-3499 CVE-2012-4558 26 Feb 2013 5.9 (v3) Medium Pass MoinMoin rsslink() Function page_name Parameter XSS CVE-2012-6082 28 Feb 2013 4.3 (v2) Medium Pass PHP 5.4.x < 5.4.12 Information Disclosure CVE-2013-1824 04 Mar 2013 5.3 (v3) Medium Pass Jenkins < 1.498 / 1.480.2 and Jenkins Enterprise 1.447.x / 1.466.x < 1.447.6.1 / 1.466.12.1 Unspeciﬁed Master Cryptographic Key Information DisclosurCVE-2013-0158 e 06 Mar 2013 5.3 (v3) Medium Pass Jenkins < 1.502 / 1.480.3 and Jenkins Enterprise 1.447.x / 1.466.x / 1.480.x < 1.447.7.1 / 1.466.13.1 / 1.480.3.1 Multiple VCVE-2013-0327 CVE-2013-0328 CVE-2013-0329 CVE-2013-0330 CVE-2013-0331ulnerabilities 06 Mar 2013 7.5 (v2) High Pass CoDeSys Gateway Service < 2.3.9.27 Multiple Vulnerabilities CVE-2012-4704 CVE-2012-4705 CVE-2012-4706 CVE-2012-4707 CVE-2012-4708 11 Mar 2013 10 (v2) Critical Pass HP Intelligent Management Center < 5.2 E401 Multiple Vulnerabilities CVE-2012-5200 CVE-2012-5201 CVE-2012-5202 CVE-2012-5203 CVE-2012-5204 CVE-2012-5205 CVE-2012-5206 CVE-2012-5207 CVE-2012-5208 CVE-2012-5209 CVE-2012-5212 CVE-2012-521313 Mar 2013 10 (v2) Critical Pass PHP-Fusion Authenticate.class.php Multiple Cookie SQL Injection CVE-2013-7375 19 Mar 2013 7.5 (v2) High Pass PHP-Fusion forum/viewthread.php highlight Parameter XSS 19 Mar 2013 4.3 (v2) Medium Pass CKEditor sample_posteddata.php XSS 28 Mar 2013 4.3 (v2) Medium Pass NConf delete_attr.php id Parameter SQL Injection 28 Mar 2013 7.5 (v2) High Pass Piwigo install.php dl Parameter Traversal Arbitrary File Access CVE-2013-1469 02 Apr 2013 6.5 (v3) Medium Pass Default Password (facepunch) for 'chronos' Account CVE-1999-0502 03 Apr 2013 9.8 (v3) Critical Pass Git Protocol Detection 05 Apr 2013 None Pass Webman I-Mall i-mall.cgi Arbitrary Command Execution CVE-2004-2275 18 Nov 2004 10 (v2) Critical Pass PostgreSQL 8.4 < 8.4.17 / 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 Multiple Vulnerabilities CVE-2013-1902 CVE-2013-1903 08 Apr 2013 9.8 (v3) Critical Pass PostgreSQL 9.1 < 9.1.9 / 9.2 < 9.2.4 Denial of Service CVE-2013-1901 08 Apr 2013 4.3 (v3) Medium Pass MediaWiki mwdoc-ﬁlter.php Arbitrary File Access CVE-2013-1818 10 Apr 2013 5 (v2) Medium Pass mnoGoSearch search.cgi QUERY_STRING Parameter Parsing Arbitrary File Access 10 Apr 2013 5 (v2) Medium Pass IBM Lotus Domino 8.5.x Multiple Vulnerabilities CVE-2012-2159 CVE-2012-2161 CVE-2013-0488 CVE-2013-0489 26 Apr 2013 6 (v2) Medium Pass Android Emulator ADB Port on Remote Host 11 May 2013 7.5 (v2) High Pass Default Password (nsroot) for 'nsroot' Account CVE-1999-0502 13 May 2013 9.8 (v3) Critical Pass Citrix NetScaler Web Management Interface Default Administrator Credentials 13 May 2013 7.5 (v2) High Pass e107 content_preset.php URI XSS CVE-2013-2750 13 May 2013 4.3 (v2) Medium Pass Mutiny < 5.0-1.11 Multiple Directory Traversals CVE-2013-0136 17 May 2013 8.5 (v2) High Pass Securimage example_form.php XSS 22 May 2013 4.3 (v2) Medium Pass YaBB 1 Gold < 1.3.2 Multiple Input Validation Vulnerabilities CVE-2004-2139 CVE-2004-2140 23 Sep 2004 4.3 (v2) Medium Pass PHP 5.3.x < 5.3.23 Multiple Vulnerabilities CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 24 May 2013 7.3 (v3) High Pass PHP 5.4.x < 5.4.13 Information Disclosure CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 24 May 2013 7.3 (v3) High Pass Alt-N MDaemon < 13.0.4 Multiple Vulnerabilities 28 May 2013 9 (v2) High Pass nginx ngx_http_proxy_module.c Multiple Vulnerabilities CVE-2013-2028 CVE-2013-2070 29 May 2013 9.8 (v3) Critical Pass Default Password (openvpnas) for 'root' Account CVE-1999-0502 30 May 2013 9.8 (v3) Critical Pass Greenstone Password File Disclosure 31 May 2013 5 (v2) Medium Pass DNN (DotNetNuke) 7.0.x < 7.0.6 Unspeciﬁed Modal Window XSS 03 Jun 2013 4.3 (v2) Medium Pass CoDeSys Gateway Service < 2.3.9.28 Use-After-Free CVE-2013-2781 05 Jun 2013 10 (v2) Critical Pass PHP 5.3.x < 5.3.26 Multiple Vulnerabilities CVE-2013-2110 CVE-2013-4635 07 Jun 2013 5 (v2) Medium Pass HP Data Protector Multiple RCE Vulnerabilities CVE-2013-2324 CVE-2013-2325 CVE-2013-2326 CVE-2013-2327 CVE-2013-2328 CVE-2013-2329 CVE-2013-2330 CVE-2013-2331 CVE-2013-2332 CVE-2013-2333 CVE-2013-2334 CVE-2013-233510 Jun 2013 10 (v2) Critical Pass Plone PloneFormGen Unspeciﬁed Arbitrary Code Execution 11 Jun 2013 8.8 (v3) High Pass Apache Struts 2 OGNL Expression Handling Double Evaluation Error Remote Command Execution CVE-2013-2134 CVE-2013-2135 19 Jun 2013 8.1 (v3) High Pass Apache Struts 2 Crafted Parameter Arbitrary OGNL Expression Remote Command Execution CVE-2013-1965 CVE-2013-1966 CVE-2013-2115 19 Jun 2013 8.1 (v3) High Pass FreePBX Backup Module page.backup.php 'dir' Parameter RCE 26 Jun 2013 7.5 (v2) High Pass Default Password (badg3r5) for 'HPSupport' Account CVE-1999-0502 CVE-2013-2342 27 Jun 2013 9.8 (v3) Critical Pass Atlassian Crowd XML External Entity Request Handling Arbitrary File Disclosure CVE-2013-3925 03 Jul 2013 5.8 (v2) Medium Pass IBM Lotus Domino 8.5.x < 8.5.3 FP 4 Multiple Vulnerabilities CVE-2012-6277 CVE-2013-0486 CVE-2013-0487 05 Jul 2013 8.5 (v2) High Pass Citrix AGEE Logon Portal Unspeciﬁed XSS 06 Jul 2013 4.3 (v2) Medium Pass Plone spamProtect mailaddress Parameter XSS CVE-2013-4190 08 Jul 2013 4.3 (v2) Medium Pass PHP 5.3.x < 5.3.27 Multiple Vulnerabilities CVE-2013-4113 12 Jul 2013 6.8 (v2) Medium Pass PHP 5.4.x < 5.4.17 Buﬀer Overﬂow 12 Jul 2013 9.3 (v2) High Pass Dell iDRAC6 Multiple Vulnerabilities CVE-2013-4785 16 Jul 2013 10 (v2) Critical Pass Default password (dasdec1) for 'root' account CVE-1999-0502 CVE-2013-4735 18 Jul 2013 9.8 (v3) Critical Pass Apache 2.4.x < 2.4.5 Multiple Vulnerabilities CVE-2013-1896 CVE-2013-2249 23 Jul 2013 9.8 (v3) Critical Pass HP System Management Homepage < 7.2.1.0 Multiple Vulnerabilities (BEAST) CVE-2011-3389 CVE-2012-0883 CVE-2012-2110 CVE-2012-2311 CVE-2012-2329 CVE-2012-2335 CVE-2012-2336 CVE-2012-5217 CVE-2013-2355 CVE-2013-2356 CVE-2013-2357 CVE-2013-2358 CVE-2013-2359 CVE-2013-2360 CVE-2013-2361 CVE-2013-2362 CVE-2013-2363 CVE-2013-2364 CVE-2013-482123 Jul 2013 7.5 (v2) High Pass Virtualizor < 2.3.2 PDNS Domain Deletion Security Bypass 24 Jul 2013 4 (v2) Medium Pass Apache OFBiz Nested Expression Arbitrary UEL Function Execution CVE-2013-2250 29 Jul 2013 10 (v2) Critical Pass OpenNetAdmin dcm.php options[desc] Parameter Arbitrary Remote PHP Code Execution 31 Jul 2013 8.8 (v3) High Pass PineApp Mail-SeCure Default Credentials 01 Aug 2013 7.5 (v2) High Pass PineApp Mail-SeCure test_li_connection.php Remote Command Injection 01 Aug 2013 8.8 (v3) High Pass Joomla! 'lang' Parameter XSS CVE-2013-5583 09 Aug 2013 4.7 (v3) Medium Pass Mac OS X Directory Service Buﬀer Overﬂow CVE-2013-0984 13 Aug 2013 9.3 (v2) High Pass Poison Ivy Detection 13 Aug 2013 None Pass PHP 5.5.x < 5.5.1 xml.c Buﬀer Overﬂow CVE-2013-4113 14 Aug 2013 6.8 (v2) Medium Pass OpenX ﬂowplayer-3.1.1.min.js Backdoor Remote Code Execution CVE-2013-4211 15 Aug 2013 8.8 (v3) High Pass DNN (DotNetNuke) __dnnVariable Parameter XSS CVE-2013-4649 16 Aug 2013 4.3 (v2) Medium Pass PHP 5.4.x < 5.4.19 Multiple Vulnerabilities CVE-2013-4113 CVE-2013-4248 21 Aug 2013 7.3 (v3) High Pass DNN (DotNetNuke) DNNArticle Module categoryid Parameter SQL Injection CVE-2013-5117 16 Aug 2013 7.5 (v2) High Pass Default Password (arcsight) for 'root' Account CVE-1999-0502 05 Aug 2013 9.8 (v3) Critical Pass HP LaserJet PJL Interface Directory Traversal (HPSBPI02575) CVE-2010-4107 20 Aug 2013 7.5 (v3) High Pass Microsoft SQL Server STARTTLS Support 04 Jul 2013 None Pass IBM DB2 10.5 < Fix Pack 1 Security Bypass CVE-2013-4033 06 Sep 2013 5 (v3) Medium Pass Juniper NSM Servers < 2012.1 Multiple Vulnerabilities CVE-2004-0230 CVE-2005-2798 CVE-2006-0225 CVE-2006-4924 CVE-2006-5051 CVE-2010-1169 CVE-2010-1170 CVE-2010-1447 CVE-2010-3433 CVE-2010-401513 Sep 2013 9.3 (v2) High Pass Juniper NSM Linux Kernel TCP Sequence Number Generation Issue (PSN-2012-08-688) CVE-2011-3188 13 Sep 2013 6.8 (v2) Medium Pass Juniper NSM Servers Multiple Java JDK/JRE Vulnerabilities (PSN-2012-08-689) CVE-2008-3103 CVE-2008-3104 CVE-2008-3105 CVE-2008-3106 CVE-2008-3107 CVE-2008-3108 CVE-2008-3109 CVE-2008-3110 CVE-2008-3111 CVE-2008-3112 CVE-2008-3113 CVE-2008-3114 CVE-2008-3115 CVE-2011-0786 CVE-2011-0802 CVE-2011-0814 CVE-2011-0815 CVE-2011-0817 CVE-2011-0862 CVE-2011-0863 CVE-2011-0864 CVE-2011-0865 CVE-2011-0866 CVE-2011-0867 CVE-2011-0868 CVE-2011-0869 CVE-2011-0871 CVE-2011-0872 CVE-2011-087313 Sep 2013 10 (v2) Critical Pass Atlassian Fisheye for Windows < 4.4.6, 4.5.x < 4.5.3 Remote Code Execution Vulnerability CVE-2018-5223 04 Apr 2019 7.2 (v3) High Pass Ubuntu Drupal Theme - Brown images/layout/gradient.php File Disclosure 22 Oct 2010 5 (v2) Medium Pass Artica Default Credentials 25 Oct 2010 7.5 (v2) High Pass CGI Generic Padding Oracle CVE-2010-3332 29 Oct 2010 5 (v2) Medium Pass Symantec IM Manager whereClause Parameter SQL Injection (SYM10-010) CVE-2010-0112 01 Nov 2010 10 (v2) Critical Pass Atlassian FishEye Code Metrics Report Plugin XSS 02 Nov 2010 4.3 (v2) Medium Pass IBM DB2 9.7 < Fix Pack 3 Multiple Vulnerabilities CVE-2010-3474 CVE-2010-3475 CVE-2010-3731 CVE-2011-0731 02 Nov 2010 5.3 (v3) Medium Pass YUI charts.swf / swfstore.swf / uploader.swf XSS CVE-2010-4207 CVE-2010-4208 CVE-2010-4209 05 Nov 2010 4.3 (v2) Medium Pass Skype Extras Manager (skypePM.exe) skype-plugin: URI Arbitrary XML File Deletion (uncredentialed check) 15 Nov 2010 4.3 (v2) Medium Pass Bugzilla Response Splitting CVE-2010-3172 15 Nov 2010 5 (v2) Medium 54

Pass Default Password (m) for 'root' Account CVE-1999-0502 CVE-2010-4233 15 Nov 2010 9.8 (v3) Critical Pass BitTorrent Mainline DHT Detection 22 Nov 2010 None Pass Apache Tomcat Examples Web Root Path Disclosure CVE-2002-2007 23 Nov 2010 5.3 (v3) Medium Pass Sybase PowerDesigner Repository Proxy Detection 24 Nov 2010 None Pass vtiger CRM phprint.php lang_crm Parameter Local File Inclusion CVE-2010-3910 29 Nov 2010 6.8 (v2) Medium Pass RSForm! Component for Joomla! 'lang' Parameter Local File Include 29 Nov 2010 9.8 (v3) Critical Pass Pandora FMS Console Authentication Bypass CVE-2010-4279 01 Dec 2010 7.5 (v2) High Pass MODx login.php 'username' Parameter XSS 09 Dec 2010 4.3 (v2) Medium Pass aspWebCalendar calendar.asp SQL Injection CVE-2004-1552 24 Sep 2004 6.8 (v2) Medium Pass MantisBT 'db_type' Parameter Local File Inclusion CVE-2010-4350 22 Dec 2010 5.1 (v2) Medium Pass Git gitweb Multiple Parameter XSS CVE-2010-3906 23 Dec 2010 4.3 (v2) Medium Pass PHP 5.3 < 5.3.4 Multiple Vulnerabilities CVE-2006-7243 CVE-2010-2094 CVE-2010-2950 CVE-2010-3436 CVE-2010-3709 CVE-2010-3710 CVE-2010-3870 CVE-2010-4150 CVE-2010-4156 CVE-2010-4409 CVE-2010-4697 CVE-2010-4698 CVE-2010-4699 CVE-2010-4700 CVE-2011-0753 CVE-2011-0754 CVE-2011-075513 Dec 2010 6.8 (v2) Medium Pass Pligg register.php reg_username Parameter XSS 07 Jan 2011 4.3 (v2) Medium Pass PhpGedView module.php pgvaction Parameter Traversal Local File Inclusion CVE-2011-0405 12 Jan 2011 7.5 (v2) High Pass vBulletin memberlist.php what Parameter XSS CVE-2004-1824 28 Sep 2004 4.3 (v2) Medium Pass BlogEngine.NET api/BlogImporter.asmx GetFile Function Unauthorized Access 18 Jan 2011 7.5 (v2) High Pass ExtCalendar 'cat_id' parameter SQL Injection 26 Jan 2011 7.5 (v2) High Pass IBM DB2 9.1 < Fix Pack 10 Multiple Vulnerabilities CVE-2010-3731 CVE-2011-0731 CVE-2011-0757 01 Feb 2011 9.8 (v3) Critical Pass PD9 MegaBBS Multiple Vulnerabilities 28 Sep 2004 7.5 (v2) High Pass Serendipity < 0.7.0beta3 Multiple Vulnerabilities CVE-2004-2157 CVE-2004-2158 28 Sep 2004 7.5 (v2) High Pass PHP-Fusion homepage address Parameter XSS 29 Sep 2004 4.3 (v2) Medium Pass IBM DB2 9.5 < Fix Pack 7 Multiple Vulnerabilities CVE-2011-0731 CVE-2011-1846 CVE-2011-1847 01 Feb 2011 9.8 (v3) Critical Pass Moodle 'PHPCOVERAGE_HOME' Parameter XSS 02 Feb 2011 4.3 (v2) Medium Pass OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Ciphersuite Disabled Cipher Issue CVE-2008-7270 07 Feb 2011 4.3 (v2) Medium Pass CGI Generic SQL Injection (Parameters Names) 14 Feb 2011 7.5 (v2) High Pass Bind Shell Backdoor Detection 15 Feb 2011 9.8 (v3) Critical Pass HP StorageWorks File Migration Agent Unauthorized Access 14 Mar 2011 6.4 (v2) Medium Pass Eric Cooperation Server Detection 25 Mar 2011 None Pass MediaWiki CSS Comments XSS CVE-2011-0047 16 Feb 2011 4.3 (v2) Medium Pass Web Common Credentials (HTML form) 16 Feb 2011 7.5 (v2) High Pass Mod_auth_mysql Multibyte Encoding SQL Injection CVE-2008-2384 22 Feb 2011 7.3 (v3) High Pass MyBB xmlhttp.php 'value' Parameter XSS 04 Apr 2011 4.3 (v2) Medium Pass Detect RPC over TCP 08 Apr 2011 None Pass Detect RPC over UDP 08 Apr 2011 None Pass EyeOS ﬁle Parameter Directory Traversal CVE-2011-1715 21 Apr 2011 5 (v2) Medium Pass Horde IMP HTML MIME Viewer Multiple XSS 29 Sep 2004 4.3 (v2) Medium Pass Unmanarc Remote Control Server (URCS) Detection 01 Oct 2004 10 (v2) Critical Pass NetworkActiv Web Server Encoded URL Request Remote DoS 05 Oct 2004 5 (v2) Medium Pass HP System Management Homepage < 6.3 Multiple Vulnerabilities CVE-2010-1917 CVE-2010-2531 CVE-2010-2939 CVE-2010-2950 CVE-2010-3709 CVE-2010-4008 CVE-2010-4156 CVE-2011-1540 CVE-2011-154122 Apr 2011 10 (v2) Critical Pass Plone Security Bypass CVE-2011-0720 25 Apr 2011 7.5 (v2) High Pass IBM DB2 9.7 < Fix Pack 4 Multiple Vulnerabilities CVE-2011-1846 CVE-2011-1847 25 Apr 2011 7.3 (v3) High Pass Symphony token Parameter SQL Injection 02 May 2011 7.5 (v2) High Pass Spreecommerce api/orders.json Search Function Arbitrary Command Execution 03 May 2011 8.8 (v3) High Pass Adobe Flash Media Server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11) CVE-2010-3864 CVE-2011-0612 13 May 2011 10 (v2) Critical Pass Multiple Vendor RPC portmapper Access Restriction Bypass CVE-2011-0321 CVE-2011-1210 19 May 2011 6.4 (v2) Medium Pass eFront js/scripts.php 'load' Parameter Remote File Inclusion 23 May 2011 7.5 (v2) High Pass HP Data Protector Remote Command Execution CVE-2011-0923 03 May 2011 10 (v2) Critical Pass Skype for Mac 5.x < 5.1.0.922 Unspeciﬁed Remote Code Execution (uncredentialed check) CVE-2011-2074 09 May 2011 5.1 (v2) Medium Pass phpMyAdmin url.php Redirect (PMASA-2011-4) CVE-2011-1941 24 May 2011 5.8 (v3) Medium Pass Movable Type mt-comments.cgi static Parameter XSS 27 May 2011 4.3 (v2) Medium Pass Apache Archiva < 1.3.5 Multiple Vulnerabilities CVE-2011-1026 CVE-2011-1077 05 Jun 2011 7.5 (v2) High Pass Movable Type User Registration Restriction Bypass 23 Jun 2011 4.3 (v2) Medium Pass HP Data Protector <= A.06.20 Multiple Vulnerabilities (uncredentialed check) CVE-2011-1514 CVE-2011-1515 CVE-2011-1864 CVE-2011-1865 CVE-2011-1866 06 Jul 2011 10 (v2) Critical Pass AllVideos Reloaded! Plugin for Joomla! 'divid' Parameter SQLi 19 Jul 2011 7.3 (v3) High Pass AlphaRegistration Component for Joomla! 'email' Parameter SQLi 25 Jul 2011 5.6 (v3) Medium Pass jCart 1.1 my-item-name POST Parameter XSS 08 Aug 2011 4.3 (v2) Medium Pass Adobe Flash Media Server < 3.5.7 / 4.0.3 Denial of Service (APSB11-20) CVE-2011-2132 10 Aug 2011 7.8 (v2) High Pass CGI Generic Script Injection (quick test) 04 Aug 2011 4.3 (v2) Medium Pass Invision Power Board Referer ﬁeld XSS CVE-2004-1578 06 Oct 2004 4.3 (v2) Medium Pass PHP 5.3 < 5.3.7 Multiple Vulnerabilities CVE-2011-1148 CVE-2011-1657 CVE-2011-1938 CVE-2011-2202 CVE-2011-2483 CVE-2011-3182 CVE-2011-3267 CVE-2011-3268 22 Aug 2011 10 (v2) Critical Pass PHP 5.3.7 crypt() MD5 Incorrect Return Value CVE-2011-3189 24 Aug 2011 7.5 (v2) High Pass Sitecore CMS 'default.aspx' XSS CVE-2009-2163 25 Aug 2011 4.3 (v2) Medium Pass Sitecore CMS < 6.4.1 rev.110720 'url' Parameter URI Redirection 25 Aug 2011 4.3 (v2) Medium Pass HP Client Automation radexecd.exe Remote Command Execution CVE-2011-0889 12 Sep 2011 10 (v2) Critical Pass OpenAdmin Tool for Informix informixserver Parameter XSS CVE-2011-3390 13 Sep 2011 4.3 (v2) Medium Pass phpMyAdmin 3.4.x < 3.4.5 XSS (PMASA-2011-14) 03 Oct 2011 4.3 (v2) Medium Pass MyBB 1.6.4 Backdoor PHP Remote Code Execution 14 Oct 2011 7.5 (v2) High Pass SonicWALL ViewPoint Server Default Credentials 26 Oct 2011 7.5 (v2) High Pass Dropbox Software Detection (uncredentialed check) 02 Nov 2011 None Pass phpLDAPadmin orderby Parameter Arbitrary PHP Code Execution CVE-2011-4075 03 Nov 2011 7.5 (v2) High Pass TimThumb Cache Directory 'src' Parameter Arbitrary PHP File Upload CVE-2011-4106 08 Nov 2011 7.5 (v2) High Pass IBM DB2 9.7 < Fix Pack 5 Multiple Denial of Service Vulnerabilities CVE-2010-4476 CVE-2011-1373 23 Nov 2011 5.3 (v3) Medium Pass SIP Username Enumeration 01 Dec 2011 5 (v2) Medium Pass Oracle WebLogic Server Web Services Security Policy not Enforced (CVE-2008-5459) CVE-2008-5459 07 Dec 2011 5 (v2) Medium Pass phpMyAdmin 3.4.x < 3.4.8 XSS (PMASA-2011-18) CVE-2011-4634 19 Dec 2011 4.3 (v2) Medium Pass FreeBSD 'telnetd' Daemon Remote Buﬀer Overﬂow CVE-2011-4862 09 Jan 2012 10 (v2) Critical Pass Plone Request Parsing Remote Command Execution CVE-2011-3587 20 Dec 2011 7.5 (v2) High Pass PHP < 5.3.9 Multiple Vulnerabilities CVE-2011-3379 CVE-2011-4566 CVE-2011-4885 CVE-2012-0057 CVE-2012-0781 CVE-2012-0788 CVE-2012-0789 13 Jan 2012 7.5 (v2) High Pass SimpleSAMLphp logout.php link_href Parameter XSS CVE-2012-0908 23 Jan 2012 4.3 (v2) Medium Pass MS12-007: Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664) (uncredentialed check)CVE-2012-0007 17 Jan 2012 5 (v2) Medium Pass Trend Micro Control Manager CmdProcessor.exe Detection 24 Jan 2012 None Pass PHP 5.3.9 'php_register_variable_ex()' Code Execution (banner check) CVE-2012-0830 03 Feb 2012 10 (v2) Critical Pass Skype for Windows < 5.8.0.154 Unspeciﬁed Vulnerability (uncredentialed check) 09 Feb 2012 9.3 (v2) High Pass Default Password (nasadmin) for 'root' Account CVE-1999-0502 13 Feb 2012 9.8 (v3) Critical Pass Default Password (nasadmin) for 'nasadmin' Account CVE-1999-0502 13 Feb 2012 9.8 (v3) Critical Pass Oracle WebCenter Content Default Administration Credentials 16 Feb 2012 7.5 (v2) High Pass Oracle WebCenter Content Help Component XSS CVE-2012-0085 16 Feb 2012 4.3 (v2) Medium Pass Oracle WebCenter Content 'GET_SEARCH_RESULTS' SQL Injection CVE-2012-0083 16 Feb 2012 6.4 (v2) Medium Pass Oracle WebCenter Content idc/idcplg Multiple Parameter XSS CVE-2012-0084 16 Feb 2012 4.3 (v2) Medium Pass Horde 3.3.12 open_calendar.js Backdoor CVE-2012-0209 17 Feb 2012 7.5 (v2) High Pass phpLDAPadmin lib/QueryRender.php base Parameter XSS CVE-2012-0834 20 Feb 2012 4.3 (v2) Medium Pass FreePBX gen_amp_conf.php Information Disclosure 22 Feb 2012 7.5 (v2) High Pass IBM solidDB 6.5 < 6.5.0.8 Multiple Denial of Service Vulnerabilities CVE-2010-4055 CVE-2010-4056 CVE-2010-4057 23 Feb 2012 5 (v2) Medium Pass DB2 9.5 < Fix Pack 9 Multiple Vulnerabilities CVE-2012-0709 CVE-2012-0710 CVE-2012-0711 CVE-2012-0712 CVE-2012-1796 CVE-2012-1797 08 Mar 2012 6.3 (v3) Medium Pass Java Debug Wire Protocol Detection 20 Mar 2012 7.5 (v2) High Pass WebGlimpse query Parameter Command Injection CVE-2012-1795 21 Mar 2012 7.5 (v2) High Pass nginx < 1.0.10 ngx_resolver_copy Function DNS Response Parsing Buﬀer Overﬂow CVE-2011-4315 21 Mar 2012 5.6 (v3) Medium Pass Zenphoto 404 Error Page XSS CVE-2012-0995 23 Mar 2012 4.3 (v2) Medium Pass Zenphoto viewer_size_image_saved Cookie Value eval() Call Remote PHP Code Execution CVE-2012-0993 23 Mar 2012 8.8 (v3) High Pass Microsoft ASP.NET ValidateRequest Filters Bypass CVE-2008-3842 CVE-2008-3843 05 Apr 2012 5.4 (v3) Medium Pass Dolibarr passwordforgotten.php theme Parameter Local File Inclusion 13 Apr 2012 6.8 (v2) Medium Pass Dolibarr 3.1.0 admin/company.php username Parameter XSS CVE-2011-4329 13 Apr 2012 4.3 (v2) Medium Pass SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST) CVE-2011-3389 16 Apr 2012 5.3 (v3) Medium Pass Apache 2.4.x < 2.4.2 'LD_LIBRARY_PATH' Insecure Library Loading CVE-2012-0883 19 Apr 2012 7 (v3) High Pass HP System Management Homepage < 7.0 Multiple Vulnerabilities CVE-2009-0037 CVE-2010-0734 CVE-2010-1452 CVE-2010-1623 CVE-2010-2068 CVE-2010-2791 CVE-2010-3436 CVE-2010-4409 CVE-2010-4645 CVE-2011-0014 CVE-2011-0195 CVE-2011-0419 CVE-2011-1148 CVE-2011-1153 CVE-2011-1464 CVE-2011-1467 CVE-2011-1468 CVE-2011-1470 CVE-2011-1471 CVE-2011-1928 CVE-2011-1938 CVE-2011-1945 CVE-2011-2192 CVE-2011-2202 CVE-2011-2483 CVE-2011-3182 CVE-2011-3189 CVE-2011-3192 CVE-2011-3207 CVE-2011-3210 CVE-2011-3267 CVE-2011-3268 CVE-2011-3348 CVE-2011-3368 CVE-2011-3639 CVE-2011-3846 CVE-2012-0135 CVE-2012-199320 Apr 2012 10 (v2) Critical Pass phpBB Cash_Mod admin_cash.php Arbitrary Command Execution CVE-2004-1535 18 Nov 2004 8.3 (v3) High Pass IBM Tivoli Directory Server Web Administration Tool Unspeciﬁed XSS CVE-2012-0740 20 Apr 2012 4.3 (v2) Medium Pass Moodle MSA-11-0007 'coursetags_more.php' XSS 27 Apr 2012 4.3 (v2) Medium Pass PHP < 5.3.11 Multiple Vulnerabilities CVE-2011-1398 CVE-2012-0831 CVE-2012-1172 02 May 2012 6.8 (v2) Medium Pass PHP 5.4.x < 5.4.1 Multiple Vulnerabilities CVE-2012-1172 CVE-2012-4388 02 May 2012 5 (v2) Medium Pass PHP Unsupported Version Detection 04 May 2012 10 (v3) Critical Pass PHP 5.4.x < 5.4.3 Multiple Vulnerabilities CVE-2012-2311 CVE-2012-2329 CVE-2012-2335 CVE-2012-2336 09 May 2012 8.3 (v2) High 55

Pass PHP-Fusion 4.01 Multiple Vulnerabilities CVE-2004-2437 CVE-2004-2438 08 Oct 2004 6.5 (v2) Medium Pass Liferay Portal < 6.0.6 Multiple Vulnerabilities CVE-2011-1502 CVE-2011-1503 CVE-2011-1504 CVE-2011-1570 CVE-2011-1571 22 May 2012 9.3 (v2) High Pass Liferay Portal 6.0.5 / 6.0.6 Arbitrary File Download 22 May 2012 6.8 (v2) Medium Pass Liferay Portal 6.1.0 'addUser()' Security Bypass 22 May 2012 10 (v2) Critical Pass Apache OFBiz Default Credentials 23 May 2012 7.5 (v2) High Pass Apache OFBiz FlexibleStringExpander Remote Code Execution CVE-2012-1622 23 May 2012 9.8 (v3) Critical Pass Apache OFBiz Webslinger Component XSS CVE-2012-1621 23 May 2012 4.3 (v2) Medium Pass Liferay Portal 6.1.0 User Enumeration 04 Jun 2012 5 (v2) Medium Pass Liferay Portal 6.1.0 Forward Target Handling Security Bypass 04 Jun 2012 10 (v2) Critical Pass Liferay Portal upload_progress_poller.jsp XSS 04 Jun 2012 5.8 (v2) Medium Pass PHP 5.3.x < 5.3.14 Multiple Vulnerabilities CVE-2012-2143 CVE-2012-2386 CVE-2012-3450 CVE-2012-6113 15 Jun 2012 7.5 (v2) High Pass PHP 5.4.x < 5.4.4 Multiple Vulnerabilities CVE-2012-2143 CVE-2012-2386 CVE-2012-3450 15 Jun 2012 7.5 (v2) High Pass PHP php_variables.c Multiple Variable Open Bracket Memory Disclosure CVE-2004-0958 08 Oct 2004 5 (v2) Medium Pass MailEnable ForgottenPassword.aspx Username Parameter XSS CVE-2012-0389 19 Jun 2012 4.3 (v2) Medium Pass IBM DB2 9.1 < Fix Pack 11 Multiple DoS CVE-2010-4476 CVE-2012-0710 21 Jun 2012 5.3 (v3) Medium Pass Elgg index.php view Parameter XSS CVE-2012-6561 22 Jun 2012 4.3 (v2) Medium Pass MikroTik Winbox < 5.17 File Download DoS 27 Jun 2012 5 (v2) Medium Pass HP System Management Homepage < 7.1.1 Multiple Vulnerabilities CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-3379 CVE-2011-3607 CVE-2011-4078 CVE-2011-4108 CVE-2011-4153 CVE-2011-4317 CVE-2011-4415 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2011-4885 CVE-2012-0021 CVE-2012-0027 CVE-2012-0031 CVE-2012-0036 CVE-2012-0053 CVE-2012-0057 CVE-2012-0830 CVE-2012-1165 CVE-2012-1823 CVE-2012-2012 CVE-2012-2013 CVE-2012-2014 CVE-2012-2015 CVE-2012-201605 Jul 2012 10 (v2) Critical Pass IBM Domino Password Protected DB Enumeration 05 Jul 2012 None Pass IBM DB2 9.7 < Fix Pack 6 Multiple Vulnerabilities CVE-2011-4061 CVE-2012-0709 CVE-2012-0711 CVE-2012-0712 CVE-2012-0713 CVE-2012-2180 10 Jul 2012 7.3 (v3) High Pass CubeCart index.php cat_id Parameter SQL Injection CVE-2004-1580 08 Oct 2004 7.5 (v2) High Pass Danware NetOp Host HELO Request Remote Information Disclosure CVE-2004-0950 19 Nov 2004 5 (v2) Medium Pass IBM DB2 9.8 < Fix Pack 5 Multiple Vulnerabilities CVE-2012-0712 CVE-2012-0713 CVE-2012-2180 10 Jul 2012 5.3 (v3) Medium Pass Ruby on Rails HTTP Digest Authentication Bypass CVE-2009-2422 21 Jul 2009 7.5 (v2) High Pass eAccelerator encoder.php File Backup CVE-2009-2353 22 Jul 2009 7.5 (v2) High Pass phpMyAdmin Installation Not Password Protected 23 Jul 2009 7.5 (v2) High Pass MODx conﬁg.js.php Information Disclosure 28 Jul 2009 5 (v2) Medium Pass Snitz Forums 2000 <= 3.4.07 register.asp 'Email' Parameter SQL Injection CVE-2003-0286 03 Aug 2009 7.5 (v2) High Pass PHP-Kit <= 1.6.1 RC2 Multiple Vulnerabilities CVE-2004-1537 CVE-2004-1538 CVE-2005-2683 CVE-2005-2699 CVE-2005-3552 CVE-2005-3553 CVE-2005-3554 CVE-2005-4424 CVE-2006-0785 CVE-2006-0786 CVE-2006-1507 CVE-2006-177322 Nov 2004 7.5 (v2) High Pass TinyBrowser Multiple XSS 05 Aug 2009 4.7 (v3) Medium Pass IBM DB2 8.1 < Fix Pack 18 Multiple Vulnerabilities CVE-2009-2858 CVE-2009-2859 CVE-2009-2860 20 Aug 2009 5.3 (v3) Medium Pass FlexCMS Login Cookie SQL Injection 31 Aug 2009 7.5 (v2) High Pass Kayako SupportSuite Ticket Subject XSS CVE-2009-3427 04 Sep 2009 4.3 (v2) Medium Pass Zmanda Recovery Manager for MySQL socket-server.pl MYSQL_BINPATH Variable Command Execution CVE-2009-3102 07 Sep 2009 8.8 (v3) High Pass ChartDirector for .NET cacheId Parameter Arbitrary File Access 11 Sep 2009 5 (v2) Medium Pass Orion Application Server Web Examples Multiple XSS 15 Sep 2009 4.3 (v2) Medium Pass BF Survey Pro Component for Joomla! 'table' Parameter SQLi CVE-2009-4625 15 Sep 2009 7.3 (v3) High Pass PHP < 5.2.11 Multiple Vulnerabilities CVE-2009-3291 CVE-2009-3292 CVE-2009-3293 CVE-2009-3294 CVE-2009-4018 CVE-2009-5016 18 Sep 2009 7.5 (v2) High Pass Brio Unix odscgi HTMLFile Parameter Traversal Arbitrary File Access 30 Nov 2004 5 (v2) Medium Pass Interchange < 5.4.4 / 5.6.2 / 5.7.2 Search Request Information Disclosure 23 Sep 2009 5 (v2) Medium Pass Ektron CMS400.NET id Parameter XSS CVE-2009-4473 24 Sep 2009 4.3 (v2) Medium Pass Ability Mail Server < 2.70 IMAP4 FETCH DoS CVE-2009-3445 28 Sep 2009 4 (v2) Medium Pass IDoBlog Component for Joomla! 'userid' Parameter SQLi CVE-2009-3417 25 Sep 2009 7.3 (v3) High Pass Serv-U < 9.0.0.1 05 Oct 2009 4.3 (v2) Medium Pass IBM DB2 9.1 < Fix Pack 8 Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3472 CVE-2009-3473 06 Oct 2009 6.5 (v3) Medium Pass Default Password (sq!us3r) for 'dbadmin' Account CVE-1999-0502 CVE-2009-3710 15 Oct 2009 9.8 (v3) Critical Pass IBM Rational RequisitePro ReqWebHelp Multiple XSS CVE-2009-3730 20 Oct 2009 4.3 (v2) Medium Pass Default Password (infoblox) for 'admin' Account CVE-1999-0502 22 Oct 2009 9.8 (v3) Critical Pass Adobe ColdFusion <= 8.0.1 _logintowizard.cfm XSS CVE-2009-1872 CVE-2009-1875 02 Nov 2009 4.3 (v2) Medium Pass ViewVC Invalid Parameter Arbitrary HTML Injection 03 Nov 2009 4.3 (v2) Medium Pass CubeCart Admin Authentication Bypass CVE-2009-3904 03 Nov 2009 7.5 (v2) High Pass Default Password (alpine) for 'root' Account CVE-1999-0502 04 Nov 2009 9.8 (v3) Critical Pass Default Password (alpine) for 'mobile' Account CVE-1999-0502 04 Nov 2009 9.8 (v3) Critical Pass CubeCart 'admin.php' Authentication Bypass Information Disclosure 04 Nov 2009 5 (v2) Medium Pass CGI Generic SQL Injection (blind) 06 Nov 2009 7.5 (v2) High Pass MailEnable IMAP Server Multiple Remote Buﬀer Overﬂows CVE-2004-2501 30 Nov 2004 7.5 (v2) High Pass CGI Generic XSS (persistent) 06 Nov 2009 4.3 (v2) Medium Pass CGI Generic SQL Injection (HTTP Headers) 06 Nov 2009 7.5 (v2) High Pass Jumi Component for Joomla! <= 2.0.5 Backdoor Detection 16 Nov 2009 9.8 (v3) Critical Pass IBM Tivoli Storage Manager Client Multiple Vulnerabilities (swg21405562) CVE-2009-3853 CVE-2009-3854 CVE-2009-3855 16 Nov 2009 10 (v2) Critical Pass Movable Type mt-check.cgi System Information Disclosure 18 Nov 2009 5 (v2) Medium Pass PHP 5.3 < 5.3.1 Multiple Vulnerabilities CVE-2009-3557 CVE-2009-3559 CVE-2009-4017 CVE-2009-4018 CVE-2010-1128 20 Nov 2009 6.8 (v2) Medium Pass CubeCart includes/content/viewProd.inc.php productId Parameter SQL Injection CVE-2009-4060 24 Nov 2009 7.5 (v2) High Pass Squeezebox Server Detection 30 Nov 2009 None Pass Serv-U < 9.1.0.0 CVE-2009-4006 CVE-2009-4873 30 Nov 2009 9 (v2) High Pass GForge help/tracker.php helpname Parameter XSS CVE-2009-3303 01 Dec 2009 4.3 (v2) Medium Pass DNN (DotNetNuke) < 5.2.0 SearchResults.aspx XSS CVE-2009-4110 02 Dec 2009 4.3 (v2) Medium Pass AWStats < 6.95 awredir.pl Arbitrary Site Redirect 02 Dec 2009 4.7 (v3) Medium Pass Request Tracker Default Credentials 04 Dec 2009 7.5 (v2) High Pass Request Tracker Session Fixation Vulnerability CVE-2009-4151 04 Dec 2009 5.8 (v2) Medium Pass Pligg login.php return Parameter Arbitrary Site Redirect CVE-2009-4788 07 Dec 2009 4.7 (v3) Medium Pass LyftenBloggie Component for Joomla! 'author' Parameter SQLi CVE-2009-4104 07 Dec 2009 7.3 (v3) High Pass GCalendar Component for Joomla! 'gcid' Parameter SQLi CVE-2009-4099 09 Dec 2009 7.3 (v3) High Pass Zen Cart extras/curltest.php Information Disclosure CVE-2009-4321 10 Dec 2009 5 (v2) Medium Pass e107 submitnews.php XSS CVE-2009-4083 10 Dec 2009 4.3 (v2) Medium Pass TestLink login.php req Parameter XSS CVE-2009-4237 10 Dec 2009 4.3 (v2) Medium Noise HTTP Methods Allowed (per directory) 10 Dec 2009 None Pass phpShop Default Credentials 14 Dec 2009 7.5 (v2) High Pass phpShop shop/ﬂypage SQL Injection CVE-2008-0681 CVE-2009-4571 14 Dec 2009 6.8 (v2) Medium Pass CGI Generic SQL Injection (blind, time based) 14 Dec 2009 7.5 (v2) High Pass Invision Power Board < 3.0.5 Multiple Vulnerabilities 15 Dec 2009 6.8 (v2) Medium Pass IBM DB2 9.5 < Fix Pack 5 Multiple Unspeciﬁed Vulnerabilities CVE-2009-4325 CVE-2009-4326 CVE-2009-4327 CVE-2009-4328 CVE-2009-4329 CVE-2009-4330 CVE-2009-4331 CVE-2009-4332 CVE-2009-4333 CVE-2009-4334 CVE-2009-4335 CVE-2009-4438 CVE-2009-443916 Dec 2009 6.5 (v3) Medium Pass PHP < 5.2.12 Multiple Vulnerabilities CVE-2009-3557 CVE-2009-3558 CVE-2009-4017 CVE-2009-4142 CVE-2009-4143 18 Dec 2009 6.8 (v2) Medium Pass Oracle WebLogic Default Credentials 18 Dec 2009 9.8 (v3) Critical Pass Serv-U < 9.2.0.1 CVE-2009-4815 21 Dec 2009 4 (v2) Medium Pass Adobe Flash Media Server < 3.0.5 / 3.5.3 Multiple Vulnerabilities (APSB09-18) CVE-2009-3791 CVE-2009-3792 22 Dec 2009 10 (v2) Critical Pass ClarkConnect proxy.php url Parameter XSS 23 Dec 2009 4.3 (v2) Medium Pass phpLDAPadmin cmd.php cmd Parameter Local File Inclusion CVE-2009-4427 23 Dec 2009 6.8 (v2) Medium Pass daloRADIUS login.php error Parameter XSS CVE-2009-4347 23 Dec 2009 4.3 (v2) Medium Pass SQL-Ledger 'admin.pl' Empty Credentials CVE-2009-4402 23 Dec 2009 7.5 (v2) High Pass Apache Tomcat Directory Traversal CVE-2007-0450 04 Jan 2010 5 (v2) Medium Pass Joomla! / Mambo Component Multiple Parameter Local File Include Vulnerabilities CVE-2010-0157 CVE-2010-0467 CVE-2010-0676 CVE-2010-0944 CVE-2010-0972 CVE-2010-1056 CVE-2010-1081 CVE-2010-1304 CVE-2010-1305 CVE-2010-1306 CVE-2010-1308 CVE-2010-1312 CVE-2010-1314 CVE-2010-1340 CVE-2010-1345 CVE-2010-1352 CVE-2010-1354 CVE-2010-1469 CVE-2010-1470 CVE-2010-1471 CVE-2010-1472 CVE-2010-1473 CVE-2010-1474 CVE-2010-1475 CVE-2010-1478 CVE-2010-1491 CVE-2010-1494 CVE-2010-1534 CVE-2010-1602 CVE-2010-1607 CVE-2010-1653 CVE-2010-1658 CVE-2010-1714 CVE-2010-1715 CVE-2010-1717 CVE-2010-1718 CVE-2010-1719 CVE-2010-1722 CVE-2010-1723 CVE-2010-1858 CVE-2010-1875 CVE-2010-1878 CVE-2010-1952 CVE-2010-1953 CVE-2010-1954 CVE-2010-1956 CVE-2010-1979 CVE-2010-1980 CVE-2010-1981 CVE-2010-2033 CVE-2010-2034 CVE-2010-2035 CVE-2010-2036 CVE-2010-2037 CVE-2010-2050 CVE-2010-2122 CVE-2010-2507 CVE-2010-3426 CVE-2010-4977 CVE-2011-480404 Jan 2010 9.8 (v3) Critical Pass JS Jobs Component for Joomla! 'md' Parameter SQLi CVE-2009-4599 11 Jan 2010 7.3 (v3) High Pass CGI Generic Cookie Injection Scripting 25 Jan 2010 4.3 (v2) Medium Pass Mort Bay Jetty Multiple XSS CVE-2009-4612 26 Jan 2010 4.3 (v2) Medium Pass phpMyAdmin setup.php unserialize() Arbitrary PHP Code Execution (PMASA-2010-3) CVE-2009-4605 27 Jan 2010 7.5 (v2) High Pass SilverStripe Forums Module 'Search' Parameter XSS CVE-2010-1593 28 Jan 2010 4.3 (v2) Medium Pass TinyBrowser Component for Joomla! 'tinybrowser_lang' Cookie Local File Include 29 Jan 2010 9.8 (v3) Critical Pass MoinMoin 'sys.argv' Information Disclosure 02 Feb 2010 4.3 (v2) Medium Pass OCS Inventory NG Server Administration Console Detection 04 Feb 2010 None Pass Bugzilla Directory Access Information Disclosure CVE-2009-3989 10 Feb 2010 5 (v2) Medium Pass Scriptegrator Plugin for Joomla! 'ﬁles[]' Parameter Remote File Include CVE-2010-0759 20 Feb 2010 9.8 (v3) Critical Pass Joomla! JoomlaWorks AllVideos Plugin 'ﬁle' Parameter Directory Traversal CVE-2010-0696 23 Feb 2010 5.3 (v3) Medium Pass Asterisk Recording Interface (ARI) Default Administrator Credentials 23 Feb 2010 7.5 (v2) High Pass FreePBX / PBXconﬁg Default Credentials 23 Feb 2010 7.5 (v2) High Pass trixbox maint Web Interface Default Credentials 23 Feb 2010 7.5 (v2) High Pass trixbox Cisco Phone Services PhoneDirectory.php ID Parameter SQL Injection CVE-2010-0702 23 Feb 2010 7.5 (v2) High Pass PHP < 5.3.2 / 5.2.13 Multiple Vulnerabilities CVE-2010-1128 CVE-2010-1129 CVE-2010-1130 26 Feb 2010 6.4 (v2) Medium Pass PostNuke pnTresMailer codebrowserpntm.php Traversal Arbitrary File Access CVE-2004-1205 CVE-2004-1206 30 Nov 2004 5 (v2) Medium Pass SilverStripe debug_proﬁle Parameter Information Disclosure CVE-2010-5188 01 Mar 2010 5 (v2) Medium Pass eGroupWare spellchecker.php Arbitrary Shell Command Execution CVE-2010-3313 10 Mar 2010 7.5 (v2) High Pass Skype skype: URI Handling /Datapath Argument Injection Settings Manipulation (uncredentialed check) 15 Mar 2010 4.3 (v2) Medium 56

Pass Trouble Ticket Express ﬁd Parameter Arbitrary Remote Code Execution 17 Mar 2010 8.8 (v3) High Pass eFront 'langname' Parameter Traversal Local File Inclusion CVE-2010-1003 22 Mar 2010 6.8 (v2) Medium Pass DNN (DotNetNuke) < 5.3.0 SearchResults.aspx XSS 22 Mar 2010 4.3 (v2) Medium Pass Serv-U < 9.4.0.0 24 Mar 2010 6.5 (v2) Medium Pass SiteX photo.php albumid Parameter SQL Injection CVE-2010-1343 26 Mar 2010 7.5 (v2) High Pass ViewVC viewvc.cgi search Parameter XSS CVE-2010-0132 02 Apr 2010 2.6 (v2) Low Pass Logitech Touch Mouse Server Detection 07 Apr 2010 None Pass MediaWiki Login Cross-Site Request Forgery 07 Apr 2010 3.5 (v2) Low Pass Joomla! / Mambo Component 'view' Parameter Local File Include CVE-2010-1313 CVE-2010-1476 CVE-2010-1531 CVE-2010-1533 CVE-2010-1535 CVE-2010-1983 CVE-2010-2128 12 Apr 2010 9.8 (v3) Critical Pass Properties Component for Joomla! 'aid' Parameter SQLi CVE-2010-1874 13 Apr 2010 7.3 (v3) High Pass MS10-024: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) (uncrCVE-2010-0024 CVE-2010-0025edentialed check) 13 Apr 2010 5 (v2) Medium Pass Apache ActiveMQ Web Console Test Pages Information Disclosure 16 Apr 2010 5 (v2) Medium Pass Iomega smbwebclient.php Unauthenticated Filesystem Access 19 Apr 2010 10 (v3) Critical Pass YaBB Shadow BBCode Tag XSS 30 Nov 2004 4.3 (v2) Medium Pass Atlassian JIRA 500page.jsp Referer XSS CVE-2010-1164 20 Apr 2010 4.3 (v2) Medium Pass ActiveMQ Double Slash Request Source Code Disclosure CVE-2010-1587 24 Apr 2010 5 (v2) Medium Pass Alt-N MDaemon < 11.0.1 Multiple Remote DoS 26 Apr 2010 7.8 (v2) High Pass Hydra: Cisco 01 Dec 2004 7.5 (v2) High Pass HP System Management Homepage < 6.0.0.96 / 6.0.0-95 Multiple Vulnerabilities CVE-2008-1468 CVE-2008-4226 CVE-2008-5557 CVE-2008-5814 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-4185 CVE-2010-103427 Apr 2010 10 (v2) Critical Pass IBM DB2 9.1 < Fix Pack 9 Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3555 CVE-2010-0462 CVE-2010-3193 CVE-2010-3194 CVE-2010-3195 28 Apr 2010 6.3 (v3) Medium Pass MODx SearchHighlight plugin XSS CVE-2010-1427 29 Apr 2010 4.3 (v2) Medium Pass CGI Generic Path Traversal (write test) 30 Apr 2010 6.4 (v2) Medium Pass CGI Generic Path Traversal (extended test) 30 Apr 2010 5 (v2) Medium Pass Hydra: Cisco enable 01 Dec 2004 7.5 (v2) High Pass Campsite TinyMCE plugin 'attachments.php' 'article_id' Parameter SQL Injection CVE-2010-1867 05 May 2010 7.5 (v2) High Pass Default Password (alien) for 'root' Account CVE-1999-0502 06 May 2010 9.8 (v3) Critical Pass HP Mercury LoadRunner Agent Remote Command Execution CVE-2010-1549 07 May 2010 10 (v3) Critical Pass Visitor Data Module for Joomla! X-Forwarded-For Header RCE 13 May 2010 9.8 (v3) Critical Pass RokModule Component for Joomla! 'moduleid' Parameter SQi CVE-2010-1479 15 May 2010 7.3 (v3) High Pass c99shell Backdoor Detection 14 May 2010 7.5 (v2) High Pass r57shell Backdoor Detection 14 May 2010 7.5 (v2) High Pass e107 BBCode Arbitrary PHP Code Execution CVE-2010-2099 21 May 2010 7.5 (v2) High Pass Hydra: FTP 01 Dec 2004 7.5 (v2) High Pass Hydra: HTTP 01 Dec 2004 7.5 (v2) High Pass Open-AudIT include_lang.php language Parameter Traversal Local File Inclusion 24 May 2010 7.5 (v2) High Pass TikiWiki tiki-lastchanges.php Empty sort_mode Parameter Information Disclosure CVE-2006-5702 27 May 2010 5 (v2) Medium Pass Apache Axis2 'xsd' Parameter Directory Traversal 27 May 2010 5 (v2) Medium Pass PHP expose_php Information Disclosure 03 Jun 2010 5 (v2) Medium Pass MoinMoin PageEditor.py template Parameter XSS CVE-2010-2487 07 Jun 2010 4.3 (v2) Medium Pass Symphony 2.0.6 mode Parameter Local File Inclusion CVE-2010-2143 07 Jun 2010 7.5 (v2) High Pass UnrealIRCd Backdoor Detection CVE-2010-2075 14 Jun 2010 10 (v2) Critical Pass Apache Tomcat JK Connector Content-Length Header Cross-User Information Disclosure CVE-2008-5519 14 Jun 2010 2.6 (v2) Low Pass Moodle < 1.9.6 / 1.8.10 Multiple Vulnerabilities 24 Jun 2010 6.8 (v2) Medium Pass eyeMax DVR Server Detection 25 Jun 2010 None Pass Kerio Connect < 7.0.0 Products Administration Console File Disclosure and Corruption Vulnerabilities 25 Jun 2010 8 (v2) High Pass Bugzilla 'time-tracking' ﬁelds Information Disclosure CVE-2010-0180 CVE-2010-1204 CVE-2010-2470 30 Jun 2010 5 (v2) Medium Pass IIS 5.x Alternate Data Stream Authentication Bypass CVE-2010-2731 05 Jul 2010 7.5 (v2) High Pass ArtForms Component for Joomla! 'viewform' Parameter SQLi CVE-2010-2847 12 Jul 2010 7.3 (v3) High Pass Ipswitch IMail Server < 11.02 Multiple Vulnerabilities 16 Jul 2010 10 (v2) Critical Pass Hydra: HTTP proxy 01 Dec 2004 7.5 (v2) High Pass Hydra: ICQ 01 Dec 2004 7.5 (v2) High Pass Hydra: IMAP 01 Dec 2004 7.5 (v2) High Pass Bitweaver wiki/rankings.php style Parameter Traversal Local File Inclusion 15 Jul 2010 7.5 (v2) High Pass Pligg search.php search Parameter XSS 20 Jul 2010 4.3 (v2) Medium Pass Hydra: MS SQL 01 Dec 2004 7.5 (v2) High Pass Hydra: SMTP AUTH 01 Dec 2004 7.5 (v2) High Pass Hydra: SNMP 01 Dec 2004 7.5 (v2) High Pass Hydra: telnet 01 Dec 2004 10 (v2) Critical Pass Timbuktu Detection (TCP) 01 Dec 2004 None Pass CGI Generic XSS (comprehensive test) 26 Jul 2010 4.3 (v2) Medium Pass Nessus Web Server XSS CVE-2010-2914 26 Jul 2010 4.7 (v3) Medium Pass MediaWiki proﬁleinfo.php 'ﬁlter' Parameter XSS CVE-2010-2788 29 Jul 2010 2.6 (v2) Low Pass Huru Helpdesk Component for Joomla! 'cid[0]' Parameter SQLi CVE-2010-2907 30 Jul 2010 7.3 (v3) High Pass TYPO3 Back-end 'index.php' 'redirect_url' Redirect 03 Aug 2010 4.3 (v2) Medium Pass PHP 5.2 < 5.2.14 Multiple Vulnerabilities CVE-2007-1581 CVE-2010-0397 CVE-2010-1860 CVE-2010-1862 CVE-2010-1864 CVE-2010-2097 CVE-2010-2100 CVE-2010-2101 CVE-2010-2190 CVE-2010-2191 CVE-2010-2225 CVE-2010-2484 CVE-2010-2531 CVE-2010-306504 Aug 2010 7.5 (v2) High Pass CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS CVE-2004-0558 03 Dec 2004 5 (v2) Medium Pass PHP 5.3 < 5.3.3 Multiple Vulnerabilities CVE-2007-1581 CVE-2010-0397 CVE-2010-1860 CVE-2010-1862 CVE-2010-1864 CVE-2010-1917 CVE-2010-2097 CVE-2010-2100 CVE-2010-2101 CVE-2010-2190 CVE-2010-2191 CVE-2010-2225 CVE-2010-2484 CVE-2010-2531 CVE-2010-3062 CVE-2010-3063 CVE-2010-3064 CVE-2010-306504 Aug 2010 9.3 (v2) High Pass Atlassian JIRA ConﬁgureReport.jspa 'reportKey' Information Disclosure 06 Aug 2010 5 (v2) Medium Pass Default Password (0p3nm35h) for 'root' Account CVE-1999-0502 09 Aug 2010 9.8 (v3) Critical Pass Adobe Flash Media Server < 3.0.6 / 3.5.4 Multiple Vulnerabilities (APSB10-19) CVE-2010-2217 CVE-2010-2218 CVE-2010-2219 CVE-2010-2220 11 Aug 2010 10 (v2) Critical Pass Bugzilla 'reporter' ﬁeld Information Disclosure CVE-2010-2756 12 Aug 2010 5.3 (v3) Medium Pass FuseTalk categories.aspx FTVAR_SORTORDER Parameter XSS 17 Aug 2010 4.3 (v2) Medium Pass FuseTalk usersearchresults.cfm keyword Parameter XSS 17 Aug 2010 4.3 (v2) Medium Pass QNX pdebug Service Detection 17 Aug 2010 10 (v2) Critical Pass Serv-U < 10.2.0.0 25 Aug 2010 5 (v2) Medium Pass phpMyAdmin setup.php Arbitrary PHP Code Execution (PMASA-2010-4) CVE-2010-3055 27 Aug 2010 7.5 (v2) High Pass CGI Generic 2nd Order SQL Injection Detection (potential) 30 Aug 2010 7.5 (v2) High Pass Splunk Default Administrator Credentials (splunkd) 01 Sep 2010 7.5 (v2) High Pass SnortReport nmap.php target Parameter Arbitrary Command Execution 02 Sep 2010 8.8 (v3) High Pass Horde util/icon_browser.php subdir Parameter XSS CVE-2010-3077 07 Sep 2010 4.3 (v2) Medium Pass phpMyAdmin setup.php Verbose Server Name XSS (PMASA-2010-7) CVE-2010-3263 08 Sep 2010 4.3 (v2) Medium Pass HP System Management Homepage < 6.2 Multiple Vulnerabilities CVE-2009-3555 CVE-2009-4017 CVE-2009-4018 CVE-2009-4143 CVE-2010-1586 CVE-2010-2068 CVE-2010-3009 CVE-2010-3011 CVE-2010-3012 CVE-2010-3283 CVE-2010-328417 Sep 2010 9 (v2) High Pass Linksys Router Debug Credentials (Gemtek / gemtekswd) CVE-2010-1573 22 Sep 2010 10 (v2) Critical Pass Atmail WebMail < 6.2.0 (6.20) 'MailType' Parameter XSS CVE-2010-4930 30 Sep 2010 4.3 (v2) Medium Pass Mura CMS FILEID Parameter Directory Traversal CVE-2010-3468 30 Sep 2010 5 (v2) Medium Pass TikiWiki 'tiki-edit_wiki_section.php' type Parameter XSS 04 Oct 2010 4.3 (v2) Medium Pass Zen Cart index.php typeﬁlter Parameter Traversal Local File Inclusion 04 Oct 2010 5 (v2) Medium Pass SurgeMail surgeweb XSS CVE-2010-3201 04 Oct 2010 4.3 (v2) Medium Pass mathTeX mathtex.cgi getdirective Function dpi Tag Arbitrary Code Execution CVE-2009-1383 06 Oct 2010 7.5 (v2) High Pass MantisBT nusoap/nusoap.php NuSOAP WSDL XSS CVE-2010-3070 07 Oct 2010 4.3 (v2) Medium Pass MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) (uncredentialed check) CVE-2010-3332 08 Oct 2010 5 (v2) Medium Pass FreePBX admin/cdr/call-comp.php 'dst' Parameter SQLi 18 Oct 2010 7.5 (v2) High Pass BitDefender Update Server HTTP Request Traversal Arbitrary File Access CVE-2008-0396 21 Jan 2008 7.8 (v2) High Pass Crystal Reports Central Management Server Detection 23 Jan 2008 None Pass boastMachine mail.php id Parameter SQL Injection CVE-2008-0422 23 Jan 2008 7.5 (v2) High Pass Kayako SupportSuite syncml/index.php Direct Request Remote Information Disclosure CVE-2008-0395 23 Jan 2008 5 (v2) Medium Pass YaBB SE Cookie Authentication Bypass 23 Jan 2008 7.5 (v2) High Pass MoinMoin MOIN_ID Cookie userform Action Traversal Arbitrary File Overwrite CVE-2008-0782 24 Jan 2008 7.5 (v2) High Pass nagios-statd Daemon Detection 26 Jan 2008 None Pass AXIMilter Detection 28 Jan 2008 None Pass CandyPress Store admin/utilities_ConﬁgHelp.asp helpﬁeld Parameter SQL Injection CVE-2008-0737 28 Jan 2008 7.5 (v2) High Pass vTiger CRM Directory File Disclosure CVE-2008-3458 28 Jan 2008 5 (v2) Medium Pass SQLiteManager conﬁrm.php spaw_root Parameter Remote File Inclusion CVE-2008-0516 30 Jan 2008 6.8 (v2) Medium Pass VNCviewer in Listen Mode Detection 04 Feb 2008 None Pass AkoGallery Component for Mambo / Joomla! 'id' Parameter SQLi CVE-2008-0561 04 Feb 2008 7.3 (v3) High Pass IBM DB2 < 8.1 Fix Pack 16 Multiple Vulnerabilities CVE-2007-3676 CVE-2007-5757 CVE-2008-0698 05 Feb 2008 9.8 (v3) Critical Pass WinComLPD LPD Monitoring Server Detection 06 Feb 2008 None Pass Skype Web Content Zone Multiple Field Remote Code Execution (uncredentialed check) CVE-2008-0454 CVE-2008-0582 CVE-2008-0583 07 Feb 2008 7.6 (v2) High Pass ExtremeZ-IP File and Print Server Zidget/HTTP Server Traversal Arbitrary File Access CVE-2008-0758 12 Feb 2008 5 (v2) Medium Pass osCommerce Customer Testimonials customer_testimonials.php testimonial_id Parameter SQL Injection CVE-2008-0719 13 Feb 2008 7.5 (v2) High Pass Joomla! 'mosConﬁg_absolute_path' Parameter Remote File Include CVE-2008-5671 15 Feb 2008 9.8 (v3) Critical Pass Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities CVE-2007-6148 CVE-2007-6149 CVE-2007-6431 15 Feb 2008 10 (v2) Critical 57

Pass Dokeos main/inc/lib/events.lib.inc.php Referer HTTP Header SQL Injection CVE-2008-0850 19 Feb 2008 7.5 (v2) High Pass ProjectPier index.php Multiple Parameter XSS CVE-2008-5584 19 Feb 2008 4.3 (v2) Medium Pass Kerio MailServer < 6.5.0 Multiple Vulnerabilities CVE-2008-0858 CVE-2008-0859 CVE-2008-0860 20 Feb 2008 10 (v2) Critical Pass BEA Plumtree portal/server.pt name Parameter XSS 20 Feb 2008 4.3 (v2) Medium Pass SAPlpd < 6.29 Multiple Vulnerabilities CVE-2008-0620 CVE-2008-0621 20 Feb 2008 10 (v2) Critical Pass SMPP Server Detection 21 Feb 2008 None Pass OSSIM Framework session/login.php dest Parameter XSS CVE-2008-0919 22 Feb 2008 4.3 (v2) Medium Pass Hosting Controller hosting/addreseller.asp reseller Parameter Authentication Bypass CVE-2007-6494 27 Feb 2008 7.5 (v2) High Pass Nukedit utilities/login.asp email Parameter SQL Injection CVE-2008-5582 27 Feb 2008 7.5 (v2) High Pass Centreon include/doc/get_image.php 'img' Parameter Traversal Arbitrary File Access CVE-2008-1119 28 Feb 2008 5 (v2) Medium Pass netOﬃce Dwins demoSession Parameter Authentication Bypass CVE-2008-2044 04 Mar 2008 8.8 (v3) High Pass MediaWiki JSON Callback Crafted API Request Information Disclosure CVE-2008-1318 04 Mar 2008 4.3 (v2) Medium Pass StarTeam Server Detection 05 Mar 2008 None Pass Versant Connection Services Daemon Detection 10 Mar 2008 None Pass IBM WebSphere MQ Listener Detection 10 Mar 2008 None Pass RAPI Manager Detection 11 Mar 2008 None Pass Reverse NAT/Intercepting Proxy Detection 12 Mar 2008 None Pass KiSS PC-Link Server Detection (TCP) 14 Mar 2008 None Pass Dovecot passdbs Argument Injection Authentication Bypass CVE-2008-1218 14 Mar 2008 5.8 (v2) Medium Pass XOOPS Dictionary Module print.php id Parameter SQL Injection 19 Mar 2008 7.5 (v2) High Pass PHPAuction Multiple Script include_path Parameter File Inclusion CVE-2008-1416 19 Mar 2008 7.5 (v2) High Pass MDaemon IMAP Server FETCH Command Remote Buﬀer Overﬂow CVE-2008-1358 21 Mar 2008 9 (v2) High Pass DNN (DotNetNuke) Upgrade Process ValidationKey Generation Weakness Privilege Escalation CVE-2008-6540 25 Mar 2008 7.5 (v2) High Pass Acronis Agent Detection (TCP) 25 Mar 2008 None Pass Custom Pages for Joomla! 'cpage' Parameter Local File Include CVE-2008-1505 25 Mar 2008 7.3 (v3) High Pass my_gallery Plugin for e107 dload.php ﬁle Parameter Arbitrary File PHP Source Disclosure CVE-2008-1702 26 Mar 2008 5 (v2) Medium Pass XSTUNT Server Detection 26 Mar 2008 None Pass eggBlog _lib/user.php eb_login Function Cookie Handling SQL Injection CVE-2008-1626 01 Apr 2008 6.8 (v2) Medium Pass Site Sift Listings detail.php id Parameter SQL Injection CVE-2008-1869 08 Apr 2008 7.5 (v2) High Pass Coppermine Photo Gallery bridge/coppermine.inc.php Bridge Wizard Session Cookie SQL Injection CVE-2008-1841 14 Apr 2008 7.5 (v2) High Pass ActualAnalyzer Lite style Parameter Traversal Local File Inclusion CVE-2008-2076 02 May 2008 6.8 (v2) Medium Pass PHP < 5.2.6 Multiple Vulnerabilities CVE-2007-4850 CVE-2007-6039 CVE-2008-0599 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051 02 May 2008 7.5 (v2) High Pass Webhosting Component for Joomla! 'catid' Parameter SQLi CVE-2008-6653 02 May 2008 7.3 (v3) High Pass SAP MaxDB Multiple Vulnerabilities CVE-2008-0244 CVE-2008-0306 CVE-2008-0307 09 May 2008 10 (v2) Critical Pass Firebird Default Credentials 14 May 2008 7.5 (v2) High Pass Firebird on Gentoo Linux /etc/conf.d/ﬁrebird Invocation ISC_PASSWORD Authentication Bypass CVE-2008-1880 14 May 2008 7.5 (v2) High Pass DatsoGallery Component for Joomla! sub_votepic.php User-Agent HTTP Header SQLi CVE-2008-5208 14 May 2008 7.3 (v3) High Pass Web Site Cross-Domain Policy File Detection 15 May 2008 None Pass Mantis manage_user_create.php CSRF New User Creation CVE-2008-2276 15 May 2008 4.3 (v2) Medium Pass Site Documentation Module for Drupal Database Tables Access Content Permission Information DisclosureCVE-2008-2271 16 May 2008 7.5 (v2) High Pass IBM Lotus Domino < 8.0.1 / 7.0.3 FP1 Multiple Vulnerabilities CVE-2008-2240 CVE-2008-2410 23 May 2008 10 (v2) Critical Pass Xerox DocuShare dsweb Servlet Multiple XSS CVE-2008-5225 02 Jun 2008 4.3 (v2) Medium Pass AEC Subscription Manager Component for Mambo / Joomla! 'usage' Parameter SQLi 04 Jun 2008 7.3 (v3) High Pass PHP 7.3.x < 7.3.4 Multiple vulnerabilities. CVE-2019-11034 CVE-2019-11035 04 Apr 2019 9.1 (v3) Critical Pass PHP 7.2.x < 7.2.17 Multiple vulnerabilities. CVE-2019-11034 CVE-2019-11035 04 Apr 2019 9.1 (v3) Critical Pass PHP 7.1.x < 7.1.28 Multiple vulnerabilities. CVE-2019-11034 CVE-2019-11035 04 Apr 2019 9.1 (v3) Critical Pass LifeType for Drupal (pLog) index.php albumId Parameter SQL Injection CVE-2008-2629 06 Jun 2008 7.5 (v2) High Pass Skype ﬁle: URI Handling Security Bypass Arbitrary Code Execution (uncredentialed check) CVE-2008-1805 CVE-2008-2545 06 Jun 2008 9.3 (v2) High Pass IBM DB2 < 9 Fix Pack 5 Multiple Vulnerabilities CVE-2008-2154 CVE-2008-3852 CVE-2008-3854 CVE-2008-3855 CVE-2008-3856 CVE-2008-3857 CVE-2008-6821 10 Jun 2008 9.8 (v3) Critical Pass LISa Detection 17 Jun 2008 None Pass Ektron CMS400.NET WorkArea/ContentRatingGraph.aspx res Parameter SQL Injection CVE-2008-5122 26 Jun 2008 7.5 (v2) High Pass Trac quickjump Search Script q Parameter Arbitrary Site Redirect CVE-2008-2951 30 Jun 2008 5.4 (v3) Medium Pass nBill component for Joomla! 'cid' Parameter SQLi CVE-2008-3498 30 Jun 2008 7.3 (v3) High Pass TrailScout Module For Drupal Session Cookie SQL Injection CVE-2008-2850 30 Jun 2008 7.5 (v2) High Pass Call Of Duty Server Detection 30 Jun 2008 None Pass EMC AlphaStor Library Manager Detection 01 Jul 2008 None Pass EMC AlphaStor Device Manager Detection 01 Jul 2008 None Pass Sun Java System ASP Server Detection 08 Jul 2008 None Pass Sun Java System ASP < 4.0.3 Multiple Vulnerabilities CVE-2008-2401 CVE-2008-2402 CVE-2008-2403 CVE-2008-2404 CVE-2008-2405 08 Jul 2008 10 (v2) Critical Pass trixbox Dashboard user/index.php langChoice Parameter Local File Inclusion CVE-2008-6825 09 Jul 2008 7.5 (v2) High Pass Dolphin Multiple Scripts Remote File Inclusion CVE-2008-3166 CVE-2008-3167 09 Jul 2008 6.8 (v2) Medium Pass Xerox CentreWare Web < 4.6.46 Multiple Vulnerabilities (XRX08-008) CVE-2008-3121 CVE-2008-3122 11 Jul 2008 6.5 (v2) Medium Pass Maian Scripts Cookie Manipulation Authentication Bypass CVE-2008-3317 CVE-2008-3318 CVE-2008-3319 CVE-2008-3320 CVE-2008-3321 CVE-2008-3322 CVE-2008-7086 15 Jul 2008 7.5 (v2) High Pass CGI::Session File Driver CGISESSID Cookie Traversal Authentication Bypass 18 Jul 2008 5.1 (v2) Medium Pass fuzzylime (cms) comssrss.php ﬁles[] Parameter Traversal Local File Inclusion CVE-2008-6833 18 Jul 2008 7.5 (v2) High Pass HP System Management Homepage < 2.1.12 Unspeciﬁed XSS CVE-2008-1663 21 Jul 2008 4.3 (v2) Medium Pass Gregarius ajax.php rsargs[] Parameter Array SQL Injection CVE-2008-3374 29 Jul 2008 7.5 (v2) High Pass IBM DB2 < 9.5 Fix Pack 1 Multiple Vulnerabilities CVE-2008-1966 CVE-2008-1997 CVE-2008-1998 CVE-2008-3852 CVE-2008-3854 30 Jul 2008 9.8 (v3) Critical Pass Symphony sym_auth Cookie SQL Injection CVE-2008-3591 04 Aug 2008 7.5 (v2) High Pass PHP 7.3.x < 7.3.5 Heap-based Buﬀer Overﬂow Vulnerability. CVE-2019-11036 10 May 2019 9.1 (v3) Critical Pass Plogger plog-download.php checked[] Parameter SQL Injection CVE-2008-3563 06 Aug 2008 6.8 (v2) Medium Pass Pligg settemplate.php template Parameter Local File Inclusion CVE-2008-7090 08 Aug 2008 5.1 (v2) Medium Pass PHP < 4.4.9 Multiple Vulnerabilities CVE-2007-4850 CVE-2008-3658 CVE-2008-3659 CVE-2008-3660 CVE-2009-0754 08 Aug 2008 7.5 (v2) High Pass e107 download.php extract() Function Variable Overwrite 10 Aug 2008 8.8 (v3) High Pass RTH login.php uname Parameter SQL Injection 11 Aug 2008 6.8 (v2) Medium Pass Joomla! reset.php Reset Token Validation Forgery CVE-2008-3681 13 Aug 2008 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.18 Heap-based Buﬀer Overﬂow Vulnerability. CVE-2019-11036 10 May 2019 9.1 (v3) Critical Pass dotCMS Multiple Script id Parameter Traversal Local File Inclusion CVE-2008-3708 18 Aug 2008 5 (v2) Medium Pass Serv-U 7.x < 7.2.0.1 SFTP Directory Creation Logging DoS CVE-2008-3731 20 Aug 2008 5 (v2) Medium Pass Kayako SupportSuite < 3.30.01 Multiple Vulnerabilities CVE-2008-3700 CVE-2008-3701 22 Aug 2008 4.3 (v2) Medium Pass TWiki bin/conﬁgure 'image' Parameter Traversal Arbitrary File Access/Execution CVE-2008-3195 23 Aug 2008 8.8 (v3) High Pass IBM DB2 9.5 < Fix Pack 2 Multiple Vulnerabilities CVE-2008-2154 CVE-2008-3852 CVE-2008-4692 CVE-2008-4693 CVE-2008-6821 28 Aug 2008 7.3 (v3) High Pass Unpassworded 'r00t' account CVE-1999-0502 04 Sep 2008 9.8 (v3) Critical Pass Moodle 'lib/kses.php' 'kses_bad_protocol_once' Function Arbitrary PHP Code Execution 05 Sep 2008 7.5 (v2) High Pass Zen Cart products_id[] Array SQL Injection CVE-2008-6986 08 Sep 2008 6.8 (v2) Medium Pass pluck < 4.5.3 Multiple Local File Include Vulnerabilities CVE-2008-3851 11 Sep 2008 6.8 (v2) Medium Pass IBM DB2 8 < Fix Pack 17 Multiple Vulnerabilities CVE-2008-2154 CVE-2008-3856 CVE-2008-3958 CVE-2008-3960 CVE-2008-6820 CVE-2008-6821 12 Sep 2008 9.8 (v3) Critical Pass Calendarix Basic cal_cat.php catview Parameter SQL Injection CVE-2008-2429 14 Sep 2008 7.5 (v2) High Pass Simple Machines Forum Validation Code Prediction Arbitrary Password Reset CVE-2008-6971 15 Sep 2008 7.5 (v2) High Pass BNC Detection 17 Sep 2008 None Pass ezbounce Detection 17 Sep 2008 None Pass Observer <= 0.3.2.1 Multiple Remote Command Execution Vulnerabilities 25 Sep 2008 7.5 (v2) High Pass Pluck update.php Remote Privilege Escalation 28 Sep 2008 6.4 (v2) Medium Pass Default Password (rootme) for 'root' Account CVE-1999-0502 01 Oct 2008 9.8 (v3) Critical Pass Dns2TCP Service Detection 02 Oct 2008 None Pass OpenNMS Web Console Detection 07 Oct 2008 None Pass TOM-Skype Detection 07 Oct 2008 None Pass Trend Micro OﬃceScan Client Traversal Arbitrary File Access CVE-2008-2439 08 Oct 2008 5 (v2) Medium Pass Zebedee Server Detection 08 Oct 2008 None Pass echoServer Detection 09 Oct 2008 None Pass Openads Delivery Engine OA_Delivery_Cache_store() Function name Argument Arbitrary PHP Code ExecutionCVE-2008-0635 09 Oct 2008 7.5 (v2) High Pass OpenX ac.php bannerid Parameter SQL Injection CVE-2008-6163 09 Oct 2008 7.5 (v2) High Pass ASG-Sentry CGI Detection 14 Oct 2008 None Pass Serv-U 7.x < 7.3.0.1 Multiple Remote Vulnerabilities (DoS, Traversal) CVE-2008-4500 CVE-2008-4501 14 Oct 2008 9 (v2) High Pass GForge top/topusers.php oﬀset Parameter SQL Injection CVE-2008-6189 14 Oct 2008 7.5 (v2) High Pass Default Password (gforge) for 'root' Account CVE-1999-0502 15 Oct 2008 9.8 (v3) Critical Pass Default Password (testpass123) for 'root' Account CVE-1999-0502 15 Oct 2008 9.8 (v3) Critical Pass PhpWebGallery comments.php sort_by Parameter SQL Injection CVE-2008-4645 15 Oct 2008 7.5 (v2) High Pass Ignite Gallery Component for Joomla! 'gallery' Parameter SQLi CVE-2008-6182 15 Oct 2008 7.3 (v3) High Pass Apache mod_proxy_ftp Directory Component Wildcard Character Globbing XSS CVE-2008-2939 16 Oct 2008 5.3 (v3) Medium Pass yappa-ng index.php album Parameter Local File Inclusion CVE-2008-4626 21 Oct 2008 6.8 (v2) Medium Pass HTTP CONNECT Proxy Detection 22 Oct 2008 None 58

Pass IBM DB2 9.1 < Fix Pack 6 Multiple Vulnerabilities CVE-2008-4691 CVE-2008-4692 CVE-2008-4693 22 Oct 2008 7.3 (v3) High Pass Condor Service Detection 04 Nov 2008 None Pass HP System Management Homepage < 2.1.15.210 Unspeciﬁed XSS CVE-2008-4411 04 Nov 2008 4.3 (v2) Medium Pass PHPWebAdmin for hMailServer Multiple File Inclusions 09 Nov 2008 6.8 (v2) Medium Pass Yosemite Backup Service Driver Detection 12 Nov 2008 None Pass Apache Struts 2 devMode Information Disclosure 24 Nov 2008 4.3 (v2) Medium Pass CMS Made Simple admin/login.php cms_language Cookie Local File Inclusion CVE-2008-5642 01 Dec 2008 6.8 (v2) Medium Pass OraMon conﬁg/oramon.ini Information Disclosure 03 Dec 2008 5 (v2) Medium Pass Dell Remote Access Controller Default Password (calvin) for 'root' Account 03 Dec 2008 9.8 (v3) Critical Pass Oempro index.php FormValue_Email Parameter SQL Injection Authentication Bypass CVE-2008-3058 05 Dec 2008 7.5 (v2) High Pass PHP 5 < 5.2.7 Multiple Vulnerabilities CVE-2008-2371 CVE-2008-2665 CVE-2008-2666 CVE-2008-2829 CVE-2008-3658 CVE-2008-3659 CVE-2008-3660 CVE-2008-5557 CVE-2008-5624 CVE-2008-5625 CVE-2008-5658 CVE-2008-7068 CVE-2014-862605 Dec 2008 7.5 (v2) High Pass PHP < 5.2.8 Multiple Vulnerabilities CVE-2008-5814 CVE-2008-5844 09 Dec 2008 7.5 (v2) High Pass Moodle 'ﬁlter/tex/texed.php' 'pathname' Parameter Remote Command Execution 14 Dec 2008 5.1 (v2) Medium Pass Live Chat Component for Joomla! 'last' Parameter Multiple SQLi CVE-2008-6881 CVE-2008-6883 15 Dec 2008 7.3 (v3) High Pass Kerio MailServer < 6.6.2 Multiple XSS (KSEC-2008-12-16-01) CVE-2008-5760 CVE-2008-5769 22 Dec 2008 4.3 (v2) Medium Pass phpList cline Parameter Array Remote File Inclusion CVE-2008-5887 22 Dec 2008 7.5 (v2) High Pass OneOrZero Helpdesk tinfo.php Arbitrary File Upload 23 Dec 2008 7.5 (v2) High Pass Pligg evb/check_url.php url Parameter SQL Injection CVE-2008-5739 23 Dec 2008 6.8 (v2) Medium Pass RoundCube Webmail bin/html2text.php Post Request Remote PHP Code Execution CVE-2008-5619 26 Dec 2008 8.8 (v3) High Pass XOOPS xoopsConﬁg[language] Parameter Local File Inclusion (DSECRG-08-040) CVE-2008-6884 29 Dec 2008 6.8 (v2) Medium Pass IceWarp Merak Mail Server < 9.4.0 IMG Tag XSS CVE-2008-5734 30 Dec 2008 4.3 (v2) Medium Pass Apache Roller q Parameter XSS CVE-2008-6879 07 Jan 2009 4.3 (v2) Medium Pass TCL Shell (tclsh) Arbitrary Command Execution CVE-2009-0043 08 Jan 2009 8.8 (v3) High Pass XStandard Lite Plugin for Joomla! X_CMS_LIBRARY_PATH Header Directory Traversal CVE-2009-0113 08 Jan 2009 5.3 (v3) Medium Pass XOOPS Multiple Scripts mydirname Parameter Arbitrary Command Injection 09 Jan 2009 8.8 (v3) High Pass Serv-U 7.x < 7.4.0.0 Multiple Command Remote DoS 09 Jan 2009 4 (v2) Medium Pass HDHomeRun Control Service Detection 13 Jan 2009 None Pass phpList <= 2.10.8 Variable Overwriting 16 Jan 2009 7.5 (v2) High Pass Eventing Component for Joomla! 'catid' Parameter SQLi CVE-2009-0421 21 Jan 2009 7.3 (v3) High Pass Apache Jackrabbit 'q' Parameter XSS CVE-2009-0026 23 Jan 2009 4.3 (v2) Medium Pass PHP 7.1.x < 7.1.29 Heap-based Buﬀer Overﬂow Vulnerability. CVE-2019-11036 10 May 2019 9.1 (v3) Critical Pass gigCalendar Component for Joomla! 'gigcal_gigs_id' Parameter SQLi CVE-2009-0726 29 Jan 2009 5.6 (v3) Medium Pass Horde Horde_Image::factory driver Argument Local File Inclusion CVE-2009-0932 29 Jan 2009 7.5 (v2) High Pass OpenX fc.php MAX_type Parameter Traversal Local File Inclusion CVE-2009-0291 30 Jan 2009 7.5 (v2) High Pass phpSlash ﬁelds Parameter PHP Code Injection CVE-2009-0517 04 Feb 2009 8.8 (v3) High Pass Meeting Room Booking System (MRBS) month.php area Parameter SQL Injection CVE-2008-4620 05 Feb 2009 7.5 (v2) High Pass Jaws language Parameter Multiple Local File Includes CVE-2009-0645 06 Feb 2009 7.5 (v2) High Pass Sun OpenSSO / Java System Access Manager Login Module User Account Enumeration Weakness CVE-2009-0348 09 Feb 2009 5 (v2) Medium Pass TYPO3 'jumpUrl' Mechanism Information Disclosure CVE-2009-0815 12 Feb 2009 5 (v2) Medium Pass Default Password (password) for 'admin' Account CVE-1999-0501 CVE-1999-0502 12 Feb 2009 9.8 (v3) Critical Pass SquirrelMail HTTPS Session Cookie Secure Flag Weakness CVE-2008-3663 12 Feb 2009 5 (v2) Medium Pass Novell GroupWise < 7.03HP2 / 8.0HP1 WebAccess Multiple XSS CVE-2009-0273 21 Feb 2009 4.3 (v2) Medium Pass Moodle Forum 'post.php' Unauthorized Post Deletion CSRF CVE-2009-0499 27 Feb 2009 4.3 (v2) Medium Pass PHP < 5.2.9 Multiple Vulnerabilities CVE-2008-5498 CVE-2009-1271 CVE-2009-1272 27 Feb 2009 5 (v2) Medium Pass Drupal Theme System Template Local File Inclusion 28 Feb 2009 7.5 (v2) High Pass Default Password (toor) for 'root' Account CVE-1999-0502 05 Mar 2009 9.8 (v3) Critical Pass Zabbix Web Interface extlang[] Parameter Remote Code Execution 07 Mar 2009 8.8 (v3) High Pass OneOrZero Helpdesk default_language Local File Inclusion CVE-2009-0886 09 Mar 2009 6.8 (v2) Medium Pass AWStats 'awstats.pl' Path Disclosure 20 Mar 2009 5 (v2) Medium Pass NextApp Echo XML Parsing Information Disclosure Vulnerability 26 Mar 2009 8.5 (v2) High Pass Serv-U < 8.0.0.1 Multiple Vulnerabilities (DoS, Traversal) CVE-2009-0967 CVE-2009-1031 27 Mar 2009 4 (v2) Medium Pass Moodle LaTeX Information Disclosure CVE-2009-1171 30 Mar 2009 4.3 (v2) Medium Pass SAP DB / MaxDB WebDBM Multiple Parameter XSS 01 Apr 2009 4.3 (v2) Medium Pass phpMyAdmin ﬁle_path Parameter Vulnerabilities (PMASA-2009-1) 03 Apr 2009 5 (v2) Medium Pass ZENworks Remote Management Agent Detection 06 Apr 2009 None Pass mod_perl Apache::Status URI XSS CVE-2009-0796 07 Apr 2009 2.6 (v2) Low Pass Jinzora name Parameter Local File Inclusion CVE-2009-2313 07 Apr 2009 6.8 (v2) Medium Pass Geeklog SEC_authenticate Function SQL Injection 13 Apr 2009 7.5 (v2) High Pass phpMyAdmin Setup Script Conﬁguration Parameters Arbitrary PHP Code Injection (PMASA-2009-4) CVE-2009-1285 16 Apr 2009 7.5 (v2) High Pass Atlassian JIRA < 3.13.3 DWR 'c0-id' XSS 17 Apr 2009 4.3 (v2) Medium Pass Novell Teaming Login User Account Enumeration Weakness CVE-2009-1293 21 Apr 2009 5 (v2) Medium Pass IBM DB2 9.1 < Fix Pack 7 Multiple Vulnerabilities CVE-2009-1239 CVE-2009-1905 CVE-2009-1906 22 Apr 2009 5.3 (v3) Medium Pass Conﬁcker P2P Service Detection 22 Apr 2009 10 (v2) Critical Pass Sun Java System Identity Manager Account Disclosure CVE-2009-1075 CVE-2009-1076 28 Apr 2009 5 (v2) Medium Pass Apache Struts 2 s:a / s:url Tag href Element XSS CVE-2008-6682 29 Apr 2009 3.7 (v3) Low Pass Intel Common Base Agent CreateProcessA() Function Remote Command Execution CVE-2009-1429 03 May 2009 10 (v2) Critical Pass OpenCart route Parameter Local File Inclusion CVE-2009-1621 03 May 2009 6.8 (v2) Medium Pass LimeSurvey sUser Parameter SQL Injection CVE-2009-1604 06 May 2009 7.5 (v2) High Pass Sun Java System Identity Manager ext Parameter Arbitrary File Retrieval CVE-2008-5116 06 May 2009 7.8 (v2) High Pass Adobe Flash Media Server RPC Privilege Escalation (APSB09-05) CVE-2009-1365 07 May 2009 7.5 (v2) High Pass IceWarp Merak WebMail Server < 9.4.2 Multiple Vulnerabilities CVE-2009-1467 CVE-2009-1468 CVE-2009-1469 08 May 2009 5.8 (v2) Medium Pass SquirrelMail contrib/decrypt_headers.php XSS CVE-2009-1578 15 May 2009 4.3 (v2) Medium Pass Flyspeck lang Parameter Local File Inclusion CVE-2009-1770 19 May 2009 6.8 (v2) Medium Pass HP System Management Homepage < 3.0.1.73 Multiple Flaws CVE-2008-5077 CVE-2008-5814 CVE-2009-1418 20 May 2009 5 (v2) Medium Pass Coppermine Photo Gallery GLOBALS[USER[lang] Parameter Local File Inclusion 25 May 2009 6.8 (v2) Medium Pass Novell GroupWise WebAccess Login Page User.lang Parameter XSS CVE-2009-1635 27 May 2009 4.3 (v2) Medium Pass DNN (DotNetNuke) ErrorPage.aspx XSS 27 May 2009 4.3 (v2) Medium Pass JVideo! Component for Joomla! 'user_id' Parameter SQLi CVE-2009-4938 01 Jun 2009 7.3 (v3) High Pass CactuShop 5.x Multiple Remote Vulnerabilities (XSS, SQLi) CVE-2004-1881 CVE-2004-1882 12 Oct 2004 7.5 (v2) High Pass IBM DB2 < 9.5 Fix Pack 4 Multiple Vulnerabilities CVE-2009-1905 CVE-2009-1906 CVE-2009-3471 CVE-2009-3472 03 Jun 2009 6.5 (v3) Medium Pass Joomla! < 1.5.11 JA_Purity Template Multiple XSS CVE-2009-1939 09 Jun 2009 4.7 (v3) Medium Pass Kerio MailServer < 6.6.2 Patch 3 / 6.7.0 Patch 1 XSS (KSEC-2009-06-08-01) CVE-2009-2636 11 Jun 2009 4.3 (v2) Medium Pass Drupal SA-CONTRIB-2009-036: Services Module Key-Based Access Bypass CVE-2009-2035 11 Jun 2009 6.4 (v2) Medium Pass CGI Generic XSS (quick test) 19 Jun 2009 4.3 (v2) Medium Pass PHP < 5.2.10 Multiple Vulnerabilities CVE-2009-2687 22 Jun 2009 5.1 (v2) Medium Pass Acajoom Component for Joomla! <= 3.2.6 Backdoor Detection 23 Jun 2009 7.3 (v3) High Pass Zen Cart password_forgotten.php Admin Access Bypass CVE-2009-2254 CVE-2009-2255 24 Jun 2009 7.5 (v2) High Pass Movable Type mt-wizard.cgi set_static_uri_to Parameter XSS CVE-2009-2480 26 Jun 2009 4.3 (v2) Medium Pass IBM Rational ClearQuest Multiple XSS Flaws CVE-2007-4592 02 Jul 2009 4.3 (v2) Medium Pass HP DDMI Web Interface Default Credentials 06 Jul 2009 7.5 (v2) High Pass FireStats < 1.6.2 Multiple Vulnerabilities CVE-2009-2143 CVE-2009-2144 07 Jul 2009 7.5 (v2) High Pass FCKeditor 'CurrentFolder' Arbitrary File Upload CVE-2009-2265 15 Jul 2009 8.8 (v3) High Pass BackOriﬁce Software Detection 29 Jul 1999 10 (v2) Critical Pass cﬁngerd Wildcard Argument Information Disclosure CVE-1999-0259 22 Jun 1999 5 (v2) Medium Pass CVS pserver Detection 12 Oct 1999 None Pass DeepThroat Backdoor Detection 08 Jul 1999 10 (v2) Critical Pass IBM Lotus Domino ?open Forced Directory Listing 09 Jul 1999 6.8 (v2) Medium Pass IBM Lotus Domino HTTP Server Filesystem Setup Disclosure CVE-2000-0021 21 Dec 1999 5 (v2) Medium Pass IBM Lotus Domino HTTP /cgi-bin Relative URL Request DoS CVE-2000-0023 21 Dec 1999 5 (v2) Medium Pass Microsoft FrontPage Extensions Check CVE-2000-0114 22 Aug 1999 5.3 (v3) Medium Pass GirlFriend Backdoor Detection 09 Jul 1999 10 (v2) Critical Pass HP LaserJet LCD Display Modiﬁcation 22 Jun 1999 5 (v2) Medium Pass HP LaserJet Direct Print Filter Bypass CVE-1999-1062 22 Jun 1999 5 (v2) Medium Pass Microsoft IIS Traversal GET Request Remote DoS CVE-1999-0229 22 Jun 1999 5 (v2) Medium Pass Microsoft IIS perl.exe HTTP Path Disclosure CVE-1999-0450 22 Jun 1999 5 (v2) Medium Pass MS99-059: Microsoft SQL Server Crafted TCP Packet Remote DoS (uncredentialed check) CVE-1999-0999 22 Nov 1999 5.3 (v3) Medium Pass NetBus 1.x Software Detection CVE-2003-1475 18 Aug 1999 7.5 (v2) High Pass Netscape Server ?PageServices Request Forced Directory Listing CVE-1999-0269 22 Jun 1999 5 (v2) Medium Pass Netscape Enterprise Server SSL Handshake DoS CVE-1999-0752 07 Jul 1999 5 (v2) Medium Pass Netscape FastTrack get Command Forced Directory Listing CVE-1999-0239 22 Jun 1999 5 (v2) Medium Pass NCDSA HTTPd nph-test-cgi Arbitrary Directory Listing CVE-1999-0045 22 Jun 1999 5 (v2) Medium Pass Portal of Doom Backdoor Detection 09 Jul 1999 10 (v2) Critical 59

Pass rsh Service Detection CVE-1999-0651 22 Aug 1999 7.5 (v2) High Pass WebSite Pro Malformed URL Path Disclosure CVE-2000-0066 13 Jan 2000 5 (v2) Medium Pass Ipswitch IMail / SLMail VRFY Command Remote Overﬂow CVE-1999-0231 22 Jun 1999 5 (v2) Medium Pass Multiple Vendor test-cgi Arbitrary File Access CVE-1999-0070 22 Jun 1999 5 (v2) Medium Pass Trin00 Trojan Detection CVE-2000-0138 05 Feb 2000 10 (v2) Critical Pass Trin00 for Windows Trojan Detection CVE-2000-0138 28 Feb 2000 10 (v2) Critical Pass WinGate Proxy POP3 USER Overﬂow CVE-1999-0494 22 Jun 1999 5 (v2) Medium Pass Zeus Web Server Null Byte Request CGI Source Disclosure CVE-2000-0149 11 Feb 2000 5 (v2) Medium Pass Shaft Trojan Detection CVE-2000-0138 17 Mar 2000 10 (v2) Critical Pass Netscape Server ?wp-* Publishing Tags Forced Directory Listing CVE-2000-0236 22 Mar 2000 5 (v2) Medium Pass Microsoft IIS /iisadmin Unrestricted Access CVE-1999-1538 01 Apr 2000 2.1 (v2) Low Pass Microsoft IIS ASP::$DATA ASP Source Disclosure CVE-1999-0278 10 Apr 2000 5 (v2) Medium Pass AnalogX SimpleServer:WWW Short GET /cgi-bin Remote DoS CVE-2000-0243 12 Apr 2000 5 (v2) Medium Pass Microsoft IIS /iisadmpwd/aexp2.htr Password Policy Bypass CVE-1999-0407 CVE-2002-0421 15 Apr 2000 10 (v2) Critical Pass Microsoft FrontPage htimage.exe CGI Remote Overﬂow CVE-2000-0256 19 Apr 2000 7.5 (v2) High Pass RealServer Port 7070 Malformed Input DoS CVE-2000-0272 22 Apr 2000 5 (v2) Medium Pass mstream DDoS Agent Detection CVE-2000-0138 02 May 2000 5 (v2) Medium Pass PostgreSQL Default Unpassworded Account CVE-1999-0508 27 Jul 2000 7.5 (v2) High Pass MS00-006: Microsoft IIS IDA/IDQ Multiple Vulnerabilities (uncredentialed check) CVE-2000-0071 CVE-2000-0098 CVE-2000-0302 24 Aug 2000 5 (v2) Medium Pass Netwin Netauth netauth.cgi Traversal Arbitrary File Access CVE-2000-0782 24 Aug 2000 5 (v2) Medium Pass mstream DDoS Handler Detection CVE-2000-0138 02 May 2000 5 (v2) Medium Pass Standard & Poor's ComStock MultiCSP Detection CVE-2000-0109 25 May 2000 10 (v2) Critical Pass Axis Camera Default Password CVE-2001-1543 06 Sep 2000 7.5 (v2) High Pass YaBB YaBB.pl num Parameter Traversal Arbitrary File Access CVE-2000-0853 12 Sep 2000 5 (v2) Medium Pass Sambar Server ISAPI Search Utility search.dll Arbitrary Directory Listing CVE-2000-0835 16 Sep 2000 5 (v2) Medium Pass PHP Error Log Format String Command Injection CVE-2000-0967 14 Oct 2000 6.8 (v2) Medium Pass Netscape Messaging Server IMAP LIST Command Remote Overﬂow CVE-2000-0961 19 Dec 2000 10 (v2) Critical Pass Technote main.cgi ﬁlename Parameter Traversal Arbitrary File Access CVE-2001-0075 29 Dec 2000 7.8 (v2) High Pass Microsoft IIS Unicode Remote Command Execution CVE-2000-0884 18 Oct 2000 10 (v2) Critical Pass Samba Web Administration Tool (SWAT) Error Message Username Enumeration CVE-2000-0938 08 Jan 2001 5 (v2) Medium Pass Phorum common.php ForumLang Parameter Traversal Arbitrary File Access 09 Jan 2001 5 (v2) Medium Pass Oracle Application Server XSQL Stylesheet Arbitrary Java Code Execution CVE-2001-0126 22 Jan 2001 7.5 (v2) High Pass Pi3Web tstisap.dll Long URL Overﬂow CVE-2001-0302 CVE-2001-0303 20 Feb 2001 7.5 (v2) High Pass PHP < 4.0.4 IMAP Module imap_open() Function Overﬂow 08 Mar 2001 6.8 (v2) Medium Pass Microsoft IIS WebDAV Malformed PROPFIND Request Remote DoS CVE-2001-0151 08 Mar 2001 7.8 (v2) High Pass PHP-Nuke opendir.php Traversal Arbitrary File Read CVE-2001-0321 17 Apr 2001 5 (v2) Medium Pass MS01-023: Microsoft IIS 5.0 Malformed HTTP Printer Request Header Remote Buﬀer Overﬂow (953155) (uncrCVE-2001-0241edentialed check) 01 May 2001 10 (v2) Critical Pass Microsoft IIS 5 .printer ISAPI Filter Enabled 03 May 2001 None Pass PHP3 Physical Path Disclosure via POST Requests 27 Feb 2015 5 (v2) Medium Pass MS01-026 / MS01-044: Microsoft IIS Remote Command Execution (uncredentialed check) CVE-2001-0333 CVE-2001-0507 15 May 2001 7.5 (v2) High Pass Microsoft SQL Server sa Account Default Blank Password CVE-2000-1209 25 May 2001 10 (v3) Critical Pass Microsoft IIS Source Fragment Disclosure CVE-2000-0457 CVE-2000-0630 29 May 2001 5 (v2) Medium Pass Netscape Messenging Server POP3 Error Message User Account Enumeration CVE-2000-0960 29 May 2001 5 (v2) Medium Pass Microsoft IIS ISAPI Filter Multiple Vulnerabilities (MS01-044) CVE-2001-0500 CVE-2001-0506 CVE-2001-0507 CVE-2001-0508 CVE-2001-0544 CVE-2001-0545 19 Jun 2001 10 (v2) Critical Pass Netscape Enterprise Web Publishing INDEX Command Arbitrary Directory Listing CVE-2001-0250 15 Jun 2001 5 (v2) Medium Pass Microsoft IIS .IDA ISAPI Filter Enabled 19 Jun 2001 None Pass WebLogic Server Double Dot GET Request Remote Overﬂow CVE-2001-0098 21 Jun 2001 10 (v2) Critical Pass PHP Safe Mode mail Function 5th Parameter Arbitrary Command Execution CVE-2001-1246 02 Jul 2001 4.6 (v2) Medium Pass Raptor Firewall 6.5 HTTP Proxy Detection 23 Aug 2001 5 (v2) Medium Pass PhpMyExplorer index.php chemin Parameter Encoded Traversal Arbitrary File Access CVE-2001-1168 07 Sep 2001 5 (v2) Medium Pass Apple Mac OS X Find-By-Content .DS_Store Web Directory Listing CVE-2001-1446 14 Sep 2001 5 (v2) Medium Pass Web Server HTTP Header Internal IP Disclosure CVE-2000-0649 14 Sep 2001 3.1 (v3) Low Pass Alcatel ADSL Modem Unrestricted Remote Access CVE-2001-1424 14 Sep 2001 7.5 (v2) High Pass Squid mkdir-only PUT Request Remote DoS CVE-2001-0843 26 Sep 2001 5 (v2) Medium Pass IBM HTTP Server on AS/400 Trailing Slash Source Code Disclosure 08 Nov 2001 5 (v2) Medium Pass Oracle Application Server Web Cache Multiple Remote DoS CVE-2002-0102 25 Nov 2001 4.3 (v2) Medium Pass Allaire JRun Encoded JSP Request Directory Listing CVE-2001-1510 16 Feb 2016 5 (v2) Medium Pass Apache Win32 ScriptAlias php.exe Arbitrary File Access CVE-2002-2029 25 Jan 2002 5 (v2) Medium Pass Oracle 9iAS mod_plsql Help Page Request Remote Overﬂow CVE-2001-1216 25 Jan 2002 7.5 (v2) High Pass Microsoft IIS ASP Redirection Function XSS CVE-2003-0223 05 Feb 2002 4.3 (v2) Medium Pass Oracle 9iAS DMS / JPM Pages Anonymous Access CVE-2002-0563 07 Feb 2002 5 (v2) Medium Pass Oracle 9iAS globals.jsa Database Credential Remote Disclosure CVE-2002-0562 07 Feb 2002 5 (v2) Medium Pass Oracle 9iAS Java Process Manager /oprocmgr-status Anonymous Process Manipulation CVE-2002-0563 07 Feb 2002 5 (v2) Medium Pass Oracle 9iAS _pages Directory Compiled JSP Source Disclosure CVE-2002-0565 07 Feb 2002 5 (v2) Medium Pass Oracle 9iAS mod_plsql Multiple Procedures XSS 07 Feb 2002 4.3 (v2) Medium Pass Oracle 9iAS mod_plsql Encoded Traversal Arbitrary File Access CVE-2001-1217 07 Feb 2002 5 (v2) Medium Pass PHP-Nuke sql_debug Information Disclosure CVE-2002-2032 07 Feb 2002 5 (v2) Medium Pass IBM DB2 Multiple CGI Single Byte Request Remote DoS CVE-2001-1143 06 Mar 2002 5 (v2) Medium Pass CVS (Web-Based) Entries File Information Disclosure 27 Mar 2002 5 (v2) Medium Pass Oracle JSP Apache/Jserv Path Translation Arbitrary JSP File Execution 27 Mar 2002 6.8 (v2) Medium Pass EFTP Multiple Command Traversal Arbitrary Directory Listing CVE-2001-1109 29 Mar 2002 4 (v2) Medium Pass Microsoft IIS Multiple Remote DoS (MS02-018 / Q319733) CVE-2000-0226 CVE-2002-0072 11 Apr 2002 5 (v2) Medium Pass MS02-018: Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS (319733) (intrusive check)CVE-2002-0224 20 Apr 2002 7.8 (v2) High Pass Microsoft IIS / Site Server codebrws.asp Arbitrary Source Disclosure CVE-1999-0739 22 May 2002 5 (v2) Medium Pass University of Washington imap Server (uw-imapd) BODY Request Remote Overﬂow CVE-2002-0379 29 May 2002 6.5 (v2) Medium Pass Microsoft ASP.NET Application Tracing trace.axd Information Disclosure 05 Jun 2002 5 (v2) Medium Pass Microsoft IIS Potentially Compromised Host Detection 05 Jun 2002 10 (v2) Critical Pass Apache on Windows php.exe Malformed Request Path Disclosure CVE-2002-0249 09 Jun 2002 5 (v2) Medium Pass IBM WebSphere Traversal Error Page XSS 08 Jun 2002 4.3 (v2) Medium Pass Cisco ATA-186 Password Circumvention / Recovery CVE-2002-0769 05 Jun 2002 10 (v2) Critical Pass eDonkey Detection 08 Jun 2002 None Pass Apache Tomcat /servlet Mapping XSS CVE-2002-0682 10 Jul 2002 4.3 (v2) Medium Pass Apache Tomcat TroubleShooter Servlet Information Disclosure CVE-2002-2006 15 Jul 2002 5 (v2) Medium Pass AWOL helperfunction.php includedir Parameter Remote File Inclusion CVE-2001-1048 22 Aug 2002 8.3 (v3) High Pass Gallery includedir Parameter Remote File Inclusion CVE-2001-1234 29 Aug 2002 8.3 (v3) High Pass phpMyAdmin sql.php Traversal Arbitrary File Access CVE-2001-0478 04 Sep 2002 5.1 (v2) Medium Pass mldonkey Detection (WWW) 17 Sep 2002 None Pass CGI Generic SQL Injection 23 Jul 2009 7.5 (v2) High Pass Netscape Enterprise Default Administrative Password CVE-1999-0502 22 Jan 2003 7.5 (v2) High Pass Oracle 9iAS soapdocs Directory Remote Information Disclosure 11 Feb 2003 5 (v2) Medium Pass Oracle 9iAS XSQLServlet soapConﬁg.xml Authentication Credentials Disclosure CVE-2002-0568 11 Feb 2003 5 (v2) Medium Pass Oracle 9iAS OWA_UTIL Stored Procedures Information Disclosure CVE-2002-0560 11 Feb 2003 5 (v2) Medium Pass Oracle 9iAS Default SOAP Conﬁguration Unauthorized Application Deployment CVE-2001-1371 11 Feb 2003 7.5 (v2) High Pass PHP < 4.3.1 CGI Module Force Redirect Settings Bypass Arbitrary File Access CVE-2003-0097 CVE-2006-4812 18 Feb 2003 7.5 (v2) High Pass Unpassworded 'guest' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'EZsetup' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'demos' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded '4Dgifts' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'OutOfBox' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'lp' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'sync' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'date' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'backdoor' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'tutor' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'toor' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'hax0r' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'friday' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (root) for 'root' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (guest) for 'guest' Account CVE-1999-0501 CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (manager) for 'system' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (glftpd) for 'glftpd' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'StoogR' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical 60

Pass Default Password (wank) for 'wank' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (D13HH[) for 'root' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (D13hh[) for 'root' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (lrkr0x) for 'gamez' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (wh00t!) for 'root' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Default Password (satori) for 'rewt' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Unpassworded 'jill' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Invision Power Board ipchat.php root_path Parameter Remote File Inclusion CVE-2003-1385 27 Feb 2003 8.3 (v3) High Pass Apple QuickTime/Darwin Streaming Server Multiple Remote Vulnerabilities CVE-2003-0050 CVE-2003-0051 CVE-2003-0052 CVE-2003-0053 CVE-2003-0054 CVE-2003-0055 CVE-2003-1414 28 Feb 2003 7.5 (v2) High Pass TYPO3 < 3.5.0 Multiple Vulnerabilities 28 Feb 2003 10 (v2) Critical Pass myphpPageTool /doc/admin/index.php ptinclude Parameter Remote File Inclusion CVE-2007-4947 02 Mar 2003 8.3 (v3) High Pass PHP-Ping index.php pingto Parameter Arbitrary Code Execution 06 Mar 2003 7.5 (v2) High Pass Kietu index.php Remote File Inclusion 07 Mar 2003 8.3 (v3) High Pass IBM Lotus Domino < 5.0.12 / 6.0.1 Multiple Vulnerabilities CVE-2001-1311 CVE-2003-0123 10 Mar 2003 7.5 (v2) High Pass IBM Lotus Domino Directory Traversal Arbitrary File Access CVE-2001-0009 10 Mar 2003 5 (v2) Medium Pass Upload Lite upload.cgi Arbitrary File Upload 12 Mar 2003 7.5 (v2) High Pass smb2www Proxy Bypass 14 Mar 2003 5 (v2) Medium Pass MySQL datadir/my.cnf Modiﬁcation Privilege Escalation CVE-2003-0150 14 Mar 2003 9 (v2) High Pass IBM Domino nsf File Argument XSS CVE-2001-1161 15 Mar 2003 4.3 (v2) Medium Pass Microsoft IIS shtml.dll XSS CVE-2000-0746 15 Mar 2003 4.7 (v3) Medium Pass Sun ONE (iPlanet) Application Server Detection 16 Mar 2003 None Pass Microsoft IIS WebDAV ntdll.dll Remote Overﬂow (MS03-007) CVE-2003-0109 18 Mar 2003 7.5 (v2) High Pass SquirrelMail 1.2.9 / 1.2.10 read_body.php Multiple Parameter XSS CVE-2002-1341 19 Mar 2003 4.3 (v2) Medium Pass Web Server Oﬃce File Inventory 19 Mar 2003 None Pass Guestbook tr3.a Password Disclosure CVE-2003-1541 22 Mar 2003 7.5 (v2) High Pass MS00-019: Microsoft IIS ISAPI Virtual Directory UNC Mapping ASP Source Disclosure (uncredentialed check)CVE-2000-0246 23 Mar 2003 4.3 (v2) Medium Pass Nuked-Klan index.php Multiple Module Vulnerabilities CVE-2003-1238 CVE-2003-1371 23 Mar 2003 5.8 (v2) Medium Pass Oracle 9iAS PL/SQL Gateway Web Admin Interface Null Authentication CVE-2002-0561 24 Mar 2003 7.5 (v2) High Pass J Walk Application Server Encoded Directory Traversal Arbitrary File Access CVE-2003-1529 25 Mar 2003 5 (v2) Medium Pass PHP socket_iovec_alloc() Function Overﬂow CVE-2003-0166 25 Mar 2003 6.8 (v2) Medium Pass Nukestyles.com viewpage.php Addon for PHP-Nuke File Parameter Traversal Arbitrary File Access CVE-2003-1545 25 Mar 2003 7.8 (v2) High Pass PostNuke Members_List Module Information Disclosure 26 Mar 2003 5 (v2) Medium Pass apcnisd / apcupsd Detection 26 Mar 2003 None Pass Horde IMP mailbox.php3 Multiple Parameter SQL Injection CVE-2003-0025 27 Mar 2003 7.5 (v2) High Pass GTcatalog password.inc Direct Request Password Disclosure 03 Apr 2003 5 (v2) Medium Pass AutomatedShops webc.cgi Installation Detection 04 Apr 2003 None Pass XMB < 1.9.1 Multiple XSS CVE-2002-0316 CVE-2003-0375 CVE-2003-0483 08 Apr 2003 4.3 (v2) Medium Pass Web Wiz Site News / Compulsive Media CNU5 news.mdb Direct Request Database Disclosure 14 Apr 2003 5 (v2) Medium Pass Web Wiz Forums wwforum.mdb Direct Request Database Disclosure 17 Apr 2003 5 (v2) Medium Pass Oracle Net Services CREATE DATABASE LINK Query Overﬂow CVE-2003-0222 04 May 2003 9.9 (v3) Critical Pass CommuniGate Pro Referer Field Session Token Disclosure CVE-2003-1481 05 May 2003 5.8 (v2) Medium Pass MDaemon POP Server Multiple Command Remote Overﬂow DoS CVE-2002-1539 05 May 2003 4 (v2) Medium Pass MDaemon IMAP Server CREATE Command Mailbox Name Handling Overﬂow CVE-2003-1470 06 May 2003 9 (v2) High Pass XMB member.php Multiple Parameter SQL Injection 07 May 2003 5 (v2) Medium Pass YaBB SE < 1.5.2 Multiple Vulnerabilities CVE-2000-1176 07 May 2003 6.5 (v2) Medium Pass 12Planet Chat Server Administration Authentication Cleartext Credential Disclosure 07 May 2003 4.3 (v2) Medium Pass WebLogic Crafted GET Request Hostname Disclosure 08 May 2003 5 (v2) Medium Pass Apache 2.0.x < 2.0.46 on OS/2 ﬁlestat.c Device Name Request DoS CVE-2003-0134 08 May 2003 5.3 (v3) Medium Pass ttforum Multiple Vulnerabilities CVE-2003-1458 CVE-2003-1459 10 May 2003 7.3 (v3) High Pass Horde test.php Direct Reqest Information Disclosure 12 May 2003 5 (v2) Medium Pass Apple AirPort Base Station Authentication Credential Encryption Weakness CVE-2003-0270 12 May 2003 7.6 (v2) High Pass miniPortail admin.php Cookie Manipulation Security Bypass CVE-2003-0272 12 May 2003 10 (v2) Critical Pass SHOUTcast Server Admin Log File XSS 12 May 2003 4.3 (v2) Medium Pass Owl browse.php Authentication Bypass 14 May 2003 5 (v2) Medium Pass WebLogic Multiple Method Cleartext Password Disclosure CVE-2003-1224 CVE-2003-1225 CVE-2003-1226 14 May 2003 1.2 (v2) Low Pass phpMyAdmin < 2.6.0-pl2 Unspeciﬁed Arbitrary Command Execution CVE-2004-2630 17 Oct 2004 6 (v2) Medium Pass WebLogic SSL Certiﬁcate Chain User Spooﬁng 14 May 2003 6.4 (v2) Medium Pass Microsoft BizTalk Server Multiple Remote Vulnerabilities CVE-2003-0117 CVE-2003-0118 20 May 2003 7.5 (v2) High Pass OneOrZero Helpdesk tupdate.php sg Parameter SQL Injection CVE-2003-0303 21 May 2003 7.5 (v2) High Pass Sun ONE Application Server Upper Case Request JSP Source Disclosure CVE-2003-0411 28 May 2003 5 (v2) Medium Pass iisPROTECT Encoded URL Authentication Bypass CVE-2003-0317 28 May 2003 7.5 (v2) High Pass Apache 2.0.x < 2.0.46 Multiple DoS CVE-2003-0189 CVE-2003-0245 29 May 2003 5.3 (v3) Medium Pass PostNuke Sections Module Information Disclosure 29 May 2003 5 (v2) Medium Pass Geeklog <= 1.3.7sr1 Multiple Vulnerabilities (SQLi, XSS, Priv Esc) CVE-2002-0096 CVE-2002-0097 CVE-2002-0962 CVE-2003-1347 29 May 2003 7.5 (v2) High Pass Ultimate PHP Board admin_iplog.php Arbitrary Code Execution CVE-2003-0395 29 May 2003 10 (v2) Critical Pass Remote PC Access Server detection. 29 May 2003 5.8 (v2) Medium Pass Desktop Orbiter Server Detection 03 Jun 2003 7.5 (v2) High Pass WebStores 2000 browse_item_details.asp SQL Injection CVE-2004-0304 03 Jun 2003 7.5 (v2) High Pass Pi3Web Malformed GET Request Remote Overﬂow CVE-2003-0276 03 Jun 2003 5 (v2) Medium Pass Linux Kernel IP Stack ICMP Error Response Arbitrary Memory Information Disclosure CVE-2003-0418 09 Jun 2003 5 (v2) Medium Pass Lotus Domino SMTP Server Forged Localhost Mail Header DoS CVE-2000-1203 11 Jun 2003 5 (v2) Medium Pass PostNuke < 0.7.2.3 Multiple Script XSS 17 Jun 2003 4.3 (v2) Medium Pass CesarFTP Multiple Vulnerabilities (OF, File Access, more) CVE-2001-0826 CVE-2001-1335 CVE-2001-1336 CVE-2003-0329 CVE-2004-0298 CVE-2006-2961 18 Jun 2003 7.5 (v2) High Pass phpMyAdmin < 2.5.2 Multiple Vulnerabilities 18 Jun 2003 5 (v2) Medium Pass Kerio WebMail < 5.7.7 Multiple Vulnerabilities CVE-2002-1434 CVE-2003-0487 CVE-2003-0488 18 Jun 2003 7.5 (v2) High Pass phpBB viewtopic.php topic_id Parameter SQL Injection CVE-2003-0486 19 Jun 2003 7.5 (v2) High Pass e107 db.php User Database Disclosure 24 Jul 2003 5 (v2) Medium Pass PHP < 4.3.3 php_check_safe_mode_include_dir Function Safemode Bypass CVE-2003-0863 25 Jul 2003 5 (v2) Medium Pass Gallery search.php searchstring Parameter XSS CVE-2003-0614 28 Jul 2003 4.3 (v2) Medium Pass ePolicy Orchestrator Multiple Remote Vulnerabilities (OF, FS) CVE-2003-0148 CVE-2003-0149 CVE-2003-0616 31 Jul 2003 10 (v2) Critical Pass Horde IMP IMP_MIME_Viewer_html Class XSS 08 Aug 2003 4.3 (v2) Medium Pass iPlanet Web Server Enterprise Edition URL-encoded Host: Information Disclosure CVE-2001-0327 29 Sep 2003 5.3 (v3) Medium Pass Default Password (ibmdb2) for 'db2inst1' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (db2fenc1) for 'db2fenc1' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (ibmdb2) for 'db2fenc1' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (db2inst) for 'db2inst1' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (ibmdb2) for 'db2as' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass Default Password (db2as) for 'db2as' Account CVE-1999-0502 CVE-2001-0051 01 Oct 2003 9.8 (v3) Critical Pass SOCKS Server Detection 03 Oct 2003 None Pass Microsoft IIS 404 Response Service Pack Signature 09 Oct 2003 None Pass Gallery index.php GALLERY_BASEDIR Parameter Remote File Inclusion CVE-2003-1227 11 Oct 2003 8.3 (v3) High Pass Compaq Web-enabled Management Software Default Account 13 Oct 2003 7.5 (v2) High Pass NetInfo Daemon Detection 19 Oct 2003 None Pass Open Shortest Path First (OSPF) Agent Detection 25 Oct 2003 None Pass EGP Detection 25 Oct 2003 None Pass PostgreSQL to_ascii() Function Remote Overﬂows CVE-2003-0901 04 Nov 2003 7.5 (v2) High Pass Resin Status Page Information Disclosure 22 Nov 2003 5 (v2) Medium Pass phpBB < 2.0.7 Multiple Script SQL Injection CVE-2003-1215 CVE-2003-1216 04 Dec 2003 7.5 (v2) High Pass PHP-Ping php-ping.php count Parameter Arbitrary Command Execution 29 Dec 2003 7.5 (v2) High Pass vBulletin calendar.php eventid Parameter SQL Injection CVE-2004-0036 06 Jan 2004 7.5 (v2) High Pass PhpDig conﬁg.php relative_script_path Parameter Remote File Inclusion CVE-2004-0068 15 Jan 2004 8.3 (v3) High Pass Gallery HTTP Global Variables File Inclusion CVE-2004-2124 29 Jan 2004 5.8 (v3) Medium Pass Serv-U SITE CHMOD Command Multiple Vulnerabilities CVE-2004-2111 CVE-2004-2533 02 Feb 2004 8.5 (v2) High Pass Photopost PHP Pro photo Parameter SQL Injection CVE-2004-0239 03 Feb 2004 7.5 (v2) High Pass phpMyAdmin export.php what Parameter Traversal Arbitrary File Access CVE-2004-0129 03 Feb 2004 5.1 (v2) Medium Pass Oracle Database 9i Multiple Functions Local Overﬂow CVE-2003-1208 06 Feb 2004 10 (v2) Critical Pass Oracle Multiple Products SOAP Message Crafted DTD Remote DoS CVE-2004-2244 21 Feb 2004 5 (v2) Medium Pass X-News Password MD5 Hash Authentication Bypass CVE-2002-1656 21 Feb 2004 7.5 (v2) High Pass phpBB < 2.0.7 Multiple XSS CVE-2004-1809 14 Mar 2004 4.3 (v2) Medium Pass Novell NetWare LDAP Server Anonymous Bind 15 Mar 2004 5 (v2) Medium Pass Unreal Tournament Server Detection 23 Mar 2004 None Pass Default Password (swift) for 'swift' Account CVE-1999-0502 24 Mar 2004 9.8 (v3) Critical 61

Pass HALO Network Server Detection 26 Mar 2004 None Pass IBM DB2 < 8 Fix Pack 7a Multiple Vulnerabilities CVE-2004-1372 CVE-2005-0417 CVE-2005-4863 CVE-2005-4864 CVE-2005-4865 CVE-2005-4866 CVE-2005-4867 CVE-2005-4868 CVE-2005-4869 CVE-2005-4870 CVE-2005-487117 Oct 2004 10 (v2) Critical Pass HP Web JetAdmin setinfo.hts setinclude Parameter Traversal Arbitrary File Access CVE-2004-1857 30 Mar 2004 2.1 (v2) Low Pass Firebird DB Remote Database Name Overﬂow CVE-2004-2043 25 May 2004 10 (v2) Critical Pass RealServer /admin/Docs/default.cfg Information Disclosure 26 May 2004 5 (v2) Medium Pass Subversion Server Detection 08 Jun 2004 None Pass IMP Content-Type Header XSS CVE-2004-0584 08 Jun 2004 4.3 (v2) Medium Pass Invision Power Board ssi.php f Parameter SQL Injection 11 Jun 2004 7.5 (v2) High Pass Gallery init.php Authentication Bypass CVE-2004-0522 15 Jun 2004 7.5 (v2) High Pass Squid ntlm_check_auth Function NTLM Authentication Helper Password Handling Remote Overﬂow CVE-2004-0541 30 Jun 2004 9.8 (v3) Critical Pass Cisco IOS and IOS XE Software Denial of Service Vulnerability (cisco-sa-20180328-bfd) CVE-2018-0155 23 Apr 2020 8.6 (v3) High Pass Treck TCP/IP stack multiple vulnerabilities. (Ripple20) CVE-2020-11896 CVE-2020-11897 CVE-2020-11898 CVE-2020-11899 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11904 CVE-2020-11905 CVE-2020-11906 CVE-2020-11907 CVE-2020-11908 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-1191422 Jun 2020 10 (v3) Critical Pass VMware vCenter Server 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2021-0002) CVE-2021-21972 CVE-2021-21973 25 Feb 2021 9.8 (v3) Critical Pass UnrealIRCd IP Cloaking Weakness Information Disclosure CVE-2004-0679 05 Jul 2004 5 (v2) Medium Pass DistCC Detection 07 Jul 2004 7.5 (v2) High Pass PHP < 4.3.8 Multiple Vulnerabilities CVE-2004-0594 CVE-2004-0595 15 Jul 2004 6.8 (v2) Medium Pass phpBB < 2.0.9 Multiple Vulnerabilities 21 Jul 2004 7.5 (v2) High Pass phpBB < 2.0.10 Multiple XSS CVE-2004-0730 CVE-2004-2054 CVE-2004-2055 26 Jul 2004 4.3 (v2) Medium Pass Xitami testssi.ssi HTTP Header XSS 26 Jul 2004 4.3 (v2) Medium Pass Moodle < 1.3.3 'help.php' 'ﬁle' Parameter XSS CVE-2004-0725 26 Jul 2004 4.3 (v2) Medium Pass Horde IMP with MSIE MIME Viewer Email Message XSS CVE-2004-1443 30 Jul 2004 4.3 (v2) Medium Pass phpMyFAQ Image Upload Authentication Bypass CVE-2004-2257 02 Aug 2004 7.5 (v2) High Pass PostNuke Reviews Module title Parameter XSS 02 Aug 2004 4.3 (v2) Medium Pass PostNuke Install Script Admin Password Disclosure 02 Aug 2004 7.5 (v2) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Apr 2019 CPU) CVE-2018-0734 CVE-2019-2551 CVE-2019-2583 CVE-2019-2600 CVE-2019-2603 CVE-2019-2604 CVE-2019-2621 CVE-2019-2622 CVE-2019-2633 CVE-2019-2638 CVE-2019-2639 CVE-2019-2640 CVE-2019-2641 CVE-2019-2642 CVE-2019-2643 CVE-2019-2651 CVE-2019-2652 CVE-2019-2653 CVE-2019-2654 CVE-2019-2655 CVE-2019-2660 CVE-2019-2661 CVE-2019-2662 CVE-2019-2663 CVE-2019-2664 CVE-2019-2665 CVE-2019-2669 CVE-2019-2670 CVE-2019-2671 CVE-2019-2673 CVE-2019-2674 CVE-2019-2675 CVE-2019-2676 CVE-2019-2677 CVE-2019-268217 Apr 2019 9.9 (v3) Critical Pass Jenkins < 2.164.2 LTS / 2.172 Multiple Vulnerabilities CVE-2019-1003049 CVE-2019-1003050 18 Apr 2019 8.1 (v3) High Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (Apr 2019 CPU) CVE-2016-1000031 CVE-2017-9798 CVE-2018-8034 CVE-2018-11763 CVE-2018-11784 CVE-2018-19360 CVE-2018-19361 CVE-2018-1936219 Apr 2019 9.8 (v3) Critical Pass DNN (DotNetNuke) 7.0.0 < 9.3.1 Multiple Vulnerabilities 24 Apr 2019 6.1 (v3) Medium Pass Oracle WebLogic WLS9-async Remote Code Execution (remote check) CVE-2019-2725 26 Apr 2019 9.8 (v3) Critical Pass Jenkins < 2.176.3 LTS / 2.192 Multiple Vulnerabilities CVE-2019-10383 CVE-2019-10384 10 Oct 2019 8.8 (v3) High Pass Cisco SPA100 Series Multiple Vulnerabilities CVE-2019-12702 CVE-2019-12703 CVE-2019-12704 CVE-2019-15240 CVE-2019-15241 CVE-2019-15242 CVE-2019-15243 CVE-2019-15244 CVE-2019-15245 CVE-2019-15246 CVE-2019-15247 CVE-2019-15248 CVE-2019-15249 CVE-2019-15250 CVE-2019-15251 CVE-2019-15252 CVE-2019-15257 CVE-2019-1525817 Oct 2019 8 (v3) High Pass Atlassian Jira 7.13.x < 8.6.0 JMX monitoring ﬂag CSRF Vulnerability (JRASERVER-70570) CVE-2019-20405 27 Mar 2020 4.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.100 / 8.5.x < 8.5.51 / 9.0.x < 9.0.31 Multiple Vulnerabilities CVE-2019-17569 CVE-2020-1935 CVE-2020-1938 21 Feb 2020 9.8 (v3) Critical Pass Cisco TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery VCVE-2019-1872ulnerability 05 Mar 2020 5.3 (v3) Medium Pass IBM Spectrum Protect Server and Storage Agent RCE 13 Mar 2020 9.8 (v3) Critical Pass Atlassian JIRA < 8.6.1 Information Disclosure CVE-2019-20407 20 Mar 2020 4.3 (v3) Medium Pass PHP 7.3.x < 7.3.16 Multiple Vulnerabilities CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 27 Mar 2020 8.8 (v3) High Pass Trading Technologies Messaging remove_park Stack Overﬂow 03 Jun 2020 9.8 (v3) Critical Pass Dotnetnuke 3.1.x < 9.6.0 / 5.0.x < 9.6.0 / 6.0.x < 9.6.0 / 7.0.x < 9.6.0 Multiple Vulnerabilities (09.06.00) CVE-2019-19790 03 Jun 2020 9.8 (v3) Critical Pass Dotnetnuke 7.0.x < 9.5.0 XSS 03 Jun 2020 9.8 (v3) Critical Pass Apache Tomcat 8.5.0 < 8.5.56 DoS CVE-2020-11996 03 Jul 2020 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.36 DoS CVE-2020-11996 03 Jul 2020 7.5 (v3) High Pass Jenkins < 2.263.2 LTS / 2.275 Multiple Vulnerabilities CVE-2021-21602 CVE-2021-21603 CVE-2021-21604 CVE-2021-21605 CVE-2021-21606 CVE-2021-21607 CVE-2021-21608 CVE-2021-21609 CVE-2021-21610 CVE-2021-2161122 Jan 2021 8 (v3) High Pass Oracle Primavera Uniﬁer (Jan 2021 CPU) CVE-2019-10086 CVE-2020-11979 CVE-2020-25020 CVE-2020-35460 29 Jan 2021 9.8 (v3) Critical Pass SonicWall Secure Mobile Access Remote Code Execution (SNWLID-2021-0001) CVE-2021-20016 03 Feb 2021 9.8 (v3) Critical Pass Atlassian JIRA < 8.5.10 / 8.6.x < 8.13.2 Information Disclosure (JRASERVER-72002) CVE-2020-36231 04 Feb 2021 4.3 (v3) Medium Pass Serv-U FTP Server < 15.2.2 Hotﬁx 1 Arbitrary File Read/Write CVE-2021-25276 09 Feb 2021 7.1 (v3) High Pass PHP 7.3.x < 7.3.27 / 7.4.x < 7.4.15 / 8.x < 8.0.2 DoS CVE-2021-21702 09 Feb 2021 7.5 (v3) High Pass Atlassian JIRA < 8.5.13 / 8.6.x < 8.13.5 / 8.14.x < 8.15.1 Multiple Vulnerablities CVE-2020-36238 CVE-2020-36286 CVE-2021-26071 08 Apr 2021 5.3 (v3) Medium Pass Apache Tomcat 7.0.0 < 7.0.107 Information Disclosure CVE-2021-24122 09 Apr 2021 5.9 (v3) Medium Pass Cisco Uniﬁed Communications Manager Self Care Portal Authorization Bypass Vulnerability (cisco-sa-cucm-selfcarCVE-2021-1399e-VRWWWHgE) 15 Apr 2021 4.3 (v3) Medium Pass Oracle E-Business (October 2013 CPU) CVE-2013-5792 17 Oct 2013 5 (v2) Medium Pass Oracle E-Business Multiple Vulnerabilities (January 2017 CPU) CVE-2016-8325 CVE-2017-3246 CVE-2017-3274 CVE-2017-3275 CVE-2017-3277 CVE-2017-3278 CVE-2017-3279 CVE-2017-3280 CVE-2017-3281 CVE-2017-3282 CVE-2017-3283 CVE-2017-3284 CVE-2017-3285 CVE-2017-3286 CVE-2017-3287 CVE-2017-3303 CVE-2017-3326 CVE-2017-3327 CVE-2017-3328 CVE-2017-3333 CVE-2017-3334 CVE-2017-3335 CVE-2017-3336 CVE-2017-3338 CVE-2017-3339 CVE-2017-3340 CVE-2017-3341 CVE-2017-3343 CVE-2017-3344 CVE-2017-3346 CVE-2017-3348 CVE-2017-3349 CVE-2017-3350 CVE-2017-3351 CVE-2017-3352 CVE-2017-3353 CVE-2017-3354 CVE-2017-3357 CVE-2017-3358 CVE-2017-3359 CVE-2017-3360 CVE-2017-3361 CVE-2017-3362 CVE-2017-3363 CVE-2017-3364 CVE-2017-3365 CVE-2017-3366 CVE-2017-3367 CVE-2017-3368 CVE-2017-3369 CVE-2017-3370 CVE-2017-3371 CVE-2017-3372 CVE-2017-3373 CVE-2017-3374 CVE-2017-3375 CVE-2017-3376 CVE-2017-3377 CVE-2017-3378 CVE-2017-3379 CVE-2017-3380 CVE-2017-3381 CVE-2017-3382 CVE-2017-3383 CVE-2017-3384 CVE-2017-3385 CVE-2017-3386 CVE-2017-3387 CVE-2017-3388 CVE-2017-3389 CVE-2017-3390 CVE-2017-3391 CVE-2017-3392 CVE-2017-3394 CVE-2017-3395 CVE-2017-3396 CVE-2017-3397 CVE-2017-3398 CVE-2017-3399 CVE-2017-3400 CVE-2017-3401 CVE-2017-3402 CVE-2017-3403 CVE-2017-3404 CVE-2017-3405 CVE-2017-3406 CVE-2017-3407 CVE-2017-3408 CVE-2017-3409 CVE-2017-3410 CVE-2017-3411 CVE-2017-3412 CVE-2017-3413 CVE-2017-3414 CVE-2017-3415 CVE-2017-3416 CVE-2017-3417 CVE-2017-3418 CVE-2017-3419 CVE-2017-3420 CVE-2017-3421 CVE-2017-3422 CVE-2017-3423 CVE-2017-3424 CVE-2017-3425 CVE-2017-3426 CVE-2017-3427 CVE-2017-3428 CVE-2017-3429 CVE-2017-3430 CVE-2017-3431 CVE-2017-3433 CVE-2017-3435 CVE-2017-3436 CVE-2017-3437 CVE-2017-3438 CVE-2017-3439 CVE-2017-3440 CVE-2017-3441 CVE-2017-3442 CVE-2017-344318 Jan 2017 8.2 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (April 2017 CPU) CVE-2017-3337 CVE-2017-3393 CVE-2017-3432 CVE-2017-3515 CVE-2017-3528 CVE-2017-3549 CVE-2017-3550 CVE-2017-3555 CVE-2017-3556 CVE-2017-3557 CVE-2017-359219 Apr 2017 6.5 (v3) Medium Pass Apache 2.4.x < 2.4.47 Multiple Vulnerabilities CVE-2019-17567 CVE-2020-13938 CVE-2020-13950 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641 04 Jun 2021 9.8 (v3) Critical Pass SonicWall Secure Remote Access (SRA) Unsupported Version 11 Jun 2021 9.8 (v3) Critical Pass Tenable Nessus 8.x.x < 8.15.0 Multiple Vulnerabilities (TNS-2021-11) CVE-2018-20843 CVE-2019-15903 CVE-2019-16168 CVE-2021-20099 CVE-2021-20100 15 Jun 2021 6.7 (v3) Medium Pass Apache Tomcat 10.0.0-M1 < 10.0.2 multiple vulnerabilities CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 17 Jun 2021 7.5 (v3) High Pass Pulse Connect Secure < 9.1R11.5 (SA44800) CVE-2021-22908 21 Jun 2021 8.8 (v3) High Pass Liferay Portal 7.x <= 7.2.1 / 7.3 < 7.3.6 Multiple Vulnerabilities CVE-2021-29043 CVE-2021-29044 02 Jul 2021 6.1 (v3) Medium Pass Apache Tomcat 10.0.3 < 10.0.5 vulnerability CVE-2021-30639 12 Jul 2021 7.5 (v3) High Pass Apache Tomcat 7.0.x <= 7.0.108 / 8.5.x <= 8.5.65 / 9.0.x <= 9.0.45 / 10.0.x <= 10.0.5 vulnerability CVE-2021-30640 12 Jul 2021 6.5 (v3) Medium Pass Liferay Portal 7.2.x < 7.3.6 XSS CVE-2021-29051 13 Jul 2021 6.1 (v3) Medium Pass VMware Carbon Black App Control 8.0.x / 8.1.x / 8.5.x < 8.5.8 / 8.6.x < 8.6.2 Authentication Bypass (VMSA-2021-0012)CVE-2021-21998 23 Jul 2021 9.8 (v3) Critical Pass Apache Tomcat AJP12 Protocol Malformed Packet Remote DoS CVE-2005-0808 15 Mar 2005 5.3 (v3) Medium Pass Apache Tomcat 4.x < 4.1.36 Multiple Vulnerabilities CVE-2005-2090 CVE-2007-0450 CVE-2007-1358 18 Nov 2011 5.3 (v3) Medium Pass Apache Tomcat < 6.0.13 Multiple Vulnerabilities CVE-2005-2090 CVE-2007-1355 18 Nov 2011 5.3 (v3) Medium Pass Apache Tomcat Cross-Application File Manipulation CVE-2009-0783 22 Jun 2009 5.9 (v3) Medium Pass Apache Tomcat WAR Deployment Multiple Vulnerabilities CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 26 Jan 2010 5.4 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2010 CPU) CVE-2009-1996 CVE-2009-3410 CVE-2009-3411 CVE-2009-3412 CVE-2009-3413 CVE-2009-3414 CVE-2009-3415 CVE-2010-0071 CVE-2010-007226 Apr 2010 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (April 2010 CPU) CVE-2010-0851 CVE-2010-0852 CVE-2010-0854 CVE-2010-0860 CVE-2010-0866 CVE-2010-0867 26 Apr 2010 7.1 (v2) High Pass Apache Tomcat < 4.1.40 / 5.5.28 / 6.0.20 Multiple Vulnerabilities CVE-2008-5515 CVE-2009-0033 CVE-2009-0580 CVE-2009-0781 CVE-2009-0783 28 May 2010 5.3 (v3) Medium Pass Apache Tomcat 4.x < 4.1.39 Multiple Vulnerabilities CVE-2008-0128 CVE-2008-1232 CVE-2008-2370 11 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat 5.x < 5.5.1 Information Disclosure CVE-2008-3271 16 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat 4.x < 4.1.32 Multiple Vulnerabilities CVE-2005-3510 CVE-2005-4838 CVE-2006-3835 CVE-2006-7196 CVE-2007-1858 CVE-2008-3271 16 Jun 2010 5.3 (v3) Medium Pass Apache Tomcat < 5.5.26 Multiple Vulnerabilities CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-6286 01 Jul 2010 6.5 (v3) Medium Pass Apache Tomcat < 6.0.16 Multiple Vulnerabilities CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-6286 CVE-2008-0002 01 Jul 2010 6.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (July 2010 CPU) CVE-2010-0892 CVE-2010-0900 CVE-2010-0901 CVE-2010-0902 CVE-2010-0903 CVE-2010-0911 14 Jul 2010 7.8 (v2) High Pass Apache Tomcat 5.5.x < 5.5.30 CVE-2010-1157 CVE-2010-2227 CVE-2010-3718 16 Jul 2010 6.5 (v3) Medium Pass Apache Tomcat 6.0 < 6.0.28 Multiple Vulnerabilities CVE-2010-1157 CVE-2010-2227 05 Aug 2010 6.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (April 2008 CPU) CVE-2008-1812 CVE-2008-1813 CVE-2008-1814 CVE-2008-1815 CVE-2008-1816 CVE-2008-1817 CVE-2008-1818 CVE-2008-1819 CVE-2008-1820 CVE-2008-182116 Nov 2011 8.5 (v2) High Pass Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.25 Multiple Vulnerabilities CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3385 CVE-2007-3386 07 Dec 2010 5.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2011 CPU) CVE-2010-3590 CVE-2010-3600 CVE-2010-4413 CVE-2010-4420 CVE-2010-4421 CVE-2010-4423 19 Jan 2011 7.5 (v2) High Pass Apache Tomcat 7.x < 7.0.4 SecurityManager Local Security Bypass CVE-2010-3718 11 Feb 2011 6.3 (v3) Medium Pass Apache Tomcat < 6.0.32 / 7.0.8 NIO Connector DoS CVE-2011-0534 15 Feb 2011 5.3 (v3) Medium Pass Apache Tomcat 7.x < 7.0.12 Multiple Vulnerabilities CVE-2011-1183 CVE-2011-1184 CVE-2011-1475 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 07 Apr 2011 6.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (April 2011 CPU) CVE-2009-3555 CVE-2011-0785 CVE-2011-0787 CVE-2011-0792 CVE-2011-0793 CVE-2011-0799 CVE-2011-0804 CVE-2011-0805 CVE-2011-080613 May 2011 7.5 (v2) High Pass Apache Tomcat 6.0.x < 6.0.33 Multiple Vulnerabilities CVE-2011-1184 CVE-2011-2204 CVE-2011-2526 CVE-2011-2729 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 30 Aug 2011 5.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2006 CPU) CVE-2006-0256 CVE-2006-0257 CVE-2006-0258 CVE-2006-0259 CVE-2006-0260 CVE-2006-0261 CVE-2006-0262 CVE-2006-0263 CVE-2006-0265 CVE-2006-0266 CVE-2006-0267 CVE-2006-0268 CVE-2006-0269 CVE-2006-0270 CVE-2006-0271 CVE-2006-0272 CVE-2006-0282 CVE-2006-0283 CVE-2006-0285 CVE-2006-0290 CVE-2006-0291 CVE-2006-0435 CVE-2006-0547 CVE-2006-0548 CVE-2006-0549 CVE-2006-0551 CVE-2006-0552 CVE-2006-058616 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (April 2007 CPU) CVE-2007-2108 CVE-2007-2109 CVE-2007-2110 CVE-2007-2111 CVE-2007-2112 CVE-2007-2113 CVE-2007-2114 CVE-2007-2115 CVE-2007-2116 CVE-2007-2117 CVE-2007-2118 CVE-2007-2119 CVE-2007-2129 CVE-2007-213016 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (October 2007 CPU) CVE-2007-5504 CVE-2007-5505 CVE-2007-5506 CVE-2007-5507 CVE-2007-5508 CVE-2007-5509 CVE-2007-5510 CVE-2007-5511 CVE-2007-5512 CVE-2007-5513 CVE-2007-5514 CVE-2007-5515 CVE-2007-5520 CVE-2007-5530 CVE-2007-5531 CVE-2007-555416 Nov 2011 9 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2008 CPU) CVE-2008-0339 CVE-2008-0340 CVE-2008-0341 CVE-2008-0342 CVE-2008-0343 CVE-2008-0344 CVE-2008-0345 CVE-2008-0346 CVE-2008-034716 Nov 2011 6 (v2) Medium Pass Apache Tomcat 5.5.x < 5.5.34 Multiple Vulnerabilities CVE-2011-1184 CVE-2011-2204 CVE-2011-2526 CVE-2011-2729 CVE-2011-3190 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 26 Sep 2011 7.3 (v3) High Pass Apache Tomcat 6.x < 6.0.35 Multiple Vulnerabilities CVE-2011-3190 CVE-2011-3375 CVE-2011-4858 CVE-2012-0022 12 Dec 2011 7.3 (v3) High Pass Apache Tomcat 5.x < 5.5.35 Hash Collision Denial of Service CVE-2011-4858 CVE-2012-0022 13 Jan 2012 5.3 (v3) Medium Pass Apache Tomcat 5.5.x < 5.5.36 DIGEST Authentication Multiple Security Weaknesses CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2012 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.30 Multiple Vulnerabilities CVE-2012-3544 CVE-2012-3546 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 21 Nov 2012 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.32 XSRF Filter Bypass CVE-2012-4431 10 Dec 2012 7.3 (v3) High Pass Apache Tomcat 7.0.x < 7.0.33 Session Fixation CVE-2013-2067 15 May 2013 7.3 (v3) High Pass Oracle Database Multiple Vulnerabilities (October 2013 CPU) (BEAST) CVE-2011-3389 CVE-2013-0169 CVE-2013-3826 CVE-2013-5771 16 Oct 2013 6.4 (v2) Medium Pass Apache Tomcat 6.0.x < 6.0.40 Multiple Vulnerabilities CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 30 May 2014 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.53 Multiple Vulnerabilities CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 30 May 2014 5.3 (v3) Medium Pass Apache Tomcat 8.0.x < 8.0.4 Multiple Vulnerabilities CVE-2014-0075 CVE-2014-0095 CVE-2014-0096 CVE-2014-0099 30 May 2014 5.3 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.55 Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-0227 CVE-2014-0230 CVE-2014-3470 02 Sep 2014 9.3 (v3) Critical Pass Apache Tomcat 8.0.x < 8.0.9 Multiple DoS CVE-2014-0227 CVE-2014-0230 01 Mar 2015 6.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (July 2015 CPU) CVE-2015-0468 CVE-2015-2585 CVE-2015-2586 CVE-2015-2595 CVE-2015-2599 CVE-2015-2629 CVE-2015-2655 CVE-2015-4740 CVE-2015-4753 CVE-2015-475517 Jul 2015 9 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2016 CPU) CVE-2015-4921 CVE-2015-4923 CVE-2015-4925 CVE-2016-0461 CVE-2016-0467 CVE-2016-0472 CVE-2016-0499 25 Jan 2016 9 (v2) High Pass Apache Struts 2.x < 2.3.24.1 Multiple Vulnerabilities (S2-026) (S2-027) CVE-2015-5209 CVE-2016-3090 12 Feb 2016 8.8 (v3) High Pass Apache Tomcat 6.0.x < 6.0.45 Multiple Vulnerabilities CVE-2015-5174 CVE-2015-5345 CVE-2016-0706 CVE-2016-0714 24 Feb 2016 8.8 (v3) High Pass Apache Tomcat 7.0.x < 7.0.68 Multiple Vulnerabilities CVE-2015-5345 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 24 Feb 2016 8.8 (v3) High Pass Apache Tomcat 8.0.0.RC1 < 8.0.32 Multiple Vulnerabilities CVE-2015-5346 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 24 Feb 2016 8.8 (v3) High Pass Apache Struts 2.x < 2.3.28 Multiple Vulnerabilities (S2-028) (S2-029) (S2-030) (S2-034) CVE-2016-0785 CVE-2016-2162 CVE-2016-3093 CVE-2016-4003 24 Mar 2016 8.8 (v3) High 62

Pass Apache Struts 2.x < 2.3.28.1 Multiple Vulnerabilities CVE-2016-3081 CVE-2016-3082 CVE-2016-3087 28 Apr 2016 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.29 Multiple Vulnerabilities (S2-035 - S2-040) CVE-2016-0785 CVE-2016-4430 CVE-2016-4431 CVE-2016-4433 CVE-2016-4436 CVE-2016-4438 CVE-2016-4461 24 Jun 2016 8.8 (v3) High Pass Oracle Database Multiple Vulnerabilities (July 2016 CPU) (FREAK) CVE-2015-0204 CVE-2016-3448 CVE-2016-3467 CVE-2016-3479 CVE-2016-3484 CVE-2016-3488 CVE-2016-3489 CVE-2016-3506 CVE-2016-360922 Jul 2016 9 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (October 2016 CPU) CVE-2016-3562 CVE-2016-5497 CVE-2016-5498 CVE-2016-5499 CVE-2016-5505 CVE-2016-5516 CVE-2016-5555 CVE-2016-5572 21 Oct 2016 9.1 (v3) Critical Pass Apache Tomcat 6.0.x < 6.0.47 / 7.0.x < 7.0.72 / 8.0.x < 8.0.37 / 8.5.x < 8.5.5 / 9.0.x < 9.0.0.M10 Multiple VulnerabilitiesCVE-2016-0762 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 04 Nov 2016 7.5 (v3) High Pass Apache Struts 2.5.x < 2.5.13 URLValidator Form Field Handling Remote DoS (S2-044) CVE-2016-8738 15 Dec 2016 5.9 (v3) Medium Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (October 2017 CPU) CVE-2015-5254 CVE-2017-10034 CVE-2017-10037 CVE-2017-10060 CVE-2017-10163 18 Oct 2017 9.8 (v3) Critical Pass Apache Tomcat 6.0.16 < 6.0.50 / 7.0.x < 7.0.75 / 8.0.x < 8.0.41 / 8.5.x < 8.5.9 / 9.0.x < 9.0.0.M15 NIO HTTP Connector Information DisclosurCVE-2016-8745 e 21 Dec 2016 7.5 (v3) High Pass Apache Tomcat 9.0.0.M11 < 9.0.0.M17 nextRequest Information Disclosure CVE-2016-8747 13 Apr 2017 7.5 (v3) High Pass Apache Tomcat 6.0.x < 6.0.53 / 7.0.x < 7.0.77 / 8.0.x < 8.0.43 Pipelined Requests Information Disclosure CVE-2017-5647 14 Apr 2017 7.5 (v3) High Pass Oracle Database Multiple Vulnerabilities (April 2017 CPU) CVE-2017-3486 CVE-2017-3567 19 Apr 2017 7.2 (v3) High Pass Atlassian JIRA 4.2.4 < 6.3.0 Multiple Vulnerabilities CVE-2017-5983 16 May 2017 9.8 (v3) Critical Pass Apache Tomcat 7.0.x < 7.0.78 / 8.0.x < 8.0.44 / 8.5.x < 8.5.15 / 9.0.x < 9.0.0.M21 Remote Error Page ManipulationCVE-2017-5664 08 Jun 2017 7.5 (v3) High Pass Apache Struts 2.5.x < 2.5.12 Multiple DoS (S2-047) (S2-049) CVE-2016-1000031 CVE-2017-7672 CVE-2017-9787 14 Jul 2017 9.8 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (July 2017 CPU) (POODLE) (SWEET32) CVE-2014-3566 CVE-2016-2183 CVE-2017-10120 CVE-2017-10202 20 Jul 2017 9.9 (v3) Critical Pass Apache Tomcat 7.0.41 < 7.0.79 Cache Poisoning Vulnerability CVE-2017-7674 18 Aug 2017 4.3 (v3) Medium Pass Apache Tomcat 8.5.x < 8.5.16 Multiple Vulnerabilities CVE-2017-7674 CVE-2017-7675 18 Aug 2017 7.5 (v3) High Pass Apache Struts 2.1.x >= 2.1.2 / 2.2.x / 2.3.x < 2.3.34 / 2.5.x < 2.5.13 Multiple Vulnerabilities (S2-050 - S2-053)CVE-2017-9793 CVE-2017-9804 CVE-2017-9805 CVE-2017-12611 05 Sep 2017 9.8 (v3) Critical Pass Apache Tomcat 7.0.x < 7.0.81 Multiple Vulnerabilities CVE-2017-12615 CVE-2017-12616 19 Sep 2017 8.1 (v3) High Pass Cisco Uniﬁed Communications Manager Cross-Site Scripting Vulnerability CVE-2017-6654 27 Sep 2017 6.1 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.82 / 8.5.x < 8.5.23 Multiple Vulnerabilities CVE-2017-12617 06 Oct 2017 8.1 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.1 Multiple Vulnerabilities CVE-2017-12617 06 Oct 2017 8.1 (v3) High Pass Atlassian JIRA < 4.2 Multiple Vulnerabilities 24 Apr 2018 5.3 (v3) Medium Pass Apache Struts 2.0.x < 2.2.1 and Tag XSS (S2-002) 10 Sep 2018 4.3 (v3) Medium Pass Apache Struts 2.x < 2.3.14.3 RCE (S2-015) CVE-2013-2134 CVE-2013-2135 10 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.2.3.1 RCE (S2-007) 10 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.14.2 Remote Code Execution Vulnerability (S2-013) CVE-2013-1966 11 Sep 2018 9.8 (v3) Critical Pass Apache Struts 2.x < 2.3.18 Multiple Critical Vulnerabilities (S2-008) 11 Sep 2018 9.8 (v3) Critical Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (April 2018 CPU) CVE-2015-7501 CVE-2017-5662 28 Dec 2018 9.8 (v3) Critical Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (July 2018 CPU) CVE-2018-2900 CVE-2018-2925 CVE-2018-2958 28 Dec 2018 8.2 (v3) High Pass Atlassian JIRA Cross-Site Scripting (XSS) Vulnerability (JRASERVER-68526) CVE-2018-13403 10 May 2019 5.4 (v3) Medium Pass Atlassian JIRA Multiple Vulnerabilities (JRASERVER-69245) (JRASERVER-69246) CVE-2019-3399 CVE-2019-3400 10 May 2019 7.5 (v3) High Pass Pulse Connect Secure Insecure Cookie Handling (SA44114) CVE-2019-11213 31 May 2019 8.1 (v3) High Pass Atlassian Jira 7.13.x < 7.13.4, 8.0.x < 8.0.4, 8.1.x < 8.1.1 Multiple Vulnerabilities CVE-2019-8442 CVE-2019-8443 31 May 2019 8.1 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.41 DoS CVE-2019-0199 CVE-2019-10072 24 Jun 2019 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.20 DoS CVE-2019-0199 CVE-2019-10072 25 Jun 2019 7.5 (v3) High Pass Atlassian JIRA < 8.4.0 Multiple Vulnerabilities CVE-2019-8449 CVE-2019-8451 CVE-2019-14995 CVE-2019-14997 CVE-2019-14998 20 Sep 2019 6.5 (v3) Medium Pass Apache Struts 2.3.20 < 2.3.29 / 2.5.x < 2.5.13 Denial of Service Vulnerability (S2-041) CVE-2016-4465 26 Sep 2019 5.3 (v3) Medium Pass Atlassian JIRA 7.x >= 7.6 / 8.x < 8.5.4 / 8.6.x < 8.6.2 Multiple CSRF CVE-2019-20098 CVE-2019-20099 21 Feb 2020 4.3 (v3) Medium Pass Cisco Uniﬁed Communications Manager Stored Cross-Site Scripting (cisco-sa-cucm-xss-bLZw4Ctq) CVE-2020-3420 10 Jul 2020 5.4 (v3) Medium Pass Cisco Uniﬁed Communications Manager Cross-Site Scripting (cisco-sa-cucm-selfcare-drASc7sr) CVE-2020-3346 14 Aug 2020 6.1 (v3) Medium Pass Cisco Uniﬁed Communications Manager XSS (cisco-sa-cucm-cuc-imp-xss-XtpzfM5e) CVE-2020-3532 25 Aug 2020 6.3 (v3) Medium Pass Apache Tomcat 8.5.x < 8.5.60 Information Disclosure CVE-2020-17527 CVE-2021-24122 10 Dec 2020 7.5 (v3) High Pass Apache < 2.4.49 Multiple Vulnerabilities CVE-2021-40438 23 Sep 2021 9 (v3) Critical Pass Apache < 2.4.49 Multiple Vulnerabilities CVE-2021-34798 CVE-2021-39275 23 Sep 2021 9.8 (v3) Critical Pass Apache >= 2.4.30 < 2.4.49 mod_proxy_uwsgi CVE-2021-36160 23 Sep 2021 7.5 (v3) High Pass Apache Tomcat 10.1.0.M1 < 10.1.0.M6 vulnerability CVE-2021-42340 14 Oct 2021 7.5 (v3) High Pass Apache 2.4.49 < 2.4.50 Multiple Vulnerabilities CVE-2021-41524 CVE-2021-41773 05 Oct 2021 7.5 (v3) High Pass Jenkins Enterprise and Operations Center < 2.249.31.0.5 / 2.289.1.2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-06-02) 11 Oct 2021 6.8 (v3) Medium Pass Oracle E-Business Suite Multiple Vulnerabilities (Oct 2021 CPU) CVE-2021-2474 CVE-2021-2477 CVE-2021-2482 CVE-2021-2483 CVE-2021-2484 CVE-2021-2485 CVE-2021-35536 CVE-2021-35554 CVE-2021-35562 CVE-2021-35563 CVE-2021-35566 CVE-2021-35569 CVE-2021-35570 CVE-2021-35580 CVE-2021-35581 CVE-2021-35582 CVE-2021-35585 CVE-2021-3561121 Oct 2021 8.1 (v3) High Pass Oracle Database Server Multiple Vulnerabilities (October 2021 CPU) CVE-2020-27824 CVE-2021-2332 CVE-2021-25122 CVE-2021-26272 CVE-2021-29425 CVE-2021-29921 CVE-2021-35551 CVE-2021-35557 CVE-2021-35558 CVE-2021-35576 CVE-2021-35599 CVE-2021-3561921 Oct 2021 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center < 2.222.43.0.1 / 2.249.30.0.1 / 2.263.2.2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-01-13)CVE-2021-21602 CVE-2021-21603 CVE-2021-21604 CVE-2021-21605 CVE-2021-21606 CVE-2021-21607 CVE-2021-21608 CVE-2021-21609 CVE-2021-21610 CVE-2021-21611 CVE-2021-21612 CVE-2021-21613 CVE-2021-2161429 Nov 2021 8 (v3) High Pass PHP 8.1.x < 8.1.0 Multiple Vulnerabilities CVE-2021-21703 CVE-2021-21706 CVE-2021-21707 30 Nov 2021 7 (v3) High Pass Jenkins Enterprise and Operations Center < 2.222.43.0.2 / 2.249.30.0.2 / 2.263.2.3 Arbitrary File Read (CloudBees Security Advisory 2021-01-26)CVE-2021-21615 03 Dec 2021 5.3 (v3) Medium Pass Apache 2.4.x >= 2.4.7 / < 2.4.52 Forward Proxy DoS / SSRF CVE-2021-44224 CVE-2021-44790 23 Dec 2021 9.8 (v3) Critical Pass Jenkins plugins Multiple Vulnerabilities (2022-01-12) CVE-2022-20612 CVE-2022-20613 CVE-2022-20614 CVE-2022-20615 CVE-2022-20616 CVE-2022-20617 CVE-2022-20618 CVE-2022-20619 CVE-2022-20620 CVE-2022-20621 CVE-2022-23105 CVE-2022-23106 CVE-2022-23107 CVE-2022-23108 CVE-2022-23109 CVE-2022-23110 CVE-2022-23111 CVE-2022-23112 CVE-2022-23113 CVE-2022-23114 CVE-2022-23115 CVE-2022-23116 CVE-2022-23117 CVE-2022-2311821 Jan 2022 8.8 (v3) High Pass Apache Tomcat 10.1.0.M1 < 10.1.0.M10 multiple vulnerabilities CVE-2022-23181 26 Jan 2022 7 (v3) High Pass Apache Tomcat 10.0.0.M5 < 10.0.16 multiple vulnerabilities CVE-2022-23181 26 Jan 2022 7 (v3) High Pass Atlassian Jira < 8.13.15 / 8.14.0 < 8.20.3 RCE (JRASERVER-73067) CVE-2021-43947 28 Jan 2022 7.2 (v3) High Pass Jenkins Enterprise and Operations Center < 2.277.43.0.5 / 2.319.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2022-01-12)CVE-2022-20612 CVE-2022-20613 CVE-2022-20614 CVE-2022-20615 CVE-2022-20616 CVE-2022-20617 CVE-2022-20618 CVE-2022-20619 CVE-2022-20620 CVE-2022-20621 CVE-2022-23105 CVE-2022-23106 CVE-2022-23107 CVE-2022-23108 CVE-2022-23109 CVE-2022-23110 CVE-2022-23111 CVE-2022-23112 CVE-2022-23113 CVE-2022-23114 CVE-2022-23115 CVE-2022-23116 CVE-2022-23117 CVE-2022-2311815 Feb 2022 8.8 (v3) High Pass PHP 7.4.x < 7.4.28 CVE-2021-21708 17 Feb 2022 9.8 (v3) Critical Pass Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.7 / 2.303.x < 2.303.30.0.6 / 2.319.3.4 Multiple VCVE-2022-25173 CVE-2022-25174 CVE-2022-25175 CVE-2022-25176 CVE-2022-25177 CVE-2022-25178 CVE-2022-25179 CVE-2022-25180 CVE-2022-25181 CVE-2022-25182 CVE-2022-25183 CVE-2022-25184 CVE-2022-25185 CVE-2022-25186 CVE-2022-25187 CVE-2022-25188 CVE-2022-25189 CVE-2022-25190 CVE-2022-25191 CVE-2022-25192 CVE-2022-25193 CVE-2022-25194 CVE-2022-25195 CVE-2022-25196 CVE-2022-25197 CVE-2022-25198 CVE-2022-25199 CVE-2022-25200 CVE-2022-25201 CVE-2022-25202 CVE-2022-25203 CVE-2022-25204 CVE-2022-25205 CVE-2022-25206 CVE-2022-25207 CVE-2022-25208 CVE-2022-25209 CVE-2022-25210 CVE-2022-25211 CVE-2022-25212ulnerabilities (CloudBees Security Advisory 2022-02-15) 08 Mar 2022 8.8 (v3) High Pass Apache 2.4.x < 2.4.53 Multiple Vulnerabilities CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 14 Mar 2022 9.8 (v3) Critical Pass Atlassian Jira < 8.13.18 / 8.14.x < 8.20.6 / 8.21.0 XSRF (JRASERVER-73138) CVE-2021-43952 21 Mar 2022 4.3 (v3) Medium Pass SonicWall Secure Remote Access (SRA) SQLi (SNWLID-2021-0017) CVE-2021-20028 04 Apr 2022 9.8 (v3) Critical Pass Juniper Junos OS Kernel Crash DoS (JSA11213) CVE-2021-0299 18 May 2022 7.5 (v3) High Pass GitLab 12.6 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure CVE-2022-1426 18 May 2022 3.7 (v3) Low Pass GitLab 13.9 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 DoS CVE-2022-1510 18 May 2022 7.5 (v3) High Pass GitLab 13.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure 18 May 2022 4.3 (v3) Medium Pass GitLab 11.0 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure CVE-2022-1352 18 May 2022 5.3 (v3) Medium Pass GitLab 14.4 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 XSS CVE-2022-1433 18 May 2022 6.1 (v3) Medium Pass GitLab 9.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Incorrect Authorization CVE-2022-1460 18 May 2022 4.9 (v3) Medium Pass GitLab 12.10 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 DoS CVE-2022-1431 18 May 2022 5.3 (v3) Medium Pass GitLab 8.12 < 14.8.6 / 8.13 < 14.9.4 / 8.14 < 14.10.1 Improper Access Control CVE-2022-1417 18 May 2022 4.3 (v3) Medium Pass Cisco IOS XE Software Web Services DoS (cisco-sa-http-dos-svOdkdBS) CVE-2022-20697 19 May 2022 8.6 (v3) High Pass IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.5 Information Disclosure (6585704) CVE-2022-22393 19 May 2022 6.5 (v3) Medium Pass Oracle Primavera Uniﬁer (Apr 2022 CPU) CVE-2021-23450 CVE-2021-41184 20 Apr 2022 9.8 (v3) Critical Pass GitLab 11.1.0 < 14.2.6 / 11.2.0 < 14.3.4 / 11.3.0 < 14.4.1 Approval Bypass CVE-2021-39909 20 Apr 2022 5.3 (v3) Medium Pass GitLab 0.8.0 < 14.4.1 Privilege Escalation CVE-2021-39913 20 Apr 2022 6.7 (v3) Medium Pass GitLab 13.5.0 < 14.2.6 / 14.3.0 < 14.3.4 / 14.4.0 < 14.4.1 Arbitrary Code Execution CVE-2021-39906 20 Apr 2022 6.1 (v3) Medium Pass GitLab 14.3 < 14.3.6 / 14.4 < 14.4.3 / 14.5 < 14.5.2 XSS CVE-2021-39946 20 Apr 2022 5.4 (v3) Medium Pass GitLab < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.21 Content Spooﬁng CVE-2022-0090 20 Apr 2022 6.5 (v3) Medium Pass GitLab 12.0 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 Improper Access CVE-2022-0125 20 Apr 2022 4.3 (v3) Medium Pass TCP/IP Initial Sequence Number (ISN) Reuse Weakness CVE-2002-1463 02 Aug 2002 7.3 (v3) High Pass Apple TV < 12.3 Multiple Vulnerabilities CVE-2019-6237 CVE-2019-8560 CVE-2019-8568 CVE-2019-8571 CVE-2019-8574 CVE-2019-8576 CVE-2019-8577 CVE-2019-8583 CVE-2019-8584 CVE-2019-8585 CVE-2019-8586 CVE-2019-8587 CVE-2019-8591 CVE-2019-8593 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8598 CVE-2019-8600 CVE-2019-8601 CVE-2019-8602 CVE-2019-8605 CVE-2019-8607 CVE-2019-8608 CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 CVE-2019-8615 CVE-2019-8619 CVE-2019-8620 CVE-2019-8622 CVE-2019-8623 CVE-2019-8628 CVE-2019-863715 May 2019 9.8 (v3) Critical Pass iLO 4 < 2.70 / iLO 5 < 1.40a Multiple Vulnerabilities CVE-2018-7117 CVE-2019-11982 CVE-2019-11983 23 May 2019 8.3 (v3) High Pass Tenable Nessus < 8.5.0 Multiple Vulnerabilities (TNS-2019-04) CVE-2019-3961 CVE-2019-3962 11 Jul 2019 6.1 (v3) Medium Pass Apple TV < 12.4 Multiple Vulnerabilities CVE-2018-16860 CVE-2019-8641 CVE-2019-8644 CVE-2019-8646 CVE-2019-8647 CVE-2019-8649 CVE-2019-8657 CVE-2019-8658 CVE-2019-8660 CVE-2019-8662 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8685 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-8698 CVE-2019-1311826 Jul 2019 9.8 (v3) Critical Pass OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities CVE-2019-1547 CVE-2019-1552 CVE-2019-1563 23 Aug 2019 4.7 (v3) Medium Pass VMware vCenter Server 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0013) CVE-2019-5531 CVE-2019-5532 CVE-2019-5534 02 Oct 2019 7.7 (v3) High Pass Atlassian JIRA < 8.3.2 Multiple Vulnerabilities CVE-2019-8446 CVE-2019-8447 CVE-2019-11584 CVE-2019-15005 04 Oct 2019 6.1 (v3) Medium Pass Atlassian JIRA 7.13.x < 7.13.6 / 8.x < 8.2.3 / 8.3.x < 8.3.2 Multiple Vulnerabilities CVE-2019-11585 CVE-2019-11586 CVE-2019-11587 CVE-2019-11588 CVE-2019-11589 07 Oct 2019 6.5 (v3) Medium Pass Juniper JSA10962 CVE-2019-0063 18 Oct 2019 7.5 (v3) High Pass Jenkins < 2.176.4 LTS / 2.197 Multiple Vulnerabilities CVE-2019-10401 CVE-2019-10402 CVE-2019-10403 CVE-2019-10404 CVE-2019-10405 CVE-2019-10406 21 Oct 2019 5.4 (v3) Medium Pass MikroTik RouterOS < 6.44.6 LTS or 6.45.x < 6.45.7 Multiple Vulnerabilities CVE-2019-3976 CVE-2019-3977 CVE-2019-3978 CVE-2019-3979 31 Oct 2019 8.8 (v3) High Pass macOS 10.14.x < 10.14.5 Multiple Vulnerabilities CVE-2018-4456 CVE-2019-6237 CVE-2019-8560 CVE-2019-8568 CVE-2019-8569 CVE-2019-8571 CVE-2019-8574 CVE-2019-8576 CVE-2019-8577 CVE-2019-8583 CVE-2019-8584 CVE-2019-8585 CVE-2019-8586 CVE-2019-8587 CVE-2019-8589 CVE-2019-8590 CVE-2019-8591 CVE-2019-8592 CVE-2019-8594 CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 CVE-2019-8598 CVE-2019-8600 CVE-2019-8601 CVE-2019-8602 CVE-2019-8603 CVE-2019-8604 CVE-2019-8605 CVE-2019-8606 CVE-2019-8607 CVE-2019-8608 CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 CVE-2019-8615 CVE-2019-8616 CVE-2019-8619 CVE-2019-8622 CVE-2019-8623 CVE-2019-8628 CVE-2019-8629 CVE-2019-8634 CVE-2019-863515 May 2019 9.8 (v3) Critical Pass macOS 10.14.x < 10.14.6 Multiple Vulnerabilities CVE-2018-16860 CVE-2018-19860 CVE-2019-8641 CVE-2019-8644 CVE-2019-8646 CVE-2019-8648 CVE-2019-8649 CVE-2019-8656 CVE-2019-8657 CVE-2019-8658 CVE-2019-8660 CVE-2019-8661 CVE-2019-8662 CVE-2019-8663 CVE-2019-8666 CVE-2019-8667 CVE-2019-8669 CVE-2019-8670 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8685 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-8691 CVE-2019-8692 CVE-2019-8693 CVE-2019-8694 CVE-2019-8695 CVE-2019-8697 CVE-2019-1311826 Jul 2019 9.8 (v3) Critical Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Jan 2020 CPU)CVE-2019-17091 CVE-2020-2556 CVE-2020-2707 17 Jan 2020 7.3 (v3) High Pass Splunk Enterprise 8.1 < 8.1.4 XSS CVE-2022-27183 27 May 2022 6.1 (v3) Medium Pass IBM BigFix Platform 9.2.x < 9.2.15 / 9.5.x < 9.5.10 Multiple Vulnerabilities CVE-2018-0739 CVE-2018-1474 CVE-2018-1476 CVE-2018-1478 CVE-2018-1480 CVE-2018-1481 CVE-2018-1484 CVE-2018-1485 21 Dec 2018 7.5 (v3) High Pass Splunk Enterprise 6.0.x < 6.0.14 / 6.1.x < 6.1.13 / 6.2.x < 6.2.14 / 6.3.x < 6.3.11 / 6.4.x < 6.4.8 / 6.5.x < 6.5.3 or Splunk Light < 6.6.0 Multiple VCVE-2018-7427 CVE-2018-7429 CVE-2018-7431 CVE-2018-7432ulnerabilities 09 Jan 2019 6.5 (v3) Medium Pass Authentication Bypass (Forced Browse) 09 Jan 2019 9.1 (v3) Critical Pass OS Command Injection 09 Jan 2019 9.1 (v3) Critical Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-9206 CVE-2018-14718 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 18 Jan 2019 10 (v3) Critical Pass MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WCVE-2017-0143 CVE-2017-0144 CVE-2017-0145 CVE-2017-0146 CVE-2017-0147 CVE-2017-0148annaCry) (EternalRocks) (Petya) (uncredentialed check) 20 Mar 2017 8.1 (v3) High Pass OMRON FINS UDP Protocol Detection 27 Oct 2016 None Pass Multiple SSH Vulnerabilities - Cisco Systems CVE-2001-0572 01 Sep 2010 7.5 (v2) High Pass CA DMPrimer Service Detection 19 Jan 2006 None Pass FTP Server Detection 12 Oct 1999 None Pass Cisco Email Security Appliance DoS (cisco-sa-20200219-esa-dos) CVE-2019-1947 28 Feb 2020 8.6 (v3) High Pass Puppet Enterprise < 3.1.0 Multiple Vulnerabilities CVE-2013-2065 CVE-2013-4287 CVE-2013-4957 CVE-2013-4965 29 Oct 2013 6.8 (v2) Medium Pass Citrix NFuse Launch Scripts 'NFuse_Application' Parameter XSS CVE-2002-0504 02 Sep 2004 4.3 (v2) Medium 63

Pass OS Identiﬁcation : Miscellaneous Methods 01 Apr 2013 None Pass Juniper Junos Sockets Library Buﬀer Overﬂow Privilege Escalation (JSA10792) CVE-2017-2344 23 Aug 2017 7.8 (v3) High Pass Authenticated Check : OS Name and Installed Package Enumeration 06 Jul 2004 None Pass OS Identiﬁcation : MSRPC 19 May 2007 None Pass Juniper Junos J-Web Weak SSL Ciphers (PSN-2011-01-147) 22 Aug 2011 2.9 (v2) Low Pass IRC Daemon STARTTLS Command Support 08 Jan 2016 None Pass rsync STARTTLS Command Support 08 Jan 2016 None Pass AXIGEN Mail Server AXIMilter CNHO Command Remote Format String CVE-2008-0434 28 Jan 2008 5.1 (v2) Medium Pass IBM Tivoli Provisioning Manager OS Deployment < 5.1.0.3 Interim Fix 3 HTTP Server Logging Functionality Remote OverCVE-2008-0401ﬂow 13 Feb 2008 10 (v2) Critical Pass OpenSSL 1.0.2 < 1.0.2za Vulnerability CVE-2021-3712 24 Aug 2021 7.4 (v3) High Pass NetSpy Malware Services Detection 29 Mar 2016 10 (v2) Critical Pass Juniper Junos LLDP Packet Handling Memory Corruption Vulnerability (JSA10830) CVE-2018-0007 26 Jan 2018 8.4 (v3) High Pass Apache Tomcat 7.0.x < 7.0.40 Multiple Vulnerabilities CVE-2013-2071 CVE-2013-4444 15 May 2013 3.7 (v3) Low Pass Apache Tomcat 7.0.x < 7.0.52 Content-Type DoS CVE-2014-0050 25 Feb 2014 5.3 (v3) Medium Pass Cisco Email Security Appliance (ESA) GUI Denial of Service Vulnerability CVE-2020-3164 13 Mar 2020 5.3 (v3) Medium Pass SurgeMail <= 3.0c2 Multiple XSS CVE-2005-1714 20 May 2005 4.3 (v2) Medium Pass OTRS Authenticated Remote Code Execution (OSA-2017-09) CVE-2017-16921 14 Feb 2019 8.8 (v3) High Pass Juniper Junos Key Exchange Initialization Handling Memory Exhaustion Remote DoS (JSA10837) CVE-2016-8858 26 Jan 2018 7.5 (v3) High Pass Cisco Email Security Appliance Privilege Escalation Vulnerability CVE-2018-0095 26 Jan 2018 7.8 (v3) High Pass Apache Storm < 1.1.3 / 1.2.x < 1.2.2 arbitrary ﬁle write vulnerability CVE-2018-8008 28 Feb 2019 5.5 (v3) Medium Pass VMware vRealize Automation Deserialization Vulnerability (VMSA-2018-0006) CVE-2017-4947 06 Feb 2018 9.8 (v3) Critical Pass Default Password ('!2345Asdfg') for 'root' Account CVE-1999-0502 06 Mar 2019 9.8 (v3) Critical Pass Mac OS X 10.10.x < 10.10.1 Multiple Vulnerabilities CVE-2014-4453 CVE-2014-4458 CVE-2014-4459 CVE-2014-4460 18 Nov 2014 6.8 (v2) Medium Pass rsh Unauthenticated Access (via ﬁnger Information) CVE-2012-6392 23 Apr 2000 10 (v2) Critical Pass Icecast utils.c fd_write Function Format String CVE-2001-0197 24 Jan 2001 10 (v2) Critical Pass MariaDB 10.3.1 < 10.3.2 Multiple DoS Vulnerabilities 07 Dec 2017 4.3 (v3) Medium Pass Atlassian Jira < 8.13.18 / 8.14.x < 8.20.6 / 8.21.x Authentication Bypass in Seraph (JRASERVER-73650) CVE-2022-0540 22 Apr 2022 9.8 (v3) Critical Pass Jenkins LTS < 2.319.3 / Jenkins weekly < 2.334 Multiple Vulnerabilities CVE-2021-43859 CVE-2022-0538 09 Feb 2022 7.5 (v3) High Pass pfSense < 2.2 Multiple XSS Vulnerabilities (SA-15_01) 31 Jan 2018 4.7 (v3) Medium Pass lighttpd HTTP Server Detection 06 Feb 2018 None Pass SMTP Host Information in NTLM SSP 28 Mar 2018 None Pass MySQL Eventum index.php email Parameter XSS 03 Jan 2005 4.3 (v2) Medium Pass POP3 Host Information in NTLM SSP 03 Apr 2018 None Pass Sendmail Crafted ETRN Commands Remote DoS CVE-1999-1109 11 Mar 2003 5.3 (v3) Medium Pass Cisco IOS Software IOx Application Hosting Environment (cisco-sa-iox-yuXQ6hFj) CVE-2022-20718 CVE-2022-20719 CVE-2022-20720 CVE-2022-20721 CVE-2022-20722 CVE-2022-20723 CVE-2022-20724 CVE-2022-20725 CVE-2022-20726 CVE-2022-2072722 Apr 2022 7.5 (v3) High Pass VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2021-0016) CVE-2021-22002 CVE-2021-22003 12 Aug 2021 9.8 (v3) Critical Pass Belkin N750 Router Command Injection 10 Jul 2017 9.8 (v3) Critical Pass Wind River VxWorks < 7.0 Multiple Vulnerabilities CVE-2020-13603 CVE-2020-35198 20 Aug 2021 9.8 (v3) Critical Pass WordPress Outdated Plugin Detection 20 Jul 2017 None Pass Nonexistent Page (404) Physical Path Disclosure CVE-2001-1372 CVE-2002-0266 CVE-2002-2008 CVE-2003-0456 11 Jun 2003 5 (v2) Medium Pass NETGEAR DGN Remote Unauthenticated Command Execution 24 Oct 2017 9.8 (v3) Critical Pass SSH Compression Error Checking 06 Nov 2017 None Pass Cisco Uniﬁed CommunicationsManager Information Disclosure (cisco-sa-cucm-logging-6QSWKRYz) CVE-2021-1226 22 Jan 2021 6.5 (v3) Medium Pass Cisco IOS Smart Install Protocol Misuse (cisco-sr-20170214-smi) 06 Apr 2017 None Pass Default Password 'cat1029' for 'Wproot' Account 01 Dec 2017 9.8 (v3) Critical Pass Apache Tomcat 8.5.7 < 8.5.11 nextRequest Information Disclosure CVE-2016-8747 13 Apr 2017 7.5 (v3) High Pass Apache Tomcat 8.5.x < 8.5.13 / 9.0.x < 9.0.0.M19 Multiple Vulnerabilities CVE-2017-5647 CVE-2017-5650 CVE-2017-5651 14 Apr 2017 9.8 (v3) Critical Pass Tenable SecurityCenter PHP < 5.6.30 Multiple Vulnerabilities (TNS-2017-04) CVE-2017-11147 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10167 CVE-2016-10168 26 Jun 2017 9.8 (v3) Critical Pass OpenSSL < 0.9.6m / 0.9.7d Multiple Remote DoS CVE-2004-0079 CVE-2004-0081 CVE-2004-0112 17 Mar 2004 5 (v2) Medium Pass Oracle WebCenter Content Detection 16 Feb 2012 None Pass ZXShell Malware Services Detection 14 Oct 2014 10 (v2) Critical Pass Cisco IOS Software VPLS denial of service (cisco-sa-20170927-vpls) CVE-2017-12238 05 Oct 2017 6.5 (v3) Medium Pass Comelit Camera Detection 21 Apr 2017 None Pass Splunk Enterprise 6.4.x < 6.4.7 Multiple Vulnerabilities 27 Apr 2017 4.3 (v3) Medium Pass SSH Weak Algorithms Supported 04 Apr 2016 4.3 (v2) Medium Pass macOS 10.15.x < 10.15.2 / 10.14.x < 10.14.6 Security Update 2019-002 / 10.13.x < 10.13.6 Security Update 2019-007CVE-2012-1164 CVE-2012-2668 CVE-2013-4449 CVE-2015-1545 CVE-2017-16808 CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16301 CVE-2018-16451 CVE-2018-16452 CVE-2019-8828 CVE-2019-8830 CVE-2019-8832 CVE-2019-8833 CVE-2019-8837 CVE-2019-8838 CVE-2019-8839 CVE-2019-8842 CVE-2019-8847 CVE-2019-8848 CVE-2019-8852 CVE-2019-8853 CVE-2019-8856 CVE-2019-13057 CVE-2019-13565 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 CVE-2019-15166 CVE-2019-15167 CVE-2019-1590312 Dec 2019 9.8 (v3) Critical Pass MySQL 5.6.x < 5.6.39 Multiple Vulnerabilities (January 2018 CPU) CVE-2017-3737 CVE-2018-2562 CVE-2018-2573 CVE-2018-2583 CVE-2018-2590 CVE-2018-2591 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2647 CVE-2018-2665 CVE-2018-2668 CVE-2018-2696 CVE-2018-270317 Jan 2018 5.5 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2018 CPU) CVE-2017-10282 CVE-2017-12617 CVE-2018-2575 CVE-2018-2680 CVE-2018-2699 19 Jan 2018 8.1 (v3) High Pass Apache Tomcat 9.0.0.M22 < 9.0.2 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 3.7 (v3) Low Pass Apache Tomcat 8.0.0.RC1 < 8.0.50 Security Constraint Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 3.7 (v3) Low Pass Splunk Enterprise < 5.0.15 / 6.0.11 / 6.1.10 / 6.2.9 / 6.3.3.4 or Splunk Light < 6.2.9 / 6.3.3.4 Multiple Vulnerabilities (DROWN)CVE-2015-7995 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 25 Apr 2016 9.8 (v3) Critical Pass Oracle Database Server Java VM Unspeciﬁed Remote Code Execution (April 2018 CPU) CVE-2018-2841 20 Apr 2018 8.5 (v3) High Pass AirConnect Default Password CVE-1999-0508 22 May 2002 7.5 (v2) High Pass OpenSSL 1.0.2 < 1.0.2c ASN.1 Encoder Negative Zero Value Handling RCE CVE-2016-2108 04 May 2016 9.8 (v3) Critical Pass Tenable SecurityCenter < 5.7.0 Multiple Vulnerabilites (TNS-2018-11) CVE-2018-1154 CVE-2018-1155 16 Aug 2018 5.4 (v3) Medium Pass Cisco Application Policy Infrastructure Controller Stored XSS (cisco-sa-capic-scss-bFT75YrM) CVE-2021-1582 01 Sep 2021 5.4 (v3) Medium Pass Apache Struts 2.x < 2.3.4.1 Multiple Vulnerabilities (S2-010) (S2-011) CVE-2012-4386 CVE-2012-4387 11 Sep 2018 7.1 (v3) High Pass Apache Tomcat < 6.0.6 Cross-Site Scripting CVE-2007-1358 11 Jan 2019 4.3 (v3) Medium Pass PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy) CVE-2015-8879 CVE-2016-5385 CVE-2016-5399 CVE-2016-6207 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6293 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-629726 Jul 2016 9.8 (v3) Critical Pass Cisco IOS XR gRPC Software Denial of Service Vulnerability CVE-2019-1711 26 Apr 2019 7.5 (v3) High Pass Juniper JSA10904 CVE-2015-1283 29 May 2019 7.3 (v3) High Pass Juniper JSA10933 CVE-2019-0041 07 Jun 2019 8.6 (v3) High Pass IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904) CVE-2018-1904 20 Jun 2019 9.8 (v3) Critical Pass Cisco Data Center Network Manager < 11.1(1) Authentication Bypass Vulnerability CVE-2019-1619 12 Jul 2019 9.8 (v3) Critical Pass MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU) CVE-2018-16890 CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2741 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2791 CVE-2019-2797 CVE-2019-2805 CVE-2019-2819 CVE-2019-2948 CVE-2019-2969 CVE-2019-3822 CVE-2019-382318 Jul 2019 9.8 (v3) Critical Pass Nortel/Bay Networks Default Password CVE-1999-0508 05 Jun 2002 7.8 (v2) High Pass Juniper JSA10943 CVE-2019-0049 05 Aug 2019 7.5 (v3) High Pass Cisco IOS Short Message Service Denial of Service Vulnerability CVE-2019-1747 23 Aug 2019 8.6 (v3) High Pass Atlassian JIRA 7.x.x < 7.13.1 / 8.0.0 Cross-Site Scripting (XSS) Vulnerability (SB18-141) CVE-2018-20827 05 Sep 2019 5.4 (v3) Medium Pass ArubaOS-Switch Ripple20 Multiple Vulnerabilities (ARUBA-PSA-2020-006) CVE-2020-11896 CVE-2020-11897 CVE-2020-11898 CVE-2020-11899 CVE-2020-11900 CVE-2020-11901 CVE-2020-11902 CVE-2020-11903 CVE-2020-11904 CVE-2020-11905 CVE-2020-11906 CVE-2020-11907 CVE-2020-11908 CVE-2020-11909 CVE-2020-11910 CVE-2020-11911 CVE-2020-11912 CVE-2020-11913 CVE-2020-1191430 Jun 2021 10 (v3) Critical Pass Cisco FXOS Software Command Injection Vulnerabilities (cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782)CVE-2019-1781 CVE-2019-1782 15 Oct 2019 6.7 (v3) Medium Pass Cisco TelePresence Collaboration Endpoint Software Command Injection Vulnerability (cisco-sa-20191016-tele-ce-cmdinj)CVE-2019-15274 07 Nov 2019 6.7 (v3) Medium Pass MS03-043: Buﬀer Overrun in Messenger Service (828035) (uncredentialed check) CVE-2003-0717 16 Oct 2003 10 (v2) Critical Noise TLS ALPN Supported Protocol Enumeration 17 Jul 2015 None Pass Cisco NX-OS Software Command Injection (CVE-2019-1784) CVE-2019-1784 12 Nov 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1776) CVE-2019-1776 14 Nov 2019 6.7 (v3) Medium Pass Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write (cisco-sa-20180926-ir800-memwrite)CVE-2018-15375 CVE-2018-15376 16 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612) CVE-2019-1612 18 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software CLI Command Injection Vulnerability (cisco-sa-20190306-nxos-cmdinj-1608) CVE-2019-1608 20 Dec 2019 6.7 (v3) Medium Pass DNS Server Zone Transfer Information Disclosure (AXFR) CVE-1999-0532 16 Jan 2001 5 (v2) Medium Pass MySQL 5.7.x < 5.7.29 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-5482 CVE-2020-2570 CVE-2020-2572 CVE-2020-2573 CVE-2020-2574 CVE-2020-2577 CVE-2020-2579 CVE-2020-2584 CVE-2020-2589 CVE-2020-2660 CVE-2020-2790 CVE-2020-2806 CVE-2020-281416 Jan 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.10 Privilege Escalation (CVE-2018-1901)CVE-2018-1901 28 Jan 2020 8.8 (v3) High Pass IBM WebSphere Application Server Denial of Service (CVE-2019-4720) CVE-2019-4720 07 Feb 2020 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.3 Command Execution (CVE-2020-4163)CVE-2020-4163 14 Feb 2020 7.2 (v3) High Pass Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability CVE-2020-3165 09 Mar 2020 8.2 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 Privilege Escalation (CVE-2020-4276)CVE-2020-4276 02 Apr 2020 7.5 (v3) High Pass MySQL 5.6.x < 5.6.48 Multiple Vulnerabilities (Apr 2020 CPU) CVE-2020-2752 CVE-2020-2763 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2814 CVE-2020-2922 CVE-2021-2007 17 Apr 2020 3.7 (v3) Low Pass MySQL 5.7.x < 5.7.30 Multiple Vulnerabilities (Jan 2020 CPU) CVE-2019-15601 CVE-2020-2760 CVE-2020-2763 CVE-2020-2765 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2922 CVE-2021-2007 CVE-2021-214417 Apr 2020 7.5 (v3) High Pass MySQL 8.0.x < 8.0.20 Multiple Vulnerabilities (Apr 2020 CPU) CVE-2019-15601 CVE-2020-2759 CVE-2020-2760 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2892 CVE-2020-2893 CVE-2020-2895 CVE-2020-2896 CVE-2020-2897 CVE-2020-2898 CVE-2020-2901 CVE-2020-2903 CVE-2020-2904 CVE-2020-2921 CVE-2020-2923 CVE-2020-2924 CVE-2020-2925 CVE-2020-2926 CVE-2020-2928 CVE-2020-2930 CVE-2021-2006 CVE-2021-2007 CVE-2021-2009 CVE-2021-2016 CVE-2021-2019 CVE-2021-214422 Jan 2021 7.5 (v3) High Pass Junos OS: Established BGP Session Termination Vulnerability (JSA10996) CVE-2020-1613 30 Apr 2020 7.5 (v3) High Pass IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 Information Disclosure (CVE-2018-1957) CVE-2018-1957 11 May 2020 5.5 (v3) Medium Pass Cisco IOS Software Secure Shell DoS (cisco-sa-ssh-dos-Un22sd2A) CVE-2020-3200 05 Jun 2020 7.7 (v3) High Pass Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection (cisco-sa-ios-iot-vds-cmd-inj-VfJtqGhE)CVE-2020-3210 10 Jun 2020 6.7 (v3) Medium Pass SMB Password Encryption Not Required 05 Jan 2016 4.3 (v2) Medium Pass Cisco IOS Internet Key Exchange Version 2 DoS (cisco-sa-ikev2-9p23Jj2a) CVE-2020-3230 26 Jun 2020 7.5 (v3) High Pass Windows NetBIOS / SMB Remote Host Report Tag 05 Nov 2018 None Pass Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Veriﬁcation Bypass (cisco-sa-ios-ir800-img-verif-wHhLCVE-2020-3208 YHjK) 07 Jul 2020 6.7 (v3) Medium Pass Cisco NX-OS Software CLI to Internal Service Bypass (cisco-sa-20190515-nxos-cli-bypass) CVE-2019-1726 18 Aug 2020 7.8 (v3) High Pass Lexmark MarkVision Enterprise ReportDownloadServlet Information Disclosure CVE-2014-8742 15 Jan 2015 5 (v2) Medium Pass Cisco Small Business RV340 Series Routers Firmware < 1.0.03.19 Command Injection and RCE (cisco-sa-rv-osinj-rCVE-2020-3451 CVE-2020-3453ce-pwTkPCJv) 04 Sep 2020 6.8 (v3) Medium Pass Cisco IOS Software Information Disclosure (cisco-sa-info-disclosure-V4BmJBNF) CVE-2020-3477 02 Oct 2020 5.5 (v3) Medium Pass EMC vApp Manager Default Credentials CVE-2018-1216 15 Feb 2018 9.8 (v3) Critical 64

Pass Novell ZENworks ChangePassword RPC XPath Injection CVE-2015-5970 26 Feb 2016 5.3 (v3) Medium Pass MySQL 8.0.x < 8.0.23 Multiple Vulnerabilities (Jan 2021 CPU) CVE-2020-1971 CVE-2021-2002 CVE-2021-2010 CVE-2021-2011 CVE-2021-2014 CVE-2021-2021 CVE-2021-2022 CVE-2021-2024 CVE-2021-2031 CVE-2021-2032 CVE-2021-2036 CVE-2021-2038 CVE-2021-2046 CVE-2021-2048 CVE-2021-2056 CVE-2021-2058 CVE-2021-2060 CVE-2021-2061 CVE-2021-2065 CVE-2021-2070 CVE-2021-2072 CVE-2021-2076 CVE-2021-2081 CVE-2021-2087 CVE-2021-2088 CVE-2021-2122 CVE-2021-2178 CVE-2021-2202 CVE-2021-221322 Jan 2021 5 (v3) Medium Pass Novell Open Enterprise Server Remote Manager (novell-nrm) POST Request Content-Length Overﬂow CVE-2005-3655 20 Jan 2006 7.5 (v2) High Pass VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0009) (remote check) CVE-2013-0166 CVE-2013-0169 CVE-2013-0268 CVE-2013-0338 CVE-2013-0871 CVE-2013-2116 04 Mar 2016 6.9 (v2) Medium Pass VMware ESX / ESXi Guest OS Local Privilege Escalation (VMSA-2013-0014) (remote check) CVE-2013-3519 04 Mar 2016 7.9 (v2) High Pass Atlassian Conﬂuence Server Arbitrary File Read (CVE-2021-26085) CVE-2021-26085 20 Oct 2021 5.3 (v3) Medium Pass OpenSSL Unsupported 17 Oct 2014 10 (v3) Critical Pass Tenable SecurityCenter 5.16.x / 5.17.0 Multiple Vulnerabilities (TNS-2021-03) CVE-2021-23840 CVE-2021-23841 05 Mar 2021 7.5 (v3) High Pass Cisco TelePresence Management Suite Stored XSS (cisco-sa-tms-xss-CwjZJSQc) CVE-2021-34760 27 Oct 2021 4.8 (v3) Medium Pass IBM Network Security Protection XGS Remote Code Execution (swg21690823) (credentialed check) CVE-2014-6183 02 Jan 2015 4 (v2) Medium Pass Cisco Email Security Appliance Filter Bypass (cisco-sa-ESA-ﬁlt-39jXvMfM) CVE-2020-3370 23 Jul 2020 5.8 (v3) Medium Pass Cisco Email Security Appliance DoS (cisco-sa-esa-tls-dos-xW53TBhb) CVE-2020-3548 04 Sep 2020 5.3 (v3) Medium Pass PHP 7.3.x < 7.3.31 Arbitrary File Write CVE-2021-21706 28 Oct 2021 6.5 (v3) Medium Pass Symantec (Blue Coat) Reporter Denial of Service vulnerability (SYMSA1280) CVE-2011-1473 23 May 2019 6.5 (v3) Medium Pass SolarWinds Orion Platform 2020.2.0 < 2020.2.6 Multiple Vulnerabilities CVE-2021-35213 CVE-2021-35215 17 Nov 2021 8.8 (v3) High Pass Cisco IOS Software DHCP Remote Code Execution Vulnerability CVE-2017-12240 02 Oct 2017 9.8 (v3) Critical Pass Cisco IOS Software CIP Multiple Vulnerabilities (cisco-sa-20170927-cip) CVE-2017-12233 CVE-2017-12234 05 Oct 2017 7.5 (v3) High Pass Microsoft Windows XP Unsupported Installation Detection 25 Mar 2014 10 (v3) Critical Pass Cyrus IMAPd NNTP AUTHINFO USER Command Parsing Authentication Bypass CVE-2011-3372 19 Dec 2011 6.4 (v2) Medium Pass VMware vCenter Operations Manager Web UI Default Credentials 10 Apr 2015 7.5 (v2) High Pass Cisco IOS Software Quality of Service Remote Code Execution Vulnerability CVE-2018-0151 29 Mar 2018 9.8 (v3) Critical Pass Cisco IOS Software Link Layer Discovery Protocol Buﬀer Overﬂow Vulnerabilities (cisco-sa-20180328-lldp)CVE-2018-0167 CVE-2018-0175 06 Apr 2018 8.8 (v3) High Pass Cisco Uniﬁed Communications Manager Java Interface SQL Injection (CSCuo17337) CVE-2014-3287 18 Jun 2014 4 (v2) Medium Pass Atlassian JIRA Server & JIRA Data Center Template Injection Vulnerability CVE-2019-11581 11 Jul 2019 9.8 (v3) Critical Pass Cisco Uniﬁed Computing System Integrated Management Controller XSRF (CSCuq45477) CVE-2014-7996 01 May 2015 6.8 (v2) Medium Pass IBM Rational License Key Server Administration and Reporting Tool 8.1.4.x < 8.1.4.7 XSS CVE-2015-1907 18 May 2015 4 (v2) Medium Pass Cisco IOS Software Integrated Services Module for VPN DoS (cisco-sa-20180328-dos) CVE-2018-0154 21 Nov 2019 7.5 (v3) High Pass Apple TV < 12.4.1 A Use-After-Free Vulnerability CVE-2019-8605 04 Dec 2019 7.8 (v3) High Pass ManageEngine Applications Manager Unsupported Version Detection 08 Jun 2015 10 (v2) Critical Pass Cisco IOS Software Internet Key Exchange Version 1 DoS (cisco-sa-20180328-ike-dos) CVE-2018-0159 27 Nov 2019 7.5 (v3) High Pass phpMoAdmin Detection 16 Jun 2015 None Pass Splunk Unsupported Version Detection 23 Jun 2015 10 (v3) Critical Pass Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability CVE-2019-1605 20 Dec 2019 7.8 (v3) High Pass Palo Alto Networks PAN-OS GlobalProtect Web Portal RCE (PAN-SA-2016-0005) CVE-2016-3657 28 Mar 2016 9.8 (v3) Critical Pass EMC Documentum D2 4.1 / 4.2.x < 4.2 P16 / 4.5.x < 4.5 P03 Multiple DQL Injection Vulnerabilities CVE-2015-0547 CVE-2015-0548 09 Jul 2015 4 (v2) Medium Pass MaraDNS Server Version Detection 11 Apr 2014 None Pass Cisco IOS Software Simple Network Management Protocol GET MIB Object ID DoS (cisco-sa-20180328-snmp)CVE-2018-0161 27 Nov 2019 6.3 (v3) Medium Pass Oracle GlassFish Server Multiple Vulnerabilities (July 2015 CPU) CVE-2014-1569 CVE-2015-2623 CVE-2015-4744 16 Jul 2015 7.5 (v2) High Pass IBM DB2 9.7 < Fix Pack 11 Multiple Vulnerabilities (Bar Mitzvah) (FREAK) (TLS POODLE) CVE-2014-0919 CVE-2014-6209 CVE-2014-6210 CVE-2014-8730 CVE-2014-8901 CVE-2014-8910 CVE-2015-0138 CVE-2015-0157 CVE-2015-1788 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 CVE-2015-280818 Jul 2015 7.6 (v3) High Pass Polycom SIP Detection 23 Sep 2013 None Pass Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities CVE-2009-5044 CVE-2009-5078 CVE-2012-6685 CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 CVE-2013-7040 CVE-2013-7338 CVE-2013-7422 CVE-2014-0067 CVE-2014-0106 CVE-2014-0191 CVE-2014-1912 CVE-2014-3581 CVE-2014-3583 CVE-2014-3613 CVE-2014-3620 CVE-2014-3660 CVE-2014-3707 CVE-2014-7185 CVE-2014-7844 CVE-2014-8109 CVE-2014-8150 CVE-2014-8151 CVE-2014-8161 CVE-2014-8767 CVE-2014-8769 CVE-2014-9140 CVE-2014-9365 CVE-2014-9680 CVE-2015-0228 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 CVE-2015-0253 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2783 CVE-2015-2787 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153 CVE-2015-3183 CVE-2015-3185 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3729 CVE-2015-3730 CVE-2015-3731 CVE-2015-3732 CVE-2015-3733 CVE-2015-3734 CVE-2015-3735 CVE-2015-3736 CVE-2015-3737 CVE-2015-3738 CVE-2015-3739 CVE-2015-3740 CVE-2015-3741 CVE-2015-3742 CVE-2015-3743 CVE-2015-3744 CVE-2015-3745 CVE-2015-3746 CVE-2015-3747 CVE-2015-3748 CVE-2015-3749 CVE-2015-3750 CVE-2015-3751 CVE-2015-3752 CVE-2015-3753 CVE-2015-3754 CVE-2015-3755 CVE-2015-3757 CVE-2015-3760 CVE-2015-3761 CVE-2015-3762 CVE-2015-3764 CVE-2015-3765 CVE-2015-3766 CVE-2015-3767 CVE-2015-3768 CVE-2015-3769 CVE-2015-3770 CVE-2015-3771 CVE-2015-3772 CVE-2015-3773 CVE-2015-3774 CVE-2015-3775 CVE-2015-3776 CVE-2015-3777 CVE-2015-3778 CVE-2015-3779 CVE-2015-3780 CVE-2015-3781 CVE-2015-3782 CVE-2015-3783 CVE-2015-3784 CVE-2015-3786 CVE-2015-3787 CVE-2015-3788 CVE-2015-3789 CVE-2015-3790 CVE-2015-3791 CVE-2015-3792 CVE-2015-3794 CVE-2015-3795 CVE-2015-3796 CVE-2015-3797 CVE-2015-3798 CVE-2015-3799 CVE-2015-3800 CVE-2015-3802 CVE-2015-3803 CVE-2015-3804 CVE-2015-3805 CVE-2015-3806 CVE-2015-3807 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 CVE-2015-5600 CVE-2015-5747 CVE-2015-5748 CVE-2015-5750 CVE-2015-5751 CVE-2015-5753 CVE-2015-5754 CVE-2015-5755 CVE-2015-5756 CVE-2015-5757 CVE-2015-5758 CVE-2015-5761 CVE-2015-5763 CVE-2015-5768 CVE-2015-5771 CVE-2015-5772 CVE-2015-5773 CVE-2015-5774 CVE-2015-5775 CVE-2015-5776 CVE-2015-5777 CVE-2015-5778 CVE-2015-5779 CVE-2015-5781 CVE-2015-5782 CVE-2015-5783 CVE-2015-578417 Aug 2015 9.3 (v2) High Pass Alcatel OmniSwitch Default Credentials (telnet) 30 Sep 2013 6.4 (v2) Medium Pass Xerox WorkCentre Multiple Unspeciﬁed Vulnerabilities (XRX13-006) 10 Oct 2013 10 (v2) Critical Pass Xerox ColorQube Multiple Unspeciﬁed Vulnerabilities (XRX13-006) 10 Oct 2013 10 (v2) Critical Pass Tenable Appliance Web Detection 17 Jul 2012 None Pass NETGEAR ReadyNAS Remote Unauthenticated Command Execution CVE-2013-2751 24 Oct 2013 9.8 (v3) Critical Pass ESXi 5.0 < Build 1197855 NFC Traﬃc Denial of Service (remote check) CVE-2013-1661 13 Nov 2013 4.3 (v2) Medium Pass OpenVAS Administrator / Manager Authentication Bypass CVE-2013-6765 CVE-2013-6766 15 Nov 2013 7.5 (v2) High Pass SSH Weak MAC Algorithms Enabled 22 Nov 2013 2.6 (v2) Low Pass Blackboard LC3000 Laundry Reader Default Telnet Password 26 Nov 2013 10 (v2) Critical Pass ASUS RT-N13U Router Built-in Admin Telnet Account with Unchangeable Password 26 Nov 2013 10 (v2) Critical Pass ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check) CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 CVE-2011-3905 CVE-2011-3919 CVE-2012-0841 13 Nov 2013 9.3 (v2) High Pass Cisco WAAS Mobile Server Web Administration Interface Detection 07 Jan 2014 None Pass ScMM DSL Modem/Router Backdoor Detection CVE-2014-0659 06 Jan 2014 10 (v2) Critical Pass ESXi 5.5 < Build 1474526 File Descriptors Privilege Escalation (remote check) CVE-2013-5973 31 Dec 2013 4.4 (v2) Medium Pass OpenSSL 1.0.0 < 1.0.0l DTLS Security Bypass CVE-2013-6450 08 Jan 2014 5.8 (v2) Medium Pass HP Intelligent Management Center Web Administration Interface Default Credentials 09 Jan 2014 7.5 (v2) High Pass NETGEAR DGN2200 Multiple Vulnerabilities 05 Mar 2014 8.8 (v3) High Pass Cisco TelePresence ISDN Gateway D-Channel DoS CVE-2014-0660 28 Jan 2014 7.1 (v2) High Pass Alvarion Multiple Products Default Telnet Credentials 31 Jan 2014 10 (v2) Critical Pass SAProuter Remote Authentication Bypass (Note 1853140) CVE-2013-7093 03 Feb 2014 5 (v2) Medium Pass Emerson Network Power Avocent MergePoint Unity KVM Switch < 1.14 / 1.18 download.php ﬁlename Parameter DirCVE-2013-6030ectory Traversal 05 Feb 2014 5 (v2) Medium Pass Geeklog auth.inc.php loginname Parameter SQL Injection CVE-2006-2700 31 May 2006 5.1 (v2) Medium Pass Nortel CS Signaling Server Default Admin Credentials 20 Feb 2014 9.8 (v3) Critical Pass CoSoSys Endpoint Protector < 4.4.0.1 Unspeciﬁed XSS 24 Feb 2014 4.3 (v2) Medium Pass Anonymous SFTP Enabled 24 Feb 2014 None Pass Adobe Connect < 9.5.7 event_registration.html Multiple Parameter XSS (APSB16-35) CVE-2016-7851 14 Nov 2016 6.1 (v3) Medium Pass DNS Server Version Detection 03 Mar 2014 None Pass Xerox ColorQube ConnectKey Controller Multiple Unspeciﬁed Vulnerabilities (XRX14-001) 19 Feb 2014 10 (v2) Critical Pass IBM Rational Focal Point RequestAccessController Servlet File Disclosure CVE-2013-5398 06 Mar 2014 3.3 (v2) Low Pass activePDF Server < 3.8.6 Packet Handling Remote Overﬂow CVE-2007-5397 05 Mar 2008 10 (v2) Critical Pass Veritas Storage Foundation Multiple Service Remote DoS (SYM08-004) CVE-2007-4516 CVE-2008-0638 15 Apr 2008 3.3 (v2) Low Pass Cisco ONS 15454 Controller Card DoS (CSCun06870) CVE-2014-2142 10 Apr 2014 5 (v2) Medium Pass MS07-062: Vulnerability in DNS Could Allow Spooﬁng (941672) (uncredentialed check) CVE-2007-3898 05 Mar 2014 6.4 (v2) Medium Pass Oracle WebLogic Server mod_wl Invalid Parameter Remote Overﬂow (1150354) CVE-2008-4008 16 Nov 2008 10 (v2) Critical Pass Atmail Webmail < 6.5.0 'DOM processor' XSS 18 Apr 2014 4.3 (v2) Medium Pass Apple iTunes < 12.10.3 Multiple Vulnerabilities (uncredentialed check) CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-8848 CVE-2019-15903 27 Dec 2019 8.8 (v3) High Pass Cisco Network Registrar 7.1 DHCPv6 DoS (CSCuo07437) CVE-2014-2155 29 Apr 2014 5 (v2) Medium Pass ACC Tigris Access Terminal Conﬁguration Disclosure CVE-1999-0383 21 Mar 2000 6.4 (v2) Medium Pass Multiple Vendor SNMP public Community String Information Disclosure 19 May 2014 5 (v2) Medium Pass Web Server on Extended Support 11 Jun 2014 None Pass Brocade Fabric OS Default Credentials 16 Jun 2014 9.8 (v3) Critical Pass RSP Detection 27 Sep 2010 None Pass Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure CVE-2013-0169 14 Jul 2014 2.6 (v2) Low Pass HP Intelligent Management Center 7.x < 7.0-E0202P03 Multiple Vulnerabilities CVE-2014-2618 CVE-2014-2619 CVE-2014-2620 CVE-2014-2621 CVE-2014-2622 21 Jul 2014 8.5 (v2) High Pass HP BladeSystem c-Class Onboard Administrator 4.11 / 4.20 Heartbeat Information Disclosure (Heartbleed)CVE-2014-0160 15 Jul 2014 7.5 (v3) High Pass Junos OS: Path traversal vulnerability in J-Web (JSA10985) CVE-2020-1606 17 Jan 2020 5.4 (v3) Medium Pass WebTitan Web Interface Default Credentials 24 Jul 2014 7.5 (v2) High Pass CODESYS WAGO WebVisu Password Information Disclosure Vulnerability 25 Aug 2014 5 (v2) Medium Pass CODESYS WAGO WebVisu Detection 25 Aug 2014 None Pass OS Identiﬁcation : NTP 19 May 2007 None Pass Unsupported Cisco MXP Series Device CVE-2014-3362 19 Sep 2014 7.8 (v2) High Pass Silver Peak NX Detection 25 Sep 2014 None Pass Cisco HyperFlex HX Command Injection Direct Check (cisco-sa-hyperﬂex-rce-TjjNrkpR) CVE-2021-1497 CVE-2021-1498 26 May 2021 9.8 (v3) Critical Pass IBM Jazz Team Server Session Cookie Information Disclosure CVE-2014-3092 06 Oct 2014 5 (v2) Medium Pass CommuniGate Pro LISTS Module Malformed Multipart Message DoS CVE-2005-1007 06 Apr 2005 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.6 DHCP Packet Handling Dataplane DoS 07 Jul 2016 5 (v2) Medium Pass Unprotected Telnet Service 13 Nov 2014 10 (v2) Critical Pass DNN (DotNetNuke) Detection 02 Dec 2009 None Pass Embedded HP Web Server Detected 13 Aug 2018 None Pass ARRIS Touchstone Cable Modem Detection 07 Nov 2014 None Pass Western Digital ShareSpace Detection 18 Jul 2012 None Pass Apache Hadoop YARN ResourceManager Web Interface 20 Sep 2018 None Pass Horde Kronolith Detection 07 Aug 2012 None Pass EMail Security Virtual Appliance Detection 06 Sep 2012 None Pass Atlassian Conﬂuence VelocityServlet Error Page XSS 27 Sep 2012 4.3 (v2) Medium Pass AXIS Camera Unsecured Feed Detection 21 Feb 2019 None Pass MapServer for Windows (MS4W) Detection 01 Nov 2012 None Pass Traq Detection 12 Nov 2012 None Pass PHP 5.6.x < 5.6.38 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass Apple TV < 13.3 Multiple Vulnerabilities CVE-2019-8828 CVE-2019-8830 CVE-2019-8832 CVE-2019-8833 CVE-2019-8835 CVE-2019-8836 CVE-2019-8838 CVE-2019-8844 CVE-2019-8846 CVE-2019-8848 CVE-2019-1590313 Dec 2019 8.8 (v3) High Pass Juniper Junos SRX Series Upgrade Handling Local Root Authentication Bypass (JSA10753) CVE-2016-1278 22 Jul 2016 7.2 (v2) High 65

Pass Uploader Plugin for WordPress File Upload Arbitrary Code Execution 28 Jan 2013 8.8 (v3) High Pass Ekiga SIP Detection 04 Feb 2013 None Pass ImpressPages Detection 19 Feb 2013 None Pass Oracle Application Express (Apex) Unspeciﬁed Issues (pre 3.0.1) CVE-2007-3860 20 Feb 2013 7.5 (v2) High Pass Foscam Detection 24 Mar 2013 None Pass Eye-Fi Helper < 3.4.23 Directory Traversal CVE-2011-4696 26 Mar 2013 4.3 (v2) Medium Pass Plesk Horde Detection 22 Apr 2013 7.5 (v2) High Pass Novell iManager Unsupported Version 19 Apr 2013 10 (v2) Critical Pass Novell iManager Detection 19 Apr 2013 None Pass CODESYS V2 Web Server Improperly Implemented Security Check (2021-07) CVE-2021-30192 27 Jul 2021 9.8 (v3) Critical Pass OpenAM RCE (CVE-2021-35464) CVE-2021-35464 29 Jul 2021 9.8 (v3) Critical Pass Cisco Content Security Management Appliance (SMA) GUI Denial of Service Vulnerability CVE-2020-3164 13 Mar 2020 5.3 (v3) Medium Pass ESXi 5.1 < Build 1312873 File Descriptors Privilege Escalation (remote check) CVE-2013-5973 31 Dec 2013 4.4 (v2) Medium Pass Greenstone Detection 31 May 2013 None Pass SolusVM Detection 24 Jun 2013 None Pass php-Charts wizard/index.php PHP Execution 03 Jul 2013 7.5 (v2) High Pass php-Charts Detection 03 Jul 2013 None Pass Cisco TelePresence Supervisor MSE 8050 TCP Connection Request Saturation Remote DoS CVE-2013-1236 23 Jul 2013 7.8 (v2) High Pass EMC RSA Archer 6.1.x, 6.2.x, 6.3.x < 6.3.0.7 and 6.4.x < 6.4.0.1 SQL Injection Vulnerability CVE-2018-11065 31 Aug 2018 4.3 (v3) Medium Pass paFileDB sessions Directory Admin Hashed Password Disclosure CVE-2004-1219 06 Dec 2004 5 (v2) Medium Pass TrustPort WebFilter help.php hf Parameter Directory Traversal CVE-2013-5301 13 Aug 2013 7.8 (v2) High Pass Buﬀalo Router Web Interface Detection 04 Aug 2021 None Pass X7 Chat upgradev1.php old_preﬁx Parameter SQL Injection CVE-2006-3851 25 Jul 2006 7.5 (v2) High Pass Meeting Room Booking System Detection 18 Oct 2010 None Pass IBM RSA Default Credentials 26 Oct 2010 10 (v2) Critical Pass VMware Harbor Information Disclosure (CVE-2020-29662) CVE-2020-29662 05 Aug 2021 5.3 (v3) Medium Pass HP Systems Insight Manager Detection 10 Nov 2010 None Pass Anti-Nessus Defense Detection 19 Feb 2003 None Pass GitLab Web UI Detection 11 Aug 2021 None Pass Cisco EPN Manager Detection (Web UI) 12 Aug 2021 None Pass PHP Live! directory/conf File Include Unspeciﬁed Issue CVE-2004-2485 09 Dec 2004 7.5 (v2) High Pass phpMyAdmin < 2.6.1-rc1 Multiple Remote Vulnerabilities CVE-2004-1147 CVE-2004-1148 13 Dec 2004 5.1 (v2) Medium Pass Siteﬁnity CMS Arbitrary File Upload 10 Dec 2010 7.5 (v2) High Pass MySQL 8.0.x < 8.0.22 Multiple Vulnerabilities (Oct 2020 CPU) CVE-2020-14672 CVE-2020-14765 CVE-2020-14769 CVE-2020-14771 CVE-2020-14773 CVE-2020-14775 CVE-2020-14776 CVE-2020-14777 CVE-2020-14785 CVE-2020-14786 CVE-2020-14789 CVE-2020-14790 CVE-2020-14791 CVE-2020-14793 CVE-2020-14794 CVE-2020-14800 CVE-2020-14804 CVE-2020-14809 CVE-2020-14812 CVE-2020-14814 CVE-2020-14821 CVE-2020-14827 CVE-2020-14828 CVE-2020-14829 CVE-2020-14830 CVE-2020-14836 CVE-2020-14837 CVE-2020-14838 CVE-2020-14839 CVE-2020-14844 CVE-2020-14845 CVE-2020-14846 CVE-2020-14848 CVE-2020-14852 CVE-2020-14860 CVE-2020-14861 CVE-2020-14866 CVE-2020-14867 CVE-2020-14868 CVE-2020-14869 CVE-2020-14870 CVE-2020-14873 CVE-2020-14878 CVE-2020-14888 CVE-2020-14891 CVE-2020-14893 CVE-2021-2028 CVE-2021-2030 CVE-2021-2042 CVE-2021-2055 CVE-2021-241222 Oct 2020 8 (v3) High Pass Well-known SSL Certiﬁcate Used in Remote Device 21 Dec 2010 5.8 (v2) Medium Pass PHP < 4.3.10 / 5.0.3 Multiple Vulnerabilities CVE-2004-1018 CVE-2004-1019 CVE-2004-1020 CVE-2004-1063 CVE-2004-1064 CVE-2004-1065 15 Dec 2004 7.5 (v2) High Pass Majordomo Detection 16 Feb 2011 None Pass Micro Focus Enterprise Administration Server Authentication Check 01 Feb 2011 7.5 (v2) High Pass CGI Generic XSS (Parameters Names) 14 Feb 2011 4.3 (v2) Medium Pass MODx 'ucfg' Parameter Arbitrary File Access CVE-2010-3930 14 Feb 2011 5 (v2) Medium Pass MySQL Eventum forgot_password.php XSS 22 Feb 2011 4.3 (v2) Medium Pass Atlassian Conﬂuence Server Webwork OGNL Injection (CVE-2021-26084) CVE-2021-26084 07 Sep 2021 9.8 (v3) Critical Pass CGI Generic XSS (persistent, 3rd Pass) 01 Mar 2011 4.3 (v2) Medium Pass phpwcms spaw_control.class.php spaw_root Parameter Remote File Inclusion CVE-2006-2519 23 May 2006 2.6 (v2) Low Pass vsftpd Detection 17 Mar 2011 None Pass ManageEngine ADManager Plus Detection 09 Sep 2021 None Pass MS11-020: Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) (remote check) CVE-2011-0661 20 Apr 2011 10 (v2) Critical Pass Trend Micro Data Loss Prevention Virtual Appliance Web Console Detection 29 Jun 2011 None Pass ManageEngine SupportCenter Plus Detection 28 Jun 2011 None Pass Cisco Content Security Management Appliance HTTP Header Injection Vulnerability CVE-2020-3117 31 Jan 2020 4.7 (v3) Medium Pass phpGroupWare <= 0.9.16.003 Multiple Vulnerabilities CVE-2004-1383 CVE-2004-1384 CVE-2004-1385 16 Dec 2004 7.5 (v2) High Pass SolarWinds Orion Platform 2019.2 HF4 / 2019.4.2 / 2020.2.5 HF1 / 2020.2.6 / 2020.2.6 SQLI CVE-2021-35212 17 Nov 2021 8.8 (v3) High Pass ZeroBoard < 4.1pl5 Multiple Remote Vulnerabilities CVE-2004-1419 CVE-2004-2738 28 Dec 2004 6.8 (v2) Medium Pass e107 Image Manager Unauthorized File Upload CVE-2004-2262 28 Jan 2013 8.8 (v3) High Pass Oracle HTTP Server Version 21 Nov 2011 None Pass FTPS Cleartext Fallback Security Bypass 13 Dec 2011 5.8 (v2) Medium Pass FlatNuke index.php url_avatar Field Arbitrary PHP Code Execution CVE-2005-0267 CVE-2005-0268 04 Jan 2005 7.5 (v2) High Pass GNU Mailman Multiple Unspeciﬁed Remote Vulnerabilities 12 Jan 2005 7.5 (v2) High Pass op5 Portal Detection 17 Jan 2012 None Pass Small SSH RSA Key 25 Jan 2012 8.1 (v3) High Pass Apple iTunes < 12.12 Multiple Vulnerabilities (uncredentialed check) CVE-2021-30835 CVE-2021-30847 CVE-2021-30849 04 Oct 2021 7.8 (v3) High Pass Simple PHP Blog comments.php Traversal Arbitrary File Access CVE-2005-0214 12 Jan 2005 7.8 (v2) High Pass ClearSpace Detection 27 Apr 2009 None Pass Apache-SSL ExpandCert() Function Certiﬁcate Handling Arbitrary Environment Variables Manipulation CVE-2008-0555 03 Apr 2008 7.3 (v3) High Pass Jenkins Git Plugin < 4.8.3 / Jenkins LTS < 2.303.2 / Jenkins weekly < 2.315 Multiple Vulnerabilities (Deprecated)CVE-2014-3577 CVE-2021-21682 CVE-2021-21683 CVE-2021-21684 07 Oct 2021 5.8 (v2) Medium Pass OS Identiﬁcation : SMTP 13 Feb 2012 None Pass PeerCast servhs.cpp handshakeHTTP Function SOURCE Request Remote Overﬂow CVE-2007-6454 18 Dec 2007 7.5 (v2) High Pass Astaro Security Gateway Detection 23 Feb 2012 None Pass Cisco TelePresence Collaboration Endpoint DoS (cisco-sa-tpce-rmos-mem-dos-rck56tT) CVE-2021-34758 08 Oct 2021 3.3 (v3) Low Pass BNBT EasyTracker Malformed GET Request Remote DoS CVE-2005-2806 31 Aug 2005 5 (v2) Medium Pass Citrix XenServer Workload Balancer Detection 13 Apr 2012 None Pass ArubaOS 6.3.1.11 / 6.4.2.1 SSH Authentication Bypass CVE-2014-7299 16 Oct 2014 7.5 (v2) High Pass OpenSSL 1.0.1 < 1.0.1c TLS/DTLS CBC Denial of Service CVE-2012-2333 11 May 2012 5 (v2) Medium Pass phpGroupWare index.php Calendar Date XSS CVE-2004-2574 12 Jan 2005 4.3 (v2) Medium Pass Cisco Small Business RV Series Routers Multiple Vulnerabilities (cisco-sa-smb-mult-vuln-KA9PK6D) CVE-2022-20699 CVE-2022-20700 CVE-2022-20701 CVE-2022-20702 CVE-2022-20703 CVE-2022-20704 CVE-2022-20705 CVE-2022-20706 CVE-2022-20707 CVE-2022-20708 CVE-2022-20709 CVE-2022-20710 CVE-2022-20711 CVE-2022-20712 CVE-2022-2074903 Feb 2022 9.8 (v3) Critical Pass ownCloud Web Interface Detection 27 Jun 2012 None Pass MyBB member.php 'uid' Parameter SQLi CVE-2005-0282 12 Jan 2005 7.5 (v2) High Pass Horde < 3.0.1 Multiple Script XSS CVE-2005-0378 13 Jan 2005 4.3 (v2) Medium Pass Siteman forum.php page Parameter XSS 14 Jan 2005 4.3 (v2) Medium Pass Novell GroupWise 6.5.3 WebAccess Multiple XSS 15 Jan 2005 4.3 (v2) Medium Pass ZeroBoard Multiple Scripts dir Parameter Remote File Inclusion CVE-2005-0380 17 Jan 2005 7.5 (v2) High Pass Gallery login.php username Parameter XSS CVE-2005-0220 18 Jan 2005 4.3 (v2) Medium Pass DD-WRT HTTP Daemon Metacharacter Injection Remote Code Execution CVE-2009-2765 23 Jul 2009 8.3 (v2) High Pass AWStats awstats.pl conﬁgdir Parameter Arbitrary Command Execution CVE-2005-0116 18 Jan 2005 7.5 (v2) High Pass phpBB < 2.0.11 Multiple Vulnerabilities (ESMARKCONANT) CVE-2004-1315 18 Jan 2005 7.3 (v3) High Pass Google Analytics on An Internal Web Server Detection 21 Aug 2009 None Pass ISC BIND 9 Dynamic Update Handling Remote DoS (intrusive check) CVE-2009-0696 31 Jul 2009 5 (v2) Medium Pass phpSANE ﬁle_save Parameter Remote File Include CVE-2009-3188 28 Aug 2009 7.5 (v2) High Pass PHP-Fusion < 6.00.110 Multiple Scripts SQL Injection CVE-2005-3157 CVE-2005-3158 CVE-2005-3160 CVE-2005-3161 12 Oct 2005 6.8 (v2) Medium Pass WebGUI < 6.7.6 Asset.pm Asset Addition Arbitrary Code Execution CVE-2005-4694 17 Oct 2005 7.5 (v2) High Pass ViewVC Detection 03 Nov 2009 None Pass LDAP Service STARTTLS Command Support 30 Oct 2009 None Pass vBulletin includes/init.php Unspeciﬁed Vulnerability 18 Jan 2005 7.5 (v2) High Pass phpMyWebHosting Authentication SQL Injection CVE-2004-2218 19 Jan 2005 7.3 (v3) High Pass sslh Detection 12 Nov 2009 None Pass eMule IRC Module / Web Server DecodeBase16 Function Remote Overﬂow CVE-2004-1892 17 Nov 2009 7.5 (v2) High Pass pfSense 2.3.x <= 2.3.5-p2 / 2.4.x < 2.4.4 Multiple Vulnerabilities (SA-18_06 / SA-18_07 / SA-18_08) CVE-2018-3620 CVE-2018-3646 CVE-2018-6922 CVE-2018-6923 CVE-2018-6924 CVE-2018-14526 CVE-2018-15473 CVE-2018-16055 27 Dec 2018 8.8 (v3) High Pass Oracle Database Multiple Vulnerabilities (January 2005 CPU) CVE-2004-0637 CVE-2004-0638 CVE-2004-1362 CVE-2004-1363 CVE-2004-1364 CVE-2004-1365 CVE-2004-1366 CVE-2004-1367 CVE-2004-1368 CVE-2004-1369 CVE-2004-1370 CVE-2004-137119 Jan 2005 7.5 (v2) High Pass phpLDAPadmin Detection 23 Dec 2009 None Pass Cisco FXOS Software Cisco Fabric Services Arbitrary Code Execution (cisco-sa-20180620-fxnxos-ace) CVE-2018-0304 14 Jul 2020 9.8 (v3) Critical Pass HP Web Jetadmin Detection 28 Jan 2010 None Pass PHPLinks Multiple Input Validation Vulnerabilities 19 Jan 2005 7.3 (v3) High Pass MySQL 8.0.x < 8.0.27 Multiple Vulnerabilities (Oct 2021 CPU) CVE-2021-2478 CVE-2021-2479 CVE-2021-2481 CVE-2021-3711 CVE-2021-22926 CVE-2021-35546 CVE-2021-35575 CVE-2021-35577 CVE-2021-35591 CVE-2021-35596 CVE-2021-35597 CVE-2021-35602 CVE-2021-35604 CVE-2021-35607 CVE-2021-35608 CVE-2021-35610 CVE-2021-35612 CVE-2021-35622 CVE-2021-35623 CVE-2021-35624 CVE-2021-35625 CVE-2021-35626 CVE-2021-35627 CVE-2021-35628 CVE-2021-35630 CVE-2021-35631 CVE-2021-35632 CVE-2021-35633 CVE-2021-35634 CVE-2021-35635 CVE-2021-35636 CVE-2021-35637 CVE-2021-35638 CVE-2021-35639 CVE-2021-35640 CVE-2021-35641 CVE-2021-35642 CVE-2021-35643 CVE-2021-35644 CVE-2021-35645 CVE-2021-35646 CVE-2021-35647 CVE-2021-35648 CVE-2021-36222 CVE-2022-21278 CVE-2022-21297 CVE-2022-2135220 Oct 2021 9.8 (v3) Critical Pass ClamAV Antivirus Detection and Status 28 Apr 2010 10 (v2) Critical Pass SquirrelMail < 1.4.4 Multiple Vulnerabilities CVE-2005-0075 CVE-2005-0103 CVE-2005-0104 24 Jan 2005 4.3 (v2) Medium Pass GForge Multiple Script Traversal Arbitrary Directory Listing CVE-2005-0299 21 Jan 2005 5 (v2) Medium Pass HP System Management Homepage < 6.1.0.102 / 6.1.0-103 Multiple Vulnerabilities CVE-2009-3555 19 May 2010 6.5 (v3) Medium Pass NolaPro Detection 24 May 2010 None Pass TikiWiki Detection 27 May 2010 None Pass IBM DB2 9.7 < Fix Pack 2 Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3555 CVE-2010-0462 CVE-2010-0472 CVE-2010-3193 CVE-2010-3194 CVE-2010-3195 CVE-2010-3196 CVE-2010-3197 CVE-2011-075701 Jun 2010 6.5 (v3) Medium Pass Apache Tomcat JSP2 Examples XSS CVE-2005-4838 13 Jul 2010 5.3 (v3) Medium Pass XLight FTP Server 3.x SFTP Directory Traversal CVE-2010-2695 08 Jul 2010 6.5 (v2) Medium 66

Pass Apple iTunes < 9.2.1 'itpc:' Buﬀer Overﬂow (uncredentialed check) CVE-2010-1777 20 Jul 2010 9.3 (v2) High Pass Splunk Web Detection 07 Jul 2010 None Pass Mongoose URI Trailing Slash Request Source Code Disclosure CVE-2009-4535 30 Jul 2010 5 (v2) Medium Pass phpPgAds dest Parameter HTTP Response Splitting 29 Jan 2005 4.3 (v2) Medium Pass Misconﬁgured SOCKS ﬁltering 23 Aug 2010 5 (v2) Medium Pass Device Information (devinfo.xml) 04 Sep 2010 None Pass vBulletin BB Tag XSS 31 Jan 2005 2.6 (v2) Low Noise External URLs 04 Oct 2010 None Pass PHP/FI php.cgi Traversal Arbitrary File Access CVE-1999-0238 22 Jun 1999 5 (v2) Medium Pass Default Password (nagiosxi) for 'root' Account CVE-1999-0502 06 Oct 2010 9.8 (v3) Critical Pass F5 BIG-IP Web Management Interface Version 11 Feb 2008 None Pass F5 BIG-IP Web Management Multiple XSS CVE-2008-0265 CVE-2008-0539 11 Feb 2008 4.3 (v2) Medium Pass Microsoft IIS .HTR ISAPI Filter Enabled CVE-2002-0071 10 Apr 2002 7.5 (v2) High Pass GNUnet Detection (Client Interface) 12 Mar 2008 None Pass Apache mod_imap Image Map Referer XSS CVE-2005-3352 25 Mar 2008 4.3 (v2) Medium Pass solidDB Detection 28 Mar 2008 None Pass HP OpenView Performance Insight sendEmail.jsp XSS CVE-2011-2410 12 Aug 2011 4.3 (v2) Medium Pass Xoops Incontent Module Traversal Arbitrary PHP File Source Disclosure 01 Feb 2005 5 (v2) Medium Pass Symantec pcAnywhere Access Server Detection 06 May 2008 None Pass Django Administration Application Login Form XSS CVE-2008-2302 15 May 2008 4.3 (v2) Medium Pass McAfee Common Management Agent Detection 21 May 2008 None Pass Oracle Application Server Portal 10g Authentication Bypass CVE-2008-2138 29 May 2008 5 (v2) Medium Pass Mambo Global Variables Unauthorized Access 04 Feb 2005 8.3 (v3) High Pass PHP-Fusion < 5.00 viewthread.php Arbitrary Message Thread / Forum Access CVE-2005-0345 09 Feb 2005 5 (v2) Medium Pass Network Camera Web Server Detection 17 Jul 2008 None Pass Openlink Virtuoso Server Default Credentials 25 Jul 2008 7.5 (v2) High Pass .svn/entries Disclosed via Web Server 05 Aug 2008 5 (v2) Medium Pass Adobe Dreamweaver dwsync.xml Remote Information Disclosure 18 Aug 2008 5.3 (v3) Medium Pass IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.3 Clickjacking (6559044) CVE-2021-39038 03 Mar 2022 5.4 (v3) Medium Pass Network Notary Server Detection 21 Oct 2008 None Pass Dropbear SSH Server svr_ses.childpidsize Remote Overﬂow CVE-2005-4178 13 Nov 2008 9 (v2) High Pass Polycom Videoconferencing Unit Detection 21 Nov 2008 None Pass WordPress wp-includes/feed.php self_link() Function Host Header RSS Feed XSS CVE-2008-5278 02 Dec 2008 4.3 (v2) Medium Pass Sun Java System Identity Manager Detection 15 Dec 2008 None Pass Universal Plug and Play (UPnP) Protocol Detection 19 Feb 2009 None Pass Mono ASP.NET action Attribute XSS CVE-2008-3422 30 Jan 2009 4.3 (v2) Medium Pass Juniper Junos MAC Move Limit Traﬃc Handling Remote DoS (JSA10833) CVE-2018-0005 26 Jan 2018 7.5 (v3) High Pass Coppermine Photo Gallery keysToSkip Parameter Overwrite 04 Mar 2009 6.8 (v2) Medium Pass Skype Extras Manager Unspeciﬁed Vulnerability (uncredentialed check) CVE-2009-4741 15 Oct 2009 6.8 (v2) Medium Pass lighttpd PHP File Trailing Slash Request Source Disclosure 03 Jun 2009 4.3 (v2) Medium Pass Mailman private.py true_path Function Traversal Arbitrary File Access CVE-2005-0202 10 Feb 2005 3.5 (v2) Low Pass NetSphere Backdoor Detection 08 Jul 1999 10 (v2) Critical Pass vBulletin forumdisplay.php comma Parameter Arbitrary Command Execution CVE-2005-0429 14 Feb 2005 6.8 (v2) Medium Pass AWStats Multiple Remote Vulnerabilities (Cmd Exec, Traversal, ID) CVE-2005-0436 CVE-2005-0437 CVE-2005-0438 14 Feb 2005 7.5 (v2) High Pass Rio Karma MP3 Player File Upload Service Detection 15 Feb 2005 None Pass Kayako eSupport index.php nav Parameter XSS CVE-2005-0487 16 Feb 2005 4.3 (v2) Medium Pass DCP-Portal Multiple Scripts SQL Injection CVE-2005-0454 CVE-2005-3365 CVE-2005-4227 16 Feb 2005 7.5 (v2) High Pass SyGate Backdoor Detection CVE-2000-0113 29 Jan 2000 7.2 (v2) High Pass SSH Server Type and Version Information 12 Oct 1999 None Pass phpBB <= 2.0.11 Multiple Vulnerabilities CVE-2005-0258 CVE-2005-0259 23 Feb 2005 5 (v2) Medium Pass Telnet Server Detection 12 Oct 1999 None Pass WFTP Unpassworded Guest Account CVE-1999-0200 22 Jun 1999 9.8 (v3) Critical Pass Arugizer Backdoor Detection CVE-2010-0103 08 Mar 2010 10 (v2) Critical Pass AMANDA Client Version 14 Jul 2000 None Pass AnalogX SimpleServer:WWW Encoded Traversal Arbitrary File Access CVE-2000-0664 06 Aug 2000 5 (v2) Medium Pass SNMP Query Running Process List Disclosure 13 Nov 2000 None Pass ISC BIND < 8.2.2-P7 Compressed ZXFR Name Service Query DoS CVE-2000-0887 12 Nov 2000 7.8 (v2) High Pass Sendmail mime7to8() Function Remote Overﬂow CVE-1999-0206 06 Jan 2001 9.8 (v3) Critical Pass ISC BIND < 4.9.8 / 8.2.3 Multiple Remote Overﬂows CVE-2001-0010 CVE-2001-0011 CVE-2001-0012 CVE-2001-0013 29 Jan 2001 10 (v2) Critical Pass Lion Worm Detection 05 Apr 2001 10 (v2) Critical Pass Orange Web Server Malformed HTTP Request Remote DoS CVE-2001-0647 25 Mar 2001 5 (v2) Medium Pass Oracle Database Listener Program (tnslsnr) Service Blank Password 03 May 2001 5 (v2) Medium Pass Resin Traversal Arbitrary File Access CVE-2001-0304 17 Apr 2001 5 (v2) Medium Pass Apple Filing Protocol Server Detection 12 May 2001 None Pass Apache Zookeeper Server Detection 31 May 2018 None Pass vBulletin misc.php template Parameter PHP Code Injection CVE-2005-0511 24 Feb 2005 5.1 (v2) Medium Pass iPlanet Certiﬁcate Management Traversal Arbitrary File Access CVE-2000-1075 29 May 2001 5 (v2) Medium Pass phpMyAdmin < 2.6.1 pl2 Libraries and Themes Multiple XSS CVE-2005-0543 25 Feb 2005 4.3 (v2) Medium Pass phpMyAdmin < 2.6.1 pl1 Multiple Script File Inclusions CVE-2005-0567 25 Feb 2005 5.1 (v2) Medium Pass phpWebSite Image Announcement Upload Arbitrary Command Execution CVE-2005-0565 25 Feb 2005 7.5 (v2) High Pass ZyXEL Router Default Telnet Password Present CVE-1999-0571 13 Aug 2001 10 (v2) Critical Pass MySQL Server Detection 13 Aug 2001 None Pass Samba NETBIOS Name Traversal Arbitrary Remote File Creation CVE-2001-1162 17 Oct 2001 10 (v2) Critical Pass WebDAV Detection 20 Mar 2003 None Pass UPnP Client Detection 29 Dec 2001 None Pass CDE Subprocess Control Service (dtspcd) Detection 15 Dec 1999 None Noise SSL Certiﬁcate Information 19 May 2008 None Pass Oracle Application Server XSQLServlet XSQLConﬁg.xml Information Disclosure CVE-2002-0568 07 Feb 2002 2.1 (v2) Low Pass RemotelyAnywhere SSH Detection 25 Mar 2002 None Pass phpBB <= 2.0.12 Multiple Vulnerabilities CVE-2005-0603 CVE-2005-0614 28 Feb 2005 7.5 (v2) High Pass CubeCart < 2.0.5 Multiple Vulnerabilities CVE-2005-0442 CVE-2005-0443 28 Feb 2005 5 (v2) Medium Pass BEA WebLogic Null Byte Request JSP Source Disclosure 02 May 2002 5 (v2) Medium Pass Zaurus PDA FTP Server Unpassworded root Account CVE-2002-1974 11 Jul 2002 9.8 (v3) Critical Pass AnalogX SimpleServer:WWW Buﬀer Overﬂow CVE-2002-0968 30 Jun 2002 7.5 (v2) High Pass Worldspan for Windows Gateway Res Manager Port 17990 Malformed Request DoS CVE-2002-1029 19 Jul 2002 5 (v2) Medium Pass EFTP Nonexistent File Request Installation Directory Disclosure 18 Aug 2002 4.3 (v3) Medium Pass Nortel/Bay Networks/Xylogics Annex Default Password 18 Jan 2003 7.8 (v2) High Pass writesrv Service Detection 08 Feb 2003 None Pass Cisco VPN Concentrator Invalid Login DoS (CSCdu82823) CVE-2001-0427 01 Mar 2003 7.5 (v3) High Pass smtpscan SMTP Fingerprinting 20 Mar 2003 None Pass RSA ClearTrust ct_logon.asp Multiple Parameter XSS 15 Mar 2003 4.3 (v2) Medium Pass Microsoft ActiveSync WideCharToMultiByte() Function NULL Dereference Remote DoS 22 Mar 2003 5 (v2) Medium Pass NETGEAR ProSafe VPN Firewall Web Server Malformed Basic Authorization Header Remote DoS (intrusive check) 25 Mar 2003 5.8 (v3) Medium Pass Bugzilla Software Detection 24 Mar 2003 None Pass My Guest Book (myGuestBk) Multiple Vulnerabilities 27 Mar 2003 7.5 (v2) High Pass Super Guestbook superguestconﬁg Admin Password Disclosure 14 Apr 2003 5 (v2) Medium Pass Coppermine Photo Gallery EXIF Data XSS CVE-2005-2676 27 Aug 2005 4.3 (v2) Medium Pass Ocean12 ASP Guestbook Manager Database Download 07 May 2003 5 (v2) Medium Pass NetCharts Server Default Password 07 May 2003 7.5 (v2) High Pass PostNuke <= 0.760 RC2 Multiple Vulnerabilities CVE-2005-0615 CVE-2005-0616 CVE-2005-0617 01 Mar 2005 7.5 (v2) High Pass Horde Turba status.php Path Disclosure 21 May 2003 5 (v2) Medium Pass Eserv Web Server /? Request Forced Directory Listing 27 May 2003 5 (v2) Medium Pass php-proxima autohtml.php Arbitrary File Retrieval CVE-2003-0294 14 May 2003 5 (v2) Medium Pass Philboard philboard_admin.ASP Authentication Bypass 02 Jun 2003 7.5 (v2) High Pass JBoss %00 Request JSP Source Disclosure 03 Jun 2003 5 (v2) Medium Pass Spyke Multiple Remote Vulnerabilities 09 Jun 2003 5 (v2) Medium Pass RADIUS Server Detection 14 Jun 2003 None Pass PostNuke Glossary Module page Parameter SQL Injection 17 Jun 2003 7.5 (v2) High Pass pod.board 1.1 Multiple Script XSS 18 Jun 2003 4.3 (v2) Medium Pass Linksys WRT54G Empty GET Request Remote DoS 04 Dec 2003 5.3 (v3) Medium Pass DCN HELLO detection 29 Oct 2003 None Pass INN < 2.4.1 Control Message Handling Code Overﬂow CVE-2004-0045 08 Jan 2004 7.5 (v2) High 67

Pass Sasser Virus Detection 01 May 2004 10 (v2) Critical Pass VMware Carbon Black App Control Unsupported Version Detection 29 Jun 2021 10 (v3) Critical Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M7 multiple vulnerabilities CVE-2020-13934 CVE-2020-13935 21 Jun 2021 7.5 (v3) High Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M10 multiple vulnerabilities CVE-2020-17527 CVE-2021-24122 21 Jun 2021 7.5 (v3) High Pass osTicket Detection 30 Jul 2004 None Pass Hydra: SMB 01 Dec 2004 8.3 (v3) High Pass Open WebMail Detection 10 Jul 2004 None Pass ignitionServer SERVER Command Spoofed Server Saturation DoS 26 Aug 2004 5 (v2) Medium Pass AWStats Totals awstatstotals.php multisort() Function sort Parameter Arbitrary PHP Code Execution CVE-2008-3922 27 Aug 2008 7.5 (v2) High Pass IlohaMail Software Detection 02 Sep 2004 None Pass Liferay Portal 7.3.x < 7.3.6 Information Disclosure CVE-2021-29052 13 Jul 2021 4.3 (v3) Medium Pass identd Service UID Association 07 Sep 2004 None Pass Liferay Portal 7.3.4 < 7.3.6 XSS CVE-2021-29048 13 Jul 2021 6.1 (v3) Medium Pass Liferay Portal 7.3.5 SQLi CVE-2021-29053 14 Jul 2021 8.8 (v3) High Pass Cisco IOS EnergyWise DoS (cisco-sa-20170419-energywise) CVE-2017-3860 CVE-2017-3861 CVE-2017-3862 CVE-2017-3863 26 Apr 2017 8.6 (v3) High Pass Horde Software Detection 02 Nov 2004 None Pass Hydra: CVS 01 Dec 2004 7.5 (v2) High Pass Symantec Reporter Web Interface Detection 03 May 2019 None Pass PunBB Detection 13 Dec 2004 None Pass Hydra: PC-NFS 01 Dec 2004 7.5 (v2) High Pass MS04-035: WINS Code Execution (870763) (uncredentialed check) CVE-2004-0567 CVE-2004-1080 15 Dec 2004 10 (v2) Critical Pass PhpDig < 1.8.5 Unspeciﬁed Vulnerability 13 Dec 2004 5 (v2) Medium Pass Juniper Junos rpd RIP DoS (JSA10772) CVE-2017-2303 20 Jan 2017 5.9 (v3) Medium Pass Sendmail < 8.14.9 close-on-exec SMTP Connection Manipulation CVE-2014-3956 03 Jun 2014 3.3 (v3) Low Pass UMN Gopherd Unauthorized FTP Proxy 18 Jan 2005 5 (v2) Medium Pass ngIRCd < 0.8.2 Lists_MakeMask() Remote Overﬂow DoS CVE-2005-0199 29 Jan 2005 10 (v2) Critical Pass ArGoSoft Mail Server Multiple Traversals CVE-2005-0367 10 Feb 2005 6.5 (v2) Medium Pass RaidenHTTPD Crafted Request Arbitrary File Access 07 Feb 2005 7.8 (v2) High Pass PHP-Fusion Detection 09 Feb 2005 None Pass Mailman Detection 10 Feb 2005 None Pass Sybase TCP/IP Listener Service Detection 21 Feb 2005 None Pass Oracle Primavera P6 Enterprise Project Portfolio Management (Jul 2021 CPU) CVE-2021-2366 CVE-2021-2386 21 Jul 2021 6.4 (v3) Medium Pass OpenVMS WASD HTTP Server Multiple Vulnerabilities CVE-2002-1825 19 Feb 2005 10 (v2) Critical Pass Invision Power Board Software Detection 23 Feb 2005 None Pass phpMyAdmin Detection 25 Feb 2005 None Pass NNTP Server Message Header Handling Remote Overﬂow 28 Feb 2005 7.5 (v2) High Pass NNTP Server Password Handling Remote Overﬂow 28 Feb 2005 7.5 (v2) High Pass paNews Detection 02 Mar 2005 None Pass phpWebSite Detection 25 Feb 2005 None Pass phpMyFAQ Detection 09 Mar 2005 None Pass Eudora Internet Mail Server for Mac OS USER Overﬂow CVE-1999-1113 08 Mar 2005 10 (v2) Critical Pass Cyrus IMAP Server < 2.2.11 Multiple Remote Overﬂows CVE-2005-0546 24 Feb 2005 7.5 (v2) High Pass ESXi 6.0 < Build 3380124 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)CVE-2015-6933 15 Jan 2016 6.3 (v3) Medium Pass ArGoSoft FTP Server DELE Command Remote Buﬀer Overrun CVE-2005-0696 09 Mar 2005 6 (v2) Medium Pass Cisco IOS TFTP File Disclosure 16 Mar 2005 5 (v2) Medium Pass Jetty < 4.2.19 HTTP Server HttpRequest.java Content-Length Handling Remote Overﬂow DoS CVE-2004-2381 17 Mar 2005 5 (v2) Medium Pass Oracle Enterprise Manager Web Console Detection 21 Mar 2005 None Pass ISS Deployment Manager Detection 21 Mar 2005 None Pass Avaya P330 Stackable Switch Default Password CVE-1999-0508 28 Mar 2005 10 (v2) Critical Pass Oracle HTTP Server (January 2007 CPU) CVE-2007-0279 CVE-2007-0280 CVE-2007-0281 CVE-2007-0282 21 Nov 2011 7.5 (v2) High Pass Sendmail < 8.13.8 Header Processing Overﬂow DoS CVE-2006-4434 18 Nov 2011 5.3 (v3) Medium Pass Sun Java Web Console BeginLogin.jsp redirect_url Parameter URI Redirection CVE-2008-5550 18 Nov 2011 4.3 (v2) Medium Pass OpenSSL 0.9.6 CA Basic Constraints Validation Vulnerability CVE-2009-0653 04 Jan 2012 7.5 (v2) High Pass OpenSSL < 0.9.8k Signature Repudiation CVE-2009-0591 04 Jan 2012 2.6 (v2) Low Pass OpenSSL 1.0.0 < 1.0.0-beta2 DoS CVE-2009-1379 CVE-2009-1387 04 Jan 2012 5 (v2) Medium Pass Web Server GET Request Saturation Remote DoS 25 May 2005 None Pass CubeCart Detection 08 Apr 2005 None Pass Cisco 675 Router Default Unpassworded Account CVE-1999-0889 22 Aug 1999 10 (v2) Critical Pass Novell GroupWise Enhancement Pack Java Server URL Handling Overﬂow DoS CVE-2000-0146 08 Feb 2000 5.3 (v3) Medium Pass Compaq WBEM HTTP Server Remote Overﬂow CVE-2005-4823 07 Apr 2005 10 (v2) Critical Pass Serendipity Detection 15 Apr 2005 None Pass RealServer G2 Malformed Telnet Data Remote Overﬂow CVE-1999-0271 04 Nov 1999 10 (v2) Critical Pass Xerox Document Centre Device Detection 21 Apr 2005 None Pass Kibuv Worm Detection 25 May 2005 10 (v2) Critical Pass Horde Mnemo Detection 26 Apr 2005 None Noise Service Detection 19 Aug 2007 None Pass Horde Nag Detection 26 Apr 2005 None Pass Stacheldraht Trojan Detection CVE-2000-0138 28 Jan 2000 10 (v2) Critical Pass WinGate Telnet Proxy localhost Connection Saturation DoS CVE-1999-0290 22 Jun 1999 5 (v2) Medium Pass Novell NetMail < 3.52C IMAP Agent Multiple Remote Overﬂows CVE-2005-1758 17 Jun 2005 7.5 (v2) High Pass PlanetFileServer mshftp.dll Data Processing Remote Overﬂow CVE-2005-2159 05 Jul 2005 10 (v2) Critical Pass 4D WebSTAR Symlink Privilege Escalation CVE-2004-0698 09 Aug 2004 3.6 (v2) Low Pass MailEnable IMAP STATUS Command Remote Overﬂow CVE-2005-2278 14 Jul 2005 7.2 (v2) High Pass Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability (cisco-sa-20100922-igmp)CVE-2010-2830 10 Jan 2012 7.1 (v2) High Pass WordPress Plugin 'ThemeGrill Demo Importer' 1.3.4 < 1.6.3 Database Wipe and Auth Bypass 21 Feb 2020 8.8 (v3) High Pass VNC Server Security Type Detection 22 Jul 2005 None Pass Microsoft Windows SMTP Service Malformed BDAT Request Remote DoS CVE-2002-0055 08 Mar 2002 5 (v2) Medium Pass Cisco Regular Expression Processing DoS CVE-2007-4430 10 Jan 2012 5 (v2) Medium Pass MDaemon Content Filter Traversal Arbitrary File Write 27 Jul 2005 9.3 (v2) High Pass Cisco IOS Line Printer Daemon (LPD) Stack Overﬂow CVE-2007-5381 10 Jan 2012 9.3 (v2) High Pass LocalWeb2000 2.1.0 Multiple Remote Vulnerabilities CVE-2001-0189 CVE-2002-0897 05 Jun 2002 7.5 (v2) High Pass Zotob Worm Detection 16 Aug 2005 10 (v2) Critical Pass SugarCRM Detection 24 Aug 2005 None Pass EMC Cloud Tiering Appliance Web Interface Detection 07 Apr 2014 None Pass GameSpy 3D Based Games Spoofed UDP Response Ampliﬁcation DDoS CVE-2003-1354 22 Jan 2003 5 (v2) Medium Pass Embedded Web Server Detection 14 Sep 2005 None Pass Microsoft Windows Vista Unsupported Installation Detection 17 Apr 2017 10 (v3) Critical Pass Py2Play Game Engine Detection 19 Sep 2005 None Pass SNMP settings 20 Sep 2005 None Pass SBLIM-SFCB Multiple Buﬀer Overﬂows CVE-2010-1937 CVE-2010-2054 07 Jun 2010 10 (v2) Critical Pass Ethernet Card Manufacturer Detection 19 Feb 2009 None Pass Squid Crafted NTLM Authentication Header DoS CVE-2005-2917 12 Oct 2005 5.3 (v3) Medium Pass F5 BIG-IP Cookie Remote Information Disclosure 26 Oct 2005 5 (v2) Medium Pass Mailgust Password Reminder email Field SQL Injection CVE-2005-3063 06 Oct 2005 6.8 (v2) Medium Pass HSQLDB Server Detection 20 Oct 2005 None Pass VLAN Membership Policy Server Detection 20 Oct 2005 None Pass GpsDrive friendsd2 dir Field Remote Format String CVE-2005-3523 07 Nov 2005 7.5 (v2) High Pass CA Message Queuing Service Detection 04 Nov 2005 None Pass phpWebSite < 0.9.x Multiple Vulnerabilities CVE-2003-0735 CVE-2003-0736 CVE-2003-0737 CVE-2003-0738 11 Aug 2003 7.5 (v2) High Pass Ipswitch IMail Server IMAP LIST Command Remote Overﬂow DoS CVE-2005-2923 19 Dec 2005 7.8 (v2) High Pass MS04-042: Windows NT Multiple DHCP Vulnerabilities (885249) (uncredentialed check) CVE-2004-0899 CVE-2004-0900 03 Jan 2006 10 (v2) Critical Pass MailEnable IMAP EXAMINE Command Remote Overﬂow CVE-2005-4456 20 Dec 2005 7.8 (v2) High Pass Eudora Internet Mail Server (EIMS) < 3.2.8 Multiple DoS CVE-2006-0141 11 Jan 2006 5 (v2) Medium Pass Samba Mangling Method Hash Overﬂow CVE-2004-0686 22 Jul 2004 5 (v2) Medium Pass phpCOIN <= 1.2.1b Multiple Vulnerabilities CVE-2005-0669 CVE-2005-0670 CVE-2005-0932 CVE-2005-0933 CVE-2005-0946 CVE-2005-0947 01 Mar 2005 7.5 (v2) High Pass 4D WebStar Pre-authentication FTP Overﬂow CVE-2004-0695 03 Aug 2004 10 (v2) Critical Pass PHPNews auth.php path Parameter Remote File Inclusion CVE-2005-0632 02 Mar 2005 6.8 (v2) Medium Pass phpList <= 2.6.3 Multiple Vulnerabilities 03 Mar 2005 7.5 (v2) High Pass SquirrelMail < 1.4.3 Multiple Vulnerabilities CVE-2004-0519 CVE-2004-0520 CVE-2004-0521 05 May 2004 7.5 (v2) High Pass Adobe Document Server Default Credentials 18 Mar 2006 7.5 (v2) High Pass CubeCart < 2.0.6 settings.inc.php Multiple Script XSS CVE-2005-0606 CVE-2005-0607 03 Mar 2005 5 (v2) Medium Pass TYPO3 'cmw_linklist Extension' 'category_uid' Parameter SQL Injection CVE-2005-0658 04 Mar 2005 7.5 (v2) High 68

Pass Default Password (synnet) for 'debug' Account CVE-1999-0502 08 Mar 2005 9.8 (v3) Critical Pass Default Password (public) for 'public' Account CVE-1999-0383 CVE-1999-0502 08 Mar 2005 9.8 (v3) Critical Pass Default Password (debug) for 'super' Account CVE-1999-0502 CVE-1999-1420 CVE-1999-1421 08 Mar 2005 9.8 (v3) Critical Pass Default Password (forgot) for 'super' Account CVE-1999-0502 CVE-1999-1420 CVE-1999-1421 08 Mar 2005 9.8 (v3) Critical Pass MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow DoS (913580) (uncredentialed check)CVE-2006-0034 CVE-2006-1184 10 May 2006 10 (v2) Critical Pass Default Password (debug) for 'user' Account CVE-1999-0502 CVE-1999-1420 08 Mar 2005 9.8 (v3) Critical Pass Default Password (forgot) for 'user' Account CVE-1999-0502 CVE-1999-1420 08 Mar 2005 9.8 (v3) Critical Pass FortressSSH SSH_MSG_KEXINIT Logging Remote Overﬂow CVE-2006-2421 23 May 2006 7.5 (v2) High Pass Panda AdminSecure Communications Agent Detection 25 Jul 2007 None Pass Easy File Sharing Web Server Crafted Request ADS Arbitrary File Access CVE-2006-5714 08 Nov 2006 5 (v2) Medium Pass Juniper Junos ttymodem() DoS (PSN-2012-08-699) 26 Oct 2012 7.1 (v2) High Pass phpMyFAQ Forum Message username Field SQL Injection CVE-2005-0702 09 Mar 2005 7.5 (v2) High Pass phpBB <= 2.0.13 Multiple Vulnerabilities CVE-2005-0659 CVE-2005-0673 CVE-2005-1026 09 Mar 2005 6.5 (v2) Medium Pass PHP-Fusion BBCode IMG Tag XSS CVE-2005-0692 09 Mar 2005 4.3 (v2) Medium Noise TCP/IP Timestamps Supported 16 May 2007 None Pass YaBB YaBB.pl usersrecentposts Action username Parameter XSS CVE-2005-0741 CVE-2005-0785 10 Mar 2005 4.3 (v2) Medium Pass NewsScript newsscript.pl mode Parameter Privilege Escalation CVE-2005-0735 10 Mar 2005 6.4 (v2) Medium Pass XMPP Server Detection 29 May 2007 None Pass Packeteer Web Management Interface Detection 26 Jun 2007 None Pass AlienVault OSSIM REST API Service Detection 24 May 2017 None Pass Atlassian Jira Data Center / Jira Service Management Data Center Missing Authentication (2021-07-21) CVE-2020-36239 29 Jul 2021 9.8 (v3) Critical Pass Firewall Detection 26 Oct 2007 None Pass Skype skype4com URI Handler Remote Heap Corruption (uncredentialed check) CVE-2007-5989 07 Dec 2007 9.3 (v2) High Pass HP DesignJet Accounting.xls Information Disclosure Vulnerability 16 Apr 2019 5.3 (v3) Medium Pass Tenable Core Web Interface Detection 18 Nov 2019 None Pass NGINX Unit HTTP Server Detection 26 Apr 2019 None Pass Juniper Junos Oversized BGP UPDATE Remote DoS (JSA10609) CVE-2014-0616 16 Jan 2014 4.3 (v2) Medium Pass Juniper Junos SRX Series ﬂowd Remote DoS (JSA10611) CVE-2014-0618 16 Jan 2014 7.8 (v2) High Pass OS Identiﬁcation: iPhone or iPad 10 Jul 2019 None Pass Pinnacle Cart index.php pg Parameter XSS CVE-2005-1130 13 Apr 2005 4.3 (v2) Medium Pass Cisco TelePresence Conductor REST API Server-Side Request Forgery Vulnerability CVE-2019-1679 27 Aug 2019 5 (v3) Medium Pass Tenable Nessus < 8.6.0 Denial of Service vulnerability (TNS-2019-05) CVE-2019-3974 23 Aug 2019 8.1 (v3) High Pass Puppet Enterprise 2015.x < 2016.4.0 Denial of Service Vulnerability CVE-2016-9686 09 Oct 2019 5.3 (v3) Medium Pass Mac OS X 10.9.x < 10.9.4 Multiple Vulnerabilities CVE-2014-0015 CVE-2014-1317 CVE-2014-1355 CVE-2014-1356 CVE-2014-1357 CVE-2014-1358 CVE-2014-1359 CVE-2014-1361 CVE-2014-1370 CVE-2014-1371 CVE-2014-1372 CVE-2014-1373 CVE-2014-1375 CVE-2014-1376 CVE-2014-1377 CVE-2014-1378 CVE-2014-1379 CVE-2014-1380 CVE-2014-138101 Jul 2014 10 (v2) Critical Pass Juniper Junos Invalid PIM DoS (JSA10637) CVE-2014-3819 15 Jul 2014 7.8 (v2) High Pass Juniper Junos TCP Packet Processing Remote DoS (JSA10638) CVE-2004-0230 15 Jul 2014 5 (v2) Medium Pass McAfee Web Gateway Information Disclosure (SB10080) CVE-2014-6064 05 Sep 2014 4 (v2) Medium Pass Juniper Junos 'em' Interface Fragmentation Remote DoS (JSA10655) CVE-2014-6380 14 Oct 2014 7.8 (v2) High Pass PhotoPost PHP < 5.0.1 Multiple Remote Vulnerabilities CVE-2005-0774 CVE-2005-0775 CVE-2005-0776 CVE-2005-0777 CVE-2005-0778 CVE-2005-1629 11 Mar 2005 7.5 (v2) High Pass UBB.threads Detection 12 Mar 2005 None Pass Phorum < 5.0.15 Multiple XSS CVE-2005-0783 CVE-2005-0784 17 Mar 2005 4.3 (v2) Medium Pass Unpassworded 'help' Account CVE-1999-0502 19 Mar 2005 9.8 (v3) Critical Pass Phorum search.php location Parameter HTTP Response Splitting CVE-2005-0843 22 Mar 2005 4.3 (v2) Medium Pass Kayako eSupport Troubleshooter Module index.php Multiple Parameter XSS CVE-2005-0842 22 Mar 2005 4.3 (v2) Medium Pass XMB Forum < 1.9.10 Multiple Vulnerabilities CVE-2005-0885 CVE-2005-2574 CVE-2005-2575 24 Mar 2005 7.5 (v2) High Pass Invision Power Board HTTP POST Request IFRAME Tag XSS CVE-2005-0886 24 Mar 2005 3.5 (v2) Low Pass Juniper Junos MX Series Trio-based PFE Modules Security Bypass (JSA10666) CVE-2014-6383 23 Jan 2015 5 (v2) Medium Pass Cisco TelePresence Conductor GNU glibc gethostbyname Function Buﬀer Overﬂow Vulnerability (GHOST)CVE-2015-0235 18 Feb 2015 10 (v2) Critical Pass Cisco Wireless LAN Controller Web Authentication DoS (CSCum03269) CVE-2015-0723 21 May 2015 6.1 (v2) Medium Pass Sybase SQL Anywhere Server Detection 07 Mar 2007 None Pass PHPSysInfo < 2.5 Multiple Script XSS CVE-2005-0870 24 Mar 2005 4.3 (v2) Medium Pass Oracle Reports Server test.jsp Multiple Parameter XSS CVE-2005-0873 24 Mar 2005 4.3 (v2) Medium Pass Juniper Junos J-Web Multiple Vulnerabilities (JSA10682) CVE-2014-6447 04 Aug 2015 10 (v2) Critical Pass Default Password '666666' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Libssh ssh_packet_kexinit() Double-free Memory DoS CVE-2014-8132 16 Jan 2015 5 (v2) Medium Pass Puppet Enterprise Multiple OpenSSL Vulnerabilities (FREAK) CVE-2015-0204 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 30 Dec 2015 7.5 (v2) High Pass IPMI v2.0 Password Hash Disclosure CVE-2013-4786 18 Dec 2014 7.5 (v3) High Pass GoAhead Embedded Web Server websNormalizeUriPath() Directory Traversal Vulnerability CVE-2014-9707 03 Apr 2015 7.5 (v2) High Pass MIT Kerberos 5 setup_server_realm() Remote DoS CVE-2013-1418 18 Nov 2013 4.3 (v2) Medium Pass HP Intelligent Management Center SOM Module Information Disclosure CVE-2013-4826 09 Jan 2014 5 (v2) Medium Pass MS07-029: Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966) (uncrCVE-2007-1748edentialed check) 05 Mar 2014 10 (v2) Critical Pass Zebra ZTC Printer Web Interface Detection 25 Nov 2019 None Pass CKEditor Preview Plugin Unspeciﬁed XSS CVE-2014-5191 31 Jul 2014 4.3 (v2) Medium Pass Oracle Web Determinations Detection 12 Sep 2014 None Pass Oracle Web Cache Admin Module Multiple GET Request Method DoS CVE-2002-0386 14 Aug 2002 5 (v2) Medium Pass PostgreSQL 8.4 < 8.4.17 / 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 Predictable Random Number Generator CVE-2013-1900 08 Apr 2013 8.8 (v3) High Pass Apache mod_wsgi < 3.5 Apache Process Privilege Escalation CVE-2014-0240 14 Jul 2014 8.1 (v3) High Pass Novell NetWare Web Server sewse.nlm (viewcode.jse) Traversal Arbitrary File Access CVE-2001-1580 06 Feb 2004 5 (v2) Medium Pass Apache Tomcat 3.x < 3.2.2 Malformed URL JSP Source Disclosure CVE-2001-0590 26 Oct 2010 5.3 (v3) Medium Pass OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Downgrade IssueCVE-2010-4180 07 Feb 2011 4.3 (v2) Medium Pass Apache 2.2.x < 2.2.18 APR apr_fnmatch DoS CVE-2011-1928 25 May 2011 5.3 (v3) Medium Pass Oracle Secure Backup Administration Server login.php XSS CVE-2011-2251 27 Jul 2011 4.3 (v2) Medium Pass OpenSSL 1.0.0 < 1.0.0j DTLS CBC Denial of Service CVE-2012-2333 11 May 2012 5 (v2) Medium Pass HP Data Protector Unspeciﬁed Local Unauthorized Access CVE-2009-4183 28 Jan 2010 4.6 (v2) Medium Pass CVS pserver Line Entry Handling Overﬂow CVE-2004-0396 19 May 2004 10 (v2) Critical Pass Cisco Content Security Management Appliance Web Detection 26 Jul 2013 None Pass Real Video Server Telnet Malformed Data Remote DoS CVE-1999-0271 22 Aug 1999 5 (v2) Medium Pass BenHur Firewall Source Port 20 ACL Restriction Bypass CVE-2002-2307 22 Jul 2002 5 (v2) Medium Pass Apache < 2.0.44 Illegal Character Default Script Mapping Bypass CVE-2003-0017 22 Jan 2003 5.3 (v3) Medium Pass Solaris in.lpd Crafted Job Request Arbitrary Remote Command Execution CVE-2001-1583 03 Apr 2003 10 (v2) Critical Pass mod_gzip Debug Mode mod_gzip_printf Remote Format String CVE-2003-0843 02 Jun 2003 5.1 (v2) Medium Pass PhotoPost < 5.1 Multiple Input Validation Vulnerabilities CVE-2005-0928 CVE-2005-0929 30 Mar 2005 7.5 (v2) High Pass PHP Multiple Image Processing Functions File Handling DoS CVE-2005-0524 CVE-2005-0525 02 Apr 2005 5.4 (v2) Medium Pass Apple iTunes For Windows iTunesHelper.exe Path Subversion Local Privilege Escalation (uncredentialed check)CVE-2005-2938 16 Nov 2005 7.2 (v2) High Pass phpMyAdmin index.php convcharset Parameter XSS CVE-2005-0992 05 Apr 2005 4.3 (v2) Medium Pass MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass CVE-2004-0627 07 Jan 2011 7.5 (v2) High Pass PHP < 4.4.2 Multiple XSS Vulnerabilities CVE-2006-0208 18 Nov 2011 2.6 (v2) Low Pass PHP < 4.4.4 Multiple Vulnerabilities CVE-2006-1017 CVE-2006-4020 18 Nov 2011 9.3 (v2) High Pass PHP 5.x < 5.1.0 Multiple Vulnerabilities CVE-2005-3319 CVE-2005-3883 18 Nov 2011 5 (v2) Medium Pass IBM Storwize V7000 Uniﬁed ACL Security Bypass CVE-2014-0875 31 Aug 2015 3.5 (v2) Low Pass PHP 5.1.x < 5.1.2 Multiple Vulnerabilities CVE-2006-0200 CVE-2006-0207 CVE-2006-0208 18 Nov 2011 9.3 (v2) High Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (July 2018 CPU) CVE-2016-4055 CVE-2016-7103 CVE-2018-2965 CVE-2018-2966 CVE-2018-2967 CVE-2018-2968 CVE-2018-2969 20 Jul 2018 6.1 (v3) Medium Pass Jenkins < 2.138.4 LTS / 2.150.1 LTS / 2.154 Multiple Vulnerabilities CVE-2018-1000861 CVE-2018-1000862 CVE-2018-1000863 CVE-2018-1000864 07 Dec 2018 9.8 (v3) Critical Pass HP Data Protector 'EXEC_INTEGUTIL' Arbitrary Command Execution 13 Nov 2014 10 (v2) Critical Pass Palo Alto Networks Panorama PAN-OS < 6.0.1 Firmware Signature Veriﬁcation Bypass Arbitrary Code ExecutionCVE-2015-6531 28 Sep 2015 7.6 (v2) High Pass Apple TV < 10.1.1 Multiple Vulnerabilities CVE-2016-8687 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2360 CVE-2017-2362 CVE-2017-2363 CVE-2017-2365 CVE-2017-2369 CVE-2017-2370 CVE-2017-237330 Jan 2017 7.8 (v3) High Pass Apache Tomcat 4.x < 4.1.0 Multiple Vulnerabilities CVE-2002-2006 CVE-2003-0866 04 Nov 2010 5.3 (v3) Medium Pass Apache Tomcat 3.x < 3.3.2 Multiple Vulnerabilities CVE-2003-0044 CVE-2007-3384 09 Nov 2010 5.6 (v3) Medium Pass Dropbear SSH Server < 2016.72 Multiple Vulnerabilities CVE-2016-7406 CVE-2016-7407 CVE-2016-7408 CVE-2016-7409 22 Sep 2016 9.8 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (October 2010 CPU) CVE-2010-1321 CVE-2010-2389 CVE-2010-2390 CVE-2010-2391 CVE-2010-2407 CVE-2010-2411 CVE-2010-2412 CVE-2010-2415 CVE-2010-241918 Nov 2010 7.5 (v2) High Pass Ethernet MAC Addresses 16 Oct 2015 None Pass macOS 10.13.x < 10.13.4 Multiple Vulnerabilities CVE-2017-13080 CVE-2017-13890 CVE-2017-13911 CVE-2017-15412 CVE-2017-7151 CVE-2018-4104 CVE-2018-4105 CVE-2018-4106 CVE-2018-4107 CVE-2018-4108 CVE-2018-4111 CVE-2018-4112 CVE-2018-4115 CVE-2018-4131 CVE-2018-4132 CVE-2018-4135 CVE-2018-4136 CVE-2018-4138 CVE-2018-4139 CVE-2018-4142 CVE-2018-4143 CVE-2018-4144 CVE-2018-4150 CVE-2018-4151 CVE-2018-4152 CVE-2018-4154 CVE-2018-4155 CVE-2018-4156 CVE-2018-4157 CVE-2018-4158 CVE-2018-4160 CVE-2018-4167 CVE-2018-4170 CVE-2018-4173 CVE-2018-4174 CVE-2018-4175 CVE-2018-4176 CVE-2018-4179 CVE-2018-4185 CVE-2018-4187 CVE-2018-429802 Apr 2018 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 6.x.x < 6.1.21 / 7.1.x < 7.1.18 / 8.0.x < 8.0.11-h1 Multiple Vulnerabilities CVE-2018-7636 CVE-2018-9242 CVE-2018-9334 CVE-2018-9335 13 Jul 2018 5.5 (v3) Medium Pass Juniper Junos Privilege Escalation (JSA10857) CVE-2018-0024 20 Jul 2018 7.8 (v3) High Pass Citrix NetScaler Multiple Vulnerabilities (CTX232161) CVE-2018-6186 CVE-2018-6808 CVE-2018-6809 CVE-2018-6810 CVE-2018-6811 05 Jul 2018 9.8 (v3) Critical Pass Cisco Prime Data Center Network Manager Web Detection 11 Jul 2013 None Pass Microsoft Windows 95/98/ME Unsupported Installation Detection 01 Jun 2006 10 (v2) Critical Pass Solaris rpc.yppasswdd username Remote Overﬂow CVE-2001-0779 29 May 2001 10 (v2) Critical Pass WebLogic Server Encoded Request Directory Listing 16 Feb 2016 5 (v2) Medium Pass Citrix NFuse Server launch.asp Arbitrary Server/Port Redirect 16 Oct 2003 5 (v2) Medium Pass QlikView Server AccessPoint XML External Entity Injection CVE-2015-3623 23 Jun 2016 6.4 (v2) Medium Pass Disk Sorter HTTP POST Request Handling Remote Stack Buﬀer Overﬂow 15 Jun 2018 9.8 (v3) Critical 69

Pass Juniper Junos Multiple Python Privilege Escalation (JSA10695) CVE-2014-6448 26 Oct 2015 7.2 (v2) High Pass ASUSTOR Data Master < 3.1.3 Multiple Vulnerabilities CVE-2018-12313 24 Jul 2018 9.8 (v3) Critical Pass OpenSSL 1.1.0 < 1.1.0i Multiple Vulnerabilities CVE-2018-0732 CVE-2018-0737 CVE-2018-5407 27 Aug 2018 5.9 (v3) Medium Pass OpenSSL 1.0.x < 1.0.2p Multiple Vulnerabilities CVE-2018-0732 CVE-2018-0737 27 Aug 2018 5.9 (v3) Medium Pass PHP < 5.6.37 or 7.2.x < 7.2.8 Multiple Vulnerabilities (Deprecated) CVE-2018-14883 CVE-2018-14851 CVE-2018-15132 07 Sep 2018 7.5 (v3) High Pass DNN (DotNetNuke) 5.0.0 < 9.2.2 Multiple Vulnerabilities 02 Oct 2018 6.3 (v3) Medium Pass Quest DR Series Appliance Web Default Administrator Credentials 08 Mar 2018 8.6 (v3) High Pass Apple TV < 12.1 Multiple Vulnerabilities CVE-2018-4368 CVE-2018-4369 CVE-2018-4371 CVE-2018-4372 CVE-2018-4378 CVE-2018-4382 CVE-2018-4386 CVE-2018-4392 CVE-2018-4394 CVE-2018-4398 CVE-2018-4409 CVE-2018-4413 CVE-2018-4416 CVE-2018-4419 CVE-2018-442002 Nov 2018 8.8 (v3) High Pass Atmail Webmail 6.x < 6.6.4 / 7.x < 7.1.2 Multiple Vulnerabilities CVE-2013-5031 CVE-2013-5032 CVE-2013-5033 CVE-2013-5034 18 Apr 2014 10 (v2) Critical Pass Juniper Junos IGMPv3 Protocol Multicast DoS (JSA10714) CVE-2016-1256 22 Jan 2016 5 (v2) Medium Pass Silver Peak VX Default Credentials 25 Sep 2014 10 (v2) Critical Pass OpenSSL < 0.9.8p / 1.0.0b Buﬀer Overﬂow CVE-2010-3864 04 Jan 2012 7.6 (v2) High Pass Cisco Video Surveillance Manager Appliance Default Password Vulnerability(cisco-sa-20180921-vsm) CVE-2018-15427 15 Feb 2019 9.8 (v3) Critical Pass nginx HTTP Server Detection 26 Jan 2018 None Pass Jinzora Multiple Script include_path Parameter Remote File Inclusion CVE-2006-6770 02 Jan 2007 6.8 (v2) Medium Pass PHP 7.1.x < 7.1.22 Transfer-Encoding Parameter XSS Vulnerability CVE-2018-17082 14 Sep 2018 6.1 (v3) Medium Pass CA BrightStor ARCserve Backup for Laptops & Desktops Server Multiple Vulnerabilities (QO83833) CVE-2007-0449 CVE-2007-0672 CVE-2007-0673 26 Jan 2007 10 (v2) Critical Pass EMC RSA Authentication Manager < 8.4 Relative Path Traversal (DSA-2018-226) CVE-2018-15782 17 Jan 2019 7.8 (v3) High Pass Juniper Junos IPv6 Packet Handling mbuf Chain Corruption DoS (JSA10699) CVE-2014-6450 21 Oct 2015 7.8 (v2) High Pass Juniper Junos SRX5000-series J-Web DoS (JSA10700) CVE-2014-6451 21 Oct 2015 7.8 (v2) High Pass Palo Alto Networks PAN-OS API Key Persistence Security Bypass (PAN-SA-2015-0006) 17 Nov 2015 5.1 (v2) Medium Pass WordPress Plugin 'AMP for WP - Accelerated Mobile Pages' < 0.9.97.20 Multiple Vulnerabilities 15 Nov 2018 6.3 (v3) Medium Pass Juniper Junos TKEY Query Handling DoS (JSA10718) CVE-2015-5477 22 Jan 2016 7.8 (v2) High Pass Cisco IOS Multiple OpenSSL Vulnerabilities (CSCup22590) CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 26 Feb 2016 6.8 (v2) Medium Pass JQuery Detection 07 Feb 2018 None Pass OpenSSL 1.0.x < 1.0.2o Multiple Vulnerabilities CVE-2018-0739 21 May 2018 6.5 (v3) Medium Pass Elasticsearch Unrestricted Access Information Disclosure 23 Jun 2017 5.3 (v3) Medium Pass Oracle GlassFish Server 3.0.1.x < 3.0.1.17 / 3.1.2.x < 3.1.2.18 (October 2017 CPU) CVE-2016-3092 CVE-2017-10385 CVE-2017-10391 CVE-2017-10393 CVE-2017-10400 19 Oct 2017 7.3 (v3) High Pass Cisco Data Center Network Manager Privilege Escalation (cisco-sa-dcnm-privescal-zxfCH7Dg) CVE-2020-3380 28 Jul 2020 7.8 (v3) High Pass EMC Documentum D2 < 4.6 Insuﬃcient ACL Remote Object Manipulation (ESA-2016-034) CVE-2016-0888 08 Apr 2016 8.8 (v3) High Pass LabVIEW Web Server HTTP Get Newline DoS CVE-2002-0748 06 Aug 2002 5 (v2) Medium Pass GIT gitweb git_search Shell Metacharacter Arbitrary Command Execution CVE-2008-5516 08 Apr 2011 7.5 (v2) High Pass ESXi 5.0 < Build 1022489 Multiple Vulnerabilities (remote check) CVE-2011-3102 CVE-2012-2807 CVE-2012-5134 CVE-2013-3519 13 Nov 2013 7.9 (v2) High Pass ESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check) CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2011-1089 CVE-2011-1202 CVE-2011-3102 CVE-2011-3970 CVE-2011-4609 CVE-2012-0864 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 CVE-2012-3480 CVE-2012-5134 CVE-2013-597313 Nov 2013 6.9 (v2) Medium Pass Cisco Data Center Network Manager Multiple Vulnerabilities (Aug 2020) CVE-2020-3521 CVE-2020-3538 CVE-2020-3539 25 Aug 2020 6.5 (v3) Medium Pass Web Application Potentially Vulnerable to Clickjacking 22 Aug 2015 4.3 (v2) Medium Pass Elasticsearch ESA-2018-16 CVE-2018-17244 07 Nov 2018 6.5 (v3) Medium Pass ESXi 6.5 / 6.7 / 7.0 DoS (VMSA-2020-0018) CVE-2020-3976 28 Aug 2020 5.3 (v3) Medium Pass IBM Tivoli SecureWay WebSEAL Proxy Policy Director Encoded URL DoS CVE-2001-1191 18 Aug 2002 5 (v2) Medium Pass Darwin Streaming Server < 5.5.5 Multiple RCE Vulnerabilities CVE-2007-0748 CVE-2007-0749 14 May 2007 10 (v2) Critical Pass OpenNMS Java Object Deserialization RCE 10 Dec 2015 10 (v2) Critical Pass Hashicorp Consul Web UI and API access 26 Jul 2018 8.8 (v3) High Pass VMware ESX / ESXi Unsupported Version Detection 02 Dec 2011 10 (v3) Critical Pass ESXi 6.5 < Build 5224529 Multiple Vulnerabilities (VMSA-2017-0006) (remote check) CVE-2017-4903 CVE-2017-4904 CVE-2017-4905 31 Mar 2017 8.8 (v3) High Pass Silex USB Device Server Web Conﬁguration Page Empty Password 07 Mar 2014 10 (v2) Critical Pass Cisco NX-OS Software CLI Arbitrary Command Injection (cisco-sa-20180620-nx-os-cli-injection) CVE-2018-0307 14 Jul 2020 7.8 (v3) High Pass NFS portmapper localhost Mount Request Restricted Host Access CVE-1999-0168 12 Mar 2003 7.5 (v2) High Pass HP OﬃceJet Printer Security Bypass (HPSBPI03107) CVE-2014-0224 09 Oct 2014 5.6 (v3) Medium Pass ARRIS Touchstone DG950A SNMP Information Disclosure (CVE-2014-4863) CVE-2014-4863 07 Nov 2014 5 (v2) Medium Pass Oracle iPlanet Web Server 7.0.x < 7.0.21 NSS Signature Veriﬁcation Vulnerability CVE-2014-1568 22 Apr 2015 7.5 (v2) High Pass Wordfence Plugin for WordPress 'email' Parameter XSS 27 Nov 2012 4.7 (v3) Medium Pass PostgreSQL 8.3 < 8.3.20 / 8.4 < 8.4.13 / 9.0 < 9.0.9 / 9.1 < 9.1.5 Multiple Vulnerabilities CVE-2012-3488 CVE-2012-3489 28 Dec 2012 6.5 (v3) Medium Pass HP Intelligent Management Center User Access Manager Unspeciﬁed Information Disclosure CVE-2012-5211 13 Mar 2013 7.5 (v2) High Pass Oracle E-Business Multiple Vulnerabilities (January 2018 CPU) CVE-2017-3735 CVE-2017-3736 CVE-2018-2580 CVE-2018-2635 CVE-2018-2655 CVE-2018-2656 CVE-2018-2684 CVE-2018-2691 17 Jan 2018 9.1 (v3) Critical Pass SunFTP GET Request Remote Overﬂow CVE-2000-0856 13 Mar 2003 7.5 (v2) High Pass iPlanet Application Server Preﬁx Remote Overﬂow CVE-2002-0387 16 Mar 2003 7.5 (v2) High Pass Adobe Media Server Unsupported Version Detection 11 Aug 2011 10 (v2) Critical Pass Ipswitch WhatsUp Professional Login.asp Multiple Field SQL Injection CVE-2005-1250 23 Jun 2005 5.1 (v2) Medium Pass OpenSSL 'ChangeCipherSpec' MiTM Vulnerability CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 14 Aug 2014 5.6 (v3) Medium Pass Dolibarr Multiple Script URI XSS CVE-2011-4814 13 Apr 2012 4.3 (v2) Medium Pass Kayako SupportSuite 3.x <= 3.70.02 Multiple Vulnerabilities 16 Feb 2012 6.5 (v2) Medium Pass HP Data Protector LogClientInstallation Method Userid Field SQL Execution CVE-2011-3156 29 Mar 2012 7.5 (v2) High Pass Cisco TelePresence MCU Software Memory Exhaustion CVE-2014-3397 22 Oct 2014 7.8 (v2) High Pass Apple TV < 5.2 Multiple Vulnerabilities CVE-2012-2619 CVE-2013-0964 04 Feb 2013 3.6 (v2) Low Pass Xerox WorkCentre Crafted PostScript File Handling Directory Access (XRX10-001) CVE-2010-0549 01 Mar 2010 5 (v2) Medium Pass solidDB Default Credentials 28 Mar 2008 7.5 (v2) High Pass Trend Micro IMSS Console Management Detection 01 Mar 2005 None Pass PHP 5.1.x < 5.1.5 Multiple Vulnerabilities CVE-2006-1017 CVE-2006-4020 CVE-2006-4481 CVE-2006-4482 CVE-2006-4483 CVE-2006-4484 CVE-2006-4485 18 Nov 2011 10 (v2) Critical Pass leafnode fetchnews DoS CVE-2004-2068 27 Oct 2009 5 (v2) Medium Pass CrashPlan Server Default Administrative Credentials 29 May 2009 7.5 (v2) High Pass Sendmail < 8.11.2 -bt Option Local Overﬂow 25 Nov 2001 8.4 (v3) High Pass IBM Lotus Domino Crafted .nsf Request Authentication Bypass CVE-2001-1567 12 May 2002 5 (v2) Medium Pass HP OpenView Network Node Manager ovlaunch.exe Information Disclosure (c01661610) CVE-2008-4560 12 Feb 2009 5 (v2) Medium Pass Hobbit Monitor < 4.1.0 hobbitd Malformed Message Remote Overﬂow 27 Jul 2005 7.5 (v2) High Pass PHP Foreign Function Interface Arbitrary DLL Loading safe_mode Restriction Bypass CVE-2007-4528 18 Nov 2011 5.8 (v3) Medium Pass Cisco Data Center Network Manager Privilege Escalation (cisco-sa-20180905-cdcnm-escalation) CVE-2018-0440 18 Sep 2020 7.2 (v3) High Pass Floating Social Media Links Plugin for WordPress 'wpp' Parameter Remote File Inclusion 25 Jan 2013 7.5 (v2) High Pass Citrix Access Gateway Administrative Web Interface Default Credentials 12 Apr 2013 7.5 (v2) High Pass Asterisk Detection 10 Dec 2012 None Pass PHP ip2long Function String Validation Weakness CVE-2006-4023 18 Nov 2011 5.8 (v3) Medium Pass IPSEC Internet Key Exchange (IKE) Version 1 Detection 02 Dec 2003 None Pass ManageEngine ADAudit Plus Default Credentials 02 Jun 2010 7.5 (v2) High Pass PHP mb_send_mail() Function Parameter Security Bypass CVE-2006-1014 18 Nov 2011 3.2 (v2) Low Pass PHP Symlink Function Race Condition open_basedir Bypass CVE-2006-5178 18 Nov 2011 8.8 (v3) High Pass SquirrelMail < 1.45 Multiple Vulnerabilities CVE-2005-1769 CVE-2005-2095 16 Jun 2005 5 (v2) Medium Pass ShowOﬀ! Digital Media Software <= 1.5.4 Multiple Remote Vulnerabilities CVE-2005-1571 CVE-2005-1572 12 May 2005 7.8 (v2) High Pass Oracle WebLogic Console / WLST Unspeciﬁed Privilege Escalation (CVE-2008-2577) CVE-2008-2577 30 Nov 2011 4.6 (v2) Medium Pass Oracle WebLogic Server Unspeciﬁed Information Disclosure (CVE-2008-2578) CVE-2008-2578 30 Nov 2011 4.3 (v2) Medium Pass Oracle WebLogic Plugins Unspeciﬁed Remote Issue (CVE-2008-2579) CVE-2008-2579 30 Nov 2011 6.8 (v2) Medium Pass Oracle WebLogic Server Servlets Unspeciﬁed Unauthenticated Remote Issue (CVE-2008-4013) CVE-2008-4013 30 Nov 2011 6.8 (v2) Medium Pass Oracle WebLogic ForeignJMS Component Unspeciﬁed Information Disclosure (CVE-2008-2576) CVE-2008-2576 30 Nov 2011 4.3 (v2) Medium Pass GitLab 14.6.x < 14.6.5 / 14.7.x < 14.7.4 / 14.8.x < 14.8.2 Information Disclosure CVE-2022-0738 14 Mar 2022 7.5 (v3) High Pass Oracle WebLogic Multiple Authorizer Unspeciﬁed Privilege Escalation (CVE-2008-4009) CVE-2008-4009 30 Nov 2011 5.1 (v2) Medium Pass Oracle WebLogic Admin State Unspeciﬁed Privilege Escalation (CVE-2008-4011) CVE-2008-4011 30 Nov 2011 2.1 (v2) Low Pass Oracle WebLogic UDDI Explorer Unspeciﬁed Vulnerability (CVE-2008-2581) CVE-2008-2581 30 Nov 2011 5.1 (v2) Medium Pass PHP 7.1.x < 7.1.7 Multiple Vulnerabilities CVE-2017-7890 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 CVE-2017-11144 CVE-2017-11145 CVE-2017-11362 CVE-2017-11628 CVE-2017-12933 CVE-2017-1293413 Jul 2017 9.8 (v3) Critical Pass Atlassian Conﬂuence 6.14.x < 6.14.3 / 6.15.x < 6.15.5 stored cross-site-scripting (SXSS) Vulnerability CVE-2019-20102 30 Apr 2020 6.1 (v3) Medium Pass Oracle WebLogic DoS (CVE-2008-2582) CVE-2008-2582 30 Nov 2011 5 (v2) Medium Pass Oracle WebLogic WLS Unspeciﬁed Vulnerability (CVE-2008-5461) CVE-2008-5461 30 Nov 2011 6.8 (v2) Medium Pass Oracle WebLogic Portal Elevation of Privilege (CVE-2008-5462) CVE-2008-5462 10 Jan 2012 6.8 (v2) Medium Pass PHP 4.x < 4.3.0 ZendEngine Integer Overﬂow CVE-2006-4812 11 Jan 2012 7.5 (v2) High Pass Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection DoS (cisco-sa-nxos-bfd-dos-wGQXrzxn)CVE-2022-20623 14 Mar 2022 7.5 (v3) High Pass GitLab 13.x < 14.6.5 / 14.7.4 / 14.8.2 Information Disclosure CVE-2021-4191 14 Mar 2022 5.3 (v3) Medium Pass Icecast HTTP Basic Authorization Remote Overﬂow DoS CVE-2004-2027 01 Oct 2004 5 (v2) Medium Pass Cisco Data Center Network Manager Authentication Bypass (cisco-sa-dcnm-bypass-dyEejUMs) CVE-2020-3382 12 Aug 2020 9.8 (v3) Critical Pass Apache Struts 2 ParameterInterceptor Class OGNL Expression Parsing Remote Command Execution CVE-2011-3923 06 Feb 2012 9.8 (v3) Critical Pass Apache Struts 2 Multiple Remote Code Execution and File Overwrite Vulnerabilities (safe check) (deprecated)CVE-2012-0392 25 Jan 2012 8.1 (v3) High Pass Apache Struts 2 'method:' Preﬁx Arbitrary Remote Command Execution CVE-2016-3081 17 Dec 2018 8.1 (v3) High Pass Apache Struts 2 Tag Attribute Double OGNL Evaluation RCE CVE-2016-0785 24 Mar 2016 8.8 (v3) High Pass Apache Struts 2 ExceptionDelegator Arbitrary Remote Command Execution CVE-2012-0391 07 Aug 2013 8.8 (v3) High Pass Atlassian Jira < 8.5.8 / 8.6.0 < 8.11.1 Sensitive Data Exposure (JRASERVER-71536) CVE-2020-14179 24 Sep 2020 5.3 (v3) Medium Pass HTTP login page 26 Oct 2002 None 70

Pass Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check) CVE-2018-13379 06 Sep 2019 9.8 (v3) Critical Pass NETGEAR Web Interface Detection 22 May 2017 None Pass ClearSCADA Web Server Detection 23 Oct 2013 None Pass Open Web Analytics Detection 27 May 2014 None Pass ROADS search.pl form Parameter Traversal Arbitrary File Access CVE-2001-0215 08 Mar 2001 5 (v2) Medium Pass Graylog2 Default Credentials 10 Feb 2015 7.5 (v2) High Pass Tenable Appliance < 4.5.0 Web UI simpleupload.py Remote Command Execution (CVE-2017-8051) CVE-2017-8051 21 Apr 2017 9.8 (v3) Critical Pass Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) DoS (cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX)CVE-2020-3492 12 Oct 2020 8.6 (v3) High Pass Juniper Junos Information Exposure Vulnerability (JSA11008) CVE-2020-1628 08 Jul 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 7.1.x / 8.x < 8.1.15 OS Command Injection Vulnerability CVE-2020-2030 09 Jul 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 8.x < 8.1.15 / 9.0.x < 9.0.9 / 9.1.x < 9.1.3 TLS 1.0 Usage Vulnerability CVE-2020-1982 09 Jul 2020 4.8 (v3) Medium Pass Apache Cassandra Default Credentials 23 Dec 2020 9.8 (v3) Critical Pass NAI PGP Certiﬁcate Server Unresolvable IP DoS CVE-2000-0543 22 Jun 2000 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS Series PA-7000 9.0 < 9.0.5-h5 Remote Code Execution Vulnerability (PAN-SA-2019-0040)CVE-2019-17440 28 Jan 2020 9.8 (v3) Critical Pass DrayTek Vigor < 1.5.1 Unauthenticated RCE (Direct Check) CVE-2020-8515 22 Oct 2020 9.8 (v3) Critical Pass DNS Server Dynamic Update Record Injection 15 Jan 2009 5.8 (v3) Medium Pass Polycom SoundPoint IP Phone Default Password 22 Jun 2011 7.5 (v2) High Pass Blog Torrent btdownload.php ﬁle Variable Traversal Arbitrary File Retrieval CVE-2004-1212 05 Dec 2004 7.8 (v2) High Pass Nostromo HTTP Server Detection 30 Oct 2020 None Pass OTRS SOAP Interface Unauthenticated Object Manipulation CVE-2008-1515 08 Apr 2008 7.5 (v2) High Pass Oracle WebLogic Unsupported Version Detection 26 Apr 2018 10 (v3) Critical Pass YaCy Peer-To-Peer Search Engine XSS CVE-2004-2651 28 Dec 2004 4.3 (v2) Medium Pass Apache 2.4.17 / 2.4.18 DoS CVE-2016-1546 08 Feb 2019 5.9 (v3) Medium Pass Apache 2.4.x < 2.4.35 DoS CVE-2018-11763 27 Sep 2018 5.9 (v3) Medium Pass Apache 2.4.6 Remote DoS CVE-2013-4352 30 Jul 2014 5.3 (v3) Medium Pass Apache 2.4.x < 2.4.3 Multiple Vulnerabilities CVE-2012-2687 CVE-2012-3502 23 Aug 2012 5.3 (v3) Medium Pass phpScheduleIt < 1.0.1 Reservation.class.php Arbitrary Reservation Modiﬁcation CVE-2004-2469 20 Nov 2004 5 (v2) Medium Pass Cisco IOS Software Multiple Vulnerabilities in ntpd (cisco-sa-20150408-ntpd) CVE-2015-1798 CVE-2015-1799 10 Apr 2018 5.4 (v3) Medium Pass Atlassian JIRA < 7.13.18 / 8.0.x < 8.5.9 / 8.6.x < 8.12.1 Information Disclosure (JRASERVER-71646) CVE-2020-14183 27 Nov 2020 4.3 (v3) Medium Pass Atlassian JIRA Common Credentials 22 Mar 2019 9.8 (v3) Critical Pass Apache Cassandra < 2.1.22 / 2.2.x < 2.2.18 / 3.0.x < 3.0.22 / 3.11.x < 3.11.8 Information Disclosure VulnerabilityCVE-2020-13946 02 Dec 2020 5.9 (v3) Medium Pass WordPress Plugin 'Email Subscribers & Newsletters' Multiple Vulnerabilities CVE-2020-5767 CVE-2020-5768 27 Aug 2020 6.5 (v3) Medium Pass Cisco IOS XE Software Web UI Command Injection (cisco-sa-web-cmdinj3-44st5CcA) CVE-2020-3212 09 Jun 2020 7.2 (v3) High Pass HP-UX ftpd PAM Authentication Conﬁguration Weakness Authentication Bypass CVE-2008-1668 15 Aug 2008 7.6 (v2) High Pass Microsoft Windows 10 Version 1903 Unsupported Version Detection 14 Jan 2021 10 (v3) Critical Pass Juniper Junos OS DoS (JSA11091) CVE-2020-8617 14 Jan 2021 7.5 (v3) High Pass Rocket U2 UniData < 7.3 unidata72 RPC Interface Call Parsing Arbitrary Command Execution 21 Jun 2012 10 (v2) Critical Pass IceWarp Web Mail Multiple Flaws (3) CVE-2005-0320 CVE-2005-0321 29 Jan 2005 5 (v2) Medium Pass Cogent DataHub < 6.4.5Beta OPC Connection Failure DoS 15 Jun 2016 5 (v2) Medium Pass Rockwell Automation MicroLogix 1100 PLC < Series B FRN 12.0 MitM Replay Authentication Bypass CVE-2012-6440 07 Jul 2015 9.3 (v2) High Pass Honeywell FALCON XL Web Controller Multiple Vulnerabilities CVE-2014-2717 CVE-2014-3110 25 Aug 2014 7.6 (v2) High Pass Huawei HG532e Home Gateway Command Injection CVE-2017-17215 11 Dec 2017 8.8 (v3) High Pass PHP 5.x < 5.2.2 Multiple vulnerabilities CVE-2007-1001 CVE-2007-1583 CVE-2007-1649 CVE-2007-1717 CVE-2007-1718 11 Jan 2012 7.5 (v3) High Pass CUPS Remote Command Execution via Shellshock CVE-2014-6271 CVE-2014-7169 08 Dec 2014 10 (v2) Critical Pass OpenWrt Web UI Detection. 04 Dec 2020 None Pass BASE < 1.4.4 base_local_rules.php dir Parameter XSS 27 Oct 2009 4.3 (v2) Medium Pass SonicWALL SOHO Web Interface XSS CVE-2005-1006 06 Apr 2005 4.3 (v2) Medium Pass CubeCart <= 2.0.6 Multiple SQL Injections CVE-2005-1033 08 Apr 2005 7.5 (v2) High Pass PostNuke < 0.760 RC4 Multiple Script XSS CVE-2005-1049 08 Apr 2005 2.6 (v2) Low Pass Invision Power Board index.php Members Action st Parameter SQL Injection CVE-2005-1070 11 Apr 2005 7.5 (v2) High Pass Oracle Database 10g Multiple Remote Vulnerabilities CVE-2004-1774 CVE-2005-3202 CVE-2005-3203 CVE-2005-4832 13 Apr 2005 7.5 (v2) High Pass WWWBoard passwd.txt Authentication Credential Disclosure CVE-1999-0953 27 Nov 1999 5 (v2) Medium Pass LedgerSMB / SQL-Ledger login.pl script Parameter Arbitrary Perl Code Execution CVE-2006-5872 30 Jan 2007 7.5 (v2) High Pass XAMPP Default FTP Account CVE-2005-1078 13 Apr 2005 9.8 (v3) Critical Pass Hydrogen Detection 13 Apr 2005 None Pass IBM WebSphere Application Server Malformed Host Header JSP Source Disclosure CVE-2005-1112 14 Apr 2005 2.6 (v2) Low Pass phpBB Photo Album Module <= 2.0.53 Multiple Vulnerabilities CVE-2005-1114 CVE-2005-1115 14 Apr 2005 7.5 (v2) High Pass Cyberstrong eShop Multiple Script ProductCode Parameter SQL Injection CVE-2003-0509 07 Aug 2005 7.5 (v2) High Pass PHP Upload Center index.php ﬁlename Parameter Directory Traversal Arbitrary File Access CVE-2005-3947 13 Jan 2006 5 (v2) Medium Pass Serendipity exit.php Multiple Parameter SQL Injection CVE-2005-1134 15 Apr 2005 7.5 (v2) High Pass phpBB Knowledge Base Module kb.php cat Parameter SQL Injection CVE-2005-1196 18 Apr 2005 7.5 (v2) High Pass Coppermine Photo Gallery < 1.3.2 Multiple SQL Injections CVE-2005-1225 CVE-2005-1226 21 Apr 2005 7.5 (v2) High Pass ELMAH (Error Logging Modules and Handlers) Remotely Accessible 03 Apr 2014 5 (v2) Medium Pass phpBB <= 2.0.14 Multiple Vulnerabilities CVE-2005-1193 CVE-2005-1290 25 Apr 2005 4.3 (v2) Medium Pass Horde Turba Contact Manager common-footer.inc Parent Frame Page Title XSS CVE-2005-1315 26 Apr 2005 4.3 (v2) Medium Pass Horde Mnemo common-footer.inc Parent Frame Page XSS CVE-2005-1320 26 Apr 2005 4.3 (v2) Medium Pass Horde Nag common-footer.inc Parent Frame Page Title XSS CVE-2005-1322 26 Apr 2005 4.3 (v2) Medium Pass Horde Turba common-footer.inc Parent Frame Page Title XSS CVE-2005-1315 26 Apr 2005 4.3 (v2) Medium Pass CuteNews Debug Info Disclosure 04 Dec 2003 5 (v2) Medium Pass IMP common-footer.inc Parent Frame Page Title XSS CVE-2005-1319 26 Apr 2005 4.3 (v2) Medium Pass yappa-ng < 2.3.2 Multiple Vulnerabilities CVE-2005-1311 CVE-2005-1312 27 Apr 2005 6.8 (v2) Medium Pass Serendipity BBCode Plugin XSS CVE-2005-1448 28 Apr 2005 2.6 (v2) Low Pass Apple iTunes < 12.7.5 Multiple Vulnerabilities (uncredentialed check) CVE-2018-4188 CVE-2018-4190 CVE-2018-4192 CVE-2018-4199 CVE-2018-4200 CVE-2018-4201 CVE-2018-4204 CVE-2018-4214 CVE-2018-4218 CVE-2018-4222 CVE-2018-4224 CVE-2018-4225 CVE-2018-4226 CVE-2018-4232 CVE-2018-4233 CVE-2018-424606 Jun 2018 8.8 (v3) High Pass UserPro Plugin for WordPress up_auto_log Parameter Remote Authentication Bypass CVE-2017-16562 12 Jun 2018 9.8 (v3) Critical Pass VX Search HTTP POST Request Handling Remote Stack Buﬀer Overﬂow CVE-2017-7310 15 Jun 2018 7.8 (v3) High Pass Sync Breeze HTTP POST Request Handling Remote Stack Buﬀer Overﬂow 15 Jun 2018 9.8 (v3) Critical Pass Dup Scout HTTP POST Request Handling Remote Stack Buﬀer Overﬂow 15 Jun 2018 9.8 (v3) Critical Pass Disk Savvy HTTP POST Request Handling Remote Stack Buﬀer Overﬂow 15 Jun 2018 9.8 (v3) Critical Pass IBM InfoSphere Information Governance Catalog Detection 08 Jun 2018 None Pass Apple TV < 11.4.1 Multiple Vulnerabilities CVE-2018-4248 CVE-2018-4261 CVE-2018-4262 CVE-2018-4263 CVE-2018-4264 CVE-2018-4265 CVE-2018-4266 CVE-2018-4267 CVE-2018-4270 CVE-2018-4271 CVE-2018-4272 CVE-2018-4273 CVE-2018-4277 CVE-2018-4278 CVE-2018-4280 CVE-2018-4282 CVE-2018-4284 CVE-2018-429316 Jul 2018 8.8 (v3) High Pass MySQL 8.0.x < 8.0.12 Multiple Vulnerabilities (Jul 2018 CPU) (Jul 2019 CPU) CVE-2018-0739 CVE-2018-3054 CVE-2018-3056 CVE-2018-3060 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3067 CVE-2018-3073 CVE-2018-3074 CVE-2018-3075 CVE-2018-3077 CVE-2018-3078 CVE-2018-3079 CVE-2018-3080 CVE-2018-3082 CVE-2018-308420 Jul 2018 7.1 (v3) High Pass MySQL 5.7.x < 5.7.23 Multiple Vulnerabilities (July 2018 CPU) CVE-2018-0739 CVE-2018-2767 CVE-2018-3054 CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070 CVE-2018-3071 CVE-2018-3077 CVE-2018-308120 Jul 2018 7.1 (v3) High Pass PHP 7.2.x < 7.2.8 Use After Free Arbitrary Code Execution in EXIF CVE-2018-12882 CVE-2018-14851 CVE-2018-14883 CVE-2018-15132 20 Jul 2018 9.8 (v3) Critical Pass Elasticsearch ESA-2018-07 CVE-2018-3822 22 Aug 2018 9.8 (v3) Critical Pass Elasticsearch ESA-2017-19 CVE-2017-8448 22 Aug 2018 8.8 (v3) High Pass Elasticsearch ESA-2017-06 CVE-2017-8438 22 Aug 2018 8.8 (v3) High Pass ASUSTOR Data Master < 3.1.6 Multiple Vulnerabilities CVE-2018-15694 CVE-2018-15695 CVE-2018-15696 CVE-2018-15697 CVE-2018-15698 CVE-2018-15699 24 Aug 2018 6.5 (v3) Medium Pass EMC Data Protection Advisor 6.2 < 6.4 Patch B180 / < 6.5 patch B51 (DSA-2018-112). CVE-2018-11048 31 Aug 2018 8.1 (v3) High Pass Zinwave Series 3000 DAS Web Interface Default Credentials 13 Sep 2018 9.8 (v3) Critical Pass Symantec Messaging Gateway 10.x < 10.6.6 Multiple Vulnerabilities (SYMSA1461) CVE-2018-12242 CVE-2018-12243 20 Sep 2018 9.8 (v3) Critical Pass Elasticsearch ESA-2018-15 CVE-2018-3831 24 Sep 2018 8.8 (v3) High Pass Apple iTunes < 12.9 Multiple Vulnerabilities (uncredentialed check) CVE-2018-4191 CVE-2018-4197 CVE-2018-4299 CVE-2018-4306 CVE-2018-4309 CVE-2018-4311 CVE-2018-4312 CVE-2018-4314 CVE-2018-4315 CVE-2018-4316 CVE-2018-4317 CVE-2018-4318 CVE-2018-4319 CVE-2018-4323 CVE-2018-4328 CVE-2018-4345 CVE-2018-4358 CVE-2018-4359 CVE-2018-436102 Oct 2018 8.8 (v3) High Pass Apple iTunes < 12.8 Multiple Vulnerabilities (uncredentialed check) CVE-2018-4261 CVE-2018-4262 CVE-2018-4263 CVE-2018-4264 CVE-2018-4265 CVE-2018-4266 CVE-2018-4267 CVE-2018-4270 CVE-2018-4271 CVE-2018-4272 CVE-2018-4273 CVE-2018-4278 CVE-2018-4284 CVE-2018-429302 Oct 2018 8.8 (v3) High Pass Cisco Prime Infrastructure TFTP Arbitrary File Upload and Command Execution Vulnerability (cisco-sa-20181003-pi-tftp)CVE-2018-15379 12 Oct 2018 9.8 (v3) Critical Pass Cisco Prime Infrastructure TFTP Arbitrary File Upload and Command Execution Vulnerability (cisco-sa-20181003-pi-tftp)CVE-2018-15379 16 Oct 2018 9.8 (v3) Critical Pass MySQL 8.0.x < 8.0.13 Multiple Vulnerabilities (Oct 2018 CPU) (Jul 2019 CPU) CVE-2016-9843 CVE-2018-3133 CVE-2018-3137 CVE-2018-3143 CVE-2018-3144 CVE-2018-3145 CVE-2018-3155 CVE-2018-3156 CVE-2018-3161 CVE-2018-3162 CVE-2018-3170 CVE-2018-3171 CVE-2018-3173 CVE-2018-3174 CVE-2018-3182 CVE-2018-3185 CVE-2018-3186 CVE-2018-3187 CVE-2018-3195 CVE-2018-3200 CVE-2018-3203 CVE-2018-3212 CVE-2018-3247 CVE-2018-3251 CVE-2018-3276 CVE-2018-3277 CVE-2018-3278 CVE-2018-3279 CVE-2018-3280 CVE-2018-3282 CVE-2018-3283 CVE-2018-3284 CVE-2018-3285 CVE-2018-3286 CVE-2019-2743 CVE-2019-2746 CVE-2019-274719 Oct 2018 9.8 (v3) Critical Pass MySQL 5.7.x < 5.7.24 Multiple Vulnerabilities (Oct 2018 CPU) (Jul 2019 CPU) CVE-2016-9843 CVE-2018-3133 CVE-2018-3143 CVE-2018-3144 CVE-2018-3155 CVE-2018-3156 CVE-2018-3161 CVE-2018-3162 CVE-2018-3171 CVE-2018-3173 CVE-2018-3174 CVE-2018-3185 CVE-2018-3187 CVE-2018-3200 CVE-2018-3247 CVE-2018-3251 CVE-2018-3276 CVE-2018-3277 CVE-2018-3278 CVE-2018-3282 CVE-2018-3283 CVE-2018-3284 CVE-2019-273119 Oct 2018 9.8 (v3) Critical Pass MySQL 5.6.x < 5.6.42 Multiple Vulnerabilities (October 2018 CPU) CVE-2016-9843 CVE-2018-3133 CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3247 CVE-2018-3251 CVE-2018-3276 CVE-2018-3278 CVE-2018-328219 Oct 2018 9.8 (v3) Critical Pass MySQL 5.5.x < 5.5.62 Multiple Vulnerabilities (October 2018 CPU) CVE-2016-9843 CVE-2018-3133 CVE-2018-3174 CVE-2018-3282 19 Oct 2018 9.8 (v3) Critical Pass Apple iTunes < 12.9.1 Multiple Vulnerabilities (uncredentialed check) CVE-2018-4372 CVE-2018-4373 CVE-2018-4374 CVE-2018-4375 CVE-2018-4376 CVE-2018-4377 CVE-2018-4378 CVE-2018-4382 CVE-2018-4386 CVE-2018-4392 CVE-2018-4394 CVE-2018-4398 CVE-2018-4409 CVE-2018-441602 Nov 2018 8.8 (v3) High Pass Oracle Primavera Gateway Multiple Vulnerabilities (Oct 2018 CPU) CVE-2015-9251 CVE-2018-1275 CVE-2018-7489 02 Nov 2018 9.8 (v3) Critical Pass Appweb < 7.0.3 authCondition Authentication Bypass Vulnerability CVE-2018-8715 02 Nov 2018 8.1 (v3) High Pass jQuery-File-Upload Arbitrary File Upload Vulnerability (Remote Check) CVE-2018-9206 22 Oct 2018 9.8 (v3) Critical Pass Kibana ESA-2018-18 CVE-2018-17246 07 Nov 2018 9.8 (v3) Critical Pass WordPress Plugin 'WP GDPR Compliance' < 1.4.3 Privilege Escalation CVE-2018-19207 14 Nov 2018 9.8 (v3) Critical Pass Kibana ESA-2018-17 CVE-2018-17245 05 Dec 2018 9.8 (v3) Critical Pass Elasticsearch ESA-2015-06 CVE-2015-5377 07 Dec 2018 9.8 (v3) Critical Pass Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU) CVE-2018-2911 CVE-2018-3152 CVE-2018-3210 11 Dec 2018 8.3 (v3) High Pass Quest NetVault Backup Server < 11.4.5 Process Manager Service SQL Injection Remote Code Execution VCVE-2017-17417ulnerability (ZDI-17-982) 14 Dec 2018 9.8 (v3) Critical Pass IBM WebSphere Application Server 9.0.0.x < 9.0.0.10 XML External Entity Injection (XXE) Vulnerability (CVE-2018-1905)CVE-2018-1905 14 Dec 2018 7.1 (v3) High Pass Kubernetes proxy request handling vulnerability (CVE-2018-1002105) CVE-2018-1002105 14 Dec 2018 9.8 (v3) Critical Pass SSL / TLS Certiﬁcate Known Hard Coded Private Keys CVE-2015-6358 CVE-2015-7255 CVE-2015-7256 CVE-2015-7276 CVE-2015-8251 08 Jan 2019 7.5 (v3) High 71

Pass SSH Known Hard Coded Private Keys CVE-2015-6358 CVE-2015-7255 CVE-2015-7256 CVE-2015-7276 CVE-2015-8251 08 Jan 2019 7.5 (v3) High Pass Apache Tomcat 8.0.x < 8.0.52 / 8.5.x < 8.5.31 / 9.0.x < 9.0.8 Denial of Service CVE-2018-1336 11 Jan 2019 7.5 (v3) High Pass MariaDB 10.0.0 < 10.0.37 Multiple Vulnerabilities CVE-2016-9843 CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3251 CVE-2018-3282 16 Jan 2019 9.8 (v3) Critical Pass MariaDB 5.5.0 < 5.5.42 Multiple Vulnerabilities CVE-2015-0433 CVE-2015-0441 CVE-2015-2568 CVE-2015-2573 16 Jan 2019 7.5 (v3) High Pass MySQL 8.0.x < 8.0.14 Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-0734 CVE-2018-3123 CVE-2019-2420 CVE-2019-2434 CVE-2019-2436 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2486 CVE-2019-2494 CVE-2019-2495 CVE-2019-2502 CVE-2019-2503 CVE-2019-2507 CVE-2019-2510 CVE-2019-2513 CVE-2019-2528 CVE-2019-2529 CVE-2019-2530 CVE-2019-2531 CVE-2019-2532 CVE-2019-2533 CVE-2019-2534 CVE-2019-2535 CVE-2019-2536 CVE-2019-2537 CVE-2019-253917 Jan 2019 7.1 (v3) High Pass MySQL 5.7.x < 5.7.25 Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-0734 CVE-2018-3123 CVE-2019-2420 CVE-2019-2434 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2503 CVE-2019-2507 CVE-2019-2510 CVE-2019-2528 CVE-2019-2529 CVE-2019-2531 CVE-2019-2532 CVE-2019-2534 CVE-2019-253717 Jan 2019 7.1 (v3) High Pass MySQL 5.6.x < 5.6.43 Multiple Vulnerabilities (Jan 2019 CPU) CVE-2018-0734 CVE-2018-3123 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2503 CVE-2019-2507 CVE-2019-2529 CVE-2019-2531 CVE-2019-2534 CVE-2019-253717 Jan 2019 7.1 (v3) High Pass File Alteration Monitor daemon (famd) Detection 02 May 2005 None Pass MariaDB 10.2.0 < 10.2.19 Multiple Vulnerabilities CVE-2016-9843 CVE-2018-3143 CVE-2018-3156 CVE-2018-3162 CVE-2018-3173 CVE-2018-3174 CVE-2018-3185 CVE-2018-3200 CVE-2018-3251 CVE-2018-3277 CVE-2018-3282 CVE-2018-328425 Jan 2019 9.8 (v3) Critical Pass VMware ESX / ESXi Web-Based Datastore Browser Default Credentials 24 Jan 2019 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.14 Multiple vulnerabilities. CVE-2016-10166 CVE-2018-19935 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 24 Jan 2019 9.8 (v3) Critical Pass PHP 7.3.x < 7.3.1 Multiple vulnerabilities. CVE-2016-10166 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9023 CVE-2019-9024 CVE-2019-9025 30 Jan 2019 9.8 (v3) Critical Pass JBoss Remoting RemoteMessageChannel DoS (intrusive check) CVE-2018-1041 31 Jan 2019 7.5 (v3) High Pass MariaDB 10.1 < 10.1.31 Multiple Vulnerabilities CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-3133 28 Jan 2019 7.1 (v3) High Pass iLO 3 < 1.88 Information Disclosure Vulnerability CVE-2016-4379 15 Feb 2019 3.7 (v3) Low Pass iLO 2 2.29 Remote Code Execution Vulnerability CVE-2017-8979 26 Feb 2019 9.8 (v3) Critical Pass MongoDB 3.4.x < 3.4.10 / 3.5.x < 3.6.0-rc0 mongod CVE-2017-15535 21 Feb 2019 9.1 (v3) Critical Pass EMC RSA Archer < 6.4.1.5 / 6.5.x < 6.5.0.2 Multiple Vulnerabilities CVE-2019-3715 CVE-2019-3716 07 Mar 2019 7.8 (v3) High Pass EMC RSA Authentication Manager < 8.4 P1 Insecure Credential Management (DSA-2019-038) CVE-2019-3711 08 Mar 2019 7.2 (v3) High Pass VMWare STARTTLS Support 01 Mar 2019 None Pass Logstash ESA-2019-05 CVE-2019-7612 20 Mar 2019 9.8 (v3) Critical Pass phpMyAdmin 4.x < 4.8.5 Multiple Vulnerabilities (PMASA-2019-1) (PMASA-2019-2) CVE-2019-6798 CVE-2019-6799 27 Mar 2019 9.8 (v3) Critical Pass Elasticsearch ESA-2019-04 CVE-2019-7611 20 Mar 2019 8.1 (v3) High Pass Aruba VAN SDN Controller Detection 12 Mar 2019 None Pass WePresent ﬁle_transfer.cgi Remote Command Execution CVE-2019-3929 30 Apr 2019 9.8 (v3) Critical Pass Oracle RDBMS Host Name and Patch Info 26 Apr 2010 None Pass Apache Storm WebUI Detection 28 Feb 2019 None Pass Trihedral VTScada 8.x < 11.2.02 Multiple Vulnerabilities CVE-2016-4510 CVE-2016-4523 CVE-2016-4532 28 Sep 2017 9.1 (v3) Critical Pass ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0005) (Remote Check) CVE-2019-5518 CVE-2019-5519 29 Mar 2019 6.8 (v3) Medium Pass Magento 2.2.x < 2.2.8 / 2.3.x < 2.3.1 Unauthenticated SQLi 29 Mar 2019 10 (v3) Critical Pass Oracle GlassFish Server Path Traversal CVE-2017-1000028 30 May 2018 7.5 (v3) High Pass Apache Tomcat HTTP PUT JSP File Upload RCE CVE-2017-12617 04 Dec 2017 8.1 (v3) High Pass CyberArk Password Vault Web Access .NET Object Deserialization (Direct Check) CVE-2018-9843 01 Jun 2018 9.8 (v3) Critical Pass Slimstat Analytics Plugin for WordPress < 4.7.1 PHP Object Injection 05 Dec 2017 7.4 (v3) High Pass Ultimate Form Builder Lite for WordPress < 1.3.7 SQL Injection CVE-2017-15919 05 Dec 2017 9.8 (v3) Critical Pass Zabbix Server 'active checks' Command Injection CVE-2017-2824 06 Dec 2017 8.1 (v3) High Pass MariaDB 10.2.x < 10.2.10 Multiple Vulnerabilities CVE-2017-3302 CVE-2017-3308 CVE-2017-3309 CVE-2017-3313 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-10268 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384 CVE-2017-1536507 Dec 2017 8.8 (v3) High Pass Smush Image Plugin for WordPress < 2.7.6 Directory Traversal CVE-2017-15079 12 Dec 2017 7.5 (v3) High Pass RegistrationMagic Plugin for WordPress < 3.7.9.3 PHP Object Injection 12 Dec 2017 8.3 (v3) High Pass Gallery Bank Plugin for WordPress < 2.0.20 XSS 15 Dec 2017 2.4 (v3) Low Pass WP Symposium Plugin Arbitrary File Upload CVE-2014-10021 19 Dec 2017 10 (v3) Critical Pass Palo Alto Networks PAN-OS Management Interface RCE (PAN-SA-2017-0027) CVE-2017-15944 20 Dec 2017 9.8 (v3) Critical Pass GitHub Enterprise Detection 19 Dec 2017 None Pass ESXi 5.5 / 6.0 / 6.5 / Multiple Vulnerabilities (VMSA-2017-0021) (VMSA-2018-0002) (Spectre) (remote check)CVE-2017-4940 CVE-2017-4941 CVE-2017-5715 CVE-2017-5753 29 Dec 2017 7.5 (v3) High Pass ESXi 6.5 < Build 6765664 Heap Buﬀer Overﬂow (VMSA-2017-0021) (remote check) CVE-2017-4933 05 Jan 2018 7.5 (v3) High Pass Apple iTunes < 12.7.2 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2017-7156 CVE-2017-7157 CVE-2017-7160 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 08 Jan 2018 8.8 (v3) High Pass Elasticsearch Transport Protocol Unspeciﬁed Remote Code Execution CVE-2015-5377 11 Jan 2018 9.8 (v3) Critical Pass Oracle WebLogic WSAT Remote Code Execution CVE-2017-10271 28 Dec 2017 7.5 (v3) High Pass Apple iTunes < 12.7.3 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2018-4088 CVE-2018-4096 26 Jan 2018 8.8 (v3) High Pass Symantec (Blue Coat) Reporter Multiple Vulnerabilities (SA158) CVE-2017-15531 26 Jan 2018 9.8 (v3) Critical Pass Weak DH Key Exchange Supported (PCI DSS) CVE-2015-4000 29 Jan 2018 3.7 (v3) Low Pass pfSense < 2.1.1 Multiple Vulnerabilities (SA-14_02 / SA-14_03) CVE-2013-4353 CVE-2013-5211 CVE-2013-6449 CVE-2013-6450 CVE-2014-1452 31 Jan 2018 8.8 (v3) High Pass pfSense < 2.2.1 Multiple Vulnerabilities (SA-15_02 - SA-15_04) CVE-2015-2294 CVE-2015-2295 31 Jan 2018 7.1 (v3) High Pass pfSense < 2.2.6 Multiple Vulnerabilities (SA-15_09 / SA-15_10 / SA-15_11) CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-8023 31 Jan 2018 9 (v3) Critical Pass pfSense < 2.3.3 Multiple Vulnerabilities (SA-17_01 - SA-17_03) CVE-2016-1889 CVE-2016-6559 CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-8610 CVE-2016-8858 CVE-2016-9310 CVE-2016-9311 CVE-2016-9312 CVE-2016-10009 CVE-2016-1001031 Jan 2018 9.8 (v3) Critical Pass pfSense < 2.3.4 Multiple Vulnerabilities (SA-17_04) CVE-2016-9042 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-7407 CVE-2017-746831 Jan 2018 9.8 (v3) Critical Pass pfSense 2.3.x < 2.3.5 / 2.4.x < 2.4.2 Multiple XSS Vulnerabilites (SA-17_08 / SA-17_09) CVE-2017-1000479 31 Jan 2018 8.8 (v3) High Pass Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check) 09 Feb 2018 None Pass IBM San Volume Controller / Storwize / FlashSystem 8.1.x < 8.1.0.1 privilege escalation vulnerability CVE-2017-1710 15 Feb 2018 9.8 (v3) Critical Pass Apple TV < 11.2.6 Telugu Character Handling Remote Memory Corruption Vulnerability CVE-2018-4124 23 Feb 2018 9.8 (v3) Critical Pass Lantronix Universal Device Server UDS1100 Version 12 Feb 2018 None Pass VMware AirWatch Console 9.1.x < 9.1.5 / 9.2.x < 9.2.2 XSRF CVE-2017-4951 02 Feb 2018 8.8 (v3) High Pass Hikvision IP Camera Remote Authentication Bypass CVE-2017-7921 CVE-2017-7923 28 Feb 2018 10 (v3) Critical Pass Cisco UCS Central Software < 2.0(1c) HTTP Request Handling RCE CVE-2018-0113 06 Mar 2018 8.8 (v3) High Pass Quest DR Series Appliance Web Detection 08 Mar 2018 None Pass Trend Micro Smart Protection Server Session Hijacking Via Log File Disclosure CVE-2017-11398 08 Mar 2018 8.8 (v3) High Pass Apache Traﬃc Server 6.x < 6.2.2 / 7.x < 7.1.2 Host Header and Line Folding Vulnerability CVE-2017-5660 08 Mar 2018 8.6 (v3) High Pass Apache Traﬃc Server 5.2.0 - 5.3.2 / 6.x < 6.2.2 / 7.x < 7.1.2 TLS Handshake DoS CVE-2017-7671 08 Mar 2018 7.5 (v3) High Pass Adobe Connect < 9.7.5 Multiple Vulnerabilities (APSB18-06) CVE-2018-4921 CVE-2018-4923 14 Mar 2018 9.1 (v3) Critical Pass Aspen HTTP Server Detection 16 Mar 2018 None Pass Apache 2.4.x < 2.4.33 Multiple Vulnerabilities (deprecated) CVE-2017-15710 CVE-2017-15715 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 30 Mar 2018 9.8 (v3) Critical Pass OS Identiﬁcation : UPnP 29 Mar 2018 None Pass MS09-003: Microsoft Exchange Remote Code Execution (959239) (Uncredentialed) CVE-2009-0098 CVE-2009-0099 03 Apr 2018 9.8 (v3) Critical Pass Microsoft SQL Server TCP/IP Listener Product Database Detection 19 Mar 2018 None Pass Microsoft SQL Server Default Credentials (PCI wordlist) 26 Mar 2018 9.8 (v3) Critical Pass pfSense < 2.3.5 Multiple Vulnerabilities (KRACK) CVE-2017-12837 CVE-2017-12883 CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13084 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 CVE-2017-13704 CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-1449613 Apr 2018 9.8 (v3) Critical Pass pfSense < 2.4.3 Multiple Vulnerabilities (SA-18_01 / SA-18_02 / SA-18_03) (Meltdown) (Spectre) CVE-2017-5715 CVE-2017-5754 CVE-2018-6916 13 Apr 2018 9.8 (v3) Critical Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (April 2018 CPU) CVE-2017-7525 CVE-2017-15095 19 Apr 2018 9.8 (v3) Critical Pass Do not scan operational technology devices 18 Apr 2018 None Pass Oracle WebLogic SNMP Detection (TCP) 01 May 2018 None Pass Oracle WebLogic SNMP Detection (UDP) 01 May 2018 None Pass Oracle WebLogic HTTP Detection 03 May 2018 None Pass WAS Target Scanning for PCI 04 Jan 2019 None Pass Adobe <= 9.7.5 Connect Authentication Bypass Vulnerability (APSB18-18, APSB18-22) CVE-2018-4994 CVE-2018-12804 CVE-2018-12805 11 May 2018 9.8 (v3) Critical Pass HP Network Automation 10.0x < 10.00.023 / 10.1x < 10.11.06 / 10.2x < 10.21.05 / 10.3x < 10.30.03 / 10.4x < 10.40.01 / 10.5x < 10.50.01 Multiple VCVE-2018-6492 CVE-2018-6493 ulnerabilities 18 May 2018 8.8 (v3) High Pass PHP 7.2.x < 7.2.5 Stack Buﬀer Overﬂow CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 04 May 2018 8.8 (v3) High Pass ISC BIND 9.12.x < 9.12.1-P1 Multiple Vulnerabilities CVE-2018-5736 CVE-2018-5737 22 May 2018 7.5 (v3) High Pass Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check) CVE-2009-3270 CVE-2009-3560 CVE-2009-3720 CVE-2012-1147 CVE-2012-1148 CVE-2012-6702 CVE-2013-7443 CVE-2015-1283 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-3717 CVE-2015-6607 CVE-2016-0718 CVE-2016-4472 CVE-2016-5300 CVE-2016-6153 CVE-2017-2383 CVE-2017-2463 CVE-2017-2479 CVE-2017-2480 CVE-2017-502908 May 2017 9.8 (v3) Critical Pass Elasticsearch Detection 21 May 2018 None Pass HP Service Manager Detection 18 May 2018 None Pass Logstash JSON API Detection 21 May 2018 None Pass Apple iTunes < 12.6.1 WebKit Memory Corruption RCE (uncredentialed check) CVE-2017-6984 19 May 2017 8.8 (v3) High Pass PHP 7.0.x < 7.0.19 Multiple Vulnerabilities CVE-2017-8923 CVE-2017-9119 25 May 2017 9.8 (v3) Critical Pass Trend Micro SafeSync for Enterprise Authentication Bypass 05 Jun 2017 7.5 (v3) High Pass GE Multilin UR / URPlus / B95Plus Relay Web Interface Detection 26 May 2017 None Pass IBM BigFix Compliance 1.9.70 Multiple Vulnerabilities CVE-2017-1178 CVE-2017-1179 CVE-2017-1196 CVE-2017-1197 09 Jun 2017 9.8 (v3) Critical Pass Redis Server Unprotected by Password Authentication 06 Jun 2017 9.8 (v3) Critical Pass Adobe Captivate Quiz Reporting Feature 'internalServerReporting.php' File Upload RCE CVE-2017-3087 16 Jun 2017 7.5 (v3) High Pass Adobe Captivate Quiz Reporting Feature 'internalserverread.php' Remote File Disclosure (APSB17-19) CVE-2017-3087 16 Jun 2017 7.5 (v3) High Pass Apache 2.2.x < 2.2.33-dev / 2.4.x < 2.4.26 Multiple Vulnerabilities CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 22 Jun 2017 9.8 (v3) Critical Pass Check_MK Agent for Linux 1.2.3i < 1.2.5i3 Arbitrary File Disclosure CVE-2014-0243 28 Jun 2017 5.5 (v3) Medium Pass WP Statistics Plugin for WordPress < 12.0.8 'functions.php' wp_statistics_searchengine_query() SQLi 07 Jul 2017 8.8 (v3) High Pass WP Statistics Plugin for WordPress 'functions.php' wp_statistics_searchengine_query() SQLi 07 Jul 2017 8.8 (v3) High Pass EMC RSA Archer < 6.2.0.2 Multiple Vulnerabilities CVE-2017-4998 CVE-2017-4999 CVE-2017-5000 CVE-2017-5001 CVE-2017-5002 07 Jul 2017 8.8 (v3) High Pass Adobe Connect < 9.6.2 Multiple Vulnerabilities (APSB17-22) CVE-2017-3101 CVE-2017-3102 CVE-2017-3103 12 Jul 2017 7.5 (v3) High Pass Foscam C1 IP Camera FTP Hard Coded Password CVE-2016-8731 14 Jul 2017 9.8 (v3) Critical Pass Apache 2.2.x < 2.2.34 Multiple Vulnerabilities CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 18 Jul 2017 9.8 (v3) Critical Pass PHP 5.6.x < 5.6.31 Multiple Vulnerabilities CVE-2017-6004 CVE-2017-7890 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 CVE-2017-11142 CVE-2017-11143 CVE-2017-11144 CVE-2017-11145 CVE-2017-11628 CVE-2017-1293313 Jul 2017 9.8 (v3) Critical Pass PHP 7.0.x < 7.0.21 Multiple Vulnerabilities CVE-2017-6004 CVE-2017-7890 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 CVE-2017-11144 CVE-2017-11145 CVE-2017-11362 CVE-2017-11628 CVE-2017-12933 CVE-2017-1293413 Jul 2017 9.8 (v3) Critical Pass AXIS gSOAP Message Handling RCE (ACV-116267) (Devil's Ivy) CVE-2017-9765 19 Jul 2017 8.1 (v3) High Pass Linksys Smart Wi-Fi Router Default Credentials 19 Jul 2017 9.8 (v3) Critical Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 1 Token Proﬁle Name Stored XSS (ESA-2017-068) CVE-2017-8000 20 Jul 2017 4.8 (v3) Medium 72

Pass Oracle Primavera Gateway Multiple Vulnerabilities (July 2017 CPU) CVE-2015-0254 CVE-2016-6814 21 Jul 2017 9.8 (v3) Critical Pass IBM BigFix Platform 9.1.x < 9.1.1328.0 / 9.2.x < 9.2.11.19 Multiple Vulnerabilities CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1203 CVE-2017-1219 27 Jul 2017 9.8 (v3) Critical Pass GoAhead System.ini Leak CVE-2017-8225 03 Aug 2017 9.8 (v3) Critical Pass ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015) (remote check) CVE-2016-2183 CVE-2016-7055 CVE-2016-1000110 CVE-2017-3730 CVE-2017-3731 CVE-2017-3732 CVE-2017-4925 20 Sep 2017 7.5 (v3) High Pass Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability CVE-2017-6767 25 Aug 2017 7.1 (v3) High Pass Fuji Electric V-Server Detection 24 Jul 2017 None Pass HP Operations Orchestration 10.x < 10.80 Remote Code Execution CVE-2017-8994 05 Sep 2017 9.8 (v3) Critical Pass IBM BigFix Remote Control < 9.1.4 Authentication Bypass CVE-2016-2930 13 Sep 2017 7.5 (v3) High Pass D-Link DIR Router Missing Authentication Check CVE-2017-14417 14 Sep 2017 9.8 (v3) Critical Pass ESXi 5.5 < Build 6480267 RPC NULL Pointer Dereference Vulnerability (VMSA-2017-0015) (remote check) CVE-2017-4925 21 Sep 2017 5.5 (v3) Medium Pass VMware vCenter Server 6.5.x < 6.5u1 H5 Client Stored XSS (VMSA-2017-0015) CVE-2017-4926 21 Sep 2017 5.4 (v3) Medium Pass EMC Data Protection Advisor < 6.4.130 Hardcoded Password Vulnerability CVE-2017-8013 21 Sep 2017 9.8 (v3) Critical Pass Apache Solr < 6.6.1 Kerberos Plugin Delegation Token Handling Remote Information Disclosure CVE-2017-9803 27 Sep 2017 7.5 (v3) High Pass Apple iTunes < 12.7 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2017-7081 CVE-2017-7087 CVE-2017-7090 CVE-2017-7091 CVE-2017-7092 CVE-2017-7093 CVE-2017-7094 CVE-2017-7095 CVE-2017-7096 CVE-2017-7098 CVE-2017-7099 CVE-2017-7100 CVE-2017-7102 CVE-2017-7104 CVE-2017-7107 CVE-2017-7109 CVE-2017-7111 CVE-2017-7117 CVE-2017-712027 Sep 2017 8.8 (v3) High Pass Trihedral VTScada Detection 28 Sep 2017 None Pass HP UCMDB Server BeanUtils Java Deserialization RCE CVE-2017-14353 09 Oct 2017 8.8 (v3) High Pass EMC RSA Archer < 6.2.0.5 Multiple Vulnerabilities CVE-2017-8016 CVE-2017-8025 CVE-2017-14369 CVE-2017-14370 CVE-2017-14371 CVE-2017-14372 12 Oct 2017 7.4 (v3) High Pass Apache 2.4.x < 2.4.28 HTTP Vulnerability (OptionsBleed) CVE-2017-9798 13 Oct 2017 7.5 (v3) High Pass Trend Micro OﬃceScan Web Interface Detection 19 Oct 2017 None Pass ONVIF Device Services 17 Oct 2017 None Pass ONVIF Camera Snapshot 17 Oct 2017 None Pass ONVIF Get Device User List 17 Oct 2017 None Pass Ubiquiti Networks UniFi < 3.9.3.7537 (KRACK) CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13084 CVE-2017-13086 CVE-2017-13087 CVE-2017-1308817 Oct 2017 8.1 (v3) High Pass Microsoft Windows SMB Server (2017-10) Multiple Vulnerabilities (uncredentialed check) CVE-2017-11780 CVE-2017-11781 17 Oct 2017 7 (v3) High Pass Trend Micro OﬃceScan cgiShowClientAdm Remote Memory Corruption CVE-2017-14083 CVE-2017-14084 CVE-2017-14085 CVE-2017-14086 CVE-2017-14087 CVE-2017-14088 CVE-2017-14089 19 Oct 2017 9.8 (v3) Critical Pass Linksys E1500/E2500 Authenticated Command Execution 25 Oct 2017 9.1 (v3) Critical Pass ONVIF Stream URI 31 Oct 2017 None Pass Apache Solr 5.x < 5.5.5 / 6.x < 6.6.2 / 7.x < 7.1.0 Multiple Vulnerabilities CVE-2017-12629 02 Nov 2017 9.8 (v3) Critical Pass IBM BigFix Platform 9.2.x < 9.2.12 / 9.5.x < 9.5.7 Multiple Vulnerabilities CVE-2017-1218 CVE-2017-1220 CVE-2017-1222 CVE-2017-1225 CVE-2017-1226 CVE-2017-1228 CVE-2017-1230 CVE-2017-1232 CVE-2017-152102 Nov 2017 8.8 (v3) High Pass Apple iTunes < 12.7.1 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2017-13783 CVE-2017-13784 CVE-2017-13785 CVE-2017-13788 CVE-2017-13791 CVE-2017-13792 CVE-2017-13793 CVE-2017-13794 CVE-2017-13795 CVE-2017-13796 CVE-2017-13797 CVE-2017-13798 CVE-2017-13802 CVE-2017-1380302 Nov 2017 8.8 (v3) High Pass IBM Storwize 1.5.x / 1.6.x < 1.6.2.0 RC4 Initial Keystream Bias Vulnerability (CVE-2017-1375) CVE-2017-1375 03 Nov 2017 7.5 (v3) High Pass Cisco APIC-EM 1.x < 1.5 Unauthorized Access (credentialed check) CVE-2017-12262 09 Nov 2017 8.8 (v3) High Pass Adobe Connect < 9.7 Multiple Vulnerabilities (APSB17-35) CVE-2017-11287 CVE-2017-11288 CVE-2017-11289 CVE-2017-11290 CVE-2017-11291 15 Nov 2017 10 (v3) Critical Pass VMware vCenter Server 5.5.x < 5.5u3f / 6.0.x < 6.0u3c / 6.5.x < 6.5u1 Multiple Vulnerabilities (VMSA-2017-0017)CVE-2017-4927 CVE-2017-4928 17 Nov 2017 7.5 (v3) High Pass Vanilla Forums Header Injection Remote Code Execution CVE-2016-10073 17 Nov 2017 7.5 (v3) High Pass PHP 5.6.x < 5.6.32 Multiple Vulnerabilities CVE-2016-1283 CVE-2017-16642 16 Nov 2017 9.8 (v3) Critical Pass HP LaserJet Printers RCE (HPSBPI03569) CVE-2017-2750 28 Nov 2017 9.8 (v3) Critical Pass Exim < 4.89.1 Use-After-Free BDAT Remote Code Execution CVE-2017-16943 29 Nov 2017 9.8 (v3) Critical Pass Samba Version 30 Nov 2017 None Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 6 Stored Cross-Site Scripting (ESA-2017-152) CVE-2017-14379 30 Nov 2017 5.4 (v3) Medium Pass WP Google Maps for WordPress < 7.11.17 Unauthenticated SQL Injection (CVE-2019-10692) CVE-2019-10692 03 Apr 2019 9.8 (v3) Critical Pass Network Time Protocol Daemon (ntpd) read_mru_list() Remote DoS CVE-2016-7434 29 Nov 2016 7.5 (v3) High Pass Observium Detection 29 Nov 2016 None Pass Veritas NetBackup Appliance < 2.7.2 / 3.1.0 Multiple Vulnerabilities (VTS17-003) CVE-2017-6399 CVE-2017-6400 CVE-2017-6401 CVE-2017-6402 CVE-2017-6403 CVE-2017-6404 CVE-2017-6405 CVE-2017-6406 CVE-2017-6407 CVE-2017-6408 CVE-2017-640930 Nov 2017 9.8 (v3) Critical Pass Default Password 'QwestM0dem' for 'admin' Account CVE-1999-0502 01 Dec 2017 9.8 (v3) Critical Pass VMware vCenter Server 5.5.x < 5.5u3e / 6.0.x < 6.0u2a Multiple XXE Vulnerabilities (VMSA-2016-0022) CVE-2016-7459 CVE-2016-7460 02 Dec 2016 9.1 (v3) Critical Pass HP Network Automation RPCServlet Java Object Deserialization RCE CVE-2016-8511 09 Dec 2016 9.8 (v3) Critical Pass Apple iTunes < 12.5.4 Multiple Vulnerabilities (uncredentialed check) CVE-2016-4692 CVE-2016-4743 CVE-2016-7586 CVE-2016-7587 CVE-2016-7589 CVE-2016-7592 CVE-2016-7598 CVE-2016-7599 CVE-2016-7610 CVE-2016-7611 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7640 CVE-2016-7641 CVE-2016-7642 CVE-2016-7645 CVE-2016-7646 CVE-2016-7648 CVE-2016-7649 CVE-2016-7652 CVE-2016-7654 CVE-2016-765614 Dec 2016 8.8 (v3) High Pass EMC Avamar ADS / AVE Server Detection 16 Dec 2016 None Pass IBM BigFix Remote Control < 9.1.3 Multiple Vulnerabilities (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2183 CVE-2016-2928 CVE-2016-2931 CVE-2016-2932 CVE-2016-2933 CVE-2016-2934 CVE-2016-2935 CVE-2016-2943 CVE-2016-6304 CVE-2016-630627 Dec 2016 9.8 (v3) Critical Pass Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-4975 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2020-11985 12 Jan 2017 8.1 (v3) High Pass IBM Spectrum Protect Mount Detection 27 Dec 2016 None Pass Cisco IOS IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERCVE-2016-6415TAIN) (uncredentialed check) 26 Jan 2017 7.5 (v3) High Pass Oracle WebLogic Java Object RMI Connect-Back Deserialization RCE (January 2017 CPU) CVE-2017-3248 26 Jan 2017 9.8 (v3) Critical Pass Apple iTunes < 12.5.5 Multiple Vulnerabilities (uncredentialed check) CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2366 27 Jan 2017 8.8 (v3) High Pass Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check) 03 Feb 2017 None Pass Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.13 / 6.3.9 / 6.4.5 / 6.5.2 or Splunk Light < 6.5.2 Multiple VCVE-2016-5418 CVE-2016-8688 CVE-2017-5607 CVE-2017-5880ulnerabilities 10 Feb 2017 7.5 (v3) High Pass Tenable Nessus 6.8.x and 6.9.x < 6.9.1 Stored XSS (TNS-2016-17) CVE-2016-9259 15 Feb 2017 5.4 (v3) Medium Pass F5 TLS Session Ticket Implementation Remote Memory Disclosure (Ticketbleed) (uncredentialed check) CVE-2016-9244 15 Feb 2017 7.5 (v3) High Pass WordPress 4.7.x < 4.7.2 REST API 'id' Parameter Privilege Escalation CVE-2017-1001000 16 Feb 2017 7.5 (v3) High Pass McAfee ePolicy Orchestrator Agent Remote Log Detection 16 Feb 2017 None Pass IBM DataPower Gateway Detection 06 Feb 2017 None Pass OpenSSL 1.1.0 < 1.1.0e Encrypt-Then-Mac Extension DoS CVE-2017-3733 23 Feb 2017 7.5 (v3) High Pass Splunk Enterprise 6.4.x < 6.4.6 Stored XSS Vulnerability CVE-2017-12572 03 Mar 2017 4.8 (v3) Medium Pass Kodi Local File Inclusion Information Disclosure CVE-2017-5982 22 Mar 2017 7.5 (v3) High Pass Siemens S7 Protocol Support Detection 03 Apr 2017 None Pass OS Identiﬁcation and Installed Software Enumeration over SSH v2 (Using New SSH Library) 30 May 2017 None Pass Default Password 'adminIWSS85' for 'admin' Account CVE-1999-0502 07 Apr 2017 9.8 (v3) Critical Pass VMware vCenter Server 6.0.x < 6.0u3b / 6.5.x < 6.5c BlazeDS AMF3 RCE (VMSA-2017-0007) CVE-2017-5641 19 Apr 2017 9.8 (v3) Critical Pass Tenable Nessus 6.8.x < 6.10.2 Arbitrary File Upload (TNS-2017-06) CVE-2017-6543 18 Apr 2017 7.3 (v3) High Pass NetGain Enterprise Manager Detection 10 Mar 2017 None Pass Adobe ColdFusion BlazeDS Java Object Deserialization RCE CVE-2017-3066 28 Apr 2017 9.8 (v3) Critical Pass Cisco Prime LAN Management Solution Java Object Deserialization RCE (CSCux34647) CVE-2015-6420 02 May 2017 9.8 (v3) Critical Pass Comelit Actuator Detection 21 Apr 2017 None Pass Powershell Empire Detection 21 Apr 2017 None Pass Cisco TelePresence CE 8.1.1 < 8.3.2 ICMP Packet Handling DoS (cisco-sa-20170503-ctp) CVE-2017-3825 04 May 2017 7.5 (v3) High Pass Jenkins < 2.46.2 / 2.57 and Jenkins Enterprise < 1.625.24.1 / 1.651.24.1 / 2.7.24.0.1 / 2.46.2.1 Multiple VulnerabilitiesCVE-2017-1000353 CVE-2017-1000354 CVE-2017-1000355 CVE-2017-1000356 04 May 2017 9.8 (v3) Critical Pass Dell iDRAC6 / iDRAC7 / iDRAC8 Path Traversal Authentication Bypass CVE-2015-7270 01 Apr 2016 7.8 (v3) High Pass QNAP Signage Station Arbitrary File Upload Vulnerability CVE-2015-6036 25 Mar 2016 7.5 (v3) High Pass Apache Jetspeed Detection 28 Mar 2016 None Pass Apple TV < 7.2.1 Multiple Vulnerabilities CVE-2012-6685 CVE-2014-0191 CVE-2014-3660 CVE-2015-3730 CVE-2015-3731 CVE-2015-3732 CVE-2015-3733 CVE-2015-3734 CVE-2015-3735 CVE-2015-3736 CVE-2015-3737 CVE-2015-3738 CVE-2015-3739 CVE-2015-3740 CVE-2015-3741 CVE-2015-3742 CVE-2015-3743 CVE-2015-3744 CVE-2015-3745 CVE-2015-3746 CVE-2015-3747 CVE-2015-3748 CVE-2015-3749 CVE-2015-3750 CVE-2015-3751 CVE-2015-3752 CVE-2015-3753 CVE-2015-3759 CVE-2015-3766 CVE-2015-3768 CVE-2015-3776 CVE-2015-3778 CVE-2015-3782 CVE-2015-3784 CVE-2015-3793 CVE-2015-3795 CVE-2015-3796 CVE-2015-3797 CVE-2015-3798 CVE-2015-3800 CVE-2015-3802 CVE-2015-3803 CVE-2015-3804 CVE-2015-3805 CVE-2015-3806 CVE-2015-3807 CVE-2015-5749 CVE-2015-5755 CVE-2015-5756 CVE-2015-5757 CVE-2015-5758 CVE-2015-5761 CVE-2015-5773 CVE-2015-5774 CVE-2015-5775 CVE-2015-5776 CVE-2015-5777 CVE-2015-5778 CVE-2015-5781 CVE-2015-5782 CVE-2015-799504 Apr 2016 9.8 (v3) Critical Pass VMware vRealize Business Unspeciﬁed Stored XSS (VMSA-2016-0003) CVE-2016-2075 06 Apr 2016 5.4 (v3) Medium Pass QNAP Signage Station Server Detection 25 Mar 2016 None Pass VMware vRealize Business Web UI Detection 06 Apr 2016 None Pass Cisco TelePresence Server Crafted IPv6 Packet Handling DoS (cisco-sa-20160406-cts) CVE-2016-1346 15 Apr 2016 5.9 (v3) Medium Pass Cisco Prime Infrastructure Java Deserialization RCE (cisco-sa-20160406-remcode) CVE-2016-1291 19 Apr 2016 9.8 (v3) Critical Pass Oracle WebLogic Server Java Object Deserialization RCE (April 2016 CPU) CVE-2016-0638 26 Apr 2016 9.8 (v3) Critical Pass Oracle iPlanet Web Server 7.0.x < 7.0.23 NSS ASN.1 Decoder RCE (April 2016 CPU) CVE-2015-7182 21 Apr 2016 9.8 (v3) Critical Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.27 NSS ASN.1 Decoder RCE (April 2016 CPU) CVE-2015-7182 22 Apr 2016 9.8 (v3) Critical Pass VMware vCenter Server 5.5.x < 5.5u3d / 6.0.x < 6.0u2 Client Integration Plugin Session Hijacking (VMSA-2016-0004)CVE-2016-2076 26 Apr 2016 7.6 (v3) High Pass OpenSSL 1.0.1 < 1.0.1t Multiple Vulnerabilities CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 04 May 2016 8.2 (v3) High Pass OpenSSL 1.0.2 < 1.0.2h Multiple Vulnerabilities CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 04 May 2016 8.2 (v3) High Pass Symantec Messaging Gateway 10.x < 10.6.1 Management Console Multiple Vulnerabilities (SYM16-005) CVE-2016-2203 CVE-2016-2204 05 May 2016 8.2 (v3) High Pass NetIQ Sentinel Detection 20 Apr 2016 None Pass BMC BladeLogic Server Automation RSCD Agent Detection 10 May 2016 None Pass Cisco TelePresence XML API HTTP Request Handling Authentication Bypass (cisco-sa-20160504-tpxml) CVE-2016-1387 13 May 2016 9.8 (v3) Critical Pass Moxa NPort Serial-to-Ethernet Server Detection 20 May 2016 None Pass PostgreSQL Server Login Possible 24 Jun 2016 None Pass Red Hat JBoss Operations Network Java Object Deserialization RCE CVE-2016-3737 06 Jun 2016 9.8 (v3) Critical Pass OpenSSL AES-NI Padding Oracle MitM Information Disclosure CVE-2016-2107 13 Jun 2016 5.9 (v3) Medium Noise HyperText Transfer Protocol (HTTP) Redirect Information 16 Jun 2016 None Pass Cisco APIC Detection 21 Jun 2016 None Noise Web Application Sitemap 24 Jun 2016 None Pass Wireless Access Controller Detection 06 Jun 2016 None Pass Symantec Messaging Gateway 10.x < 10.6.1-4 Multiple Vulnerabilities (SYM16-010) CVE-2016-2207 CVE-2016-2209 CVE-2016-2210 CVE-2016-2211 CVE-2016-3644 CVE-2016-3645 CVE-2016-3646 30 Jun 2016 8.4 (v3) High Pass BMC Server Automation RSCD Agent Weak ACL NSH Arbitrary Command Execution 05 Jul 2016 10 (v2) Critical Pass HPE LoadRunner Virtual Table Server import_csv Remote File Deletion DoS CVE-2016-4360 07 Jul 2016 9.1 (v3) Critical Pass PHP 5.6.x < 5.6.23 Multiple Vulnerabilities CVE-2016-4473 CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-577301 Jul 2016 9.8 (v3) Critical Pass Symantec Web Gateway Anti-Virus Deﬁnition < 20160628.037 Multiple Vulnerabilities (SYM16-010) (credentialed check)CVE-2016-2207 CVE-2016-2209 CVE-2016-2210 CVE-2016-2211 CVE-2016-3644 CVE-2016-3645 CVE-2016-3646 12 Jul 2016 8.4 (v3) High Pass Untangle NG Firewall Detection 15 Jul 2016 None Pass Apache 2.4.18 / 2.4.20 X.509 Certiﬁcate Authentication Bypass CVE-2016-4979 15 Jul 2016 7.5 (v3) High Pass Apache Tomcat 7.x < 7.0.17 Multiple Vulnerabilities CVE-2011-2204 CVE-2011-2481 CVE-2011-2526 03 Aug 2011 7.3 (v3) High 73

Pass Apache Tomcat 7.x < 7.0.20 'jsvc' Information Disclosure CVE-2011-2729 16 Aug 2011 5.3 (v3) Medium Pass IBM WebSphere Application Server Liberty Detection 04 Aug 2016 None Pass HP UCMDB Server Java Deserialization RCE CVE-2016-4368 25 Jul 2016 9.8 (v3) Critical Pass Splunk Enterprise < 5.0.16 / 6.0.12 / 6.1.11 / 6.2.11 / 6.3.6 / 6.4.2 or Splunk Light < 6.4.2 Multiple VulnerabilitiesCVE-2013-0211 CVE-2015-2304 CVE-2016-1541 CVE-2016-2107 08 Aug 2016 8.8 (v3) High Pass VMware vRealize Log Insight 2.x / 3.x < 3.3.2 Multiple Vulnerabilities (VMSA-2016-0008) CVE-2016-2081 CVE-2016-2082 10 Aug 2016 8.8 (v3) High Pass ESXi 5.0 / 5.1 / 5.5 / 6.0 Multiple Vulnerabilities (VMSA-2016-0010) (remote check) CVE-2016-5330 CVE-2016-5331 12 Aug 2016 7.8 (v3) High Pass osTicket <= 1.2.7 Multiple Vulnerabilities CVE-2005-1436 CVE-2005-1437 CVE-2005-1438 CVE-2005-1439 04 May 2005 6.8 (v2) Medium Pass SonicWALL Global Management System (GMS) / Analyzer GMC Service XML External Entity (XXE) Injection 15 Aug 2016 9.3 (v3) Critical Pass PHP 5.6.x < 5.6.25 Multiple Vulnerabilities CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-713223 Aug 2016 9.8 (v3) Critical Pass Cisco UCS Central Software < 1.3(1c) HTTP Request Handling RCE CVE-2016-1352 25 Aug 2016 9.8 (v3) Critical Pass OpenSSL < 1.0.2i Default Weak 64-bit Block Cipher (SWEET32) CVE-2016-2183 25 Aug 2016 7.5 (v3) High Pass Portable SDK for UPnP Devices (libupnp) HTTP Arbitrary File Write CVE-2016-6255 30 Aug 2016 7.5 (v3) High Pass IBM BigFix Server 9.2.x < 9.2.7.53 BES Gather XSS CVE-2016-0269 30 Aug 2016 5.4 (v3) Medium Pass SAP RMI-P4 Protocol Detection 08 Sep 2016 None Pass BMC Server Automation rscd Service Authentication Bypass RCE CVE-2016-4322 23 Sep 2016 9.8 (v3) Critical Pass Moxa MiiNePort Blank Default Telnet Password CVE-2016-2286 15 Sep 2016 7.5 (v3) High Pass Symantec Protection for SharePoint Servers Detection 09 Sep 2016 None Pass McAfee Security Information and Event Management 9.5.x / 9.6.x < 9.6.0.3 ESM Authentication Bypass (KB87744)CVE-2016-8006 26 Sep 2016 4.4 (v3) Medium Pass OpenSSL 1.0.2i CRL Handling NULL Pointer Dereference DoS CVE-2016-7052 28 Sep 2016 7.5 (v3) High Pass OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-630630 Sep 2016 9.8 (v3) Critical Pass OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-630630 Sep 2016 9.8 (v3) Critical Pass UPnP File Share Detection 13 Oct 2016 4.3 (v3) Medium Pass UPnP API Listing 13 Oct 2016 4.3 (v3) Medium Pass Apple TV < 9.1 Multiple Vulnerabilities CVE-2011-2895 CVE-2015-7038 CVE-2015-7039 CVE-2015-7040 CVE-2015-7041 CVE-2015-7042 CVE-2015-7043 CVE-2015-7047 CVE-2015-7048 CVE-2015-7051 CVE-2015-7053 CVE-2015-7054 CVE-2015-7055 CVE-2015-7058 CVE-2015-7059 CVE-2015-7060 CVE-2015-7061 CVE-2015-7064 CVE-2015-7065 CVE-2015-7066 CVE-2015-7068 CVE-2015-7072 CVE-2015-7073 CVE-2015-7074 CVE-2015-7075 CVE-2015-7079 CVE-2015-7083 CVE-2015-7084 CVE-2015-7095 CVE-2015-7096 CVE-2015-7097 CVE-2015-7098 CVE-2015-7099 CVE-2015-7100 CVE-2015-7101 CVE-2015-7102 CVE-2015-7103 CVE-2015-7104 CVE-2015-7105 CVE-2015-7109 CVE-2015-7110 CVE-2015-7111 CVE-2015-7112 CVE-2015-7115 CVE-2015-711613 Oct 2016 4.3 (v3) Medium Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.29 Mozilla NSS ASN.1 Structure Handling RCE (October 2016 CPU)CVE-2016-1950 20 Oct 2016 8.8 (v3) High Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.29 / 3.0.1.x < 3.0.1.14 / 3.1.2.x < 3.1.2.15 Java Server Faces RCE (October 2016 CPU)CVE-2016-5519 20 Oct 2016 8.8 (v3) High Pass EMC Legato Networker Remote Exec Service Stack Overﬂow RCE CVE-2007-3618 20 Oct 2016 9.1 (v3) Critical Pass Unprotected 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '666666' for '666666' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password '12345' for 'guest' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'klv123' for 'root' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass F5 Networks BIG-IP : BIG-IP Virtual Server HTTP Explicit Proxy / SOCKS Proﬁle RCE (SOL35520031) (uncrCVE-2016-5700edentialed check) 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'supervisor' for 'supervisor' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass Default Password 'support' for 'support' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Noise SSL Root Certiﬁcation Authority Certiﬁcate Information 14 Nov 2016 None Pass Apple iTunes < 12.5.2 Multiple Vulnerabilities (Uncredentialed Check) CVE-2016-4613 CVE-2016-7578 17 Nov 2016 8.8 (v3) High Pass OpenSSL 1.1.0 < 1.1.0c Multiple Vulnerabilities CVE-2016-7053 CVE-2016-7054 CVE-2016-7055 18 Nov 2016 7.5 (v3) High Pass PHP 7.0.x < 7.0.13 Multiple Vulnerabilities CVE-2016-7478 CVE-2016-9933 CVE-2016-9934 18 Nov 2016 7.5 (v3) High Pass Apple iTunes < 12.5.1 Multiple Vulnerabilities (uncredentialed Check) CVE-2016-4728 CVE-2016-4758 CVE-2016-4759 CVE-2016-4760 CVE-2016-4762 CVE-2016-4763 CVE-2016-4764 CVE-2016-4765 CVE-2016-4766 CVE-2016-4767 CVE-2016-4768 CVE-2016-476918 Nov 2016 8.8 (v3) High Pass Accellion Secure File Transfer Appliance 'oauth_token' Parameter Remote Command Execution CVE-2015-2857 27 Jul 2015 9.8 (v3) Critical Pass Accellion Secure File Transfer Appliance 'statecode' Cookie Remote File Disclosure CVE-2015-2856 27 Jul 2015 7.5 (v3) High Pass PHP 5.5.x < 5.5.28 Multiple Vulnerabilities CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-6836 CVE-2015-8835 CVE-2015-8867 CVE-2015-8873 CVE-2015-8876 11 Aug 2015 9.8 (v3) Critical Pass Invision Power Board index.php Multiple Parameter XSS CVE-2005-1443 05 May 2005 4.3 (v2) Medium Pass Web Application Cookies Not Marked HttpOnly 24 Aug 2015 None Pass Web Application Cookies Not Marked Secure 24 Aug 2015 None Pass SSL Certiﬁcate Signed Using SHA-1 Algorithm 22 Sep 2015 None Pass Symantec Web Gateway Database < 5.0.0.1277 Multiple Vulnerabilities (SYM15-009) (credentialed check) CVE-2015-5690 CVE-2015-5691 CVE-2015-5692 CVE-2015-5693 CVE-2015-6547 CVE-2015-6548 25 Sep 2015 9.9 (v3) Critical Pass OrientDB < 2.0.15 / 2.1.1 XSRF CVE-2015-2912 08 Oct 2015 8.8 (v3) High Pass Janitza Hard-Coded FTP Password CVE-2015-3968 17 Nov 2015 9.8 (v3) Critical Pass VMware ESXi 5.0 < Build 3021432 OpenSLP RCE (VMSA-2015-0007) CVE-2015-1047 CVE-2015-2342 CVE-2015-5177 19 Nov 2015 8.6 (v3) High Pass VMware ESXi 5.1 < Build 3021178 OpenSLP RCE (VMSA-2015-0007) CVE-2015-1047 CVE-2015-2342 CVE-2015-5177 19 Nov 2015 8.6 (v3) High Pass VMware ESXi 5.5 < Build 3029944 OpenSLP RCE (VMSA-2015-0007) CVE-2015-1047 CVE-2015-2342 CVE-2015-5177 19 Nov 2015 8.6 (v3) High Pass 7-Technologies / Schneider-Electric IGSS Data Collector Detection 04 Dec 2015 None Pass Nessus 5.x < 5.2.12 / 6.x < 6.4 Multiple OpenSSL Vulnerabilities CVE-2015-1788 CVE-2015-1789 19 Nov 2015 7.5 (v3) High Pass TLS NPN Supported Protocol Enumeration 08 Dec 2015 None Pass Puppet Enterprise Installation Process Local CA Key Disclosure CVE-2015-7328 17 Dec 2015 4.7 (v3) Medium Pass Emerson SM-Ethernet FTP Server Default Credentials 01 Dec 2015 9.8 (v3) Critical Pass Unbound DNS Resolver Remote Version Detection 12 Jan 2016 None Pass HP Virtual Table Server Detection 20 Jan 2016 None Pass OpenSSL 1.0.1 < 1.0.1r Multiple Vulnerabilities (Logjam) CVE-2015-3197 CVE-2015-4000 02 Feb 2016 3.7 (v3) Low Pass OpenSSL 1.0.2 < 1.0.2f Multiple Vulnerabilities (Logjam) CVE-2015-3197 CVE-2015-4000 CVE-2016-0701 02 Feb 2016 3.7 (v3) Low Pass Joomla! User-Agent Object Injection RCE CVE-2015-8562 29 Jan 2016 9.8 (v3) Critical Pass Cisco TelePresence Video Communication Server (VCS) Web UI Detection 02 Feb 2016 None Pass Ipswitch WhatsUp Gold < 16.4 Multiple Vulnerabilities CVE-2015-6004 CVE-2015-6005 CVE-2015-8261 15 Feb 2016 9.8 (v3) Critical Pass Nessus SQLite Multiple RCE CVE-2015-5895 25 Feb 2016 8.8 (v3) High Pass ESXi 5.5 < Build 3568722 / 6.0 < Build 3568940 glibc DNS Resolver RCE (VMSA-2016-0002) (remote check)CVE-2015-7547 23 Feb 2016 8.1 (v3) High Pass Ipswitch WhatsUp Gold Detection 15 Feb 2016 None Pass IBM Tivoli Storage Manager FastBack 5.5.x / 6.1.x < 6.1.12.2 Multiple Vulnerabilities CVE-2015-8519 CVE-2015-8520 CVE-2015-8521 CVE-2015-8522 CVE-2015-8523 09 Mar 2016 9.8 (v3) Critical Pass Visual Mining NetCharts Server Arbitrary File Upload CVE-2014-8516 17 Dec 2014 8.8 (v3) High Pass Symantec Encryption Management Server Remote Administrator Enumeration CVE-2015-8148 11 Mar 2016 7.5 (v3) High Pass Default Password (abc123) for 'admin' Account CVE-1999-0502 22 Dec 2014 9.8 (v3) Critical Pass 7-Technologies / Schneider-Electric IGSS ODBC Service Detection 29 Feb 2016 None Pass 7-Technologies / Schneider-Electric IGSS ODBC Version Identiﬁcation 29 Feb 2016 None Pass Default Password (centreon) for 'root' Account CVE-1999-0502 23 Dec 2014 9.8 (v3) Critical Pass Apache Traﬃc Server 5.1.x < 5.1.1 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3624 22 Jan 2015 9.8 (v3) Critical Pass Default Password (passw0rd) for 'superuser' Account CVE-1999-0502 23 Jan 2015 9.8 (v3) Critical Pass Centreon Detection 23 Dec 2014 None Pass HP SiteScope 11.1x < 11.13 or 11.2x < 11.24 IP3 Remote Privilege Escalation CVE-2014-7882 06 Feb 2015 8.1 (v3) High Pass Default Password (changemenow) for 'root' Account CVE-1999-0502 04 Feb 2015 9.8 (v3) Critical Pass Jetty HttpParser Error Remote Memory Disclosure CVE-2015-2080 27 Feb 2015 7.5 (v3) High Pass MongoDB Service Without Authentication Detection 12 Mar 2015 9.8 (v3) Critical Pass Apple TV < 7.1 Multiple Vulnerabilities (FREAK) CVE-2015-1061 CVE-2015-1062 CVE-2015-1067 12 Mar 2015 9.8 (v3) Critical Pass ManageEngine OpManager Detection 16 Feb 2015 None Pass Symantec Data Center Security Web Console Interface Detection 26 Feb 2015 None Pass Siemens SIMATIC S7-1200 PLC Firmware Detection 02 Mar 2015 None Pass ManageEngine Desktop Central Remote Security Bypass (Intrusive Check) CVE-2014-7862 25 Mar 2015 9.8 (v3) Critical Pass ManageEngine Desktop Central Remote Security Bypass CVE-2014-7862 25 Mar 2015 9.8 (v3) Critical Pass ManageEngine Desktop Central < 9 Build 90135 Unauthenticated Admin Password Reset CVE-2015-2560 31 Mar 2015 9.8 (v3) Critical Pass ClusterLabs Pacemaker PCS Daemon Detection 07 May 2015 None Pass Apple TV < 7.2 Multiple Vulnerabilities CVE-2015-1068 CVE-2015-1069 CVE-2015-1070 CVE-2015-1071 CVE-2015-1072 CVE-2015-1073 CVE-2015-1074 CVE-2015-1076 CVE-2015-1077 CVE-2015-1078 CVE-2015-1079 CVE-2015-1080 CVE-2015-1081 CVE-2015-1082 CVE-2015-1083 CVE-2015-1086 CVE-2015-1092 CVE-2015-1094 CVE-2015-1095 CVE-2015-1096 CVE-2015-1097 CVE-2015-1099 CVE-2015-1100 CVE-2015-1101 CVE-2015-1102 CVE-2015-1103 CVE-2015-1104 CVE-2015-1105 CVE-2015-1110 CVE-2015-1114 CVE-2015-1117 CVE-2015-1118 CVE-2015-1119 CVE-2015-1120 CVE-2015-1121 CVE-2015-1122 CVE-2015-1123 CVE-2015-112410 Apr 2015 9.8 (v3) Critical Pass Novell ZENworks Conﬁguration Management < 11.3.2 Remote Code Execution (intrusive check) CVE-2015-0779 08 May 2015 8.8 (v3) High Noise SSL Certiﬁcate Chain Contains Certiﬁcates Expiring Soon 08 May 2015 None Pass IBM Tivoli Storage Manager FastBack Server Detection 08 May 2015 None Pass Default Password (123456) for 'nexthink' Account CVE-1999-0502 01 Apr 2015 9.8 (v3) Critical Pass sobby Server Detection 29 Apr 2015 None Pass Gearman Server Detection 14 May 2015 None Pass Apache Tomcat 7.0.x < 7.0.60 Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-029319 May 2015 7.3 (v3) High Pass Cisco TelePresence IP VCR Detection 21 May 2015 None Pass Cisco TelePresence Server Detection 21 May 2015 None Pass eFront Detection 26 May 2015 None Pass Default Password (password) for 'emcupdate' Account CVE-1999-0502 CVE-2015-0529 22 May 2015 9.8 (v3) Critical Pass Cisco Ironport Security Appliance Authorized Key Vulnerability CVE-2015-4216 02 Jul 2015 7.2 (v3) High Pass HSTS Missing From HTTPS Server 02 Jul 2015 None Pass PostgreSQL < 8.0.3 Multiple Vulnerabilities CVE-2005-1409 CVE-2005-1410 05 May 2005 6.5 (v2) Medium Pass Backported Security Patch Detection (PHP) 07 Jul 2015 None Pass Puppet Enterprise 3.x < 3.8.1 Multiple Vulnerabilities (Logjam) CVE-2014-3600 CVE-2014-3612 CVE-2014-8110 CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-400023 Jul 2015 9.8 (v3) Critical Pass IBM DB2 Content Manager eClient Detection 23 Sep 2013 None Pass Cisco Uniﬁed MeetingPlace Detection 23 Sep 2013 None Pass Cisco CUCM / CUPS Detection 24 Sep 2013 None Pass HP Network Automation Detection 24 Sep 2013 None Pass HP Onboard Administrator Detection 26 Sep 2013 None Pass HP Network Node Manager i (NNMi) Console Detection 26 Sep 2013 None 74

Pass Trend Micro ScanMail for Exchange Web Console Detection 05 Jun 2015 None Pass Alcatel OmniSwitch Default Credentials (ftp) 30 Sep 2013 9.1 (v3) Critical Pass RES Workspace Manager Agent Detection 03 Oct 2013 None Pass RES Workspace Manager Relay Server Detection 03 Oct 2013 None Pass FireEye Web MPS GUI Detection 03 Oct 2013 None Noise SSL Cipher Block Chaining Cipher Suites Supported 22 Oct 2013 None Pass SSH Algorithms and Languages Supported 28 Oct 2013 None Pass Cogent DataHub Tunnel/Mirror Service Detection 23 Oct 2013 None Pass Net Optics Director Web Detection 23 Oct 2013 None Pass McAfee Web Reporter Detection (remote check) 14 Oct 2013 None Pass Schneider Electric InduSoft Web Studio Arbitrary Script Execution CVE-2015-7374 05 Nov 2013 9.8 (v3) Critical Pass SuperMicro Device Uses Default SSH Host Key 19 Dec 2013 9.8 (v3) Critical Pass Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS CVE-2013-5211 02 Jan 2014 7.5 (v3) High Pass IBM DB2 9.7 < Fix Pack 9 Multiple Vulnerabilities CVE-2012-2190 CVE-2012-2191 CVE-2012-2203 CVE-2013-3475 CVE-2013-4033 CVE-2013-5466 CVE-2013-6717 18 Dec 2013 9.8 (v3) Critical Pass Oracle Portal Demo Organization Chart Detection 22 Nov 2013 None Pass ColdFusion Extended Support Version Detection 22 Jan 2014 None Pass Web Site Client Access Policy File Detection 11 Feb 2014 None Pass Certiﬁcate Revocation List Expiry 12 Feb 2014 None Pass Cisco TelePresence Video Communication Server (VCS) Detection 28 Jan 2014 None Pass SAProuter Detection 28 Jan 2014 None Pass Symantec Encryption Server Detection 14 Feb 2014 None Pass Cisco TelePresence System Detection 28 Jan 2014 None Pass NagiosQL Detection 26 Dec 2013 None Pass Synology DiskStation Manager (DSM) Detection 05 Feb 2014 None Pass Core FTP Server < 1.2 Build 508 lstrcpy Overﬂow Code Execution CVE-2014-1215 24 Feb 2014 7.8 (v3) High Pass Microsoft DNS Server Version Detection 03 Mar 2014 None Pass ZTE ZXV10 W300 Wireless Router Hard-coded Password CVE-2014-0329 05 Mar 2014 9.8 (v3) Critical Pass SFTP Supported 24 Feb 2014 None Pass Core FTP Server Detection 24 Feb 2014 None Pass Artifactory < 3.1.1.1 XStream Remote Code Execution CVE-2013-7285 12 Mar 2014 9.8 (v3) Critical Pass NAT-PMP Detection (local network) 20 Mar 2014 None Pass Default FTP Credentials (ntpupdate / ntpupdate) 25 Mar 2014 9.1 (v3) Critical Pass Default Password (ironport) for 'admin' Account CVE-1999-0502 02 Apr 2014 9.8 (v3) Critical Pass EMC RSA Authentication Manager Version 04 Apr 2014 None Pass SSH Static Key Accepted CVE-2012-1493 CVE-2013-3619 08 May 2014 9.8 (v3) Critical Pass HP LeftHand OS Management Protocol Detection 10 Apr 2014 None Pass EZPZ One Click Backup Plugin for WordPress 'cmd' Parameter Remote Command Execution CVE-2014-3114 20 May 2014 9.8 (v3) Critical Pass Participants Database Plugin for WordPress 'query' Parameter SQL Injection CVE-2014-3961 16 Jun 2014 10 (v3) Critical Pass nginx 1.5.10 SPDY Memory Corruption CVE-2014-0088 06 May 2014 5.6 (v3) Medium Pass Default Password (arkeia) for 'root' Account CVE-1999-0502 28 May 2014 9.8 (v3) Critical Pass HP OﬃceJet Printer Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 02 Jun 2014 7.5 (v3) High Pass Symantec Web Gateway < 5.2.1 Multiple Vulnerabilities (SYM14-010) CVE-2013-5017 CVE-2014-1650 CVE-2014-1651 CVE-2014-1652 19 Jun 2014 9.8 (v3) Critical Pass Default Password (f00b@r) for 'root' Account CVE-1999-0502 23 Jun 2014 9.8 (v3) Critical Pass OSSIM SOAP Service Detection 23 Jun 2014 None Pass AlienVault OSSIM 'av-centerd' set_ﬁle() Remote Code Execution CVE-2014-4151 25 Jun 2014 8.8 (v3) High Pass Tinc VPN Service Detection 26 Jun 2014 None Pass HylaFAX Installed 24 Jun 2014 None Pass Countertack Sentinel User Interface Detection 23 Jun 2014 None Pass Apache mod_wsgi < 4.2.4 Privilege Dropping Privilege Escalation CVE-2014-8583 14 Jul 2014 8.1 (v3) High Pass Cloudera Manager Detection 26 Jun 2014 None Pass WebTitan Default Credentials (ssh) 24 Jul 2014 9.8 (v3) Critical Pass Knot DNS Server Version Detection 25 Jul 2014 None Pass Default Password (default) for 'root' Account CVE-1999-0502 31 Jul 2014 9.8 (v3) Critical Pass Microsoft Exchange Client Access Server Information Disclosure 06 Aug 2014 7.5 (v3) High Pass Default Password (vmware) for 'root' Account CVE-1999-0502 04 Aug 2014 9.8 (v3) Critical Pass IBM GCM16 / GCM32 Global Console Manager KVM Switch Detection 05 Aug 2014 None Pass Halon Security Router Detection 11 Aug 2014 None Pass Atlassian Bamboo Detection 11 Aug 2014 None Pass Apache 2.2.x < 2.2.28 Multiple Vulnerabilities CVE-2013-5704 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 04 Sep 2014 7.3 (v3) High Pass ManageEngine EventLog Analyzer 02 Sep 2014 None Pass Postﬁx Policyd Protocol Detection 07 Oct 2014 None Pass GNU Bash Environment Variable Handling Code Injection via ProFTPD (Shellshock) CVE-2014-6271 CVE-2014-7169 30 Sep 2014 8.8 (v3) High Pass Creative Contact Form Component for Joomla! File Upload RCE CVE-2014-7969 24 Nov 2014 9.8 (v3) Critical Pass rsync Writeable Module Detection 14 Oct 2014 None Pass Hikit Backdoor Detection 14 Oct 2014 None Pass Cisco UCS Director Default Credentials (SSH) 31 Oct 2014 9.8 (v3) Critical Pass Cisco UCS Director Web UI Detection 31 Oct 2014 None Pass WaveMaker Studio Detection 19 Jul 2012 None Pass Eaton Network Shutdown Module Detection 20 Jul 2012 None Pass Cisco TelePresence Multipoint Switch Web Detection 27 Jul 2012 None Pass Appweb HTTP Server Version 02 Aug 2012 None Pass Cyberoam Admin Console Detection 07 Aug 2012 None Pass RabidHamster R4 Detection 09 Aug 2012 None Pass Apple Proﬁle Manager Detection 01 Mar 2012 None Pass Eucalyptus Walrus Detection 21 Aug 2012 None Pass Eucalyptus Cloud Controller Console Detection 21 Aug 2012 None Pass Oracle Integrated Lights Out Manager Web Detection 23 Aug 2012 None Pass Symantec Messaging Gateway Detection 07 Sep 2012 None Pass SquidClamav Detection 10 Sep 2012 None Pass EMC AutoStart ftAgent Detection 10 Aug 2012 None Pass Default Password (user) for 'user' Account CVE-1999-0502 19 Sep 2012 9.8 (v3) Critical Pass Apache 2.2.x < 2.2.23 Multiple Vulnerabilities CVE-2012-0883 CVE-2012-2687 14 Sep 2012 7 (v3) High Pass SolarWinds Orion Product Detection 17 Sep 2012 None Pass Cisco Prime Security Manager Web Detection 18 Sep 2012 None Pass HP Database Archiving Software Detection 19 Sep 2012 None Pass SAP Control SOAP Web Service Detection 25 Sep 2012 None Pass SAP Host Control SOAP Web Service Detection 25 Sep 2012 None Pass Advanced Message Queuing Protocol Detection STARTTLS Support 27 Sep 2012 None Pass OpenStack Glance Detection 27 Sep 2012 None Pass OpenStack Keystone Detection 27 Sep 2012 None Pass LogAnalyzer Detection 17 Sep 2012 None Pass WebPagetest Detection 18 Sep 2012 None Pass WordPress A Page Flip Book Plugin for WordPress 'pageﬂipbook_language' Parameter Arbitrary Code ExecutionCVE-2012-6652 03 Oct 2012 9.8 (v3) Critical Pass SSL Compression Methods Supported 16 Oct 2012 None Pass IPSEC Internet Key Exchange (IKE) Version 2 Detection 24 Oct 2012 None Pass Novell ZENworks Asset Management Detection 25 Oct 2012 None Noise TLS Next Protocols Supported 16 Oct 2012 None Pass WANem result.php pc Parameter Remote Command Execution 29 Oct 2012 8.8 (v3) High Pass ManageEngine OpStor Detection 01 Nov 2012 None Pass CoSoSys Endpoint Protector Detection 16 Nov 2012 None Pass WebYaST Web Client Detection 19 Nov 2012 None Pass Novell Sentinel Log Manager Web Detection 19 Nov 2012 None Pass Tectia SSH Server Authentication Bypass CVE-2012-5975 05 Dec 2012 9.8 (v3) Critical Pass ManageEngine Applications Manager Detection 05 Dec 2012 None Pass ManageEngine Security Manager Plus Detection 10 Dec 2012 None Pass Mutiny Detection 26 Oct 2012 None Pass freeFTPd / freeSSHd SFTP Authentication Bypass CVE-2012-6066 CVE-2012-6067 11 Dec 2012 7.3 (v3) High Pass Snare Agent Detection 24 Dec 2012 None Pass Nagios Core Detection 16 Jan 2013 None Pass ViArt Shop Detection 30 Jan 2013 None Pass HP Diagnostics Server Detection 05 Feb 2013 None Pass Hunt CCTV DVR.cfg Direct Request Information Disclosure CVE-2013-1391 06 Feb 2013 7.5 (v3) High 75

Pass Oracle Application Express (Apex) Detection 20 Feb 2013 None Pass Oracle Application Express (Apex) Administration Interface is Accessible 20 Feb 2013 None Pass Terminal Services Use SSL/TLS 22 Feb 2013 None Pass Buﬀalo LinkStation Detection 27 Feb 2013 None Pass Collector Component for Joomla! File Upload RCE 05 Feb 2013 9.8 (v3) Critical Pass Well-Known Ruby on Rails Secret Token Used on Remote Application 30 Jan 2013 5.8 (v2) Medium Pass HP LeftHand OS Console Discovery Detection 14 Feb 2013 None Pass Jenkins Detection 06 Mar 2013 None Pass Web Service Description Language File Detected 08 Mar 2013 None Pass Default Password (abc123) for 'root' Account CVE-1999-0502 05 Apr 2013 9.8 (v3) Critical Pass Novell ZENworks Mobile Management Detection 14 Mar 2013 None Pass Eye-Fi Helper Detection 26 Mar 2013 None Pass VNC Server Unencrypted Communication Detection 03 Apr 2013 None Pass Sophos Web Protection Detection 09 Apr 2013 None Pass IBM InfoSphere Data Replication Dashboard Detection 10 Apr 2013 None Pass Gallery Detection 02 Apr 2013 None Pass MongoDB Web Interface Detection 10 Apr 2013 None Pass Piwigo Detection 02 Apr 2013 None Pass mnoGoSearch Detection 10 Apr 2013 None Pass Novell Identity Manager Role Based Provisioning Module Detection 10 Apr 2013 None Pass Privoxy Detection 12 Apr 2013 None Pass Citrix Access Gateway Administrative Web Interface Detection 12 Apr 2013 None Pass Citrix Access Gateway User Web Interface Detection 12 Apr 2013 None Pass JBoss Web Services Endpoint Enumeration 23 Apr 2013 None Pass Puppet REST API Detection 26 Apr 2013 None Pass Puppet Enterprise Console Detection 26 Apr 2013 None Pass Cerb Detection 02 Apr 2013 None Pass Puppet Enterprise Console Authentication Bypass (intrusive check) CVE-2013-2716 26 Apr 2013 8.8 (v3) High Pass IBM Endpoint Manager Web Server Detection 30 Apr 2013 None Pass RDP Screenshot 22 Apr 2013 None Pass McAfee ePolicy Orchestrator Application Server Detection 04 May 2013 None Pass Lexmark Markvision Enterprise Detection 06 May 2013 None Pass Adobe ColdFusion Authentication Bypass (APSB13-13) (intrusive check) CVE-2013-1389 14 May 2013 8.8 (v3) High Pass Nagios NRPE Plugin Detect 09 May 2013 None Pass Junos Space WebUI Detection 31 May 2013 None Pass Sybase EAServer Detect 27 Jun 2013 None Pass GroundWork Monitor Enterprise Detection 28 Jun 2013 None Pass Hazelcast Wire Protocol Detection 28 Jun 2013 None Pass Hazelcast Memcached Interface Detection 28 Jun 2013 None Pass Hazelcast REST Interface Detection 28 Jun 2013 None Pass Invision Power Board < 2.0.4 Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1597 CVE-2005-1598 09 May 2005 7.5 (v2) High Pass ModSecurity Version 02 Jul 2013 None Pass Web mirroring stub 04 May 2001 None Pass IBM Blade Center Advanced Management Console Detection 16 Jul 2013 None Pass Apache 2.0.x < 2.0.65 Multiple Vulnerabilities CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862 16 Jul 2013 9.1 (v3) Critical Pass Oracle 10g DBMS_SCHEDULER Privilege Escalation CVE-2005-1496 09 May 2005 6 (v2) Medium Pass Oracle Database 9i/10g Fine Grained Auditing (FGA) SELECT Statement Logging Weakness CVE-2005-1495 09 May 2005 2.6 (v2) Low Pass VLC Web Interface Detection 23 Jul 2013 None Pass Hiawatha Detection 24 Jul 2013 None Pass Cisco TelePresence Multipoint Control Unit Detection 24 Jul 2013 None Pass Cisco Prime Network / Wireless Control System Health Monitor Detection 25 Jul 2013 None Pass Cisco ONS Detection 25 Jul 2013 None Pass Cisco Email Security Appliance Web Detection 26 Jul 2013 None Pass Cisco Web Security Appliance Web Detection 26 Jul 2013 None Pass OS Identiﬁcation : NETCONF Over SSH 01 Aug 2013 None Pass Juniper NSM GUI Server Detection 13 Sep 2013 None Pass HP ArcSight Logger HTTP Detection 27 Aug 2013 None Pass SSL Certiﬁcate Chain Contains RSA Keys Less Than 2048 bits 03 Sep 2013 None Pass Cisco Video Surveillance Manager Web Detection 12 Sep 2013 None Pass Juniper NSM Web Proxy Detection 13 Sep 2013 None Pass Juniper NSM Web Proxy SOAP Interface Detection 13 Sep 2013 None Pass Cisco Uniﬁed Computing System (UCS) Manager Version 17 Sep 2013 None Pass PHP 5.5.x < 5.5.3 Multiple Vulnerabilities CVE-2011-4718 CVE-2013-4248 21 Aug 2013 7.3 (v3) High Pass ICAP Server Type and Version 17 Sep 2013 None Pass Blue Coat ProxyAV Detection 17 Sep 2013 None Pass Management Center for Cisco Security Agents Detection 18 Sep 2013 None Pass Default Password (cliuser) for 'cliuser' Account CVE-1999-0502 17 Sep 2013 9.8 (v3) Critical Pass Atlassian Crucible for Windows < 4.4.6, 4.5.x < 4.5.3 Remote Code Execution Vulnerability CVE-2018-5223 04 Apr 2019 7.2 (v3) High Pass Apache Hadoop MapReduce JobTracker Web Detection 22 Oct 2010 None Pass Super Simple Blog Script Detection 20 Oct 2010 None Pass Moxa Device Manager Gateway Detection 22 Oct 2010 None Pass Apache Hadoop MapReduce TaskTracker Web Interface 22 Oct 2010 None Pass Apache Hadoop HDFS NameNode Web Detection 22 Oct 2010 None Pass Apache Hadoop HDFS DataNode Web Detection 22 Oct 2010 None Pass HTTP Origin Response Header Usage 26 Oct 2010 None Noise Missing or Permissive Content-Security-Policy frame-ancestors HTTP Response Header 26 Oct 2010 None Pass Default Password (patrol) for 'patrol' Account CVE-1999-0502 31 Oct 2010 9.8 (v3) Critical Noise Missing or Permissive X-Frame-Options HTTP Response Header 26 Oct 2010 None Pass CGI Generic Fragile Parameters Detection (potential) 30 Oct 2010 None Pass Sawmill Detection 01 Nov 2010 None Pass Web Common Credentials 06 Nov 2010 9.8 (v3) Critical Pass FreeNAS Web Detection 08 Nov 2010 None Pass Novatel MiFi Detection 08 Nov 2010 None Pass Atlassian FishEye Detection 02 Nov 2010 None Pass HP Systems Insight Control Detection 10 Nov 2010 None Pass HP Systems Insight Dynamics Detection 10 Nov 2010 None Pass NetSupport Manager Gateway Detection 10 Nov 2010 None Pass Ricoh Printer Detection 12 Nov 2010 None Pass BitTorrent / uTorrent Detection 22 Nov 2010 None Pass Adobe Flash Media Server Version Detection 24 Nov 2010 None Pass Pandora FMS Console Detection 01 Dec 2010 None Pass OpenSSL Detection 30 Nov 2010 None Pass Vuze Detection 02 Dec 2010 None Pass OS Identiﬁcation : SSL Certiﬁcates 10 Nov 2010 None Pass ProFTPD Compromised Source Packages Trojaned Distribution 06 Dec 2010 8.8 (v3) High Pass Vuze Media Server Detection 07 Dec 2010 None Pass Web Server Uses Basic Authentication over HTTPS 08 Dec 2010 None Pass IceWarp Webmail Detection 09 Dec 2010 None Pass Openﬁre Admin Console Detection 13 Dec 2010 None Pass Dell Integrated Remote Access Controller (iDRAC) Detection 15 Dec 2010 None Pass Openﬁler Management Interface Detection 12 Jan 2011 None Pass DiskPulse Server Detection 09 Dec 2010 None Pass Siteﬁnity CMS Detection 10 Dec 2010 None Pass PhpGedView Detection 12 Jan 2011 None Pass Microsoft Oﬃce Document Conversions Load Balancer Detection 01 Feb 2011 None Pass Micro Focus Enterprise Administration Server Detection 01 Feb 2011 None Pass HP OpenView Performance Insight Server Detection 02 Feb 2011 None Pass OS Identiﬁcation : SNMP hrSWInstalledName 03 Feb 2011 None Pass PRTG Network Monitor Detection 04 Feb 2011 None Pass Microsoft Oﬃce Document Conversions Launcher Detection 01 Feb 2011 None Pass Telnet Service START_TLS Support 07 Feb 2011 None Pass SSL Session Resume Supported 07 Feb 2011 None 76

Pass Apache CouchDB Detection 09 Feb 2011 None Pass F-Secure Internet Gatekeeper Web Console Detection 18 Feb 2011 None Pass Aeonian Dreams Detection 01 Mar 2011 None Pass Blacklisted SSL Certiﬁcate 24 Mar 2011 None Pass Restricted Web Pages Detection 25 Mar 2011 None Pass HP Client Automation Web Console Detection 25 Mar 2011 None Pass MySQL Eventum Detection 22 Feb 2011 None Pass Symantec LiveUpdate Administrator Web Detection 29 Mar 2011 None Pass ActiveFax Server Detection 07 Apr 2011 None Pass OS Identiﬁcation : Apple Filing Protocol 08 Apr 2011 None Pass RPC portmapper (TCP) 08 Apr 2011 None Pass SSL Server Accepts Weak Diﬃe-Hellman Keys 11 Apr 2011 None Pass OS Identiﬁcation : HNAP 18 Apr 2011 None Pass Dell KACE K2000 Web Detection 19 Apr 2011 None Pass Link-Local Multicast Name Resolution (LLMNR) Detection 21 Apr 2011 None Pass Oracle BI Publisher Enterprise Detection 01 Apr 2011 None Pass Movicon TcpUploadServer Detection 25 Mar 2011 None Pass Plone Detection 25 Apr 2011 None Pass HP SiteScope Detection 02 May 2011 None Pass SMTP Authentication Methods 19 May 2011 None Pass Anonymous SMTP Authentication Enabled 19 May 2011 None Pass Sybase M-Business Anywhere (AvantGo) SOAP Server Detection 23 May 2011 None Pass WINS Server Detection 24 May 2011 None Pass Atlassian Conﬂuence Wiki Detection 28 Apr 2011 None Pass RSA Operations Console Detection 05 Jul 2011 None Pass RSA Security Console Detection 05 Jul 2011 None Pass RSA Self-Service Console Detection 05 Jul 2011 None Pass Adobe ColdFusion Remote Development Services 05 Jul 2011 None Pass Apache Archiva Detection 05 Jun 2011 None Pass vsftpd Smiley Face Backdoor 06 Jul 2011 8.8 (v3) High Pass ManageEngine ServiceDesk Plus Detection 28 Jun 2011 None Pass Symantec Web Gateway Detection 20 Jul 2011 None Pass Computer Associates ARCserve D2D Detection 28 Jul 2011 None Pass Microsoft Remote Desktop Web Access Detection 09 Aug 2011 None Pass Remote Authentication Message Check 18 Aug 2011 None Pass Sitecore CMS / Experience Platform (XP) Web Detection 25 Aug 2011 None Pass Oracle GlassFish Server Administration Console 16 Aug 2011 None Pass Oracle GlassFish HTTP Server Version 16 Aug 2011 None Pass Solstice Enterprise Agent SNMP (snmpdx) Detection 30 Aug 2011 None Pass HP Client Automation Satellite Web Console Detection 12 Sep 2011 None Pass OpenVPN Server Detection 29 Aug 2011 None Pass OpenAdmin Tool Detection 13 Sep 2011 None Pass Microsoft Host Integration Server Detection 25 Oct 2011 None Pass SSL Certiﬁcate Chain Not Sorted 12 Oct 2011 None Pass SSL Certiﬁcate Chain Contains Unnecessary Certiﬁcates 12 Oct 2011 None Pass Cisco Uniﬁed Operations Manager Detection 13 Oct 2011 None Pass ManageEngine ADSelfService Plus Detection 14 Oct 2011 None Pass Dropbox Software Detection (listener) 02 Nov 2011 None Pass SonicWALL ViewPoint Server Detection 26 Oct 2011 None Pass Greenbone Security Assistant detection 02 Dec 2011 None Pass Metasploit HTTP Server detection 02 Dec 2011 None Pass Nexpose HTTP Server Detection 02 Dec 2011 None Pass Bitcoin Detection 14 Sep 2011 None Pass VMware vCenter Update Manager Detection 28 Nov 2011 None Noise SSL / TLS Versions Supported 01 Dec 2011 None Pass JSPWiki Edit.jsp editor Parameter Traversal Local File Inclusion CVE-2008-1231 16 Dec 2011 9.8 (v3) Critical Pass Oracle WebLogic Detection (Combined) 30 Nov 2011 None Pass IBM WebSphere Application Server Detection 06 Dec 2011 None Noise SSL Perfect Forward Secrecy Cipher Suites Supported 07 Dec 2011 None Pass OpenSSL Version Detection 16 Dec 2011 None Pass NNTP Authentication Methods 19 Dec 2011 None Pass Anonymous NNTP Authentication Enabled 19 Dec 2011 None Pass VMware vSphere Detect 23 Dec 2011 None Pass OpenVAS Scanner Detection 02 Dec 2011 None Pass SAP Dynamic Information and Action Gateway Detection 30 Nov 2011 None Pass Apple iOS Lockdown Detection 09 Jan 2012 None Pass op5 Monitor Detection 17 Jan 2012 None Pass HP Managed Printing Administration Detection 26 Jan 2012 None Pass Symantec Endpoint Protection Manager Detection 01 Feb 2012 None Pass CodeMeter WebAdmin Detection 02 Feb 2012 None Pass IBM iSeries Credentials 08 Feb 2012 None Pass Backported Security Patch Detection (SMTP) 13 Feb 2012 None Pass Service Detection : SMTP Server on a Well-Known Port 13 Feb 2012 None Pass SSL Certiﬁcate Chain Analysis 17 Jan 2012 None Pass LDAP 'Domain Admins' Group Membership Enumeration 20 Feb 2012 None Pass OS Identiﬁcation : LDAP 21 Feb 2012 None Pass BJNP Detection 28 Feb 2012 None Pass SimpleSAMLphp Detection 23 Jan 2012 None Pass Kayako SupportSuite Detection 16 Feb 2012 None Pass Check Point SecuRemote Hostname Information Disclosure 21 Mar 2012 None Pass ManageEngine DeviceExpert Detection 22 Mar 2012 None Pass Novell ZENworks Control Center Detection 23 Mar 2012 None Pass HP Data Protector DPNECentral Web Service Detection 29 Mar 2012 None Pass McAfee WebShield Web UI Detection 03 Apr 2012 None Pass at32 Reverse Proxy Detection 05 Apr 2012 None Pass OS Identiﬁcation : NativeLanManager 05 Apr 2012 None Pass Lenovo ThinkManagement Console Detection 10 Apr 2012 None Pass SSL Resume With Diﬀerent Cipher Issue 17 Apr 2012 None Pass WebGlimpse Detection 21 Mar 2012 None Pass Dolibarr Detection 13 Apr 2012 None Pass Citrix XenServer vSwitch Controller Detection 20 Apr 2012 None Pass Scrutinizer NetFlow & sFlow Analyzer Detection 04 May 2012 None Pass SolarWinds Storage Manager Detection 16 May 2012 None Pass Symantec Web Gateway ipchange.php Shell Command Injection (SYM12-006) (intrusive check) CVE-2012-0297 21 May 2012 8.8 (v3) High Pass Symantec Web Gateway upload_ﬁle() Remote Code Execution (SYM12-006) (intrusive check) CVE-2012-0299 21 May 2012 8.8 (v3) High Pass PacketVideo TwonkyServer Detection 23 May 2012 None Pass IBM Tivoli Directory Server Web Administration Tool Detection 20 Apr 2012 None Pass Atlassian Crucible Detection 01 Jun 2012 None Pass CGIProxy Detection 23 Apr 2012 None Pass Liferay Portal Detection 22 May 2012 None Pass Cobbler Admin Interface Detection 07 Jun 2012 None Pass Cobbler Linux Installation Server Detection 07 Jun 2012 None Pass Citrix Provisioning Services Unspeciﬁed Request Parsing Remote Code Execution (CTX133039) (uncredentialed check)CVE-2012-4068 13 Jun 2012 9.8 (v3) Critical Pass F5 Multiple Products Root Authentication Bypass CVE-2012-1493 13 Jun 2012 9.8 (v3) Critical Pass Network UPS Tools Detection 22 Jun 2012 None Pass Network UPS Tools Service STARTTLS Command Support 22 Jun 2012 None Pass Globus Toolkit GridFTP Server Detection 27 Jun 2012 None Pass Quagga Zebra Detection 29 Jun 2012 None Pass Symantec Message Filter Management Interface Detection 03 Jul 2012 None Pass Check_MK Agent Detection 03 Jul 2012 None Pass MailEnable WebMail Detection 19 Jun 2012 None Pass Elgg Detection 22 Jun 2012 None 77

Pass WellinTech KingView History Server Detection 05 Jun 2012 None Pass MikroTik RouterOS Winbox Detection 27 Jun 2012 None Pass Wyse Device Manager Default FTP Account 20 Jul 2009 9.8 (v3) Critical Pass Web Server Detection (HTTP/1.1) 28 Jul 2009 None Pass SNMP Supported Protocols Detection 31 Jul 2009 None Pass WP-Syntax Plugin for WordPress 'apply_ﬁlters' function Command Execution CVE-2009-2852 14 Aug 2009 8.8 (v3) High Pass Protected Web Page Detection 21 Aug 2009 None Pass Web Application Potentially Sensitive CGI Parameter Detection 25 Aug 2009 None Pass Snitz Forums 2000 Detection 03 Aug 2009 None Pass Citrix Licensing Service Detection 04 Sep 2009 None Pass Web Server Allows Password Auto-Completion 07 Oct 2009 None Pass ACAP Service STARTTLS Command Support 09 Oct 2009 None Pass IMAP Service STARTTLS Command Support 09 Oct 2009 None Pass Dopewars Server Detection 07 Oct 2009 None Pass NNTP Service STARTTLS Command Support 09 Oct 2009 None Pass POP3 Service STLS Command Support 09 Oct 2009 None Pass SMTP Service STARTTLS Command Support 09 Oct 2009 None Pass XMPP Service STARTTLS Command Support 09 Oct 2009 None Pass Drupal SA-CONTRIB-2009-080: Simplenews Statistics Open Redirect CVE-2009-3784 24 Oct 2009 7.1 (v3) High Pass NFS Server Superﬂuous CVE-1999-0548 26 Oct 2009 None Info Pass NFS Shares World Readable 26 Oct 2009 7.5 (v3) High Pass AlienVault OSSIM Web Front End Detection 02 Nov 2009 None Pass Windows NetBIOS Remote Host Information Disclosure 06 Nov 2009 None Pass Adobe ColdFusion Detection 02 Nov 2009 None Pass Microsoft Windows NTLMSSP Authentication Request Remote Network Name Disclosure 06 Nov 2009 None Pass CISCO ASA SSL VPN Detection 12 Nov 2009 None Pass HP Power Manager Detection 13 Nov 2009 None Pass Lotus Domino Console Detection 16 Nov 2009 None Pass osCommerce Detection 03 Nov 2009 None Noise Strict Transport Security (STS) Detection 16 Nov 2009 None Pass Non-compliant Strict Transport Security (STS) 16 Nov 2009 None Pass BuildBot WebStatus Detection 03 Nov 2009 None Pass Apple TV Detection 16 Nov 2009 None Pass SSL Medium Strength Cipher Suites Supported (SWEET32) CVE-2016-2183 23 Nov 2009 7.5 (v3) High Pass SqueezeCenter Discovery Service Detection 30 Nov 2009 None Pass SSL Certiﬁcate Expiry - Future Validity 02 Dec 2009 None Noise SSL Certiﬁcate Expiry - Future Expiry 02 Dec 2009 None Pass Web Application Tests Disabled 09 Dec 2009 None Pass SNMP Query WLAN SSID (Cisco) 10 Dec 2009 None Pass Squeezebox Server CLI Detection 30 Nov 2009 None Pass Unisys Business Information Server Detection 18 Nov 2009 None Pass GForge Detection 01 Dec 2009 None Pass phpShop Detection 14 Dec 2009 None Pass Altiris Deployment Solution Server DB Manager Detection 08 Jan 2010 None Pass NetBIOS Multiple IP Address Enumeration 06 Jan 2010 None Pass Kerberos Information Disclosure 08 Jan 2010 None Pass Oracle WebLogic Server Node Manager Remote Command Execution CVE-2010-0073 26 Jan 2010 8.8 (v3) High Pass HNAP Detection 26 Jan 2010 None Pass D-Link Router Detection 26 Jan 2010 None Pass Oracle WebLogic Server Node Manager Detection 26 Jan 2010 None Pass OpenX Source Detection 12 Jan 2010 None Pass TYPO3 Detection 22 Jan 2010 None Pass X-format Communications Protocol (XCP) Detection 28 Jan 2010 None Pass SAP BusinessObjects Detection 01 Feb 2010 None Pass OS Identiﬁcation : SNMP sysObjectID 01 Feb 2010 None Pass Linksys Router Detection 04 Feb 2010 None Pass IBM Tivoli Monitoring Service Console Detection 04 Feb 2010 None Pass VMware Host Agent Web Detection 17 Feb 2010 None Pass SilverStripe CMS Detection 28 Jan 2010 None Pass Do not scan printers (AppSocket) 26 Feb 2010 None Pass HTTP Session Cookies 04 Mar 2010 None Pass SNMP Query Airport Version 10 Mar 2010 None Pass Remote Help Detection 24 Mar 2010 None Pass eScan MWAdmin Interface Detection 25 Mar 2010 None Pass IBM Remote Supervisor Adapter Detection (HTTP) 26 Mar 2010 None Pass Hyperic HQ Web GUI Detection 26 Mar 2010 None Pass AFP Server Share Enumeration (guest) 30 Mar 2010 None Pass ICMP Node Information Query Information Disclosure 01 Apr 2010 None Pass SSL Certiﬁcate 'commonName' Mismatch 03 Apr 2010 None Pass Mac OS X Server Web Services Version Detection 08 Apr 2010 None Pass LDAP Group Enumeration 09 Apr 2010 None Pass LDAP User Enumeration 09 Apr 2010 None Pass AjaXplorer Detection 12 Apr 2010 None Pass TaskFreak! Detection 04 May 2010 None Pass Apache ActiveMQ Detection 16 Apr 2010 None Pass STUN Detection 20 Apr 2010 None Pass Hyper Text Caching Protocol (HTCP) Detection 23 Apr 2010 None Pass Internet Cache Protocol (ICP) Version 2 Detection 23 Apr 2010 None Pass Windows Media Service Server Detection 27 Apr 2010 None Noise Additional DNS Hostnames 29 Apr 2010 None Pass Tembria Server Monitor Detection 30 Apr 2010 None Pass Inconsistent Hostname and IP Address 03 May 2010 None Pass MODx CMS Detection 29 Apr 2010 None Pass Lexmark Printer Detection 11 May 2010 None Pass ManageEngine ADManager Plus Detection 02 Jun 2010 None Pass ManageEngine ADAudit Plus Detection 02 Jun 2010 None Pass Beanstalkd Detection 14 Jun 2010 None Pass PRTG Traﬃc Grapher Detection 10 Jun 2010 None Pass Magnoware DataTrack System Detection 11 Jun 2010 None Pass Campsite Detection 05 May 2010 None Pass Apache Axis2 Detection 27 May 2010 None Pass Host Fully Qualiﬁed Domain Name (FQDN) Resolution (XML tag) 14 Jul 2011 None Pass D-link Click 'n Connect Daemon Detection 06 Jul 2010 None Pass Novell Teaming Detection 20 Jul 2010 None Pass Symphony Detection 07 Jun 2010 None Pass Simple Machines Forum Detection 28 Jun 2010 None Pass FireStats Detection 16 Jul 2010 None Pass CGI Generic Injectable Parameter 26 Jul 2010 None Pass Apache HTTP Server Version 30 Jul 2010 None Pass Oracle Business Process Management Detection 16 Aug 2010 None Pass IBM Tivoli Management Framework Endpoint Web Detection 18 Aug 2010 None Pass PHP Version Detection 04 Aug 2010 None Pass Syncrify Detection 23 Sep 2010 None Pass Squid Proxy Version Detection 28 Sep 2010 None Pass Apple Remote Events Service Detection 07 Oct 2010 None Pass Web Server Harvested Email Addresses 04 Oct 2010 None Pass MapServer Detection 27 Jul 2010 None Pass phpwcms Detection 30 Jul 2010 None Pass Barracuda Spam & Virus Firewall Console Management Detection 04 Oct 2010 None Pass Nagios XI / Fusion Detection 06 Oct 2010 None Pass FreePBX Detection 18 Oct 2010 None Pass BitDefender Update Server Detection 21 Jan 2008 None 78

Pass Coppermine imageObjectIM.class.php Command Execution Vulnerabilities CVE-2008-0506 31 Jan 2008 8.8 (v3) High Pass XOT Detection 29 Jan 2008 None Pass LPD Detection 08 Feb 2008 None Pass netsaint-statd Daemon Detection 06 Oct 2010 None Pass F5 BIG-IP Web Management Interface Detection 11 Feb 2008 None Pass MikroTik RouterOS Detection 11 Feb 2008 None Pass RTMP Server Detection 15 Feb 2008 None Pass Sniplets Plugin for WordPress execute.php 'text' Parameter Arbitrary Command Execution CVE-2008-1060 26 Feb 2008 8.8 (v3) High Pass KiSS PC-Link Server Detection (UDP) 14 Mar 2008 None Pass Acronis Agent Detection (UDP) 25 Mar 2008 None Pass DNS Sender Policy Framework (SPF) Enabled 26 Mar 2008 None Pass SSL Anonymous Cipher Suites Supported CVE-2007-1858 28 Mar 2008 5.9 (v3) Medium Pass SQL Anywhere Broadcast Repeater Detection 01 Apr 2008 None Pass Symantec Storage Foundation Scheduler Service Detection 15 Apr 2008 None Pass MobiLink Server Detection 01 Apr 2008 None Pass FTP Server Any Command Accepted (possible backdoor/proxy) 19 May 2008 None Pass FTP Server No Command Accepted (possible backdoor/proxy) 19 May 2008 None Pass FTP Server Bad Command Sequence Accepted (possible backdoor/proxy) 19 May 2008 None Pass MDAP Service Detection 22 May 2008 None Pass File Transfer (P2P) Detection 26 Mar 2008 None Pass Sympa Detection 01 Apr 2008 None Pass WS-Management Server Detection 11 Jun 2008 None Pass Owner Free File System Client Detection 20 Jun 2008 None Pass CA Secure Content Manager HTTP Gateway Service Detection 11 Jun 2008 None Pass Microsoft Dynamics GP Distributed Process Manager Detection 02 Jul 2008 None Pass Sun Java System ASP Server < 4.0.3 Multiple Vulnerabilities CVE-2008-2405 CVE-2008-2406 08 Jul 2008 8.8 (v3) High Pass Multiple Vendor DNS Query ID Field Prediction Cache Poisoning CVE-2008-1447 09 Jul 2008 9.1 (v3) Critical Pass LANDesk Remote Control Service Detection 29 Jul 2008 None Pass SNMP Query Routing Information Disclosure 21 Aug 2008 None Pass PowerDNS Version Detection 25 Aug 2008 None Pass .NET NegotiateStream Server Detection 15 Jul 2008 None Pass Openlink Virtuoso Server Detection 25 Jul 2008 None Pass LANDesk QIP Server Detection 17 Sep 2008 None Pass IRC Bouncer (BNC) Detection 17 Sep 2008 None Pass LogMeIn Agent Detection 23 Sep 2008 None Pass Default Password (bank) for 'bank' Account CVE-1999-0502 04 Sep 2008 9.8 (v3) Critical Pass Default Password (trans) for 'trans' Account CVE-1999-0502 04 Sep 2008 9.8 (v3) Critical Pass Kyocera Mita Scanner File Utility Detection 09 Sep 2008 None Pass Simple PHP Blog Detection 08 Sep 2008 None Pass ASG-Sentry SNMP Agent Detection 14 Oct 2008 None Pass phpScheduleIt reserve.php start_date Parameter Arbitrary Command Injection CVE-2008-6132 03 Oct 2008 8.8 (v3) High Pass Blue Coat Reporter Detection 03 Oct 2008 None Pass Broken Web Server Detection 22 Oct 2008 None Pass phpScheduleIt Detection 03 Oct 2008 None Pass Apache Struts 2 < 2.0.12 / 2.1.3 Dispatcher Directory Traversal CVE-2008-6505 24 Nov 2008 7.5 (v3) High Pass SNMP Protocol Version Detection 06 Jan 2009 None Pass HDHomeRun Discovery Service Detection 13 Jan 2009 None Pass DNS Server hostname.bind Map Hostname Disclosure 15 Jan 2009 None Pass SSL Service Requests Client Certiﬁcate 06 Jan 2009 None Pass CA Unicenter Cron Scheduler Detection 08 Jan 2009 None Pass DNS Server DNSSEC Aware Resolver 15 Jan 2009 None Pass Scan for UPnP hosts (multicast) 19 Feb 2009 None Pass DNS Server Spoofed Request Ampliﬁcation DDoS CVE-2006-0987 22 Jan 2009 7.5 (v3) High Pass GigaTribe Detection 28 Jan 2009 None Pass OS Identiﬁcation : FTP 12 Feb 2009 None Pass UPnP Internet Gateway Device (IGD) External IP Address Reachable 19 Feb 2009 None Pass Web Server UPnP Detection 19 Feb 2009 None Pass TeamSpeak Server Administration Detection 20 Feb 2009 None Pass OS Identiﬁcation : HTML 05 Mar 2009 None Pass Thecus NAS Device Detection 10 Mar 2009 None Pass EMC RepliStor Detection 26 Jan 2009 None Pass Zabbix Web Interface Detection 07 Mar 2009 None Pass Fortify 360 Web Interface Detection 24 Apr 2009 None Pass FogBugz Interface Detection 24 Apr 2009 None Pass Microsoft SharePoint Server Detection 27 Apr 2009 None Pass pam_ssh Login Prompt Remote Username Enumeration CVE-2009-1273 28 Apr 2009 9.4 (v3) Critical Pass A-A-S Application Access Server Detection 14 May 2009 None Pass Samhain Server (yule) Detection 17 Mar 2009 None Pass HP LaserJet Printer Detection 10 Apr 2009 None Pass Open Virtual Desktop Detection 14 May 2009 None Pass AWStats Detection 20 Mar 2009 None Pass Geeklog Detection 13 Apr 2009 None Pass Atmail Webmail / AtmailOpen Webmail Detection 30 Apr 2009 None Pass NSD version Directive Remote Version Disclosure 21 May 2009 None Pass Vulture Reverse Proxy Detection 08 Jun 2009 None Pass ClamAV Version Detection 17 Jun 2009 None Pass Apache Tomcat Detection 18 Jun 2009 None Pass HTTP Server Cookies Set 19 Jun 2009 None Pass Backported Security Patch Detection (FTP) 25 Jun 2009 None Pass Backported Security Patch Detection (SSH) 25 Jun 2009 None Pass Backported Security Patch Detection (WWW) 25 Jun 2009 None Pass TinyWebGallery lang Parameter Local File Inclusion CVE-2009-1911 26 May 2009 8.8 (v3) High Pass SquirrelMail map_yp_alias Username Mapping Alias Arbitrary Code Execution CVE-2009-1579 15 May 2009 8.8 (v3) High Pass Zen Cart Detection 24 Jun 2009 None Pass Movable Type Detection 26 Jun 2009 None Pass HP DDMI on Windows Unspeciﬁed Remote Agent Access CVE-2009-1419 06 Jul 2009 8.8 (v3) High Pass Adobe ColdFusion FCKeditor 'CurrentFolder' File Upload CVE-2009-2265 14 Jul 2009 8.8 (v3) High Pass Symantec pcAnywhere Status Service Detection (UDP) 12 Dec 1999 None Pass Identd Service Detection 22 Jun 1999 None Pass DNS Server BIND version Directive Remote Version Detection 12 Oct 1999 None Pass Daytime Service Detection 22 Jun 1999 None Pass WU-FTPD SITE EXEC Arbitrary Local Command Execution CVE-1999-0080 CVE-1999-0955 22 Jun 1999 8.1 (v3) High Pass rsh NULL Login Remote Privilege Escalation CVE-1999-0180 25 Jul 2002 8.8 (v3) High Noise HTTP Server Type and Version 04 Jan 2000 None Pass ICMP Netmask Request Information Disclosure CVE-1999-0524 29 Jul 1999 None Info Pass ICMP Timestamp Request Remote Date Disclosure CVE-1999-0524 01 Aug 1999 None Info Pass LinuxConf Detection 03 Mar 2000 None Pass Windows NetBIOS / SMB Remote Host Information Disclosure 12 Oct 1999 None Pass NIS Server Detection 30 Aug 1999 None Pass NNTP Server Detection 12 Oct 1999 None Pass rlogin -froot Remote Root Access CVE-1999-0113 26 Aug 2002 8.8 (v3) High Pass Windows NT FTP 'guest' Account Present CVE-1999-0546 22 Jun 1999 9.8 (v3) Critical Pass POP Server Detection 12 Oct 1999 None Pass HTTP Proxy CONNECT Request Relaying 22 Jun 1999 None Pass Microsoft SQL Server TCP/IP Listener Detection 12 Oct 1999 None Pass Nessus Server Detection 12 Oct 1999 None Pass HTTP Proxy POST Request Relaying 22 Jun 1999 5.3 (v3) Medium Pass HTTP Proxy Open Relay Detection 22 Jun 1999 None Pass HP Remote Watch showdisk Remote Privilege Escalation CVE-1999-0246 31 Aug 1999 8.8 (v3) High Pass RPC portmapper Service Detection CVE-1999-0632 19 Aug 1999 None Info Pass rquotad Service Detection CVE-1999-0625 19 Aug 1999 None Info Pass RPC rstatd Service Detection CVE-1999-0624 19 Aug 1999 None Info 79

Pass MTA Open Mail Relaying Allowed CVE-1999-0512 CVE-2002-1278 CVE-2003-0285 22 Jun 1999 7.5 (v3) High Pass SMTP Server Detection 12 Oct 1999 None Pass Telnet Service Detection 22 Aug 1999 None Pass Microsoft Windows SMB Shares Access 09 May 2000 None Noise Traceroute Information 27 Nov 1999 None Noise Web Server robots.txt Information Disclosure 12 Oct 1999 None Pass VNC Software Detection 07 Mar 2000 None Noise Web Server No 404 Error Code Check 28 Apr 2000 None Pass Microsoft Windows SMB Log In Possible 09 May 2000 None Pass CVSweb Detection 10 May 2000 None Pass NFS Share Export List 07 Jun 2000 None Pass AFS Client Version Detection 14 Jun 2000 None Pass TCP Scanner 04 Feb 2009 None Pass Microsoft IIS Dangerous Sample Files Detection 15 Apr 2000 None Pass WFTPD Unauthenticated MLST Command DoS CVE-2000-0647 03 Aug 2000 7.5 (v3) High Pass PFTP Default Unpassworded Account 10 Sep 2000 9.8 (v3) Critical Pass LCDproc Detection 22 Apr 2000 None Pass Microsoft Windows LAN Manager SNMP LanMan Services Disclosure CVE-1999-0499 10 Nov 2000 None Pass SNMP Request Network Interfaces Enumeration 13 Nov 2000 None Pass HTTP Protocol Version Detection 28 Dec 2000 None Pass PPTP Detection 28 Feb 2001 None Pass cﬁngerd Version Detection 16 Apr 2001 None Pass Oracle Database tnslsnr Service Remote Version Disclosure 01 May 2001 None Pass Microsoft SQL Server UDP Query Remote Version Disclosure 25 May 2001 None Pass Check Point FireWall-1 Telnet Client Authentication Detection 26 May 2001 None Pass Check Point FireWall-1 HTTP Client Authentication Detection 26 May 2001 None Pass Microsoft Windows SMB NativeLanManager Remote System Information Disclosure 17 Oct 2001 None Pass ISC BIND 9.x AUTHORS Map Remote Version Disclosure 23 Aug 2001 None Pass VisualRoute Web Server Detection 29 Aug 2001 None Pass HP System Management Homepage Detection 29 Aug 2001 None Pass Webmin Detection 14 Sep 2001 None Pass VNC HTTP Server Detection 14 Sep 2001 None Pass COM+ Internet Services (CIS) Server Detection 14 Sep 2001 None Pass RTSP Server Type / Version Detection 14 Sep 2001 None Pass HTTP RPC Endpoint Mapper (http-rpc-epmap) Detection 14 Sep 2001 None Pass healthd Detection 23 Aug 2001 None Pass LaBrea Tarpitted Host Detection 06 Nov 2001 None Pass SNMP Query System Information Disclosure 06 Nov 2001 None Pass Symantec pcAnywhere Detection (TCP) 29 Oct 2001 None Pass Network Time Protocol (NTP) Server Detection 20 Mar 2015 None Pass Open Port Re-check 19 Mar 2002 None Pass Citrix Server Detection 20 Apr 2002 None Pass DNS Server Detection 13 Feb 2003 None Pass Sendmail RestrictQueueRun Option Debug Mode Information Disclosure CVE-2001-0715 18 Aug 2002 4 (v3) Medium Pass SNMP Request Cisco Router Information Disclosure 05 Jun 2002 None Pass RemotelyAnywhere WWW Detection 25 Mar 2002 None Pass Gnutella Servent Detection 30 Apr 2002 None Pass Windows Terminal Services Enabled 20 Apr 2002 None Pass Achievo class.atkdateattribute.js.php conﬁg_atkroot Parameter Remote File Inclusion CVE-2002-1435 22 Aug 2002 8.3 (v3) High Pass RPC Services Enumeration 24 Aug 2002 None Pass Web Server UDDI Detection 09 Oct 2002 None Pass Web Server Crafted Request Vendor/Version Information Disclosure 19 Feb 2003 None Pass HTTP Proxy Open gopher:// Request Relaying 02 Mar 2003 None Pass HP JetDirect Device SNMP Request Cleartext Admin Credential Disclosure CVE-2002-1048 04 Mar 2003 None Pass Sendmail < 8.7.6 Multiple Local Vulnerabilities CVE-1999-0131 11 Mar 2003 9.8 (v3) Critical Pass Discard Service Detection 12 Mar 2003 None Pass L2TP Network Server Detection 14 Mar 2003 None Pass rsync Service Detection 14 Mar 2003 None Pass Web Server Unconﬁgured - Default Install Page Present 20 Mar 2003 None Pass E-theni aﬀ_liste_langue.php rep_include Parameter Remote File Inclusion CVE-2003-1256 28 Mar 2003 8.3 (v3) High Pass MantisBT Detection 27 May 2003 None Pass URLScan for IIS Detection 05 Jun 2003 None Pass zenTrack index.php Multiple Parameter Remote File Inclusion 06 Jun 2003 4.7 (v3) Medium Pass NETGEAR Router Default Password (password) for 'admin' Account 12 Jun 2003 9.8 (v3) Critical Pass Web Server Potentially Hosting Copyrighted Material 26 Jun 2003 None Pass ashNews 0.83 Multiple Vulnerabilities CVE-2006-0524 CVE-2003-1292 22 Jul 2003 7.5 (v3) High Pass Source Routed Packet Weakness 09 Sep 2003 None Pass StoneGate Firewall Client Authentication Detection 18 Jun 2003 None Pass BGP Service Detection 25 Oct 2003 None Pass Apache < 1.3.29 Multiple Modules Local Overﬂow CVE-2003-0542 01 Nov 2003 9.8 (v3) Critical Pass HMAP Web Server Fingerprinting 11 Nov 2003 None Pass Netscape Enterprise Server Default Files Present 25 Feb 2004 None Pass Avotus CDR mm Arbitrary File Retrieval 11 Dec 2003 None Pass Novonyx Web Server Multiple Sample Application Files Present CVE-2002-1634 07 Feb 2004 7.5 (v3) High Noise Host Fully Qualiﬁed Domain Name (FQDN) Resolution 11 Feb 2004 None Pass eMule Web Server Detection 07 May 2004 None Pass NETGEAR Wireless Access Point Hardcoded Default Password CVE-2004-2556 CVE-2004-2557 03 Jun 2004 7.5 (v3) High Pass Dell OpenManage Server Administrator Detection 01 Jul 2004 None Pass BasiliX Application Detection 09 Aug 2004 None Pass Direct Connect Hub Detection 25 Jul 2004 None Pass Netstat Portscanner (SSH) 15 Aug 2004 None Pass Arkoon Appliance Detection 26 Aug 2004 None Pass NetAsq IPS-Firewalls Detection 26 Aug 2004 None Pass Xedus Detection 03 Sep 2004 None Pass Xedus Webserver Connection Saturation DoS CVE-2004-1644 03 Sep 2004 7.5 (v3) High Pass Service Detection (2nd Pass) 17 Sep 2004 None Pass Microsoft Outlook Web Access (OWA) Version Detection 11 Aug 2004 None Pass Coppermine Photo Gallery Detection 21 Oct 2004 None Pass phpBB viewtopic.php highlight Parameter SQL Injection (ESMARKCONANT) CVE-2004-1315 22 Nov 2004 9.8 (v3) Critical Pass McAfee IntruShield Management Console Detection 03 Nov 2004 None Pass Hydra (NASL wrappers options) 01 Dec 2004 None Pass Help Center Live Multiple Remote Vulnerabilities (Cmd Exec, XSS) CVE-2004-2602 CVE-2004-2603 28 Dec 2004 8.3 (v3) High Pass Blue Coat ProxySG Console Management Detection 10 Feb 2005 None Pass NetOp Products Detection (TCP) 19 Nov 2004 None Pass NetOp Products Detection (UDP) 19 Nov 2004 None Pass Trend Micro IWSS Console Management Detection 23 Feb 2005 None Pass paFileDB Detection 15 Mar 2005 None Pass WebShield Appliance Detection 18 Mar 2005 None Pass Aventail ASAP Platform Management Console Detection 21 Mar 2005 None Pass Apache mod_suexec Multiple Privilege Escalation Vulnerabilities CVE-2007-1741 CVE-2007-1742 CVE-2007-1743 18 Nov 2011 7 (v3) High Pass CA ARCServe UniversalAgent Detection 13 Apr 2005 None Pass TCP Port 0 Open: Possible Backdoor 29 Apr 2005 None Pass CuteNews Detection 02 Mar 2005 None Pass Phorum Detection 17 Mar 2005 None Pass PhotoPost PHP Detection 30 Mar 2005 None Pass Kerio Personal Firewall Admin Service Detection 02 May 2005 None Pass Kerio Mailserver Admin Service Detection 02 May 2005 None Pass Kerio Winroute Firewall Admin Service Detection 02 May 2005 None Pass Woltlab Burning Board Detection 12 May 2005 None Pass Clearswift MIMEsweeper Manager Console Detection 10 May 2005 None Pass Service Detection (GET request) 06 Apr 2005 None Pass SMTP Server Connection Check 18 Jun 2005 None 80

Pass CA eTrust Intrusion Detection System Detection 21 Jun 2005 None Pass Apache Banner Linux Distribution Disclosure 15 May 2005 None Pass Unpassworded 'mpi' Account CVE-1999-0502 CVE-2005-1379 18 Jun 2005 9.8 (v3) Critical Pass XOOPS Detection 05 Jul 2005 None Pass CA ARCServe MSSQL Agent Detection 03 Aug 2005 None Pass EMC Legato Networker Detection 03 Sep 2005 None Pass LDU Software/Version Detection 09 Sep 2005 None Pass Drupal Software Detection 07 Jul 2005 None Pass SNMP Query Installed Software Disclosure 20 Sep 2005 None Pass Skype Detection 22 Sep 2005 None Pass Guppy Multiple HTTP Header XSS CVE-2005-2853 06 Oct 2005 8.8 (v3) High Pass Moodle Detection 13 Jul 2005 None Pass phpList Detection 29 Jul 2005 None Pass Xaraya Software/Version Detection 12 Aug 2005 None Pass TWiki Detection 06 Oct 2005 None Pass Web Server / Application favicon.ico Vendor Fingerprinting 28 Oct 2005 None Pass VERITAS Backup Agent Detection 10 Nov 2005 None Pass Google Search Appliance Detection 20 Nov 2005 None Pass Apple iTunes Music Sharing Enabled 16 Nov 2005 None Pass Windows Server Update Services (WSUS) Detection 04 Jan 2006 None Pass MyBB Detection 04 Feb 2006 None Pass AJP Connector Detection 05 Apr 2006 None Pass SynchronEyes Student Detection 13 Apr 2006 None Pass Novell Messenger Archive Agent Detection 19 Apr 2006 None Pass Network Block Device Server Detection 24 Dec 2005 None Pass VNC Security Type Enforcement Failure Remote Authentication Bypass CVE-2006-2369 CVE-2006-2450 15 May 2006 9.8 (v3) Critical Pass Session Initiation Protocol Detection 29 Dec 2003 None Noise SSL Cipher Suites Supported 05 Jun 2006 None Pass IBM DB2 Discovery Service Detection 10 Jul 2006 None Pass FCKeditor upload.php Type Parameter Arbitrary File Upload CVE-2006-2529 19 May 2006 8.8 (v3) High Pass IBM DB2 Administration Server Detection 10 Jul 2006 None Pass Check Point FireWall-1 ICA Service Detection 27 Jul 2006 None Pass HP OpenView BBC Service Detection 11 Sep 2006 None Pass Do not scan Novell NetWare 02 Oct 2006 None Pass Hobbit Monitor Daemon Detection 08 Aug 2006 None Pass Ariel FTP Server Default 'document' Account 15 Oct 2006 9.8 (v3) Critical Pass SLP Server Detection (UDP) 07 Dec 2006 None Pass Default Password (informix) for 'informix' Account CVE-1999-0502 06 Feb 2007 9.8 (v3) Critical Pass CA BrightStor ARCserve Backup Discovery Service Detection 12 Dec 2006 None Pass TCP Channel Detection 17 Jan 2007 None Pass Microsoft .NET Handlers Enumeration 26 Jan 2007 None Pass Microsoft .NET Version Information Disclosure 26 Jan 2007 None Pass SLP Server Detection (TCP) 07 Dec 2006 None Pass Seditio Detection 10 Dec 2006 None Pass Host Logical Network Segregation Weakness 03 Jan 2007 None Pass OS Identiﬁcation : HTTP 19 May 2007 None Pass Link Layer Topology Discovery (LLTD) Detection 30 Mar 2007 None Pass Talk Service (talkd, in.talk, ntalk) Detection 03 Mar 2000 None Pass OS Identiﬁcation : mDNS 19 May 2007 None Pass avast! Management Server Detection 25 May 2007 None Pass Packeteer Web Management Interface Version Detection 26 Jun 2007 None Pass Printer Job Language (PJL) Detection 14 Apr 2007 None Pass FrontBase FBExec Process Detection 27 Mar 2007 None Pass Timbuktu Detection (UDP) 30 Aug 2007 None Pass memcached Detection 02 Oct 2007 None Pass PostgreSQL Server Detection 14 Sep 2007 None Pass LDAP Crafted Search Request Server Information Disclosure 12 Jul 2007 None Pass IBM Tivoli Storage Manager Client Acceptor Daemon Detection 25 Sep 2007 None Pass Novell CLNTRUST Service Detection 01 Nov 2007 None Pass Avocent KVM Over IP Switch Detection 10 Jan 2008 None Pass LANDesk Ping Discovery Service Detection 17 Jan 2008 None Pass LANDesk Management Agent Detection 17 Jan 2008 None Pass OS Identiﬁcation : Telnet 03 Jan 2008 None Pass CA BrightStor HSM Engine Detection (TCP) 04 Oct 2007 None Pass X Font Service Detection 12 Oct 2007 None Pass OSSIM Server Detection 26 Nov 2007 None Pass HP OVCM/Radia Notify Daemon Detection 06 Nov 2007 None Pass GPON ONT Home Gateway Remote Enabling of Telnet (CVE-2019-3917) CVE-2019-3917 24 Apr 2019 7.5 (v3) High Pass IBM BigFix Platform 9.5.x < 9.5.10 Plain Text Credentials CVE-2017-1231 03 May 2019 7.8 (v3) High Pass Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)CVE-2016-1000031 CVE-2017-9798 CVE-2018-0734 CVE-2018-0735 CVE-2018-5407 CVE-2018-8034 CVE-2018-11763 CVE-2018-11784 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2019-270119 Apr 2019 9.8 (v3) Critical Pass OpenSSL 1.1.0 < 1.1.0k Vulnerability CVE-2019-1543 03 Jun 2019 7.4 (v3) High Pass MariaDB 10.0.0 < 10.0.36 Multiple Vulnerabilities CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 05 Jun 2019 7.1 (v3) High Pass MariaDB 10.1.0 < 10.1.35 Multiple Vulnerabilities CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 05 Jun 2019 7.1 (v3) High Pass MariaDB 10.2.0 < 10.2.17 Multiple Vulnerabilities CVE-2018-3058 CVE-2018-3060 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 05 Jun 2019 7.1 (v3) High Pass phpMyAdmin prior to 4.8.6 SQLi vulnerablity (PMASA-2019-3) CVE-2019-11768 13 Jun 2019 9.8 (v3) Critical Pass Linux Malicious File Detection 26 Jun 2019 10 (v3) Critical Pass PHP Advanced Transfer Manager <= 1.21 Multiple Vulnerabilities CVE-2005-1604 CVE-2005-1681 09 May 2005 6.8 (v2) Medium Pass Splunk Enterprise 6.0.x < 6.0.15, 6.1.x < 6.1.14, 6.2.x < 6.2.14, 6.3.x < 6.3.12, 6.4.x < 6.4.9, 6.5.x < 6.5.5 or Splunk Light < 6.6.0 Persistent XSSCVE-2019-5727 16 Jul 2019 5.4 (v3) Medium Pass Oracle Primavera Gateway Multiple Vulnerabilities (Jul 2019 CPU) CVE-2018-15756 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 19 Jul 2019 9.8 (v3) Critical Pass Symantec Messaging Gateway 10.x < 10.7.1 Privilege Escalation Vulnerability (SYMSA1486) CVE-2019-12751 18 Jul 2019 9.8 (v3) Critical Pass OS Identiﬁcation : Apple AirPlay 14 Aug 2019 None Pass Ansible Tower 3.x < 3.3.5 / 3.4.x < 3.4.3 Privilege Escalation Vulnerability CVE-2019-3869 05 Aug 2019 7.2 (v3) High Pass PHP 7.1.x < 7.1.31 Multiple Vulnerabilities. CVE-2019-11041 CVE-2019-11042 12 Aug 2019 7.1 (v3) High Pass MyServer 0.8 Multiple Vulnerabilities CVE-2005-1658 CVE-2005-1659 10 May 2005 5 (v2) Medium Pass OpenGear Web Detection 21 Aug 2019 None Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.24-h1 / 8.0.x < 8.0.19-h1 / 8.1.x < 8.1.9-h4 / 9.0.x < 9.0.3-h3 VulnerabilityCVE-2019-1581 30 Aug 2019 9.8 (v3) Critical Pass WowBB view_user.php Multiple Parameter SQL Injection CVE-2005-1554 11 May 2005 7.5 (v2) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.9-h4 / 9.0.x < 9.0.3-h3 Vulnerability CVE-2019-1582 04 Sep 2019 7.2 (v3) High Pass Oracle GlassFish Server < 3.0.1.22 Multiple Vulnerabilities CVE-2017-1000029 CVE-2017-1000030 05 Sep 2019 9.8 (v3) Critical Pass PHP 7.3.x < 7.3.9 Multiple Vulnerabilities. CVE-2019-13224 05 Sep 2019 9.8 (v3) Critical Pass HP Smart Update Manager Remote Unauthorized Access. CVE-2019-11988 13 Sep 2019 9.8 (v3) Critical Pass Puppet Enterprise 2015.x < 2015.3.3 Multiple Vulnerabilities CVE-2016-2786 CVE-2016-2787 09 Oct 2019 9.8 (v3) Critical Pass Puppet Enterprise < 2016.2.1 Multiple Vulnerabilities CVE-2015-7331 CVE-2016-2788 09 Oct 2019 9.8 (v3) Critical Pass Puppet Enterprise < 2016.4.0 Multiple Vulnerabilities CVE-2016-5714 CVE-2016-5715 09 Oct 2019 7.2 (v3) High Pass Puppet Enterprise < 2017.3.4 Code Execution Vulnerability CVE-2017-10690 CVE-2018-6508 09 Oct 2019 8 (v3) High Pass Puppet Enterprise 2017.x < 2017.3.6 Cross-site Scripting Vulnerability CVE-2018-6510 CVE-2018-6511 09 Oct 2019 5.4 (v3) Medium Pass Cisco HyperFlex Web API Detection 07 Oct 2019 None Pass Puppet Enterprise 2016.x < 2016.4.12 / 2017.x < 2017.3.7 / 2018.x < 2018.1.1 Arbitrary Code Execution VulnerabilityCVE-2018-6513 09 Oct 2019 8.8 (v3) High Pass Puppet Enterprise 2016.x < 2016.4.15 / 2017.x < 2017.3.10 / 2018.x < 2018.1.4 Plaintext Credential VulnerabilityCVE-2018-11749 09 Oct 2019 9.8 (v3) Critical Pass Oracle Primavera Gateway Multiple Vulnerabilities (Oct 2019 CPU) CVE-2017-12626 CVE-2019-12086 CVE-2019-14379 18 Oct 2019 9.8 (v3) Critical Pass e107 search.php search_info Parameter Traversal Arbitrary File Inclusion 11 May 2005 7.5 (v2) High Pass Cisco SPA ATA SIP Detection 17 Oct 2019 None Pass Cisco UCS Director Loggoﬀ DoS (cisco-sa-20190821-ucs-imc-dos) CVE-2019-12634 24 Oct 2019 7.5 (v3) High Pass Junos OS: SSL-Proxy DoS (JSA10973) CVE-2019-0051 25 Oct 2019 7.5 (v3) High Pass BakBone NetVault < 7.1.2 / 7.3.1 Multiple Remote Overﬂows CVE-2005-1009 CVE-2005-1547 14 May 2005 10 (v2) Critical Pass Juniper JSA10975 CVE-2019-0074 28 Oct 2019 5.5 (v3) Medium Pass TFTP Traversal Arbitrary File Access CVE-1999-0183 CVE-1999-0498 CVE-2002-2353 CVE-2009-0271 CVE-2009-0288 CVE-2009-1161 16 May 2005 5 (v2) Medium Pass Serendipity < 0.8.1 Multiple Vulnerabilities CVE-2005-1712 CVE-2005-1713 18 May 2005 4.6 (v2) Medium Pass Junos OS: rdp Memory Leak DoS (JSA10957) CVE-2019-0059 04 Nov 2019 7.5 (v3) High Pass Junos OS: app-id Signature Update MitM (JSA10952) CVE-2019-0054 04 Nov 2019 7.4 (v3) High Pass Junos OS: NG-mVPN rpd DoS (JSA10965) CVE-2019-0066 05 Nov 2019 7.5 (v3) High Pass Junos OS: Multicast ﬂowd DoS (JSA10968) CVE-2019-0068 06 Nov 2019 7.5 (v3) High 81

Pass Junos OS: J-Web Session Fixation Vulnerability (JSA10961) CVE-2019-0062 06 Nov 2019 8.8 (v3) High Pass CODESYS Gateway V3 Detection 31 Oct 2019 None Pass Junos OS: srxpfe DoS (JSA10972) CVE-2019-0050 06 Nov 2019 7.5 (v3) High Pass Cisco NX-OS Border Gateway Protocol DoS (cisco-sa-20161005-bgp) CVE-2016-1454 07 Nov 2019 6.5 (v3) Medium Pass Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities CVE-2009-1578 CVE-2009-1579 CVE-2009-1580 CVE-2009-1581 CVE-2009-2964 CVE-2009-4212 CVE-2010-0186 CVE-2010-0187 CVE-2010-0283 CVE-2010-0302 CVE-2010-0540 CVE-2010-0541 CVE-2010-0545 CVE-2010-0546 CVE-2010-0734 CVE-2010-1320 CVE-2010-1373 CVE-2010-1374 CVE-2010-1376 CVE-2010-1377 CVE-2010-1379 CVE-2010-1380 CVE-2010-1381 CVE-2010-1382 CVE-2010-1411 CVE-2010-1748 CVE-2010-1816 CVE-2010-182115 Jun 2010 8.8 (v3) High Noise Device Type 23 May 2011 None Pass Cisco NX-OS Version 30 May 2013 None Pass Cisco Email Security Appliance Version 26 Jul 2013 None Pass Cisco IOS IKEv2 Fragmentation DoS (cisco-sa-20160323-ios-ikev2) CVE-2016-1344 06 Apr 2016 5.9 (v3) Medium Pass VMware vRealize Automation 6.x < 6.2.4 Unspeciﬁed Stored XSS (VMSA-2016-0003) CVE-2015-2344 27 Apr 2016 5.4 (v3) Medium Pass VMware vRealize Automation 7.0.x < 7.1 Multiple Vulnerabilities (VMSA-2016-0013) CVE-2016-5335 CVE-2016-5336 29 Aug 2016 9.8 (v3) Critical Pass Cisco Nexus 3000 / 9000 Series GNU C Library (glibc) getaddrinfo() RCE (cisco-sa-20160218-glibc) CVE-2015-7547 14 Sep 2016 8.1 (v3) High Pass Cisco IOS IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERCVE-2016-6415TAIN) 27 Sep 2016 7.5 (v3) High Pass Palo Alto Networks PAN-OS < 7.1.7 Uniﬁed Log View Information Disclosure 16 Jan 2017 2.7 (v3) Low Pass Juniper Junos jdhcpd DHCPv6 DoS (JSA10769) CVE-2017-2301 20 Jan 2017 7.5 (v3) High Pass Juniper Junos rpd BGP add-path DoS (JSA10771) CVE-2017-2302 20 Jan 2017 7.5 (v3) High Pass Juniper Junos QFX / EX Series 'Etherleak' Improper Padding Memory Disclosure (JSA10773) CVE-2017-2304 20 Jan 2017 4.3 (v3) Medium Pass Cisco NX-OS Fibre Channel over Ethernet DoS (cisco-sa-20170607-nxos) CVE-2017-6655 16 Jun 2017 6.5 (v3) Medium Pass EMC Avamar ADS / AVE 7.2.x < 7.2.1 Hotﬁx 277897 / 7.3.x < 7.3.1 Hotﬁx 276676 / 7.4.x < 7.4.1 Hotﬁx 279294 Multiple VCVE-2017-4989 CVE-2017-4990ulnerabilities (ESA-2017-054) 29 Jun 2017 9.8 (v3) Critical Pass Cisco AsyncOS for Email Security Appliance Attachment MIME Header Handling Filter Bypass (cisco-sa-20170607-esa1)CVE-2017-6671 06 Jul 2017 7.5 (v3) High Pass Juniper Junos SRX IDP Remote Command Injection (JSA10801) CVE-2017-2349 31 Jul 2017 9.9 (v3) Critical Pass Cisco NX-OS Software Python Parser Escape Vulnerability CVE-2017-12301 24 Oct 2017 6.7 (v3) Medium Pass Cisco Prime Collaboration Provisioning < 12.3 Authenticated SQL Injection Vulnerability (cisco-sa-20171101-cpcp)CVE-2017-12276 08 Nov 2017 8.1 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.13 Management Interface Unspeciﬁed Remote DoS CVE-2017-15942 15 Dec 2017 7.5 (v3) High Pass Juniper Junos Commit Script Handling Local Console Port Access Weakness Vulnerability (JSA10835) CVE-2018-0008 26 Jan 2018 7.4 (v3) High Pass Arista Networks EOS Multiple Vulnerabilities (SA0019) CVE-2015-8138 CVE-2016-1547 CVE-2016-1548 CVE-2016-1549 CVE-2016-1550 28 Feb 2018 7.2 (v3) High Pass Arista Networks EOS ngx_chain_to_iovec NULL Pointer Deference DoS (SA0021) CVE-2016-4450 28 Feb 2018 7.5 (v3) High Pass Arista Networks EOS Multiple Vulnerabilities (SA0024) (SWEET32) CVE-2016-2178 CVE-2016-2183 28 Feb 2018 7.5 (v3) High Pass Juniper Junos IDP Policy Compilation Packet Handling Firewall Rule Bypass Remote Information DisclosurCVE-2018-0018e (JSA10846) 20 Apr 2018 7.5 (v3) High Pass Juniper Junos Routing Process Daemon (RPD) BGP UPDATE Packet Handling Unspeciﬁed Remote DoS (JSA10848)CVE-2018-0020 20 Apr 2018 7.5 (v3) High Pass Cisco Wireless LAN Controller Multiple Vulnerabilities CVE-2018-0226 CVE-2018-0234 CVE-2018-0235 CVE-2018-0252 11 May 2018 7.5 (v3) High Pass Juniper Junos HTTP/HTTPS Firewall User Authentication Remote Information Disclosure (JSA10858) CVE-2018-0025 20 Jul 2018 8.1 (v3) High Pass Juniper Junos Malformed RSVP RPD DoS (JSA10861) CVE-2018-0027 20 Jul 2018 5.9 (v3) Medium Pass Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12) CVE-2018-0732 CVE-2018-0737 CVE-2018-7584 CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 CVE-2018-14851 CVE-2018-14883 CVE-2018-1513224 Sep 2018 9.8 (v3) Critical Pass Citrix NetScaler Gateway Cross-Site Scripting Vulnerability (CTX232199) CVE-2018-18517 26 Oct 2018 4.8 (v3) Medium Pass VMware vRealize Log Insight 4.6.x < 4.6.2 / 4.7.x < 4.7.1 Authorization Bypass Vulnerability (VMSA-2018-0028)CVE-2018-6980 16 Nov 2018 7.2 (v3) High Pass Junos OS: pd crash on VPLS PE upon receipt of speciﬁc BGP message (JSA10912) CVE-2019-0012 11 Jan 2019 7.5 (v3) High Pass Junos OS: RPD crash upon receipt of malformed PIM packet (JSA10913) CVE-2019-0013 24 Jan 2019 7.5 (v3) High Pass Junos OS: Crafted HTTP traﬃc may cause UTM to consume all mbufs, leading to Denial of Service (JSA10910)CVE-2019-0010 07 Feb 2019 7.5 (v3) High Pass PostNuke AutoTheme Module Multiple Unspeciﬁed Vulnerabilities CVE-2005-1608 19 May 2005 7.5 (v2) High Pass Juniper JSA10924 CVE-2019-0035 11 Apr 2019 6.8 (v3) Medium Pass Palo Alto Networks 9.0.0 < 9.0.1 Authentication Bypass vulnerability (PAN-SA-2019-0005) CVE-2019-1572 12 Apr 2019 7.5 (v3) High Pass Juniper JSA10935 CVE-2019-0043 15 Apr 2019 7.5 (v3) High Pass Juniper JSA10925 CVE-2019-0036 15 Apr 2019 9.8 (v3) Critical Pass Juniper Junos memory consumption denial of service (JSA10920) CVE-2019-0031 23 Apr 2019 7.5 (v3) High Pass Juniper JSA10932 CVE-2019-0028 23 Apr 2019 7.5 (v3) High Pass Juniper JSA10930 CVE-2019-0008 26 Apr 2019 9.8 (v3) Critical Pass Juniper JSA10929 CVE-2019-0040 10 May 2019 9.1 (v3) Critical Pass Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability CVE-2019-1733 03 Jun 2019 5.4 (v3) Medium Pass Cisco NX-OS Software SSH Key Information Disclosure Vulnerability CVE-2019-1731 28 Jun 2019 4.4 (v3) Medium Pass Cisco NX-OS Software Python Parser Privilege Escalation Vulnerability CVE-2019-1727 03 Jul 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability CVE-2019-1616 04 Jul 2019 7.5 (v3) High Pass Palo Alto Networks PAN-OS 9.0.x < 9.0.3 Vulnerability CVE-2019-1576 19 Jul 2019 8.8 (v3) High Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778) CVE-2019-1778 22 Aug 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1780) CVE-2019-1780 28 Aug 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability (CVE-2019-1965)CVE-2019-1965 06 Sep 2019 7.7 (v3) High Pass Cisco NX-OS Software NX-API Denial of Service Vulnerability (CVE-2019-1968) CVE-2019-1968 06 Sep 2019 7.5 (v3) High Pass Cisco NX-OS Software Virtual Service Image Signature Bypass Vulnerability CVE-2019-12662 04 Oct 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Command Injection Vulnerabilities (cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782)CVE-2019-1781 CVE-2019-1782 15 Oct 2019 6.7 (v3) Medium Pass Cisco NX-OS Software Privilege Escalation Vulnerability CVE-2019-1603 09 Dec 2019 7.8 (v3) High Pass DNS Server UDP Query Limitation 22 May 2005 None Pass EMC RSA Authentication Manager < 8.4 Patch 8 XSS (DSA-2019-168) CVE-2019-18574 12 Dec 2019 4.8 (v3) Medium Pass Palo Alto Networks PAN-OS 1.0 < 7.1.24-h1 / 8.0.x < 8.1.9-h4 / 9.0 < 9.0.3-h3 Vulnerability CVE-2019-17437 13 Dec 2019 7.8 (v3) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1610) CVE-2019-1610 13 Dec 2019 6.7 (v3) Medium Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607) CVE-2019-1607 18 Dec 2019 6.7 (v3) Medium Pass Deprecated SSLv2 Connection Attempts 06 Jan 2020 None Pass Cisco NX-OS Software Bash Bypass Guest Shell (cisco-sa-20190515-nxos-bash-bypass) CVE-2019-1730 07 Jan 2020 6.7 (v3) Medium Pass Cisco NX-OS Software Line Card Command Injection (cisco-sa-20190515-nxos-linecardinj-1769) CVE-2019-1769 07 Jan 2020 6.7 (v3) Medium Pass Cisco NX-OS Software Secure Conﬁguration Bypass (cisco-sa-20190515-nxos-conf-bypass) CVE-2019-1728 09 Jan 2020 6.7 (v3) Medium Pass ProFTPD 'mod_copy' Arbitrary File Copy Vulnerability (Remote) CVE-2019-12815 09 Jan 2020 9.8 (v3) Critical Pass VMware Harbor 1.7.x, 1.8.x < 1.8.6 / 1.9.x < 1.9.3 CVE-2019-3990 CVE-2019-19023 CVE-2019-19025 CVE-2019-19026 CVE-2019-19029 14 Jan 2020 8.8 (v3) High Pass Oracle Primavera Gateway Multiple Vulnerabilities (Jan 2020 CPU) CVE-2014-3596 CVE-2015-9251 CVE-2018-8032 CVE-2019-0227 CVE-2019-11358 CVE-2019-12415 CVE-2019-14540 CVE-2019-16335 15 Jan 2020 9.8 (v3) Critical Pass Multiple Vulnerabilities in Juniper Junos (JSA10954) CVE-2019-0056 16 Jan 2020 7.5 (v3) High Pass Junos OS: pccd DoS (JSA10980) CVE-2020-1601 20 Jan 2020 7.5 (v3) High Pass Flexense Enterprise Products Detection 15 Jun 2018 None Pass PostNuke <= 0.760 RC4a Multiple Vulnerabilities CVE-2005-1621 CVE-2005-1697 CVE-2005-1698 CVE-2005-1699 CVE-2005-1700 23 May 2005 7.5 (v2) High Pass Trend Micro OﬃceScan Directory Traversal Vulnerability (1122250) CVE-2019-9489 24 Jan 2020 7.5 (v3) High Pass Elasticsearch ESA-2017-15 CVE-2017-8445 22 Aug 2018 5.5 (v3) Medium Pass Citrix NetScaler Application Delivery Management (ADM) 12 Oct 2018 None Pass HP Performance Agent detection - deprecated 25 Sep 2018 None Pass QLogic QConvergeConsole GUI Web Interface Detection 24 Oct 2018 None Pass TLS Version 1.1 Protocol Detection 08 Jan 2019 None Pass MySQL 5.7.x < 5.7.26 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU) CVE-2019-1547 CVE-2019-2632 CVE-2019-1559 CVE-2019-2628 CVE-2019-2566 CVE-2019-2581 CVE-2019-2683 CVE-2019-2592 CVE-2019-2627 CVE-2019-2614 CVE-2019-275518 Apr 2019 7.5 (v3) High Pass TeamViewer remote detection 18 Jan 2019 None Pass Quest NetVault Backup Server Detection 14 Dec 2018 None Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (Jan 2020 CPU) CVE-2014-3596 CVE-2018-8032 CVE-2019-0227 CVE-2019-10088 CVE-2019-10093 CVE-2019-10094 CVE-2019-12415 CVE-2019-14540 CVE-2019-1633530 Jan 2020 9.8 (v3) Critical Pass Arista Networks Rib agent DoS (SA0033) CVE-2018-5254 21 Feb 2020 7.5 (v3) High Pass Cisco Content Security Management Appliance Denial of Service Vulnerability (CSCvo89182) CVE-2019-1983 25 Feb 2020 5.3 (v3) Medium Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.13 Privilege Escalation (PAN-97584) CVE-2020-1979 19 Mar 2020 7.8 (v3) High Pass HP DesignJet Printer Web Interface Detection 24 Jan 2019 None Pass Adobe Experience Manager 6.1.x / 6.2.x / 6.3.x < 6.3.3.8 / 6.4.x < 6.4.8.0 / 6.5.x < 6.5.4.0 (APSB20-15) CVE-2020-3769 20 Mar 2020 7.5 (v3) High Pass VMware ESXi 5.5 / 6.0 XSS (VMSA-2016-0023) (remote check) CVE-2016-7463 24 Mar 2020 5.4 (v3) Medium Pass VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 Information Disclosure (VMSA-2018-0012) (Spectre) (remote check) CVE-2018-3639 24 Mar 2020 5.5 (v3) Medium Pass MikroTik RouterOS DNS Cache Poisoning (CVE-2019-3978) CVE-2019-3978 19 Mar 2020 7.5 (v3) High Pass Atlassian Jira 8.3.x < 8.5.2 DLL Hijacking Vulnerability (JRASERVER-70407) CVE-2019-20400 27 Mar 2020 7.8 (v3) High Pass Palo Alto Expedition Cross-Site Scripting CVE-2019-1569 CVE-2019-1570 CVE-2019-1571 07 Apr 2020 4.8 (v3) Medium Pass Palo Alto Default Credentials 07 Apr 2020 9.8 (v3) Critical Pass GNU Mailutils <= 0.6 Multiple Vulnerabilities CVE-2005-1520 CVE-2005-1521 CVE-2005-1522 CVE-2005-1523 CVE-2005-1824 26 May 2005 7.5 (v2) High Pass OpenSSL 1.1.1 < 1.1.1g Vulnerability CVE-2020-1967 23 Apr 2020 7.5 (v3) High Pass EMC RSA Authentication Manager < 8.4 P11 XSS Vulnerability (DSA-2020-066) CVE-2020-5346 23 Apr 2020 4.8 (v3) Medium Noise TLS Version 1.2 Protocol Detection 04 May 2020 None Pass IBM MQ Default Credentials 21 May 2020 9.8 (v3) Critical Pass Apache Tomcat 8.5.x < 8.5.55 Remote Code Execution CVE-2020-9484 22 May 2020 7 (v3) High Pass PHP Remote Code Execution Vulnerability (CVE-2019-11043). CVE-2019-11043 21 May 2020 9.8 (v3) Critical Pass WordPress Plugin 'LearnPress' < 3.2.6.8 Multiple Vulnerabilities CVE-2020-6010 CVE-2020-11511 01 May 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.12 / 8.1.x < 8.1.12 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2018 22 May 2020 9 (v3) Critical Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.13 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Vulnerability CVE-2020-2012 22 May 2020 7.5 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 / 9.1.x < 9.1.1 VulnerabilityCVE-2020-2013 22 May 2020 8.8 (v3) High Pass ShareFile Documents Unauthenticated Access (CTX269106) CVE-2020-7473 CVE-2020-8982 CVE-2020-8983 02 Jun 2020 7.5 (v3) High Pass BookReview 1.0 Multiple Script XSS CVE-2005-1782 CVE-2005-1783 27 May 2005 4.3 (v2) Medium Pass Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication VCVE-2019-1590ulnerability (cisco-sa-20190501-aci-insecure-fabric) 03 Jun 2020 8.1 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2002 09 Jun 2020 8.1 (v3) High 82

Pass Palo Alto Expedition Cross-Site Scripting (PAN-SA-2019-0003) CVE-2019-1567 10 Jun 2020 5.4 (v3) Medium Pass Adobe Experience Manager 6.1.x < 6.4.8.1 / 6.5.x < 6.5.5.0 (APSB20-31) CVE-2020-9643 CVE-2020-9644 CVE-2020-9645 CVE-2020-9647 CVE-2020-9648 CVE-2020-9651 12 Jun 2020 7.5 (v3) High Pass Treck/Kasago Network Stack Detection 22 Jun 2020 None Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 / 9.1.x < 9.1.1 VulnerabilityCVE-2020-1998 02 Jul 2020 8.8 (v3) High Pass Invision Power Board Multiple Vulnerabilities (Priv Esc, SQLi CVE-2005-1816 30 May 2005 4.6 (v2) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 8.1.12 / 8.0.x < 8.1.12 / 8.1.x < 8.1.12 / 9.0.x < 9.0.6 Vulnerability CVE-2020-2001 02 Jul 2020 9.8 (v3) Critical Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability CVE-2017-7529 02 Jul 2020 7.5 (v3) High Pass Nexus 9000 Series Switches Standalone NX-OS Mode Fibre Channel over Ethernet NPV DoS Vulnerability (cisco-sa-20190306-nxos-npv-dos)CVE-2019-1617 09 Jul 2020 7.4 (v3) High Pass Cisco Wireless LAN Controller Software Cross-Site Request Forgery (cisco-sa-20190417-wlc-csrf) CVE-2019-1797 14 Jul 2020 8.8 (v3) High Pass Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite (cisco-sa-fdmfo-HvPWKxDe) CVE-2020-3309 14 Jul 2020 6.5 (v3) Medium Pass Cisco Firepower Device Manager Web Interface Detection 10 Jul 2020 None Pass Invision Community Blog Multiple Vulnerabilities (SQLi, XSS) CVE-2005-1945 CVE-2005-1946 10 Jun 2005 6.5 (v2) Medium Pass Invision Gallery < 1.3.1 Multiple SQL Injections CVE-2005-1948 10 Jun 2005 6.5 (v2) Medium Pass Oracle Primavera Gateway (Jul 2020 CPU) CVE-2017-5645 CVE-2020-1945 CVE-2020-9488 CVE-2020-11022 CVE-2020-11023 16 Jul 2020 9.8 (v3) Critical Pass Siteframe siteframe.php LOCAL_PATH Parameter Remote File Inclusion CVE-2005-1965 10 Jun 2005 7.5 (v2) High Pass Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass (cisco-sa-rv-auth-bypass-cGv9EruZ)CVE-2020-3144 17 Jul 2020 9.8 (v3) Critical Pass e107 ePing Plugin doping.php Arbitrary Code Execution CVE-2005-2559 10 Jun 2005 7.5 (v2) High Pass Juniper JSA11031 CVE-2020-1654 20 Jul 2020 9.8 (v3) Critical Pass Juniper Junos SRX Double Free ICAP Redirect DoS RCE (JSA11034) CVE-2020-1647 22 Jul 2020 9.8 (v3) Critical Pass MySQL Enterprise Monitor 8.x < 8.0.18 DoS (Oct 2019 CPU) CVE-2019-10072 24 Jul 2020 7.5 (v3) High Pass MySQL Enterprise Monitor 4.x < 4.0.8 / 8.x < 8.0.14 DoS (Jan 2019 CPU) CVE-2018-0732 24 Jul 2020 7.5 (v3) High Pass MySQL Enterprise Monitor 4.x < 4.0.10 / 8.x < 8.0.15 DoS (Jul 2019 CPU) CVE-2018-15756 24 Jul 2020 7.5 (v3) High Pass Juniper Junos MX Series PFE Small Packet DoS (JSA11036) CVE-2020-1649 24 Jul 2020 7.5 (v3) High Pass Trend Micro InterScan Web Security Virtual Appliance (IWSVA) Multiple Vulnerabilities (000253095) CVE-2020-8604 CVE-2020-8606 28 Jul 2020 9.8 (v3) Critical Pass Junos OS: RPD crash when processing a speciﬁc BGP packet (JSA11035) CVE-2020-1648 28 Jul 2020 7.5 (v3) High Pass Juniper Junos NFX150 Multiple Vulnerabilities (JSA11026) CVE-2019-0131 CVE-2019-0165 CVE-2019-0166 CVE-2019-0168 CVE-2019-0169 CVE-2019-11086 CVE-2019-11087 CVE-2019-11088 CVE-2019-11090 CVE-2019-11097 CVE-2019-11100 CVE-2019-11101 CVE-2019-11102 CVE-2019-11103 CVE-2019-11104 CVE-2019-11105 CVE-2019-11106 CVE-2019-11107 CVE-2019-11108 CVE-2019-11109 CVE-2019-11110 CVE-2019-11131 CVE-2019-11132 CVE-2019-1114728 Jul 2020 9.8 (v3) Critical Pass Adobe Experience Manager 6.x < 6.3.3.6 / 6.4.x < 6.4.6.0 / 6.5.x < 6.5.2.0 Multiple Vulnerabilities (APSB19-48)CVE-2019-8078 CVE-2019-8079 CVE-2019-8080 CVE-2019-8081 CVE-2019-8082 CVE-2019-8083 CVE-2019-8084 CVE-2019-8085 CVE-2019-8086 CVE-2019-8087 CVE-2019-8088 CVE-2019-823431 Jul 2020 9.8 (v3) Critical Pass Atlassian Conﬂuence < 7.4.2 / 7.5.x < 7.5.2 XSS (CONFSERVER-60102) CVE-2020-14175 31 Jul 2020 5.4 (v3) Medium Pass Pulse Policy Secure < 9.1R8 (SA44516) CVE-2020-8204 CVE-2020-8206 CVE-2020-8216 CVE-2020-8217 CVE-2020-8218 CVE-2020-8219 CVE-2020-8220 CVE-2020-8221 CVE-2020-8222 CVE-2020-12880 CVE-2020-1540831 Jul 2020 8.1 (v3) High Pass Cisco Data Center Network Manager Command Injection (cisco-sa-dcnm-rest-inj-BCt8pwAJ) CVE-2020-3384 10 Aug 2020 8.2 (v3) High Pass Cisco Prime Collaboration Provisioning Software SQL Injection (cisco-sa-pcp-sql-inj-22Auwt66) CVE-2020-3184 18 Aug 2020 7.2 (v3) High Pass WordPress Plugin 'SRS Simple Hits Counter' Information Disclosure CVE-2020-5766 27 Aug 2020 7.5 (v3) High Pass ISC BIND 9.15.6 < 9.16.6 / 9.17.x < 9.17.4 DoS CVE-2020-8620 28 Aug 2020 7.5 (v3) High Pass Cisco Data Center Network Manager Stored XSS (cisco-sa-dcnm-xss-stored-w4rJZJtO) CVE-2020-3439 01 Sep 2020 4.8 (v3) Medium Pass Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session DoS (cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp)CVE-2020-3398 02 Sep 2020 8.6 (v3) High Pass IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.8 Information DisclosurCVE-2018-1614e (711983) 10 Sep 2020 7.5 (v3) High Pass Cisco Aironet Web UI Detection. 08 Sep 2020 None Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.9 XSS CVE-2020-2036 11 Sep 2020 8.8 (v3) High Pass Palo Alto Networks PAN-OS 8.0.x / 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.3 Information Exposure CVE-2020-2044 11 Sep 2020 3.3 (v3) Low Pass Juniper Junos DNS ﬁltering JSA11028 CVE-2020-1645 14 Sep 2020 8.3 (v3) High Pass Cisco Data Center Network Manager Stored Cross-Site Scripting (cisco-sa-20200219-dcnm-xss) CVE-2020-3113 17 Sep 2020 5.4 (v3) Medium Pass PHP 7.2.x / 7.3.x < 7.3.22 Memory Leak Vulnerability 11 Sep 2020 7.5 (v3) High Pass PHP 7.4.x < 7.4.10 Memory Leak Vulnerability 11 Sep 2020 7.5 (v3) High Pass Cisco Data Center Network Manager Cross-Site Request Forgery (cisco-sa-20200219-dcnm-csrf) CVE-2020-3114 18 Sep 2020 8.8 (v3) High Pass CodeMeter < 6.81 Denial of Service Vulnerability CVE-2020-14513 21 Sep 2020 7.5 (v3) High Pass CodeMeter < 7.10a Multiple Vulnerabilities CVE-2020-14509 CVE-2020-14517 CVE-2020-14519 21 Sep 2020 9.8 (v3) Critical Pass HP iLO 3 < 1.93 / HP iLO 4 < 2.75 / HP iLO Superdome 4 < 1.64 / HP iLO 5 < 2.18 / HP Moonshot/Edgeline iLO 5 < 2.30 Ripple20 Multiple vulnerabilitiesCVE-2020-11896 CVE-2020-11898 CVE-2020-11900 CVE-2020-11906 CVE-2020-11907 CVE-2020-11911 CVE-2020-11912 CVE-2020-1191424 Sep 2020 10 (v3) Critical Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX281474) CVE-2020-8245 CVE-2020-8246 CVE-2020-8247 25 Sep 2020 8.8 (v3) High Pass Citrix SD-WAN WANOP Multiple Vulnerabilities (CTX281474) CVE-2020-8246 CVE-2020-8247 25 Sep 2020 8.8 (v3) High Pass SonicWall SonicOS Buﬀer Overﬂow Vulnerability CVE-2020-5135 16 Oct 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 XSS (CVE-2019-4270)CVE-2019-4270 16 Oct 2020 5.4 (v3) Medium Pass IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.11 XSS (CVE-2019-4030) CVE-2019-4030 19 Oct 2020 5.4 (v3) Medium Pass IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 RCE (CVE-2016-1000031)CVE-2016-1000031 20 Oct 2020 9.8 (v3) Critical Pass WordPress Loginizer plugin < 1.6.4 blind SQLi (CVE-2020-27615) CVE-2020-27615 22 Oct 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 SSRF (CVE-2019-17566)CVE-2019-17566 30 Oct 2020 7.5 (v3) High Pass Nostromo < 1.9.7 Remote Code Execution CVE-2019-16278 30 Oct 2020 9.8 (v3) Critical Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.x < 9.0.0.8 Security Bypass (CVE-2015-0899)CVE-2015-0899 30 Oct 2020 7.5 (v3) High Pass IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.10 XXE (CVE-2015-0254)CVE-2015-0254 30 Oct 2020 10 (v3) Critical Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.5 / 10.0.x < 10.0.1 Authentication Bypass VCVE-2020-2050ulnerability 13 Nov 2020 8.2 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.5 Vulnerability CVE-2020-2022 13 Nov 2020 7.5 (v3) High Pass Cisco Security Manager < 4.22 Path Traversal (cisco-sa-csm-path-trav-NgeRnqgR) CVE-2020-27130 17 Nov 2020 9.1 (v3) Critical Pass Cisco IOS XE Software PROFINET Link Layer Discovery Protocol DoS (cisco-sa-ios-proﬁnet-dos-65qYG3W5)CVE-2020-3512 17 Nov 2020 7.4 (v3) High Pass Cisco IOS Software PROFINET Link Layer Discovery Protocol DoS (cisco-sa-ios-proﬁnet-dos-65qYG3W5)CVE-2020-3512 17 Nov 2020 7.4 (v3) High Pass IBM Spectrum Protect Operations Center 7.1.x < 7.1.11.000 / 8.1.x < 8.1.10.000 Code Injection VulnerabilityCVE-2020-4693 19 Nov 2020 9.8 (v3) Critical Pass Intel Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391) (remote check) CVE-2020-8705 CVE-2020-8744 CVE-2020-8745 CVE-2020-8746 CVE-2020-8747 CVE-2020-8749 CVE-2020-8751 CVE-2020-8752 CVE-2020-8753 CVE-2020-8754 CVE-2020-8755 CVE-2020-8756 CVE-2020-8757 CVE-2020-8760 CVE-2020-8761 CVE-2020-12297 CVE-2020-12303 CVE-2020-12354 CVE-2020-1235620 Nov 2020 9.8 (v3) Critical Pass Cisco IoT Field Network Director Missing API Authentication (cisco-sa-FND-APIA-xZntFS2V) CVE-2020-3392 24 Nov 2020 7.5 (v3) High Pass Juniper Junos OS EX4300-MP/EX4600/QFX5K Series DoS (JSA11086) CVE-2020-1689 01 Dec 2020 6.5 (v3) Medium Pass Apache Cassandra 3.8.x < 3.11.1 RCE CVE-2018-8016 02 Dec 2020 9.8 (v3) Critical Pass Apache Cassandra 1.2.x <= 1.2.19 / 2.0.x <= 2.0.13 / 2.1.x <= 2.1.3 RCE CVE-2015-0225 02 Dec 2020 9.8 (v3) Critical Pass Adobe Experience Manager 6.1 < 6.3.3.7 / 6.4 < 6.4.7.0 / 6.5 < 6.5.3.0 Multiple Vulnerabilities (APSB20-01)CVE-2019-16466 CVE-2019-16467 CVE-2019-16468 CVE-2019-16469 03 Dec 2020 7.5 (v3) High Pass Cisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation (cisco-sa-iox-usb-guestshell-WmevScDj)CVE-2020-3396 07 Dec 2020 7.2 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.18 / 9.0.x < 9.0.12 / 9.1.x < 9.1.5 Vulnerability CVE-2021-3031 13 Jan 2021 4.3 (v3) Medium Pass Juniper Junos OS DoS (JSA11111) CVE-2021-0221 14 Jan 2021 6.5 (v3) Medium Pass Juniper Junos OS Command Injection (JSA11109) CVE-2021-0219 14 Jan 2021 6.7 (v3) Medium Pass Oracle Primavera Gateway (Jan 2021 CPU) CVE-2020-5421 CVE-2020-11979 20 Jan 2021 7.5 (v3) High Pass Juniper Junos DoS (JSA11096) CVE-2021-0206 22 Jan 2021 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.6 XXE (6408244)CVE-2020-4949 28 Jan 2021 8.2 (v3) High Pass Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family CAPWAP DoS (cisco-sa-capwap-dos-TPdNTdyq)CVE-2020-3486 CVE-2020-3487 CVE-2020-3488 CVE-2020-3489 CVE-2020-3493 CVE-2020-3494 CVE-2020-3497 29 Jan 2021 7.4 (v3) High Pass Juniper Junos OS DoS (JSA11094) CVE-2021-0222 04 Feb 2021 7.4 (v3) High Pass JamMail jammail.pl mail Parameter Arbitrary Command Execution CVE-2005-1959 13 Jun 2005 7.5 (v2) High Pass pfSense 2.4.x < 2.4.5-p1 Multiple Vulnerabilities CVE-2020-12662 CVE-2020-12663 CVE-2020-12762 04 Feb 2021 7.8 (v3) High Pass Apache Flink Web UI Detection 09 Feb 2021 None Pass OpenSSL 1.0.2 < 1.0.2w Information Disclosure CVE-2020-1968 10 Feb 2021 3.7 (v3) Low Pass Cisco NX-OS Software Protocol Independent Multicast Denial of Service Vulnerability (cisco-sa-nxos-pim-dos-Y8SjMz4)CVE-2021-1367 24 Feb 2021 4.3 (v3) Medium Pass e107 eTrace Plugin dotrace.php Arbitrary Code Execution CVE-2005-1966 13 Jun 2005 7.5 (v2) High Pass Cisco NX-OS Software NX-API Cross-Site Request Forgery Vulnerability (cisco-sa-nxos-nxapi-csrf-wRMzWL9z)CVE-2021-1227 24 Feb 2021 8.1 (v3) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.19 / 9.0.x <= 9.0.5.6 XXE (6413709)CVE-2021-20353 25 Feb 2021 8.2 (v3) High Pass Tenable SecurityCenter 5.13.0 - 5.17.0 Remote Code Execution (TNS-2021-03) CVE-2021-20076 03 Mar 2021 8.8 (v3) High Pass Adobe Connect <= 11.0.5 Multiple Vulnerabilities (ASPB21-19) CVE-2021-21079 CVE-2021-21080 CVE-2021-21081 CVE-2021-21085 10 Mar 2021 7.8 (v3) High Pass Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability (cisco-sa-3000-9000-ﬁleaction-QtLzDRy2)CVE-2021-1361 24 Mar 2021 9.1 (v3) Critical Pass Apache OFBiz Remote Code Execution (CVE-2021-26295) CVE-2021-26295 30 Mar 2021 9.8 (v3) Critical Pass Cisco IOS Software Common Industrial Protocol Privilege Escalation (cisco-sa-XE-SAP-OPLbze68) CVE-2021-1392 30 Mar 2021 7.8 (v3) High Pass OpenSSL 1.1.1 < 1.1.1j Multiple Vulnerabilities CVE-2021-23840 CVE-2021-23841 09 Apr 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11150) CVE-2021-0259 15 Apr 2021 7.4 (v3) High Pass Atlassian Jira < 8.13.3 / 8.14.x < 8.14.1 Broken Authentication (JRASERVER-72029) CVE-2021-26070 01 Apr 2021 7.2 (v3) High Pass Juniper Junos OS Vulnerability (JSA11144) CVE-2021-0251 15 Apr 2021 8.6 (v3) High Pass Juniper Junos OS Vulnerability (JSA11136) CVE-2021-0243 15 Apr 2021 4.7 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11158) CVE-2021-0267 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11117) CVE-2021-0214 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11118) CVE-2021-0216 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11157) CVE-2021-0266 15 Apr 2021 9.8 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11145) CVE-2021-0252 15 Apr 2021 7.8 (v3) High Pass CA Multiple Products Message Queuing Multiple Remote DoS CVE-2006-0529 CVE-2006-0530 03 Feb 2006 4.1 (v3) Medium Pass CA Multiple Products Message Queuing Multiple Remote Vulnerabilities CVE-2005-2667 CVE-2005-2668 CVE-2005-2669 08 Nov 2005 9.1 (v3) Critical Pass Mambo Open Source < 4.5.2.3 Multiple Vulnerabilities CVE-2005-2002 15 Jun 2005 7.5 (v2) High Pass DNN (DotNetNuke) < 3.0.12 Multiple XSS CVE-2005-0040 16 Jun 2005 4.3 (v2) Medium Pass YaPiG < 0.95b Multiple Vulnerabilities CVE-2005-1881 CVE-2005-1882 CVE-2005-1883 CVE-2005-1884 CVE-2005-1885 CVE-2005-1886 17 Jun 2005 7.5 (v2) High Pass osCommerce application_top.php Multiple Parameter HTTP Response Splitting CVE-2005-1951 18 Jun 2005 4.3 (v2) Medium Pass paFAQ 1.0 Beta 4 Multiple Vulnerabilities CVE-2005-0475 CVE-2005-2011 CVE-2005-2012 CVE-2005-2013 CVE-2005-2014 21 Jun 2005 7.5 (v2) High Pass cPanel cpsrvd.pl user Parameter XSS CVE-2005-2021 21 Jun 2005 4.3 (v2) Medium Pass Cacti Local File Inclusion Vulnerability CVE-2005-1524 CVE-2005-1525 CVE-2005-1526 22 Jun 2005 7.5 (v2) High Pass phpBB2 Plus <= 1.52 Multiple XSS CVE-2005-1113 CVE-2005-1114 CVE-2005-1115 CVE-2005-1116 28 Jun 2005 4.3 (v2) Medium 83

Pass Serendipity XML-RPC for PHP Remote Code Injection CVE-2005-1921 01 Jul 2005 7.5 (v2) High Pass XOOPS < 2.0.12 Multiple Vulnerabilities CVE-2005-2112 CVE-2005-2113 05 Jul 2005 7.5 (v2) High Pass Cacti < 0.8.6f Authentication Bypass Vulnerability CVE-2005-2148 CVE-2005-2149 05 Jul 2005 7.5 (v2) High Pass phpBB < 2.0.17 Nested BBCode URL Tags XSS CVE-2005-2161 06 Jul 2005 3.5 (v2) Low Pass YaPiG Password Protected Directory Bypass 06 Jul 2005 5 (v2) Medium Pass phpWebSite <= 0.10.1 Multiple Vulnerabilities 07 Jul 2005 7.5 (v2) High Pass Drupal XML-RPC for PHP Remote Code Injection CVE-2005-1921 08 Jul 2005 7.5 (v2) High Pass Comersus Cart Multiple Vulnerabilities (SQLi, XSS) CVE-2005-2190 CVE-2005-2191 08 Jul 2005 7.5 (v2) High Pass Hydra: PostgreSQL 10 Jul 2005 7.5 (v2) High Pass Moodle < 1.5.1 Multiple Vulnerabilities CVE-2005-2247 13 Jul 2005 7.5 (v2) High Pass Apache Tomcat 7.x < 7.0.21 Arbitrary AJP Message Control CVE-2011-3190 02 Sep 2011 7.3 (v3) High Pass Phpauction <= 2.5 Multiple Vulnerabilities CVE-2005-2252 CVE-2005-2253 CVE-2005-2254 CVE-2005-2255 20 Jul 2005 7.5 (v2) High Pass PHP-Fusion <= 6.00.105 Multiple Vulnerabilities CVE-2005-2074 CVE-2005-2075 20 Jul 2005 5 (v2) Medium Pass Gossamer Threads Links user.cgi url Parameter XSS CVE-2005-1492 20 Jul 2005 4.3 (v2) Medium Pass PHPAuction Admin Authentication Bypass 20 Jul 2005 7.5 (v2) High Pass MDaemon IMAP Server Multiple AUTHENTICATE Commands Remote Overﬂow 21 Jul 2005 7.5 (v2) High Pass osCommerce update.php readme_ﬁle Parameter Arbitrary File Disclosure CVE-2005-2330 21 Jul 2005 5 (v2) Medium Pass PHPNews auth.php Multiple Parameter SQL Injection CVE-2005-2383 22 Jul 2005 6.8 (v2) Medium Pass UltraVNC w/ DSM Plugin Detection 24 Jul 2005 4 (v2) Medium Pass FtpLocate ﬂsearch.pl fsite Parameter Remote File Inclusion CVE-2005-2420 26 Jul 2005 7.5 (v2) High Pass Netquery <= 3.1 Multiple Vulnerabilities 26 Jul 2005 6.8 (v2) Medium Pass PHP-Fusion <= 6.00.106 Multiple Vulnerabilities CVE-2005-2401 CVE-2005-3159 29 Jul 2005 6 (v2) Medium Pass GForge <= 4.5 Multiple Script XSS CVE-2005-2430 29 Jul 2005 4.3 (v2) Medium Pass Kayako LiveResponse Multiple Vulnerabilities CVE-2005-2460 CVE-2005-2461 CVE-2005-2462 CVE-2005-2463 01 Aug 2005 6.4 (v2) Medium Pass AutoIndex PHP Script index.php search Parameter XSS CVE-2005-2163 04 Aug 2005 4.3 (v2) Medium Pass JAWS Glossary Gadget Multiple XSS CVE-2005-1231 CVE-2005-1800 08 Aug 2005 4.3 (v2) Medium Pass FlatNuke < 2.5.6 Multiple Remote Vulnerabilities CVE-2005-2537 CVE-2005-2538 CVE-2005-2539 CVE-2005-2540 08 Aug 2005 7.5 (v2) High Pass AWStats Referrer Header Arbitrary Command Execution CVE-2005-1527 10 Aug 2005 5.1 (v2) Medium Pass Mantis < 1.0.0rc2 Multiple Vulnerabilities CVE-2005-2556 CVE-2005-2557 CVE-2005-3090 CVE-2005-3091 22 Aug 2005 4.3 (v2) Medium Pass Home FTP Server Multiple Vulnerabilities CVE-2005-2726 CVE-2005-2727 25 Aug 2005 4.3 (v3) Medium Pass WebCalendar send_reminders.php includedir Parameter Remote File Inclusion CVE-2005-2717 25 Aug 2005 7.5 (v2) High Pass Cisco CallManager TFTP File Detection 26 Aug 2005 5 (v2) Medium Pass PhotoPost PHP Pro EXIF Data XSS CVE-2005-2737 27 Aug 2005 4.3 (v2) Medium Pass YaPiG <= 0.9.5b Multiple Vulnerabilities CVE-2005-2736 CVE-2005-4799 CVE-2006-4421 27 Aug 2005 5.1 (v2) Medium Pass phpMyAdmin < 2.6.4 Multiple XSS CVE-2005-2869 29 Aug 2005 4.3 (v2) Medium Pass PHP 7.1.x < 7.1.30 Multiple Vulnerabilities. CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 31 May 2019 9.1 (v3) Critical Pass PHP 7.2.x < 7.2.19 Multiple Vulnerabilities. CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 31 May 2019 9.1 (v3) Critical Pass PHP 7.3.x < 7.3.6 Multiple Vulnerabilities. CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 04 Jun 2019 9.1 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (January 2014 CPU) CVE-2013-5764 CVE-2013-5853 CVE-2013-5858 CVE-2014-0377 CVE-2014-0378 15 Jan 2014 4.1 (v2) Medium Pass Apache Tomcat 7.0.x < 7.0.50 Multiple Vulnerabilities CVE-2013-4322 CVE-2013-4590 25 Feb 2014 5.3 (v3) Medium Pass Jenkins < 2.84 / < 2.73.2 (LTS) Multiple Vulnerabilities CVE-2017-1000393 CVE-2017-1000394 CVE-2017-1000395 CVE-2017-1000396 CVE-2017-1000398 CVE-2017-1000399 CVE-2017-1000400 CVE-2017-100040105 Jun 2019 8.8 (v3) High Pass Apache Tomcat 6.0.x < 6.0.48 / 7.0.x < 7.0.73 / 8.0.x < 8.0.39 / 8.5.x < 8.5.8 / 9.0.x < 9.0.0.M13 Multiple VulnerabilitiesCVE-2016-6816 CVE-2016-6817 CVE-2016-8735 01 Dec 2016 9.8 (v3) Critical Pass Cisco IOS XE Software Locator/ID Separation Protocol Authentication Bypass Vulnerability CVE-2017-12236 06 Oct 2017 9.8 (v3) Critical Pass Jenkins < 2.121 / < 2.107.3 (LTS) Multiple Vulnerabilities CVE-2018-1000192 CVE-2018-1000193 CVE-2018-1000194 CVE-2018-1000195 05 Jun 2019 8.1 (v3) High Pass HPE Intelligent Management Center dbman Multiple Vulnerabilities CVE-2018-7123 CVE-2019-5355 CVE-2019-5390 CVE-2019-5391 CVE-2019-5392 CVE-2019-5393 06 Jun 2019 9.8 (v3) Critical Pass Apache Tomcat 7.0.0 < 7.0.91 Open Redirect Weakness CVE-2018-11784 10 Oct 2018 4.3 (v3) Medium Pass SSH Protocol Authentication Bypass (Remote Exploit Check) CVE-2018-10933 CVE-2018-1000805 17 Oct 2018 8.8 (v3) High Pass Ncat TLS Listener 19 Feb 2019 9.8 (v3) Critical Pass Cisco IOS XR Software DHCP Version 4 Server DoS (cisco-sa-iosxr-dhcp-dos-pjPVReLU) CVE-2021-34737 10 Sep 2021 7.5 (v3) High Pass phpMyAdmin 4.x < 4.9.0 CSRF vulnerablity (PMASA-2019-4) CVE-2019-12616 13 Jun 2019 6.5 (v3) Medium Pass Cisco IOS XR Software Border Gateway Protocol Resource Public Key Infrastructure DoS (cisco-sa-xrbgp-rpki-dos-gvmjqxbk)CVE-2021-1440 13 Sep 2021 6.8 (v3) Medium Pass Cisco IOS XR Software for 8000 Network Convergence System 540 Series Routers Image Veriﬁcation (cisco-sa-lnt-QN9mCzwn)CVE-2021-34708 CVE-2021-34709 13 Sep 2021 6.7 (v3) Medium Pass Oracle WebLogic Server Deserialization RCE (CVE-2019-2729) CVE-2019-2729 27 Jun 2019 9.8 (v3) Critical Pass Multiple Command Injection Vulnerabilities in Grandstream Products CVE-2019-10655 CVE-2019-10656 CVE-2019-10657 CVE-2019-10658 CVE-2019-10659 CVE-2019-10660 CVE-2019-10661 CVE-2019-10662 CVE-2019-1066301 Apr 2019 9.8 (v3) Critical Pass D-Link Router HNAP GetDeviceSettings Remote Command Execution CVE-2015-2051 10 Jun 2015 10 (v2) Critical Pass MongoDB 3.0.x < 3.0.7 / 3.1.x < 3.1.9 Authentication Bypass CVE-2015-7882 05 Jul 2019 8.1 (v3) High Pass Apple TV < 7 Multiple Vulnerabilities CVE-2011-2391 CVE-2013-6663 CVE-2014-1384 CVE-2014-1385 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-4357 CVE-2014-4364 CVE-2014-4369 CVE-2014-4371 CVE-2014-4372 CVE-2014-4373 CVE-2014-4375 CVE-2014-4377 CVE-2014-4378 CVE-2014-4379 CVE-2014-4380 CVE-2014-4381 CVE-2014-4383 CVE-2014-4388 CVE-2014-4389 CVE-2014-4404 CVE-2014-4405 CVE-2014-4407 CVE-2014-4408 CVE-2014-4410 CVE-2014-4411 CVE-2014-4412 CVE-2014-4413 CVE-2014-4414 CVE-2014-4415 CVE-2014-4418 CVE-2014-4419 CVE-2014-4420 CVE-2014-4421 CVE-2014-442224 Sep 2014 7.8 (v3) High Pass FTP Service AUTH TLS Command Support 15 Oct 2009 None Pass Hummingbird Connectivity FTP Service XCWD Command Overﬂow CVE-2004-2728 31 Dec 2004 4.3 (v3) Medium Pass FTP Writable Directories 04 Oct 2005 6.5 (v3) Medium Pass IBM DB2 Connection Port Detection 21 Sep 2006 None Pass Tor Server Detection 14 Sep 2007 None Pass Multiple Command Injection Vulnerabilities in Grandstream Products CVE-2019-10655 CVE-2019-10659 CVE-2019-10660 CVE-2019-10661 CVE-2019-10662 CVE-2019-10663 19 Apr 2019 9.8 (v3) Critical Noise Common Platform Enumeration (CPE) 21 Apr 2010 None Pass Mac OS X < 10.10 Multiple Vulnerabilities (POODLE) (Shellshock) CVE-2011-2391 CVE-2013-5150 CVE-2013-6438 CVE-2014-0098 CVE-2014-3537 CVE-2014-3566 CVE-2014-4351 CVE-2014-4364 CVE-2014-4371 CVE-2014-4373 CVE-2014-4375 CVE-2014-4380 CVE-2014-4388 CVE-2014-4391 CVE-2014-4404 CVE-2014-4405 CVE-2014-4407 CVE-2014-4408 CVE-2014-4417 CVE-2014-4418 CVE-2014-4419 CVE-2014-4420 CVE-2014-4421 CVE-2014-4422 CVE-2014-4425 CVE-2014-4426 CVE-2014-4427 CVE-2014-4428 CVE-2014-4430 CVE-2014-4431 CVE-2014-4432 CVE-2014-4433 CVE-2014-4434 CVE-2014-4435 CVE-2014-4436 CVE-2014-4437 CVE-2014-4438 CVE-2014-4439 CVE-2014-4440 CVE-2014-4441 CVE-2014-4442 CVE-2014-4443 CVE-2014-4444 CVE-2014-6271 CVE-2014-716917 Oct 2014 10 (v2) Critical Pass Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK) CVE-2013-0118 CVE-2013-5704 CVE-2013-6438 CVE-2013-6712 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0207 CVE-2014-0226 CVE-2014-0231 CVE-2014-0237 CVE-2014-0238 CVE-2014-2497 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3523 CVE-2014-3538 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-3587 CVE-2014-3597 CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-3710 CVE-2014-3981 CVE-2014-4049 CVE-2014-4380 CVE-2014-4404 CVE-2014-4405 CVE-2014-4670 CVE-2014-4698 CVE-2014-5120 CVE-2014-8275 CVE-2014-8830 CVE-2014-9298 CVE-2015-0204 CVE-2015-1069 CVE-2015-1088 CVE-2015-1089 CVE-2015-1091 CVE-2015-1093 CVE-2015-1095 CVE-2015-1096 CVE-2015-1098 CVE-2015-1099 CVE-2015-1100 CVE-2015-1101 CVE-2015-1102 CVE-2015-1103 CVE-2015-1104 CVE-2015-1105 CVE-2015-1117 CVE-2015-1118 CVE-2015-1130 CVE-2015-1131 CVE-2015-1132 CVE-2015-1133 CVE-2015-1134 CVE-2015-1135 CVE-2015-1136 CVE-2015-1137 CVE-2015-1138 CVE-2015-1139 CVE-2015-1140 CVE-2015-1141 CVE-2015-1142 CVE-2015-1143 CVE-2015-1144 CVE-2015-1145 CVE-2015-1146 CVE-2015-1147 CVE-2015-1148 CVE-2015-1160 CVE-2015-1545 CVE-2015-154610 Apr 2015 10 (v2) Critical Pass CockroachDB Web Console Detection 11 Feb 2022 None Pass Juniper Junos RPD MPLS RCE (JSA10877) CVE-2018-0043 19 Oct 2018 8.8 (v3) High Pass Juniper Junos Memory Exhaustion RDP DOS with JET support (JSA10882) CVE-2018-0048 19 Oct 2018 7.5 (v3) High Pass Microsoft Windows SMBv3 Compression RCE (ADV200005)(CVE-2020-0796)(Remote) CVE-2020-0796 02 Apr 2020 10 (v3) Critical Pass WordPress Plugin 'File Manager' 6.x < 6.9 Remote Code Execution CVE-2020-25213 04 Sep 2020 9.8 (v3) Critical Pass PHP 7.4.x < 7.4.26 CVE-2021-21707 18 Nov 2021 5.3 (v3) Medium Pass PHP 8.0.x < 8.0.13 CVE-2021-21707 19 Nov 2021 5.3 (v3) Medium Pass Jenkins Enterprise and Operations Center < 2.249.31.0.3 / 2.277.4.2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-05-05) 19 Nov 2021 5.4 (v3) Medium Pass Cisco IOS XE Software Web UI DoS Vulnerability (cisco-sa-20180926-webuidos) CVE-2018-0469 05 Oct 2018 6.8 (v3) Medium Pass Cisco Expressway Series and TelePresence Video Communication Server Image Veriﬁcation RCE (cisco-sa-ewverCVE-2021-34715-c6WZPXRx) 25 Aug 2021 7.2 (v3) High Pass Oracle E-Business Multiple Vulnerabilities (Oct 2018 CPU) CVE-2018-2971 CVE-2018-3011 CVE-2018-3138 CVE-2018-3151 CVE-2018-3167 CVE-2018-3188 CVE-2018-3189 CVE-2018-3190 CVE-2018-3196 CVE-2018-3235 CVE-2018-3236 CVE-2018-3237 CVE-2018-3242 CVE-2018-3243 CVE-2018-3244 CVE-2018-325618 Oct 2018 8.2 (v3) High Pass Apache Struts 2.5.x < 2.5.14.1 Json-lib JSON Parsing Unspeciﬁed DoS (S2-054) (S2-055) CVE-2017-7525 CVE-2017-15707 04 Dec 2017 9.8 (v3) Critical Pass Apache Tomcat 7.0.79 < 7.0.83 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 5.3 (v3) Medium Pass Apache Tomcat 8.5.16 < 8.5.24 Insecure CGI Servlet Search Algorithm Description Weakness CVE-2017-15706 09 Feb 2018 3.7 (v3) Low Pass Apache Tomcat 8.5.x < 8.5.28 Security Constraint Weakness CVE-2018-1304 CVE-2018-1305 23 Feb 2018 3.7 (v3) Low Pass Cisco IOS XE Software Shell Access Authentication Bypass (cisco-sa-20180926-shell-access) CVE-2018-15371 05 Apr 2019 6.7 (v3) Medium Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (Jul 2019 CPU) CVE-2015-9251 CVE-2017-3164 CVE-2018-17197 CVE-2019-0192 19 Jul 2019 9.8 (v3) Critical Pass Oracle E-Business Suite Multiple Vulnerabilities (Jul 2019 CPU) CVE-2019-2666 CVE-2019-2668 CVE-2019-2672 CVE-2019-2761 CVE-2019-2773 CVE-2019-2775 CVE-2019-2782 CVE-2019-2783 CVE-2019-2809 CVE-2019-2825 CVE-2019-2828 CVE-2019-2829 CVE-2019-283719 Jul 2019 9.6 (v3) Critical Pass Ansible Tower 3.x < 3.3.3 Unauthorized Access vulnerability CVE-2018-16879 05 Aug 2019 9.8 (v3) Critical Pass Ansible Tower 3.3.x < 3.3.6 / 3.4.x < 3.4.4 / 3.5.x < 3.5.1 CRLF Vulnerability CVE-2019-9740 05 Aug 2019 6.1 (v3) Medium Pass PHP 7.2.x < 7.2.21 Multiple Vulnerabilities. CVE-2019-11041 CVE-2019-11042 12 Aug 2019 7.1 (v3) High Pass PHP 7.3.x < 7.3.8 Multiple Vulnerabilities. CVE-2019-11041 CVE-2019-11042 12 Aug 2019 7.1 (v3) High Pass Atlassian JIRA 7.6.5 / 7.7.x < 7.7.4 / 7.8.x < 7.8.4 / 7.9.x < 7.9.2 Multiple Vulnerabilities (SB18-141) CVE-2018-5230 CVE-2018-5231 25 May 2018 6.1 (v3) Medium Pass Apache Struts 2.3.x < 2.3.33 Denial of Service (S2-049) CVE-2017-9787 05 Nov 2018 7.5 (v3) High Pass Apache Struts <= 2.3.36 FileUpload Deserialization Vulnerability CVE-2016-1000031 05 Nov 2018 9.8 (v3) Critical Pass Juniper Junos OS Multiple Vulnerabilities (JSA11207) CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 14 Jul 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11195) 14 Jul 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11193) 14 Jul 2021 7.5 (v3) High Pass Apache Log4Shell RCE detection via callback correlation (Direct Check PPTP) CVE-2021-44228 04 Jan 2022 10 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11191) 14 Jul 2021 7.4 (v3) High Pass Juniper Junos OS Vulnerability (JSA11181) 14 Jul 2021 6.2 (v3) Medium Pass nginx 1.9.5 < 1.16.1 / 1.17.x < 1.17.3 Multiple Vulnerabilities CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 16 Aug 2019 7.5 (v3) High Pass IBM WebSphere Application Server 7.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.14 / 8.5.x < 8.5.5.21 / 9.0.x < 9.0.5.9 Privilege EscalationCVE-2021-29736 03 Aug 2021 8.8 (v3) High Pass Apache 2.4.x < 2.4.34 Multiple Vulnerabilities CVE-2018-1333 CVE-2018-8011 16 Aug 2018 7.5 (v3) High Pass MSSQL Host Information in NTLM SSP 30 Mar 2018 None Pass Pulse Connect Secure Detection 18 May 2018 None Pass VMware vCenter Server 6.7 Sensitive Information Disclosure Vulnerability (VMSA-2020-0006) CVE-2020-3952 13 Apr 2020 9.8 (v3) Critical Pass Unsupported PAN-OS Operating System 21 Jan 2015 10 (v3) Critical Pass IBM DB2 Login Possible 24 Jun 2016 None Pass Oracle DB Login Possible 24 Jun 2016 None Pass Oracle Default Accounts 19 Jul 2006 9.8 (v3) Critical Pass Advantech WebAccess/SCADA Network Service Detection 10 Sep 2018 None Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.19 / 9.0.x < 9.0.5.6 Information DisclosurCVE-2020-4576 e (CVE-2020-4576) 16 Oct 2020 7.5 (v3) High Pass Cisco IOS XE Software ROM Monitor for Industrial Switches Command Injection (cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw)CVE-2021-1452 12 Apr 2021 6.8 (v3) Medium Pass ManageEngine Log360 Detection 24 Sep 2021 None Pass ManageEngine Log360 < Build 5229 REST API Restriction Bypass RCE CVE-2021-40539 24 Sep 2021 9.8 (v3) Critical 84

Pass Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service (cisco-sa-ewlc-capwap-dos-gmNjdKOY)CVE-2021-1565 CVE-2021-34768 CVE-2021-34769 22 Sep 2021 8.6 (v3) High Pass Apache 2.4.x < 2.4.41 Multiple Vulnerabilities CVE-2019-9517 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 20 Aug 2019 9.1 (v3) Critical Pass Joomla! 1.6.x < 3.9.11 Joomla 3.9.11 Release (5775-joomla-3-9-11) CVE-2019-15028 22 Aug 2019 5.3 (v3) Medium Pass Flexera FlexNet Publisher < 11.16.2 Multiple Vulnerabilities CVE-2018-20031 CVE-2018-20032 CVE-2018-20033 CVE-2018-20034 26 Aug 2019 9.8 (v3) Critical Pass Cisco TelePresence VCS / Expressway Series < 12.5 REST API Server-Side Request Forgery Vulnerability CVE-2019-1679 27 Aug 2019 5 (v3) Medium Pass Citrix SD-WAN Center Unauthenticated Remote Command Injection CVE-2019-12985 29 Aug 2019 9.8 (v3) Critical Pass Cisco TelePresence Video Communication Server RCE (cisco-sa-ewrce-QPynNCjh) CVE-2021-34716 15 Sep 2021 7.2 (v3) High Pass Apple iTunes < 12.12.3 Multiple Vulnerabilities (uncredentialed check) CVE-2022-22611 CVE-2022-22612 CVE-2022-22629 CVE-2022-22662 15 Mar 2022 9.8 (v3) Critical Pass OpenSSL 1.1.1 < 1.1.1n Vulnerability CVE-2022-0778 16 Mar 2022 7.5 (v3) High Pass Jenkins plugins Multiple Vulnerabilities (2022-03-15) CVE-2022-27195 CVE-2022-27196 CVE-2022-27197 CVE-2022-27198 CVE-2022-27199 CVE-2022-27200 CVE-2022-27201 CVE-2022-27202 CVE-2022-27203 CVE-2022-27204 CVE-2022-27205 CVE-2022-27206 CVE-2022-27207 CVE-2022-27208 CVE-2022-27209 CVE-2022-27210 CVE-2022-27211 CVE-2022-27212 CVE-2022-27213 CVE-2022-27214 CVE-2022-27215 CVE-2022-27216 CVE-2022-27217 CVE-2022-2721816 Mar 2022 8.8 (v3) High Pass Apple iTunes U < 3.8.3 A Vulnerability (uncredentialed check) CVE-2021-30862 16 Mar 2022 6.1 (v3) Medium Pass Apache Tomcat 9.0.0.M1 < 9.0.48 vulnerability CVE-2021-33037 03 Aug 2021 5.3 (v3) Medium Pass Apache Tomcat 8.5.0 < 8.5.68 vulnerability CVE-2021-33037 03 Aug 2021 5.3 (v3) Medium Pass Pulse Connect Secure < 9.1R12 (SA44858) CVE-2021-22933 CVE-2021-22934 CVE-2021-22935 CVE-2021-22936 CVE-2021-22937 CVE-2021-22938 05 Aug 2021 7.2 (v3) High Pass Apache HTTP Server 2.4.49 Path Traversal (CVE-2021-41773) CVE-2021-41773 05 Oct 2021 7.5 (v3) High Pass Linux BPFDoor Detection (Direct Check) 01 Jun 2022 10 (v3) Critical Pass Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU) CVE-2016-2179 CVE-2017-10068 CVE-2018-2715 27 Dec 2018 8.2 (v3) High Pass Atlassian JIRA < 7.6.7 / 7.7.x < 7.10.1 Cross-Site Scripting CVE-2018-5232 05 Mar 2019 6.1 (v3) Medium Pass Atlassian JIRA < 7.2.12 / 7.3.x < 7.6.1 Cross-Site Scripting CVE-2017-14594 05 Mar 2019 6.1 (v3) Medium Pass GitLab 7.12.x < 13.8.8 / 13.9.x < 13.9.6 / 13.10.x < 13.10.3 RCE CVE-2021-22205 03 Nov 2021 10 (v3) Critical Pass Atlassian JIRA Open Redirect Vulnerabilities CVE-2019-11585 CVE-2019-11589 28 Aug 2019 6.1 (v3) Medium Pass Apache Struts 2.x < 2.3.14.3 Remote Code Execution Vulnerability (S2-012) CVE-2013-1965 13 Sep 2019 9.8 (v3) Critical Pass Apache Struts 2.0.x < 2.0.12 / 2.1.x < 2.1.6 Directory Traversal Vulnerability (S2-004) 13 Sep 2019 5.3 (v3) Medium Pass Apache Struts 2.3.x Showcase App Struts 1 Plugin ActionMessage Class Error Message Input Handling RCE (S2-048)CVE-2017-9791 11 Jul 2017 9.8 (v3) Critical Pass Juniper JSA10928 CVE-2019-0039 21 May 2019 8.1 (v3) High Pass Cisco IOS Software PROFINET denial of service (cisco-sa-20170927-proﬁnet) CVE-2017-12235 05 Oct 2017 7.5 (v3) High Pass Multiple Adobe Products XML External Entity (XXE) Injection (APSB10-05) CVE-2009-3960 01 Mar 2010 4.3 (v2) Medium Pass VMware vCenter Multiple Vulnerabilities (VMSA-2012-0013) CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0504 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1720 CVE-2012-1723 CVE-2012-172505 Jun 2013 10 (v2) Critical Pass NETGEAR Multiple Model cgi-bin RCE CVE-2016-6277 14 Dec 2016 8.8 (v3) High Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0005) (BEAST) (remote check) CVE-2010-0405 CVE-2011-3190 CVE-2011-3375 CVE-2011-3389 CVE-2011-3516 CVE-2011-3521 CVE-2011-3544 CVE-2011-3545 CVE-2011-3546 CVE-2011-3547 CVE-2011-3548 CVE-2011-3549 CVE-2011-3550 CVE-2011-3551 CVE-2011-3552 CVE-2011-3553 CVE-2011-3554 CVE-2011-3555 CVE-2011-3556 CVE-2011-3557 CVE-2011-3558 CVE-2011-3560 CVE-2011-3561 CVE-2012-0022 CVE-2012-1508 CVE-2012-1510 CVE-2012-151203 Mar 2016 10 (v2) Critical Pass Adobe ColdFusion Authentication Bypass (APSB13-03) CVE-2013-0632 19 Feb 2013 10 (v2) Critical Pass OpenSSL 3.0.0 < 3.0.1 Vulnerability CVE-2021-4044 CVE-2021-4160 15 Dec 2021 5.9 (v3) Medium Pass AXIS Web Interface Detection 12 Dec 2017 None Pass Intel Management Engine Active Management Technology (AMT) Remote Access Enabled 12 Jan 2018 None Pass Microsoft SQL Server Login Possible 24 Jun 2016 None Pass Atlassian Jira 7.13.x < 7.13.3, 8.x < 8.1.1 Cross-Site Scripting Vulnerability CVE-2019-3402 25 Oct 2019 6.1 (v3) Medium Pass Oracle Business Intelligence Publisher Information Disclosure (Oct 2016 CPU) CVE-2016-3473 25 Oct 2019 7.7 (v3) High Pass LusyPOS Malware Detection 12 Jan 2014 None Pass Cisco Uniﬁed Communications Manager Security Bypass Vulnerability (cisco-sa-20191002-ucm-secbypass)CVE-2019-15272 30 Oct 2019 6.5 (v3) Medium Pass ALCASAR Detection 20 Jan 2015 None Pass OpenMediaVault Web Detection 18 Dec 2013 None Pass Apache Solr Detection 07 Jan 2014 None Pass HP Intelligent Management Center Web Administration Interface Detection 10 Dec 2013 None Pass Atlassian Jira Server and Data Center Template Injection Vulnerability (JRASERVER-69933) CVE-2019-15001 06 Nov 2019 7.2 (v3) High Pass McAfee Cloud Single Sign On User Interface Detection 25 Mar 2014 None Pass VMware vCenter Data Collection 27 Nov 2012 None Pass Palo Alto Networks PAN-OS Compliance Checks 19 Feb 2013 None Pass PHP < 5.3.12 / 5.4.2 CGI Query String Code Execution CVE-2012-1823 04 May 2012 7.5 (v2) High Pass MacOS Malicious File Detection 26 Jun 2019 10 (v3) Critical Pass Oracle Database Multiple Vulnerabilities (October 2014 CPU) CVE-2014-0050 CVE-2014-2478 CVE-2014-4289 CVE-2014-4290 CVE-2014-4291 CVE-2014-4292 CVE-2014-4293 CVE-2014-4294 CVE-2014-4295 CVE-2014-4296 CVE-2014-4297 CVE-2014-4298 CVE-2014-4299 CVE-2014-4300 CVE-2014-4301 CVE-2014-4310 CVE-2014-6452 CVE-2014-6453 CVE-2014-6454 CVE-2014-6455 CVE-2014-6467 CVE-2014-6477 CVE-2014-6483 CVE-2014-6537 CVE-2014-6538 CVE-2014-6542 CVE-2014-6543 CVE-2014-6544 CVE-2014-6545 CVE-2014-6546 CVE-2014-6547 CVE-2014-6560 CVE-2014-656317 Oct 2014 9 (v2) High Pass Oracle E-Business Suite Multiple Vulnerabilities (Jan 2021 CPU) CVE-2021-2015 CVE-2021-2017 CVE-2021-2023 CVE-2021-2026 CVE-2021-2027 CVE-2021-2029 CVE-2021-2034 CVE-2021-2059 CVE-2021-2077 CVE-2021-2082 CVE-2021-2083 CVE-2021-2084 CVE-2021-2085 CVE-2021-2089 CVE-2021-2090 CVE-2021-2091 CVE-2021-2092 CVE-2021-2093 CVE-2021-2094 CVE-2021-2096 CVE-2021-2097 CVE-2021-2098 CVE-2021-2099 CVE-2021-2100 CVE-2021-2101 CVE-2021-2105 CVE-2021-2106 CVE-2021-2107 CVE-2021-2114 CVE-2021-2115 CVE-2021-211820 Jan 2021 9.8 (v3) Critical Pass IBM Spectrum Protect Plus Web UI Detection 21 Apr 2020 None Pass Selligent Message Studio Detection 20 Oct 2020 None Pass Microsoft Exchange Server Authentication Bypass CVE-2021-26855 08 Mar 2021 9.8 (v3) Critical Pass Cisco IOS OSPF LSA Manipulation (cisco-sa-20170727-ospf) CVE-2017-6770 27 Nov 2019 4.2 (v3) Medium Pass SonicWall Secure Mobile Access Arbitrary File Delete (SNWLID-2021-0021) CVE-2021-20034 01 Oct 2021 9.1 (v3) Critical Pass Apache Solr Log4Shell Direct Check (CVE-2021-44228) CVE-2021-44228 05 Jan 2022 10 (v3) Critical Pass Tenable Nessus 10.x < 10.1.0 / 8.x < 8.15.3 Third-Party Vulnerability (TNS-2022-04) CVE-2021-23358 03 Feb 2022 7.2 (v3) High Pass Samba 4.13.x < 4.13.17 / 4.14.x < 4.14.12 / 4.15.x < 4.15.5 Multiple Vulnerabilities CVE-2021-44141 CVE-2021-44142 CVE-2022-0336 03 Feb 2022 8.8 (v3) High Pass IBM WebSphere Application Server Liberty 21.0.0.10 <= 21.0.0.12 Information Disclosure (6541530) CVE-2022-22310 10 Feb 2022 6.5 (v3) Medium Pass Cisco Uniﬁed Communications Manager SQL Injection Vulnerability CVE-2019-15972 06 Dec 2019 8.8 (v3) High Pass Palo Alto Networks PAN-OS for Panorama < 9.0.15 / 9.1.12-h3 / 10.0.8-h8 Multiple RCE (Log4Shell) CVE-2021-44228 CVE-2021-45046 10 Feb 2022 10 (v3) Critical Pass Atlassian JIRA < 7.8.1 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-67106) CVE-2017-18100 06 Jan 2020 6.1 (v3) Medium Pass PHP 7.2.x < 7.2.28 / PHP 7.3.x < 7.3.15 / 7.4.x < 7.4.3 Multiple Vulnerabilities CVE-2020-7061 CVE-2020-7062 CVE-2020-7063 28 Feb 2020 9.1 (v3) Critical Pass Cisco Email Security Appliance URL Filtering Bypass (cisco-sa-esa-url-bypass-sGcfsDrp) CVE-2021-1534 08 Oct 2021 5.3 (v3) Medium Pass AXIS OS 5.51 < 5.51.7.5 / 6.0 < 6.50.5.5 / 7.0 < 8.40.4.3 / 9.0 < 9.80.3.5 / 10.0 < 10.8 Multiple VulnerabilitiesCVE-2021-31986 CVE-2021-31987 CVE-2021-31988 08 Oct 2021 8.8 (v3) High Pass Apache 2.4.49 < 2.4.51 Path Traversal Vulnerability CVE-2021-42013 08 Oct 2021 9.8 (v3) Critical Pass Cisco Uniﬁed Communications Manager XML External Expansion Vulnerability (cisco-sa-20191002-cucm-xxe)CVE-2019-12711 22 Apr 2020 6.5 (v3) Medium Pass SonicWall Secure Mobile Access Multiple Vulnerabilities (SNWLID-2021-0026) CVE-2021-20038 CVE-2021-20039 CVE-2021-20040 CVE-2021-20041 CVE-2021-20042 CVE-2021-20043 CVE-2021-20044 CVE-2021-2004509 Dec 2021 9.8 (v3) Critical Pass Security Updates for Exchange (November 2021) (Remote) CVE-2021-41349 CVE-2021-42305 CVE-2021-42321 09 Dec 2021 8.8 (v3) High Pass ThinkPHP Detection 10 Dec 2021 None Pass Juniper Junos OS Evolved DoS (JSA69505) CVE-2022-22194 25 Apr 2022 7.5 (v3) High Pass SolarWinds Orion Platform 2020.2.0 < 2020.2.4 CVE-2021-27258 17 Mar 2022 9.8 (v3) Critical Pass Oracle E-Business Version and Patch Info 27 Sep 2013 None Pass UltraVNC Java Viewer Detection 09 Jan 2014 None Pass Citrix EdgeSight Load Tester (ESLT) version detection 22 Aug 2011 None Pass Unsupported Web Server Detection 21 Oct 2008 10 (v3) Critical Pass PHP 7.3.x < 7.3.33 CVE-2021-21707 18 Nov 2021 5.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2015 CPU) CVE-2014-6514 CVE-2014-6541 CVE-2014-6567 CVE-2014-6577 CVE-2014-6578 CVE-2015-0370 CVE-2015-0371 CVE-2015-0373 22 Jan 2015 9 (v2) High Pass Apache Tomcat 7.0.x < 7.0.59 Security Manager Bypass CVE-2014-7810 21 May 2015 7.3 (v3) High Pass Apache Tomcat 8.0.x < 8.0.17 Security Manager Bypass CVE-2014-7810 21 May 2015 7.3 (v3) High Pass Jenkins Git Plugin < 4.8.3 XSS CVE-2021-21684 19 Nov 2021 6.1 (v3) Medium Pass Nutanix Data Collection 25 Apr 2022 None Pass Oracle Database Multiple Vulnerabilities (April 2016 CPU) CVE-2016-0677 CVE-2016-0681 CVE-2016-0690 CVE-2016-0691 CVE-2016-3454 27 Apr 2016 9 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11238) CVE-2021-31373 02 Jun 2022 5.4 (v3) Medium Pass PHP 7.4.x < 7.4.18 / 8.x < 8.0.5 Integer Overﬂow 07 May 2021 8.3 (v3) High Pass Atlassian Conﬂuence < 7.11.0 SSRF (CONFSERVER-61453) CVE-2020-29445 12 May 2021 4.3 (v3) Medium Pass Cisco Uniﬁed Communications Manager XSS (cisco-sa-cucm-xss-Q4PZcNzJ) CVE-2021-1380 CVE-2021-1407 CVE-2021-1408 CVE-2021-1409 13 May 2021 6.1 (v3) Medium Pass nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE CVE-2021-23017 03 Jun 2021 9.4 (v3) Critical Pass Apache 2.4.x < 2.4.48 Vulnerability CVE-2021-31618 04 Jun 2021 7.5 (v3) High Pass Apache Tomcat 10.0.0.M1 < 10.0.0.M8 vulnerability CVE-2020-13943 21 Jun 2021 4.3 (v3) Medium Pass Dragonﬂy CMS install.php newlang Parameter Local File Inclusion CVE-2006-0644 10 Feb 2006 7.5 (v2) High Pass ICMP Domain Name Request 12 Feb 2006 None Pass CommuniGate Pro Server < 5.0.8 LDAP Module Field Handling Remote DoS CVE-2006-0566 13 Feb 2006 5 (v2) Medium Pass PmWiki < 2.1 beta 21 Multiple Vulnerabilities CVE-2006-0479 13 Feb 2006 4.3 (v2) Medium Pass LinPHA <= 1.0 Multiple Vulnerabilities CVE-2006-0713 13 Feb 2006 5 (v2) Medium Pass HP Systems Insight Manager Namazu lang Parameter Traversal Arbitrary File Access CVE-2006-0656 13 Feb 2006 5 (v2) Medium Pass IBM Tivoli Directory Server LDAP Packet Handling DoS CVE-2006-0717 14 Feb 2006 5 (v2) Medium Pass dotProject Multiple Scripts Remote File Inclusion CVE-2006-0754 CVE-2006-0755 CVE-2006-4234 15 Feb 2006 7.5 (v2) High Pass Flyspray install-0.9.7.php adodbpath Parameter Remote File Inclusion CVE-2006-0714 16 Feb 2006 5 (v2) Medium Pass MyBB < 1.04 misc.php SQLi CVE-2006-0959 16 Feb 2006 7.5 (v2) High Pass PostNuke < 0.762 Multiple Vulnerabilities CVE-2006-0800 CVE-2006-0801 CVE-2006-0802 22 Feb 2006 5.1 (v2) Medium Pass SquirrelMail < 1.4.6 Multiple Vulnerabilities CVE-2006-0188 CVE-2006-0195 CVE-2006-0377 22 Feb 2006 5 (v2) Medium Pass Noah's Classiﬁeds <= 1.3 Multiple Vulnerabilities CVE-2006-0879 CVE-2006-0880 CVE-2006-0881 CVE-2006-0882 23 Feb 2006 7.5 (v2) High Pass Plume CMS < 1.0.3 Remote File Inclusion CVE-2006-0725 23 Feb 2006 7.5 (v2) High Pass NOCC <= 1.0 Multiple Vulnerabilities CVE-2006-0891 CVE-2006-0892 CVE-2006-0893 CVE-2006-0894 CVE-2006-0895 25 Feb 2006 7.5 (v2) High Pass phpRPC Library rpc_decoder.php decode() Function Arbitrary Code Execution CVE-2006-1032 28 Feb 2006 8.8 (v3) High Pass HP System Management Homepage (SMH) on Windows Namazu lang Parameter Traversal Arbitrary File AccessCVE-2006-1023 01 Mar 2006 5 (v2) Medium Pass imageVue < 16.2 admin/upload.php Unrestricted File Upload CVE-2006-0702 03 Mar 2006 7.5 (v2) High Pass vBulletin Email Field XSS CVE-2006-1040 03 Mar 2006 4.3 (v2) Medium Pass Retrospect Client Detection 03 Mar 2006 None Pass Gallery < 2.0.3 IP Spooﬁng CVE-2006-1126 CVE-2006-1127 CVE-2006-1128 06 Mar 2006 6.4 (v2) Medium 85

Pass Cisco Small Business 220 Series Smart Switch Detection 10 Jan 2022 None Pass Gallery Zipcart Module Arbitrary File Disclosure CVE-2005-4023 06 Mar 2006 5 (v2) Medium Pass Gallery Install Log Local Information Disclosure CVE-2005-4021 06 Mar 2006 5 (v2) Medium Pass 4Images <= 1.7.1 index.php template Parameter Traversal Local File Inclusion CVE-2006-0899 06 Mar 2006 7.5 (v2) High Pass Loudblog < 0.42 template Parameter Traversal CVE-2006-1114 08 Mar 2006 6.4 (v2) Medium Pass Owl Intranet Engine lib/OWL_API.php xrms_ﬁle_root Parameter Remote File Inclusion CVE-2006-1149 08 Mar 2006 7.5 (v2) High Pass Geeklog lib-sessions.php Session Cookie Handling Authentication Bypass CVE-2006-1069 09 Mar 2006 7.5 (v2) High Pass SquirrelMail strings.php base_uri Parameter Information Disclosure CVE-2006-3665 09 Mar 2006 4.3 (v2) Medium Pass Easy File Sharing Web Server Multiple Remote Vulnerabilities (FS, XSS, Upload) CVE-2006-1159 CVE-2006-1160 CVE-2006-1161 10 Mar 2006 7.8 (v2) High Pass Gallery stepOrder Parameter Local File Inclusion CVE-2006-1219 10 Mar 2006 5 (v2) Medium Pass Pixelpost < 1.5 RC1 showimage Parameter SQL Injection CVE-2006-1104 13 Mar 2006 7.5 (v2) High Pass Kerio MailServer IMAP Server Crafted LOGIN Command DoS CVE-2006-1158 13 Mar 2006 7.8 (v2) High Pass Ipswitch IMail Server/Collaboration Suite IMAP FETCH Command Overﬂow CVE-2005-3526 13 Mar 2006 6.5 (v2) Medium Pass OTRS WebUI Detection 11 Dec 2017 None Pass Oracle Primavera Gateway Detection 21 Jul 2017 None Pass Advantech WebAccess < 8.2_20170817 Multiple Vulnerabilities CVE-2017-12698 CVE-2017-12702 CVE-2017-12704 CVE-2017-12706 CVE-2017-12708 CVE-2017-12710 CVE-2017-12711 CVE-2017-12713 CVE-2017-1271708 Sep 2017 9.8 (v3) Critical Pass MyBB search.php 'forums' Parameter SQLi CVE-2006-1065 13 Mar 2006 5 (v2) Medium Pass Kaa IoT Administration Server Detection 04 May 2017 None Pass Cisco Prime Infrastructure Detection 19 Apr 2016 None Pass VMware vRealize Automation Web UI Detection 27 Apr 2016 None Pass JBoss Operations Network Server Detection 06 Jun 2016 None Pass Emerson SM-Ethernet Web Interface Detection 01 Dec 2015 None Pass MyBB 'comma' Cookie SQLi CVE-2006-0959 13 Mar 2006 7.5 (v2) High Pass Cisco Identity Services Engine WebUI Detection 30 Dec 2014 None Pass IBM Rational Focal Point Login Detection 06 Mar 2014 None Pass Admbook content-data.php X-Forwarded-For Header Arbitrary PHP Code Injection CVE-2006-0852 15 Mar 2006 8.8 (v3) High Pass NAS4Free Web UI Detection 14 Apr 2014 None Pass IBM Storwize Web Management Interface Detection 03 Jul 2014 None Pass Bitdefender GravityZone User Interface Detection 25 Jul 2014 None Pass TimThumb Detection 28 Jul 2014 None Pass IBM Jazz Team Server Detection 06 Oct 2014 None Pass Barracuda Web Filter Detection 07 Oct 2014 None Pass Cisco TelePresence Conductor WebUI Detection 26 Nov 2014 None Pass MongoDB Detection 10 Apr 2013 None Pass Trend Micro Message Routing Framework Detection 14 Mar 2011 None Pass ManageEngine SharePoint Manager Plus Detection 05 May 2022 None Pass Horde go.php url Parameter Arbitrary File Access CVE-2006-1260 15 Mar 2006 5 (v2) Medium Pass PHP iCalendar Cookie Data Traversal Local File Inclusion CVE-2006-1292 16 Mar 2006 5.1 (v2) Medium Pass 3S CODESYS CmpWebServerHandlerV3 Heap-based Buﬀer Overﬂow CVE-2019-18858 04 Dec 2019 9.8 (v3) Critical Pass OpenSMTPD Critical LPE / RCE (CVE-2020-7247) CVE-2020-7247 14 Feb 2020 9.8 (v3) Critical Pass Cisco Uniﬁed Communications Manager Information Disclosure (cisco-sa-cucm-inf-disc-wCxZNjL2) CVE-2021-1406 16 Apr 2021 4.9 (v3) Medium Pass Juniper Junos OS DoS (JSA11212) CVE-2021-0298 26 Apr 2022 4.7 (v3) Medium Pass QNAP QTS / QuTS Hero Default Credentials 26 Apr 2022 9.8 (v3) Critical Pass PHP iCalendar publish.ical.php Arbitrary File Upload CVE-2006-1291 17 Mar 2006 8.8 (v3) High Pass MailEnable POP3 Server Authentication Vulnerabilities CVE-2006-1337 22 Mar 2006 7.5 (v2) High Pass MailEnable POP3 Server APOP Command Remote Buﬀer Overﬂow CVE-2006-1792 23 Mar 2006 10 (v2) Critical Pass Joomla! Detection 24 Mar 2006 None Pass Joomla! < 1.0.8 Information Disclosure CVE-2006-1027 24 Mar 2006 5.3 (v3) Medium Pass PostNuke PNphpBB2 includes/functions_admin.php phpbb_root_path Parameter Remote File Inclusion CVE-2006-4968 27 Mar 2006 6.8 (v2) Medium Pass Free Articles Directory index.php page Parameter Remote File Inclusion CVE-2006-1350 27 Mar 2006 7.5 (v2) High Pass phpBannerExchange Template Class Local File Inclusion CVE-2006-1201 27 Mar 2006 5 (v2) Medium Pass Pubcookie Login Server index.cgi XSS CVE-2006-1392 28 Mar 2006 4.3 (v2) Medium Pass PHP Live Helper Multiple Remote File Inclusions CVE-2006-1477 CVE-2006-4051 28 Mar 2006 7.5 (v2) High Pass Horde Help Viewer Arbitrary Code Execution CVE-2006-1491 29 Mar 2006 7.5 (v2) High Pass gCards < 1.46 Multiple Vulnerabilities CVE-2006-1346 CVE-2006-1347 CVE-2006-1348 03 Apr 2006 7.5 (v2) High Pass BASE base_maintenance.php Authentication Bypass CVE-2006-1505 03 Apr 2006 5 (v2) Medium Pass AngelineCMS loadkernel.php installPath Parameter Remote File Inclusion CVE-2006-1653 05 Apr 2006 7.5 (v2) High Pass CubeCart FCKeditor connector.php Arbitrary File Upload CVE-2006-0922 05 Apr 2006 7.5 (v2) High Pass PHProjekt authform.inc.php path_pre Parameter Remote File Inclusion CVE-2004-2740 07 Apr 2006 6.8 (v2) Medium Pass Skype < 1.4.0.84 Multiple Vulnerabilities (uncredentialed check) CVE-2005-3265 CVE-2005-3267 11 Apr 2006 10 (v2) Critical Pass Dokeos < 1.6.4 / 2.0.3 Multiple Scripts Remote File Inclusion CVE-2006-2286 12 Apr 2006 6.8 (v2) Medium Pass Clever Copy connect.inc Direct Request Information Disclosure CVE-2006-1718 12 Apr 2006 5 (v2) Medium Pass Plone Unprotected MembershipTool Methods Arbitrary Portrait Manipulation CVE-2006-1711 14 Apr 2006 5 (v2) Medium Pass Adobe Document Server for Reader Extensions < 6.1 Multiple Vulnerabilities CVE-2006-1627 CVE-2006-1785 CVE-2006-1786 CVE-2006-1787 CVE-2006-1788 14 Apr 2006 7.5 (v2) High Pass phpList index.php database_module Parameter Local File Inclusion CVE-2006-1746 14 Apr 2006 5 (v2) Medium Pass Simplog <= 0.9.2 Multiple Vulnerabilities CVE-2006-1776 CVE-2006-1777 CVE-2006-1778 CVE-2006-1779 14 Apr 2006 7.5 (v2) High Pass PAJAX < 0.5.2 Multiple Vulnerabilities CVE-2006-1551 CVE-2006-1789 16 Apr 2006 7.5 (v2) High Pass phpWebSite index.php hub_dir Parameter Local File Inclusion CVE-2006-1819 16 Apr 2006 7.5 (v2) High Pass Sphider conﬁgset.php settings_dir Parameter Remote File Inclusion CVE-2006-1784 16 Apr 2006 5.1 (v2) Medium Pass phpAlbum language.php data_dir Parameter Remote File Inclusion CVE-2006-1839 17 Apr 2006 7.5 (v2) High Pass Sysinfo name Parameter Arbitrary Code Execution CVE-2006-1831 17 Apr 2006 7.5 (v2) High Pass phpWebFTP index.php language Parameter Local File Inclusion CVE-2006-1813 17 Apr 2006 6.4 (v2) Medium Pass MyBB global.php 'KILL_GLOBAL' Overwrite SQL Injection CVE-2006-1912 17 Apr 2006 5.8 (v2) Medium Pass ActualAnalyzer direct.php rf Parameter Remote File Inclusion CVE-2006-1959 19 Apr 2006 7.5 (v2) High Pass GDB Server Detection 19 Apr 2006 7.5 (v2) High Pass OpenSSL 1.0.2 < 1.0.2zc-dev Vulnerability CVE-2021-4160 29 Jan 2022 5.9 (v3) Medium Pass phpBB Advanced GuestBook addentry.php phpbb_root_path Parameter Remote File Inclusion CVE-2006-2152 03 May 2006 7.5 (v2) High Pass Asterisk Recording Interface (ARI) includes/main.conf Remote Credential Disclosure CVE-2006-2020 03 May 2006 7.8 (v2) High Pass Asterisk Recording Interface (ARI) misc/audio.php recording Parameter Traversal Arbitrary File Access CVE-2006-2021 03 May 2006 5 (v2) Medium Pass Help Center Live osTicket Module Multiple Unspeciﬁed SQL Injections CVE-2006-2039 03 May 2006 7.5 (v2) High Pass Invision Power Board 2.x.x < 04-25-06 Multiple Vulnerabilities CVE-2006-2059 CVE-2006-2060 CVE-2006-2061 03 May 2006 6.4 (v2) Medium Pass Monster Top List sources/functions.php root_path Parameter Remote File Inclusion CVE-2006-1781 03 May 2006 7.5 (v2) High Pass phpListPro Multiple Script returnpath Parameter Remote File Inclusions CVE-2006-1749 CVE-2006-2323 03 May 2006 7.5 (v2) High Pass sBLOG search.php keyword Parameter SQL Injection CVE-2006-2189 03 May 2006 10 (v2) Critical Pass phpBB Multiple Module phpbb_root_path Parameter Remote File Inclusion CVE-2006-2245 CVE-2006-5301 CVE-2006-5306 CVE-2006-5390 CVE-2006-5418 CVE-2006-7090 CVE-2006-7100 CVE-2006-7147 CVE-2007-5009 CVE-2007-510004 May 2006 6.8 (v2) Medium Pass AWStats migrate Parameter Arbitrary Command Execution CVE-2006-2237 08 May 2006 5.1 (v2) Medium Pass Aardvark Topsites CONFIG[path] Parameter Remote File Inclusion CVE-2006-2149 08 May 2006 6.4 (v2) Medium Pass Juniper Junos OS DoS (JSA11168) CVE-2021-0240 CVE-2021-0241 07 May 2021 6.5 (v3) Medium Pass Claroline ldap.inc.php clarolineRepositorySys Parameter Remote File Inclusion CVE-2006-2284 11 May 2006 6.8 (v2) Medium Pass Dell EMC iDRAC8 < 2.80.80.80 / Dell EMC iDRAC9 < 4.40.40.00 (DSA-2021-177) CVE-2021-36301 03 Jun 2022 7.2 (v3) High Pass Dell EMC iDRAC9 4.40.x < 4.40.29.00 (DSA-2021-177) CVE-2021-36299 03 Jun 2022 8.1 (v3) High Pass IdealBB < 1.5.4b Multiple Vulnerabilities (XSS, SQLi, Upload, Traversal) CVE-2006-2317 CVE-2006-2318 CVE-2006-2319 CVE-2006-2320 CVE-2006-2321 11 May 2006 7.5 (v2) High Pass Dell EMC iDRAC9 < 5.00.00.00 (DSA-2021-177) CVE-2021-36300 03 Jun 2022 8.2 (v3) High Pass Stadtaus Gaestebuch-Script index.php include_ﬁles Parameter Remote File Inclusion CVE-2006-2158 11 May 2006 6.4 (v2) Medium Pass Cisco NX-OS Software Unidirectional Link Detection DoS / Code Execution (cisco-sa-nxos-udld-rce-xetH6w35)CVE-2021-1368 19 May 2021 8.8 (v3) High Pass e107 e107_cookie Parameter SQL Injection CVE-2006-2416 15 May 2006 5.1 (v2) Medium Pass Cisco Web Security Appliance Stored XSS (cisco-sa-wsa-xss-RuB5WGqL) CVE-2021-1271 20 May 2021 4.8 (v3) Medium Pass Citrix ADC Authentication Bypass (CTX261055) CVE-2019-18225 25 May 2021 9.8 (v3) Critical Pass Juniper Junos OS DoS (JSA11132) CVE-2021-0237 26 May 2021 6.5 (v3) Medium Pass ACal embed/day.php path Parameter Remote File Inclusion CVE-2006-2261 15 May 2006 7.5 (v2) High Pass EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 P2 Insecure Credential Storage CVE-2021-29253 28 May 2021 5.5 (v3) Medium Pass Limbo weblinks.html.php catid Parameter SQL Injection CVE-2006-2363 15 May 2006 5.1 (v2) Medium Pass Dovecot Multiple Command Traversal Arbitrary Directory Listing CVE-2006-2414 15 May 2006 5 (v2) Medium Pass Squirrelcart cart_content.php cart_isp_root Parameter Remote File Inclusion CVE-2006-2483 17 May 2006 6.4 (v2) Medium Pass Skype URI Handling Arbitrary File Download (uncredentialed check) CVE-2006-2312 19 May 2006 2.6 (v2) Low Pass Nucleus CMS PLUGINADMIN.php DIR_LIBS Parameter Remote File Inclusion CVE-2006-2583 25 May 2006 5.1 (v2) Medium Pass BASE Multiple Script BASE_path Parameter Remote File Inclusion CVE-2006-2685 27 May 2006 4 (v2) Medium Pass e107 email.php Arbitrary Mail Relay CVE-2006-2591 31 May 2006 5 (v2) Medium Pass SquirrelMail plugin.php plugins Parameter Local File Inclusion CVE-2006-2842 03 Jun 2006 7.5 (v2) High Pass LifeType index.php articleId Parameter SQL Injection CVE-2006-2857 04 Jun 2006 7.5 (v2) High Pass MySQL Anonymous Login Handshake Remote Information Disclosure CVE-2006-1516 04 Jun 2006 5 (v2) Medium Pass Claroline Multiple Script includePath Parameter Remote File Inclusion CVE-2006-2868 05 Jun 2006 5.1 (v2) Medium 86

Pass Pixelpost index.php category Parameter SQL Injection CVE-2006-2889 06 Jun 2006 5.1 (v2) Medium Pass DokuWiki Spell Checker Embedded Link Arbitrary PHP Code Execution CVE-2006-2878 06 Jun 2006 7.5 (v2) High Pass OpenEMR C_FormEvaluation.class.php ﬁleroot Parameter Remote File Inclusion CVE-2006-2929 09 Jun 2006 6.8 (v2) Medium Pass Rendezvous Daemon Detection 10 Jun 2006 None Pass Calendarix Multiple Script id Parameter SQL Injection CVE-2006-3094 17 Jun 2006 5.1 (v2) Medium Pass Adobe Experience Manager < 6.5.9.0 Multiple Vulnerabilities (APSB21-39) CVE-2021-28625 CVE-2021-28626 CVE-2021-28627 CVE-2021-28628 10 Jun 2021 8.8 (v3) High Pass Wikka wikka.php Local File Inclusion CVE-2006-7049 17 Jun 2006 7.5 (v2) High Pass BlueDragon 6.2.1 Multiple Remote Vulnerabilities (XSS, DoS) CVE-2006-2310 CVE-2006-2311 23 Jun 2006 5 (v2) Medium Pass Cisco IOS XE Software SD WAN Console Privilege Escalation (cisco-sa-sdwan-esc-rSNVvTf9) CVE-2021-1371 08 Jul 2021 6.6 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11178) 14 Jul 2021 5.5 (v3) Medium Pass Juniper Junos OS DoS (JSA11054) CVE-2020-1660 14 Jul 2021 9.9 (v3) Critical Pass Juniper Junos OS Vulnerability (JSA11177) 14 Jul 2021 7.8 (v3) High Pass TeamCity Server < 2020.2.4 Multiple Vulnerabilities CVE-2020-7908 CVE-2020-7909 CVE-2020-7910 CVE-2020-7911 CVE-2020-11686 CVE-2020-11687 CVE-2020-11688 CVE-2020-11689 CVE-2020-11938 CVE-2020-15826 CVE-2021-3315 CVE-2021-26309 CVE-2021-26310 CVE-2021-31904 CVE-2021-31906 CVE-2021-31907 CVE-2021-31908 CVE-2021-31909 CVE-2021-31910 CVE-2021-31911 CVE-2021-31912 CVE-2021-31913 CVE-2021-31914 CVE-2021-3191516 Jul 2021 9.8 (v3) Critical Pass Scout Portal Toolkit SPT--ForumTopics.php forumid Parameter SQL Injection CVE-2006-3309 28 Jun 2006 7.5 (v2) High Pass Geeklog Multiple Script _CONF[path] Parameter Remote File Inclusion CVE-2006-6225 29 Jun 2006 5.1 (v2) Medium Pass FCKeditor on Apache connector.php Crafted File Extension Arbitrary File Upload CVE-2006-3362 29 Jun 2006 8.8 (v3) High Pass MySQL 5.7.x < 5.7.35 Multiple Vulnerabilities (Jul 2021 CPU) CVE-2019-17543 CVE-2021-2342 CVE-2021-2356 CVE-2021-2372 CVE-2021-2385 CVE-2021-2389 CVE-2021-2390 CVE-2021-22901 22 Jul 2021 8.1 (v3) High Pass SiteBuilder-FX top.php admindir Parameter Remote File Inclusion CVE-2006-3395 02 Jul 2006 5.1 (v2) Medium Pass CommuniGate Pro POP Service Empty Inbox Remote DoS CVE-2006-3477 04 Jul 2006 5 (v2) Medium Pass Horde < 3.0.11 / 3.1.2 Multiple Script XSS CVE-2006-3548 CVE-2006-3549 05 Jul 2006 4.3 (v2) Medium Pass LifeType index.php Date Parameter SQL Injection CVE-2006-3577 05 Jul 2006 7.5 (v2) High Pass Mambo phpBB Component download.php phpbb_root_path Parameter Remote File Inclusion CVE-2006-7208 11 Jul 2006 6.8 (v2) Medium Pass SimpleBoard / Joomlaboard 'sbp' Parameter Remote File Include CVE-2006-3528 CVE-2006-5043 11 Jul 2006 8.1 (v3) High Pass Apache Tomcat 8.5.0 < 8.5.57 Multiple Vulnerabilities CVE-2020-13934 CVE-2020-13935 17 Jul 2020 7.5 (v3) High Pass Juniper Junos OS DoS (JSA11274) CVE-2022-22166 14 Feb 2022 6.5 (v3) Medium Pass Mambo / Joomla! Component / Module 'mosConﬁg_absolute_path' Multiple Parameter Remote File Include VCVE-2006-3396 CVE-2006-3530 CVE-2006-3556 CVE-2006-3748 CVE-2006-3749 CVE-2006-3750 CVE-2006-3751 CVE-2006-3773 CVE-2006-3774 CVE-2006-3846 CVE-2006-3947 CVE-2006-3949 CVE-2006-3980 CVE-2006-3995 CVE-2006-4074 CVE-2006-4130 CVE-2006-4195 CVE-2006-4270 CVE-2006-4288 CVE-2006-4553 CVE-2006-4858 CVE-2006-5045 CVE-2006-5048 CVE-2006-5519 CVE-2006-6962 CVE-2007-1702 CVE-2007-2005 CVE-2007-2144 CVE-2007-2319 CVE-2007-3130 CVE-2007-5310 CVE-2007-5412 CVE-2007-5457 CVE-2008-0567 CVE-2008-5789 CVE-2008-5790 CVE-2008-5793 CVE-2008-6841 CVE-2010-2918ulnerabilities 15 Jul 2006 8.1 (v3) High Pass VHCS include/sql.php include_path Parameter Remote File Inclusion 19 Jul 2006 6.8 (v2) Medium Pass VHCS login.php check_login() Function Authentication Bypass CVE-2006-0685 19 Jul 2006 10 (v2) Critical Pass Invision Power Board classes/class_session.php CLIENT_IP HTTP Header SQL Injection CVE-2006-7071 24 Jul 2006 7.5 (v2) High Pass TWiki conﬁgure Script Arbitrary Command Execution CVE-2006-3819 31 Jul 2006 8.8 (v3) High Pass phpMyAdmin import_blacklist Variable Overwriting CVE-2005-4079 31 Jul 2006 5 (v2) Medium Pass eIQnetworks Enterprise Security Analyzer Syslog Server Detection 02 Aug 2006 None Pass eIQnetworks Enterprise Security Analyzer License Manager Detection 02 Aug 2006 None Pass nginx Data Disclosure Vulnerability CVE-2017-7529 16 Oct 2018 7.5 (v3) High Pass Jenkins < 2.89.2 / 2.95 Multiple Vulnerabilities CVE-2017-1000503 CVE-2017-1000504 01 Feb 2018 8.1 (v3) High Pass Jenkins < 1.642.2 / 1.650 and Jenkins Enterprise < 1.609.16.1 / 1.625.16.1 / 1.642.2.1 Multiple VulnerabilitiesCVE-2016-0788 CVE-2016-0789 CVE-2016-0790 CVE-2016-0791 CVE-2016-0792 14 Mar 2016 9.8 (v3) Critical Pass nginx < 1.6.1 / 1.7.4 SMTP STARTTLS Command Injection CVE-2014-3556 19 Aug 2014 6.5 (v3) Medium Pass Jenkins < 1.514 / 1.509.1 and Jenkins Enterprise 1.466.x / 1.480.x < 1.466.14.1 / 1.480.4.1 Multiple VulnerabilitiesCVE-2013-1808 CVE-2013-2033 CVE-2013-2034 14 Jun 2013 6.8 (v2) Medium Pass Ping the remote host 24 Jun 1999 None Pass nginx 1.0.7 - 1.0.14 / 1.1.3 - 1.1.18 ngx_http_mp4_module Buﬀer Overﬂow CVE-2012-2089 13 Apr 2012 5.6 (v3) Medium Pass Jenkins < 2.107 / < 2.89.4 (LTS) Server-Side Request Forgery (SSRF) Vulnerability CVE-2018-1000067 05 Jun 2019 5.3 (v3) Medium Pass Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities CVE-2019-10352 CVE-2019-10353 CVE-2019-10354 26 Jul 2019 7.5 (v3) High Pass Jenkins weekly < 2.280 Privilege Escalation CVE-2021-22112 09 Apr 2021 8.8 (v3) High Pass Jenkins LTS < 2.277.3 / Jenkins weekly < 2.286 CVE-2021-28165 23 Apr 2021 7.5 (v3) High Pass Barracuda Spam Firewall Default Credentials CVE-2006-4000 CVE-2006-4001 CVE-2006-4081 CVE-2006-4082 02 Aug 2006 7.5 (v2) High Pass eIQnetworks Enterprise Security Analyzer Topology Server Detection 03 Aug 2006 None Pass eIQnetworks Enterprise Security Analyzer Monitoring Agent Detection 10 Aug 2006 None Pass ManageEngine AssetExplorer < 6.1.0 Build 6113 Multiple XSS CVE-2015-2169 CVE-2015-5061 09 Nov 2015 3.1 (v3) Low Pass PostgreSQL Empty Password Handling Remote Authentication Bypass CVE-2017-7546 20 Oct 2017 9.8 (v3) Critical Pass TLS Padding Oracle Information Disclosure Vulnerability (TLS POODLE) CVE-2014-8730 15 Dec 2014 5.3 (v3) Medium Pass RealVNC Java Viewer Detection 09 Jan 2014 None Pass TigerVNC Java Viewer Detection 09 Jan 2014 None Pass ManageEngine AssetExplorer < 5.6.0 Build 5614 XML Asset Data XSS CVE-2012-5956 24 Jan 2013 3.1 (v3) Low Pass MS12-026: Vulnerabilities in Forefront Uniﬁed Access Gateway (UAG) Could Allow Information Disclosure (2663860) (uncrCVE-2012-0146 CVE-2012-0147edentialed check) 27 Apr 2012 4.3 (v2) Medium Pass MS12-036: Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939) (uncredentialed check)CVE-2012-0173 16 Jul 2012 9.3 (v2) High Pass RuggedCom RuggedOS Default 'factory' Account Backdoor CVE-2012-1803 12 Jun 2012 9.8 (v3) Critical Pass ManageEngine AssentExplorer < 6.8 Unauthenticated Stored XSS CVE-2021-20080 12 Apr 2021 6.1 (v3) Medium Pass WEBInsta CMS index.php templates_dir Parameter Remote File Inclusion CVE-2006-4196 14 Aug 2006 7.5 (v2) High Pass Informix Detection 16 Aug 2006 None Pass SquirrelMail compose.php session_expired_post Arbitrary Variable Overwriting CVE-2006-4019 17 Aug 2006 6.4 (v2) Medium Pass CubeCart < 3.0.12 Multiple Vulnerabilities (SQLi, XSS) CVE-2006-4267 CVE-2006-4268 17 Aug 2006 7.5 (v2) High Pass Owl Intranet Engine <= 0.91 Multiple Vulnerabilities CVE-2006-4211 CVE-2006-4212 17 Aug 2006 7.5 (v2) High Pass Zen Cart ipn_main_handler.php custom SQL Injection CVE-2006-4214 17 Aug 2006 7.5 (v2) High Pass IBM Cognos Analytics Web Interface Detection 20 Sep 2021 None Pass Zen Cart autoload_func.php autoLoadConﬁg Array Remote File Inclusion CVE-2006-4215 17 Aug 2006 5.1 (v2) Medium Pass Docebo GLOBALS Variable Overwrite Remote File Inclusion CVE-2006-2576 CVE-2006-2577 17 Aug 2006 5.1 (v2) Medium Pass MDaemon < 9.0.6 POP3 Server USER / APOP Command Remote Overﬂow CVE-2006-4364 23 Aug 2006 5 (v2) Medium Pass phpCOIN Multiple Script _CCFG Parameter Remote File Inclusion CVE-2006-4424 CVE-2006-4425 25 Aug 2006 5.1 (v2) Medium Pass PHP < 4.4.3 / 5.1.4 Multiple Vulnerabilities CVE-2006-0996 CVE-2006-1490 CVE-2006-1494 CVE-2006-1608 CVE-2006-1990 CVE-2006-1991 CVE-2006-2563 CVE-2006-2660 CVE-2006-3011 CVE-2006-3016 CVE-2006-3017 CVE-2006-3018 CVE-2006-443325 Aug 2006 9.3 (v2) High Pass Zend Session Clustering Daemon Detection 25 Aug 2006 None Pass PHProjekt <= 5.1 Multiple Remote File Inclusions CVE-2006-4204 29 Aug 2006 7.5 (v2) High Pass Feedsplitter <= 2006-01-21 Multiple Remote Vulnerabilities (XSS, Traversal, Disc) CVE-2006-4549 CVE-2006-4550 CVE-2006-4551 CVE-2006-4552 31 Aug 2006 7.5 (v2) High Pass CubeCart < 3.0.13 Multiple Remote Vulnerabilities (LFI, SQLi, XSS) CVE-2006-4525 CVE-2006-4526 CVE-2006-4527 31 Aug 2006 7.5 (v2) High Pass Joomla! < 1.0.11 administrator/index.php Input Weakness CVE-2006-4468 01 Sep 2006 5.6 (v3) Medium Pass Joomla! < 1.0.11 Unspeciﬁed Remote Code Execution CVE-2005-3390 CVE-2006-4469 01 Sep 2006 5.6 (v3) Medium Pass e107 ibrowser.php zend_has_del() Function Remote Code Execution CVE-2005-3390 CVE-2006-3017 02 Sep 2006 8.8 (v3) High Pass TikiWiki jhot.php Arbitrary File Upload CVE-2006-4602 04 Sep 2006 8.8 (v3) High Pass Mailman Utils.py Spoofed Log Entry Injection CVE-2006-4624 05 Sep 2006 2.6 (v2) Low Pass Cisco IOS XE Software TrustSec CLI Parser DoS (cisco-sa-trustsec-dos-7fuXDR2) CVE-2021-34699 19 Oct 2021 7.7 (v3) High Pass PmWiki < 2.1.21 Global Variables Overwriting CVE-2006-3017 06 Sep 2006 7.5 (v2) High Pass Cisco IOS Software TrustSec CLI Parser DoS (cisco-sa-trustsec-dos-7fuXDR2) CVE-2021-34699 19 Oct 2021 7.7 (v3) High Pass DokuWiki doku.php X-FORWARDED-FOR HTTP Header Arbitrary Code Injection CVE-2006-4674 08 Sep 2006 7.5 (v2) High Pass TWiki 'ﬁlename' Parameter Traversal Arbitrary File Access CVE-2006-4294 15 Sep 2006 5 (v2) Medium Pass RMI Remote Object Detection 15 Sep 2006 None Pass Moodle < 1.6.2 Multiple Vulnerabilities CVE-2006-4784 CVE-2006-4785 CVE-2006-4786 15 Sep 2006 7.5 (v2) High Pass Claroline claro_init_local.inc.php extAuthSource[newUser] Parameter Remote File Inclusion CVE-2006-4844 16 Sep 2006 5.1 (v2) Medium Pass QNAP QTS Multiple Vulnerabilities in File Station (QSA-20-01) CVE-2018-19943 CVE-2018-19949 CVE-2018-19953 26 May 2022 9.8 (v3) Critical Pass Dokeos claro_init_local.inc.php extAuthSource Parameter Array Remote File Inclusion CVE-2006-4844 16 Sep 2006 5.1 (v2) Medium Pass Limbo Contact Component (com_contact) contact.html.php contact_attach Unrestricted File Upload CVE-2006-4859 16 Sep 2006 8.8 (v3) High Pass Site@School Multiple Script cmsdir Parameter Remote File Inclusion CVE-2006-4920 CVE-2006-4921 16 Sep 2006 7.5 (v2) High Pass Limbo com_fm Component sql.php classes_dir Parameter Remote File Inclusion 17 Sep 2006 6.8 (v2) Medium Pass Derby Network Server Detection 18 Sep 2006 None Pass Exponent CMS index.php view Parameter Local File Inclusion CVE-2006-4963 19 Sep 2006 6.4 (v2) Medium Pass MyReview Admin.php email Parameter SQL Injection CVE-2006-4957 19 Sep 2006 7.5 (v2) High Pass SAP Internet Transaction Server wgate Multiple Parameter XSS CVE-2006-5114 28 Sep 2006 6.8 (v2) Medium Pass DokuWiki fetch.php Multiple Parameter imconvert Function Arbitrary Command Execution CVE-2006-5098 CVE-2006-5099 29 Sep 2006 8.8 (v3) High Pass Sun Secure Global Software / Tarantella Detection 29 Sep 2006 None Pass HAMweather Template.php do_parse_code Function Arbitrary Code Execution CVE-2006-5185 04 Oct 2006 7.5 (v2) High Pass Moodle 'index.php' 'tag' Parameter SQL Injection CVE-2006-5219 10 Oct 2006 5.1 (v2) Medium Pass Pervasive PSQL / Btrieve Server Detection 10 Oct 2006 None Pass Cisco IOS XE Software NETCONF RESTCONF Authentication Bypass (cisco-sa-aaa-Yx47ZT8Q) CVE-2021-1619 06 Oct 2021 9.1 (v3) Critical Pass BlueShoes lib/googlesearch/GoogleSearch.php APP[path][lib] Parameter Remote File Inclusion CVE-2006-5250 13 Oct 2006 5.1 (v2) Medium Pass Web Site sitemap.xml File and Directory Disclosure 14 Oct 2006 None Pass phpMyConferences menus.inc.php lvc_include_dir Parameter Remote File Inclusion CVE-2006-5310 16 Oct 2006 6.8 (v2) Medium Pass Open Conference System < 1.1.6 Multiple Script fullpath Parameter Remote File Inclusion CVE-2006-5308 18 Oct 2006 7.5 (v2) High Pass SolarWinds Virtualization Manager <= 6.3.1 Privilege Escalation CVE-2016-3643 08 Nov 2021 7.8 (v3) High Pass Microsoft Windows Server Version 1809 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Microsoft Windows Server Version 1803 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Microsoft Windows Server Version 1709 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Microsoft Windows Server Version 1903 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Microsoft Windows Server Version 1909 Unsupported Version Detection 08 Nov 2021 10 (v3) Critical Pass Trend Micro OﬃceScan 10 SP1 < 10 SP1 Patch 2329 Multiple Vulnerabilities (000287815) CVE-2021-36741 CVE-2021-36742 08 Nov 2021 8.8 (v3) High 87

Pass MongoDB Server Login Possible 08 Nov 2021 None Pass Cerberus Helpdesk rpc.php Arbitrary Ticket Information Disclosure CVE-2006-5428 18 Oct 2006 5 (v2) Medium Pass Draytek VigorConnect Web UI Detection 08 Nov 2021 None Pass Draytek VigorConnect LFI (CVE-2021-20123) CVE-2021-20123 08 Nov 2021 7.5 (v3) High Pass Asterisk Skinny Channel Driver (chan_skinny) get_input Function Remote Overﬂow CVE-2006-5444 19 Oct 2006 7.5 (v2) High Pass Hosting Controller Multiple Script ForumID Parameter SQL Injection CVE-2006-5629 23 Oct 2006 7.5 (v2) High Pass Apache Airﬂow Web API Detection 26 Apr 2022 None Pass Segue CMS themesettings.inc.php themesdir Parameter Remote File Inclusion CVE-2006-5497 28 Oct 2006 7.5 (v2) High Pass miniBB bb_func_txt.php pathToFiles Parameter Remote File Inclusion CVE-2006-5673 30 Oct 2006 6.8 (v2) Medium Pass e107 class2.php e107language_e107cookie Cookie Traversal Local File Inclusion CVE-2006-5786 06 Nov 2006 7.5 (v2) High Pass OpenLDAP SASL authcid Name BIND Request DoS CVE-2006-5779 07 Nov 2006 5 (v2) Medium Pass Exhibit Engine styles.php toroot Parameter Remote File Inclusion CVE-2006-7183 CVE-2006-7184 14 Nov 2006 6.8 (v2) Medium Pass MODx CMS base_path Parameter Remote File Inclusion CVE-2006-5730 14 Nov 2006 5.1 (v2) Medium Pass IBM WebSphere Application Server SOAP Connector Error Page XSS CVE-2006-2431 16 Nov 2006 4.3 (v2) Medium Pass Etomite CMS index.php id Parameter SQL Injection CVE-2006-6048 23 Nov 2006 6.8 (v2) Medium Pass HSQLDB Server Default Credentials 27 Nov 2006 7.5 (v2) High Pass IBM WebSphere Application Server '%20' Request Source Disclosure CVE-2005-0425 14 Nov 2006 5 (v2) Medium Pass IBM WebSphere snoopservlet Path Disclosure 14 Nov 2006 5 (v2) Medium Pass ManageEngine ADAudit Plus < Build 7060 XXE RCE CVE-2022-28219 27 Apr 2022 9.8 (v3) Critical Pass Serendipity serendipity_event_bbcode.php Script serendipity[charset] Parameter Local File Inclusion CVE-2006-6242 01 Dec 2006 6.8 (v2) Medium Pass PHP Easy Download admin/save.php moreinfo Parameter Code Injection 07 Dec 2006 7.5 (v2) High Pass Patch Management: HCL BigFix Get Installed Packages 27 Apr 2022 None Pass Cisco IOS XE Software DECnet Phase IV/OSI DoS (cisco-sa-iosxe-decnet-dos-cuPWDkyL) CVE-2021-1352 20 May 2021 6.5 (v3) Medium Pass Microsoft Azure CycleCloud Privilege Escalation (CVE-2021-33762) CVE-2021-33762 13 Aug 2021 7.8 (v3) High Pass Cisco IOS Software PTP DoS Vulnerability (cisco-sa-20180926-ptp) CVE-2018-0473 05 Oct 2018 8.6 (v3) High Pass Cisco Catalyst 4000 Series Switches TCP Denial of Service Vulnerability (cisco-sa-20190925-cat4000-tcp-dos)CVE-2019-12652 04 Oct 2019 7.5 (v3) High Pass Cisco IOx Application Environment DoS Vulnerability (cisco-sa-20190925-iox) CVE-2019-12656 09 Oct 2019 7.5 (v3) High Pass Juniper Junos OS DoS (JSA11184) CVE-2021-0280 14 Sep 2021 7.5 (v3) High Pass Juniper Junos OS DoS (JSA11186) CVE-2021-0282 14 Sep 2021 7.5 (v3) High Pass JCE Admin Component for Joomla! 'plugin' Parameter Local File Include CVE-2006-6419 10 Dec 2006 7.3 (v3) High Pass Liferay Portal 7.3.5 Stored XSS CVE-2021-29046 21 Sep 2021 6.1 (v3) Medium Pass phpWebThings core/editor.php editor_insert_bottom Parameter Remote File Inclusion CVE-2006-6042 10 Dec 2006 6.8 (v2) Medium Pass ICCP/COTP TSAP Addressing Weakness 11 Dec 2006 5 (v2) Medium Pass Schneider Electric FTP Server Default Credentials 11 Dec 2006 10 (v3) Critical Pass VMware vCenter Server < 7.0 U2d Multiple Vulnerabilities (VMSA-2021-0020) CVE-2021-22011 CVE-2021-22018 22 Sep 2021 6.5 (v3) Medium Pass Apache >= 2.4.17 < 2.4.49 mod_http2 CVE-2021-33193 23 Sep 2021 7.5 (v3) High Pass Modicon Quantum Telnet Server Default Credentials 11 Dec 2006 6.4 (v2) Medium Pass Kerio MailServer < 6.3.1 Long LDAP Query DoS CVE-2006-6554 15 Dec 2006 5 (v2) Medium Pass PHP-Update blog.php Variable Overwriting Arbitrary Code Execution CVE-2006-6661 20 Dec 2006 7.5 (v2) High Pass TYPO3 'spell-check-logic.php' 'userUid' Parameter Arbitrary Command Execution CVE-2006-6690 21 Dec 2006 8.8 (v3) High Pass IBM DB2 < 8.1 FixPak 12 EXCSAT Long MGRLVLLS Message Remote DoS CVE-2006-3066 23 Dec 2006 5.3 (v3) Medium Pass IBM DB2 < 8.1 Fix Pack 14 Multiple Vulnerabilities CVE-2006-6638 CVE-2007-1228 23 Dec 2006 5.3 (v3) Medium Pass Cacti cmd.php Multiple Parameter SQL Injection Arbitrary Command Execution CVE-2006-6799 02 Jan 2007 7.5 (v2) High Pass Cacti copy_cacti_user.php template_user Variable SQL Injection 02 Jan 2007 7.5 (v2) High Pass Ultimate PHP Board chat/login.php username Parameter Arbitrary Command Execution CVE-2006-6790 02 Jan 2007 8.8 (v3) High Pass phpMyFAQ < 1.6.8 Multiple SQL Injection Vulnerabilities CVE-2006-6912 CVE-2006-6913 10 Jan 2007 7.5 (v2) High Pass Oreon lang/index.php ﬁle Parameter Remote File Inclusion CVE-2007-0360 19 Jan 2007 7.5 (v2) High Pass Website Baker REMEMBER_KEY Cookie SQL Injection CVE-2007-0527 23 Jan 2007 6.8 (v2) Medium Pass Apache Log4Shell RCE detection via callback correlation (Direct Check HTTP) CVE-2021-44228 11 Dec 2021 10 (v3) Critical Pass ARCserve Backup for Laptops & Desktops Server Detection 26 Jan 2007 None Pass PHProxy Detection 30 Jan 2007 None Pass Drupal Multiple Module $_SESSION Manipulation CAPTCHA Bypass CVE-2007-0658 01 Feb 2007 5 (v2) Medium Pass Drupal Comment Function Arbitrary Code Execution CVE-2007-0626 01 Feb 2007 5.1 (v2) Medium Pass Drupal Comment Module comment_form_add_preview() Function Arbitrary Code Execution CVE-2007-0626 01 Feb 2007 5.1 (v2) Medium Pass ExoPHPDesk faq.php id Parameter SQL Injection CVE-2007-0676 01 Feb 2007 6.8 (v2) Medium Pass Default Password (oracle) for 'oracle' Account CVE-1999-0502 06 Feb 2007 9.8 (v3) Critical Pass Advanced Poll admin/index.php Session Identiﬁer Replay Authentication Bypass CVE-2007-0845 08 Feb 2007 7.5 (v2) High Pass AXIGEN Mail Server < 2.0.0 Multiple Remote Vulnerabilities CVE-2007-0886 CVE-2007-0887 09 Feb 2007 10 (v2) Critical Pass Solaris 10 Forced Login Telnet Authentication Bypass CVE-2007-0882 12 Feb 2007 10 (v2) Critical Pass LifeType rss.php proﬁle Parameter Traversal Arbitrary File Access CVE-2007-0979 16 Feb 2007 5 (v2) Medium Pass phpMyFAQ < 1.6.10 Multiple Script Arbitrary File Upload CVE-2007-1032 20 Feb 2007 6.8 (v2) Medium Pass ZPanel 2.0 Multiple Script Remote File Inclusion CVE-2005-0793 CVE-2007-1123 23 Feb 2007 7.5 (v2) High Pass IBM DB2 < 9 Fix Pack 2 Multiple Vulnerabilities CVE-2007-1086 CVE-2007-1087 CVE-2007-1088 CVE-2007-1228 23 Feb 2007 9.8 (v3) Critical Pass Pagesetter for PostNuke index.php id Parameter Traversal Arbitrary File Access CVE-2007-1158 27 Feb 2007 5 (v2) Medium Pass OrangeHRM login.php txtUserName Parameter SQL Injection CVE-2007-1193 01 Mar 2007 9.3 (v2) High Pass Juniper Junos OS Vulnerability (JSA11278) CVE-2022-22172 12 Jan 2022 6.5 (v3) Medium Pass Default Password (password) for 'root' Account CVE-1999-0502 CVE-2006-5288 CVE-2012-4577 01 Mar 2007 9.8 (v3) Critical Pass getID3 < 1.7.8-b1 Multiple Remote Vulnerabilities CVE-2007-1035 01 Mar 2007 7.5 (v2) High Pass Atlassian JIRA XSRF, Open Redirect, and Access Control Bypass Vulnerabilities CVE-2018-13400 CVE-2018-13401 CVE-2018-13402 02 Nov 2018 6.1 (v3) Medium Pass Apache Struts Conﬁg Browser Plugin Detection 15 Feb 2019 5.3 (v3) Medium Pass VMware AirWatch Console HTTP Detection 02 Feb 2018 None Pass Linksys Smart Wi-Fi Web Interface Detection 19 Jul 2017 None Pass Advantech WebAccess SQLi CVE-2017-5154 30 Jan 2017 9.8 (v3) Critical Pass Intel Management Engine Authentication Bypass (INTEL-SA-00075) (remote check) CVE-2017-5689 04 May 2017 9.8 (v3) Critical Pass H3C / HPE Intelligent Management Center accessMgrServlet Java Object Deserialization RCE CVE-2017-5790 28 Apr 2017 9.8 (v3) Critical Pass Flexera FlexNet Publisher Detection 24 Mar 2016 None Pass H3C / HPE Intelligent Management Center Java Object Deserialization RCE CVE-2016-4372 23 Aug 2016 9.8 (v3) Critical Pass Topsec Firewall Cookie Command Injection (ELIGIBLECANDIDATE) 25 Oct 2016 9.8 (v3) Critical Pass Advantech WebAccess 7.2 < 7.2-2014.07.30 Multiple ActiveX RCE CVE-2014-0985 CVE-2014-0986 CVE-2014-0987 CVE-2014-0988 CVE-2014-0989 CVE-2014-0990 CVE-2014-0991 CVE-2014-0992 24 Aug 2015 6.8 (v2) Medium Pass Ipswitch IMail Server < 2006.2 Multiple Remote Overﬂows CVE-2007-1637 07 Mar 2007 9.3 (v2) High Pass Advantech WebAccess < 7.0-2011.12.20 Multiple Vulnerabilities 28 Aug 2015 7.5 (v2) High Pass LedgerSMB / SQL-Ledger ﬁle Parameter Multiple Vulnerabilities 09 Mar 2007 7.5 (v2) High Pass LedgerSMB / SQL-Ledger admin.pl Admin Authentication Bypass CVE-2007-1436 09 Mar 2007 7.5 (v2) High Pass Advantech WebAccess openWidget Script Path Traversal Remote File Disclosure CVE-2016-0855 18 Feb 2016 7.5 (v3) High Pass HP Universal Conﬁguration Management Database Data Flow Probe Gateway Detection 18 Mar 2015 None Pass RuggedCom RuggedOS < 3.12.2 Multiple Vulnerabilities CVE-2013-6925 CVE-2013-6926 07 Oct 2013 8.3 (v2) High Pass Palo Alto Networks PAN-OS Firewall/Panorama Web UI Detection 17 Dec 2013 None Pass TightVNC Java Viewer Detection 09 Jan 2014 None Pass Dell KACE K1000 Web Detection 07 Feb 2014 None Pass CommonSpot Detection 17 Apr 2014 None Pass Advantech WebAccess < 7.2-2014.06.06 Multiple Vulnerabilities CVE-2014-2364 CVE-2014-2365 CVE-2014-2366 CVE-2014-2367 CVE-2014-2368 14 Apr 2014 7.5 (v2) High Pass Oracle OpenSSO Detection 28 Apr 2014 None Pass Blackboard Learn Detection 13 Jun 2014 None Pass HP OneView Detection 13 Jun 2014 None Pass Oracle Traﬃc Director Administration Console Detection 31 Jul 2014 None Pass IBM Rational License Key Server Administration and Reporting Tool Detection 16 Sep 2014 None Pass Horde NLS.php Language Selection new_lang Parameter XSS CVE-2007-1473 16 Mar 2007 4.3 (v2) Medium Pass MS14-066: Vulnerability in Schannel Could Allow Remote Code Execution (2992611) (uncredentialed check)CVE-2014-6321 01 Dec 2014 8.8 (v3) High Pass Umbraco Detection 13 Aug 2012 None Pass IOServer XML Server URI Directory Traversal Arbitrary File Access CVE-2012-4680 19 Nov 2012 4.3 (v2) Medium Pass VMware vCenter Detect 27 Nov 2012 None Pass Jenkins Enterprise and Operations Center < 2.289.3.2 rev 2 Bad Permissions (CloudBees Security Advisory 2021-08-02) 11 Oct 2021 3.3 (v3) Low Pass Piwik Detection 28 Nov 2012 None Pass Jenkins Enterprise and Operations Center < 2.249.32.0.1 / 2.277.41.0.1 / 2.303.1.5 Bad Permissions (CloudBees Security Advisory 2021-08-25) 11 Oct 2021 2.4 (v3) Low Pass RWCards Component for Joomla! 'category_id' Parameter SQLi CVE-2007-1703 27 Mar 2007 5.6 (v3) Medium Pass MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220) (uncredentialed check)CVE-2013-0013 22 Jan 2013 5.8 (v2) Medium Pass HP LeftHand OS hydra Detection 14 Feb 2013 None Pass Atlassian Crowd Detection 03 Jul 2013 None Pass Virtualizor Detection 24 Jul 2013 None Pass Oracle TNS Listener Remote Poisoning CVE-2012-1675 26 Aug 2013 7.3 (v3) High Pass Meeting Room Booking System typematch Parameter SQL Injection CVE-2009-3533 18 Oct 2010 7.5 (v2) High Pass Mambo task Parameter XSS 05 Jul 2011 4.3 (v2) Medium 88

Pass OpenVAS Manager / Administrator Detection 02 Dec 2011 None Pass Apache OFBiz Detection 23 May 2012 None Pass TYPOlight < 2.2.5 Unspeciﬁed Vulnerability CVE-2007-1632 27 Mar 2007 7.5 (v2) High Pass Cisco UCS Director Log4j Remote Code Execution (cisco-sa-apache-log4j-qRuKNEbd) CVE-2021-44228 03 Jun 2022 10 (v3) Critical Pass XOOPS Articles Module print.php id Parameter SQL Injection CVE-2007-3311 27 Mar 2007 7.5 (v2) High Pass IBM Lotus Domino IMAP Server (nimap.exe) CRAM-MD5 Authentication Remote Overﬂow CVE-2007-1675 29 Mar 2007 10 (v2) Critical Pass PHP < 4.4.5 Multiple Vulnerabilities CVE-2006-4625 CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 CVE-2007-1286 CVE-2007-1376 CVE-2007-1378 CVE-2007-1379 CVE-2007-1380 CVE-2007-1700 CVE-2007-1701 CVE-2007-1777 CVE-2007-1825 CVE-2007-1835 CVE-2007-1884 CVE-2007-1885 CVE-2007-1886 CVE-2007-1887 CVE-2007-189002 Apr 2007 7.5 (v2) High Pass Request Tracker Detection 04 Dec 2009 None Pass eclime login.php SQL Injection 16 Mar 2010 7.5 (v2) High Pass Ektron CMS400.NET Detection 30 Apr 2010 None Pass HAProxy Statistics Page Detection 29 Jun 2012 5 (v2) Medium Pass Ektron CMS400.net TransformXslt Web Service Directory Traversal 30 Apr 2010 4.3 (v2) Medium Pass Tenable PVS Proxy Detection 29 Apr 2010 None Pass Cacti Detection 04 May 2010 None Pass Pligg Detection 19 Jul 2010 None Pass MapServer Insecure MapServ CGI Command-line Debug Args CVE-2010-2540 27 Jul 2010 9.8 (v3) Critical Pass FuseTalk Detection 17 Aug 2010 None Pass Serv-U Version Detection 25 Aug 2010 None Pass PHP < 5.2.1 Multiple Vulnerabilities CVE-2006-6383 CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 CVE-2007-1376 CVE-2007-1380 CVE-2007-1383 CVE-2007-1452 CVE-2007-1453 CVE-2007-1454 CVE-2007-1700 CVE-2007-1701 CVE-2007-1824 CVE-2007-1825 CVE-2007-1835 CVE-2007-1884 CVE-2007-1885 CVE-2007-1886 CVE-2007-1887 CVE-2007-1889 CVE-2007-1890 CVE-2007-4441 CVE-2007-458602 Apr 2007 7.5 (v2) High Pass Zenphoto Detection 20 Sep 2010 None Pass Mura CMS Detection 30 Sep 2010 None Pass Samba Web Administration Tool (SWAT) Detection 03 Mar 2000 None Pass Invision Power Board ibProArcade Module index.php cat Parameter SQL Injection CVE-2004-1536 22 Nov 2004 7.5 (v2) High Pass Invision Power Board sources/post.php qpid Parameter SQL Injection CVE-2004-1531 22 Nov 2004 7.5 (v2) High Pass Mambo Site Server Multiple Vulnerabilities CVE-2003-1204 07 Feb 2005 7.5 (v2) High Pass Sybase SQL sa Account Blank Password 21 Feb 2005 7.5 (v2) High Pass Mambo Detection 01 Apr 2005 None Pass Horde Turba Detection 26 Apr 2005 None Pass Claroline < 1.5.4 / 1.6.0 Multiple Vulnerabilities (RFI, SQLi, XSS, Traversal) CVE-2005-1374 CVE-2005-1375 CVE-2005-1376 CVE-2005-1377 29 Apr 2005 7.5 (v2) High Pass XOOPS WF-Section Module print.php articleid Parameter SQL Injection CVE-2007-1974 03 Apr 2007 7.5 (v2) High Pass MediaWiki Detection 20 Jul 2005 None Pass osCommerce Unprotected Admin Directory 21 Jul 2005 7.5 (v2) High Pass VERITAS NetBackup Volume Manager Detection 11 Nov 2005 None Pass Xaraya index.php module Parameter Traversal Arbitrary File/Directory Manipulation CVE-2005-3929 02 Jan 2006 5 (v2) Medium Pass Kerberos telnet Crafted Username Remote Authentication Bypass CVE-2007-0956 05 Apr 2007 8.8 (v3) High Pass Jenkins Enterprise and Operations Center < 2.277.43.0.3 / 2.319.1.5 Multiple Vulnerabilities (CloudBees Security Advisory 2021-12-01)CVE-2021-35517 CVE-2021-37714 16 Feb 2022 7.5 (v3) High Pass Apache Solr Unauthenticated Access Information Disclosure 16 Feb 2022 5.3 (v3) Medium Pass WebCalendar < 1.0.2 Multiple Vulnerabilities CVE-2005-3949 CVE-2005-3961 CVE-2005-3982 CVE-2005-3982 02 Dec 2005 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA11286) CVE-2022-22180 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11282) CVE-2022-22176 12 Jan 2022 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11275) CVE-2022-22168 12 Jan 2022 6.5 (v3) Medium Pass XOOPS Jobs Module index.php cid Parameter SQL Injection CVE-2007-2370 06 Apr 2007 7.5 (v2) High Pass WebSpeed Development Mode Check 26 Apr 2007 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA11271) CVE-2022-22163 12 Jan 2022 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11268) CVE-2022-22160 12 Jan 2022 6.5 (v3) Medium Pass XOOPS xoopsConﬁg Parameter Variable Overwrite Local File Inclusion CVE-2006-2516 23 May 2006 5.1 (v2) Medium Pass Juniper Junos OS Multiple Vulnerabilities (JSA11289) CVE-2021-22876 CVE-2021-22890 CVE-2021-22897 CVE-2021-22898 CVE-2021-22901 12 Jan 2022 8.1 (v3) High Pass Advanced Guestbook index.php lang Cookie Parameter Path Disclosure CVE-2007-0609 09 May 2007 5.1 (v2) Medium Pass WoltLab Burning Board Lite wbb_userid Parameter PHP Unset SQL Injection CVE-2006-6289 27 Nov 2006 6.8 (v2) Medium Pass HP LoadRunner Agent Service Detection 13 Feb 2007 None Pass Thyme event_view.php eid Parameter SQL Injection CVE-2007-2621 11 May 2007 7.5 (v2) High Pass YaNC Component for Joomla! 'listid' Parameter SQLi CVE-2007-2792 17 May 2007 7.3 (v3) High Pass XOOPS XFSection Module modify.php dir_module Parameter Remote File Inclusion CVE-2007-3222 14 Jun 2007 7.5 (v2) High Pass WebSpeed Workshop Arbitrary Command Execution 26 Apr 2007 8.8 (v3) High Pass Apache Solr 5.x <= 5.5.5 or 6.x <= 6.6.5 Deserialization Vulnerability (CVE-2019-0192) CVE-2019-0192 03 Jul 2019 9.8 (v3) Critical Pass Advantech WebAccess webvprcs IOCTL 10012 Stack Overﬂow CVE-2019-3953 04 Jul 2019 9.8 (v3) Critical Pass Atlassian JIRA Server Template Injection Vulnerability (CVE-2019-11581) CVE-2019-11581 13 Sep 2019 9.8 (v3) Critical Pass OS Identiﬁcation : ICMP 09 Dec 2003 None Pass Atlassian JIRA ConﬁgurePortalPages.jspa XSS CVE-2019-3402 13 Sep 2019 6.1 (v3) Medium Pass Tenable Nessus 8.x < 8.15.5 Thiird-Party Vulnerabilities (TNS-2022-12) CVE-2022-23852 CVE-2022-23990 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 27 May 2022 9.8 (v3) Critical Pass Atlassian Jira Webroot Directory Traversal Vulnerability CVE-2019-8442 25 Oct 2019 7.5 (v3) High Pass Tomcat Sample App hello.jsp 'test' Parameter XSS CVE-2007-1355 21 May 2007 5.3 (v3) Medium Pass Centennial IP Transfer Agent Detection 23 May 2007 None Pass Siemens SINEMA Remote Connect Server Multiple Vulnerabilities (SSA-884497) CVE-2019-13918 CVE-2019-13919 CVE-2019-13920 CVE-2019-13922 02 Dec 2019 9.8 (v3) Critical Pass Oracle WebLogic Server Java Object Deserialization RCE (CVE-2018-3245) CVE-2018-3245 03 May 2019 9.8 (v3) Critical Pass GForge CVSWeb CGI cvsweb.php PATH_INFO Parameter Arbitrary Command Execution CVE-2007-0246 26 May 2007 8.8 (v3) High Pass ShareFile Storage Zones Controller Installed (Windows) 02 Jun 2020 None Pass Rockwell Automation FactoryTalk Linx Path Traversal Information Disclosure CVE-2020-12003 08 Oct 2020 7.5 (v3) High Pass UebiMiau Multiple Input Validation Vulnerabilities CVE-2007-3170 CVE-2007-3171 CVE-2007-3172 30 May 2007 5 (v2) Medium Pass Microsoft Netlogon Elevation of Privilege (Zerologon) (Remote) CVE-2020-1472 18 Sep 2020 10 (v3) Critical Pass OpenWrt < 18.06.2 XSS (direct check) CVE-2018-19630 04 Dec 2020 6.1 (v3) Medium Pass Apache Unomi RCE (Direct Check) CVE-2020-13942 14 Jan 2021 9.8 (v3) Critical Pass ManageEngine OpManager Smart Update Manager RCE CVE-2020-28653 02 Apr 2021 9.8 (v3) Critical Pass Trend Micro Worry-Free Business Security Remote File Deletion (000281948) CVE-2020-28574 12 Apr 2021 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11263) CVE-2022-22155 12 Jan 2022 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11267) CVE-2022-22159 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11279) CVE-2022-22173 12 Jan 2022 7.5 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.37 Multiple Vulnerabilities CVE-2020-13934 CVE-2020-13935 17 Jul 2020 7.5 (v3) High Pass PHP 7.2.x < 7.2.32 / 7.3.x < 7.3.20 / 7.4.x < 7.4.8 Information Disclosure CVE-2020-8169 17 Jul 2020 7.5 (v3) High Pass phpMyAdmin 4.x < 4.9.4 / 5.x < 5.0.1 SQLi (PMASA-2020-1) CVE-2020-5504 17 Jul 2020 8.8 (v3) High Pass Magento Unsupported Version Detection 17 Jul 2020 10 (v3) Critical Pass TYPO3 9.4 < 9.5.8 Insecure Deserialization (TYPO3-CORE-SA-2019-016) CVE-2019-10912 20 Jul 2020 7.1 (v3) High Pass Juniper Junos OS Vulnerability (JSA11270) CVE-2022-22162 12 Jan 2022 7.8 (v3) High Pass Juniper Junos OS Multiple Vulnerabilities (JSA11277) CVE-2022-22170 CVE-2022-22171 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11281) CVE-2022-22175 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11293) CVE-2021-3712 12 Jan 2022 7.4 (v3) High Pass Juniper Junos OS Vulnerability (JSA11280) CVE-2022-22174 12 Jan 2022 7.5 (v3) High Pass Juniper Junos OS Vulnerability (JSA11284) CVE-2022-22178 12 Jan 2022 7.5 (v3) High Pass Atlassian JIRA < 7.13.18 / 8.x < 8.5.9 / 8.6.x < 8.12.2 Information Disclosure (JRASERVER-71696) CVE-2020-14185 22 Oct 2020 5.3 (v3) Medium Pass Oracle Oracle E-Business Suite (Oct 2020 CPU) CVE-2020-14746 CVE-2020-14761 CVE-2020-14774 CVE-2020-14805 CVE-2020-14808 CVE-2020-14811 CVE-2020-14816 CVE-2020-14817 CVE-2020-14819 CVE-2020-14822 CVE-2020-14823 CVE-2020-14826 CVE-2020-14831 CVE-2020-14833 CVE-2020-14834 CVE-2020-14835 CVE-2020-14840 CVE-2020-14849 CVE-2020-14850 CVE-2020-14851 CVE-2020-14855 CVE-2020-14856 CVE-2020-14857 CVE-2020-14862 CVE-2020-14863 CVE-2020-14875 CVE-2020-1487622 Oct 2020 9.8 (v3) Critical Pass PHP 7.4.x < 7.4.12 DoS 16 Nov 2020 5.9 (v3) Medium Pass PHP 7.3.x < 7.3.25 / 7.4.x < 7.4.13 Multiple Vulnerabilities 03 Dec 2020 5.6 (v3) Medium Pass Apache Struts 2.x < 2.3.1.1 Multiple Vulnerabilities CVE-2011-3923 CVE-2012-0392 20 Nov 2020 8.1 (v3) High Pass GitLab 8.15.x < 14.6.5 / 14.7.x < 14.7.4 / 14.8.x < 14.8.2 DoS CVE-2022-0489 14 Mar 2022 5.7 (v3) Medium Pass PHP < 5.2.3 Multiple Vulnerabilities CVE-2007-1887 CVE-2007-1900 CVE-2007-2756 CVE-2007-2872 CVE-2007-3007 02 Jun 2007 7.3 (v3) High Pass XOOPS Multiple Modules spaw_control.class.php spaw_root Parameter Remote File Inclusion CVE-2007-3057 CVE-2007-3220 CVE-2007-3221 CVE-2007-3237 CVE-2007-3289 02 Jun 2007 7.5 (v2) High Pass PNphpBB2 index.php c Parameter SQL Injection CVE-2007-3052 05 Jun 2007 7.5 (v2) High Pass SNMPc Management Server Detection 05 Jun 2007 None Pass BASE Authentication Redirect Authentication Bypass CVE-2007-5578 07 Jun 2007 7.5 (v2) High Pass PBLang login.php lang Parameter Local File Inclusion CVE-2007-3096 07 Jun 2007 6.8 (v2) Medium Pass JFFNMS auth.php Multiple Parameter SQL Injection CVE-2007-3190 12 Jun 2007 9.4 (v2) High Pass Firebird DataBase Server fbserver.exe p_cnct_count Value Remote Overﬂow CVE-2007-3181 13 Jun 2007 10 (v2) Critical Pass Apache Tomcat snoop.jsp URI XSS CVE-2007-2449 18 Jun 2007 5.3 (v3) Medium Pass Apache MyFaces Tomahawk JSF Application autoscroll Multiple XSS CVE-2007-3101 19 Jun 2007 4.3 (v2) Medium Pass FuseTalk index.cfm txForumID Parameter SQL Injection CVE-2007-3273 20 Jun 2007 7.5 (v2) High Pass FuseTalk Multiple Script XSS CVE-2007-3339 21 Jun 2007 4.3 (v2) Medium Pass Calendarix calendar.php Multiple Parameter SQL Injection CVE-2007-3183 26 Jun 2007 6.8 (v2) Medium Pass Ingres Communications Server Detection 26 Jun 2007 None Pass Maia Mailguard login.php lang Parameter Local File Inclusion CVE-2007-3619 06 Jul 2007 5 (v2) Medium Pass MDaemon Server DomainPOP Malformed Message DoS CVE-2007-3622 10 Jul 2007 2.6 (v2) Low Pass MS07-039: Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122) (uncredentialed check)CVE-2007-0040 CVE-2007-3028 11 Jul 2007 10 (v2) Critical Pass paFileDB includes/search.php categories Parameter SQL Injection CVE-2007-3808 16 Jul 2007 7.5 (v2) High 89

Pass MailMarshal Spam Quarantine Interface Arbitrary Account Password Retrieval CVE-2007-3796 18 Jul 2007 7.6 (v2) High Pass Expose for Joomla! File Upload RCE CVE-2007-3932 19 Jul 2007 9.8 (v3) Critical Pass LinPHA include/img_view.class.php order parameter SQL Injection CVE-2007-4053 30 Jul 2007 7.5 (v2) High Pass UltraVNC w/ DSM Plugin Detection (2) 31 Jul 2007 None Pass Ipswitch IMail Server < 2006.21 Multiple Vulnerabilities CVE-2007-2795 CVE-2007-3925 CVE-2007-3926 CVE-2007-3927 19 Jul 2007 10 (v2) Critical Pass CVS (Web-Based) Directory Spider 24 Jul 2007 5 (v2) Medium Pass Ipswitch Instant Messaging Client Detection 25 Jul 2007 None Pass Ipswitch Instant Messaging Server Detection 25 Jul 2007 None Pass PHP-Blogger pref.db Database Information Disclosure CVE-2007-4157 31 Jul 2007 5 (v2) Medium Pass Joomla! com_content Component 'order' Parameter XSS CVE-2007-4189 01 Aug 2007 4.7 (v3) Medium Pass GMaps Component for Joomla! 'mapId' Parameter SQLi CVE-2007-4128 01 Aug 2007 7.3 (v3) High Pass Altiris Deployment Server Detection 15 Aug 2007 None Pass Help Center Live class/auth.php check_logout Function Admin Authentication Bypass CVE-2007-4240 16 Aug 2007 7.5 (v2) High Pass EZPhotoSales Multiple Conﬁguration Files Remote Information Disclosure CVE-2007-4261 16 Aug 2007 7.5 (v2) High Pass IBM DB2 < 9 Fix Pack 3 / 8 Fix Pack 15 Multiple Vulnerabilities CVE-2007-2582 CVE-2007-4270 CVE-2007-4271 CVE-2007-4272 CVE-2007-4273 CVE-2007-4275 CVE-2007-4276 CVE-2007-4417 CVE-2007-4418 CVE-2007-442320 Aug 2007 9.8 (v3) Critical Pass Microsoft OMI Service Detection 20 Sep 2021 None Pass SimpleFAQ Component for Joomla! 'aid' Parameter SQLi CVE-2007-4456 24 Aug 2007 7.3 (v3) High Pass Cache' SuperServer Detection 27 Aug 2007 None Pass PHP < 5.2.4 Multiple Vulnerabilities CVE-2007-1413 CVE-2007-2872 CVE-2007-3294 CVE-2007-3378 CVE-2007-3790 CVE-2007-3799 CVE-2007-3806 CVE-2007-4010 CVE-2007-4033 CVE-2007-4255 CVE-2007-4507 CVE-2007-4652 CVE-2007-4658 CVE-2007-4659 CVE-2007-4660 CVE-2007-4661 CVE-2007-4662 CVE-2007-466303 Sep 2007 6.8 (v2) Medium Pass VHCS PHPSESSID Cookie Session Fixation CVE-2007-3988 05 Sep 2007 6.8 (v2) Medium Pass Joomla! CMS com_search Component 'searchword' Parameter RCE CVE-2007-4187 05 Sep 2007 9.8 (v3) Critical Pass MDPro index.php topicid Parameter SQL Injection CVE-2007-3938 05 Sep 2007 7.5 (v2) High Pass Apache Tomcat SendMailServlet sendmail.jsp 'mailfrom' Parameter XSS CVE-2007-3383 06 Sep 2007 5.3 (v3) Medium Pass QuickEStore insertorder.cfm CFTOKEN Parameter SQL Injection CVE-2007-3933 07 Sep 2007 7.5 (v2) High Pass Claroline inc/lib/language.lib.php language Parameter Traversal Local File Inclusion CVE-2007-4718 10 Sep 2007 5.1 (v2) Medium Pass AWStats is Openly Accessible 14 Sep 2007 None Pass lighttpd Status Module Remote Information Disclosure 17 Sep 2007 5.3 (v3) Medium Pass Mambo / Joomla! Multiple Components 'mosConﬁg_live_site' Parameter Remote File Include CVE-2007-4923 CVE-2007-5309 CVE-2007-5363 CVE-2007-5410 CVE-2007-5451 17 Sep 2007 8.1 (v3) High Pass Shop-Script admin.php Admin Panel Security Bypass CVE-2007-4932 19 Sep 2007 7.5 (v2) High Pass IceWarp Merak Mail Server < 9.0.0 BODY Element XSS CVE-2007-5046 24 Sep 2007 4.3 (v2) Medium Pass ADOdb Lite adodb-perf-module.inc.php last_module Parameter Arbitrary Code Execution CVE-2007-5056 24 Sep 2007 6.8 (v2) Medium Pass Oracle Listener Program Logging Privilege Escalation (1361722) CVE-2000-0818 27 Sep 2007 7.5 (v2) High Pass Original inc/exif.inc.php exif_prog Parameter Arbitrary Command Execution CVE-2007-5224 03 Oct 2007 6.8 (v2) Medium Pass Cart32 c32web.exe ImageName Traversal Arbitrary File Access CVE-2007-5253 05 Oct 2007 5 (v2) Medium Pass GForge account/verify.php conﬁrm_hash Parameter XSS CVE-2007-3918 CVE-2009-4069 08 Oct 2007 4.3 (v2) Medium Pass TikiWiki tiki-graph_formula.php f Parameter Arbitrary Command Execution CVE-2007-5423 11 Oct 2007 8.8 (v3) High Pass Simple Machines Forum Search.php SQL Injection CVE-2007-5646 28 Oct 2007 6.8 (v2) Medium Pass Module Builder DownloadModule Traversal Arbitrary File Disclosure CVE-2007-5812 31 Oct 2007 5 (v2) Medium Pass GuppY inc/includes.inc selskin Parameter Traversal Local File Inclusion CVE-2007-5844 05 Nov 2007 7.5 (v2) High Pass IBM WebSphere Application Server navigateTree.do Multiple Vulnerabilities CVE-2007-5798 CVE-2007-5799 07 Nov 2007 4.3 (v2) Medium Pass PHP < 5.2.5 Multiple Vulnerabilities CVE-2007-3996 CVE-2007-4782 CVE-2007-4783 CVE-2007-4784 CVE-2007-4825 CVE-2007-4840 CVE-2007-4887 CVE-2007-4889 CVE-2007-5447 CVE-2007-5653 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900 CVE-2008-2107 CVE-2008-2108 CVE-2008-410712 Nov 2007 4.4 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11149) CVE-2021-0258 15 Apr 2021 5.9 (v3) Medium Pass Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration Without Credentials CVE-2000-1200 15 Sep 2011 5 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11159) CVE-2021-0268 15 Apr 2021 9.3 (v3) Critical Pass IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.7 XXE (CVE-2021-20453)CVE-2021-20453 20 Apr 2021 8.2 (v3) High Pass Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability (cisco-sa-sxp-68TEVzR)CVE-2020-3228 19 Jun 2020 8.6 (v3) High Pass Cisco IOS XE Software Cluster Management Protocol DoS Vulnerability (cisco-sa-20180926-cmp) CVE-2018-0475 05 Oct 2018 7.4 (v3) High Pass Directory Traversal 09 Jan 2019 9.1 (v3) Critical Pass Cisco Smart Install Detection 12 Dec 2017 None Pass GoAhead Server CGI Remote Code Execution CVE-2017-17562 20 Dec 2017 8.1 (v3) High Pass MS08-039: Outlook Web Access for Exchange Server Privilege Escalation (Uncredentialed) CVE-2008-2247 CVE-2008-2248 03 Apr 2018 4.7 (v3) Medium Pass Microsoft Exchange Server Detection (Uncredentialed) 03 Apr 2018 None Pass Alt-N MDaemon Remote Administration Detection 02 Jun 2017 None Pass Redis Server Detection 06 Jun 2017 None Pass Siemens SCALANCE X-200 Web Session Hijacking CVE-2013-5709 21 Oct 2013 8.3 (v2) High Pass IBM DB2 < 9 Fix Pack 4 Multiple Vulnerabilities CVE-2007-3676 CVE-2007-5652 CVE-2007-5757 CVE-2007-6045 CVE-2007-6046 CVE-2007-6047 CVE-2007-6048 CVE-2007-6049 CVE-2007-6050 CVE-2007-6051 CVE-2007-6052 CVE-2007-6053 CVE-2008-069816 Nov 2007 9.8 (v3) Critical Pass Ability Mail Server < 2.61 Multiple Remote DoS CVE-2007-6101 21 Nov 2007 4 (v2) Medium Pass GWExtranet gwextranet/scp.dll Multiple Parameter Traversal Local File Inclusion 26 Nov 2007 5 (v2) Medium Pass Ruby on Rails Multiple Method Session Fixation CVE-2007-5380 CVE-2007-6077 28 Nov 2007 6.8 (v2) Medium Pass ht://dig htsearch sort Parameter XSS CVE-2007-6110 28 Nov 2007 4.3 (v2) Medium Pass Plumtree Portal User Object User Enumeration CVE-2007-6198 04 Dec 2007 5 (v2) Medium Pass Mort Bay Jetty Dump Servlet (webapps/test/jsp/dump.jsp) XSS CVE-2007-5613 05 Dec 2007 4.3 (v2) Medium Pass NetScaler Web Management Interface Cookie Credentials Encryption Weakness CVE-2007-6192 06 Dec 2007 4.3 (v2) Medium Pass NetScaler Web Management Interface IP Address Cookie Information Disclosure CVE-2007-6193 06 Dec 2007 5 (v2) Medium Pass Anon Proxy Server Software Detection 17 Dec 2007 None Pass Centreon 'ﬁleOreonConf' Parameter File Include Vulnerabilities CVE-2007-6485 17 Dec 2007 7.5 (v2) High Pass Perforce Server Detection 23 Dec 2007 None Pass Tikiwiki tiki-listmovies.php movie Parameter Traversal Arbitrary File Access CVE-2007-6528 26 Dec 2007 5 (v2) Medium Pass ShareFile < 5.11.20 RCE (CVE-2021-22941) CVE-2021-22941 11 Jan 2022 9.8 (v3) Critical Pass Apple iTunes < 11.1 Multiple Vulnerabilities (uncredentialed check) CVE-2013-1035 20 Sep 2013 9.3 (v2) High Pass Vanilla Forum p Parameter Local File Inclusion 23 May 2011 6.8 (v2) Medium Pass PMOS Help Desk form.php Arbitrary Code Execution CVE-2007-6550 26 Dec 2007 8.8 (v3) High Pass Zenphoto rss.php albumnr Parameter SQL Injection CVE-2007-6666 03 Jan 2008 7.5 (v2) High Pass PHP < 4.4.8 Multiple Vulnerabilities CVE-2007-3378 CVE-2007-3799 CVE-2007-3997 CVE-2007-4657 CVE-2007-4658 CVE-2008-0145 CVE-2008-2108 03 Jan 2008 7.5 (v2) High Pass Atlassian JIRA 500page.jsp XSS CVE-2007-6617 CVE-2007-6618 CVE-2007-6619 03 Jan 2008 4.3 (v2) Medium Pass Bitweaver wiki/edit.php suck_url Parameter Traversal Source Code Disclosure CVE-2007-6651 07 Jan 2008 5 (v2) Medium Pass Newbb_plus Module for RunCMS Client-Ip Header SQL Injection CVE-2008-0224 07 Jan 2008 6.8 (v2) Medium Pass Loudblog loudblog/inc/parse_old.php template Parameter Arbitrary Remote Code Execution CVE-2008-0139 07 Jan 2008 6.8 (v2) Medium Pass XoopsGallery init_basic.php GALLERY_BASEDIR Parameter Remote File Inclusion CVE-2008-0138 08 Jan 2008 7.5 (v2) High Pass IceWarp Mail Server admin/index.html message Parameter XSS CVE-2008-0218 09 Jan 2008 4.3 (v2) Medium Pass PineApp Mail-SeCure Detection 01 Aug 2013 None Pass PortalApp forums.asp sortby Parameter SQL Injection CVE-2008-4613 09 Jan 2008 7.5 (v2) High Pass HTTP Host Information via NTLM SSP over HTTP(S) 04 Oct 2019 None Pass SAP DB / MaxDB Cons Program Arbitrary Command Execution CVE-2008-0244 11 Jan 2008 8.8 (v3) High Pass IBM Lotus Domino < 7.0.2 FP3 Unspeciﬁed DoS CVE-2008-0243 11 Jan 2008 7.8 (v2) High Pass Apache APISIX Dashboard Detection 28 Apr 2022 None Pass Apache APISIX Dashboard < 2.10.1 Authentication Bypass (Direct Check) CVE-2021-45232 28 Apr 2022 9.8 (v3) Critical Pass Sun Java System Identity Manager Multiple XSS CVE-2008-0239 CVE-2008-0240 CVE-2008-0241 11 Jan 2008 4.3 (v2) Medium Pass Huawei Versatile Security / Storage Platform Version Detection 02 Dec 2014 None Pass Cisco Uniﬁed Communications Manager (CUCM) Detection 29 Dec 2014 None Pass Cisco Uniﬁed Communications Products XSRF (cisco-sa-ucm-csrf-jrKP4eNT) CVE-2022-20787 28 Apr 2022 6.8 (v3) Medium Pass eggBlog index.php eggblogpassword Parameter Cookie SQL Injection CVE-2008-0159 12 Jan 2008 6.8 (v2) Medium Pass netOctopus Agent Detection (TCP) 14 Jan 2008 None Pass X7 Chat index.php day Parameter SQL Injection CVE-2008-0278 15 Jan 2008 7.5 (v2) High Pass Pixelpost index.php parent_id Parameter SQL Injection CVE-2008-0358 17 Jan 2008 6.8 (v2) Medium Pass MyBB forumdisplay.php 'sortby' Parameter Arbitrary PHP Code Execution CVE-2008-0382 17 Jan 2008 7.5 (v2) High Pass PHP 7.3.x < 7.3.3 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.16 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.27 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass MikroTik RouterOS Unauthenticated Intermediary CVE-2019-3924 08 Apr 2019 7.5 (v3) High Pass Apache Tomcat 7.0.0 < 7.0.94 Remote Code Execution Vulnerability (Windows) CVE-2019-0221 CVE-2019-0232 16 Apr 2019 8.1 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.19 Remote Code Execution Vulnerability (Windows) CVE-2019-0221 CVE-2019-0232 15 Apr 2019 8.1 (v3) High Pass Apache 2.4.x < 2.4.46 Multiple Vulnerabilities CVE-2020-9490 CVE-2020-11984 CVE-2020-11993 13 Aug 2020 9.8 (v3) Critical Pass Jenkins < 2.235.4 LTS / 2.252 Multiple Cross-Site Scripting (XSS) Vulnerabilities CVE-2020-2229 CVE-2020-2230 CVE-2020-2231 20 Aug 2020 5.4 (v3) Medium Pass CodeMeter Runtime Detection 06 May 2021 None Pass SSH Password Authentication Accepted 07 May 2021 None Pass Juniper Junos OS Vulnerability (JSA11163) CVE-2021-0272 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11153) CVE-2021-0262 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11154) CVE-2021-0263 15 Apr 2021 5.9 (v3) Medium Pass Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.7.1 Stored XSS (JRASERVER-70814) CVE-2020-14173 25 Aug 2020 5.4 (v3) Medium Pass McAfee Email Gateway Detection 11 Jul 2016 None Pass OrientDB Detection 08 Oct 2015 None 90

Pass FreeSWITCH Detection 11 Feb 2016 None Pass Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.6.1 Jira Gadget API DoS (JRASERVER-70808) CVE-2019-20899 25 Aug 2020 5.3 (v3) Medium Pass Atlassian Jira < 7.13.12, 8.x < 8.5.4, 8.6.x < 8.6.1 Broken Access Control (JRASERVER-70543) CVE-2019-20106 25 Aug 2020 4.3 (v3) Medium Pass TYPO3 8.x < 8.7.27 / 9.x < 9.5.8 Multiple Vulnerabilities CVE-2019-12747 20 Jul 2020 9.8 (v3) Critical Pass TYPO3 9.3 < 9.5.8 Broken Access Control (TYPO3-CORE-SA-2019-017) 20 Jul 2020 8.5 (v3) High Noise OS Identiﬁcation 09 Dec 2003 None Pass Cisco HyperFlex HX Command Injection Vulnerabilities (cisco-sa-hyperﬂex-rce-TjjNrkpR) CVE-2021-1497 CVE-2021-1498 13 May 2021 9.8 (v3) Critical Pass uC/TCP-IP Stack - HTTP Detection 14 May 2021 None Pass Microsoft Windows 10 Version 1507 Unsupported Version Detection 09 May 2017 10 (v3) Critical Pass Juniper Junos DoS (JSA11148) CVE-2021-0257 10 May 2021 6.5 (v3) Medium Pass Juniper Junos OS DoS (JSA11137) CVE-2021-0244 11 May 2021 7.4 (v3) High Pass TYPO3 8.3 < 8.7.27 / 9.x < 9.5.8 XSS (TYPO3-CORE-SA-2019-015) CVE-2019-12748 21 Jul 2020 6.1 (v3) Medium Pass NetX TCP/IP Stack - HTTP Detection 17 May 2021 None Pass OPC UA opc.tcp Detection 17 May 2021 None Pass iLO 4 < 2.53 Remote Code Execution Vulnerability CVE-2017-12542 11 Feb 2019 10 (v3) Critical Pass Cisco Content Security Management Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-gY2AEz2H)CVE-2021-1516 21 May 2021 6.5 (v3) Medium Pass Juniper Junos Unsupported Version Detection 22 Aug 2011 10 (v3) Critical Pass iLO 3 < 1.88 / iLO 4 < 2.44 XSS Vulnerability CVE-2016-4406 14 Feb 2019 6.1 (v3) Medium Pass Adobe Experience Manager 6.2.x <= 6.2 SP1-CFP20 / 6.3.x <= 6.3.3.8 / 6.4.x < 6.4.8.2 / 6.5.x < 6.5.6.0 (APSB20-56)CVE-2020-9733 CVE-2020-9735 CVE-2020-9736 CVE-2020-9737 CVE-2020-9738 CVE-2020-9740 CVE-2020-9742 CVE-2020-9743 11 Sep 2020 7.5 (v3) High Pass Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.7.1 Avatar Upload DoS (JRASERVER-70813) CVE-2019-20897 25 Aug 2020 6.5 (v3) Medium Pass iLO 2 < 2.27 / iLO 3 < 1.82 / iLO 4 < 2.10 Denial of Service Vulnerability CVE-2015-2106 14 Feb 2019 5.3 (v3) Medium Pass Cisco ACI Multi-Site Orchestrator (MSO) Detection 26 May 2021 None Pass Apple TV Version Detection 27 Sep 2016 None Pass Cisco IOS Software Privilege Escalation (cisco-sa-XE-FSM-Yj8qJbJc) CVE-2021-1391 29 Mar 2021 6.7 (v3) Medium Pass Sourceﬁre Defense Center Multiple Security Vulnerabilities 22 Aug 2013 7.5 (v2) High Pass Juniper Junos BGP Update DoS (JSA11033) CVE-2020-1646 17 Jul 2020 7.5 (v3) High Pass OpenSSL 1.1.1 < 1.1.1i Null Pointer Dereference Vulnerability CVE-2020-1971 10 Dec 2020 5.9 (v3) Medium Pass F5 Networks BIG-IQ Conﬁguration Utility Privilege Escalation CVE-2014-3220 09 May 2014 9 (v2) High Pass Juniper Junos OS Vulnerability (JSA11139) CVE-2021-0246 15 Apr 2021 7.3 (v3) High Pass Cisco TelePresence ISDN Gateway Detection 28 Jan 2014 None Pass EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 SP1 P1 Stored Cross-site Scripting CVE-2021-29252 28 May 2021 5.4 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2y Multiple Vulnerabilities CVE-2021-23839 CVE-2021-23840 CVE-2021-23841 19 Feb 2021 3.7 (v3) Low Pass BACnet Protocol Detection 16 Apr 2014 None Pass Oracle Reports Servlet Detection 14 Mar 2014 None Pass CODESYS PLC Runtime Service Detection 02 Nov 2012 None Pass Junos Space Security Director Detection 24 Mar 2021 None Pass HP Printer PJL Interface Detection 01 Mar 2012 None Pass Tenable Nessus < 8.11.1 Session Expiration (TNS-2020-06) CVE-2020-5774 27 Aug 2020 7.1 (v3) High Pass IBM Spectrum Protect 8.1.x < 8.1.10.100 Information Disclosure CVE-2020-4591 03 Sep 2020 3.3 (v3) Low Pass IBM Spectrum Protect 7.1.x <= 7.1.10.000 / 8.1.x <= 8.1.10.000 DoS CVE-2020-4559 03 Sep 2020 7.5 (v3) High Pass Atlassian Conﬂuence Command Injection (CVE-2022-26134) CVE-2022-26134 03 Jun 2022 10 (v3) Critical Pass Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.10.2 / 8.11.x < 8.11.1 DoS (JRASERVER-71388) CVE-2020-14177 24 Sep 2020 6.5 (v3) Medium Pass Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.12.0 User Enumeration (JRASERVER-71560) CVE-2020-14181 24 Sep 2020 5.3 (v3) Medium Pass SonicWall SonicOS Buﬀer Overﬂow (SNWLID-2021-0006) CVE-2021-20019 24 Jun 2021 7.5 (v3) High Pass Cisco IOS XE Software NAT SIP Application Layer Gateway DoS Vulnerability (cisco-sa-20180926-sip-alg)CVE-2018-0476 05 Oct 2018 5.9 (v3) Medium Pass Cisco IOS XE Software CDP Memory Leak DoS Vulnerability (cisco-sa-20180926-cdp-memleak) CVE-2018-0471 05 Oct 2018 7.4 (v3) High Pass Juniper Junos OS Vulnerability (JSA11162) CVE-2021-0271 15 Apr 2021 6.5 (v3) Medium Pass Cisco IOS XE Software Multiple Vulnerabilities in ntpd (cisco-sa-20150408-ntpd) CVE-2015-1798 CVE-2015-1799 10 Apr 2018 5.4 (v3) Medium Pass Cisco IOS XE Software DNS Forwarder Denial of Service Vulnerability (cisco-sa-20160928-dns) CVE-2016-6380 10 Apr 2018 8.1 (v3) High Pass ArubaOS-Switch DoS (ARUBA-PSA-2021-002) CVE-2021-25141 15 Jun 2021 4.4 (v3) Medium Pass Untangle NG Firewall Captive Portal RCE 15 Jul 2016 10 (v2) Critical Pass Wind River VxWorks RTOS Detection 09 Jul 2021 None Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (Jul 2020 CPU) CVE-2020-1945 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10650 CVE-2020-10672 CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11619 CVE-2020-11620 CVE-2020-1461715 Jul 2020 9.8 (v3) Critical Pass OpenTSDB HTTP Detection 09 Jul 2021 None Pass Unix Operating System Unsupported Version Detection 08 Aug 2008 10 (v3) Critical Pass ManageEngine ServiceDesk Plus < 11.2 Build 11205 RCE CVE-2021-20081 02 Jul 2021 7.2 (v3) High Pass Kaseya Virtual System Administrator (VSA) Detection 05 Jul 2021 None Pass PHP 7.2 < 7.2.34 / 7.3.x < 7.3.23 / 7.4.x < 7.4.11 Mulitiple Vulnerabilities CVE-2020-7069 CVE-2020-7070 09 Oct 2020 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11179) 14 Jul 2021 7.5 (v3) High Pass Cisco Integrated Management Controller Command Injection (cisco-sa-CIMC-CIV-pKDBe9x5) CVE-2020-3371 09 Jul 2021 8.8 (v3) High Pass Apache Storm Version Detection 28 Feb 2019 None Pass Apache Tomcat 10.0.0.M1 < 10.0.7 vulnerability CVE-2021-33037 12 Jul 2021 5.3 (v3) Medium Pass EgoSecure EndPoint Service Installed 03 Mar 2015 None Pass Remote web server screenshot 29 Mar 2013 None Pass IBM MQ Console Detection 21 May 2020 None Pass CA InoWeb Detection 11 May 2005 None Pass MySQL Default Account Credentials CVE-2012-3951 CVE-2014-3413 28 Aug 2012 9.8 (v3) Critical Pass SQL Server Version Detection 04 Mar 2019 None Pass Tenable.sc < 5.19.0 Multiple Vulnerabilities (TNS-2021-14) (deprecated) CVE-2016-10735 CVE-2017-5661 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 CVE-2019-11044 CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11048 CVE-2019-11049 CVE-2019-11050 CVE-2019-16168 CVE-2019-19645 CVE-2019-19646 CVE-2019-19919 CVE-2020-7059 CVE-2020-7060 CVE-2020-7061 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 CVE-2020-7067 CVE-2020-7068 CVE-2020-7069 CVE-2020-7070 CVE-2020-7071 CVE-2020-11022 CVE-2020-11655 CVE-2020-11656 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-15358 CVE-2021-21702 CVE-2021-21704 CVE-2021-21705 CVE-2021-2335822 Jul 2021 7.3 (v3) High Pass Oracle Primavera Uniﬁer (Jul 2021 CPU) CVE-2020-5258 CVE-2020-25649 CVE-2020-36189 CVE-2021-27807 CVE-2021-27906 CVE-2021-31811 22 Jul 2021 8.1 (v3) High Pass RuggedCom RuggedOS (ROS) Web-Based Admin Interface Detection 15 Jun 2012 None Pass Python Remote HTTP Detection 21 Feb 2019 None Pass HPE Systems Insight Manager RCE (CVE-2020-7200) CVE-2020-7200 22 Mar 2021 9.8 (v3) Critical Pass ManageEngine Password Manager Pro Detection 23 Jan 2015 None Pass Oracle Primavera Gateway (Apr 2020 CPU) CVE-2019-10086 CVE-2019-12402 CVE-2019-16942 CVE-2019-16943 CVE-2019-17195 CVE-2019-17531 15 Apr 2020 9.8 (v3) Critical Pass Jenkins < 2.263.3 LTS / 2.276 TOCTOU CVE-2021-21615 28 Jan 2021 5.3 (v3) Medium Pass CODESYS V2 Web Server Detection 27 Jul 2021 None Pass Juniper Junos OS Vulnerability (JSA11135) CVE-2021-0242 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos LLDP Packet DoS JSA11027 CVE-2020-1641 17 Jul 2020 6.5 (v3) Medium Pass Cisco IoT Field Network Director DoS (cisco-sa-iot-coap-dos-WTBu6YTq) CVE-2020-3162 28 Jul 2021 7.5 (v3) High Pass HP OﬃceJet Printers RCE (HPSBPI03569) CVE-2017-2750 28 Nov 2017 9.8 (v3) Critical Pass TYPO3 8.x < 8.7.25 / 9.x < 9.5.6 Multiple Vulnerabilities CVE-2019-11832 21 Jul 2020 7.5 (v3) High Pass Apache Tomcat 4.x < 4.1.3 Denial of Service CVE-2002-0935 01 Oct 2010 5.3 (v3) Medium Pass Apache Tomcat 6.x < 6.0.30 / 7.x < 7.0.5 Multiple XSS CVE-2010-4172 14 Jan 2011 5.3 (v3) Medium Pass Apache Tomcat 5.5.x < 5.5.32 HTML Manager Interface XSS CVE-2011-0013 11 Feb 2011 5.3 (v3) Medium Pass Apache Tomcat 7.x < 7.0.11 @ServletSecurity Annotation Security Bypass CVE-2011-1088 CVE-2011-1419 11 Mar 2011 6.5 (v3) Medium Pass Junos Version Detection 22 Aug 2011 None Pass Oracle Database Multiple Vulnerabilities (April 2006 CPU) CVE-2006-1705 CVE-2006-1866 CVE-2006-1867 CVE-2006-1868 CVE-2006-1869 CVE-2006-1870 CVE-2006-1871 CVE-2006-1872 CVE-2006-1873 CVE-2006-1874 CVE-2006-1875 CVE-2006-1876 CVE-2006-187716 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (October 2009 CPU) CVE-2009-1007 CVE-2009-1018 CVE-2009-1964 CVE-2009-1965 CVE-2009-1971 CVE-2009-1972 CVE-2009-1979 CVE-2009-1985 CVE-2009-1991 CVE-2009-1992 CVE-2009-1993 CVE-2009-1994 CVE-2009-1995 CVE-2009-1997 CVE-2009-2000 CVE-2009-200116 Nov 2011 10 (v2) Critical Pass Oracle Database Multiple Vulnerabilities (October 2011 CPU) CVE-2011-2301 CVE-2011-2322 CVE-2011-3511 CVE-2011-3512 CVE-2011-3525 26 Oct 2011 8.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2012 CPU) CVE-2012-0072 CVE-2012-0082 18 Jan 2012 5.5 (v2) Medium Pass OpenBase Detection 21 Nov 2007 None Pass Harbor Web Interface Detection 17 Oct 2019 None Pass WordPress Detection 18 May 2005 None Pass Citrix CloudPlatform Unauthorized Access Vulnerability (CTX140989) CVE-2013-6398 01 Dec 2014 2.8 (v2) Low Pass Oracle Database Multiple Vulnerabilities (October 2012 CPU) CVE-2012-1751 CVE-2012-3132 CVE-2012-3137 CVE-2012-3146 CVE-2012-3151 23 Oct 2012 6.5 (v2) Medium Pass Citrix CloudPlatform Default Credentials 01 Dec 2014 7.5 (v2) High Pass Oracle Database Multiple Vulnerabilities (January 2013 CPU) CVE-2012-3219 CVE-2012-3220 CVE-2012-5062 CVE-2013-0352 CVE-2013-0353 CVE-2013-0354 CVE-2013-0355 CVE-2013-0358 CVE-2013-0372 CVE-2013-0373 CVE-2013-037418 Jan 2013 9 (v2) High Pass Citrix CloudPlatform Detection 01 Dec 2014 None Pass Apache Tomcat 6.0.x < 6.0.37 Multiple Vulnerabilities CVE-2012-3544 CVE-2013-2067 15 May 2013 5.6 (v3) Medium Pass WANem Detection 29 Oct 2012 None Pass Novell Sentinel Log Manager Authentication Bypass CVE-2012-6534 19 Nov 2012 4.3 (v2) Medium Pass Apple TV < 12 Multiple Vulnerabilities CVE-2016-1777 CVE-2018-4305 CVE-2018-4313 CVE-2018-4363 CVE-2018-5383 18 Sep 2018 5.5 (v3) Medium Pass NetIQ Privileged User Manager Detection 21 Nov 2012 None Pass EMC Data Protection Advisor Web UI Detection 20 Feb 2013 None Pass Oracle Database Multiple Vulnerabilities (July 2014 CPU) CVE-2013-3751 CVE-2013-3774 CVE-2014-4236 CVE-2014-4237 CVE-2014-4245 16 Jul 2014 9 (v2) High Pass Oracle Application Express (Apex) Version Detection 20 Feb 2013 None Pass Oracle Application Express (Apex) CVE-2010-0892 CVE-2010-0892 20 Feb 2013 4.3 (v2) Medium Pass Crafted IP Option Vulnerability (cisco-sa-20070124-crafted-ip-option) CVE-2007-0480 14 Dec 2013 10 (v2) Critical Pass Cisco IOS XR Version 14 Dec 2013 None Pass OpenSMTPD TLS Blocking Socket Remote DoS CVE-2013-2125 24 May 2013 5 (v2) Medium Pass Information Leakage Using IPv6 Routing Header in Cisco IOS XR (cisco-sa-20070808-IOS-IPv6-leak) CVE-2007-4285 14 Dec 2013 9 (v2) High 91

Pass Cisco IOS XR Software Memory Exhaustion Vulnerability (cisco-sa-20131002-iosxr) CVE-2013-5503 14 Dec 2013 7.8 (v2) High Pass McAfee Vulnerability Manager Detect 29 Mar 2013 None Pass Elasticsearch Detection (deprecated) 03 Dec 2018 None None Pass Logstash JSON API Detection (deprecated) 03 Dec 2018 None None Pass Ansible AWX WebUI Detection 04 Feb 2019 None Pass Cisco IOS XR ICMPv6 Redirect Denial of Service CVE-2014-2144 09 Apr 2014 6.1 (v2) Medium Pass Alt-N MDaemon Detection 28 May 2013 None Pass Junos OS: Multiple vulnerabilities in libxml2 (JSA10902) CVE-2019-0003 15 Feb 2019 5.9 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (April 2014 CPU) CVE-2014-2406 CVE-2014-2408 16 Apr 2014 8.5 (v2) High Pass Microsoft SQL Server Unsupported Version Detection (remote check) 29 Apr 2014 10 (v3) Critical Pass Apache Struts 2 CookieInterceptor Unspeciﬁed Security Bypass (S2-022) CVE-2014-0116 09 May 2014 6.5 (v3) Medium Pass Cisco IOS XR OSPFv3 DoS (CSCuj82176) CVE-2013-5565 28 Jul 2014 4.3 (v2) Medium Pass Cisco IOS XR DHCPv6 Multiple DoS Vulnerabilities CVE-2014-3270 CVE-2014-3271 01 Aug 2014 5 (v2) Medium Pass Cisco IOS XR DHCPv6 DoS CVE-2014-3343 26 Nov 2014 4.3 (v2) Medium Pass Cisco IOS XR Malformed RSVP Packet DoS CVE-2014-3376 28 Nov 2014 5 (v2) Medium Pass Tenable SecurityCenter Multiple DoS (TNS-2014-11) CVE-2014-3513 CVE-2014-3567 30 Dec 2014 7.5 (v3) High Pass Apache Struts 2 Multiple Vulnerabilities (S2-023) (S2-025) CVE-2014-7809 CVE-2015-5169 10 Dec 2014 7.3 (v3) High Pass Cisco IOS XR Multiple ntpd Vulnerabilities CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 18 Mar 2015 7.5 (v2) High Pass Apache Tomcat 6.0.x < 6.0.42 Handling Request Smuggling DoS CVE-2014-0227 01 Mar 2015 4.8 (v3) Medium Pass Apache Struts 2.3.20 Incorrect Default Exclude Pattern (S2-024) CVE-2015-1831 15 May 2015 7.3 (v3) High Pass Cisco IOS XR NCS 6000 Multiple ntpd Vulnerabilities CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 18 Mar 2015 7.5 (v2) High Pass Cisco IOS XR DHCPv4 Message Saturation DoS CVE-2015-0672 31 Mar 2015 5 (v2) Medium Pass Cisco IOS Software TCP Memory Leak DoS (cisco-sa-20150325-tcpleak) CVE-2015-0646 03 Apr 2015 7.5 (v3) High Pass Cisco IOS Autonomic Networking Infrastructure Multiple Vulnerabilities (cisco-sa-20150325-ani) CVE-2015-0635 CVE-2015-0636 CVE-2015-0637 06 Apr 2015 9 (v2) High Pass Oracle Database Multiple Vulnerabilities (April 2015 CPU) CVE-2015-0455 CVE-2015-0457 CVE-2015-0479 CVE-2015-0483 20 Apr 2015 9 (v2) High Pass Cisco ANI Conﬁguration Overwrite DoS (CSCup62167) CVE-2015-0669 22 May 2015 6.4 (v2) Medium Pass Cisco IOS XR Software Crafted IPv6 Packet DoS (cisco-sa-20150611-iosxr) CVE-2015-0769 19 Jun 2015 7.8 (v2) High Pass Tenable SecurityCenter < 5.0.1 Multiple RCE (TNS-2015-10) CVE-2015-4149 CVE-2015-4150 03 Aug 2015 8.8 (v3) High Pass Tenable SecurityCenter Alternative Certiﬁcate Validation Bypass Vulnerability (TNS-2015-08) CVE-2015-1793 20 Aug 2015 6.5 (v3) Medium Pass Atlassian Jira < 8.5.5 / 8.6.x < 8.8.2 / 8.9.x < 8.9.1 Multiple Cross-Site Scripting (XSS) CVE-2020-4022 CVE-2020-4024 CVE-2020-4025 22 Jul 2020 6.1 (v3) Medium Pass Tenable SecurityCenter Multiple PHP Vulnerabilities (TNS-2015-06) CVE-2006-7243 CVE-2015-2325 CVE-2015-2326 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 20 Aug 2015 9.8 (v3) Critical Pass Cisco IOS SSHv2 RSA-Based User Authentication Bypass (CSCus73013) CVE-2015-6280 02 Oct 2015 9.3 (v2) High Pass Oracle Database Multiple Vulnerabilities (October 2015 CPU) CVE-2015-4794 CVE-2015-4796 CVE-2015-4857 CVE-2015-4863 CVE-2015-4873 CVE-2015-4888 CVE-2015-4900 23 Oct 2015 10 (v2) Critical Pass Cisco IOS XR OSPF Link State Advertisement PCE DoS (cisco-sa-20160104-iosxr) CVE-2015-6432 08 Jan 2016 7.5 (v3) High Pass Tenable SecurityCenter OpenSSL ASN.1 Signature Veriﬁcation Routine DoS (TNS-2016-01) CVE-2015-3194 17 Feb 2016 7.5 (v3) High Pass Tenable SecurityCenter PHP Character Handling (TNS-2015-09) 29 Feb 2016 9.8 (v3) Critical Pass Cisco IOS XR OpenSSL Security Bypass (CSCup22654) CVE-2014-0224 26 Feb 2016 5.8 (v2) Medium Pass Tenable SecurityCenter 5.0.2 Audit File XSS (TNS-2015-12) CVE-2015-8503 16 Mar 2016 4.1 (v3) Medium Pass Tenable SecurityCenter 5.2.x / 5.3.x < 5.3.1 Multiple Vulnerabilities (TNS-2016-07) CVE-2016-82008 CVE-2016-82009 CVE-2016-82010 CVE-2016-82011 12 Apr 2016 4.7 (v3) Medium Pass Cisco IOS XR GSR 12000 Port Range BFD DoS (cisco-sa-20160311-gsr) CVE-2016-1361 14 Apr 2016 5.3 (v3) Medium Pass Cisco IOS NTP Subsystem Unauthorized Access (cisco-sa-20160419-ios) CVE-2016-1384 03 May 2016 7.5 (v3) High Pass Cisco IOS XR OpenSSH Module SSH Login Channel Identiﬁer DoS CVE-2015-4193 17 May 2016 4 (v2) Medium Pass Atlassian Jira 7.13.x < 8.3.0 XSS (JRASERVER-70856) CVE-2019-20416 22 Jul 2020 4.8 (v3) Medium Pass Cisco IOS XR < 6.1.1 on ASR 9000 LPTS DoS CVE-2016-1407 25 May 2016 7.5 (v3) High Pass Cisco IOS LLDP Packet Handling Remote DoS (cisco-sa-20160616-ios) CVE-2016-1424 22 Jun 2016 6.5 (v3) Medium Pass Cisco IOS XR 6.0.1.x and 6.0.2.x < 6.0.2.7 / 6.1.x < 6.1.1.17 Command Input Handling Privilege EscalationCVE-2016-1456 12 Aug 2016 7.8 (v3) High Pass Cisco IOS XR 5.1.x < 5.1.3 / 5.2.x < 5.2.4 / 5.3.x < 5.3.2 Fragmented Packet DoS (cisco-sa-20160810-iosxr)CVE-2016-6355 19 Aug 2016 7.5 (v3) High Pass Cisco IOS Software Border Gateway Protocol Message Processing DoS (cisco-sa-20160715-bgp) CVE-2016-1459 26 Aug 2016 5.3 (v3) Medium Pass Cisco IOS NTP Packet Handling Remote DoS (cisco-sa-20160804-wedge) CVE-2016-1478 29 Aug 2016 7.5 (v3) High Pass Tenable SecurityCenter < 5.3.0 Multiple Vulnerabilities (TNS-2016-04) CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 06 Sep 2016 4.3 (v3) Medium Pass Cisco IOS Software Wide Area Application Services Express DoS CVE-2016-1347 16 Sep 2016 7.5 (v3) High Pass Cisco IOS XR NCS 6000 Packet Timer Leak DoS (cisco-sa-20160713-ncs6k) CVE-2016-1426 16 Sep 2016 7.5 (v3) High Pass Cisco IOS XR IKEv1 Packet Handling Remote Information Disclosure (cisco-sa-20160916-ikev1) (BENIGNCERCVE-2016-6415TAIN) 27 Sep 2016 7.5 (v3) High Pass Apache Struts 2.3.1 < 2.3.31 / 2.5.x < 2.5.5 Convention Plugin Path Traversal RCE (S2-042) CVE-2016-6795 27 Oct 2016 9.8 (v3) Critical Pass Atlassian Jira 7.13.x < 7.13.3 / 8.x < 8.1.0 CSRF via Logging and Proﬁling Feature (JRASERVER-70849) CVE-2019-20415 22 Jul 2020 4.3 (v3) Medium Pass Oracle Database Multiple Vulnerabilities (January 2017 CPU) CVE-2017-3240 CVE-2017-3310 18 Jan 2017 9 (v3) Critical Pass Tenable SecurityCenter 5.4.x <= 5.4.3 PHP Object Deserialization Remote File Deletion (TNS-2017-05) 07 Mar 2017 4.3 (v3) Medium Pass Tenable SecurityCenter 5.x < 5.4.3 Multiple Vulnerabilities (TNS-2017-04) (httpoxy) CVE-2016-0736 CVE-2016-2161 CVE-2016-5387 CVE-2016-7055 CVE-2016-8740 CVE-2016-8743 CVE-2016-9594 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10167 CVE-2016-1000102 CVE-2016-1000104 CVE-2017-3731 CVE-2017-373214 Mar 2017 6.5 (v3) Medium Pass Cisco IOS ANI Registrar DoS (cisco-sa-20170320-ani) CVE-2017-3849 24 Mar 2017 7.4 (v3) High Pass Cisco IOS ANI IPv6 Packets DoS (cisco-sa-20170320-aniipv6) CVE-2017-3850 24 Mar 2017 5.9 (v3) Medium Pass Apache Tomcat 7.0.x < 7.0.105 WebSocket DoS CVE-2020-13935 23 Jul 2020 7.5 (v3) High Pass Oracle GlassFish Server Unspeciﬁed Vulnerability (January 2015 CPU) CVE-2015-0396 23 Jan 2015 7.5 (v2) High Pass Apache Traﬃc Server Unsupported 22 Jan 2015 10 (v3) Critical Pass TYPO3 9.x < 9.5.6 Information Disclosure 23 Jul 2020 4.8 (v3) Medium Pass Apache Tomcat 8.0.x < 8.0.21 Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-029319 May 2015 7.3 (v3) High Pass HP StoreVirtual 4000 and StoreVirtual VSA Software dbd_manager RCE CVE-2013-4841 10 Apr 2014 10 (v2) Critical Pass Azure CycleCloud Web UI Detection 13 Aug 2021 None Pass ServletExec 4.1 ISAPI com.newatlanta.servletexec.JSP10Servlet Path Disclosure CVE-2002-0892 22 May 2002 5 (v2) Medium Pass HP System Management Homepage < 7.5.4 Multiple Vulnerabilities (Logjam) CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1793 CVE-2015-3143 CVE-2015-3145 CVE-2015-3148 CVE-2015-4000 CVE-2015-4024 CVE-2016-1993 CVE-2016-1994 CVE-2016-1995 CVE-2016-199624 Mar 2016 9.8 (v3) Critical Pass Samba MS-DOS Path Request Arbitrary File Retrieval CVE-2004-0815 30 Sep 2004 6.5 (v2) Medium Pass Atlassian Jira < 8.5.5 / 8.6.x < 8.7.2 / 8.8.x < 8.8.1 Improper authorization CVE-2020-4029 23 Jul 2020 4.3 (v3) Medium Pass Web Server Directory Enumeration 26 Jun 2002 None Pass Cisco Wireless LAN Controller (WLC) Version 25 Sep 2013 None Pass Jenkins ( < 2.235.2 LTS / < 2.245 Weekly) Multiple Stored XSS (Jenkins Security Advisory 2020-07-15) CVE-2020-2220 CVE-2020-2221 CVE-2020-2222 CVE-2020-2223 24 Jul 2020 5.4 (v3) Medium Pass SSL/TLS Service Requires Client Certiﬁcate 19 May 2016 None Pass TYPO3 8.x < 8.7.23 / 9.x < 9.5.4 Multiple Vulnerabilities CVE-2018-14041 24 Jul 2020 6.1 (v3) Medium Pass Juniper JSA10879 CVE-2018-0045 23 Jul 2019 8.8 (v3) High Pass BMC Server Automation RSCD Agent Weak ACL XML-RPC Arbitrary Command Execution 10 May 2016 10 (v2) Critical Pass ArubaOS Detection 16 Oct 2014 None Pass IBM WebSphere Application Server 8.0 < Fix Pack 10 Multiple Vulnerabilities (POODLE) CVE-2013-5704 CVE-2014-0076 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3021 CVE-2014-3070 CVE-2014-3083 CVE-2014-3566 CVE-2014-4764 CVE-2014-4770 CVE-2014-4816 CVE-2014-6166 CVE-2014-6167 CVE-2014-617418 Feb 2015 6.8 (v2) Medium Pass Cisco NX-OS GNU C Library (glibc) Buﬀer Overﬂow (GHOST) CVE-2015-0235 19 Jul 2016 8.1 (v3) High Noise TLS Version 1.3 Protocol Detection 09 Jul 2020 None Pass Database Authentication Failure(s) for Provided Credentials 24 Jun 2016 None Pass MySQL Server Login Possible 24 Jun 2016 None Pass Oracle Primavera Gateway (Oct 2020 CPU) CVE-2019-17495 22 Oct 2020 9.8 (v3) Critical Pass Atlassian Jira < 7.13.9 / 8.0.x < 8.4.2 Multiple Vulnerabilities CVE-2019-20411 CVE-2019-20413 28 Jul 2020 4.3 (v3) Medium Pass PHP < 7.3.28 Email Header Injection 26 Aug 2021 5.3 (v3) Medium Pass HP LaserJet Printers Remote Unauthorized Access, DoS (HPSBPI03147) CVE-2014-7875 05 Nov 2014 9 (v2) High Pass Atlassian Jira < 7.6.17 / 7.7.x < 7.13.9 / 8.0.x < 8.4.2 Information Disclosure CVE-2019-20410 29 Jul 2020 6.5 (v3) Medium Pass POP Password Changer (poppassd_pam) Arbitrary User Remote Password Modiﬁcation 12 Jan 2005 7.5 (v2) High Pass Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2m Multiple Vulnerabilities CVE-2017-3735 CVE-2017-3736 16 Nov 2017 5.3 (v3) Medium Pass Xerox WorkCentre Command Injection (XRX11-001) 08 Feb 2011 10 (v2) Critical Pass Internet Gateway Device WAN Interface UPnP Access 19 Feb 2009 6.5 (v3) Medium Pass Veritas Cluster Management Console Detection 02 Mar 2011 None Pass SMTP Service STARTTLS Plaintext Command Injection CVE-2011-0411 CVE-2011-1430 CVE-2011-1431 CVE-2011-1432 CVE-2011-1506 CVE-2011-2165 10 Mar 2011 4 (v2) Medium Pass HP StorageWorks File Migration Agent Detection 14 Mar 2011 None Pass Wake-on-LAN 10 Mar 2011 None Pass Sybase M-Business Anywhere (AvantGo) Sync Server Detection 23 May 2011 None Pass Unprotected memcached 11 Mar 2011 5 (v2) Medium Pass Tenable SecurityCenter PHP < 5.6.32 PCRE DoS CVE-2016-1283 16 Nov 2017 9.8 (v3) Critical Pass Juniper Junos SIP DoS (PSN-2013-04-911) 20 May 2013 7.1 (v2) High Pass Sun Java System Directory Server bind-dn Remote Privilege Escalation CVE-2008-1995 01 May 2008 6.5 (v2) Medium Pass Cisco Web Security Appliance (WSA) Server Name Identiﬁcation Data Exﬁltration (cisco-sa-sni-data-exﬁl-mFgzXqLN)CVE-2021-34749 25 Aug 2021 8.6 (v3) High Pass Script Src Integrity Check 20 Dec 2018 7.1 (v3) High Pass Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX276688) (Direct Check) CVE-2020-8193 30 Jul 2020 6.5 (v3) Medium Pass NETGEAR Hard-coded Telnet Unlock Credentials 05 Mar 2014 8.3 (v2) High Pass 3Com Switch Default Admin Credentials 25 Mar 2014 10 (v2) Critical Pass Quantum vmPRO Default Credentials Check 24 Mar 2014 10 (v2) Critical Pass OpenSSH < 3.0.1 Multiple Flaws CVE-2001-1507 20 Nov 2001 6.8 (v2) Medium Pass Stuxnet Worm Detection (uncredentialed check) 18 Nov 2010 10 (v2) Critical Pass 3Com Web Management Interface Default Credentials 25 Mar 2014 10 (v2) Critical Pass Novell GroupWise WebAccess Accessible 23 Nov 2010 5 (v2) Medium 92

Pass Lime Wire Multiple Remote Unauthorized Access CVE-2005-0788 06 Apr 2005 5 (v2) Medium Pass Ability FTP Server Multiple Command Remote Buﬀer Overﬂows CVE-2004-1626 CVE-2004-1627 04 Nov 2004 10 (v2) Critical Pass Western Digital TV Multiple Vulnerabilities 08 Sep 2017 7.5 (v3) High Pass up-imapproxy IMAP Proxy IMAP_Line_Read() Function Literal Size DoS CVE-2004-1035 30 Nov 2004 6.4 (v2) Medium Pass ExtCalendar Detection 26 Jan 2011 None Pass macOS 10.15.x < 10.15.5 / 10.14.x < 10.14.6 Security Update 2020-003 / 10.13.x < 10.13.6 Security Update 2020-003CVE-2019-14868 CVE-2019-20044 CVE-2020-3878 CVE-2020-3882 CVE-2020-9771 CVE-2020-9772 CVE-2020-9788 CVE-2020-9789 CVE-2020-9790 CVE-2020-9791 CVE-2020-9792 CVE-2020-9793 CVE-2020-9794 CVE-2020-9795 CVE-2020-9797 CVE-2020-9804 CVE-2020-9808 CVE-2020-9809 CVE-2020-9811 CVE-2020-9812 CVE-2020-9813 CVE-2020-9814 CVE-2020-9815 CVE-2020-9816 CVE-2020-9817 CVE-2020-9821 CVE-2020-9822 CVE-2020-9824 CVE-2020-9825 CVE-2020-9826 CVE-2020-9827 CVE-2020-9828 CVE-2020-9830 CVE-2020-9831 CVE-2020-9832 CVE-2020-9833 CVE-2020-9834 CVE-2020-9837 CVE-2020-9839 CVE-2020-9841 CVE-2020-9842 CVE-2020-9844 CVE-2020-9847 CVE-2020-9851 CVE-2020-9852 CVE-2020-9855 CVE-2020-9856 CVE-2020-985728 May 2020 8.8 (v3) High Pass IBM Sametime Detection 14 Mar 2011 None Pass PHP 7.0.x < 7.0.25 Multiple Vulnerabilities CVE-2016-1283 CVE-2017-16642 16 Nov 2017 9.8 (v3) Critical Pass HP Client Automation Default Credentials 25 Mar 2011 10 (v2) Critical Pass WU-FTPD ﬁleutils/coreutils ls -w Argument Memory Consumption DoS CVE-2003-0853 CVE-2003-0854 29 Oct 2003 7.5 (v3) High Pass WP Statistics Plugin for WordPress < 12.6.7 Blind SQL Injection 02 Jul 2019 8.3 (v3) High Pass Default Password '1111' for 'admin' Account CVE-1999-0502 28 Oct 2016 9.8 (v3) Critical Pass IMAP pop-2d POP Daemon FOLD Command Remote Overﬂow CVE-1999-0920 22 Jun 1999 10 (v2) Critical Pass HP System Management Homepage < 7.2.5 / 7.4.1 Multiple Vulnerabilities (POODLE) CVE-2014-3508 CVE-2014-3509 CVE-2014-3511 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 CVE-2015-213303 Aug 2015 6.8 (v2) Medium Pass Xerox WorkCentre Multi-Page Document Scan/Fax Information Disclosure (XRX05-002) 16 May 2005 2.6 (v2) Low Pass ePolicy Orchestrator Detection 02 Oct 2006 None Pass pfSense < 2.3.1-p5 Multiple Vulnerabilities (SA-16_07 / SA-16_08) CVE-2013-7456 CVE-2016-5093 CVE-2016-5094 CVE-2016-5096 31 Jan 2018 8.6 (v3) High Pass pfSense < 2.2.2 Multiple Vulnerabilities (SA-15_05) 31 Jan 2018 4.7 (v3) Medium Pass pfSense < 2.2.4 Multiple Vulnerabilities (SA-15_07) CVE-2015-3152 CVE-2015-5358 CVE-2015-8838 31 Jan 2018 5.9 (v3) Medium Pass pfSense < 2.3.1-p1 Multiple Vulnerabilities (SA-16_05) 31 Jan 2018 8.8 (v3) High Pass pfSense < 2.4.2 Multiple Vulnerabilities (SA-17_07) CVE-2017-1086 CVE-2017-1088 CVE-2017-3735 CVE-2017-3736 21 Mar 2018 5.3 (v3) Medium Pass pfSense < 2.1.4 Multiple Vulnerabilities ( SA-14_07 ) CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 21 Mar 2018 7.4 (v3) High Pass Multiple FTP Server Command Handling Overﬂow CVE-1999-0219 CVE-2000-0870 CVE-2000-0943 CVE-2000-1035 CVE-2000-1194 CVE-2002-0126 CVE-2003-0271 CVE-2005-0634 CVE-2005-141522 Jun 1999 9.8 (v3) Critical Pass pfSense Default SSH Credentials 24 Jan 2018 9.8 (v3) Critical Pass GuildFTPd Traversal Arbitrary File Enumeration CVE-2000-0640 16 Jul 2000 7.3 (v3) High Pass Samba Badlock Vulnerability CVE-2016-2118 13 Apr 2016 7.5 (v3) High Pass OS Identiﬁcation : SinFP 19 May 2007 None Pass Unsupported Windows OS (remote) 03 Apr 2018 10 (v3) Critical Pass Dell iDRAC9 Directory Traversal (DSA-2020-128) CVE-2020-5366 31 Jul 2020 6.5 (v3) Medium Pass Sendmail < 8.14.4 SSL Certiﬁcate NULL Character Spooﬁng CVE-2009-4565 05 Jan 2010 7.3 (v3) High Pass PHP 8.1.x < 8.1.3 CVE-2021-21708 18 Feb 2022 9.8 (v3) Critical Pass OTRS Unspeciﬁed Remote Code Execution (OSA-2017-04) CVE-2017-14635 11 Dec 2017 8.8 (v3) High Pass OTRS Authenticated Remote Code Execution (OSA-2017-07) CVE-2017-16664 11 Dec 2017 8.8 (v3) High Pass Cisco IOS XE Software IOx Application Environment Path Traversal (cisco-sa-iox-pt-hWGcPf7g) CVE-2021-1385 08 Sep 2021 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS 9.0.10 < 9.0.15 / 9.1.4 < 9.1.11 / 10.0.x < 10.0.8 / 10.1.x < 10.1.2 OS Command InjectionCVE-2021-3050 10 Sep 2021 8.8 (v3) High Pass Pulse Connect Secure < 9.1R8 (SA44516) CVE-2020-8204 CVE-2020-8206 CVE-2020-8216 CVE-2020-8217 CVE-2020-8218 CVE-2020-8219 CVE-2020-8220 CVE-2020-8221 CVE-2020-8222 CVE-2020-12880 CVE-2020-1540831 Jul 2020 8.1 (v3) High Pass MariaDB 10.3.x < 10.3.1 Multiple DoS Vulnerabilities 07 Dec 2017 4.3 (v3) Medium Pass OpenSSL < 0.9.6e / 0.9.7b3 Multiple Remote Vulnerabilities CVE-2000-0535 CVE-2001-1141 CVE-2002-0655 CVE-2002-0656 CVE-2002-0657 CVE-2002-0659 05 Aug 2002 10 (v2) Critical Pass SSH Secure Shell without PTY setsid() Function Privilege Escalation CVE-2002-1644 25 Nov 2002 7.1 (v2) High Pass pfSense Unsupported Version Detection 30 Jan 2019 10 (v3) Critical Pass Allied Telesyn Router/Switch Web Interface Default Password CVE-1999-0508 03 Jun 2005 7.5 (v2) High Pass Micro Focus Operations Orchestration JMiniX Multiple Vulnerabilities CVE-2018-6490 02 Mar 2018 7.5 (v3) High Pass Arista CloudVision Portal Web Detection 26 Jun 2020 None Pass Cisco Uniﬁed Communications Manager Express Denial of Service Vulnerabilities (cisco-sa-20100324-cucme)CVE-2010-0585 CVE-2010-0586 01 Sep 2010 7.8 (v2) High Pass Unauthenticated OpenVPN Server Detection 28 Feb 2018 None Pass Cisco IOS Software IPsec Vulnerability (cisco-sa-20100324-ipsec) CVE-2010-0578 01 Sep 2010 7.8 (v2) High Pass Oracle Portal Demo Organization Chart SQL Injection CVE-2013-3831 22 Nov 2013 5.5 (v2) Medium Pass PHP 7.3.x < 7.3.21 Use-After-Free Vulnerability CVE-2020-7068 13 Aug 2020 3.6 (v3) Low Pass Juniper Junos PIM rpd Crafted Boot Message Remote DoS (PSN-2011-07-296) 22 Aug 2011 5.4 (v2) Medium Pass PHP 7.4.x < 7.4.9 Use-After-Free Vulnerability CVE-2020-7068 13 Aug 2020 3.6 (v3) Low Pass PHP 7.2.x < 7.2.33 Use-After-Free Vulnerability CVE-2020-7068 13 Aug 2020 3.6 (v3) Low Pass Juniper Junos J-Web Component Unspeciﬁed CSRF (PSN-2012-01-474) 23 Jan 2012 9.3 (v2) High Pass Novell NetWare 6.0 Tomcat source.jsp Traversal Arbitrary File Access CVE-2000-1210 30 Mar 2004 7.8 (v2) High Pass Allegro Software RomPager 2.10 Malformed Authentication Request DoS CVE-2000-0470 27 Jul 2005 7.8 (v2) High Pass WinComLPD LPD Monitoring Server Default Credentials 06 Feb 2008 7.5 (v2) High Pass JQuery 1.2 < 3.5.0 Multiple XSS CVE-2020-11022 CVE-2020-11023 28 May 2020 6.1 (v3) Medium Pass Cisco IOS XR BGP Additional Paths DoS (cisco-sa-bgp-ErKEqAer) CVE-2020-3449 14 Aug 2020 4.3 (v3) Medium Pass Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities (cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz)CVE-2020-3566 CVE-2020-3569 01 Sep 2020 7.5 (v3) High Pass Apache for Windows Multiple Forward Slash Directory Listing CVE-2000-0505 CVE-2001-0729 13 Jun 2000 5.3 (v3) Medium Pass Novell eDirectory < 8.8.5 ftf1/8.7.3.10 ftf2 NULL Base DN DoS CVE-2009-3862 06 Nov 2009 5 (v2) Medium Pass Juniper Junos OS DoS (JSA11187) CVE-2021-0285 08 Sep 2021 7.5 (v3) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.9 / 10.0.x < 10.0.5 Vulnerability CVE-2021-3053 08 Sep 2021 7.5 (v3) High Pass WP Symposium Plugin for WordPress forum.php 'show' Parameter SQL Injection (Version Check) CVE-2015-3325 18 May 2015 7.5 (v2) High Pass Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.10 / 10.0.x < 10.0.2 Vulnerability CVE-2021-3052 08 Sep 2021 5.4 (v3) Medium Pass Palo Alto Networks PAN-OS 5.0.x < 5.0.20 / 5.1.x < 5.1.13 / 6.0.x < 6.0.15 / 6.1.x < 6.1.15 / 7.0.x < 7.0.11 / 7.1.x < 7.1.6 Multiple VCVE-2016-9149 CVE-2016-9150 CVE-2016-9151ulnerabilities (PAN-SA-2016-0033 / PAN-SA-2016-0034 / PAN-SA-2016-0035 / PAN-SA-2016-0037) 02 Dec 2016 9.8 (v3) Critical Pass EMC RSA Authentication Manager < 8.3 Patch 3 Multiple Vulnerabilities (DSA-2018-152) CVE-2018-11073 CVE-2018-11074 CVE-2018-11075 27 Sep 2018 6.1 (v3) Medium Pass Barracuda Spam Firewall cgi-bin/ldap_test.cgi email Parameter XSS CVE-2008-2333 23 May 2008 4.3 (v2) Medium Pass ColdFusion on IIS cfm/dbm Diagnostic Error Path Disclosure CVE-2002-0576 15 Mar 2003 5 (v2) Medium Pass ManageEngine Applications Manager Invalid URL Remote Information Disclosure CVE-2008-0475 26 Jan 2008 5 (v2) Medium Pass WP Super Cache Plugin for WordPress wp-cache.php Cache List Content Handling XSS 16 Apr 2015 4.3 (v2) Medium Pass GateCrasher Backdoor Detection 09 Jul 1999 10 (v2) Critical Pass MDaemon WorldClient < 12.5.7 Multiple XSS Vulnerabilities CVE-2012-2584 17 Sep 2012 4.3 (v2) Medium Pass Xerver HTTP Response Splitting CVE-2009-4086 25 Nov 2009 4.3 (v2) Medium Pass Kubernetes info API access 28 Jun 2018 5.3 (v3) Medium Pass Puppet Enterprise 3.7.x < 3.8.1 / 3.8.x < 3.8.1 Multiple Vulnerabilities CVE-2015-3900 CVE-2015-4020 CVE-2015-4100 23 Jul 2015 5 (v2) Medium Pass Zabbix Server send_history_last_id() SQL Injection 22 Dec 2009 7.5 (v2) High Pass Splunk < 5.0.5 Multiple Code Execution Vulnerabilities CVE-2013-6771 CVE-2013-7394 30 Sep 2013 9.3 (v2) High Pass IBM WebSphere Application Server < 6.1.0.23 Multiple Flaws CVE-2008-4284 CVE-2009-0508 CVE-2009-0855 CVE-2009-0856 CVE-2009-0891 CVE-2009-0892 CVE-2009-1172 15 Apr 2009 7.5 (v2) High Pass Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability (cisco-sa-20100324-ldp) CVE-2010-0576 01 Sep 2010 7.8 (v2) High Pass OpenSSH < 1.2.3 xauth Session Highjacking CVE-2000-0217 04 Oct 2011 5.1 (v2) Medium Pass Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (cisco-sa-20100324-sip) CVE-2010-0579 CVE-2010-0580 CVE-2010-0581 01 Sep 2010 10 (v2) Critical Pass HP Ink Printers Multiple Vulnerabilities (HPSBHF03589) CVE-2018-5924 CVE-2018-5925 13 Aug 2018 7.8 (v3) High Pass Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability (cisco-sa-20100324-tcp) CVE-2010-0577 01 Sep 2010 7.1 (v2) High Pass PHP Code Snippet Library index.php Multiple Parameter XSS CVE-2004-1746 25 Aug 2004 4.3 (v2) Medium Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10775) CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 23 Aug 2017 7.5 (v3) High Pass Nimda Worm Infected HTML File Detection 19 Sep 2001 10 (v2) Critical Pass EMC RSA Authentication Manager 7.x < 7.1 SP4 Patch 32 Unspeciﬁed XSS CVE-2014-0623 04 Apr 2014 4.3 (v2) Medium Noise OS Identiﬁcation Failed 26 Oct 2010 None Pass Apache 2.2.x < 2.2.25 Multiple Vulnerabilities CVE-2013-1862 CVE-2013-1896 16 Jul 2013 5.6 (v3) Medium Pass HP Operations Orchestration 10.x Authentication Bypass CVE-2015-2109 07 May 2015 7.5 (v2) High Pass AFP Server Directory Traversal CVE-2010-0533 29 Mar 2010 5 (v2) Medium Pass IBM WebSphere Application Server 6.0 < 6.0.2.21 Multiple Vulnerabilities CVE-2007-3397 CVE-2007-3960 05 Apr 2010 9.3 (v2) High Pass IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities CVE-2009-0899 CVE-2009-0903 CVE-2009-0904 CVE-2009-1174 CVE-2009-1899 CVE-2009-1900 CVE-2009-1901 CVE-2009-2085 CVE-2009-2087 CVE-2009-2088 CVE-2009-208919 Jun 2009 5 (v2) Medium Pass Juniper Junos SRX MACsec Feature Secure Link Failure Silent Fallback Information Disclosure (JSA10790)CVE-2017-2342 23 Aug 2017 5.4 (v3) Medium Pass TANDBERG Video Communication Server Static SSH Host Keys CVE-2009-4510 14 Apr 2010 9.3 (v2) High Pass SSL Self-Signed Certiﬁcate 17 Jan 2012 6.4 (v2) Medium Pass Juniper Junos Extended DHCP Relay Agent Traﬃc Redirection (PSN-2011-07-300) 22 Aug 2011 2.9 (v2) Low Pass Subversion Cleartext Authentication 05 Jan 2016 4.3 (v2) Medium Pass Juniper Junos Fragmented ICMP Packet Handling Remote DoS (PSN-2011-07-298) 22 Aug 2011 6.1 (v2) Medium Pass Juniper Junos ICMP Ping 'composite next-hop' Remote DoS (PSN-2011-07-297) 22 Aug 2011 7.8 (v2) High Pass Cisco Video Surveillance Manager Multiple Vulnerabilities (cisco-sa-20130724-vsm) CVE-2013-3429 CVE-2013-3430 CVE-2013-3431 12 Sep 2013 8.6 (v3) High Pass Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20110928-nat) CVE-2011-3276 CVE-2011-3277 CVE-2011-3278 CVE-2011-3279 CVE-2011-3280 29 Sep 2011 7.8 (v2) High Pass Juniper Junos Next-Gen MVPN Senario Malformed Message Handling Remote DoS (PSN-2011-10-391) 10 Nov 2011 7.1 (v2) High Pass Novell eDirectory < 8.8 SP5 Patch 4 Multiple Vulnerabilities CVE-2009-4653 15 Jun 2010 9 (v2) High Pass Apache 2.2.x < 2.2.17 Multiple Vulnerabilities CVE-2009-3560 CVE-2009-3720 CVE-2010-1623 20 Oct 2010 5.3 (v3) Medium Pass thttpd ssi Servlet Encoded Traversal Arbitrary File Access CVE-2000-0900 03 Oct 2000 5 (v2) Medium Pass PatchLink Update Server checkproﬁle.asp checkid Parameter SQL Injection CVE-2006-3430 28 Jul 2006 7.5 (v2) High Pass Juniper Junos Remote Execution Vulnerability (JSA10818) CVE-2017-10615 20 Oct 2017 7.5 (v3) High Pass IA eMailServer IMAP4 LIST Command Format String Remote DoS CVE-2005-2083 28 Jun 2005 4 (v2) Medium Pass Juniper Junos HTTPS Server Certiﬁcate AV Vulnerability (JSA10822) CVE-2017-10620 20 Oct 2017 7.5 (v3) High Pass Juniper JSA10960 CVE-2019-0061 13 Dec 2019 7.8 (v3) High Pass Cisco MSE <= 8.0.120.7 Multiple Vulnerabilities CVE-2015-4282 CVE-2015-6316 18 Nov 2015 6.9 (v2) Medium 93

Pass VxWorks WDB Debug Service Detection CVE-2010-2965 06 Aug 2010 10 (v2) Critical Pass Apache Tomcat Long URL Information Disclosure CVE-2001-0917 CVE-2002-2009 01 Oct 2010 5.3 (v3) Medium Pass Juniper Junos Key Generation Weakness (PSN-2012-04-549) 25 Apr 2012 4 (v2) Medium Pass PatchLink Update /dagent/downloadreport.asp Multiple Parameter SQL Injection CVE-2006-6450 12 Dec 2006 7.5 (v2) High Pass WebAdmin < 3.2.5 Multiple Vulnerabilities CVE-2006-4370 CVE-2006-4371 23 Aug 2006 7.5 (v2) High Pass QLogic QConvergeConsole (QCC) GUI Web Interface Default Credentials 24 Oct 2018 8.6 (v3) High Pass Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure CVE-2011-4327 09 May 2011 2.1 (v2) Low Pass OrientDB < 2.0.7 / 2.1.0 Weak Session IDs CVE-2015-2913 08 Oct 2015 5.9 (v3) Medium Pass Kerio WinRoute Firewall HTTP/HTTPS Management Detection 18 Nov 2005 4 (v2) Medium Pass XAMPP ADOdb mssql_connect Remote Buﬀer Overﬂow CVE-2007-2079 30 Apr 2007 9.3 (v2) High Pass Juniper Junos BGP UPDATE DoS (PSN-2012-10-733) 26 Oct 2012 6.3 (v2) Medium Pass Juniper Junos PIM Join Flood DoS (PSN-2013-01-808) 14 Jan 2013 6.3 (v2) Medium Pass Puppet Enterprise 2.8.x / 3.2.x Multiple Vulnerabilities CVE-2014-0198 CVE-2014-0224 CVE-2014-3251 20 Aug 2014 5.8 (v2) Medium Pass macOS 10.13.x < 10.13.1 Multiple Vulnerabilities CVE-2017-1000100 CVE-2017-1000101 CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 CVE-2017-13786 CVE-2017-13799 CVE-2017-13800 CVE-2017-13801 CVE-2017-13804 CVE-2017-13808 CVE-2017-13811 CVE-2017-13852 CVE-2017-13907 CVE-2017-7170 CVE-2018-4390 CVE-2018-439103 Nov 2017 7.8 (v3) High Pass Apache < 1.3.37 mod_rewrite LDAP Protocol URL Handling Overﬂow CVE-2006-3747 26 Mar 2008 7.3 (v3) High Pass Default Password (dottie) for 'root' Account CVE-1999-0502 CVE-2006-5288 11 Apr 2008 9.8 (v3) Critical Pass Cisco TelePresence Multipoint Switch < 1.7.0 Multiple Vulnerabilities (cisco-sa-20110223-telepresence-ctms)CVE-2011-0379 CVE-2011-0383 CVE-2011-0384 CVE-2011-0385 CVE-2011-0387 CVE-2011-0388 CVE-2011-0389 27 Jul 2012 10 (v2) Critical Pass XMPP Cleartext Authentication 05 Jan 2016 4.3 (v2) Medium Pass Dell KACE K2000 < 3.3.52857 Multiple Vulnerabilities CVE-2011-4046 CVE-2011-4047 CVE-2011-4048 CVE-2011-4436 10 Feb 2014 9.3 (v2) High Pass Oracle Policy Automation (Oracle Web Determinations) Unspeciﬁed Remote Security Vulnerability (July 2013 CPU)CVE-2013-3816 12 Sep 2014 4 (v2) Medium Pass Zoho ManageEngine OpManager 'OPM_BVNAME' Multiple Vulnerabilities CVE-2014-7868 CVE-2016-82014 CVE-2016-82015 16 Feb 2015 7.5 (v2) High Pass EMC AlphaStor Device Manager robotd RCE CVE-2008-2157 01 Jul 2008 9.8 (v3) Critical Pass ManageEngine Desktop Central Arbitrary File Upload and RCE (Safe Check) CVE-2014-5005 CVE-2014-5006 CVE-2014-5007 25 Mar 2015 7.5 (v2) High Pass WebPagetest < 2.7.2 ﬁle Parameter Traversal Arbitrary File Access 18 Sep 2012 5 (v2) Medium Pass Novell ZENworks Asset Management rtrlet Component GetFile_Password Method Hardcoded Credentials Information DisclosurCVE-2012-4933 e 25 Oct 2012 7.8 (v2) High Pass Sendmail headers.c crackaddr Function Address Field Handling Remote Overﬂow CVE-2002-1337 03 Mar 2003 9.8 (v3) Critical Pass Sun Java ASP Server Default Admin Password 08 Jul 2008 7.5 (v2) High Pass ManageEngine Desktop Central AgentLogUploadServlet Arbitrary File Upload CVE-2013-7390 04 Dec 2013 10 (v2) Critical Pass IBM WebSphere Application Server Multiple Vulnerabilities CVE-2011-1376 04 Feb 2012 4.6 (v2) Medium Pass Apache 2.0.x < 2.0.47 Multiple Vulnerabilities (DoS, Encryption) CVE-2003-0192 CVE-2003-0253 CVE-2003-0254 20 Oct 2010 6.5 (v3) Medium Pass SCO OpenServer Multiple Local Privilege Escalation Vulnerabilities CVE-2002-0158 CVE-2002-0164 16 Oct 2003 7.2 (v2) High Pass Apache mod_wsgi < 3.4 Remote Information Disclosure CVE-2014-0242 14 Jul 2014 5.3 (v3) Medium Pass macOS 10.13.x < 10.13.3 Multiple Vulnerabilities CVE-2017-13889 CVE-2017-5705 CVE-2017-5708 CVE-2017-7830 CVE-2017-8816 CVE-2017-8817 CVE-2018-4082 CVE-2018-4083 CVE-2018-4084 CVE-2018-4085 CVE-2018-4086 CVE-2018-4088 CVE-2018-4089 CVE-2018-4090 CVE-2018-4091 CVE-2018-4092 CVE-2018-4093 CVE-2018-4094 CVE-2018-4096 CVE-2018-4097 CVE-2018-4098 CVE-2018-4100 CVE-2018-4147 CVE-2018-4169 CVE-2018-418924 Jan 2018 9.8 (v3) Critical Pass Apache 2.x < 2.0.50 Multiple Remote DoS CVE-2004-0493 CVE-2004-0748 29 Jun 2004 5.3 (v3) Medium Pass VNC Server Unauthenticated Access 05 Oct 2007 7.5 (v2) High Pass Apache Tomcat Manager Common Administrative Credentials CVE-2009-3099 CVE-2009-3548 CVE-2010-0557 CVE-2010-4094 26 Nov 2008 9.8 (v3) Critical Pass NetScaler Unencrypted Web Management Interface 06 Dec 2007 5 (v2) Medium Pass Mailman Crated Email Remote User Password Disclosure CVE-2004-0412 26 May 2004 5 (v2) Medium Pass StarWind Control Port Default Credentials 17 Dec 2007 7.5 (v2) High Pass Openﬁre AuthCheck Authentication Bypass CVE-2008-6508 09 Nov 2008 7.5 (v2) High Pass BulletScript MailList bsml.pl Information Disclosure 01 Jan 2004 6.4 (v2) Medium Pass Juniper Junos MPLS Packet Handling Remote DoS (JSA10831) CVE-2018-0003 26 Jan 2018 7.5 (v3) High Pass Multiple Vendor HMAC Authentication SNMPv3 Authentication Bypass CVE-2008-0960 31 Jul 2009 9.8 (v3) Critical Pass Juniper Junos Kernel Register and Schedule Software Interrupt Handler Subsystem CPU Consumption Remote DoS (JSA10832)CVE-2018-0004 26 Jan 2018 7.5 (v3) High Pass Squid < 2.7.STABLE6 / 3.0.STABLE13 / 3.1.0.5 HTTP Version Number Request Remote DoS CVE-2009-0478 09 Feb 2009 5.3 (v3) Medium Pass Microsoft IIS Multiple Vulnerabilities (MS02-018) CVE-2002-0074 CVE-2002-0148 CVE-2002-0150 11 Apr 2002 4.3 (v2) Medium Pass ArGoSoft Mail Server Multiple Remote Vulnerabilities (XSS, DoS, Traversal) CVE-2002-1004 CVE-2002-1005 CVE-2002-1893 28 May 2003 7.8 (v2) High Pass Apple iTunes < 9.1 Multiple Vulnerabilities (uncredentialed check) CVE-2009-2285 CVE-2010-0040 CVE-2010-0041 CVE-2010-0042 CVE-2010-0043 CVE-2010-0531 CVE-2010-0532 CVE-2010-1768 CVE-2010-179531 Mar 2010 9.3 (v2) High Pass Juniper Junos RPD Routing Process DoS (JSA10715) CVE-2016-1257 22 Jan 2016 4.3 (v2) Medium Pass PBLang BBS <= 4.65 Multiple Vulnerabilities CVE-2005-0526 CVE-2005-0630 CVE-2005-0631 24 Feb 2005 6.5 (v2) Medium Pass Palo Alto Networks PAN-OS < 3.1.11 / 4.0.x < 4.0.9 Multiple Vulnerabilities CVE-2012-6597 CVE-2012-6604 CVE-2012-6605 05 Mar 2014 9 (v2) High Pass OpenSSL 1.0.x < 1.0.2q Multiple Vulnerabilities CVE-2018-5407 CVE-2018-0734 25 Jan 2019 5.9 (v3) Medium Pass VMware ESX / ESXi host Directory Conﬁguration Files Information Disclosure 24 Jan 2019 5.3 (v3) Medium Pass Belkin N750 Router 1.10.22 Command Injection CVE-2018-1144 16 Apr 2018 9.8 (v3) Critical Pass phpAdsNew / phpPgAds < 2.0.6 Multiple Vulnerabilities CVE-2005-2498 CVE-2005-2635 CVE-2005-2636 29 Aug 2005 7.5 (v2) High Pass Open WebMail Multiple Content Header XSS 08 Jun 2004 4.3 (v2) Medium Pass web.conﬁg File Information Disclosure 30 Jan 2019 5.3 (v3) Medium Pass Logstash ESA-2018-01 CVE-2018-3817 22 Jan 2019 6.5 (v3) Medium Pass Random password for 'root' account CVE-2009-3232 15 Sep 2009 9.8 (v3) Critical Pass pfSense < 2.3.4-p1 Multiple Vulnerabilities (SA-17_05 / SA-17_06) 31 Jan 2018 4.7 (v3) Medium Pass Juniper Junos Custom Application UUID Rule Handling Remote Firewall Bypass Vulnerability (JSA10836) CVE-2018-0009 26 Jan 2018 4 (v3) Medium Pass Barracuda Spam Firewall < 3.5.12.007 Multiple Vulnerabilities CVE-2008-0971 CVE-2008-1094 19 Dec 2008 6.5 (v2) Medium Pass SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE) CVE-2014-3566 15 Oct 2014 6.8 (v3) Medium Pass CakePHP vendors.php ﬁle Parameter Traversal Arbitrary File Access CVE-2006-5031 25 Sep 2006 5 (v2) Medium Pass FlexCast Server Terminal Authentication Unspeciﬁed Remote Issue CVE-2005-1897 07 Jun 2005 7.5 (v2) High Pass Mercury IMAP Server LOGIN Command Remote Overﬂow CVE-2006-5961 09 Mar 2007 7.5 (v2) High Pass ActivePerl perlIS.dll Remote Buﬀer Overﬂow CVE-2001-0815 26 Nov 2001 10 (v2) Critical Pass Comdev eCommerce 3.0 Multiple Vulnerabilities (RFI, Traversal) CVE-2005-2543 CVE-2005-2544 07 Aug 2005 6.8 (v2) Medium Pass Mail-it Now! Upload2Server Predictable Filename Upload Arbitrary Code Execution 14 Sep 2005 7.5 (v2) High Pass Sendmail < 8.8.5 MIME Conversion Malformed Header Overﬂow CVE-1999-0047 25 Jul 2002 9.8 (v3) Critical Pass FTP Privileged Port Bounce Scan CVE-1999-0017 22 Jun 1999 7.3 (v3) High Pass OpenSSL < 0.9.8l Multiple Vulnerabilities CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-2409 04 Jan 2012 5.1 (v2) Medium Pass Mac OS X 10.9.x < 10.9.5 Multiple Vulnerabilities CVE-2013-7345 CVE-2014-0076 CVE-2014-0185 CVE-2014-0195 CVE-2014-0207 CVE-2014-0221 CVE-2014-0224 CVE-2014-0237 CVE-2014-0238 CVE-2014-1391 CVE-2014-1943 CVE-2014-2270 CVE-2014-2525 CVE-2014-3470 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049 CVE-2014-4350 CVE-2014-4374 CVE-2014-4376 CVE-2014-4377 CVE-2014-4378 CVE-2014-4379 CVE-2014-4381 CVE-2014-4388 CVE-2014-4389 CVE-2014-4390 CVE-2014-4393 CVE-2014-4394 CVE-2014-4395 CVE-2014-4396 CVE-2014-4397 CVE-2014-4398 CVE-2014-4399 CVE-2014-4400 CVE-2014-4401 CVE-2014-4402 CVE-2014-4403 CVE-2014-4416 CVE-2014-497918 Sep 2014 10 (v2) Critical Pass Juniper Junos NTP Server Ampliﬁcation Remote DoS (JSA10613) CVE-2013-5211 19 Sep 2014 5 (v2) Medium Pass IRIX handler CGI Arbitrary Command Execution CVE-1999-0148 22 Jun 1999 8.8 (v3) High Pass ESXi 5.5 / 6.0 / 6.5 / 6.7 Speculative Execution Side Channel Vulnerability (Foreshadow) (VMSA-2018-0020) (rCVE-2018-3646emote check) 15 Aug 2018 5.6 (v3) Medium Pass HP Managed Printing Administration < 2.6.4 Multiple Vulnerabilities CVE-2011-4166 CVE-2011-4167 CVE-2011-4168 CVE-2011-4169 26 Jan 2012 9 (v2) High Pass Juniper Junos RSVP 'rpd' Remote DoS (JSA10652) CVE-2014-6378 14 Oct 2014 7.8 (v2) High Pass Arista Networks EOS libresolv Overﬂow RCE (SA0017) CVE-2015-7547 28 Feb 2018 8.1 (v3) High Pass OpenSSH < 5.2 CBC Plaintext Disclosure CVE-2008-5161 27 Sep 2011 4 (v2) Medium Pass DNN (DotNetNuke) < 6.2.9 / 7.1.1 Multiple Vulnerabilities CVE-2013-3943 CVE-2013-4649 CVE-2013-7335 03 Oct 2013 4.3 (v2) Medium Pass CylancePROTECT 2.0.x < 2.0.1480 SSL Validation (Cy2008-002) 07 May 2018 4.8 (v3) Medium Pass Cisco Uniﬁed Communications Products DoS (cisco-sa-ucm-dos-zHS9X9kD) CVE-2022-20804 28 Apr 2022 6.5 (v3) Medium Pass Apache 1.3.x < 1.3.42 mod_proxy Integer Overﬂow CVE-2010-0010 11 Feb 2010 9.8 (v3) Critical Pass Juniper Junos MX Series BBE Routers jpppd Remote DoS (JSA10665) CVE-2014-6382 23 Jan 2015 7.8 (v2) High Pass Juniper Junos libxml2 Library Multiple Vulnerabilities (JSA10669) CVE-2011-1944 CVE-2012-0841 CVE-2012-5134 CVE-2013-0338 CVE-2013-2877 23 Jan 2015 9.3 (v2) High Pass Comment Rating Plugin for WordPress 'id' Parameter SQL Injection 25 Feb 2011 7.5 (v2) High Pass WP Forum Server Plugin for WordPress 'topic' Parameter SQL Injection 04 Mar 2011 7.5 (v2) High Pass thttpd 2.04 If-Modiﬁed-Since Header Remote Buﬀer Overﬂow CVE-2000-0359 14 Nov 1999 10 (v2) Critical Pass HP Operations Orchestration 10.x < 10.70 wsExecutionBridgeService Servlet Java Object Deserialization RCECVE-2016-8519 12 Jan 2017 9.8 (v3) Critical Pass RealNetworks Helix Servers DESCRIBE Request LoadTestPassword Field Remote Overﬂow CVE-2006-6026 23 Mar 2007 10 (v2) Critical Pass MailEnable IMAP / SMTP Multiple Remote Vulnerabilities CVE-2005-1013 CVE-2005-1014 CVE-2005-1015 06 Apr 2005 10 (v2) Critical Pass Easy WP SMTP Plugin for WordPress 1.3.9 Unauthenticated Remote Code Execution 22 Mar 2019 10 (v3) Critical Pass XtraMail POP3 PASS Command Remote Overﬂow CVE-1999-1511 10 Nov 1999 10 (v2) Critical Pass Novell eDirectory < 8.8 SP5 Patch 3 eMBox SOAP Request DoS CVE-2010-0666 01 Mar 2010 5 (v2) Medium Pass Microsoft IIS FrontPage Server Extensions (FPSE) shtml.exe Path Disclosure CVE-2000-0413 10 May 2000 5 (v2) Medium Pass Cisco IOS Software VRF ICMP Queue Wedge DoS (cisco-sa-20150325-wedge) CVE-2015-0638 03 Apr 2015 7.1 (v2) High Pass Cisco IOS IKEv2 DoS (cisco-sa-20150325-ikev2) CVE-2015-0642 CVE-2015-0643 03 Apr 2015 7.8 (v2) High Pass ManageEngine Desktop Central 8 / 9 < Build 91100 Multiple RCE CVE-2015-82001 25 Mar 2016 10 (v2) Critical Pass eIQnetworks Enterprise Security Analyzer License Manager < 2.5.9 Multiple Remote Overﬂows CVE-2007-2059 18 Apr 2007 10 (v2) Critical Pass Dragon FTP USER Command Remote Overﬂow CVE-2000-0479 27 Jun 2000 9.8 (v3) Critical Pass MS11-051: Vulnerability in Active Directory Certiﬁcate Services Web Enrollment Could Allow Elevation of Privilege (2518295) (uncrCVE-2011-1264 edentialed check) 15 Jun 2011 4.3 (v2) Medium Pass Tenable Virtual Appliance Unsupported Detection 29 Apr 2020 9.8 (v3) Critical Pass EMC Avamar ADS / AVE 7.3.x < 7.3.1 Hotﬁx HOTFIX 290316 / 7.4.x < 7.4.1 Hotﬁx 291882 / 7.5.x < 7.5.0 HotCVE-2018-1217ﬁx 291881 Missing Access Control Check Vulnerability (DSA-2018-025) 13 Apr 2018 9.8 (v3) Critical Pass Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability CVE-2019-1593 05 Jul 2019 7.8 (v3) High Pass Aruba VAN SDN default credentials 12 Mar 2019 9.8 (v3) Critical Pass Packeteer PacketShaper Web Management rpttop.htm Crafted Request Remote DoS CVE-2007-3151 26 Jun 2007 5 (v2) Medium Pass PHP File Upload Capability Hidden Form Field Modiﬁcation Arbitrary File Access CVE-2000-0860 12 Sep 2000 4.3 (v2) Medium Pass Cisco NX-OS OpenSSL Multiple Vulnerabilities (cisco-sa-20150310-ssl) (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 19 May 2015 5 (v2) Medium Pass Lotus Domino SMTP ENVID Variable Handling RCE CVE-2000-1047 06 Nov 2000 9.8 (v3) Critical Pass Cisco TelePresence MSE 8050 Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass Cloudera Manager Unsupported Version Detection 26 Jun 2014 10 (v2) Critical 94

Pass SuSE Linux in.identd Request Saturation DoS CVE-1999-0746 29 Nov 2000 5 (v2) Medium Pass MailMan Webmail mmstdod.cgi Arbitrary Command Execution CVE-2001-0021 06 Dec 2000 10 (v2) Critical Pass DCForum dcboard.cgi Multiple Vulnerabilities CVE-2001-0436 CVE-2001-0437 29 Dec 2000 7.5 (v2) High Pass Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam) CVE-2015-0209 CVE-2015-0235 CVE-2015-0273 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1157 CVE-2015-1798 CVE-2015-1799 CVE-2015-3661 CVE-2015-3662 CVE-2015-3663 CVE-2015-3666 CVE-2015-3667 CVE-2015-3668 CVE-2015-3671 CVE-2015-3672 CVE-2015-3673 CVE-2015-3674 CVE-2015-3675 CVE-2015-3676 CVE-2015-3677 CVE-2015-3678 CVE-2015-3679 CVE-2015-3680 CVE-2015-3681 CVE-2015-3682 CVE-2015-3683 CVE-2015-3684 CVE-2015-3685 CVE-2015-3686 CVE-2015-3687 CVE-2015-3688 CVE-2015-3689 CVE-2015-3690 CVE-2015-3691 CVE-2015-3692 CVE-2015-3693 CVE-2015-3694 CVE-2015-3695 CVE-2015-3696 CVE-2015-3697 CVE-2015-3698 CVE-2015-3699 CVE-2015-3700 CVE-2015-3701 CVE-2015-3702 CVE-2015-3703 CVE-2015-3704 CVE-2015-3705 CVE-2015-3706 CVE-2015-3707 CVE-2015-3708 CVE-2015-3709 CVE-2015-3710 CVE-2015-3711 CVE-2015-3712 CVE-2015-3713 CVE-2015-3714 CVE-2015-3715 CVE-2015-3716 CVE-2015-3717 CVE-2015-3718 CVE-2015-3719 CVE-2015-3720 CVE-2015-3721 CVE-2015-4000 CVE-2015-703601 Jul 2015 10 (v2) Critical Pass CodeMeter < 4.30.498.504 Virtual Directory Traversal Arbitrary File Access 02 Feb 2012 5.3 (v3) Medium Pass Muscat Empower CGI Malformed DB Parameter Path Disclosure CVE-2001-0224 13 Feb 2001 5 (v2) Medium Pass Juniper Junos SRX Series 'set system ports console insecure' Local Privilege Escalation (JSA10683) CVE-2015-3007 04 Aug 2015 7.2 (v2) High Pass Blue Coat ProxyAV 3.5.x < 3.5.4.1 Multiple DoS Vulnerabilities CVE-2015-3194 CVE-2015-3195 09 Sep 2016 5.3 (v3) Medium Pass EMC RSA Authentication Manager 8.x < 8.1 Patch 6 Unspeciﬁed URI Redirection CVE-2014-2516 12 Jun 2015 5.8 (v2) Medium Pass GoodTech FTP Server Connection Saturation DoS CVE-2001-0188 15 Jun 2001 5 (v2) Medium Pass Zope ZClass Modiﬁcation Local DoS CVE-2001-0568 04 Aug 2001 4 (v2) Medium Pass AXIS HTTP GET Heap Overﬂow 12 Dec 2017 9.3 (v3) Critical Pass Flickr Gallery Plugin for WordPress < 1.5.3 PHP Object Injection 12 Dec 2017 8.3 (v3) High Pass Sendmail < 8.11.6 -d category Value Local Overﬂow CVE-2001-0653 23 Aug 2001 5.9 (v3) Medium Pass Quikstore Shopping Cart quikstore.cgi Multiple Vulnerabilities CVE-1999-0607 CVE-2000-1188 04 Aug 2001 5 (v2) Medium Pass GitHub Enterprise Management Console RCE 19 Dec 2017 9.8 (v3) Critical Pass IBM Tivoli Endpoint Manager Server < 8.2.1372 Multiple Vulnerabilities CVE-2012-2686 CVE-2013-0166 CVE-2013-0169 CVE-2013-0452 CVE-2013-0453 30 Apr 2013 6.8 (v2) Medium Pass Cisco PIX Firewall Manager (PFM) on Windows Arbitrary File Access CVE-1999-0158 06 Dec 2001 5 (v2) Medium Pass MS10-025: Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858) (uncrCVE-2010-0478edentialed check) 27 Apr 2010 8.1 (v3) High Pass pfSense < 2.1.5 Multiple Vulnerabilities ( SA-14_14 ) CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-513921 Mar 2018 7.4 (v3) High Pass MySQL Enterprise Server 5.6.x < 5.6.29 / 5.7.x < 5.7.11 OpenSSL Multiple Vulnerabilities CVE-2015-3194 CVE-2015-3195 11 Feb 2016 5.3 (v3) Medium Pass Apache on Windows < 1.3.24 / 2.0.x < 2.0.34 DOS Batch File Arbitrary Command Execution CVE-2002-0061 18 Apr 2002 7.3 (v3) High Pass JRun Multiple Vulnerabilities (OF, XSS, ID, Hijacking) CVE-2004-0646 CVE-2004-0928 CVE-2004-1477 CVE-2004-1478 CVE-2004-2182 24 Sep 2004 5.1 (v2) Medium Pass VMware vCenter Server 5.5.x < 5.5U3g / 6.0.x < 6.0U3d / 6.5.x < 6.5U1e Hypervisor-Assisted Guest Remediation (VMSA-2018-0004) (SpectrCVE-2017-5715 e) 12 Jan 2018 5.6 (v3) Medium Pass Apache .htaccess and .htpasswd Disclosure 22 Jan 2018 5.3 (v3) Medium Pass Western Digital My Net Router main_internet.php Admin Credential Disclosure CVE-2013-5006 15 Aug 2013 4.3 (v2) Medium Pass Anonymous Key Exchanges Supported (PCI DSS) 29 Jan 2018 6.5 (v3) Medium Pass OpenSSH < 3.4 Multiple Remote Overﬂows CVE-2002-0639 CVE-2002-0640 25 Jun 2002 10 (v2) Critical Pass EMC RSA Authentication Manager < 8.2 SP1 Patch 7 Security Console Unspeciﬁed Blind SQL Injection (ESA-2018-002)CVE-2017-15546 01 Feb 2018 4.3 (v3) Medium Pass Nokia VitalQIP Web Client Default Credentials 09 Feb 2018 10 (v3) Critical Pass Sendmail < 8.12.1 RestrictQueueRun Option Multiple Argument Local DoS CVE-2001-0714 18 Aug 2002 4 (v3) Medium Pass FTP Server Traversal Arbitrary File Access CVE-2001-0582 CVE-2001-0680 CVE-2001-1335 CVE-2004-1679 27 Aug 2002 5.3 (v3) Medium Pass EMC RSA Archer < 6.2.0.8 Multiple Vulnerabilities CVE-2018-1219 CVE-2018-1220 08 Mar 2018 6.1 (v3) Medium Pass Aspen < 0.22 Directory Traversal CVE-2013-2619 16 Mar 2018 6.5 (v3) Medium Pass Mambo mod_mainmenu.php mosConﬁg_absolute_path Parameter Remote File Inclusion 19 Jan 2004 8.3 (v3) High Pass OS vulnerabilities detected in banner reporting (PCI-DSS check) 23 Mar 2018 7.3 (v3) High Pass PCI DSS Compliance : Scan Interference 29 Mar 2018 7.3 (v3) High Pass @lex Guestbook livre_include.php chem_absolu Parameter Remote File Inclusion CVE-2004-1554 27 Sep 2004 8.3 (v3) High Pass NCR Aloha POS VNC Server 'aloha' Default Password 29 Mar 2018 9.8 (v3) Critical Pass Webmin Unspeciﬁed Command Execution Vulnerability (< 1.370) CVE-2007-5066 22 Mar 2018 8.8 (v3) High Pass Apache < 2.0.44 DOS Device Name Multiple Remote Vulnerabilities (Code Exec, DoS) CVE-2003-0016 22 Jan 2003 7.3 (v3) High Pass Apple iTunes < 12.7.3 WebKit Multiple Vulnerabilities (uncredentialed check) CVE-2018-4101 CVE-2018-4113 CVE-2018-4114 CVE-2018-4117 CVE-2018-4118 CVE-2018-4119 CVE-2018-4120 CVE-2018-4121 CVE-2018-4122 CVE-2018-4125 CVE-2018-4127 CVE-2018-4128 CVE-2018-4129 CVE-2018-4130 CVE-2018-4144 CVE-2018-4146 CVE-2018-4161 CVE-2018-4163 CVE-2018-416503 Apr 2018 7.8 (v3) High Pass Sendmail Custom DNS Map TXT Query Overﬂow CVE-2002-0906 17 Feb 2003 7.3 (v3) High Pass WordPress < 1.5.1 Multiple Vulnerabilities CVE-2005-1687 CVE-2005-1688 19 May 2005 7.5 (v2) High Pass Fireﬂy Media Server webserver.c ws_addarg Function /xml-rpc Authorization Header Remote Format StringCVE-2007-5825 03 Nov 2007 7.5 (v2) High Pass Oracle WebLogic T3 Protocol Detection 03 May 2018 None Pass Unpassworded 'jack' Account CVE-1999-0502 20 Feb 2003 9.8 (v3) Critical Pass Apache Tomcat Directory Listing and File Disclosure CVE-2003-0042 CVE-2003-0043 22 Mar 2003 5.3 (v3) Medium Pass Sendmail < 8.8.3 Daemon Mode Local Privilege Escalation CVE-1999-0130 11 Mar 2003 8.4 (v3) High Pass Default Password 'padmin' for 'padmin' Account 17 May 2017 9.8 (v3) Critical Pass Cisco Prime Security Manager Network Time Protocol Daemon (ntpd) Multiple Vulnerabilities (cisco-sa-20141222-ntpd)CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 20 Mar 2015 7.5 (v2) High Pass D-Link DIR 850L Router Local File Inclusion 11 Sep 2017 10 (v3) Critical Pass Apache 2.2.x < 2.2.24 Multiple XSS Vulnerabilities CVE-2012-3499 CVE-2012-4558 27 Feb 2013 5.3 (v3) Medium Pass Alt-N MDaemon Remote Administration 13.0.x < 13.0.8 RCE (MD041917) (EASYBEE) 02 Jun 2017 9.8 (v3) Critical Pass mod_auth_any for Apache Metacharacter Remote Command Execution CVE-2003-0084 26 Mar 2003 7.5 (v2) High Pass Alt-N MDaemon WebAdmin Unsupported Version Detection 02 Jun 2017 10 (v3) Critical Pass Juniper Junos OS DoS (JSA11092) CVE-2021-0202 14 Jan 2021 7.5 (v3) High Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0504P04 Multiple Vulnerabilities CVE-2016-7053 CVE-2016-7054 CVE-2016-7055 CVE-2017-5815 CVE-2017-5816 CVE-2017-5817 CVE-2017-5818 CVE-2017-5819 CVE-2017-5820 CVE-2017-5821 CVE-2017-5822 CVE-2017-5823 CVE-2017-8948 CVE-2017-895619 Jun 2017 9.8 (v3) Critical Pass Cisco TelePresence Endpoint SIP INVITE Packet Flood DoS (cisco-sa-20170607-tele) CVE-2017-6648 16 Jun 2017 7.5 (v3) High Pass ISC BIND < 4.9.5 DNS Resolver Functions Remote Overﬂow CVE-2002-0684 03 Apr 2003 10 (v2) Critical Pass RealVNC < 5.0.7 Multiple Local Privilege Escalations CVE-2013-6886 09 Jan 2014 7.2 (v2) High Pass Microsoft Windows SMB Versions Supported (remote check) 19 Jun 2017 None Pass Sophos Web Appliance < 4.3.0 FTP Redirect Page Reﬂected XSS 16 Jun 2017 4.7 (v3) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 31 Multiple Vulnerabilities CVE-2012-2098 CVE-2013-1862 CVE-2013-1896 CVE-2013-4005 CVE-2013-4052 CVE-2013-4053 CVE-2013-5372 CVE-2013-5414 CVE-2013-5417 CVE-2013-5418 CVE-2013-5780 CVE-2013-5803 CVE-2013-6325 CVE-2013-6330 CVE-2013-672520 Jan 2014 6.8 (v2) Medium Pass Check_MK 1.2.2 < 1.2.2p3 / 1.2.3 < 1.2.3i5 Multiple Vulnerabilities CVE-2014-2329 CVE-2014-2332 28 Jun 2017 5.4 (v3) Medium Pass Barracuda Appliances Default Credentials 28 Jan 2013 7.3 (v3) High Pass HooToo HT-TM06 TripMate Elite Web Server 'protocol.csp' HTTP Cookie Header Handling RCE CVE-2017-9025 29 Jun 2017 6.5 (v3) Medium Pass Cisco Prime Data Center Network Manager Static Credential Authentication Bypass (cisco-sa-20170607-dcnm2)CVE-2017-6640 10 Jul 2017 9.8 (v3) Critical Pass Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass RCE CVE-2017-6622 13 Jul 2017 9.8 (v3) Critical Pass EMC Data Protection Advisor < 6.4 Multiple Vulnerabilities CVE-2017-8002 CVE-2017-8003 13 Jul 2017 4.9 (v3) Medium Pass Novell NetWare FTPServ Malformed Input Remote DoS 09 May 2003 5.3 (v3) Medium Pass IdealBB Multiple Vulnerabilities (XSS, SQLi, more) CVE-2004-2207 CVE-2004-2208 CVE-2004-2209 21 Oct 2004 5 (v2) Medium Pass Land Down Under <= 801 Multiple Vulnerabilities CVE-2005-2674 CVE-2005-2675 CVE-2005-2788 CVE-2005-2884 CVE-2005-4821 09 Sep 2005 7.5 (v2) High Pass Cherokee Web Server URI Traversal Arbitrary File Access CVE-2001-1432 04 Nov 2004 5 (v2) Medium Pass DevoyBB Multiple Remote Vulnerabilities (SQLi, XSS) CVE-2004-2177 CVE-2004-2178 25 Oct 2004 7.5 (v2) High Pass Grandstream Phone Web UI Information Disclosure 27 Sep 2017 5.3 (v3) Medium Pass ESXi 7.0 DoS (VMSA-2020-0029) CVE-2020-3999 20 Jan 2021 6.5 (v3) Medium Pass Samba Multiple Remote Vulnerabilities CVE-2004-0882 CVE-2004-0930 13 Nov 2004 7.5 (v2) High Pass BlackMoon FTP Login Error Message User Enumeration CVE-2003-0343 27 May 2003 5.3 (v3) Medium Pass Grandstream Phone Web Interface Default Credentials 27 Sep 2017 10 (v3) Critical Pass Jetpack Plugin for WordPress Security Bypass CVE-2014-0173 23 Apr 2014 5.8 (v2) Medium Pass EMC VMAX VASA Provider Virtual Appliance File Upload RCE CVE-2017-4997 28 Jul 2017 9.8 (v3) Critical Pass Splunk Enterprise 6.6.x < 6.6.3 / Splunk Light 6.6.x < 6.6.3 Multiple XSS 24 Aug 2017 4.3 (v3) Medium Pass Fastream NETFile FTP/Web Server HEAD Request Saturation DoS CVE-2004-2534 19 Nov 2004 5 (v2) Medium Pass iisPROTECT Admin Interface SiteAdmin.ASP GroupName Parameter SQL Injection CVE-2003-0377 28 May 2003 6.5 (v2) Medium Pass OS Identiﬁcation : OUI 29 Aug 2017 None Pass Cisco Uniﬁed Operations Manager 8.6 SQL Injection Vulnerability CVE-2013-3437 06 Sep 2017 6.3 (v3) Medium Pass Cisco Prime LAN Management Solution Session Fixation Vulnerability CVE-2017-12225 11 Sep 2017 6.5 (v3) Medium Pass Novell ZENworks Mobile Management MDM.php Local File Inclusion CVE-2013-1081 14 Mar 2013 7.5 (v2) High Pass Apple TV <= 7.2.2 Bluetooth Remote Code Execution (BlueBorne) CVE-2017-14315 14 Sep 2017 7.5 (v3) High Pass EMC Legato Networker Multiple Vulnerabilities CVE-2005-0357 CVE-2005-0358 CVE-2005-0359 03 Sep 2005 10 (v2) Critical Pass H3C / HPE Intelligent Management Center PLAT < 7.3 E0506P03 Multiple Vulnerabilities CVE-2017-12554 CVE-2017-12556 CVE-2017-12557 CVE-2017-12558 CVE-2017-12559 CVE-2017-12560 CVE-2017-12561 06 Oct 2017 9.8 (v3) Critical Pass SolarWinds Log and Event Manager < 6.3.1 Hotﬁx 4 Insecure HTTP Update Download MitM Code ExecutionCVE-2017-5198 CVE-2017-5199 CVE-2017-7646 CVE-2017-7647 17 Oct 2017 8.8 (v3) High Pass ONVIF Device Information 17 Oct 2017 None Pass MailCarrier < 3.0.1 SMTP EHLO Command Remote Overﬂow CVE-2004-1638 03 Dec 2004 7.5 (v2) High Pass NUUO NVR Web Interface RCE 18 Oct 2017 9.8 (v3) Critical Pass MS04-006: WINS Server Remote Overﬂow (830352) (uncredentialed check) CVE-2003-0825 06 Dec 2004 10 (v2) Critical Pass D-Link DIR-300L/600L Remote Command Execution 24 Oct 2017 10 (v3) Critical Pass Apache < 1.3.28 Multiple Vulnerabilities (DoS, ID) CVE-2003-0460 18 Jul 2003 9.1 (v3) Critical Pass MVPower DVR Remote Command Execution 25 Oct 2017 10 (v3) Critical Pass Vocran NVR Remote Command Execution 24 Oct 2017 10 (v3) Critical Pass Apache 2.0.x < 2.0.48 Multiple Vulnerabilities (OF, Info Disc.) CVE-2003-0789 CVE-2003-0542 26 Sep 2003 9.8 (v3) Critical Pass Apple TV < 11.1 Multiple Vulnerabilities CVE-2017-13080 CVE-2017-13783 CVE-2017-13784 CVE-2017-13785 CVE-2017-13788 CVE-2017-13791 CVE-2017-13792 CVE-2017-13793 CVE-2017-13794 CVE-2017-13795 CVE-2017-13796 CVE-2017-13797 CVE-2017-13798 CVE-2017-13799 CVE-2017-13802 CVE-2017-13803 CVE-2017-13804 CVE-2017-1384903 Nov 2017 7.8 (v3) High Pass OpenSSL 1.0.x < 1.0.2m RSA/DSA Unspeciﬁed Carry Issue CVE-2017-3735 CVE-2017-3736 06 Nov 2017 5.3 (v3) Medium Pass Citrix Application Delivery Management Agent Information Disclosure CVE-2019-9548 20 Jun 2019 10 (v3) Critical Pass My_eGallery < 3.1.1g Remote File Inclusion 26 Nov 2003 7.5 (v2) High Pass Brother Printer Debut embedded httpd <= 1.20 DoS CVE-2017-16249 30 Nov 2017 7.5 (v3) High Pass CVS pserver Crafted Module Request Arbitrary File / Directory Creation CVE-2003-0977 11 Dec 2003 5 (v2) Medium Pass SSLv2-Only Open Ports 19 Nov 2019 None Pass Oracle MySQL Enterprise Monitor Multiple Vulnerabilities (Jan 2021 CPU) CVE-2019-10086 CVE-2020-5408 CVE-2020-5421 28 Jan 2021 7.3 (v3) High Pass Apache 1.3.x < 1.3.41 Multiple Vulnerabilities (DoS, XSS) CVE-2007-3847 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 07 Mar 2008 5.3 (v3) Medium Pass Splunk Enterprise 5.0.x < 5.0.11 Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3567 04 Dec 2014 4.3 (v2) Medium 95

Pass HP Operations Orchestration wsExecutionBridgeService Servlet Java Object Deserialization RCE CVE-2016-8519 16 Jan 2017 9.8 (v3) Critical Pass Novell NetBasic Scripting Server Encoded Traversal Arbitrary File Access CVE-2002-1417 09 Feb 2004 5 (v2) Medium Pass phpGedView Arbitrary File Access / Remote File Inclusion CVE-2004-0127 CVE-2004-0128 02 Feb 2004 7.5 (v2) High Pass phpMyAdmin 4.7.7 < 4.9.2 SQLi (PMASA-2019-5) CVE-2019-18622 26 Nov 2019 9.8 (v3) Critical Pass Apple TV < 5.1 Multiple Vulnerabilities CVE-2011-1167 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-3026 CVE-2011-3048 CVE-2011-3328 CVE-2011-3919 CVE-2011-4599 CVE-2012-0682 CVE-2012-0683 CVE-2012-1173 CVE-2012-3589 CVE-2012-3590 CVE-2012-3591 CVE-2012-3592 CVE-2012-3678 CVE-2012-3679 CVE-2012-3722 CVE-2012-3725 CVE-2012-372627 Sep 2012 9.3 (v2) High Pass Multiple Vendor NIS rpc.ypupdated YP Map Update Arbitrary Remote Command Execution CVE-1999-0208 28 Mar 2008 9.3 (v2) High Pass F-Secure SSH Password Authentication Policy Evasion 14 Mar 2004 5 (v2) Medium Pass WarFTPd CWD Command Remote DoS CVE-2005-0312 27 Jan 2005 5 (v2) Medium Pass UW-IMAP CRAM-MD5 Remote Authentication Bypass CVE-2005-0198 29 Jan 2005 9.3 (v2) High Pass EMC Documentum D2 4.5.x and 4.6.x < 4.7 Multiple Vulnerabilities (ESA-2016-167) CVE-2016-9872 CVE-2016-9873 02 Feb 2017 6.3 (v3) Medium Pass Cisco TelePresence MCU Fragmented Packets Reassembly RCE CVE-2017-3792 06 Feb 2017 9.8 (v3) Critical Pass IBM DataPower Gateway < 7.5.2.2 Default Admin Password Security Bypass 06 Feb 2017 8.1 (v3) High Pass PostgreSQL < 7.2.7 / 7.3.9 / 7.4.7 / 8.0.1 Multiple Vulnerabilities CVE-2005-0227 CVE-2005-0244 CVE-2005-0245 CVE-2005-0246 CVE-2005-0247 03 Feb 2005 6.5 (v2) Medium Pass F5 Networks BIG-IP Web Interface Default Credential Check 31 Jul 2014 10 (v2) Critical Pass OpenSSL 1.0.0 < 1.0.0k Multiple Vulnerabilities CVE-2013-0166 CVE-2013-0169 09 Feb 2013 2.6 (v2) Low Pass Apache 2.2.x < 2.2.9 Multiple Vulnerabilities (DoS, XSS) CVE-2007-6420 CVE-2008-2364 CVE-2007-6423 11 Jul 2008 5.3 (v3) Medium Pass Tenable Nessus 6.x < 6.9 Multiple Vulnerabilities (TNS-2016-16) (SWEET32) CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6305 CVE-2016-6306 CVE-2016-6307 CVE-2016-6308 CVE-2016-6309 CVE-2016-7052 CVE-2016-926015 Feb 2017 9.8 (v3) Critical Pass l2tpd < 0.69 control.c write_packet Function Remote Overﬂow CVE-2004-0649 22 Jul 2004 10 (v2) Critical Pass Network Time Protocol (NTP) Mode 6 Scanner 21 Mar 2017 5.8 (v3) Medium Pass Cabletron WebView Administrative Access 22 May 2002 7.5 (v2) High Pass AVTech Multiple Vulnerabilities 23 Oct 2017 10 (v3) Critical Pass MS04-022: Microsoft Windows Task Scheduler Remote Overﬂow (841873) (uncredentialed check) CVE-2004-0212 29 Jul 2004 10 (v2) Critical Pass Apple TV < 10.2 Multiple Vulnerabilities CVE-2016-3619 CVE-2016-9642 CVE-2016-9643 CVE-2017-2367 CVE-2017-2379 CVE-2017-2386 CVE-2017-2390 CVE-2017-2394 CVE-2017-2395 CVE-2017-2396 CVE-2017-2401 CVE-2017-2406 CVE-2017-2407 CVE-2017-2415 CVE-2017-2416 CVE-2017-2417 CVE-2017-2428 CVE-2017-2430 CVE-2017-2432 CVE-2017-2435 CVE-2017-2439 CVE-2017-2440 CVE-2017-2441 CVE-2017-2444 CVE-2017-2445 CVE-2017-2446 CVE-2017-2447 CVE-2017-2448 CVE-2017-2450 CVE-2017-2451 CVE-2017-2454 CVE-2017-2455 CVE-2017-2456 CVE-2017-2458 CVE-2017-2459 CVE-2017-2460 CVE-2017-2461 CVE-2017-2462 CVE-2017-2464 CVE-2017-2465 CVE-2017-2466 CVE-2017-2467 CVE-2017-2468 CVE-2017-2469 CVE-2017-2470 CVE-2017-2472 CVE-2017-2473 CVE-2017-2474 CVE-2017-2475 CVE-2017-2476 CVE-2017-2478 CVE-2017-2481 CVE-2017-2482 CVE-2017-2483 CVE-2017-2485 CVE-2017-2487 CVE-2017-2490 CVE-2017-2491 CVE-2017-249210 Apr 2017 7.8 (v3) High Pass Puppet Enterprise < 2017.2.2 Arbitrary Code Execution Vulnerability CVE-2017-2296 09 Oct 2019 6.5 (v3) Medium Pass Cisco TelePresence Management Address Unspeciﬁed Admin Access CVE-2013-3379 24 Jul 2013 8.3 (v2) High Pass HP OﬃceJet Pro Wi-Fi Direct Support Printer Conﬁguration Unauthenticated Access 21 Apr 2017 9.8 (v3) Critical Pass Oracle GlassFish Server 3.1.2.x < 3.1.2.17 Java Server Faces Information Disclosure (April 2017 CPU) CVE-2017-3626 20 Apr 2017 3.1 (v3) Low Pass IP Forwarding Enabled CVE-1999-0511 23 Nov 2010 6.5 (v3) Medium Pass Oracle WebLogic Server mod_wl POST Request Remote Overﬂow CVE-2008-3257 18 Aug 2008 10 (v2) Critical Pass PostgreSQL 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 File Deletion CVE-2013-1899 08 Apr 2013 6.3 (v3) Medium Pass BadBlue Connection Saturation Remote DoS CVE-2004-1727 23 Aug 2004 5 (v2) Medium Pass IBM WebSphere Application Server 7.0 < Fix Pack 15 Multiple Vulnerabilities CVE-2011-0315 CVE-2011-0316 CVE-2011-1307 CVE-2011-1308 CVE-2011-1309 CVE-2011-1310 CVE-2011-1311 CVE-2011-1312 CVE-2011-1313 CVE-2011-1314 CVE-2011-1315 CVE-2011-1316 CVE-2011-1317 CVE-2011-1318 CVE-2011-1319 CVE-2011-1320 CVE-2011-1321 CVE-2011-132210 Mar 2011 7.5 (v2) High Pass Junos OS: ﬂowd DoS (JSA10963) CVE-2019-0064 04 Nov 2019 7.5 (v3) High Pass WS_FTP Server Multiple Vulnerabilities (Bounce, PASV Hijacking) CVE-1999-0017 01 Sep 2004 7.5 (v2) High Pass Exim < 4.76 dkim_exim_verify_ﬁnish() DKIM-Signature Header Format String CVE-2011-1407 CVE-2011-1764 10 May 2011 7.5 (v2) High Pass Serv-U 4.x-5.x STOU Command MS-DOS Argument Remote DoS CVE-2004-1675 13 Sep 2004 5 (v2) Medium Pass Citrix XenServer Web Self Service Detection 05 Mar 2012 None Pass Apache Jetspeed User Manager Service SQLi CVE-2016-0710 28 Mar 2016 8.8 (v3) High Pass Juniper Junos Space < 19.2R1 Multiple Vulnerabilities (JSA10951) CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 CVE-2018-10902 CVE-2018-12327 CVE-2019-5739 CVE-2019-613304 Dec 2019 9.8 (v3) Critical Pass Echo Service Detection CVE-1999-0103 CVE-1999-0635 22 Jun 1999 6.5 (v3) Medium Pass Canon ImageRUNNER SMTP Arbitrary Content Printing CVE-1999-0564 CVE-2004-2166 24 Sep 2004 5 (v2) Medium Pass phpMyAdmin Multiple Path Disclosure Vulnerabilities (PMASA-2016-1, PMASA-2016-6, PMASA-2016-8) CVE-2016-2038 CVE-2016-2042 CVE-2016-2044 12 Apr 2016 5.3 (v3) Medium Pass Apache HTTP Server mod_proxy Reverse Proxy HTTP 0.9 Information Disclosure CVE-2011-3639 09 Feb 2012 5 (v2) Medium Pass OpenSSL < 0.9.8w ASN.1 asn1_d2i_read_bio Memory Corruption CVE-2012-2110 CVE-2012-2131 24 Apr 2012 7.5 (v2) High Pass EMC Avamar ADS / AVE < 7.3.0 Hotﬁx 263301 PostgreSQL Command Local Privilege Escalation (ESA-2016-111)CVE-2016-0909 16 Dec 2016 8.4 (v3) High Pass Chargen UDP Service Remote DoS CVE-1999-0103 29 Nov 1999 5 (v2) Medium Pass VMSA-2012-0009 : ESXi and ESX patches address critical security issues (uncredentialed check) CVE-2012-2448 CVE-2012-2449 CVE-2012-2450 11 Jun 2012 9 (v2) High Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.12 Multiple Vulnerabilities 19 Dec 2016 7.5 (v3) High Pass SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection CVE-2009-3555 24 Nov 2009 5.8 (v2) Medium Pass Cisco Email Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC) CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass Cisco Content Security Management Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC)CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass HP System Management Homepage Multiple Vulnerabilities (HPSBMU03593) CVE-2007-6750 CVE-2011-4969 CVE-2015-3194 CVE-2015-3195 CVE-2015-3237 CVE-2015-7995 CVE-2015-8035 CVE-2016-0705 CVE-2016-0799 CVE-2016-2015 CVE-2016-284218 May 2016 9.8 (v3) Critical Pass glFTPd Multiple Script ZIP File Handling Arbitrary File / Directory Access CVE-2005-0483 01 Mar 2005 5 (v2) Medium Pass Cisco Web Security Appliance Information Disclosure (cisco-sa-esa-wsa-sma-info-RHp44vAC) CVE-2021-1129 29 Jan 2021 5.3 (v3) Medium Pass Apple iTunes < 12.4 DLL Injection Arbitrary Code Execution (uncredentialed check) CVE-2016-1742 27 May 2016 7.8 (v3) High Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.24-h1 / 8.0.x < 8.0.19-h1 / 8.1.x < 8.1.9-h4 / 9.0.x < 9.0.3-h3 VulnerabilityCVE-2019-1580 30 Aug 2019 9.8 (v3) Critical Pass IBM Storwize 1.3.x < 1.4.3.4 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities CVE-2007-6750 CVE-2013-4286 CVE-2013-4322 CVE-2014-0075 CVE-2014-0094 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0178 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 CVE-2014-3077 CVE-2014-3493 CVE-2014-481126 Jun 2015 9.3 (v2) High Pass Oracle Primavera Gateway Multiple Vulnerabilities (Apri 2017 CPU) CVE-2017-3500 CVE-2017-3508 16 Jan 2020 9.1 (v3) Critical Pass Altiris Deployment Solution Server < 6.9.355 Password Disclosure (SYM08-020) CVE-2008-6828 25 Nov 2008 2.1 (v2) Low Pass UBB.threads < 6.5.1 Multiple XSS CVE-2004-2509 CVE-2004-2510 13 Dec 2004 4.3 (v2) Medium Pass SIR GNUBoard Remote File Inclusion CVE-2004-1403 15 Dec 2004 8.3 (v3) High Pass Oracle GlassFish Server Request Handling Remote File Disclosure 20 Jun 2016 5 (v2) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.24 / 8.0.x < 8.0.19 / 8.1.x < 8.1.8-h5 / 9.0.x < 9.0.2-h4 VulnerabilityCVE-2019-1575 19 Jul 2019 8.8 (v3) High Pass Cisco Nexus 3000 and 3500 Insecure Default Telnet Credentials (cisco-sa-20160302-n3k) CVE-2016-1329 03 Mar 2016 9.8 (v3) Critical Pass ArGoSoft FTP Server USER Command Account Enumeration CVE-2004-1428 03 Jan 2005 5.3 (v3) Medium Pass e_Board index2.cgi message Parameter Traversal Arbitrary File Access 23 Dec 2004 5 (v2) Medium Pass Palo Alto Networks PAN-OS Management Interface API Remote DoS (PAN-SA-2016-0008) 06 Jul 2016 5 (v2) Medium Pass VideoDB < 2.0.2 Multiple Vulnerabilities 12 Jan 2005 7.5 (v2) High Pass Cisco Data Center Network Manager Information Disclosure (cisco-sa-dcnm-info-disc-QCSJB6YG) CVE-2021-1283 01 Feb 2021 5.5 (v3) Medium Pass Cisco ASA SSL VPN Functionality Version Information Disclosure (CSCuq65542) CVE-2014-3398 06 Jul 2016 5 (v2) Medium Pass ManageEngine ADSelfService Plus < 5.3 Build 5313 PasswordSelfServiceAPI XSS 11 Jul 2016 5.8 (v2) Medium Pass VMware Harbor 1.7.x < 1.7.6, 1.8.x < 1.8.3 (VMSA-2019-0015) CVE-2019-16097 17 Oct 2019 6.5 (v3) Medium Pass Palo Alto Networks PAN-OS Multiple Vulnerabilities (PAN-SA-2016-0002, PAN-SA-2016-0004) 04 Mar 2016 8.5 (v2) High Pass ngIRCd < 0.8.3 Log_Resolver() Format String CVE-2005-0226 03 Feb 2005 7.6 (v2) High Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.28 Information Disclosure (July 2016 CPU) CVE-2016-5477 20 Jul 2016 5.8 (v3) Medium Pass Drupal RESTWS Module Page Callback RCE 18 Jul 2016 10 (v2) Critical Pass eIQnetworks Enterprise Security Analyzer EnterpriseSecurityAnalyzer.exe LICMGR_ADDLICENSE Command Remote OverCVE-2006-3838ﬂow 02 Aug 2006 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < 6.1.0.7 Multiple Vulnerabilities CVE-2007-1944 CVE-2007-1945 CVE-2007-3262 CVE-2007-3263 05 Apr 2010 10 (v2) Critical Pass Cisco TelePresence VCS / Expressway 8.x < 8.8 Multiple Vulnerabilities (Bar Mitzvah) CVE-2015-2808 CVE-2015-6413 CVE-2016-1444 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-217614 Jul 2016 9.8 (v3) Critical Pass RealNetworks Helix Server < 11.1.8/12.0.1 Multiple Vulnerabilities CVE-2008-5911 30 Jan 2009 10 (v2) Critical Pass Palo Alto Networks PAN-OS Multiple Vulnerabilities (PAN-SA-2016-0003, PAN-SA-2016-0005) 04 Mar 2016 10 (v2) Critical Pass NetApp OnTap OS Default Credentials 25 Jul 2016 9.8 (v3) Critical Pass Drupal Coder Module Deserialization RCE 29 Jul 2016 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws CVE-2009-0434 12 Feb 2009 4.3 (v2) Medium Pass Ipswitch Collaboration Suite / IMail SMTPD Multiple Commands Format String CVE-2005-2931 19 Dec 2005 7.5 (v2) High Pass Splunk Enterprise < 5.0.16 / 6.0.12 / 6.1.11 / 6.2.10 / 6.3.6 / 6.4.3 or Splunk Light < 6.4.3 Cross-Site Redirection 25 Aug 2016 4.7 (v3) Medium Pass Mambo Open Source Tar.php Remote File Inclusion CVE-2005-0512 22 Feb 2005 6.8 (v2) Medium Pass ESXi 5.1 < Build 1483097 Multiple Vulnerabilities (remote check) CVE-2013-0166 CVE-2013-0169 CVE-2013-0338 CVE-2014-1207 CVE-2014-1208 20 Jan 2014 2.6 (v2) Low Pass Juniper Junos OS Denial of Service (JSA11098) CVE-2021-0208 29 Jan 2021 8.8 (v3) High Pass MiniUPnP DNS Rebind Vulnerability 30 Aug 2016 4.7 (v3) Medium Pass Cisco Nexus 5500 / 5600 / 6000 SNMP DoS (cisco-sa-20160302-n5ksnmp) CVE-2015-6260 09 Mar 2016 7.5 (v3) High Pass Cisco IOS XE SD-WAN DoS (cisco-sa-sdwan-dosmulti-48jJuEUP) CVE-2021-1274 01 Feb 2021 8.6 (v3) High Pass ProFTPD 1.2.0pre4 mkdir Command Directory Name Handling Remote Overﬂow CVE-1999-0911 31 Aug 1999 10 (v2) Critical Pass Cisco Nexus TCP Packet TIME_WAIT State Handling DoS (cisco-sa-20160302-netstack) CVE-2015-0718 09 Mar 2016 7.5 (v3) High Pass McAfee WebShield SMTP 4.5 Multiple Vulnerabilities CVE-2000-0738 CVE-2000-1130 27 Nov 2000 7.5 (v2) High Pass UPnP Internet Gateway Device (IGD) Port Mapping Listing 13 Oct 2016 6.3 (v3) Medium Pass UPnP WFA Device Detection 13 Oct 2016 5.4 (v3) Medium Pass MiCasaVerde VeraLite UPnP RCE CVE-2013-4863 07 Oct 2016 9.8 (v3) Critical Pass Core FTP Server < 1.2 Build 515 Multiple Vulnerabilities CVE-2014-1441 CVE-2014-1442 CVE-2014-1443 24 Feb 2014 4 (v2) Medium Pass Apache HTTP Server 403 Error Page UTF-7 Encoded XSS CVE-2008-2168 18 Nov 2011 6.5 (v3) Medium Pass Juniper Junos Authentication Bypass (JSA11001) CVE-2020-1618 03 Feb 2021 6.8 (v3) Medium Pass Cisco Data Center Network Manager Server-Side Request Forgery (cisco-sa-dcnm-ssrf-F2vX6q5p) CVE-2021-1272 02 Feb 2021 8.8 (v3) High Pass MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) (uncredentialed check)CVE-2011-1966 CVE-2011-1970 05 Mar 2014 10 (v2) Critical Pass MS02-037: Microsoft Exchange EHLO Long Hostname Overﬂow CVE-2002-0698 29 Jul 2002 7.5 (v2) High Pass Samba 3.0.0 'SamrChangePassword' RCE CVE-2007-2447 06 Apr 2015 6.3 (v3) Medium Pass HP Network Automation Remote Unauthorized Access (HPSBMU02738) CVE-2011-4790 24 Sep 2013 9.3 (v2) High Pass ProFTPD on Debian Linux postinst Installation Privilege Escalation CVE-2001-0456 23 Mar 2003 5.8 (v2) Medium Pass MailMax < 5.0.10.8 Multiple Remote Overﬂows CVE-1999-0404 07 May 2003 7.5 (v2) High Pass pfSense 2.4.x < 2.4.4-p1 Multiple Vulnerabilities (SA-18_09) CVE-2018-4019 CVE-2018-4020 CVE-2018-4021 CVE-2018-6925 CVE-2018-17154 CVE-2018-17155 02 Feb 2021 7.2 (v3) High Pass OpenSSL 1.0.x < 1.0.2r Information Disclosure Vulnerability CVE-2019-1559 01 Mar 2019 5.9 (v3) Medium Pass Sophos Web Protection Appliance Open Redirect Vulnerability 15 Nov 2016 4.3 (v3) Medium Pass ThinClientServer Admin Account Creation Privilege Escalation CVE-2006-6221 07 Dec 2006 7.5 (v2) High 96

Pass ISC BIND < 4.9.7-REL / 8.2.2-P5 Multiple Remote Vulnerabilities CVE-1999-0833 CVE-1999-0835 CVE-1999-0837 CVE-1999-0848 CVE-1999-0849 CVE-1999-0851 11 Nov 1999 10 (v2) Critical Pass Tenable SecurityCenter < 5.4.1 Multiple Vulnerabilities (TNS-2016-19) CVE-2016-7052 CVE-2016-7103 CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7415 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 CVE-2016-913727 Jan 2017 9.8 (v3) Critical Pass SNMP Agent Default Community Names CVE-1999-0186 CVE-1999-0254 CVE-1999-0472 CVE-1999-0516 CVE-1999-0517 CVE-1999-0792 CVE-2000-0147 CVE-2001-0380 CVE-2001-0514 CVE-2001-1210 CVE-2002-0109 CVE-2002-0478 CVE-2002-1229 CVE-2004-0311 CVE-2004-1474 CVE-2010-157425 Nov 2002 10 (v2) Critical Pass Oracle Application Express (Apex) CVE-2009-0981 CVE-2009-0981 20 Feb 2013 4 (v2) Medium Pass sphpblog search.php q Parameter XSS CVE-2005-1135 14 Apr 2005 4.3 (v2) Medium Pass Microsoft FrontPage dvwssr.dll Multiple Vulnerabilities CVE-2000-0260 14 Apr 2000 10 (v2) Critical Pass rlogin Service Detection CVE-1999-0651 30 Aug 1999 7.5 (v2) High Pass Hosting Controller HCDiskQuoteService.csv Direct Request Information Disclosure CVE-2005-0694 10 Mar 2005 5 (v2) Medium Pass OpenSSL < 0.9.7l / 0.9.8d Multiple Vulnerabilities CVE-2006-2937 CVE-2006-3738 CVE-2006-2940 CVE-2006-4343 04 Jan 2012 10 (v2) Critical Noise HTTP/2 Cleartext Detection 04 Sep 2015 None Pass OpenSSL 1.0.0 < 1.0.0m Multiple Vulnerabilities CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2015-0292 08 Apr 2014 7.5 (v2) High Pass Microsoft Windows SMTP Incorrect Credentials Authentication Bypass CVE-2001-0504 07 Jul 2001 7.5 (v2) High Pass Barracuda Web Filter <= 5.0.0.012 Remote Command Execution 09 Sep 2015 9 (v2) High Pass IBM DB2 10.5 < Fix Pack 6 Multiple Vulnerabilities (Bar Mitzvah) CVE-2015-0138 CVE-2015-0197 CVE-2015-0198 CVE-2015-0199 CVE-2015-1883 CVE-2015-1922 CVE-2015-1935 CVE-2015-2808 18 Sep 2015 9.8 (v3) Critical Pass Cisco NX-OS Malformed LISP Packet DoS (CSCuv11993) CVE-2016-1351 01 Apr 2016 7.5 (v3) High Pass Cisco TelePresence Server Conference Control Protocol API URL Handling DoS (cisco-sa-20150916-tps) CVE-2015-6284 24 Sep 2015 7.8 (v2) High Pass SqWebMail redirect Parameter CRLF Injected XSS CVE-2005-1308 26 May 2005 4.3 (v2) Medium Pass VMware vCenter 5.5 LDAP Certiﬁcate Validation MitM Spooﬁng (VMSA-2015-0006) CVE-2015-6932 24 Sep 2015 5.8 (v2) Medium Pass VMware vCenter 6.0 LDAP Certiﬁcate Validation MitM Spooﬁng (VMSA-2015-0006) CVE-2015-6932 24 Sep 2015 5.8 (v2) Medium Pass Bay Networks Accelar 1200 Switch Default Password (password) for 'usrname' Account CVE-1999-0508 03 Jun 2005 10 (v2) Critical Pass IBM Lotus Sametime Multiplexer Buﬀer Overﬂow CVE-2008-2499 24 Sep 2013 7.5 (v2) High Pass IBM Domino ZMerge Database Security Bypass CVE-2002-0664 09 Oct 2015 7.3 (v3) High Pass Cisco Small Business RV Series Routers Management Interface Multiple Vulnerabilities (cisco-sa-rv-overﬂow-ghZP68yj)CVE-2021-1319 CVE-2021-1320 CVE-2021-1321 CVE-2021-1322 CVE-2021-1323 CVE-2021-1324 CVE-2021-1325 CVE-2021-1326 CVE-2021-1327 CVE-2021-1328 CVE-2021-1329 CVE-2021-1330 CVE-2021-1331 CVE-2021-1332 CVE-2021-1333 CVE-2021-1334 CVE-2021-1335 CVE-2021-1336 CVE-2021-1337 CVE-2021-1338 CVE-2021-1339 CVE-2021-1340 CVE-2021-1341 CVE-2021-1342 CVE-2021-1343 CVE-2021-1344 CVE-2021-1345 CVE-2021-1346 CVE-2021-1347 CVE-2021-134805 Feb 2021 7.2 (v3) High Pass ViRobot Linux Server addschup Multiple Overﬂows CVE-2005-2041 15 Jun 2005 10 (v2) Critical Pass Cisco Small Business RV Series VPN Multiple RCE (cisco-sa-rv160-260-rce-XZeFkNHf) CVE-2021-1289 CVE-2021-1290 CVE-2021-1291 CVE-2021-1292 CVE-2021-1293 CVE-2021-1294 CVE-2021-1295 05 Feb 2021 9.8 (v3) Critical Pass Oracle GlassFish Server Unspeciﬁed Information Disclosure (October 2015 CPU) CVE-2015-4899 21 Oct 2015 4.3 (v2) Medium Pass OpenSSH < 4.2 Multiple Vulnerabilities CVE-2005-2797 CVE-2005-2798 CVE-2006-0393 07 Sep 2005 3.5 (v2) Low Pass Persistent Systems Radia Client Automation Agent Stack Overﬂow Remote Code Execution (destructive check) 02 Oct 2015 10 (v2) Critical Pass Apple iTunes < 12.3.1 Multiple Vulnerabilities (uncredentialed check) CVE-2015-5928 CVE-2015-5929 CVE-2015-5930 CVE-2015-5931 CVE-2015-6975 CVE-2015-6992 CVE-2015-7002 CVE-2015-7011 CVE-2015-7012 CVE-2015-7013 CVE-2015-7014 CVE-2015-701726 Oct 2015 7.5 (v2) High Pass SAP BusinessObjects Business Intelligence Platform Web Detection. 08 Feb 2021 None Pass Juniper Junos OS DoS (JSA11101) CVE-2021-0211 03 Feb 2021 10 (v3) Critical Pass Apache Traﬃc Server 5.3.x < 5.3.2 HTTP2 Multiple Vulnerabilities CVE-2015-5168 CVE-2015-5206 08 Dec 2015 9.8 (v3) Critical Pass Sun JavaServer Default Admin Password CVE-1999-0508 05 Jun 2002 7.5 (v2) High Pass Apple TV < 14.2 Multiple Vulnerabilities CVE-2020-9974 CVE-2020-10002 CVE-2020-10003 CVE-2020-10010 CVE-2020-10011 CVE-2020-10016 CVE-2020-10017 CVE-2020-27899 CVE-2020-27905 CVE-2020-27909 CVE-2020-27910 CVE-2020-27911 CVE-2020-27912 CVE-2020-27916 CVE-2020-27917 CVE-2020-27918 CVE-2020-27927 CVE-2020-2793505 Feb 2021 7.8 (v3) High Pass paNews 2.0.4b Multiple Input Validation Vulnerabilities CVE-2005-0646 CVE-2005-0647 18 Mar 2005 7.5 (v2) High Pass Tenable SecurityCenter < 5.17.0 Multiple Vulnerabilities (TNS-2020-11) CVE-2019-1551 CVE-2020-1967 CVE-2020-1971 CVE-2020-5808 CVE-2020-11022 23 Dec 2020 7.5 (v3) High Pass OpenSSL 0.9.8 < 0.9.8zh X509_ATTRIBUTE Memory Leak DoS CVE-2015-3195 07 Dec 2015 5.3 (v3) Medium Pass OpenSSL 1.0.0 < 1.0.0t Multiple DoS CVE-2015-3195 CVE-2015-3196 07 Dec 2015 5.3 (v3) Medium Pass Xerox WorkCentre 3025 / 3215 / 3225 OpenSSL Multiple Vulnerabilities (XRX15AM) (FREAK) (POODLE) CVE-2014-3566 CVE-2015-0204 11 Dec 2015 4.3 (v2) Medium Pass Xerox WorkCentre 3550 OpenSSL Multiple Vulnerabilities (XRX15AJ) (FREAK) (POODLE) CVE-2014-3566 CVE-2015-0204 11 Dec 2015 4.3 (v2) Medium Pass Cisco Small Business RV Series Routers Multiple Vulnerabilities (cisco-sa-rv160-260-ﬁlewrite-7x9mnKjn) CVE-2021-1296 CVE-2021-1297 05 Feb 2021 7.5 (v3) High Pass Apple iTunes < 12.3.2 Multiple Vulnerabilities (uncredentialed check) CVE-2015-7048 CVE-2015-7050 CVE-2015-7095 CVE-2015-7096 CVE-2015-7097 CVE-2015-7098 CVE-2015-7099 CVE-2015-7100 CVE-2015-7101 CVE-2015-7102 CVE-2015-7103 CVE-2015-710415 Dec 2015 6.8 (v2) Medium Pass Zebedee Malformed Protocol Option Header Port 0 Remote DoS CVE-2005-2904 10 Sep 2005 5 (v2) Medium Pass Juniper ScreenOS SSH / Telnet Authentication Backdoor CVE-2015-7755 23 Dec 2015 9.8 (v3) Critical Pass Symantec Messaging Gateway 10.x < 10.6.4 Directory Traversal Vulnerability (SYM17-016) CVE-2017-15532 02 Jan 2018 5.7 (v3) Medium Pass Junos OS: Multiple vulnerabilities in libxml2 (JSA10916) CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2017-7375 CVE-2017-18258 CVE-2018-9251 11 Jan 2019 9.8 (v3) Critical Pass SolarWinds Storage Manager AuthenticationFilter Script Upload RCE CVE-2015-5371 22 Dec 2015 10 (v2) Critical Pass Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability (cisco-sa-20190227-rmi-cmd-ex)CVE-2019-1663 27 Feb 2019 9.8 (v3) Critical Pass ACAP Cleartext Authentication 05 Jan 2016 4.3 (v2) Medium Pass AMQP Cleartext Authentication 05 Jan 2016 4.3 (v2) Medium Pass Palo Alto Networks PAN-OS 5.0.x < 5.0.19 / 5.1.x < 5.1.12 / 6.0.x < 6.0.14 / 6.1.x < 6.1.12 / 7.0.x < 7.0.8 Privilege Escalation (PCVE-2016-1712 AN-SA-2016-0012) 26 Aug 2016 7.8 (v3) High Pass ESXi 5.5 < Build 3248547 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)CVE-2015-6933 15 Jan 2016 6.3 (v3) Medium Pass HP Virtual Table Server (VTS) Database Import RCE CVE-2015-6857 20 Jan 2016 7.2 (v2) High Pass Oracle GlassFish Embedded Server Vulnerabilities (January 2016 CPU) CVE-2016-0441 CVE-2016-0453 20 Jan 2016 6.8 (v2) Medium Pass Oracle Application Express (Apex) CVE-2009-1993 CVE-2009-1993 20 Feb 2013 5.5 (v2) Medium Pass Cisco Uniﬁed Computing System Manager CGI RCE (CSCur90888) CVE-2015-6435 29 Jan 2016 9.8 (v3) Critical Pass Cisco Uniﬁed Computing System Manager CGI RCE (CSCur90888) (remote check) CVE-2015-6435 05 Feb 2016 9.8 (v3) Critical Pass HP Network Automation Multiple Vulnerabilities (HPSBMU02693) CVE-2011-2402 CVE-2011-2403 24 Sep 2013 6.5 (v2) Medium Pass Apache 2.2.x < 2.2.6 Multiple Vulnerabilities (DoS, XSS, Info Disc) CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3303 CVE-2007-3304 CVE-2007-3847 CVE-2007-4465 CVE-2007-1743 14 Sep 2007 5.3 (v3) Medium Pass pfSense < 2.4.5 Multiple Vulnerabilities CVE-2019-12462 CVE-2019-12949 CVE-2019-16914 CVE-2019-16915 11 Feb 2021 9.8 (v3) Critical Pass Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability - Cisco Systems CVE-2008-3804 01 Sep 2010 7.8 (v2) High Pass macOS 10.13 Authentication Bypass Remote Check (CVE-2017-13872) CVE-2017-13872 04 Dec 2017 8.1 (v3) High Pass SolarWinds Orion Platform < 2019.4.2 Remote Code Execution CVE-2021-25274 09 Feb 2021 9.8 (v3) Critical Pass Cisco Prime Collaboration Assurance 10.5.x / 10.6.x / 11.0.x / 11.1.x < 11.1.66527 Open Redirect (cisco-sa-20160503-pca)CVE-2016-1392 09 May 2016 7.4 (v3) High Pass SolarWinds Orion Platform < 2020.2.4 Multiple Vulnerabilities CVE-2021-25274 CVE-2021-25275 09 Feb 2021 9.8 (v3) Critical Pass Cisco Prime Collaboration Provisioning 10.6.x / 11.0.x < 11.0.0.815 Web Framework SQLi (cisco-sa-20151008-pcp)CVE-2015-6329 09 May 2016 6.5 (v2) Medium Pass HylaFAX hfaxd with PAM Password Policy Bypass CVE-2005-3538 10 Jan 2006 7.5 (v2) High Pass Junos OS: OpenSSL Security Advisories [16 Apr 2018] and [12 June 2018] (JSA10919) CVE-2018-0732 CVE-2018-0737 11 Jan 2019 5.9 (v3) Medium Pass VMware ESX / ESXi Descheduled Time Accounting DoS (VMSA-2009-0007) (remote check) CVE-2009-1805 03 Mar 2016 4 (v2) Medium Pass Lotus Domino LDAP Server Crafted Packet Remote DoS CVE-2006-0580 13 Feb 2006 5 (v2) Medium Pass EMC RSA Authentication Manager < 8.3 Patch 1 Multiple Vulnerabilities (DSA-2018-086) CVE-2018-1247 CVE-2018-1248 10 May 2018 6.1 (v3) Medium Pass VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (rCVE-2011-1202 CVE-2011-3102 CVE-2011-3970 CVE-2012-2807 CVE-2012-2825 CVE-2012-2870 CVE-2012-2871 CVE-2012-4244 CVE-2013-1405emote check) 04 Mar 2016 10 (v2) Critical Pass VMware ESX Service Console Multiple Vulnerabilities (VMSA-2012-0008) (remote check) CVE-2010-4008 CVE-2011-0216 CVE-2011-1944 CVE-2011-2834 CVE-2011-3191 CVE-2011-3905 CVE-2011-3919 CVE-2011-4348 CVE-2012-002803 Mar 2016 10 (v2) Critical Pass VMware ESX WebWorks Help Multiple XSS (VMSA-2009-0017) (remote check) CVE-2009-3731 03 Mar 2016 4.3 (v2) Medium Pass Fenice <= 1.10 Multiple Remote Vulnerabilities CVE-2006-2022 CVE-2006-2023 27 May 2006 7.5 (v2) High Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0015) (remote check) CVE-2012-2372 CVE-2012-3552 CVE-2013-0791 CVE-2013-1620 CVE-2013-2147 CVE-2013-2164 CVE-2013-2206 CVE-2013-2224 CVE-2013-2232 CVE-2013-2234 CVE-2013-223704 Mar 2016 6.9 (v2) Medium Pass VMware ESX / ESXi Arbitrary File Modiﬁcation (VMSA-2013-0016) (remote check) CVE-2013-5973 04 Mar 2016 4.4 (v2) Medium Pass CA DM Deployment Common Component Multiple DoS CVE-2006-0306 CVE-2006-0307 19 Jan 2006 5 (v2) Medium Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0001) (remote check) CVE-2010-0211 CVE-2010-0212 CVE-2010-2956 CVE-2010-3847 CVE-2010-3856 04 Mar 2016 7.2 (v2) High Pass VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0010) (remote check) CVE-2010-0296 CVE-2011-0536 CVE-2011-0997 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 04 Mar 2016 7.5 (v2) High Pass Ipswitch IMail Server SMTP Service Crafted RCPT String Remote Overﬂow CVE-2006-4379 08 Sep 2006 7.5 (v2) High Pass Apache on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure CVE-2006-4110 11 Aug 2006 5.3 (v3) Medium Pass RunCMS Multiple Script lid Parameter SQL Injection CVE-2007-6544 07 Jan 2008 7.5 (v2) High Pass pfSense < 2.4.4-p3 Multiple Vulnerabilities CVE-2018-20798 CVE-2018-20799 11 Feb 2021 7.5 (v3) High Pass Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613) CVE-2019-1613 13 Dec 2019 6.7 (v3) Medium Pass IBM Tivoli Storage Manager FastBack 5.5.x Multiple Vulnerabilities CVE-2016-0212 CVE-2016-0213 CVE-2016-0216 04 Mar 2016 9.8 (v3) Critical Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0013) (remote check) CVE-2005-4268 CVE-2007-4476 CVE-2008-5302 CVE-2008-5303 CVE-2010-0624 CVE-2010-1168 CVE-2010-1321 CVE-2010-1447 CVE-2010-206308 Mar 2016 8.5 (v2) High Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0019) (remote check) CVE-2009-0590 CVE-2009-2409 CVE-2009-3555 CVE-2010-0405 CVE-2010-3069 08 Mar 2016 7.5 (v2) High Pass Oracle GlassFish Server 2.1.1.x < 2.1.1.30 / 3.0.1.x < 3.0.1.15 / 3.1.2.x < 3.1.2.16 Multiple Vulnerabilities (January 2017 CPU)CVE-2016-5528 CVE-2017-3239 CVE-2017-3247 CVE-2017-3249 CVE-2017-3250 19 Jan 2017 7.3 (v3) High Pass VMware ESX Privilege Escalation (VMSA-2010-0017) (remote check) CVE-2010-3081 08 Mar 2016 7.2 (v2) High Pass Verity Ultraseek < 5.7 Multiple Vulnerabilities CVE-2006-5819 18 Nov 2006 10 (v2) Critical Pass HP OﬃceJet Printers Unspeciﬁed Information Disclosure (HPSBPI03546) CVE-2016-2244 15 Mar 2016 5.9 (v3) Medium Pass Cisco Uniﬁed Computing System (UCS) Central Software Improper Certiﬁcate Validation (cisco-sa-ucs-invcert-eOpRvCKH)CVE-2021-1354 12 Feb 2021 3.5 (v3) Low Pass Lexmark MarkVision Enterprise < 2.1 Multiple Vulnerabilities CVE-2014-8741 CVE-2014-8742 22 Dec 2014 10 (v2) Critical Pass ManageEngine Desktop Central Default Administrator Credentials 04 Dec 2013 7.5 (v2) High Pass IBM Network Security Protection XGS Default Credentials 02 Jan 2015 10 (v2) Critical Pass ASUS Router 'infosvr' Remote Command Execution CVE-2014-9583 14 Jan 2015 10 (v2) Critical Pass Mercury LoadRunner Agent server_ip_name Field Remote Buﬀer Overﬂow CVE-2007-0446 13 Feb 2007 10 (v2) Critical Pass Lexmark MarkVision Enterprise GfdFileUploadServerlet RCE Vulnerability CVE-2014-8741 15 Jan 2015 10 (v2) Critical Pass OpenSSL 1.0.1 < 1.0.1k Multiple Vulnerabilities (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 16 Jan 2015 5 (v2) Medium Pass Juniper Junos OS Multiple Local Privilege Escalation Vulnerabilities (JSA11114) CVE-2021-0204 CVE-2021-0223 27 Jan 2021 7.8 (v3) High Pass Apache Traﬃc Server 5.1.x < 5.1.2 DoS CVE-2014-10022 22 Jan 2015 5 (v2) Medium Pass Multiple Vulnerabilities in Cisco NX-OS-Based Products (cisco-sa-20130424-nxosmulti) CVE-2013-1178 CVE-2013-1179 CVE-2013-1180 CVE-2013-1181 31 May 2013 9 (v2) High Pass ManageEngine Password Manager Pro Default Credentials 23 Jan 2015 7.5 (v2) High Pass Openswan < 2.6.36 IKE Packet NULL Pointer Dereference Remote DoS CVE-2011-3380 28 Jan 2015 5.3 (v3) Medium Pass Openswan < 2.6.37 Cryptographic Helper Use-After-Free Remote DoS CVE-2011-4073 28 Jan 2015 4.3 (v3) Medium Pass Juniper Junos OS MX Series DoS (JSA11077) CVE-2020-1680 30 Oct 2020 5.3 (v3) Medium Pass ESXi 5.5 < Build 2352327 Multiple Vulnerabilities (remote check) (POODLE) CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3660 CVE-2014-8370 CVE-2015-1044 29 Jan 2015 6.4 (v2) Medium Pass Zope Image and File Update Data Protection Bypass CVE-2000-1212 19 Dec 2000 6 (v2) Medium Pass Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities CVE-2012-0883 CVE-2012-2686 CVE-2012-2687 CVE-2012-3499 CVE-2012-3817 CVE-2012-4244 CVE-2012-4558 CVE-2012-5166 CVE-2012-5688 CVE-2013-0166 CVE-2013-0169 CVE-2013-1025 CVE-2013-1026 CVE-2013-1027 CVE-2013-1028 CVE-2013-1029 CVE-2013-1030 CVE-2013-1031 CVE-2013-1032 CVE-2013-1033 CVE-2013-1635 CVE-2013-1643 CVE-2013-1775 CVE-2013-1824 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1902 CVE-2013-1903 CVE-2013-2110 CVE-2013-226613 Sep 2013 10 (v2) Critical Pass Tenable SecurityCenter < 5.14.0 Multiple Vulnerabilities (TNS-2020-02) CVE-2019-11358 CVE-2020-5737 19 Feb 2021 6.1 (v3) Medium Pass Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability (cisco-sa-20130925-ntp)CVE-2013-5472 07 Oct 2013 7.1 (v2) High 97

Pass OpenSSL 1.0.0 < 1.0.1o Multiple Vulnerabilities (POODLE) CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 17 Oct 2014 4.3 (v2) Medium Pass Graylog2 LDAP Authentication Bypass Vulnerability CVE-2014-9217 10 Feb 2015 5 (v2) Medium Pass Cisco NX-OS Software BGP DoS (CSCtn13055) CVE-2012-4098 16 Oct 2013 5 (v2) Medium Pass Tivoli Storage Manager Server Unsupported Product 24 Feb 2015 10 (v2) Critical Pass Symantec Data Center Security Server 'WCUnsupportedClass.jsp' XSS 26 Feb 2015 4.3 (v2) Medium Pass IBM Tivoli Storage Manager Express Backup Server Service (dsmsvc.exe) Packet Handling Remote OverﬂowCVE-2008-0247 17 Jan 2008 10 (v2) Critical Pass Cisco Nexus 4000 Series Switches IPv6 Denial of Service (CSCtd15904) CVE-2013-6683 02 Dec 2013 6.1 (v2) Medium Pass Lotus Quickr for Domino qp2.dll ActiveX Control Integer Overﬂow Remote Code Execution CVE-2013-3026 26 Jun 2013 9.3 (v2) High Pass CodeMeter < 5.20 Local Privilege Escalation Vulnerability CVE-2014-8419 23 Feb 2015 7.2 (v2) High Pass SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Supported (FREAK) CVE-2015-0204 04 Mar 2015 4.3 (v2) Medium Pass BayTech RPC-3 Telnet Daemon Remote Authentication Bypass CVE-2005-0957 01 Apr 2005 10 (v2) Critical Pass MongoDB Unauthenticated REST API Detection 12 Mar 2015 5 (v2) Medium Pass Palo Alto Networks PAN-OS < 4.0.9 / 4.1.x < 4.1.2 Multiple Command Injections CVE-2012-6595 CVE-2012-6600 05 Mar 2014 9 (v2) High Pass Loxone Smart Home Miniserver < 6.3 Multiple Vulnerabilities 13 Mar 2015 6.8 (v2) Medium Pass Pulse Connect Secure < 9.1R8.2 (SA44588) CVE-2020-8238 CVE-2020-8243 CVE-2020-8256 09 Oct 2020 7.2 (v3) High Pass Dell KACE K2000 Appliance Hidden CIFS Fileshare Information Disclosure CVE-2011-1672 19 Apr 2011 5.3 (v3) Medium Pass Apple TV < 7.0.2 Multiple Vulnerabilities CVE-2014-4452 CVE-2014-4455 CVE-2014-4461 CVE-2014-4462 20 Nov 2014 9.3 (v2) High Pass Palo Alto Networks PAN-OS 5.x < 5.0.9 Multiple Vulnerabilities 05 Mar 2014 6.5 (v2) Medium Pass ManageEngine NetFlow Analyzer Default Credentials 16 Mar 2015 7.5 (v2) High Pass HP Universal Conﬁguration Management Database Data Flow Probe Gateway Cross-Site Tracing 18 Mar 2015 5 (v2) Medium Pass Cisco UCS Director Authentication Bypass (cisco-sa-20190821-ucsd-authbypass) CVE-2019-1938 23 Aug 2019 9.8 (v3) Critical Pass Juniper Junos SRX Series ﬂowd DoS (JSA10622) CVE-2014-2714 14 Apr 2014 7.1 (v2) High Pass OpenSSL 1.0.2 < 1.0.2a Multiple Vulnerabilities CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0293 CVE-2015-1787 CVE-2016-0703 CVE-2016-070424 Mar 2015 6.8 (v2) Medium Pass Palo Alto Networks PAN-OS 7.0.7 Multiple Vulnerabilities 17 Jun 2016 10 (v2) Critical Pass Apache Struts struts-cookbook processSimple.do message Parameter XSS CVE-2012-1007 23 Jul 2012 4.3 (v2) Medium Pass Cisco NX-OS Multiple Vulnerabilities (cisco-sa-20140521-nxos) CVE-2013-1191 CVE-2014-2200 CVE-2014-2201 CVE-2014-3261 30 May 2014 7.6 (v2) High Pass ArubaOS Remote Access Point Command Injection CVE-2015-1388 03 Apr 2015 7.2 (v2) High Pass Cisco IOS Software NAT denial of service (cisco-sa-20170927-nat) CVE-2017-12231 05 Oct 2017 7.5 (v3) High Pass Cisco NX-OS Software Buﬀer Overﬂow and Command Injection Vulnerabilities CVE-2019-1767 CVE-2019-1768 28 Jun 2019 6.7 (v3) Medium Pass Juniper Junos IPv6 Neighbor Discovery (ND) Traﬃc Handling Multiple Vulnerabilities (JSA10749) CVE-2016-1409 22 Jun 2016 5.3 (v3) Medium Pass OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities CVE-2019-1547 CVE-2019-1552 CVE-2019-1563 23 Aug 2019 4.7 (v3) Medium Pass Cisco IOS Zone-Based Firewall Feature Security Bypass (CSCun94946) CVE-2014-2146 27 Jun 2016 6.5 (v3) Medium Pass MySQL Enterprise Monitor 3.0.x < 3.0.5 Apache Struts DMI Multiple Vulnerabilities CVE-2013-4316 08 May 2015 10 (v2) Critical Pass CherryPy staticFilter Traversal Arbitrary File Access CVE-2006-0847 22 Feb 2006 5 (v2) Medium Pass Palo Alto Networks PAN-OS 6.1.x < 6.1.11 Multiple Vulnerabilities 07 Jul 2016 4 (v2) Medium Pass Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.1 Vulnerability CVE-2016-10012 02 Jul 2020 7.8 (v3) High Pass Websense TRITON 7.8 Source Code Disclosure 21 May 2015 5 (v2) Medium Pass Mingle Forum Plugin for WordPress 'topic' parameter SQL Injection 20 Jan 2011 7.5 (v2) High Pass Cisco TelePresence ISDN Gateway Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass Cisco TelePresence MCU Command Injection Vulnerability CVE-2015-0713 21 May 2015 9 (v2) High Pass OpenMediaVault Default Administrator Credentials 18 Dec 2013 7.5 (v2) High Pass Modbus/TCP Report Slave ID 10 May 2015 5 (v2) Medium Pass Xerox ColorQube Unspeciﬁed Remote Protocol Authorization Bypass (XRX13-008) 28 Oct 2013 10 (v2) Critical Pass HP SiteScope Log Analysis Tool Remote Privilege Escalation (uncredentialed check) CVE-2015-2120 10 Jun 2015 8.7 (v2) High Pass IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 DirCVE-2020-4782ectory Traversal (CVE-2020-4782) 12 Feb 2021 6.5 (v3) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 4 Multiple Vulnerabilities CVE-2012-2159 CVE-2012-2161 CVE-2012-2170 CVE-2012-2190 CVE-2012-2191 CVE-2012-3293 09 Aug 2012 5.8 (v2) Medium Pass ManageEngine Applications Manager FailOverHelperServlet 'ﬁleName' Parameter Arbitrary File DisclosureCVE-2014-7863 08 Jun 2015 5 (v2) Medium Pass Splunk Enterprise 5.0.x < 5.0.13 / 6.0.x < 6.0.9 / 6.1.x < 6.1.8 OpenSSL Vulnerabilities (FREAK) CVE-2015-0204 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-178704 Jun 2015 7.5 (v2) High Pass TLS Version 1.0 Protocol Detection (PCI DSS) 30 Jun 2015 8.2 (v3) High Pass Splunk Enterprise < 5.0.18 / 6.0.14 / 6.1.13 / 6.2.13.1 / 6.3.10 / 6.4.6 / 6.5.3 / Splunk Light < 6.5.3 Multiple VCVE-2017-5607ulnerabilities 06 Apr 2017 3.5 (v3) Low Pass Bitrix bitrix.xscan Module < 1.0.4 bitrix.xscan_worker.php 'ﬁle' Parameter Path Traversal File Disclosure CVE-2015-8357 02 May 2017 4.7 (v3) Medium Pass Cisco Ironport Security Appliance Default Host Key Vulnerability CVE-2015-4217 02 Jul 2015 4.3 (v2) Medium Pass EMC Documentum D2 4.1.x < 4.5 XSS (ESA-2015-109) CVE-2015-0549 26 Jun 2015 3.5 (v2) Low Pass Oracle iPlanet Web Server 6.1.x < 6.1.21 / 7.0.x < 7.0.22 NSS Signature Handling Remote Code Injection CVE-2014-1569 23 Jul 2015 7.5 (v2) High Pass IBM WebSphere Application Server 6.1 < Fix Pack 47 Multiple Vulnerabilities CVE-2012-2098 CVE-2012-3305 CVE-2012-4853 CVE-2013-0169 CVE-2013-0458 CVE-2013-0459 CVE-2013-0460 CVE-2013-0461 CVE-2013-0462 CVE-2013-0541 CVE-2013-0542 CVE-2013-0543 CVE-2013-0544 CVE-2013-0596 CVE-2013-1768 CVE-2013-1862 CVE-2013-1896 CVE-2013-2967 CVE-2013-2976 CVE-2013-3029 CVE-2013-4005 CVE-2013-4052 CVE-2013-405320 Sep 2013 10 (v2) Critical Pass HP Network Automation 9.22.0x / 10.00.0x < 10.00.02 Multiple RCE CVE-2016-1988 CVE-2016-1989 25 Mar 2016 9.8 (v3) Critical Pass Apple TV < 9.2 Multiple Vulnerabilities CVE-2015-1819 CVE-2015-5312 CVE-2015-7499 CVE-2015-7500 CVE-2015-7942 CVE-2015-8035 CVE-2015-8242 CVE-2015-8659 CVE-2016-0801 CVE-2016-0802 CVE-2016-1740 CVE-2016-1748 CVE-2016-1750 CVE-2016-1751 CVE-2016-1752 CVE-2016-1753 CVE-2016-1754 CVE-2016-1755 CVE-2016-1762 CVE-2016-1775 CVE-2016-1783 CVE-2016-1784 CVE-2016-195001 Apr 2016 10 (v3) Critical Pass MS07-063: Vulnerability in SMBv2 Could Allow Remote Code Execution (942624) (uncredentialed check) CVE-2007-5351 07 Jan 2008 10 (v3) Critical Pass Retrospect Client Malformed Packet DoS CVE-2006-0995 03 Mar 2006 5 (v2) Medium Pass SecurityCenter devform.php message Parameter XSS CVE-2013-5911 30 Sep 2013 4.3 (v2) Medium Pass HP Autonomy Ultraseek 5 Unspeciﬁed XSS CVE-2013-6196 15 Jan 2014 3.5 (v2) Low Pass Alcatel OmniSwitch Default Credentials (http) 30 Sep 2013 7.5 (v2) High Pass Coppermine Photo Gallery showdoc.php f Parameter Local File Inclusion CVE-2006-0873 27 Feb 2006 5 (v2) Medium Pass SSH Server CBC Mode Ciphers Enabled CVE-2008-5161 28 Oct 2013 2.6 (v2) Low Pass Oracle GlassFish Server Multiple Vulnerabilities (October 2013 CPU) CVE-2013-2172 CVE-2013-3827 CVE-2013-5816 17 Oct 2013 5 (v2) Medium Pass Acme mini_httpd Protocol String Handling Memory Disclosure CVE-2015-1548 05 May 2016 5 (v2) Medium Pass Dropbear SSH Server < 2013.59 Multiple Vulnerabilities CVE-2013-4421 CVE-2013-4434 22 Oct 2013 5 (v2) Medium Pass AjaXplorer < 5.0.3 Multiple Vulnerabilities CVE-2013-5688 18 Oct 2013 5.5 (v2) Medium Pass FancyBox Plugin for WordPress 'mfbfw' Parameter Persistent XSS CVE-2015-1494 16 Feb 2015 4.3 (v2) Medium Pass TWiki 'debugenableplugins' Parameter RCE CVE-2014-7236 20 Apr 2015 8.8 (v3) High Pass ESXi 5.0 < Build 721882 Multiple Vulnerabilities (remote check) CVE-2012-3288 CVE-2012-3289 13 Nov 2013 9.3 (v2) High Pass ESXi 5.1 < Build 1142907 NFC Traﬃc Denial of Service (remote check) CVE-2013-1661 13 Nov 2013 4.3 (v2) Medium Pass OpenSSH 6.2 and 6.3 AES-GCM Cipher Memory Corruption CVE-2013-4548 13 Nov 2013 6 (v2) Medium Pass Claroline Multiple RemoteVulnerabilities (RFI, Traversal, XSS) CVE-2006-1594 CVE-2006-1595 CVE-2006-1596 03 Apr 2006 7.5 (v2) High Pass ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check) CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2010-4180 CVE-2010-4252 CVE-2011-0014 CVE-2011-1089 CVE-2011-3048 CVE-2011-4108 CVE-2011-4109 CVE-2011-4576 CVE-2011-4577 CVE-2011-4609 CVE-2011-4619 CVE-2012-0050 CVE-2012-0864 CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 CVE-2012-3480 CVE-2013-1406 CVE-2013-165913 Nov 2013 9.3 (v2) High Pass MikroTik RouterOS 5.x < 5.26 / 6.x < 6.3 sshd Unspeciﬁed Remote Heap Corruption 18 Nov 2013 5 (v2) Medium Pass MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212) (uncredentialed check)CVE-2006-7192 CVE-2007-0041 CVE-2007-0042 CVE-2007-0043 11 Jul 2007 9.3 (v2) High Pass MySQL Server COM_CHANGE_USER Command Security Bypass CVE-2012-5627 27 Nov 2013 4.3 (v3) Medium Pass RomPager HTTP Referer Header XSS CVE-2013-6786 03 Dec 2013 4.3 (v2) Medium Pass Cisco Prime Data Center Network Manager < 6.2(1) Multiple Vulnerabilities (uncredentialed check) CVE-2013-5486 CVE-2013-5487 CVE-2013-5490 27 Sep 2013 9.8 (v3) Critical Pass OpenSSL 1.0.1 < 1.0.1f Multiple Vulnerabilities CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 08 Jan 2014 5.8 (v2) Medium Pass Accellion File Transfer Appliance Unsupported Version 01 Mar 2021 9.8 (v3) Critical Pass Cisco WAAS Mobile Server Web Administration Default Credentials 07 Jan 2014 7.5 (v2) High Pass Apache Solr < 4.6.0 'SolrResourceLoader' Directory Traversal CVE-2013-6397 07 Jan 2014 4.3 (v2) Medium Pass Novell Identity Manager Roles Based Provisioning Module taskId XSS CVE-2013-1096 07 Jan 2014 4.3 (v2) Medium Pass Synology DiskStation Manager < 4.3-3776 Update 3 info.cgi Multiple Parameters XSS 05 Feb 2014 4.3 (v2) Medium Pass VMware Security Updates for vCenter Server (VMSA-2014-0006) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 10 Jul 2014 5.8 (v2) Medium Pass Adobe ColdFusion Multiple Vulnerabilities (APSA13-03) CVE-2013-3336 14 May 2013 5 (v2) Medium Pass Puppet Symlink File Overwrite CVE-2013-4969 27 Jan 2014 2.1 (v2) Low Pass IBM GCM16 / GCM32 Global Console Manager KVM Switch Firmware Version < 1.20.0.22575 Remote Code ExecutionCVE-2013-0526 05 Aug 2014 8.5 (v2) High Pass OpenSSL 1.0.0 < 1.0.0n Multiple Vulnerabilities CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 08 Aug 2014 6.8 (v2) Medium Pass JForum Detection 14 Feb 2014 None Pass SAP Host Agent SOAP Web Service Information Disclosure (SAP Note 1816536) CVE-2013-3319 03 Feb 2014 5 (v2) Medium Pass Cisco Uniﬁed Computing System Serial over LAN Static Private Key Vulnerability (CSCte90338) CVE-2012-4074 12 Feb 2014 5.8 (v2) Medium Pass Symantec Web Gateway < 5.2.5 Management Console Command Injection (SYM16-017) CVE-2016-5313 13 Oct 2016 8.8 (v3) High Pass Cisco Uniﬁed Computing System Smart Call Home Input Validation Vulnerability (CSCtl00186) CVE-2012-4093 18 Feb 2014 4.6 (v2) Medium Pass Symantec Web Gateway <= 5.1.1 Multiple Vulnerabilities (SYM14-003) CVE-2013-5012 CVE-2013-5013 13 Feb 2014 6.5 (v2) Medium Pass Ubiquiti airCam < 1.2.0 ubnt-streamer RTSP Service Remote Code Execution CVE-2013-1606 19 Feb 2014 7.5 (v2) High Pass nginx < 1.8.1 / 1.9.x < 1.9.10 Multiple Vulnerabilities CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 09 Mar 2018 7.3 (v3) High Pass VMware Security Updates for vCenter Server (VMSA-2013-0006) CVE-2012-2733 CVE-2012-4534 CVE-2013-3107 30 Apr 2013 4.3 (v2) Medium Pass Oracle GlassFish Server 3.0.1 < 3.0.1.7 / 3.1.2 < 3.1.2.5 Multiple Vulnerabilities (April 2013 CPU) CVE-2013-1508 CVE-2013-1515 05 Jun 2013 4.3 (v2) Medium Pass Lexmark Printer Conﬁguration Persistent XSS CVE-2013-6033 03 Mar 2014 3.5 (v2) Low Pass MS08-037: Vulnerabilities in DNS Could Allow Spooﬁng (951746) (uncredentialed check) CVE-2008-1447 CVE-2008-1454 05 Mar 2014 9.4 (v2) High Pass OpenSSH S/KEY Authentication Account Enumeration CVE-2007-2243 18 Nov 2011 5 (v2) Medium Pass McAfee Web Gateway User Interface Default Credentials 21 Feb 2014 10 (v2) Critical Pass Apache 2.2.x < 2.2.22 Multiple Vulnerabilities CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-4557 02 Feb 2012 5.3 (v3) Medium Pass Novell ZENworks Conﬁguration Console Login.jsp language Parameter XSS CVE-2013-1094 18 Jun 2013 4.3 (v2) Medium Pass Web Accessible Backups 03 Mar 2014 None Pass Oracle RDBMS Patchset Out of Date (remote check) 13 Mar 2014 10 (v2) Critical Pass PeopleSoft PeopleTools JMS Listening Connector Activity Parameter XSS CVE-2009-1987 29 Oct 2009 4.3 (v2) Medium Pass Cisco Email Security Appliance Web UI Default Credentials 02 Apr 2014 9.8 (v3) Critical Pass Cisco Content Security Management Appliance Web UI Default Credentials 02 Apr 2014 7.5 (v2) High 98

Pass ionCube loader-wizard.php Accessible 04 Apr 2014 5 (v2) Medium Pass Ajax Pagination (twitter Style) Plugin for WordPress Local File Inclusion 07 Apr 2014 5 (v2) Medium Pass ASUS Routers ﬂag Parameter XSS 25 Feb 2014 4.3 (v2) Medium Pass HP Universal Conﬁguration Management Database Server (UCMDB) Local Information Disclosure (HPSBGN03504)CVE-2015-5440 22 Sep 2015 4.9 (v2) Medium Pass Cisco ONS 15454 Controller Card DoS (CSCug97315) CVE-2014-2139 10 Apr 2014 5 (v2) Medium Pass Canon PIXMA Printer WLAN Credential Disclosure CVE-2013-4614 07 Apr 2014 2.1 (v2) Low Pass OpenSSL Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 08 Apr 2014 7.5 (v3) High Pass NAS4Free Web UI Default Credentials 14 Apr 2014 10 (v2) Critical Pass CA ERwin Web Portal 9.5 Multiple Directory Traversals CVE-2014-2210 29 Apr 2014 7.5 (v2) High Pass BSD in.lpd File Name Handling Remote Overﬂow CVE-2001-0670 CVE-1999-0061 17 Mar 2003 7.5 (v2) High Pass Symantec Endpoint Protection Manager Java Object Deserialization RCE (SYM15-011) CVE-2015-6554 18 Dec 2015 8.8 (v3) High Pass IBM DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3555 CVE-2010-0462 CVE-2010-3193 CVE-2010-3194 CVE-2010-3195 CVE-2010-3731 CVE-2010-3732 CVE-2010-3733 CVE-2010-3734 CVE-2010-3735 CVE-2010-3736 CVE-2010-3737 CVE-2010-3738 CVE-2010-3739 CVE-2010-374007 Sep 2010 9.8 (v3) Critical Pass OS Identiﬁcation: SinFP with Machine Learning 15 Jan 2020 None Pass OpenSSL < 0.9.6e Multiple Vulnerabilities CVE-2002-0655 CVE-2002-0656 CVE-2002-0659 04 Jan 2012 7.5 (v2) High Pass APC < 3.8.0 apcupsd Multiple Vulnerabilities CVE-2001-0040 CVE-2003-0098 CVE-2003-0099 26 Mar 2003 10 (v2) Critical Pass Microsoft SharePoint Server Unsupported Version Detection 30 May 2014 10 (v3) Critical Pass OpenSSL < 0.9.7h / 0.9.8a Protocol Version Rollback CVE-2005-2969 04 Jan 2012 5 (v2) Medium Pass HP OneView Unspeciﬁed Remote Privilege Escalation (HPSBGN03034) CVE-2014-2602 13 Jun 2014 6.5 (v2) Medium Pass PoPToP PPTP ctrlpacket.c Negative Read Remote Overﬂow CVE-2003-0213 16 Apr 2003 10 (v2) Critical Pass OpenSSH < 3.7.1 Multiple Vulnerabilities CVE-2003-0682 CVE-2003-0693 CVE-2003-0695 CVE-2004-2760 16 Sep 2003 10 (v2) Critical Pass Apache 2.0.x < 2.0.51 Multiple Vulnerabilities (OF, DoS) CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 16 Sep 2004 5.6 (v3) Medium Pass Splunk '/en-US/app/' Referer Header XSS CVE-2014-8380 30 May 2014 4.3 (v2) Medium Pass Snitz Forums 2000 < 3.4.03 register.asp Email Parameter SQL Injection CVE-2003-0286 04 Aug 2004 7.5 (v2) High Pass F5 Networks ARX Data Manager Unsupported Version Detection 01 Jul 2014 10 (v2) Critical Pass Unsupported Microsoft DNS Server Detection 12 Jun 2014 10 (v3) Critical Pass EMC Documentum D2 Privilege Escalation (ESA-2014-045) CVE-2014-2504 06 Jun 2014 9 (v2) High Pass McAfee Cloud Single Sign On WebUI Default Credentials 25 Mar 2014 7.5 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 13 Multiple Vulnerabilities CVE-2010-0781 CVE-2010-0783 CVE-2010-0784 CVE-2010-0785 CVE-2010-0786 CVE-2010-1632 CVE-2010-3186 CVE-2010-4220 11 Nov 2010 7.5 (v2) High Pass Puppet Enterprise 3.x < 3.1.3 LibYAML Heap-Based Buﬀer Overﬂow CVE-2013-6393 21 Mar 2014 6.8 (v2) Medium Pass Tivoli Provisioning Manager Express for Software Distribution Detection 29 Mar 2012 None Pass Oracle iPlanet Web Server 7.0.x < 7.0.9 Multiple Vulnerabilities CVE-2010-3512 CVE-2010-3514 CVE-2010-3544 CVE-2010-3545 13 Dec 2010 5.8 (v2) Medium Pass Cisco TelePresence Supervisor MSE 8050 Multiple Vulnerabilities in OpenSSL CVE-2014-0224 CVE-2014-3470 18 Jun 2014 5.8 (v2) Medium Pass Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL CVE-2014-0076 CVE-2014-3470 18 Jun 2014 1.9 (v2) Low Pass Woltlab Burning Board pms.php folderid Parameter XSS CVE-2005-1327 12 May 2005 4.3 (v2) Medium Pass Better WP Security Plugin for WordPress Multiple XSS CVE-2012-4263 CVE-2012-4264 31 Mar 2014 4.3 (v2) Medium Pass SSH Tectia Server SFTP Filename Logging Format String CVE-2006-0705 15 Feb 2006 5 (v2) Medium Pass Cloudera Manager Default Credentials 26 Jun 2014 10 (v2) Critical Pass Apache Tomcat 6.0.x < 6.0.43 Multiple Vulnerabilities (POODLE) CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-513905 Mar 2015 7.3 (v3) High Pass Serv-U FTP Server < 15.1.0.458 Multiple Vulnerabilities 04 Jul 2014 6.4 (v2) Medium Pass OSSIM < 4.3.3.1 tele_stats.php SQL Injection 25 Jun 2014 7.5 (v2) High Pass IMAP Service STARTTLS Plaintext Command Injection CVE-2011-0411 CVE-2011-1926 10 Mar 2011 4 (v2) Medium Pass Symantec Data Insight < 4.5 Multiple Vulnerabilities (SYM14-012) CVE-2014-3432 CVE-2014-3433 03 Jul 2014 4.3 (v2) Medium Pass NETGEAR GS105PE Pro Safe Switch Hard-coded Credentials CVE-2014-2969 11 Jul 2014 8.3 (v2) High Pass SNMP 'GETBULK' Reﬂection DDoS 11 Jul 2014 5 (v2) Medium Pass VMware ESX / ESXi NFC Traﬃc Handling DoS (VMSA-2013-0011) (remote check) CVE-2013-1661 04 Mar 2016 4.3 (v2) Medium Pass ManageEngine Desktop Central < 9 build 90103 XSRF CVE-2014-9331 25 Mar 2015 6.8 (v2) Medium Pass HP SiteScope Unspeciﬁed Authentication Bypass CVE-2014-2614 09 Jul 2014 7.5 (v2) High Pass MailPoet Newsletters for WordPress Arbitrary File Upload CVE-2014-4725 16 Jul 2014 8.8 (v3) High Pass IBM Storwize V7000 Uniﬁed Service Account Unspeciﬁed Local Privilege Escalation CVE-2014-3043 24 Jul 2014 6.5 (v2) Medium Pass WebTitan 'categories-x.php' 'sortkey' Parameter SQL Injection CVE-2014-4307 18 Jul 2014 7.5 (v2) High Pass Autodesk VRED Python API Remote Code Execution CVE-2014-2967 24 Jul 2014 10 (v2) Critical Pass VMware Harbor 1.8.x < 1.8.4 (VMSA-2019-0016) CVE-2019-16919 22 Oct 2019 7.5 (v3) High Pass Junos OS: Cross-Site Scripting (XSS) in J-Web (JSA10986) CVE-2020-1607 17 Jan 2020 7.5 (v3) High Pass OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 30 Jan 2017 5.9 (v3) Medium Pass Cisco ONS 15454 Controller Card DoS (CSCug97416) CVE-2014-2141 10 Apr 2014 4 (v2) Medium Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0015) (remote check) CVE-2009-2409 CVE-2009-3245 CVE-2009-3555 CVE-2009-3767 CVE-2010-0433 CVE-2010-0734 CVE-2010-0826 CVE-2010-1646 08 Mar 2016 10 (v2) Critical Pass NetIQ Sentinel < 7.4.1 Multiple Vulnerabilities CVE-2014-3576 CVE-2015-0851 26 Apr 2016 5 (v2) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities CVE-2013-6323 CVE-2013-6329 CVE-2013-6438 CVE-2013-6738 CVE-2013-6747 CVE-2014-0050 CVE-2014-0076 CVE-2014-0098 CVE-2014-0453 CVE-2014-0460 CVE-2014-0823 CVE-2014-0857 CVE-2014-0859 CVE-2014-0878 CVE-2014-0891 CVE-2014-0963 CVE-2014-0965 CVE-2014-302204 Aug 2014 7.5 (v2) High Pass EMC Documentum D2 Privilege Escalation (ESA-2014-067) CVE-2014-2515 21 Aug 2014 8.5 (v2) High Pass HP LaserJet Printers Unspeciﬁed Information Disclosure (HPSBPI03546) CVE-2016-2244 15 Mar 2016 5.9 (v3) Medium Pass Juniper Junos Fragmented TCP Packet Sequence Handling DoS (JSA10696) CVE-2014-6449 21 Oct 2015 5 (v2) Medium Pass Allegro RomPager HTTP Cookie Management Remote Code Execution Vulnerability (Misfortune Cookie) CVE-2014-9222 CVE-2014-9223 30 Dec 2014 10 (v2) Critical Pass Juniper Junos jdhcpd crash denial of service (JSA10926) CVE-2019-0037 19 Apr 2019 7.5 (v3) High Pass HP StoreVirtual Storage Remote Unauthorized Access CVE-2013-2352 10 Apr 2014 9.4 (v2) High Pass Barco ClickShare Device Default Credentials 19 Aug 2014 10 (v2) Critical Pass Apache Traﬃc Server 4.x < 4.2.1.1 / 5.x < 5.0.1 Synthetic Health Check Vulnerability CVE-2014-3525 22 Jan 2015 10 (v2) Critical Pass IBM Rational License Key Server Administration and Reporting Tool Default Credentials 16 Sep 2014 7.5 (v2) High Pass Fortinet FortiOS User Interface Default Credentials 15 Apr 2014 10 (v2) Critical Pass Splunk 6.x < 6.0.3 Multiple OpenSSL Vulnerabilities (Heartbleed) CVE-2013-4353 CVE-2014-0160 16 Apr 2014 7.5 (v3) High Pass phpMyAdmin 3.4.x < 3.4.6 XSS (PMASA-2011-16) CVE-2011-4064 26 Oct 2011 4.3 (v2) Medium Pass Oracle Real User Experience Insight October 2014 CPU CVE-2014-6557 26 Jan 2015 4.9 (v2) Medium Pass Palo Alto Networks PAN-OS HTTP Header Handling URL Filter Bypass (PAN-SA-2016-0006) 28 Apr 2016 5 (v2) Medium Pass SYAC DigiEye Backdoor Detection 10 Sep 2014 9.3 (v2) High Pass Oracle GlassFish Server 3.0.1 / 3.1.2 / Enterprise 2.1.1 DoS CVE-2012-3155 05 Sep 2014 5 (v2) Medium Pass F5 Networks rsync RCE CVE-2014-2927 14 Oct 2014 9.3 (v2) High Pass ManageEngine DeviceExpert Unauthorized Information Disclosure CVE-2014-5377 04 Sep 2014 5 (v2) Medium Pass OpenSSL 1.x < 1.0.0f Multiple Vulnerabilities CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 09 Jan 2012 5 (v2) Medium Pass FreeNAS WebGUI Blank Password CVE-2014-5334 18 Sep 2014 9.8 (v3) Critical Pass ManageEngine EventLog Analyzer Default Credentials 02 Sep 2014 7.5 (v2) High Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.14 / 7.1.x < 7.1.9 Multiple Vulnerabilities (PAN-SA-2017-0008 - PAN-SA-2017-0010)CVE-2017-7126 CVE-2017-7217 CVE-2017-7218 18 Apr 2017 7.8 (v3) High Pass Cisco Content Security Management Appliance Open Redirect Multiple Vulnerabilities (cisco-sa-sma-opn-rCVE-2020-3178drct-yPPMdsMQ) 21 May 2020 6.1 (v3) Medium Pass Juniper Junos libgd Compressed GD2 Data RCE (JSA10798) CVE-2016-3074 31 Jul 2017 9.8 (v3) Critical Pass macOS 10.13.x < 10.13.2 Multiple Vulnerabilities (Meltdown) CVE-2017-1000254 CVE-2017-13847 CVE-2017-13848 CVE-2017-13855 CVE-2017-13858 CVE-2017-13860 CVE-2017-13862 CVE-2017-13865 CVE-2017-13867 CVE-2017-13868 CVE-2017-13869 CVE-2017-13871 CVE-2017-13872 CVE-2017-13875 CVE-2017-13876 CVE-2017-13878 CVE-2017-13883 CVE-2017-13886 CVE-2017-13887 CVE-2017-13892 CVE-2017-13904 CVE-2017-13905 CVE-2017-13911 CVE-2017-15422 CVE-2017-3735 CVE-2017-5754 CVE-2017-7151 CVE-2017-7154 CVE-2017-7155 CVE-2017-7158 CVE-2017-7159 CVE-2017-7162 CVE-2017-7163 CVE-2017-7171 CVE-2017-7172 CVE-2017-7173 CVE-2017-979807 Dec 2017 7.8 (v3) High Pass ESXi 5.5 < Build 1980513 glibc Library Multiple Vulnerabilities (remote check) CVE-2013-0242 CVE-2013-1914 09 Oct 2014 5 (v2) Medium Pass HP Printers Security Bypass (HPSBPI03107) CVE-2014-0224 09 Oct 2014 5.8 (v2) Medium Pass TIBCO Spotﬁre Analytics Server Authentication Module Unspeciﬁed Information Disclosure CVE-2012-0690 13 Oct 2014 5 (v2) Medium Pass TIBCO Spotﬁre Server Authentication Module Unspeciﬁed Remote Code Execution CVE-2014-2544 13 Oct 2014 7.5 (v2) High Pass TIBCO Spotﬁre Server Unsupported Version Detection 13 Oct 2014 10 (v3) Critical Pass TIBCO Spotﬁre Server Authentication Module Unspeciﬁed Privilege Escalation CVE-2014-5285 13 Oct 2014 7.5 (v2) High Pass Lexmark Printer conﬁg.html Administrator Authentication Bypass (FREAK) CVE-2015-0204 CVE-2015-1637 19 Oct 2015 4.3 (v2) Medium Pass Apple iTunes < 12.0.1 Multiple Vulnerabilities (uncredentialed check) CVE-2013-2871 CVE-2013-2875 CVE-2013-2909 CVE-2013-2926 CVE-2013-2927 CVE-2013-2928 CVE-2013-5195 CVE-2013-5196 CVE-2013-5197 CVE-2013-5198 CVE-2013-5199 CVE-2013-5225 CVE-2013-5228 CVE-2013-6625 CVE-2013-6635 CVE-2013-6663 CVE-2014-1268 CVE-2014-1269 CVE-2014-1270 CVE-2014-1289 CVE-2014-1290 CVE-2014-1291 CVE-2014-1292 CVE-2014-1293 CVE-2014-1294 CVE-2014-1298 CVE-2014-1299 CVE-2014-1300 CVE-2014-1301 CVE-2014-1302 CVE-2014-1303 CVE-2014-1304 CVE-2014-1305 CVE-2014-1307 CVE-2014-1308 CVE-2014-1309 CVE-2014-1310 CVE-2014-1311 CVE-2014-1312 CVE-2014-1313 CVE-2014-1323 CVE-2014-1324 CVE-2014-1325 CVE-2014-1326 CVE-2014-1327 CVE-2014-1329 CVE-2014-1330 CVE-2014-1331 CVE-2014-1333 CVE-2014-1334 CVE-2014-1335 CVE-2014-1336 CVE-2014-1337 CVE-2014-1338 CVE-2014-1339 CVE-2014-1340 CVE-2014-1341 CVE-2014-1342 CVE-2014-1343 CVE-2014-1344 CVE-2014-1362 CVE-2014-1363 CVE-2014-1364 CVE-2014-1365 CVE-2014-1366 CVE-2014-1367 CVE-2014-1368 CVE-2014-1382 CVE-2014-1384 CVE-2014-1385 CVE-2014-1386 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-1390 CVE-2014-1713 CVE-2014-1731 CVE-2014-4410 CVE-2014-4411 CVE-2014-4412 CVE-2014-4413 CVE-2014-4414 CVE-2014-441521 Oct 2014 10 (v2) Critical Pass macOS 10.13.x < 10.13.5 Multiple Vulnerabilities CVE-2018-4141 CVE-2018-4159 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2018-4184 CVE-2018-4193 CVE-2018-4194 CVE-2018-4196 CVE-2018-4198 CVE-2018-4202 CVE-2018-4211 CVE-2018-4217 CVE-2018-4219 CVE-2018-4221 CVE-2018-4223 CVE-2018-4224 CVE-2018-4225 CVE-2018-4226 CVE-2018-4227 CVE-2018-4228 CVE-2018-4229 CVE-2018-4230 CVE-2018-4234 CVE-2018-4235 CVE-2018-4236 CVE-2018-4237 CVE-2018-4240 CVE-2018-4241 CVE-2018-4242 CVE-2018-4243 CVE-2018-4249 CVE-2018-4251 CVE-2018-4253 CVE-2018-4254 CVE-2018-4255 CVE-2018-4256 CVE-2018-4257 CVE-2018-4258 CVE-2018-4404 CVE-2018-4478 CVE-2018-5383 CVE-2018-758405 Jun 2018 9.8 (v3) Critical Pass HP Operations Manager / Operations Agent < 11.13 XSS (HPSBMU03126) CVE-2014-2647 22 Oct 2014 4.3 (v2) Medium Pass Oracle Business Transaction Management 'FlashTunnelService' 'WriteToFile' Message RCE 31 Oct 2014 10 (v2) Critical Pass macOS 10.13.x < 10.13.6 Multiple Vulnerabilities CVE-2017-0898 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2018-3665 CVE-2018-4178 CVE-2018-4248 CVE-2018-4259 CVE-2018-4268 CVE-2018-4269 CVE-2018-4276 CVE-2018-4277 CVE-2018-4280 CVE-2018-4283 CVE-2018-4285 CVE-2018-4286 CVE-2018-4287 CVE-2018-4288 CVE-2018-4289 CVE-2018-4291 CVE-2018-4293 CVE-2018-4456 CVE-2018-4470 CVE-2018-5383 CVE-2018-6797 CVE-2018-6913 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-878017 Jul 2018 9.8 (v3) Critical Pass Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image SignaturCVE-2019-1810e Veriﬁcation Vulnerability 07 Jun 2019 6.7 (v3) Medium Pass SolarWinds Log and Event Manager Unsupported Version Detection 07 Nov 2014 10 (v2) Critical Pass SolarWinds Log and Event Manager Default Credentials 07 Nov 2014 10 (v2) Critical Pass IBM Tivoli Endpoint Manager Server 9.1.x < 9.1.1117.0 OpenSSL Security Bypass CVE-2014-0224 19 Nov 2014 5.8 (v2) Medium Pass AFP Server Network Interface Enumeration CVE-2014-4426 24 Nov 2014 4.3 (v2) Medium Pass Google Calendar Events Plugin for WordPress 'admin-ajax.php' XSS CVE-2014-7138 21 Nov 2014 4.3 (v2) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 2 Multiple Vulnerabilities CVE-2011-1376 CVE-2011-1377 CVE-2011-4889 04 Apr 2012 4.6 (v2) Medium Pass Apache Traﬃc Server Host HTTP XSS 28 Nov 2014 4.3 (v2) Medium Pass IlohaMail read_message.php Attachment Multiple Field XSS CVE-2005-1120 14 Apr 2005 4.3 (v2) Medium Pass Splunk Enterprise 6.0.x < 6.0.6 Multiple Vulnerabilities CVE-2014-3511 CVE-2014-8303 04 Dec 2014 4.3 (v2) Medium Pass Isilon OneFS SNMP Detection 14 Aug 2018 None Pass Mac OS X < 10.11.1 Multiple Vulnerabilities CVE-2012-6151 CVE-2014-3565 CVE-2015-0235 CVE-2015-0273 CVE-2015-5924 CVE-2015-5925 CVE-2015-5926 CVE-2015-5927 CVE-2015-5932 CVE-2015-5933 CVE-2015-5934 CVE-2015-5935 CVE-2015-5936 CVE-2015-5937 CVE-2015-5938 CVE-2015-5939 CVE-2015-5940 CVE-2015-5942 CVE-2015-5943 CVE-2015-5944 CVE-2015-5945 CVE-2015-6563 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 CVE-2015-6974 CVE-2015-6975 CVE-2015-6976 CVE-2015-6977 CVE-2015-6978 CVE-2015-6980 CVE-2015-6983 CVE-2015-6984 CVE-2015-6985 CVE-2015-6987 CVE-2015-6988 CVE-2015-6989 CVE-2015-6990 CVE-2015-6991 CVE-2015-6992 CVE-2015-6993 CVE-2015-6994 CVE-2015-6995 CVE-2015-6996 CVE-2015-7003 CVE-2015-7006 CVE-2015-7007 CVE-2015-7008 CVE-2015-7009 CVE-2015-7010 CVE-2015-7015 CVE-2015-7016 CVE-2015-7017 CVE-2015-7018 CVE-2015-7019 CVE-2015-7020 CVE-2015-7021 CVE-2015-7023 CVE-2015-7024 CVE-2015-703529 Oct 2015 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < 6.1.0.33 Multiple Vulnerabilities CVE-2010-0778 CVE-2010-0779 CVE-2010-0781 CVE-2010-3186 28 Sep 2010 10 (v2) Critical Pass SSL Certiﬁcate Chain Contains Weak RSA Keys 24 Jul 2012 4 (v2) Medium Pass Cisco TelePresence Multipoint Switch XML-RPC DoS (cisco-sa-20110223-telepresence-ctms) CVE-2011-0390 27 Jul 2012 7.8 (v2) High Pass MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass CVE-2012-2122 02 Aug 2012 5.6 (v3) Medium Pass sipXtapi INVITE Message CSeq Field Header Remote Overﬂow CVE-2006-3524 25 Jul 2006 7.5 (v2) High 99

Pass Appweb 3.1.x / 3.2.x / 3.3.x < 3.3.3 mprUrlEncode Function Heap Overﬂow Vulnerability 02 Aug 2012 6.8 (v2) Medium Pass Symantec Web Gateway search.php SQL Injection (SYM12-011) CVE-2012-2961 06 Aug 2012 7.5 (v2) High Pass Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities CVE-2011-2895 CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 CVE-2015-3807 CVE-2015-5333 CVE-2015-5334 CVE-2015-6908 CVE-2015-7001 CVE-2015-7038 CVE-2015-7039 CVE-2015-7040 CVE-2015-7041 CVE-2015-7042 CVE-2015-7043 CVE-2015-7044 CVE-2015-7045 CVE-2015-7046 CVE-2015-7047 CVE-2015-7052 CVE-2015-7053 CVE-2015-7054 CVE-2015-7058 CVE-2015-7059 CVE-2015-7060 CVE-2015-7061 CVE-2015-7062 CVE-2015-7063 CVE-2015-7064 CVE-2015-7065 CVE-2015-7066 CVE-2015-7067 CVE-2015-7068 CVE-2015-7071 CVE-2015-7073 CVE-2015-7074 CVE-2015-7075 CVE-2015-7076 CVE-2015-7077 CVE-2015-7078 CVE-2015-7081 CVE-2015-7083 CVE-2015-7084 CVE-2015-7094 CVE-2015-7105 CVE-2015-7106 CVE-2015-7107 CVE-2015-7108 CVE-2015-7109 CVE-2015-7110 CVE-2015-7111 CVE-2015-7112 CVE-2015-7115 CVE-2015-7116 CVE-2015-7803 CVE-2015-780410 Dec 2015 10 (v2) Critical Pass HP Network Automation Multiple Remote Vulnerabilities (HPSBMU03264) CVE-2014-7886 23 Apr 2015 6.8 (v2) Medium Pass Juniper Junos J-Web Service Privilege Escalation (JSA10754) CVE-2016-1279 22 Jul 2016 10 (v2) Critical Pass Juniper Junos Certiﬁcate Validation Bypass (JSA10755) CVE-2016-1280 22 Jul 2016 5.8 (v2) Medium Pass Scrutinizer Default Credentials Check 20 Aug 2012 7.5 (v2) High Pass Scrutinizer < 9.5.2 d4d/statusFilter.php q Parameter SQL Injection CVE-2012-2962 20 Aug 2012 6.5 (v2) Medium Pass SquidClamav Specially Crafted Character Parsing Remote DoS CVE-2012-3501 10 Sep 2012 5 (v2) Medium Pass ManageEngine Security Manager Plus Default Administrator Credentials 10 Dec 2012 7.5 (v2) High Pass Novell eDirectory < 8.8 SP6 Patch 5 Multiple Vulnerabilities CVE-2010-1929 29 Aug 2012 9 (v2) High Pass VNC Server 'password' Password 29 Aug 2012 10 (v2) Critical Pass macOS 10.14.x < 10.14.4 Multiple Vulnerabilities CVE-2018-12015 CVE-2018-18311 CVE-2018-18313 CVE-2019-6207 CVE-2019-6237 CVE-2019-6239 CVE-2019-7293 CVE-2019-8502 CVE-2019-8504 CVE-2019-8507 CVE-2019-8508 CVE-2019-8510 CVE-2019-8511 CVE-2019-8513 CVE-2019-8514 CVE-2019-8516 CVE-2019-8517 CVE-2019-8519 CVE-2019-8520 CVE-2019-8521 CVE-2019-8522 CVE-2019-8526 CVE-2019-8527 CVE-2019-8529 CVE-2019-8530 CVE-2019-8533 CVE-2019-8537 CVE-2019-8540 CVE-2019-8542 CVE-2019-8545 CVE-2019-8546 CVE-2019-8549 CVE-2019-8550 CVE-2019-8552 CVE-2019-8555 CVE-2019-8561 CVE-2019-856527 Mar 2019 9.8 (v3) Critical Pass Kibana ESA-2018-06 CVE-2018-3823 25 Jan 2019 5.4 (v3) Medium Pass WAS Target Discovery for PCI 24 Jan 2019 None Pass Juniper Junos FreeBSD libc db Information Disclosure (JSA10756) CVE-2009-1436 22 Jul 2016 4.9 (v2) Medium Pass Cloudsafe365 Plugin for WordPress 'ﬁle' Parameter Traversal Arbitrary File Access 07 Sep 2012 5 (v2) Medium Pass DNS over TLS Server Detection 22 Mar 2021 None Pass JBoss Java Object Deserialization RCE CVE-2012-0874 CVE-2015-7501 10 Dec 2015 9.8 (v3) Critical Pass Mac Photo Gallery for WordPress 'albid' Parameter Traversal Arbitrary File Access 19 Sep 2012 5 (v2) Medium Pass Authentec UPEK Protector Suite Weak Password Storage 18 Oct 2012 2.1 (v2) Low Pass Mac Photo Gallery Plugin for WordPress 'macphtajax.php' Access Restriction Bypass 26 Sep 2012 5 (v2) Medium Pass OpenStack Keystone Default Credentials 27 Sep 2012 7.5 (v2) High Pass Yawcam Web Server Traversal Arbitrary File Access CVE-2005-1230 02 May 2005 5 (v2) Medium Pass ZEN Load Balancer global.conf Information Disclosure 28 Sep 2012 5.3 (v3) Medium Pass AttachmateWRQ Reﬂection for Secure IT Server < 6.0 Build 24 Multiple Vulnerabilities CVE-2005-2770 CVE-2005-2771 06 Sep 2005 4.6 (v2) Medium Pass Juniper Junos Crafted UDP Packet Handling DoS (JSA10758) CVE-2016-1263 22 Jul 2016 7.8 (v2) High Pass Transport Layer Security (TLS) Protocol CRIME Vulnerability CVE-2012-4929 CVE-2012-4930 16 Oct 2012 2.6 (v2) Low Pass RaidenFTPD Multiple Command Traversal Arbitrary File Access CVE-2001-0491 11 May 2005 6.4 (v2) Medium Pass SSL Root Certiﬁcation Authority Distrusted 17 Apr 2019 6.5 (v3) Medium Pass Xerox Document Centre Web Server Unspeciﬁed Unauthorized Access (XRX05-003) CVE-2005-1936 14 May 2005 7.5 (v2) High Pass Dream4 Koobi CMS index.php area Parameter SQL Injection CVE-2005-1373 16 Jun 2005 7.5 (v2) High Pass web-app.org WebAPP Encoded Request .dat File Disclosure CVE-2005-0927 17 May 2005 5 (v2) Medium Pass HP/H3C and Huawei SNMP User Data Information Disclosure CVE-2012-3268 30 Oct 2012 8.5 (v2) High Pass ManageEngine OpStor Default Administrator Credentials 01 Nov 2012 7.5 (v2) High Pass CoSoSys Endpoint Protector 4 Predictable Password CVE-2012-2994 16 Nov 2012 7.5 (v2) High Pass SolarWinds Orion NPM < 9.5 Login.asp SQLi 12 Nov 2012 7.5 (v2) High Pass MS12-073: Vulnerabilities in Microsoft IIS Could Allow Information Disclosure (2733829) (uncredentialed check)CVE-2012-2532 16 Nov 2012 5.3 (v3) Medium Pass Juniper Junos VPLS Ethernet Frame MAC Address Remote DoS (JSA10750) CVE-2016-1275 22 Jul 2016 6.1 (v2) Medium Pass Novell File Reporter Agent FSFUI UICMD 126 Arbitrary File Download CVE-2012-4958 20 Nov 2012 7.8 (v2) High Pass NetIQ Privileged User Manager Default Admin Password 21 Nov 2012 10 (v2) Critical Pass McAfee WebShield SMTP Unsupported 03 Dec 2012 10 (v2) Critical Pass Juniper Junos SRX Series Application Layer Gateway DoS (JSA10751) CVE-2016-1276 22 Jul 2016 7.8 (v2) High Pass Juniper Junos Crafted ICMP Packet DoS (JSA10752) CVE-2016-1277 22 Jul 2016 7.8 (v2) High Pass ManageEngine Applications Manager Default Administrator Credentials 05 Dec 2012 7.5 (v2) High Pass Oracle Primavera Uniﬁer Multiple Vulnerabilities (Oct 2018 CPU) CVE-2018-3148 CVE-2018-12023 01 Nov 2018 6.1 (v3) Medium Pass ESXi 5.1 < Build 2323236 Third-Party Libraries Multiple Vulnerabilities (remote check) (BEAST) CVE-2011-3389 CVE-2012-0845 CVE-2012-0876 CVE-2012-1150 CVE-2013-0242 CVE-2013-1752 CVE-2013-1914 CVE-2013-2877 CVE-2013-4238 CVE-2013-4332 CVE-2014-0015 CVE-2014-0138 CVE-2014-019112 Dec 2014 6.4 (v2) Medium Pass NetIQ Privileged User Manager Password Change Authentication Bypass (version check) CVE-2012-5930 07 Dec 2012 6.4 (v2) Medium Pass Cisco Small Business RV320 and RV325 Routers Multiple Vulnerabilities CVE-2019-1827 CVE-2019-1828 15 Apr 2019 8.1 (v3) High Pass Slideshow Plugin for WordPress 'settings.php' Multiple Parameter XSS 19 Dec 2012 4.3 (v2) Medium Pass HP LaserJet XSS Vulnerability CVE-2012-3272 15 Jan 2013 4.3 (v2) Medium Pass Apple TV < 12.1.1 Multiple Vulnerabilities CVE-2018-4303 CVE-2018-4431 CVE-2018-4435 CVE-2018-4436 CVE-2018-4437 CVE-2018-4438 CVE-2018-4441 CVE-2018-4442 CVE-2018-4443 CVE-2018-4447 CVE-2018-4460 CVE-2018-4461 CVE-2018-4464 CVE-2018-446521 Dec 2018 8.8 (v3) High Pass IronMail IronWebMail IM_FILE Identiﬁer Encoded Traversal Arbitrary File Access CVE-2006-5210 20 Oct 2006 5 (v2) Medium Pass Dell OpenManage Server Administrator index_main.htm DOM-based XSS CVE-2012-6272 11 Jan 2013 4.3 (v2) Medium Pass Google Doc Embedder Plugin for WordPress 'File' Parameter Traversal Arbitrary File Disclosure CVE-2012-4915 24 Jan 2013 5 (v2) Medium Pass NetIQ Privileged User Manager regclnt.dll Directory Traversal CVE-2012-5931 24 Jan 2013 5.5 (v2) Medium Pass Kibana ESA-2018-08 CVE-2018-3824 25 Jan 2019 6.1 (v3) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 7 Multiple Vulnerabilities CVE-2012-2098 CVE-2013-0169 CVE-2013-0597 CVE-2013-1768 CVE-2013-1862 CVE-2013-1896 CVE-2013-2967 CVE-2013-2976 CVE-2013-3029 CVE-2013-4004 CVE-2013-400523 Aug 2013 7.5 (v2) High Pass ManageEngine AssetExplorer Detection 24 Jan 2013 None Pass ManageEngine AssetExplorer Default Administrator Credentials 24 Jan 2013 7.5 (v2) High Pass Silver Peak VX < 6.2.4 XSS CVE-2014-2975 25 Sep 2014 4.3 (v2) Medium Pass Browser Rejector Plugin for WordPress 'wppath' Parameter Remote File Inclusion 25 Jan 2013 7.5 (v2) High Pass Portable phpMyAdmin Plugin for WordPress 'wp-pma-mod' Authentication Bypass CVE-2012-5469 25 Jan 2013 7.5 (v2) High Pass GRAND Flash Album Gallery Plugin for WordPress 'f' Parameter Traversal Arbitrary Directory Enumeration 28 Jan 2013 5 (v2) Medium Pass MySQL Protocol Remote User Enumeration CVE-2012-5615 28 Jan 2013 5 (v2) Medium Pass WordPress 'xmlrpc.php' pingback.ping Server-Side Request Forgery CVE-2013-0235 04 Feb 2013 6.4 (v2) Medium Pass UnrealIRCd Unspeciﬁed DoS 06 Feb 2013 5 (v2) Medium Pass EMC Avamar ADS / AVE 7.2.x < 7.2.1 Hotﬁx HOTFIX 300440 / 7.3.x < 7.3.1 Hotﬁx 300439 / 7.4.x < 7.4.1 HotCVE-2018-11066 CVE-2018-11067ﬁx 300438 / 7.5.0 < 7.5.0 Hotﬁx 300441 / 7.5.1 < 7.5.1 Hotﬁx 300442 / 18.1 < 18.1 Hotﬁx 300443 Multiple Vulnerabilities (DSA-2018-145)30 Nov 2018 9.8 (v3) Critical Pass Voice Vulnerabilities in Cisco IOS and Cisco Uniﬁed Communications Manager - Cisco Systems CVE-2007-4291 CVE-2007-4292 CVE-2007-4293 CVE-2007-4294 CVE-2007-4295 01 Sep 2010 9.3 (v2) High Pass SolarWinds Orion NPM < 10.3.1 Multiple Vulnerabilities CVE-2012-2577 CVE-2012-2602 17 Sep 2012 6.8 (v2) Medium Pass OpenSSL 1.0.1 < 1.0.1e Information Disclosure CVE-2013-0169 13 Feb 2013 2.6 (v2) Low Pass rsync < 2.5.7 Unspeciﬁed Remote Heap Overﬂow CVE-2003-0962 04 Dec 2003 7.5 (v2) High Pass Oracle Application Express (Apex) CVE-2012-1708 CVE-2012-1708 20 Feb 2013 4.3 (v2) Medium Pass Oracle Application Express (Apex) Unspeciﬁed Issues (pre 2.2.1) CVE-2006-5351 CVE-2006-5352 20 Feb 2013 10 (v2) Critical Pass Oracle Application Express (Apex) CVE-2011-3525 CVE-2011-3525 20 Feb 2013 6.5 (v2) Medium Pass ShadowIRCd m_capab.c Denial of Service CVE-2012-6084 11 Mar 2013 5 (v2) Medium Pass Cisco Prime LAN Management Solution Web Detection 21 Feb 2013 None Pass Nagios XI 2011R1.9 Multiple SQL Injection Vulnerabilities 19 Feb 2013 6.5 (v2) Medium Pass Cisco IOS IPS Denial of Service Vulnerability - Cisco Systems CVE-2008-2739 01 Sep 2010 7.8 (v2) High Pass Buﬀalo LinkStation Direct Request Remote File Disclosure 27 Feb 2013 5 (v2) Medium Pass W3 Total Cache Plugin for WordPress Cache File Direct Request Information Disclosure 04 Mar 2013 4.3 (v2) Medium Pass Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities - Cisco Systems CVE-2009-0633 CVE-2009-0634 01 Sep 2010 7.8 (v2) High Pass VMware vCenter Server Denial of Service (VMSA-2012-0018) CVE-2012-6326 12 Mar 2013 7.8 (v2) High Pass CVS < 1.11.17 / 1.12.9 Multiple Vulnerabilities CVE-2004-0414 CVE-2004-0416 CVE-2004-0417 CVE-2004-0418 CVE-2004-1471 09 Jun 2004 7.1 (v2) High Pass Cuyahoga FCKEditor Misconﬁguration Unrestricted File Upload CVE-2007-0147 10 Jan 2007 5 (v2) Medium Pass LogAnalyzer asktheoracle.php 'query' Parameter XSS 05 Mar 2013 4.3 (v2) Medium Pass Foswiki Detection 06 Mar 2013 None Pass Cisco Small Business RV Series Routers Management Interface Vulnerabilities (cisco-sa-rv-routers-injection-tWC7krKQ)CVE-2020-3268 CVE-2020-3269 15 Oct 2020 7.2 (v3) High Pass War FTP Daemon 1.82 Denial of Service CVE-2013-2278 11 Mar 2013 10 (v2) Critical Pass OpenFTPD SITE MSG FTP Command Format String CVE-2004-2523 01 Aug 2004 6.5 (v2) Medium Pass Ruby ftpd Gem 'ﬁlename' Parameter Remote Command Execution 07 Mar 2013 7.5 (v2) High Pass Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability - Cisco Systems CVE-2009-0631 01 Sep 2010 7.8 (v2) High Pass Juniper Junos Packet Forwarding Engine Potential RCE (JSA10906) CVE-2019-0006 10 Jan 2019 9.8 (v3) Critical Pass Cisco IOS Software Secure Copy Privilege Escalation Vulnerability - Cisco Systems CVE-2009-0637 01 Sep 2010 9 (v2) High Pass Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability - Cisco Systems CVE-2009-0629 01 Sep 2010 7.8 (v2) High Pass Nagios XI < 2012R1.6 Multiple Vulnerabilities 18 Mar 2013 6.5 (v2) Medium Pass SQLiteManager SQLiteManager_currentTheme Cookie Traversal Local File Inclusion CVE-2007-1232 27 Feb 2007 5.1 (v2) Medium Pass SSL RC4 Cipher Suites Supported (Bar Mitzvah) CVE-2013-2566 CVE-2015-2808 05 Apr 2013 5.9 (v3) Medium Pass Junos OS: Stateless ﬁrewall ﬁlter ignores IPv6 extension headers (JSA10905) CVE-2019-0005 15 Feb 2019 5.3 (v3) Medium Pass McAfee Vulnerability Manager cert_cn Parameter XSS CVE-2013-5094 29 Mar 2013 4.3 (v2) Medium Pass l2tpd < 0.68 Multiple Vulnerabilities CVE-2002-0872 CVE-2002-0873 14 Mar 2003 7.5 (v2) High Pass Cisco NX-OS Software Netstack DoS (cisco-sa-20190306-nxos-netstack) CVE-2019-1599 27 Mar 2020 8.6 (v3) High Pass IBM InfoSphere Data Replication Dashboard Unpassworded User Enumeration CVE-2013-0584 10 Apr 2013 5 (v2) Medium Pass IBM InfoSphere Data Replication Dashboard Default Credentials 10 Apr 2013 7.5 (v2) High Pass Cisco IOS Software WebVPN and SSLVPN Vulnerabilities - Cisco Systems CVE-2009-0626 CVE-2009-0628 01 Sep 2010 7.8 (v2) High Pass Multiple IRC Client Non-registered User parse_client_queued Saturation DoS CVE-2004-0605 10 Aug 2004 5 (v2) Medium Pass Ultimate Product Catalog Plugin for WordPress < 4.2.26 PHP Object Injection 05 Dec 2017 8.3 (v3) High Pass ESXi 5.1 < Build 911593 Multiple Vulnerabilities (remote check) CVE-2011-3048 CVE-2013-1406 CVE-2013-1659 13 Nov 2013 7.6 (v2) High Pass D-Link DIR-645 getcfg.php Admin Password Disclosure 26 Apr 2013 5 (v2) Medium Pass op5 Monitor < 5.7.3 Multiple Vulnerabilities 30 Apr 2013 3.5 (v2) Low Pass Exim with Dovecot use_shell Command Injection 10 May 2013 6.8 (v2) Medium Pass Jenkins JDK / Ant Tools Job Conﬁguration Stored XSS Vulnerability (SECURITY-624) (deprecated) CVE-2017-17383 15 Dec 2017 4.1 (v3) Medium 100

Pass HP Managed Printing Administration < 2.7.0 XSS CVE-2012-5219 30 Apr 2013 4.3 (v2) Medium Pass Lexmark Markvision Enterprise Default Credentials 06 May 2013 7.5 (v2) High Pass Lexmark Markvision Enterprise Remote Command Execution CVE-2013-3055 06 May 2013 9.3 (v2) High Pass Groovy Shell Unauthenticated Remote Command Execution CVE-2013-3055 06 May 2013 9.3 (v2) High Pass Android Emulator Telnet Port on Remote Host 11 May 2013 7.5 (v2) High Pass IBM SPSS SamplePower 3.0 < 3.0 FP 1 Multiple ActiveX Controls Arbitrary Code Execution CVE-2012-5945 CVE-2012-5946 CVE-2012-5947 CVE-2013-0593 16 May 2013 9.3 (v2) High Pass Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities CVE-2008-4546 CVE-2009-0796 CVE-2009-0946 CVE-2009-2473 CVE-2009-2474 CVE-2009-2624 CVE-2009-3793 CVE-2009-4134 CVE-2010-0001 CVE-2010-0105 CVE-2010-0205 CVE-2010-0209 CVE-2010-0211 CVE-2010-0212 CVE-2010-0397 CVE-2010-0408 CVE-2010-0434 CVE-2010-1205 CVE-2010-1297 CVE-2010-1378 CVE-2010-1449 CVE-2010-1450 CVE-2010-1752 CVE-2010-1803 CVE-2010-1811 CVE-2010-1828 CVE-2010-1829 CVE-2010-1830 CVE-2010-1831 CVE-2010-1832 CVE-2010-1833 CVE-2010-1834 CVE-2010-1836 CVE-2010-1837 CVE-2010-1838 CVE-2010-1840 CVE-2010-1841 CVE-2010-1842 CVE-2010-1843 CVE-2010-1844 CVE-2010-1845 CVE-2010-1846 CVE-2010-1847 CVE-2010-1848 CVE-2010-1849 CVE-2010-1850 CVE-2010-2160 CVE-2010-2161 CVE-2010-2162 CVE-2010-2163 CVE-2010-2164 CVE-2010-2165 CVE-2010-2166 CVE-2010-2167 CVE-2010-2169 CVE-2010-2170 CVE-2010-2171 CVE-2010-2172 CVE-2010-2173 CVE-2010-2174 CVE-2010-2175 CVE-2010-2176 CVE-2010-2177 CVE-2010-2178 CVE-2010-2179 CVE-2010-2180 CVE-2010-2181 CVE-2010-2182 CVE-2010-2183 CVE-2010-2184 CVE-2010-2185 CVE-2010-2186 CVE-2010-2187 CVE-2010-2188 CVE-2010-2189 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 CVE-2010-2249 CVE-2010-2497 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2520 CVE-2010-2531 CVE-2010-2805 CVE-2010-2806 CVE-2010-2807 CVE-2010-2808 CVE-2010-2884 CVE-2010-2941 CVE-2010-3053 CVE-2010-3054 CVE-2010-3636 CVE-2010-3638 CVE-2010-3639 CVE-2010-3640 CVE-2010-3641 CVE-2010-3642 CVE-2010-3643 CVE-2010-3644 CVE-2010-3645 CVE-2010-3646 CVE-2010-3647 CVE-2010-3648 CVE-2010-3649 CVE-2010-3650 CVE-2010-3652 CVE-2010-3654 CVE-2010-3783 CVE-2010-3784 CVE-2010-3785 CVE-2010-3786 CVE-2010-3787 CVE-2010-3788 CVE-2010-3789 CVE-2010-3790 CVE-2010-3791 CVE-2010-3792 CVE-2010-3793 CVE-2010-3794 CVE-2010-3795 CVE-2010-3796 CVE-2010-3797 CVE-2010-3798 CVE-2010-397610 Nov 2010 10 (v2) Critical Pass VMware vCenter Server 5.5.x / 6.0.x / 6.5.x / 6.7.x Speculative Execution Side Channel Vulnerability (Foreshadow) (VMSA-2018-0020)CVE-2018-3646 15 Aug 2018 5.6 (v3) Medium Pass Xerox ColorQube 92XX Multiple OpenSSL Vulnerabilities (XRX15AD) (FREAK) (GHOST) (POODLE) CVE-2014-3566 CVE-2015-0204 CVE-2015-0235 11 Dec 2015 10 (v2) Critical Pass Palo Alto Networks PAN-OS 6.0.x < 6.0.14 Multiple Vulnerabilities 26 Aug 2016 8.8 (v3) High Pass Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities CVE-2006-7243 CVE-2010-0405 CVE-2010-1323 CVE-2010-1324 CVE-2010-1452 CVE-2010-2068 CVE-2010-2950 CVE-2010-3069 CVE-2010-3089 CVE-2010-3315 CVE-2010-3434 CVE-2010-3709 CVE-2010-3710 CVE-2010-3801 CVE-2010-3802 CVE-2010-3814 CVE-2010-3855 CVE-2010-3870 CVE-2010-4008 CVE-2010-4009 CVE-2010-4020 CVE-2010-4021 CVE-2010-4150 CVE-2010-4260 CVE-2010-4261 CVE-2010-4409 CVE-2010-4479 CVE-2010-4494 CVE-2011-0170 CVE-2011-0172 CVE-2011-0173 CVE-2011-0174 CVE-2011-0175 CVE-2011-0176 CVE-2011-0177 CVE-2011-0178 CVE-2011-0179 CVE-2011-0180 CVE-2011-0181 CVE-2011-0182 CVE-2011-0183 CVE-2011-0184 CVE-2011-0186 CVE-2011-0187 CVE-2011-0188 CVE-2011-0189 CVE-2011-0190 CVE-2011-0191 CVE-2011-0192 CVE-2011-0193 CVE-2011-0194 CVE-2011-141722 Mar 2011 7.6 (v2) High Pass Junos Space WebUI Default Credentials 31 May 2013 7.5 (v2) High Pass mDNS Detection (Local Network) 31 May 2013 None Pass HP System Management Homepage < 7.2.0.14 iprange Parameter Code Execution 22 May 2013 9.3 (v2) High Pass Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.12 / 6.3.8 / 6.4.4 or Splunk Light < 6.5.0 Multiple VulnerabilitiesCVE-2016-0772 CVE-2016-5636 CVE-2016-5699 17 Nov 2016 9.8 (v3) Critical Pass VMware vCenter Server Multiple Vulnerabilities (VMSA-2012-0005) CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 05 Jun 2013 7.5 (v2) High Pass Mac OS X 10.7 / 10.8 Unauthorized File Access (remote check) CVE-2013-0990 06 Jun 2013 4.9 (v2) Medium Pass SAP Control SOAP Web Service Remote Code Execution (SAP Note 1414444) 05 Jun 2013 10 (v2) Critical Pass Novell ZENworks Control Center File Upload Remote Code Execution (intrusive check) CVE-2013-1080 18 Jun 2013 10 (v2) Critical Pass ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2018-0027) (Remote Check) CVE-2018-6981 CVE-2018-6982 12 Nov 2018 8.8 (v3) High Pass Elasticsearch ESA-2017-18 CVE-2017-8447 22 Aug 2018 6.5 (v3) Medium Pass GroundWork Monitor Enterprise Default Credentials 28 Jun 2013 7.5 (v2) High Pass Cisco IOS XE Buﬀer Overﬂow Vulnerabilities (cisco-sa-sdwan-bufovulns-B5NrSHbj) CVE-2021-1300 CVE-2021-1301 23 Mar 2021 9.8 (v3) Critical Pass Joomla! Unsupported Version Detection 07 Nov 2014 10 (v3) Critical Pass Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA) CVE-2014-0076 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 03 Nov 2015 5.8 (v2) Medium Pass Acunetix Web Vulnerability Scanner 4 < 4.0.20060717 Denial of Service CVE-2007-0120 02 Apr 2014 1.9 (v2) Low Pass Cisco IOS XE SD-WAN Buﬀer Overﬂow Vulnerabilities (cisco-sa-sdwan-bufovulns-B5NrSHbj) CVE-2021-1300 CVE-2021-1301 23 Mar 2021 9.8 (v3) Critical Pass Mac OS X 10.6.x < 10.6.8 Multiple Vulnerabilities CVE-2009-3245 CVE-2010-0740 CVE-2010-2632 CVE-2010-3677 CVE-2010-3682 CVE-2010-3790 CVE-2010-3833 CVE-2010-3834 CVE-2010-3835 CVE-2010-3836 CVE-2010-3837 CVE-2010-3838 CVE-2010-3864 CVE-2010-4180 CVE-2010-4651 CVE-2011-0014 CVE-2011-0195 CVE-2011-0197 CVE-2011-0198 CVE-2011-0199 CVE-2011-0201 CVE-2011-0202 CVE-2011-0203 CVE-2011-0204 CVE-2011-0205 CVE-2011-0206 CVE-2011-0207 CVE-2011-0208 CVE-2011-0209 CVE-2011-0210 CVE-2011-0211 CVE-2011-0212 CVE-2011-0213 CVE-2011-0715 CVE-2011-0719 CVE-2011-113224 Jun 2011 10 (v2) Critical Pass Axon Virtual PBX /logon Multiple Parameter XSS CVE-2009-4038 12 Nov 2009 4.3 (v2) Medium Pass Zimbra Collaboration Server aspell.php dictionary Parameter XSS CVE-2013-1938 24 Feb 2014 4.3 (v2) Medium Pass VLC Web Interface XML Services XSS CVE-2013-3564 23 Jul 2013 4.3 (v2) Medium Pass OpenSSL 1.0.2 < 1.0.2e Multiple Vulnerabilities CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 07 Dec 2015 5 (v2) Medium Pass SAXoPRESS pbcs.dll url Parameter Traversal Arbitrary File Access CVE-2006-1771 17 Apr 2006 5 (v2) Medium Pass Cisco ONS Products Remote DoS CVE-2008-3818 25 Jul 2013 7.8 (v2) High Pass Juniper Junos IPv6 over IPv4 Security Policy Bypass (PSN-2011-07-299) 22 Aug 2011 5 (v2) Medium Pass Serv-U < 14.0.2.0 FTP Server SSL Renegotiation DoS 25 Jul 2013 5 (v2) Medium Pass Xerox WorkCentre 4260 / 4265 Multiple Vulnerabilities (XRX15AV) (FREAK) (Logjam) CVE-2015-0204 CVE-2015-3963 CVE-2015-4000 11 Dec 2015 5.8 (v2) Medium Pass BigTree CMS Detection 15 Aug 2013 None Pass ZTE F460 / F660 Cable Modems web_shell_cmd.gch Administrative Backdoor CVE-2014-2321 19 Mar 2014 10 (v2) Critical Pass Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities CVE-2010-1634 CVE-2010-2089 CVE-2011-0185 CVE-2011-0187 CVE-2011-0226 CVE-2011-0230 CVE-2011-0260 CVE-2011-1521 CVE-2011-1755 CVE-2011-1910 CVE-2011-2464 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3192 CVE-2011-3212 CVE-2011-3213 CVE-2011-3215 CVE-2011-3216 CVE-2011-3219 CVE-2011-3220 CVE-2011-3221 CVE-2011-3222 CVE-2011-3223 CVE-2011-3225 CVE-2011-3226 CVE-2011-3227 CVE-2011-3228 CVE-2011-3246 CVE-2011-3435 CVE-2011-3436 CVE-2011-343713 Oct 2011 10 (v2) Critical Pass Puppet Enterprise 3.x < 3.1.2 DTLS Retransmission DoS CVE-2013-6450 21 Mar 2014 5.8 (v2) Medium Pass MailEnable < 1.7 IMAP Server Multiple Vulnerabilities (ME-100008) CVE-2005-3690 CVE-2005-3691 20 Nov 2005 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.39 Multiple Vulnerabilities CVE-2009-2747 11 Feb 2010 5 (v2) Medium Pass Splunk < 5.0.8 Unspeciﬁed XSS CVE-2014-2578 28 Mar 2014 4.3 (v2) Medium Pass Cisco Video Surveillance Manager Default Administrator Credentials 12 Sep 2013 9.8 (v3) Critical Pass PatchLink Update Server nwupload.asp Traversal Arbitrary File Write CVE-2006-3426 28 Jul 2006 5 (v2) Medium Pass Cisco Digital Media Manager < 5.3 Privilege Escalation CVE-2012-0329 18 Sep 2013 9 (v2) High Pass QNAP Photo Station < 5.7.0 Cross-Site Scripting Vulnerability CVE-2018-0715 03 Oct 2018 6.1 (v3) Medium Pass HP SiteScope SOAP Call runOMAgentCommand SOAP Request Arbitrary Remote Code Execution CVE-2013-2367 19 Sep 2013 10 (v2) Critical Pass PHP 5.5.x < 5.5.32 Multiple Vulnerabilities CVE-2015-8383 CVE-2015-8386 CVE-2015-8387 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8393 CVE-2015-8394 CVE-2016-2554 CVE-2016-434211 Feb 2016 9.8 (v3) Critical Pass VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0009) (remote check) CVE-2012-1516 CVE-2012-1517 CVE-2012-2448 CVE-2012-2449 CVE-2012-2450 29 Feb 2016 9 (v2) High Pass Artica mailattach Parameter Directory Traversal 25 Oct 2010 7.8 (v2) High Pass Canon PIXMA Printer Administration Authentication Bypass CVE-2013-4613 07 Apr 2014 7.5 (v2) High Pass macOS < 10.14 Multiple Vulnerabilities CVE-2016-0702 CVE-2015-3194 CVE-2015-5333 CVE-2015-5334 CVE-2016-1777 CVE-2017-12613 CVE-2017-12618 CVE-2018-3639 CVE-2018-3646 CVE-2018-4126 CVE-2018-4153 CVE-2018-4203 CVE-2018-4295 CVE-2018-4304 CVE-2018-4308 CVE-2018-4310 CVE-2018-4321 CVE-2018-4324 CVE-2018-4326 CVE-2018-4331 CVE-2018-4332 CVE-2018-4333 CVE-2018-4334 CVE-2018-4336 CVE-2018-4337 CVE-2018-4338 CVE-2018-4340 CVE-2018-4341 CVE-2018-4343 CVE-2018-4344 CVE-2018-4346 CVE-2018-4347 CVE-2018-4348 CVE-2018-4350 CVE-2018-4351 CVE-2018-4353 CVE-2018-4354 CVE-2018-4355 CVE-2018-4383 CVE-2018-4393 CVE-2018-4395 CVE-2018-4396 CVE-2018-4399 CVE-2018-4401 CVE-2018-4406 CVE-2018-4407 CVE-2018-4408 CVE-2018-4411 CVE-2018-4412 CVE-2018-4414 CVE-2018-4417 CVE-2018-4418 CVE-2018-4425 CVE-2018-4426 CVE-2018-538318 Oct 2018 9.8 (v3) Critical Pass Default Password (artica) for 'root' Account CVE-1999-0502 25 Oct 2010 9.8 (v3) Critical Pass Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST) CVE-2011-1148 CVE-2011-1167 CVE-2011-1657 CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 CVE-2011-1938 CVE-2011-2192 CVE-2011-2202 CVE-2011-2483 CVE-2011-2895 CVE-2011-2937 CVE-2011-3182 CVE-2011-3189 CVE-2011-3246 CVE-2011-3248 CVE-2011-3249 CVE-2011-3250 CVE-2011-3256 CVE-2011-3267 CVE-2011-3268 CVE-2011-3328 CVE-2011-3348 CVE-2011-3389 CVE-2011-3422 CVE-2011-3441 CVE-2011-3444 CVE-2011-3446 CVE-2011-3447 CVE-2011-3448 CVE-2011-3449 CVE-2011-3450 CVE-2011-3452 CVE-2011-3453 CVE-2011-3457 CVE-2011-3458 CVE-2011-3459 CVE-2011-3460 CVE-2011-3462 CVE-2011-346302 Feb 2012 10 (v2) Critical Pass Artica Detection 25 Oct 2010 None Pass Revive Adserver Detection 26 Jun 2014 None 101