HunterSuite

Title	Date	Severity
Beyondtrust Bomgar XSS CVE-2021-31589	2022-01-08	Medium
Websphere Portal SSRF	2021-12-29	High
Apache APISIX Unauth API CVE-2021-45232	2021-12-29	High
Tableau Server DOM XSS	2021-12-18	Potential
Grafana Unauth LFI	2021-12-09	High
Harbor Registry Unauthentication	2021-12-08	Low
vCenter Server LFI	2021-12-03	Critical
X Prefix Header Cache Poisoning	2021-11-25	Potential
keycloak-ssrf-cve-2020-10770	2021-11-23	Potential
Metabase GeoJSON API SSRF	2021-11-20	High
XSS vulnerability in GraphQL Playground from untrusted schemas (CVE-2021-41249)	2021-11-14	Medium
Graphql Playground XSS (CVE-2020-4038)	2021-11-14	Medium
Graphql IntrospectionQuery Enabled	2021-11-14	Low
Exchange POST based XSS (CVE-2021-41349)	2021-11-13	Potential
Grafana AngularJS XSS (CVE-2021-41174)	2021-11-07	Medium
GoCD Secret Leak	2021-11-05	High
Pre-Auth Takeover of Build Pipelines in GoCD (CVE-2021-43287)	2021-11-05	High
AEM XML External Entity (CVE-2019-8086)	2021-11-04	Critical
Sitecore Report Pre-Auth RCE	2021-11-04	Potential
Alibaba Anyproxy LFI	2021-11-04	High
Movable RCE CVE 2021-20837	2021-10-29	Critical
Tomcat Default Credentials	2021-10-27	High
AEM Default Credentials	2021-10-27	Medium
cAdvisor Container Exposed	2021-10-23	Potential
Apache Zeppelin Unauthentication Panel	2021-10-20	High
MKDocs LFI (CVE-2021-40978)	2021-10-16	High
Apache Path Traversal - CVE-2021-41773	2021-10-16	High
Apache Httpd Limited cross-site scripting in mod_proxy error page - CVE-2019-10092	2021-10-16	Low
Apache OFBiz XXE (CVE-2018-8033)	2021-10-16	High
Apache OFBiz Deserialization CVE-2020-9496	2021-10-16	High
AEM Mod_Proxy SSRF - CVE-2021-40438	2021-10-16	Critical
Aviatrix Controller RCE CVE-2021-40870	2021-10-05	Critical
Jira Service Management Prototype Pollution	2021-10-03	Medium
microstrategy SSRF	2021-09-25	Medium
MicroStrategy Information Disclosure CVE-2020-11450	2021-09-25	Potential
vCenter Unauth Upload RCE CVE-2021-22005	2021-09-25	Potential
Jira Pre Auth RCE (CVE-2021-26084)	2021-09-25	Critical
GitLab RCE via Exiftool CVE-2021-22205	2021-09-25	Critical
Omi Unauthenticated RCE (CVE-2021-38647)	2021-09-17	Potential
Grafana Unauth Snapshot Access	2021-09-15	Medium
Grafana Unauth Panel	2021-09-15	High
Grafana default credentials	2021-09-15	High
MinIO Browser API SSRF vulnerability (CVE-2021-21287)	2021-09-14	Potential
Oracle EBS XXE (CVE-2021-2400)	2021-09-13	High
AEM SSRF via SalesforceSecretServlet (CVE-2018-12809)	2021-09-13	Medium
Oracle Weblogic - cve-2017-10271	2021-09-13	Potential
Oracle Weblogic - CVE-2019-2729	2021-09-13	High
Apache AXIS XXE (CVE-2016-3473)	2021-09-13	High
AEM Metadata XSS Generic	2021-09-12	Medium
AEM Groovy Console Exposed	2021-09-12	Critical