rdiffweb · threatengine.sh

CVE-2023-5289

< 2.8.4

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4.

8.8HIGH

CVE-2023-4138

< 2.8.0

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.0.

6.5MEDIUM

CVE-2022-4724

< 2.5.5

Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5.

9.8CRITICAL

CVE-2022-4723

< 2.5.5

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5.

6.5MEDIUM

CVE-2022-4722

< 2.5.5

Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5.

7.2HIGH

CVE-2022-4721

< 2.5.5

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prio

5.4MEDIUM

CVE-2022-4720

< 2.5.5

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5.

6.1MEDIUM

CVE-2022-4719

< 2.5.5

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5.

9.8CRITICAL

CVE-2022-4646

< 2.5.4

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4.

6.5MEDIUM

CVE-2022-4644

< 2.5.4

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4.

6.1MEDIUM

CVE-2022-4314

< 2.5.2

Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2.

9.8CRITICAL

CVE-2022-4018

<= 2.4.10

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.

4.3MEDIUM

CVE-2022-3362

< 2.5.0

Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0.

9.8CRITICAL

CVE-2022-3363

< 2.5.0

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7.

9.8CRITICAL

CVE-2022-3327

< 2.4.10

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.

9.8CRITICAL

CVE-2022-3439

< 2.5.0

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0.

9.8CRITICAL

CVE-2022-3457

< 2.5.0

Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5.

9.8CRITICAL

CVE-2022-3456

< 2.5.0

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0.

9.8CRITICAL

CVE-2022-3438

< 2.5.0

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.

6.1MEDIUM

CVE-2022-3389

< 2.4.10

Path Traversal in GitHub repository ikus060/rdiffweb prior to 2.4.10.

7.5HIGH

CVE-2022-3376

<= 2.4.10

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.

5.3MEDIUM

CVE-2022-3273

<= 2.4.10

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.

9.8CRITICAL

CVE-2022-3371

<= 2.4.9

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.

7.5HIGH

CVE-2022-3364

<= 2.4.9

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.

7.5HIGH

CVE-2022-3326

< 2.4.9

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9.

4.3MEDIUM

CVE-2022-3292

< 2.4.8

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8.

4.6MEDIUM

CVE-2022-3298

< 2.4.8

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.

7.5HIGH

CVE-2022-3290

< 2.4.8

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.

7.5HIGH

CVE-2022-3272

< 2.4.8

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.

7.5HIGH

CVE-2022-3295

< 2.4.8

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.

7.5HIGH

CVE-2022-3301

< 2.4.8

Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8.

2.4LOW

CVE-2022-3269

< 2.4.7

Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.

9.8CRITICAL

CVE-2022-3274

< 2.4.7

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7.

3.5LOW

CVE-2022-3267

< 2.4.6

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.

4.3MEDIUM

CVE-2022-3233

< 2.4.6

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.

4.3MEDIUM

CVE-2022-3250

< 2.4.6

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6.

5.3MEDIUM

CVE-2022-3232

< 2.4.5

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5.

4.3MEDIUM

CVE-2022-3221

< 2.4.3

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3.

8.8HIGH

CVE-2022-3179

< 2.4.2

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2.

8.8HIGH

CVE-2022-3175

< 2.4.2

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2.

5.3MEDIUM

CVE-2022-3174

< 2.4.2

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2.

7.5HIGH

CVE-2022-3167

< 2.4.1

Improper Restriction of Rendered UI Layers or Frames in GitHub repository ikus060/rdiffweb prior to 2.4.1.

8.8HIGH

CVE-2007-2747

<= 0.3.5

Directory traversal vulnerability in rdw_helpers.py in rdiffWeb before 0.3.5.1 allows remote attackers to read arbitrary files via

ikus soft rdiffweb