Lucene search
K
NucleiRecent

4143 matches found

Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•85 views

Cisco VPN Routers - Unauthenticated Arbitrary File Upload

A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...

9.8CVSS6.9AI score0.88874EPSS
Exploits0References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•18 views

FortiClient EMS - Authentication Bypass

Detects whether Fortinet hotfix FG-IR-26-099 for CVE-2026-35616 is missing by comparing behavioral responses from a certificate-authenticated endpoint. The template sends X-SSL-CLIENT-VERIFY: SUCCESS without certificate material and checks whether this spoofed header changes server behavior. id:...

9.8CVSS7.4AI score0.88505EPSS
Exploits8References2
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•3 views

ColdFusion - Path Traversal

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read and limited write access. An attacker could exploit this vulnerability to access sensitive...

9.3CVSS6.2AI score0.01577EPSS
Exploits0References1
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•110 views

Fortinet - Authentication Bypass

Fortinet FortiOS is vulnerable to an information disclosure via service-worker.js that could allow an attacker to access sensitive information.This vulnerability affects FortiOS and could potentially lead to unauthorized access to the system. id: CVE-2024-55591 info: name: Fortinet - Authenticati...

9.8CVSS7.3AI score0.98259EPSS
Exploits9References2
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•68 views

Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution

In Struts 2 before 2.3.15.1 the information following "action:", "redirect:", or "redirectAction:" is not properly sanitized and will be evaluated as an OGNL expression against the value stack. This introduces the possibility to inject server side code. id: CVE-2013-2251 info: name: Apache Struts...

9.8CVSS6.8AI score0.99998EPSS
Exploits18References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•144 views

Spring Security OAuth2 Remote Command Execution

Spring Security OAuth versions 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5 contain a remote command execution vulnerability. When processing authorization requests using the whitelabel views, the responsetype parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote comma...

8.8CVSS7.4AI score0.79176EPSS
Exploits1References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•188 views

.NET Framework - Leaking ObjRefs via HTTP .NET Remoting

.NET Framework Information Disclosure Vulnerability id: CVE-2024-29059 info: name: .NET Framework - Leaking ObjRefs via HTTP .NET Remoting author: iamnoooob,rootxharsh,DhiyaneshDk,pdresearch severity: high description: .NET Framework Information Disclosure Vulnerability impact: | Attackers can...

7.5CVSS7.2AI score0.98624EPSS
Exploits1References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•70 views

SolarWinds Web Help Desk - Hardcoded Credential

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. id: CVE-2024-28987 info: name: SolarWinds Web Help Desk - Hardcoded Credential author:...

9.1CVSS7.4AI score0.93299EPSS
Exploits5References3
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•89 views

SPIP Porte Plume Plugin - Remote Code Execution

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. id: CVE-2024-7954 info: name: SPIP Porte Plume...

9.8CVSS7.9AI score0.89947EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•115 views

WordPress Ultimate Member 2.1.3 - 2.8.2 – SQL Injection

The Ultimate Member - User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘sorting’ parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of...

9.8CVSS7.4AI score0.89431EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•86 views

Atlassian Questions For Confluence - Hardcoded Credentials

Atlassian Questions For Confluence contains a hardcoded credentials vulnerability. When installing versions 2.7.34, 2.7.35, and 3.0.2, a Confluence user account is created in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attack...

9.8CVSS7.4AI score0.9817EPSS
Exploits1References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•13 views

Fortinet FortiClientEMS 7.4.4 - SQL Injection

Fortinet FortiClientEMS version 7.4.4 and earlier contains an unauthenticated SQL injection vulnerability in the /api/v1/initconsts endpoint. The 'Site' HTTP header value is passed directly into the PostgreSQL searchpath without sanitization, allowing remote unauthenticated attackers to inject...

9.8CVSS7.7AI score0.94085EPSS
Exploits1References2
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•141 views

Alcatel-Lucent OmniPCX - Remote Command Execution

The OmniPCX web interface has a script "masterCGI" with a remote command execution vulnerability via the "user" parameter. id: CVE-2007-3010 info: name: Alcatel-Lucent OmniPCX - Remote Command Execution author: king-alexander severity: critical description: | The OmniPCX web interface has a scrip...

10CVSS7.4AI score0.97759EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•172 views

Microsoft Exchange Server SSRF Vulnerability

This vulnerability is part of an attack chain that could allow remote code execution on Microsoft Exchange Server. The initial attack requires the ability to make an untrusted connection to Exchange server port 443. Other portions of the chain can be triggered if an attacker already has access or...

9.8CVSS7.8AI score0.99999EPSS
Exploits67References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•96 views

Lucee Admin - Remote Code Execution

Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 contains an unauthenticated remote code execution vulnerability. id: CVE-2021-21307 info: name: Lucee Admin - Remote Code Execution author: dhiyaneshDk severity: critical description: Lucee Admin before versions 5.3.7.47, 5.3.6.68 or...

9.8CVSS7.8AI score0.89189EPSS
Exploits5References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•112 views

MeteoBridge <= 6.1 - Remote Code Execution

The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.This web interface exposes an endpoint that is vulnerable to command injection.Remote...

8.8CVSS7.6AI score0.94991EPSS
Exploits3References3
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•107 views

XWiki Platform - Remote Code Execution

Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity, and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 15.10.11, 16.4.1, and 16.5.0RC1. id: CVE-2025-24893 info: name: XWiki...

9.8CVSS7.9AI score0.99898EPSS
Exploits51References2
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•80 views

CrushFTP - Authentication Bypass

CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result in unauthenticated access. Remote and unauthenticated HTTP requests to CrushFTP may allow attackers to gain unauthorized access. id: CVE-2025-31161 info: name: CrushFTP - Authenticati...

9.8CVSS7.4AI score0.99947EPSS
Exploits18References4
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•79 views

Barco/AWIND OEM Presentation Platform - Remote Command Injection

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pr...

10CVSS7.3AI score0.98952EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•122 views

WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload

WordPress Backup Guard plugin before 1.6.0 is susceptible to authenticated arbitrary file upload. The plugin does not ensure that imported files are in SGBP format and extension, allowing high-privilege users to upload arbitrary files, including PHP, possibly leading to remote code execution. id:...

7.2CVSS7.5AI score0.84112EPSS
Exploits9References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•90 views

Apache Struts2 S2-008 RCE

The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method. id: CVE-2012-0392 info: name: Apache...

6.8CVSS7.8AI score0.96787EPSS
Exploits1References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•83 views

Grafana v8.x - Arbitrary File Read

Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to local files. The vulnerable URL path is /public/plugins/NAME/, where NAME is the plugin ID for any installed plugin. id: CVE-2021-43798 info: name: Grafana v8.x - Arbitrary File Read autho...

7.5CVSS7.3AI score0.88849EPSS
Exploits44References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•61 views

Atlassian Jira Limited - Local File Inclusion

Affected versions of Atlassian Jira Limited Server and Data Center are vulnerable to local file inclusion because they allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. id: CVE-2021-26086 info: name: Atlassian Jira Limited - Local...

5.3CVSS6.8AI score0.99999EPSS
Exploits6References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•77 views

Confluence - Remote Code Execution

Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability. id: CVE-2022-26134 info: name: Confluence - Remote Code Execution author: pdteam,jbertman severity: critical description: | Confluence Server and Data Center is susceptible to an...

9.8CVSS7.9AI score0.99999EPSS
Exploits76References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•82 views

Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting

Microsoft Exchange Server is vulnerable to a spoofing vulnerability. Be aware this CVE ID is unique from CVE-2021-42305. id: CVE-2021-41349 info: name: Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting author: rootxharsh,iamnoooob severity: medium description: Microsoft Exchange...

9.8CVSS7.1AI score0.99999EPSS
Exploits66References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•62 views

Hytec Inter HWL-2511-SS - Remote Command Execution

Hytec Inter HWL-2511-SS v1.05 and below was discovered to contain a command injection vulnerability via the component /www/cgi-bin/popen.cgi. id: CVE-2022-36553 info: name: Hytec Inter HWL-2511-SS - Remote Command Execution author: HuTa0 severity: critical description: | Hytec Inter HWL-2511-SS...

9.8CVSS7.1AI score0.90798EPSS
Exploits1References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•57 views

Atlassian Jira Server-Side Template Injection

Jira Server and Data Center is susceptible to a server-side template injection vulnerability via the ContactAdministrators and SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and...

9.8CVSS7.6AI score0.84621EPSS
Exploits2References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•35 views

OpenMRS Platform < 2.24.0 - Insecure Object Deserialization

OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body. id: CVE-2018-19276 info: name: OpenMRS Platform 2.24.0 - Insecure Object...

10CVSS7.4AI score0.98811EPSS
Exploits10References3
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•69 views

Apache Tomcat `CGIServlet` enableCmdLineArguments - Remote Code Execution

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by...

9.3CVSS7.4AI score0.99652EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•37 views

Zoho manageengine - Cross-Site Scripting

Zoho manageengine is vulnerable to reflected cross-site scripting. This impacts Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 via the...

6.1CVSS6.1AI score0.98463EPSS
Exploits3References4
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•65 views

Atlassian Confluence Server - Path Traversal

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 the fixed version for 6.6.x, from version 6.7.0 before 6.12.3 the fixed version for 6.12.x, from version 6.13.0 before 6.13.3 the fixed version for 6.13.x, and from version 6.14.0 before 6.14.2 the fixed version for...

10CVSS8AI score0.99913EPSS
Exploits20References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•111 views

QNAP QTS and Photo Station 6.0.3 - Remote Command Execution

This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions. id: CVE-2019-7192 info: name: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution...

9.8CVSS6.8AI score0.88213EPSS
Exploits12References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•576 views

Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution

Oracle E-Business Suite 12.2.3 through 12.2.11 is susceptible to remote code execution via the Oracle Web Applications Desktop Integrator product, Upload component. An attacker with HTTP network access can execute malware, obtain sensitive information, modify data, and/or gain full control over a...

9.8CVSS8AI score0.98342EPSS
Exploits7References6
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•45 views

Elementor Website Builder - Remote Code Execution

The Elementor Website Builder plugin for WordPress versions 3.6.0 to 3.6.2 are vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the /core/app/modules/onboarding/module.php file. This makes it possible for attackers to modify site data and upload...

8.8CVSS7.5AI score0.92658EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•77 views

Apache Tika < 1.1.8 - Header Command Injection

Apache Tika versions 1.7 to 1.17 allow clients to send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. i...

9.3CVSS7.2AI score0.93972EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•24 views

NUUO NVRmini - Remote Command Execution

NUUO NVRmini is vulnerable to unauthenticated remote command execution through the upgradehandle.php file. The vulnerability allows an attacker to execute arbitrary commands by manipulating the uploaddir parameter. id: CVE-2018-14933 info: name: NUUO NVRmini - Remote Command Execution author:...

10CVSS7.6AI score0.93746EPSS
Exploits5References3
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•94 views

Apache Tomcat JK Connect <=1.2.44 - Manager Access

Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 allows specially constructed requests to expose application functionality through the reverse proxy. It is also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is so...

7.5CVSS7AI score0.90647EPSS
Exploits0References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•63 views

ThinkPHP 5.0.23 - Remote Code Execution

An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string. id: CVE-2018-20062 info: name: ThinkPHP...

9.8CVSS7.7AI score0.9953EPSS
Exploits4References3
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•51 views

Comodo Unified Threat Management Web Console - Remote Code Execution

Comodo Firewall & Central Manager UTM All Release before 2.7.0 & 1.5.0 are susceptible to a web shell based remote code execution vulnerability. id: CVE-2018-17431 info: name: Comodo Unified Threat Management Web Console - Remote Code Execution author: dwisiswant0 severity: critical description:...

9.8CVSS7.8AI score0.83912EPSS
Exploits4References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•29 views

Aviatrix Controller - Remote Code Execution

An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloudtype for...

10CVSS7.6AI score0.98545EPSS
Exploits5References4
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•146 views

Adobe ColdFusion - Local File Read

Unauthenticated Arbitrary File Read vulnerability due to deserialization of untrusted data in Adobe ColdFusion. The vulnerability affects ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier id: CVE-2023-26360 info: name: Adobe ColdFusion - Local File Read author:...

9.8CVSS7.3AI score0.97339EPSS
Exploits13References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•204 views

Cacti cmd_realtime.php - Command Injection

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...

10CVSS7.7AI score0.94294EPSS
Exploits4References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•56 views

Palo Alto Network PAN-OS - Remote Code Execution

Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. id: CVE-2017-15944 info: name: Palo Alto Network PAN-OS - Remote Code Execution...

9.8CVSS7.7AI score0.9834EPSS
Exploits13References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•54 views

vBulletin SQL Injection

vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control that permits SQL injection attacks. id: CVE-2020-12720 info: name: vBulletin SQL Injection author: pdteam severity: critical description: vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and...

9.8CVSS7.4AI score0.88948EPSS
Exploits13References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•78 views

Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting

Jenkins Gitlab Hook 1.4.2 and earlier does not escape project names in the buildnow endpoint, resulting in a reflected cross-site scripting vulnerability. id: CVE-2020-2096 info: name: Jenkins Gitlab Hook =1.4.3 to mitigate this vulnerability. reference: -...

6.1CVSS6.3AI score0.89434EPSS
Exploits5References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•78 views

WordPress InfiniteWP <1.9.4.5 - Authorization Bypass

WordPress InfiniteWP plugin before 1.9.4.5 for WordPress contains an authorization bypass vulnerability via a missing authorization check in iwpmmbsetrequest in init.php. An attacker who knows the username of an administrator can log in, thereby making it possible to obtain sensitive information,...

9.8CVSS7.2AI score0.8787EPSS
Exploits2References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•57 views

Klog Server <=2.41 - Unauthenticated Command Injection

Klog Server 2.4.1 and prior is susceptible to an unauthenticated command injection vulnerability. The authenticate.php file uses the user HTTP POST parameter in a call to the shellexec PHP function without appropriate input validation, allowing arbitrary command execution as the apache user. The...

10CVSS7.5AI score0.87987EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•262 views

WordPress File Upload <= 4.24.11 - Arbitrary File Read

The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfufiledownloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitatio...

9.8CVSS7.3AI score0.92319EPSS
Exploits4References7
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•198 views

XML-RPC Server - Remote Code Execution

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisor namespace lookups. id: CVE-2017-11610 info: name: XML-RPC Serve...

9CVSS7.5AI score0.87544EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/07/07 4:50 p.m.•74 views

Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal - Remote Code Execution

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of GetFileWithoutZip method. The issue results from th...

9.8CVSS7.8AI score0.99288EPSS
Exploits1References5
Total number of security vulnerabilities4143