| 121039 | Missing Function Level Access Control | critical |
| 121038 | Authentication Bypass (Forced Browse) | critical |
| 121037 | Directory Traversal | critical |
| 121036 | OS Command Injection | critical |
| 119888 | Cisco Webex Meetings Desktop App < 33.6.4 Command Injection Vulnerability | high |
| 119833 | Dell iDRAC Products Multiple Vulnerabilities (December 2018) | high |
| 119778 | Flask < 0.12.3 Denial of Service Vulnerability | high |
| 119766 | PHP 7.2.x < 7.2.13 Multiple vulnerabilities | high |
| 119765 | PHP 7.1.x < 7.1.25 Multiple vulnerabilities | high |
| 119764 | PHP 5.6.x < 5.6.39 Multiple vulnerabilities | high |
| 119728 | Apache Struts 2 'method:' Prefix Arbitrary Remote Command Execution | high |
| 119677 | Kubernetes proxy request handling vulnerability (CVE-2018-1002105) | critical |
| 119615 | WordPress < 4.9.9 / 5.x < 5.0.1 Multiple Vulnerabilities | critical |
| 119601 | phpMyAdmin 4.x < 4.8.4 Multiple Vulnerabilities (PMASA-2018-6) (PMASA-2018-8) | medium |
| 119600 | phpMyAdmin 4.7.x <= 4.7.6 / 4.8.x < 4.8.4 Multiple XSRF/CSRF Vulnerabilities (PMASA-2018-7) | high |
| 119500 | Jenkins < 2.138.4 LTS / 2.150.1 LTS / 2.154 Multiple Vulnerabilities | critical |
| 119499 | Elasticsearch ESA-2015-06 | critical |
| 119461 | Logstash ESA-2014-02 | high |
| 119460 | Logstash ESA-2015-04 | medium |
| 119422 | Kibana ESA-2018-17 | critical |
| 119327 | Kubernetes 1.x < 1.10.11 / 1.11.x < 1.11.5 / 1.12.x < 1.12.3 API Server Privilege Escalation | critical |
| 119325 | Logstash JSON API Detection (deprecated) | info |
| 119324 | Elasticsearch Detection (deprecated) | info |
| 119015 | VMware vRealize Log Insight 4.6.x < 4.6.2 / 4.7.x < 4.7.1 Authorization Bypass Vulnerability (VMSA-2018-0028) | high |
| 118977 | WordPress Plugin 'AMP for WP - Accelerated Mobile Pages' < 0.9.97.20 Multiple Vulnerabilities | medium |
| 118935 | WordPress Plugin 'WP GDPR Compliance' < 1.4.3 Privilege Escalation | critical |
| 118799 | Elasticsearch ESA-2018-16 | medium |
| 118798 | Kibana ESA-2018-18 | critical |
| 118714 | Oracle Primavera Gateway Multiple Vulnerabilities (Oct 2018 CPU) | critical |
| 118713 | Atlassian JIRA XSRF, Open Redirect, and Access Control Bypass Vulnerabilities | medium |
| 118594 | Oracle Primavera Unifier Multiple Vulnerabilities (Oct 2018 CPU) | high |
| 118463 | Citrix NetScaler Gateway Cross-Site Scripting Vulnerability (CTX232199) | medium |
| 118310 | jQuery-File-Upload Arbitrary File Upload Vulnerability (Remote Check) | critical |
| 118307 | Drupal 7.x < 7.60 / 8.5.x < 8.5.8 / 8.6.x < 8.6.2 Drupal Multiple Vulnerabilities (SA-CORE-2018-006) | high |
| 118202 | Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (October 2018 CPU) | medium |
| 118147 | Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities | high |
| 118069 | Joomla! < 3.8.13 Multiple Vulnerabilities | high |
| 117906 | QNAP Photo Station WebUI Detection | info |
| 117884 | DNN (DotNetNuke) 5.0.0 < 9.2.2 Multiple Vulnerabilities | medium |
| 117861 | TP-Link Unauthenticated CGI Cross-Site Request Forgery (Remote) | critical |
| 117809 | EMC RSA Authentication Manager < 8.3 Patch 3 Multiple Vulnerabilities (DSA-2018-152) | medium |
| 117666 | Kibana ESA-2018-14 | medium |
| 117665 | Elasticsearch ESA-2018-15 | high |
| 117639 | ManageEngine Desktop Central 10 < Build 100282 Remote Privilege Escalation | high |
| 117616 | Apache Hadoop YARN ResourceManager Web Interface | info |
| 117615 | Apache Hadoop YARN ResourceManager Unauthenticated RCE (Remote) (Xbash) | critical |
| 117614 | Symantec Messaging Gateway 10.x < 10.6.6 Multiple Vulnerabilities (SYMSA1461) | critical |
| 117602 | Webmin <= 1.590 Multiple Vulnerabilities | medium |
| 117601 | Apache ActiveMQ 5.x < 5.14.0 ActiveMQ Fileserver web application remote code execution (Xbash) | critical |
| 117500 | PHP 7.2.x < 7.2.10 Transfer-Encoding Parameter XSS Vulnerability | medium |
