owasp Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by owasp
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
XSS Vulnerability in OWASP Java HTML Sanitizer
CVE-2025-66021OwaspJava-html-sanitizer8.6HIGHDenial of Service Vulnerability in ModSecurity Web Application Firewall Engine
CVE-2025-48866Owasp-modsecurityModsecurity7.5HIGHDenial of Service Vulnerability in ModSecurity by OWASP
CVE-2025-47947Owasp-modsecurityModsecurity7.5HIGHWeb Traffic Processing Vulnerability in Libmodsecurity by ModSecurity
CVE-2025-27110Owasp-modsecurityModsecurity7.9HIGHBuffer Overflow Vulnerability in ModSecurity Affects Version 3.0.12
CVE-2024-46292OWASPModsecurity7.5HIGHPrivilege Escalation Vulnerability in OWASP DefectDojo Affected by Remote Attack
CVE-2023-48171OwaspDefectdojo8.8HIGHWAF Bypass Vulnerability Affects ModSecurity v3
CVE-2024-1019Owasp ModsecurityModsecurity8.6HIGHContent-Type Confusion Vulnerability in OWASP ModSecurity Core Rule Set
CVE-2023-38199OwaspCoreruleset9.8CRITICALPartial rule set bypass in OWASP ModSecurity Core Rule Set by submitting a specially crafted HTTP Content-Type header
CVE-2022-39955OwaspModsecurity Core Rule Set7.3HIGHPartial rule set bypass in OWASP ModSecurity Core Rule Set for HTTP multipart requests using character encoding in the Content-Type or Content-Transfer-Encoding header
CVE-2022-39956OwaspModsecurity Core Rule Set7.3HIGHResponse body bypass in OWASP ModSecurity Core Rule Set via a specialy crafted charset in the HTTP Accept header
CVE-2022-39957OwaspModsecurity Core Rule Set7.3HIGHResponse body bypass in OWASP ModSecurity Core Rule Set via repeated HTTP Range header submission with a small byte range
CVE-2022-39958OwaspModsecurity Core Rule Set7.5HIGHSQL Injection Bypass Vulnerability in Modsecurity by SpiderLabs
CVE-2020-22669OwaspOwasp Modsecurity Core...9.8CRITICALPath Traversal in ESAPI
CVE-2022-23457Owasp ESAPiOrg.owasp.eSAPi:eSAPi7.5HIGHRequest Body Bypass Vulnerability in OWASP ModSecurity Core Rule Set
CVE-2021-35368OwaspOwasp Modsecurity Core...9.8CRITICALHTML Sanitizer Vulnerability in Oracle Products
CVE-2021-42575OwaspJava Html Sanitizer9.8CRITICALCSRF Vulnerability in OWASP CSRFGuard Affected by Session Token
CVE-2021-28490OwaspCsrfguard8.8HIGHDenial of Service Vulnerability in OWASP JSON Sanitizer
CVE-2021-23900OwaspJson-sanitizer7.5HIGHHTML Injection Vulnerability in OWASP JSON Sanitizer
CVE-2021-23899OwaspJson-sanitizer9.8CRITICALSQL Injection Bypass in OWASP ModSecurity Core Rule Set
CVE-2018-16384OwaspOwasp Modsecurity Core...7.5HIGHDirectory Traversal Vulnerability in OWASP Dependency-Check by OWASP
CVE-2018-12036OwaspDependency-check7.8HIGH