Web Servers Family for Nessus

ID	Name	Severity
241705	Apache Tomcat 10.1.0.M1 < 10.1.43 multiple vulnerabilities	high
241680	Apache Tomcat 9.0.0.M1 < 9.0.107 multiple vulnerabilities	high
241364	Grafana Labs 11.1.0 < 11.2.8+security-01, 11.3.5+security-01, 11.4.3+security-01, 11.5.3+security-01, 11.6.0+security-01 XSS (CVE-2025-2703)	medium
241355	Grafana Labs 10.4.x < 10.4.19, 11.2.x < 11.2.10, 11.3.x < 11.3.7, 11.4 < 11.4.5, 11.5 < 11.5.5, 11.6 < 11.6.2, 12.0.x < 12.0.1 Improper Access Control (CVE-2025-3580)	medium
241294	DLink DIR-859 1.05 & 1.06B01 Path Traversal	critical
240850	Grafana Labs < 11.6.2 Improper Input Validation (CVE-2025-1088)	low
240709	IBM WebSphere Application Server 8.5.x < 8.5.5.28 / 9.x < 9.0.5.25 (7237967)	critical
240060	Apache Tomcat 9.0.0.M1 < 9.0.106 multiple vulnerabilities	high
240059	Apache Tomcat 11.0.0.M1 < 11.0.8 multiple vulnerabilities	high
240058	Apache Tomcat 10.1.0.M1 < 10.1.42 multiple vulnerabilities	high
238431	SAP Netweaver Visual Composer Multiple Vulnerabilities (June 2025)	critical
238430	SAP NetWeaver AS ABAP Missing Authorization Check (3600840)	critical
238429	SAP NetWeaver AS ABAP Authorization Bypass Vulnerability	medium
237905	Grafana Labs < 11.6.1+security-01 Authorization Bypass (CVE-2025-3260)	medium
237500	Apache Tomcat 11.0.0.M1 < 11.0.7	low
237499	Apache Tomcat 10.1.0.M1 < 10.1.41	low
237498	Apache Tomcat 9.0.0.M1 < 9.0.105	low
237112	OpenSSL 3.5.0 < 3.5.1 Vulnerability	medium
236840	SAP Netweaver Visual Composer Multiple Vulnerabilities (May 2025)	critical
235034	Apache Tomcat 9.0.0.M1 < 9.0.104 multiple vulnerabilities	high
235033	Apache Tomcat 10.1.0.M1 < 10.1.40 multiple vulnerabilities	high
235032	Apache Tomcat 11.0.0.M1 < 11.0.6 multiple vulnerabilities	high
234858	Cisco Nexus Dashboard Web Detection	info
234847	SAP Netweaver Visual Composer Detection	info
234802	IBM WebSphere Application Server 8.5.x < 8.5.5.28 / 9.x < 9.0.5.24 (7231514)	medium
234227	SAP NetWeaver AS ABAP XSS (3559307)	medium
234226	SAP NetWeaver AS ABAP Access Control (3554667)	high
234225	SAP NetWeaver AS ABAP Authorization Bypass (3565944)	medium
234224	SAP NetWeaver AS ABAP Authorization Bypass Vulnerability	medium
234223	SAP NetWeaver AS ABAP Access Control (3568778)	medium
233965	CrushFTP < 11.3.1 Authentication Bypass (CVE-2025-31161) (Direct Check)	critical
233191	Security Updates for SimpleHelp < 5.5.8	critical
233190	SimpleHelp Detection	info
232824	IBM WebSphere eXtreme Scale 8.6.1 < 8.6.1.6 DoS (7185951)	medium
232695	SAP NetWeaver AS Java XSS (March 2025)	medium
232530	Apache Tomcat 11.0.0.M1 < 11.0.3	critical
232529	Apache Tomcat 10.1.0.M1 < 10.1.35	critical
232528	Apache Tomcat 9.0.0.M1 < 9.0.99	critical
232291	Apache Guacamole Web Detection	info
216270	SAP NetWeaver AS Java Multiple Vulnerabilities (Feb 2025)	medium
215000	Grafana Labs 10.4.x < 10.4.15 / 11.0.x < 11.0.11 / 11.1.x < 11.1.11 / 11.2.x < 11.2.6 / 11.3.x < 11.3.3 / 11.4.x < 11.4.1, 11.5.0 (cve-2024-11741)	medium
214871	IBM WebSphere Application Server Liberty 21.0.0.2 < 25.0.0.2 DoS (7181925)	medium
214870	IBM WebSphere Application Server Liberty 20.0.0.6 < 24.0.0.12 DoS (7174997)	medium
214869	IBM WebSphere Application Server Liberty 20.0.0.12 < 24.0.0.11 DoS (7173097)	high
214582	Oracle HTTP Server (January 2025 CPU)	critical
214497	SAP NetWeaver AS ABAP (3536461)	medium
214496	SAP NetWeaver AS ABAP Information Disclosure (3537476)	critical
214495	SAP NetWeaver AS ABAP (3550708)	high
214494	SAP NetWeaver AS ABAP Multiple Vulnerabilities	high
214493	SAP NetWeaver AS ABAP Privilege Escalation (3537476)	critical

Detections

Analytics

Web Servers Family for Nessus

high

high

medium

medium

critical

low

critical

high

high

high

critical

critical

medium

medium

low

low

low

medium

critical

high

high

high

info

info

medium

medium

high

medium

medium

medium

critical

critical

info

medium

medium

critical

critical

critical

info

medium

medium

medium

medium

high

critical

medium

critical

high

high

critical