Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.130426185443

Critical Severity Vulnerabilities

Found 2905 vulnerabilities at Critical severity.

Reference
Title
Technology
CVE-2021-35474
Apache Traffic Server Out-of-bounds Write Vulnerability
Apache Traffic Server
CVE-2021-43082
Apache Traffic Server Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability
Apache Traffic Server
CVE-2023-33934
Apache Traffic Server Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Apache Traffic Server
CVE-2024-50306
Apache Traffic Server Unchecked Return Value Vulnerability
Apache Traffic Server
CVE-2020-1745
Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Undertow
CVE-2019-10212
Undertow Insertion of Sensitive Information into Log File Vulnerability
Undertow
CVE-2019-3888
Undertow Insertion of Sensitive Information into Log File Vulnerability
Undertow
CVE-2022-4492
Undertow Vulnerability
Undertow
CVE-2025-12543
Undertow Improper Input Validation Vulnerability
Undertow
CVE-2018-15727
Grafana Improper Authentication Vulnerability
Grafana
CVE-2020-27846
Grafana Signature Verification Vulnerability
Grafana
CVE-2021-41244
Grafana Externally Controlled Reference to a Resource in Another Sphere Vulnerability
Grafana
CVE-2022-26148
Grafana Cleartext Storage of Sensitive Information Vulnerability
Grafana
CVE-2022-28660
Grafana Missing Authentication for Critical Function Vulnerability
Grafana
CVE-2023-3128
Grafana Authentication Bypass by Spoofing Vulnerability
Grafana
CVE-2025-41115
Grafana Incorrect Privilege Assignment Vulnerability
Grafana
CVE-2026-27876
Grafana Improper Control of Generation of Code (Code Injection) Vulnerability
Grafana
CVE-2017-7658
Jetty Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability
Jetty
CVE-2017-7657
Jetty Integer Overflow or Wraparound Vulnerability
Jetty
CVE-2009-5047
Jetty Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Jetty
CVE-2016-4800
Jetty Improper Access Control Vulnerability
Jetty
CVE-2026-2332
Jetty Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Jetty
CVE-2018-9230
Open Resty Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Open Resty
CVE-2017-14035
CrushFTP Server Deserialization of Untrusted Data Vulnerability
CrushFTP Server
CVE-2023-43177
CrushFTP Server Improper Control of Dynamically-Managed Code Resources Vulnerability
CrushFTP Server
CVE-2024-4040
CrushFTP Server Improper Control of Generation of Code (Code Injection) Vulnerability
CrushFTP Server
CVE-2025-31161
CrushFTP Server Other Vulnerability
CrushFTP Server
CVE-2025-54309
CrushFTP Server Unprotected Alternate Channel Vulnerability
CrushFTP Server
CVE-2024-53552
CrushFTP Server Weak Password Recovery Mechanism for Forgotten Password Vulnerability
CrushFTP Server
CVE-2022-29361
Werkzeug WSGI Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Werkzeug WSGI