Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.130426185443

Critical Severity Vulnerabilities

Found 2905 vulnerabilities at Critical severity.

Reference
Title
Technology
CVE-2019-18801
Envoy Proxy Out-of-bounds Write Vulnerability
Envoy Proxy
CVE-2019-9901
Envoy Proxy Use of Incorrectly-Resolved Name or Reference Vulnerability
Envoy Proxy
CVE-2021-29492
Envoy Proxy Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Envoy Proxy
CVE-2022-21654
Envoy Proxy Improper Certificate Validation Vulnerability
Envoy Proxy
CVE-2022-29226
Envoy Proxy Missing Authentication for Critical Function Vulnerability
Envoy Proxy
CVE-2023-27487
Envoy Proxy Vulnerability
Envoy Proxy
CVE-2023-27493
Envoy Proxy Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Envoy Proxy
CVE-2023-27491
Envoy Proxy Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Envoy Proxy
CVE-2023-27488
Envoy Proxy Vulnerability
Envoy Proxy
CVE-2023-35941
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability
Envoy Proxy
CVE-2024-45806
Envoy Proxy Authorization Bypass Through User-Controlled Key Vulnerability
Envoy Proxy
CVE-2024-7207
Envoy Proxy Vulnerability
Envoy Proxy
CVE-2024-39305
Envoy Proxy Use After Free Vulnerability
Envoy Proxy
CVE-2020-10109
TwistedHTTP Request Splitting Vulnerability
Twisted Web HTTP Server
CVE-2020-10108
TwistedHTTP Request Splitting Vulnerability
Twisted Web HTTP Server
CVE-2025-29927
Authorization Bypass in Next.js Middleware
Next.js
CVE-2025-55182
Next.js Deserialization of Untrusted Data Vulnerability
Next.js
CVE-2014-3630
Play Framework Improper Restriction of XML External Entity Reference Vulnerability
Play Framework
CVE-2020-35190
Plone CMS Missing Authentication for Critical Function Vulnerability
Plone CMS
CVE-2020-7941
Plone CMS Improper Privilege Management Vulnerability
Plone CMS
CVE-2011-4030
Plone CMS Permissions Privileges and Access Controls Vulnerability
Plone CMS
CVE-2011-3587
Plone CMS Vulnerability
Plone CMS
CVE-2021-33509
Plone CMS Incorrect Permission Assignment for Critical Resource Vulnerability
Plone CMS
CVE-2022-38580
Skipper Server-Side Request Forgery (SSRF) Vulnerability
Skipper
CVE-2019-9629
Nexus Repository Manager Improper Authentication Vulnerability
Nexus Repository Manager
CVE-2017-17717
Nexus Repository Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability
Nexus Repository Manager
CVE-2019-7238
Nexus Repository Manager Vulnerability
Nexus Repository Manager
CVE-2011-3587
Zope Web Application Server Vulnerability
Zope Web Application Server
CVE-2000-0062
Zope Web Application Server Other Vulnerability
Zope Web Application Server
CVE-2018-1722
IBM WebSEAL Vulnerability
IBM WebSEAL