Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Critical Severity Vulnerabilities

Found 2731 vulnerabilities at Critical severity.

Reference
Title
Technology
CVE-2020-29508
Oracle HTTP Server Improper Input Validation Vulnerability
Oracle HTTP Server
CVE-2020-35163
Oracle HTTP Server Use of Insufficiently Random Values Vulnerability
Oracle HTTP Server
CVE-2021-40438
Oracle HTTP Server Server-Side Request Forgery (SSRF) Vulnerability
Oracle HTTP Server
CVE-2018-12026
Phusion Passenger Improper Link Resolution Before File Access (Link Following) Vulnerability
Phusion Passenger
CVE-2019-18802
Envoy Proxy Vulnerability
Envoy Proxy
CVE-2019-18801
Envoy Proxy Out-of-bounds Write Vulnerability
Envoy Proxy
CVE-2019-9901
Envoy Proxy Use of Incorrectly-Resolved Name or Reference Vulnerability
Envoy Proxy
CVE-2021-29492
Envoy Proxy Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Envoy Proxy
CVE-2022-21654
Envoy Proxy Improper Certificate Validation Vulnerability
Envoy Proxy
CVE-2022-29226
Envoy Proxy Missing Authentication for Critical Function Vulnerability
Envoy Proxy
CVE-2023-27487
Envoy Proxy Vulnerability
Envoy Proxy
CVE-2023-27493
Envoy Proxy Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Envoy Proxy
CVE-2023-27491
Envoy Proxy Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Envoy Proxy
CVE-2023-27488
Envoy Proxy Vulnerability
Envoy Proxy
CVE-2023-35941
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability
Envoy Proxy
CVE-2024-45806
Envoy Proxy Authorization Bypass Through User-Controlled Key Vulnerability
Envoy Proxy
CVE-2024-7207
Envoy Proxy Vulnerability
Envoy Proxy
CVE-2020-10109
TwistedHTTP Request Splitting Vulnerability
Twisted Web HTTP Server
CVE-2020-10108
TwistedHTTP Request Splitting Vulnerability
Twisted Web HTTP Server
CVE-2025-29927
Authorization Bypass in Next.js Middleware
Next.js
CVE-2014-3630
Play Framework Improper Restriction of XML External Entity Reference Vulnerability
Play Framework
CVE-2020-35190
Plone CMS Missing Authentication for Critical Function Vulnerability
Plone CMS
CVE-2020-7941
Plone CMS Improper Privilege Management Vulnerability
Plone CMS
CVE-2011-4030
Plone CMS Permissions Privileges and Access Controls Vulnerability
Plone CMS
CVE-2011-3587
Plone CMS Vulnerability
Plone CMS
CVE-2021-33509
Plone CMS Incorrect Permission Assignment for Critical Resource Vulnerability
Plone CMS
CVE-2022-38580
Skipper Server-Side Request Forgery (SSRF) Vulnerability
Skipper
CVE-2019-9629
Nexus Repository Manager Improper Authentication Vulnerability
Nexus Repository Manager
CVE-2017-17717
Nexus Repository Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability
Nexus Repository Manager
CVE-2011-3587
Zope Web Application Server Vulnerability
Zope Web Application Server