🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Web Application Vulnerabilities
This page lists
24652 vulnerabilities
in
62 categories
.
Critical: 1632
High: 13204
Medium: 8857
Low: 888
Information: 71
Vulnerability Name
CVE
CWE
Severity
Oracle JRE Improper Access Control Vulnerability (CVE-2025-30691)
CVE-2025-30691
CWE-284
Medium
Oracle JRE Improper Access Control Vulnerability (CVE-2025-30698)
CVE-2025-30698
CWE-284
Medium
Oracle JRE Improper Access Control Vulnerability (CVE-2025-30754)
CVE-2025-30754
CWE-284
Medium
Oracle JRE Improper Access Control Vulnerability (CVE-2025-50059)
CVE-2025-50059
CWE-284
High
Oracle JRE Improper Access Control Vulnerability (CVE-2025-53057)
CVE-2025-53057
CWE-284
Medium
Oracle JRE Improper Access Control Vulnerability (CVE-2025-61748)
CVE-2025-61748
CWE-284
Low
Oracle JRE Improper Certificate Validation Vulnerability (CVE-2003-1229)
CVE-2003-1229
CWE-295
High
Oracle JRE Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2013-4578)
CVE-2013-4578
CWE-138
Medium
Oracle JRE Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-1493)
CVE-2013-1493
CWE-119
Critical
Oracle JRE Incorrect Authorization Vulnerability (CVE-2025-21502)
CVE-2025-21502
CWE-863
Medium
Oracle JRE Incorrect Conversion between Numeric Types Vulnerability (CVE-2022-34169)
CVE-2022-34169
CWE-681
High
Oracle JRE Incorrect Default Permissions Vulnerability (CVE-2024-20921)
CVE-2024-20921
CWE-276
Medium
Oracle JRE Incorrect Default Permissions Vulnerability (CVE-2024-21012)
CVE-2024-21012
CWE-276
Low
Oracle JRE Insecure Storage of Sensitive Information Vulnerability (CVE-2024-21211)
CVE-2024-21211
CWE-922
Low
Oracle JRE Observable Discrepancy Vulnerability (CVE-2024-21208)
CVE-2024-21208
CWE-203
Low
Oracle JRE Observable Discrepancy Vulnerability (CVE-2024-21210)
CVE-2024-21210
CWE-203
Low
Oracle JRE Other Vulnerability (CVE-2012-5085)
CVE-2012-5085
-
Information
Oracle JRE Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3174)
CVE-2012-3174
CWE-264
Critical
Oracle JRE Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0422)
CVE-2013-0422
CWE-264
Critical
Oracle JRE Protection Mechanism Failure Vulnerability (CVE-2026-22013)
CVE-2026-22013
CWE-693
Medium
Oracle JRE Uncontrolled Resource Consumption Vulnerability (CVE-2025-30752)
CVE-2025-30752
CWE-400
Low
Oracle JRE Uncontrolled Resource Consumption Vulnerability (CVE-2026-21945)
CVE-2026-21945
CWE-400
High
Oracle JRE Uncontrolled Resource Consumption Vulnerability (CVE-2026-22021)
CVE-2026-22021
CWE-400
Medium
Oracle JRE Uncontrolled Resource Consumption Vulnerability (CVE-2026-34282)
CVE-2026-34282
CWE-400
High
Oracle PeopleSoft SSO weak secret key
-
CWE-1391
High
Oracle Reports rwservlet vulnerabilities
CVE-2012-3153
CWE-20
High
Oracle Reports Services RWServlet environment variables disclosure
-
CWE-200
Low
Oracle Sun GlassFish/Java System Application Server Remote Authentication Bypass Vulnerability
CVE-2011-0807
CWE-287
High
Oracle Weblogic Async Component Deserialization RCE CVE-2019-2725
CVE-2019-2725
CWE-94
High
Oracle WebLogic Authentication Bypass
CVE-2018-2894
CWE-287
High
Oracle WebLogic Remote Code Execution (CVE-2020-14882)
CVE-2020-14883
CWE-78
Critical
Oracle WebLogic Remote Code Execution via IIOP
CVE-2020-2551
CWE-502
High
Oracle WebLogic Remote Code Execution via T3
CVE-2018-3245
CWE-502
High
Oracle Weblogic T3 XXE (CVE-2019-2647)
CVE-2019-2647
CWE-611
High
Oracle Weblogic T3 XXE (CVE-2019-2888)
CVE-2019-2888
CWE-611
High
Oracle Weblogic WLS-WSAT Component Deserialization RCE
CVE-2017-10271
CWE-94
High
Osclass Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-6308)
CVE-2014-6308
CWE-22
Medium
Osclass Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-8084)
CVE-2014-8084
CWE-22
High
Osclass Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10751)
CVE-2016-10751
CWE-22
High
Osclass Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5163)
CVE-2012-5163
CWE-707
Medium
Osclass Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-6280)
CVE-2014-6280
CWE-707
Medium
Osclass Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14481)
CVE-2018-14481
CWE-707
Medium
Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-0973)
CVE-2012-0973
CWE-138
High
Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5162)
CVE-2012-5162
CWE-138
Medium
Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-8083)
CVE-2014-8083
CWE-138
High
Osclass Other Vulnerability (CVE-2014-8085)
CVE-2014-8085
-
Medium
osCommerce Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-27975)
CVE-2020-27975
CWE-352
High
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-1991)
CVE-2002-1991
CWE-94
High
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-2019)
CVE-2002-2019
CWE-94
High
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18573)
CVE-2018-18573
CWE-94
High
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-22724)
CVE-2024-22724
CWE-94
Medium
osCommerce Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2965)
CVE-2015-2965
CWE-22
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29070)
CVE-2020-29070
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35212)
CVE-2022-35212
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43702)
CVE-2023-43702
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43703)
CVE-2023-43703
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43704)
CVE-2023-43704
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43705)
CVE-2023-43705
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43706)
CVE-2023-43706
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43707)
CVE-2023-43707
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43708)
CVE-2023-43708
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43709)
CVE-2023-43709
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43710)
CVE-2023-43710
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43711)
CVE-2023-43711
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43712)
CVE-2023-43712
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43713)
CVE-2023-43713
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43714)
CVE-2023-43714
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43715)
CVE-2023-43715
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43716)
CVE-2023-43716
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43717)
CVE-2023-43717
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43718)
CVE-2023-43718
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43719)
CVE-2023-43719
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43720)
CVE-2023-43720
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43721)
CVE-2023-43721
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43722)
CVE-2023-43722
CWE-707
Medium
«
1
...
142
143
144
...
329
»