🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Web Application Vulnerabilities
This page lists
24652 vulnerabilities
in
62 categories
.
Critical: 1632
High: 13204
Medium: 8857
Low: 888
Information: 71
Vulnerability Name
CVE
CWE
Severity
Ruby on Rails Improper Verification of Intent by Broadcast Receiver Vulnerability (CVE-2026-33173)
CVE-2026-33173
CWE-925
Medium
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)
CVE-2023-22792
CWE-1333
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2024-26142)
CVE-2024-26142
CWE-1333
High
Ruby on Rails Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-33174)
CVE-2026-33174
CWE-789
High
Ruby on Rails Missing Encryption of Sensitive Data Vulnerability (CVE-2010-3299)
CVE-2010-3299
CWE-311
Medium
Ruby on Rails Other Vulnerability (CVE-2013-0333)
CVE-2013-0333
-
High
Ruby on Rails Other Vulnerability (CVE-2021-22904)
CVE-2021-22904
-
High
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-0449)
CVE-2011-0449
CWE-264
High
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)
CVE-2012-2660
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2694)
CVE-2012-2694
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0155)
CVE-2013-0155
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0276)
CVE-2013-0276
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)
CVE-2013-6417
CWE-264
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)
CVE-2014-3514
CWE-264
High
Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)
CVE-2015-7581
-
High
Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)
CVE-2016-0751
-
High
Ruby on Rails SQL injection
CVE-2012-2695
CWE-89
High
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2020-8185)
CVE-2020-8185
CWE-400
Medium
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2021-22880)
CVE-2021-22880
CWE-400
High
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2026-33169)
CVE-2026-33169
CWE-400
Medium
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2026-33176)
CVE-2026-33176
CWE-400
High
Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)
CVE-2020-8162
CWE-434
High
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22881)
CVE-2021-22881
CWE-601
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22903)
CVE-2021-22903
CWE-601
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22942)
CVE-2021-22942
CWE-601
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-44528)
CVE-2021-44528
CWE-601
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-22797)
CVE-2023-22797
CWE-601
Medium
Ruby on Rails Use of Externally-Controlled Format String Vulnerability (CVE-2013-4389)
CVE-2013-4389
CWE-134
Medium
Ruby on Rails weak/known secret token
CVE-2013-0156
CWE-200
High
Ruby Other Vulnerability (CVE-2012-5380)
CVE-2012-5380
-
Medium
Ruby Other Vulnerability (CVE-2014-8080)
CVE-2014-8080
-
Medium
Ruby Other Vulnerability (CVE-2014-8090)
CVE-2014-8090
-
Medium
Ruby Other Vulnerability (CVE-2016-2336)
CVE-2016-2336
-
Critical
Ruby Other Vulnerability (CVE-2016-2337)
CVE-2016-2337
-
Critical
Ruby Other Vulnerability (CVE-2021-41817)
CVE-2021-41817
-
High
Ruby Out-of-bounds Read Vulnerability (CVE-2022-28739)
CVE-2022-28739
CWE-125
High
Ruby Out-of-bounds Write Vulnerability (CVE-2016-2338)
CVE-2016-2338
CWE-787
Critical
Ruby Out-of-bounds Write Vulnerability (CVE-2017-11465)
CVE-2017-11465
CWE-787
Critical
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3655)
CVE-2008-3655
CWE-264
High
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1005)
CVE-2011-1005
CWE-264
Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)
CVE-2012-4464
CWE-264
Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4466)
CVE-2012-4466
CWE-264
Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4481)
CVE-2012-4481
CWE-264
Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4522)
CVE-2012-4522
CWE-264
Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2065)
CVE-2013-2065
CWE-264
Medium
Ruby Resource Management Errors Vulnerability (CVE-2008-2664)
CVE-2008-2664
-
High
Ruby Resource Management Errors Vulnerability (CVE-2008-3443)
CVE-2008-3443
-
Medium
Ruby Resource Management Errors Vulnerability (CVE-2008-3656)
CVE-2008-3656
-
High
Ruby Resource Management Errors Vulnerability (CVE-2008-4310)
CVE-2008-4310
-
High
Ruby Resource Management Errors Vulnerability (CVE-2014-2734)
CVE-2014-2734
-
Medium
Ruby Resource Management Errors Vulnerability (CVE-2014-6438)
CVE-2014-6438
-
High
Ruby Uncontrolled Resource Consumption Vulnerability (CVE-2018-8777)
CVE-2018-8777
CWE-400
High
Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2017-0898)
CVE-2017-0898
CWE-134
Critical
Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2018-8778)
CVE-2018-8778
CWE-134
High
RubyGems 7PK - Security Features Vulnerability (CVE-2015-3900)
CVE-2015-3900
-
Medium
RubyGems Cryptographic Issues Vulnerability (CVE-2012-2126)
CVE-2012-2126
-
Medium
RubyGems Cryptographic Issues Vulnerability (CVE-2013-4287)
CVE-2013-4287
-
Medium
RubyGems Cryptographic Issues Vulnerability (CVE-2013-4363)
CVE-2013-4363
-
Medium
RubyGems Deserialization of Untrusted Data Vulnerability (CVE-2017-0903)
CVE-2017-0903
CWE-502
Critical
RubyGems Deserialization of Untrusted Data Vulnerability (CVE-2018-1000074)
CVE-2018-1000074
CWE-502
High
RubyGems Improper Authentication Vulnerability (CVE-2022-36073)
CVE-2022-36073
CWE-287
High
RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-0899)
CVE-2017-0899
CWE-94
Critical
RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8324)
CVE-2019-8324
CWE-94
High
RubyGems Improper Input Validation Vulnerability (CVE-2015-4020)
CVE-2015-4020
CWE-20
Medium
RubyGems Improper Input Validation Vulnerability (CVE-2017-0900)
CVE-2017-0900
CWE-20
High
RubyGems Improper Input Validation Vulnerability (CVE-2017-0901)
CVE-2017-0901
CWE-20
High
RubyGems Improper Input Validation Vulnerability (CVE-2018-1000077)
CVE-2018-1000077
CWE-20
Medium
RubyGems Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000079)
CVE-2018-1000079
CWE-22
Medium
RubyGems Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8320)
CVE-2019-8320
CWE-22
High
RubyGems Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-1000073)
CVE-2018-1000073
CWE-59
High
RubyGems Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2019-8321)
CVE-2019-8321
CWE-707
High
RubyGems Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000078)
CVE-2018-1000078
CWE-707
Medium
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8322)
CVE-2019-8322
CWE-138
High
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8323)
CVE-2019-8323
CWE-138
High
«
1
...
179
180
181
...
329
»