Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)
CVE-2019-9511
CWE-770
High
Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
CVE-2019-9516
CWE-770
Medium
Nginx Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2012-2089)
CVE-2012-2089
CWE-120
Medium
Nginx CVE-2009-4487 Vulnerability (CVE-2009-4487)
CVE-2009-4487
-
Medium
Nginx CVE-2010-4180 Vulnerability (CVE-2010-4180)
CVE-2010-4180
-
Medium
Nginx CVE-2011-4963 Vulnerability (CVE-2011-4963)
CVE-2011-4963
-
Medium
Nginx CVE-2013-2070 Vulnerability (CVE-2013-2070)
CVE-2013-2070
-
Medium
Nginx CVE-2023-27729 Vulnerability (CVE-2023-27729)
CVE-2023-27729
-
High
Nginx Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2263)
CVE-2010-2263
CWE-200
Medium
Nginx Improper Certificate Validation Vulnerability (CVE-2009-3555)
CVE-2009-3555
CWE-295
Medium
Nginx Improper Certificate Validation Vulnerability (CVE-2021-3618)
CVE-2021-3618
CWE-295
High
Nginx Improper Encoding or Escaping of Output Vulnerability (CVE-2013-4547)
CVE-2013-4547
CWE-116
High
Nginx Improper Input Validation Vulnerability (CVE-2011-4968)
CVE-2011-4968
CWE-20
Medium
Nginx Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-3898)
CVE-2009-3898
CWE-22
Medium
Nginx Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-2266)
CVE-2010-2266
CWE-22
Medium
Nginx Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-1247)
CVE-2016-1247
CWE-59
High
Nginx Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2014-3556)
CVE-2014-3556
CWE-138
Medium
Nginx Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-3896)
CVE-2009-3896
CWE-119
Medium
Nginx Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0088)
CVE-2014-0088
CWE-119
High
Nginx Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-20372)
CVE-2019-20372
CWE-444
Medium
Nginx Insufficient Session Expiration Vulnerability (CVE-2014-3616)
CVE-2014-3616
CWE-613
Medium
Nginx Insufficient Session Expiration Vulnerability (CVE-2025-23419)
CVE-2025-23419
CWE-613
Medium
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-20005)
CVE-2017-20005
CWE-190
Critical
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-7529)
CVE-2017-7529
CWE-190
High
Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-16845)
CVE-2018-16845
CWE-835
Medium
Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-1695)
CVE-2025-1695
CWE-835
Medium
Nginx memory disclosure with specially crafted HTTP backend responses
CVE-2012-1180
CWE-416
High
Nginx Off-by-one Error Vulnerability (CVE-2021-23017)
CVE-2021-23017
CWE-193
High
Nginx Other Vulnerability (CVE-2016-0742)
CVE-2016-0742
-
High
Nginx Other Vulnerability (CVE-2016-0746)
CVE-2016-0746
-
Critical
Nginx Other Vulnerability (CVE-2016-4450)
CVE-2016-4450
-
High
Nginx Other Vulnerability (CVE-2019-9513)
CVE-2019-9513
-
High
Nginx Out-of-bounds Read Vulnerability (CVE-2022-38890)
CVE-2022-38890
CWE-125
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27727)
CVE-2023-27727
CWE-125
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27728)
CVE-2023-27728
CWE-125
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27730)
CVE-2023-27730
CWE-125
High
Nginx Out-of-bounds Write Vulnerability (CVE-2009-2629)
CVE-2009-2629
CWE-787
High
Nginx Out-of-bounds Write Vulnerability (CVE-2011-4315)
CVE-2011-4315
CWE-787
Medium
Nginx Out-of-bounds Write Vulnerability (CVE-2013-2028)
CVE-2013-2028
CWE-787
High
Nginx Out-of-bounds Write Vulnerability (CVE-2014-0133)
CVE-2014-0133
CWE-787
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741)
CVE-2022-41741
CWE-787
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41742)
CVE-2022-41742
CWE-787
High
Nginx Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0337)
CVE-2013-0337
CWE-264
High
Nginx PHP code execution via FastCGI
-
CWE-94
High
nginx range filter integer overflow
CVE-2017-7529
CWE-200
Medium
Nginx Redirect Header Injection
-
CWE-93
Medium
Nginx Resource Management Errors Vulnerability (CVE-2016-0747)
CVE-2016-0747
-
Medium
Nginx UI Information Disclosure (CVE-2026-27944)
CVE-2026-27944
CWE-311
Critical
Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2018-16843)
CVE-2018-16843
CWE-400
High
Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2018-16844)
CVE-2018-16844
CWE-400
High
Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
CVE-2023-44487
CWE-400
High
Nginx Use After Free Vulnerability (CVE-2012-1180)
CVE-2012-1180
CWE-416
Medium
Nginx Use After Free Vulnerability (CVE-2022-31307)
CVE-2022-31307
CWE-416
Medium
Nginx Use After Free Vulnerability (CVE-2022-32414)
CVE-2022-32414
CWE-416
Medium
No SAML Respose signature check
-
CWE-347
High
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP)
-
CWE-942
Information
node-serialize Insecure Deserialization
CVE-2017-5941
CWE-502
High
Node.js Debugger Unauthorized Access Vulnerability
-
CWE-200
High
Node.js Inspector Unauthorized Access Vulnerability
-
CWE-200
High
Node.js MySQL Prepared Statement Object Injection
-
CWE-89
High
Node.js path validation vulnerability
CVE-2017-14849
CWE-22
High
Node.js Running in Development Mode
-
CWE-215
Medium
Node.js Web Application does not handle uncaughtException
-
CWE-248
Medium
Node.js Web Application does not handle unhandledRejection
-
CWE-248
Medium
NodeBB Arbitrary JSON File Read (CVE-2021-43788)
CVE-2021-43788
CWE-22
Medium
Nonce Usage Detected in Content Security Policy (CSP) Directive
-
CWE-358
Information
npm log file publicly accessible (npm-debug.log)
-
CWE-200
Medium
ntopng Authentication Bypass (CVE-2021-28073)
CVE-2021-28073
CWE-287
High
NuSOAP Improper Certificate Validation Vulnerability (CVE-2012-6071)
CVE-2012-6071
CWE-295
High
Nuxt.js Running in Development Mode
-
CWE-200
Low
OData feed accessible anonymously
-
CWE-200
Low
Odoo LFI (CVE-2019-14322)
CVE-2019-14322
CWE-22
High
Odoo XSS (CVE-2023-1434)
CVE-2023-1434
CWE-79
Medium
Old API Version Exposed
-
CWE-693
Medium
Omeka Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5100)
CVE-2014-5100
CWE-352
Medium