Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
Ruby Improper Input Validation Vulnerability (CVE-2015-7551)
CVE-2015-7551
CWE-20
High
Ruby Improper Input Validation Vulnerability (CVE-2017-6181)
CVE-2017-6181
CWE-20
High
Ruby Improper Input Validation Vulnerability (CVE-2018-8779)
CVE-2018-8779
CWE-20
High
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-1891)
CVE-2008-1891
CWE-22
Medium
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6914)
CVE-2018-6914
CWE-22
High
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-8780)
CVE-2018-8780
CWE-22
Critical
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28966)
CVE-2021-28966
CWE-22
High
Ruby Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-1004)
CVE-2011-1004
CWE-59
Medium
Ruby Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2017-17742)
CVE-2017-17742
CWE-113
Medium
Ruby Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0256)
CVE-2013-0256
CWE-707
Medium
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2011-3624)
CVE-2011-3624
CWE-138
Medium
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-17790)
CVE-2017-17790
CWE-138
Critical
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-16254)
CVE-2019-16254
CWE-138
Medium
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5247)
CVE-2020-5247
CWE-138
High
Ruby Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-31799)
CVE-2021-31799
CWE-138
Critical
Ruby Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-17405)
CVE-2017-17405
CWE-138
High
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2489)
CVE-2010-2489
CWE-119
High
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4164)
CVE-2013-4164
CWE-119
Medium
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-4975)
CVE-2014-4975
CWE-119
Medium
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-2339)
CVE-2016-2339
CWE-119
Critical
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14033)
CVE-2017-14033
CWE-119
High
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14064)
CVE-2017-14064
CWE-119
Critical
Ruby Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-28965)
CVE-2021-28965
CWE-611
High
Ruby Inadequate Encryption Strength Vulnerability (CVE-2011-4121)
CVE-2011-4121
CWE-326
Critical
Ruby Inadequate Encryption Strength Vulnerability (CVE-2021-32066)
CVE-2021-32066
CWE-326
High
Ruby Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-25613)
CVE-2020-25613
CWE-444
High
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-28756)
CVE-2023-28756
CWE-1333
High
Ruby Integer Overflow or Wraparound Vulnerability (CVE-2008-2663)
CVE-2008-2663
CWE-190
Critical
Ruby Interpretation Conflict Vulnerability (CVE-2021-33621)
CVE-2021-33621
CWE-436
High
Ruby Numeric Errors Vulnerability (CVE-2008-2376)
CVE-2008-2376
-
High
Ruby Numeric Errors Vulnerability (CVE-2008-2662)
CVE-2008-2662
-
Critical
Ruby Numeric Errors Vulnerability (CVE-2008-2725)
CVE-2008-2725
-
High
Ruby Numeric Errors Vulnerability (CVE-2008-2726)
CVE-2008-2726
-
High
Ruby Numeric Errors Vulnerability (CVE-2009-1904)
CVE-2009-1904
-
Medium
Ruby Numeric Errors Vulnerability (CVE-2011-0188)
CVE-2011-0188
-
Medium
Ruby on Rails 7PK - Security Features Vulnerability (CVE-2015-7576)
CVE-2015-7576
-
Low
Ruby on Rails Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-5419)
CVE-2019-5419
CWE-770
High
Ruby on Rails Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2007-6077)
CVE-2007-6077
CWE-362
Medium
Ruby on Rails CookieStore session cookie persistence
-
CWE-613
Low
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-5189)
CVE-2008-5189
CWE-352
Medium
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0447)
CVE-2011-0447
CWE-352
Medium
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8166)
CVE-2020-8166
CWE-352
Medium
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8167)
CVE-2020-8167
CWE-352
Medium
Ruby on Rails CVE-2006-4112 Vulnerability (CVE-2006-4112)
CVE-2006-4112
-
High
Ruby on Rails CVE-2013-0277 Vulnerability (CVE-2013-0277)
CVE-2013-0277
-
Critical
Ruby on Rails CVE-2015-3227 Vulnerability (CVE-2015-3227)
CVE-2015-3227
-
Medium
Ruby on Rails CVE-2018-16477 Vulnerability (CVE-2018-16477)
CVE-2018-16477
-
Medium
Ruby on Rails CVE-2019-5418 Vulnerability (CVE-2019-5418)
CVE-2019-5418
-
High
Ruby on Rails CVE-2021-22902 Vulnerability (CVE-2021-22902)
CVE-2021-22902
-
High
Ruby on Rails CVE-2022-23633 Vulnerability (CVE-2022-23633)
CVE-2022-23633
-
Medium
Ruby on Rails CVE-2022-23634 Vulnerability (CVE-2022-23634)
CVE-2022-23634
-
Medium
Ruby on Rails CVE-2024-26144 Vulnerability (CVE-2024-26144)
CVE-2024-26144
-
Medium
Ruby on Rails CVE-2024-28103 Vulnerability (CVE-2024-28103)
CVE-2024-28103
-
Critical
Ruby on Rails Data Processing Errors Vulnerability (CVE-2014-3916)
CVE-2014-3916
-
Medium
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2018-16476)
CVE-2018-16476
CWE-502
High
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8164)
CVE-2020-8164
CWE-502
High
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8165)
CVE-2020-8165
CWE-502
Critical
Ruby on Rails directory traversal vulnerability
CVE-2014-0130
CWE-22
High
Ruby on Rails DoubleTap RCE (CVE-2019-5420)
CVE-2019-5420
CWE-502
High
Ruby on Rails Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3086)
CVE-2009-3086
CWE-200
Medium
Ruby on Rails Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6497)
CVE-2012-6497
CWE-200
Medium
Ruby on Rails Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-22885)
CVE-2021-22885
CWE-209
High
Ruby on Rails Improper Access Control Vulnerability (CVE-2015-7577)
CVE-2015-7577
CWE-284
Medium
Ruby on Rails Improper Access Control Vulnerability (CVE-2016-6317)
CVE-2016-6317
CWE-284
High
Ruby on Rails Improper Authentication Vulnerability (CVE-2009-2422)
CVE-2009-2422
CWE-287
Critical
Ruby on Rails Improper Authentication Vulnerability (CVE-2012-3424)
CVE-2012-3424
CWE-287
Medium
Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4111)
CVE-2006-4111
CWE-94
High
Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-3186)
CVE-2011-3186
CWE-94
Medium
Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-8163)
CVE-2020-8163
CWE-94
High
Ruby on Rails Improper Input Validation Vulnerability (CVE-2008-7248)
CVE-2008-7248
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2010-3933)
CVE-2010-3933
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2011-2929)
CVE-2011-2929
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2011-3187)
CVE-2011-3187
CWE-20
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-0156)
CVE-2013-0156
CWE-20
High