Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24302 vulnerabilities in 62 categories.

Critical: 1589 High: 13053 Medium: 8721 Low: 870 Information: 69
Vulnerability Name
CVE
CWE
Severity
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-10693)
CVE-2020-10693
CWE-20
Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1732)
CVE-2020-1732
CWE-20
Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1757)
CVE-2020-1757
CWE-20
High
Jboss EAP Improper Input Validation Vulnerability (CVE-2025-12543)
CVE-2025-12543
CWE-20
Critical
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2595)
CVE-2017-2595
CWE-22
Medium
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1047)
CVE-2018-1047
CWE-22
Medium
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1048)
CVE-2018-1048
CWE-22
High
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-10862)
CVE-2018-10862
CWE-22
Medium
Jboss EAP Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2016-4993)
CVE-2016-4993
CWE-707
Medium
Jboss EAP Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067)
CVE-2018-1067
CWE-113
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0455)
CVE-2008-0455
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2405)
CVE-2009-2405
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6495)
CVE-2013-6495
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10934)
CVE-2018-10934
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10219)
CVE-2019-10219
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3872)
CVE-2019-3872
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3873)
CVE-2019-3873
CWE-707
Critical
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10688)
CVE-2020-10688
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3536)
CVE-2021-3536
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1932)
CVE-2023-1932
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-10234)
CVE-2024-10234
CWE-707
High
Jboss EAP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-14900)
CVE-2019-14900
CWE-138
Medium
Jboss EAP Improper Privilege Management Vulnerability (CVE-2019-14838)
CVE-2019-14838
CWE-269
Medium
Jboss EAP Improper Resource Shutdown or Release Vulnerability (CVE-2025-9784)
CVE-2025-9784
CWE-404
High
Jboss EAP Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-23368)
CVE-2025-23368
CWE-307
Critical
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2011-4610)
CVE-2011-4610
CWE-119
Medium
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5220)
CVE-2015-5220
CWE-119
Medium
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)
CVE-2021-32027
CWE-119
High
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-12629)
CVE-2017-12629
CWE-611
Critical
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-7464)
CVE-2017-7464
CWE-611
Critical
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-7503)
CVE-2017-7503
CWE-611
Critical
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-10172)
CVE-2019-10172
CWE-611
High
Jboss EAP Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795)
CVE-2023-48795
CWE-354
Medium
Jboss EAP Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-14379)
CVE-2019-14379
CWE-915
Critical
Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2014-0224)
CVE-2014-0224
CWE-326
High
Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2019-14887)
CVE-2019-14887
CWE-326
Critical
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-5968)
CVE-2018-5968
CWE-184
High
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-7489)
CVE-2018-7489
CWE-184
Critical
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
CVE-2017-12165
CWE-444
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-2666)
CVE-2017-2666
CWE-444
Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7561)
CVE-2017-7561
CWE-444
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-16869)
CVE-2019-16869
CWE-444
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-20444)
CVE-2019-20444
CWE-444
Critical
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-20445)
CVE-2019-20445
CWE-444
Critical
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)
CVE-2020-10687
CWE-444
Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719)
CVE-2020-10719
CWE-444
Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-7238)
CVE-2020-7238
CWE-444
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2026-28367)
CVE-2026-28367
-
Critical
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2026-28368)
CVE-2026-28368
-
Critical
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2026-28369)
CVE-2026-28369
-
Critical
Jboss EAP Incorrect Authorization Vulnerability (CVE-2014-0169)
CVE-2014-0169
CWE-863
Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2017-12196)
CVE-2017-12196
CWE-863
Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2019-14843)
CVE-2019-14843
CWE-863
High
Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)
CVE-2022-0866
CWE-863
Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2026-3009)
CVE-2026-3009
CWE-863
High
Jboss EAP Incorrect Privilege Assignment Vulnerability (CVE-2026-3121)
CVE-2026-3121
CWE-266
High
Jboss EAP Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)
CVE-2019-10212
CWE-532
Critical
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
CVE-2017-2670
CWE-835
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1041)
CVE-2018-1041
CWE-835
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)
CVE-2018-1336
CWE-835
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-0205)
CVE-2019-0205
CWE-835
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)
CVE-2023-1108
CWE-835
High
Jboss EAP Missing Authorization Vulnerability (CVE-2019-10184)
CVE-2019-10184
CWE-862
High
Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)
CVE-2022-0853
CWE-401
High
Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2021-3642)
CVE-2021-3642
-
Medium
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)
CVE-2022-3143
CWE-203
High
Jboss EAP Other Vulnerability (CVE-2010-4265)
CVE-2010-4265
-
Low
Jboss EAP Other Vulnerability (CVE-2014-3490)
CVE-2014-3490
-
High
Jboss EAP Other Vulnerability (CVE-2019-9513)
CVE-2019-9513
-
High
Jboss EAP Other Vulnerability (CVE-2020-1710)
CVE-2020-1710
-
Medium
Jboss EAP Other Vulnerability (CVE-2023-3628)
CVE-2023-3628
-
Medium
Jboss EAP Other Vulnerability (CVE-2023-3629)
CVE-2023-3629
-
Medium
Jboss EAP Out-of-bounds Read Vulnerability (CVE-2019-0210)
CVE-2019-0210
CWE-125
High
Jboss EAP Permission Issues Vulnerability (CVE-2016-7066)
CVE-2016-7066
-
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-0738)
CVE-2010-0738
CWE-264
Medium