Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Critical Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Critical Severity Vulnerabilities
Found
1499 vulnerabilities
at
Critical
severity.
Vulnerability Name
CVE
CWE
Severity
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-7489)
CVE-2018-7489
CWE-184
Critical
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-7556)
CVE-2018-7556
CWE-200
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-7584)
CVE-2018-7584
CWE-119
Critical
Drupal Improper Input Validation Vulnerability (CVE-2018-7600)
CVE-2018-7600
CWE-20
Critical
Drupal CVE-2018-7602 Vulnerability (CVE-2018-7602)
CVE-2018-7602
-
Critical
ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664)
CVE-2018-7664
CWE-138
Critical
ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665)
CVE-2018-7665
CWE-434
Critical
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666)
CVE-2018-7666
CWE-138
Critical
Apache Tomcat Insecure Default Initialization of Resource Vulnerability (CVE-2018-8014)
CVE-2018-8014
CWE-1188
Critical
Jboss EAP CVE-2018-8088 Vulnerability (CVE-2018-8088)
CVE-2018-8088
-
Critical
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-8780)
CVE-2018-8780
CWE-22
Critical
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-8823)
CVE-2018-8823
CWE-94
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-8824)
CVE-2018-8824
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9019)
CVE-2018-9019
CWE-138
Critical
Open Resty Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9230)
CVE-2018-9230
CWE-138
Critical
SharePoint Improper Input Validation Vulnerability (CVE-2019-0604)
CVE-2019-0604
CWE-20
Critical
Apache HTTP Server Use After Free Vulnerability (CVE-2019-10082)
CVE-2019-10082
CWE-416
Critical
Oracle HTTP Server Use After Free Vulnerability (CVE-2019-10082)
CVE-2019-10082
CWE-416
Critical
Python Credentials Management Errors Vulnerability (CVE-2019-10160)
CVE-2019-10160
-
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10202)
CVE-2019-10202
CWE-502
Critical
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10211)
CVE-2019-10211
CWE-20
Critical
Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)
CVE-2019-10212
CWE-532
Critical
Jboss EAP Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)
CVE-2019-10212
CWE-532
Critical
Contao Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10641)
CVE-2019-10641
CWE-640
Critical
Contao Key Management Errors Vulnerability (CVE-2019-10643)
CVE-2019-10643
-
Critical
Lodash Other Vulnerability (CVE-2019-10744)
CVE-2019-10744
-
Critical
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10910)
CVE-2019-10910
CWE-138
Critical
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-10945)
CVE-2019-10945
CWE-22
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2019-11034)
CVE-2019-11034
CWE-125
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2019-11035)
CVE-2019-11035
CWE-125
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2019-11036)
CVE-2019-11036
CWE-125
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2019-11039)
CVE-2019-11039
CWE-190
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2019-11040)
CVE-2019-11040
CWE-125
Critical
PHP Out-of-bounds Write Vulnerability (CVE-2019-11043)
CVE-2019-11043
CWE-787
Critical
PHP Double Free Vulnerability (CVE-2019-11049)
CVE-2019-11049
CWE-415
Critical
Lighttpd Integer Overflow or Wraparound Vulnerability (CVE-2019-11072)
CVE-2019-11072
CWE-190
Critical
Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-11512)
CVE-2019-11512
CWE-138
Critical
Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-11581)
CVE-2019-11581
CWE-138
Critical
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-11768)
CVE-2019-11768
CWE-138
Critical
Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-11831)
CVE-2019-11831
CWE-22
Critical
Joomla Deserialization of Untrusted Data Vulnerability (CVE-2019-11831)
CVE-2019-11831
CWE-502
Critical
silverstripeCMS CVE-2019-12204 Vulnerability (CVE-2019-12204)
CVE-2019-12204
-
Critical
MediaWiki Missing Authentication for Critical Function Vulnerability (CVE-2019-12468)
CVE-2019-12468
CWE-306
Critical
Squid Out-of-bounds Write Vulnerability (CVE-2019-12519)
CVE-2019-12519
CWE-787
Critical
Squid CVE-2019-12523 Vulnerability (CVE-2019-12523)
CVE-2019-12523
-
Critical
Squid Missing Authentication for Critical Function Vulnerability (CVE-2019-12524)
CVE-2019-12524
CWE-306
Critical
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-12525)
CVE-2019-12525
CWE-119
Critical
Squid Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2019-12526)
CVE-2019-12526
CWE-120
Critical
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747)
CVE-2019-12747
CWE-502
Critical
Joomla Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-12765)
CVE-2019-12765
CWE-1236
Critical
Python Out-of-bounds Write Vulnerability (CVE-2019-12900)
CVE-2019-12900
CWE-787
Critical
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-13082)
CVE-2019-13082
CWE-434
Critical
PHP Use After Free Vulnerability (CVE-2019-13224)
CVE-2019-13224
CWE-416
Critical
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-13292)
CVE-2019-13292
CWE-138
Critical
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13363)
CVE-2019-13363
CWE-352
Critical
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13364)
CVE-2019-13364
CWE-707
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-14234)
CVE-2019-14234
CWE-138
Critical
Axway Secure Transport Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-14277)
CVE-2019-14277
CWE-611
Critical
Jboss EAP Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-14379)
CVE-2019-14379
CWE-915
Critical
YOURLS Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-14537)
CVE-2019-14537
CWE-843
Critical
MySQL Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)
CVE-2019-14540
CWE-502
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)
CVE-2019-14540
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)
CVE-2019-14540
CWE-502
Critical
Moodle CVE-2019-14880 Vulnerability (CVE-2019-14880)
CVE-2019-14880
-
Critical
Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2019-14887)
CVE-2019-14887
CWE-326
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14892)
CVE-2019-14892
CWE-502
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14893)
CVE-2019-14893
CWE-502
Critical
MySQL Deserialization of Untrusted Data Vulnerability (CVE-2019-14893)
CVE-2019-14893
CWE-502
Critical
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-15929)
CVE-2019-15929
CWE-640
Critical
ATutor Incorrect Authorization Vulnerability (CVE-2019-16114)
CVE-2019-16114
CWE-863
Critical
LimeSurvey Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-16184)
CVE-2019-16184
CWE-1236
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)
CVE-2019-16335
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)
CVE-2019-16335
CWE-502
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
CVE-2019-16942
CWE-502
Critical
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
CVE-2019-16942
CWE-502
Critical
« Previous
1
...
10
11
12
13
14
15
16
17
...
20
Next »
