Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Critical Severity Vulnerabilities

Found 1593 vulnerabilities at Critical severity.

Vulnerability Name
CVE
CWE
Severity
ownCloud Improper Input Validation Vulnerability (CVE-2020-28645)
CVE-2020-28645
CWE-20
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-29506)
CVE-2020-29506
-
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29507)
CVE-2020-29507
CWE-20
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29508)
CVE-2020-29508
CWE-20
Critical
WebLogic CVE-2020-2546 Vulnerability (CVE-2020-2546)
CVE-2020-2546
-
Critical
WebLogic CVE-2020-2551 Vulnerability (CVE-2020-2551)
CVE-2020-2551
-
Critical
WebLogic CVE-2020-2801 Vulnerability (CVE-2020-2801)
CVE-2020-2801
-
Critical
WebLogic CVE-2020-2883 Vulnerability (CVE-2020-2883)
CVE-2020-2883
-
Critical
WebLogic CVE-2020-2884 Vulnerability (CVE-2020-2884)
CVE-2020-2884
-
Critical
Oracle HTTP Server Use of Insufficiently Random Values Vulnerability (CVE-2020-35163)
CVE-2020-35163
CWE-330
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35166)
CVE-2020-35166
-
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35167)
CVE-2020-35167
-
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35168)
CVE-2020-35168
-
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-35169)
CVE-2020-35169
CWE-20
Critical
Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)
CVE-2020-35190
CWE-306
Critical
WP Plugin Contact Form 7 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-35489)
CVE-2020-35489
CWE-434
Critical
Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-35527)
CVE-2020-35527
CWE-119
Critical
WordPress Improper Input Validation Vulnerability (CVE-2020-35539)
CVE-2020-35539
CWE-20
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-35613)
CVE-2020-35613
CWE-138
Critical
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36155)
CVE-2020-36155
CWE-269
Critical
WordPress Ultimate Member Plugin CVE-2020-36157 Vulnerability (CVE-2020-36157)
CVE-2020-36157
-
Critical
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-36326)
CVE-2020-36326
CWE-502
Critical
EspoCRM Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-37094)
CVE-2020-37094
CWE-639
Critical
Magento Deserialization of Untrusted Data Vulnerability (CVE-2020-3716)
CVE-2020-3716
CWE-502
Critical
Magento CVE-2020-3718 Vulnerability (CVE-2020-3718)
CVE-2020-3718
-
Critical
PrestaShop Improper Authentication Vulnerability (CVE-2020-4074)
CVE-2020-4074
CWE-287
Critical
IBM WebSEAL Missing Authorization Vulnerability (CVE-2020-4499)
CVE-2020-4499
CWE-862
Critical
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-6754)
CVE-2020-6754
CWE-22
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2020-7059)
CVE-2020-7059
CWE-125
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2020-7060)
CVE-2020-7060
CWE-125
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2020-7061)
CVE-2020-7061
CWE-125
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-7471)
CVE-2020-7471
CWE-138
Critical
SugarCRM Missing Authorization Vulnerability (CVE-2020-7472)
CVE-2020-7472
CWE-862
Critical
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)
CVE-2020-7941
CWE-269
Critical
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-7961)
CVE-2020-7961
CWE-502
Critical
Dolibarr Improper Authentication Vulnerability (CVE-2020-7995)
CVE-2020-7995
CWE-287
Critical
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8165)
CVE-2020-8165
CWE-502
Critical
phpList Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2020-8547)
CVE-2020-8547
CWE-843
Critical
OpenVPN AS Improper Authentication Vulnerability (CVE-2020-8953)
CVE-2020-8953
CWE-287
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9546)
CVE-2020-9546
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9547)
CVE-2020-9547
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9548)
CVE-2020-9548
CWE-502
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9576)
CVE-2020-9576
CWE-138
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9578)
CVE-2020-9578
CWE-138
Critical
Magento CVE-2020-9579 Vulnerability (CVE-2020-9579)
CVE-2020-9579
-
Critical
Magento CVE-2020-9580 Vulnerability (CVE-2020-9580)
CVE-2020-9580
-
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9582)
CVE-2020-9582
CWE-138
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9583)
CVE-2020-9583
CWE-138
Critical
Magento CVE-2020-9585 Vulnerability (CVE-2020-9585)
CVE-2020-9585
-
Critical
Magento Improper Privilege Management Vulnerability (CVE-2020-9630)
CVE-2020-9630
CWE-269
Critical
Magento CVE-2020-9631 Vulnerability (CVE-2020-9631)
CVE-2020-9631
-
Critical
Magento CVE-2020-9632 Vulnerability (CVE-2020-9632)
CVE-2020-9632
-
Critical
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-9664)
CVE-2020-9664
CWE-94
Critical
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9691)
CVE-2020-9691
CWE-707
Critical
SharePoint CVE-2021-1707 Vulnerability (CVE-2021-1707)
CVE-2021-1707
-
Critical
SharePoint Out-of-bounds Write Vulnerability (CVE-2021-1715)
CVE-2021-1715
CWE-787
Critical
SharePoint CVE-2021-1716 Vulnerability (CVE-2021-1716)
CVE-2021-1716
-
Critical
WebLogic CVE-2021-1994 Vulnerability (CVE-2021-1994)
CVE-2021-1994
-
Critical
Sqlite CVE-2021-20223 Vulnerability (CVE-2021-20223)
CVE-2021-20223
-
Critical
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21014)
CVE-2021-21014
CWE-434
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21016)
CVE-2021-21016
CWE-138
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21018)
CVE-2021-21018
CWE-138
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019)
CVE-2021-21019
CWE-91
Critical
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21024)
CVE-2021-21024
CWE-138
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21025)
CVE-2021-21025
CWE-91
Critical
PrestaShop Improper Authentication Vulnerability (CVE-2021-21308)
CVE-2021-21308
CWE-287
Critical
WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21347)
CVE-2021-21347
CWE-434
Critical
WebLogic CVE-2021-21350 Vulnerability (CVE-2021-21350)
CVE-2021-21350
-
Critical
Jenkins Missing Authorization Vulnerability (CVE-2021-21685)
CVE-2021-21685
CWE-862
Critical
Jenkins Missing Authorization Vulnerability (CVE-2021-21687)
CVE-2021-21687
CWE-862
Critical
Jenkins Other Vulnerability (CVE-2021-21689)
CVE-2021-21689
-
Critical
Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690 )
CVE-2021-21690
CWE-693
Critical
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21690)
CVE-2021-21690
CWE-22
Critical
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21691)
CVE-2021-21691
CWE-59
Critical
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21692 )
CVE-2021-21692
CWE-863
Critical