Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Critical Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Critical Severity Vulnerabilities
Found
1499 vulnerabilities
at
Critical
severity.
Vulnerability Name
CVE
CWE
Severity
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-25315)
CVE-2022-25315
CWE-190
Critical
Atlassian Confluence Unauthenticated Remote Code Execution Vulnerability (CVE-2022-26134)
CVE-2022-26134
-
Critical
Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136)
CVE-2022-26136
CWE-180
Critical
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136)
CVE-2022-26136
CWE-180
Critical
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
CVE-2022-26137
CWE-180
Critical
Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
CVE-2022-26137
CWE-180
Critical
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2022-26148)
CVE-2022-26148
CWE-312
Critical
Dot CMS Other Vulnerability (CVE-2022-26352)
CVE-2022-26352
-
Critical
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-27423)
CVE-2022-27423
CWE-138
Critical
MediaWiki CVE-2022-28205 Vulnerability (CVE-2022-28205)
CVE-2022-28205
-
Critical
MediaWiki CVE-2022-28206 Vulnerability (CVE-2022-28206)
CVE-2022-28206
-
Critical
MediaWiki CVE-2022-28209 Vulnerability (CVE-2022-28209)
CVE-2022-28209
-
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28346)
CVE-2022-28346
CWE-138
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28347)
CVE-2022-28347
CWE-138
Critical
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-28615)
CVE-2022-28615
CWE-190
Critical
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2022-28660)
CVE-2022-28660
CWE-306
Critical
Ruby Double Free Vulnerability (CVE-2022-28738)
CVE-2022-28738
CWE-415
Critical
XWiki Inadequate Encryption Strength Vulnerability (CVE-2022-29161)
CVE-2022-29161
CWE-326
Critical
Envoy Proxy Missing Authentication for Critical Function Vulnerability (CVE-2022-29226)
CVE-2022-29226
CWE-306
Critical
Werkzeug WSGI Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-29361)
CVE-2022-29361
-
Critical
MediaWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-29904)
CVE-2022-29904
CWE-138
Critical
MediaWiki Incorrect Authorization Vulnerability (CVE-2022-29906)
CVE-2022-29906
CWE-863
Critical
OpenSSL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2022-2068)
CVE-2022-2068
CWE-138
Critical
OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-2274)
CVE-2022-2274
CWE-787
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-30599)
CVE-2022-30599
CWE-138
Critical
Moodle Incorrect Calculation Vulnerability (CVE-2022-30600)
CVE-2022-30600
CWE-682
Critical
b2evolution Use of Insufficiently Random Values Vulnerability (CVE-2022-30935)
CVE-2022-30935
CWE-330
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-31181)
CVE-2022-31181
CWE-138
Critical
Beego Framework CVE-2022-31259 Vulnerability (CVE-2022-31259)
CVE-2022-31259
-
Critical
PHP Out-of-bounds Write Vulnerability (CVE-2022-31627)
CVE-2022-31627
CWE-787
Critical
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-31631)
CVE-2022-31631
CWE-138
Critical
Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2022-31813)
CVE-2022-31813
CWE-345
Critical
Beego Framework Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-31836)
CVE-2022-31836
CWE-22
Critical
Magento Incorrect Authorization Vulnerability (CVE-2022-34256)
CVE-2022-34256
CWE-863
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-34265)
CVE-2022-34265
CWE-138
Critical
Moodle Improper Input Validation Vulnerability (CVE-2022-35649)
CVE-2022-35649
CWE-20
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36094)
CVE-2022-36094
CWE-707
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36096)
CVE-2022-36096
CWE-707
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36098)
CVE-2022-36098
CWE-707
Critical
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-36760)
CVE-2022-36760
-
Critical
Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)
CVE-2022-37159
CWE-434
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
Skipper Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-38580)
CVE-2022-38580
CWE-918
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2022-3754)
CVE-2022-3754
CWE-521
Critical
Moodle CVE-2022-40314 Vulnerability (CVE-2022-40314)
CVE-2022-40314
-
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-40315)
CVE-2022-40315
CWE-138
Critical
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2022-40871)
CVE-2022-40871
CWE-276
Critical
WeBid Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-41477)
CVE-2022-41477
CWE-918
Critical
HSQLDB CVE-2022-41853 Vulnerability (CVE-2022-41853)
CVE-2022-41853
-
Critical
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42120)
CVE-2022-42120
CWE-138
Critical
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42120)
CVE-2022-42120
CWE-138
Critical
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42122)
CVE-2022-42122
CWE-138
Critical
Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)
CVE-2022-43138
CWE-269
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43168)
CVE-2022-43168
CWE-138
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-44945)
CVE-2022-44945
CWE-138
Critical
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-45152)
CVE-2022-45152
CWE-918
Critical
Sqlite Other Vulnerability (CVE-2022-46908)
CVE-2022-46908
-
Critical
Masa CMS Incorrect Authorization Vulnerability (CVE-2022-47002)
CVE-2022-47002
CWE-863
Critical
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-48008)
CVE-2022-48008
CWE-434
Critical
Rukovoditel Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2022-48175)
CVE-2022-48175
CWE-138
Critical
Perl Out-of-bounds Write Vulnerability (CVE-2022-48522)
CVE-2022-48522
CWE-787
Critical
Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2022-48565)
CVE-2022-48565
CWE-611
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-4093)
CVE-2022-4093
CWE-138
Critical
Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492)
CVE-2022-4492
-
Critical
Jboss EAP CVE-2022-4492 Vulnerability (CVE-2022-4492)
CVE-2022-4492
-
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0307)
CVE-2023-0307
CWE-521
Critical
phpMyFAQ Improper Authentication Vulnerability (CVE-2023-0311)
CVE-2023-0311
CWE-287
Critical
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-0788)
CVE-2023-0788
CWE-94
Critical
phpMyFAQ Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2023-0789)
CVE-2023-0789
CWE-138
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-1753)
CVE-2023-1753
CWE-521
Critical
phpMyFAQ Authentication Bypass by Capture-replay Vulnerability (CVE-2023-1886)
CVE-2023-1886
CWE-294
Critical
SharePoint CVE-2023-21716 Vulnerability (CVE-2023-21716)
CVE-2023-21716
-
Critical
WebLogic CVE-2023-22069 Vulnerability (CVE-2023-22069)
CVE-2023-22069
-
Critical
WebLogic CVE-2023-22072 Vulnerability (CVE-2023-22072)
CVE-2023-22072
-
Critical
« Previous
1
...
12
13
14
15
16
17
18
19
20
Next »
