Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Critical Severity Vulnerabilities

Found 1462 vulnerabilities at Critical severity.

Vulnerability Name
CVE
CWE
Severity
Progress Kemp LoadMaster RCE (CVE-2024-1212)
CVE-2024-1212
CWE-78
Critical
Telerik Report Server Authentication Bypass Vulnerability
CVE-2024-4358
CWE-287
Critical
Rejetto HTTP File Server SSTI RCE (CVE-2024-23692)
CVE-2024-23692
CWE-1336
Critical
Remote File Inclusion
-
CWE-98
Critical
ScreenConnect Auth bypass (CVE-2024-1709)
CVE-2024-1708
CWE-288
Critical
ServiceNow SSTI (CVE-2024-4879)
CVE-2024-5217
CWE-1287
Critical
SolarWinds Web Help Desk Hardcoded Credential (CVE-2024-28987)
CVE-2024-28987
CWE-798
Critical
SolarWinds Web Help Desk RCE (CVE-2024-28986)
CVE-2024-28986
CWE-502
Critical
SuiteCRM SQL Injection (CVE-2024-36412)
CVE-2024-36412
CWE-89
Critical
SysAid On-Premise RCE (CVE-2023-47246)
CVE-2023-47246
CWE-22
Critical
TeamCity Authentication Bypass (CVE-2024-27198)
CVE-2024-27198
CWE-288
Critical
Kramer VIAware RCE (CVE-2021-36356/CVE-2021-35064)
CVE-2021-35064
CWE-434
Critical
VMware Aria Operations for Networks RCE (CVE-2023-20887)
CVE-2023-20887
CWE-77
Critical
ColdFusion WDDX Deserialization RCE (CVE-2023-44353)
CVE-2023-44353
CWE-502
Critical
Lucee CF_CLIENT_ RCE
-
CWE-200
Critical
Lucee Unset Admin Password
-
CWE-200
Critical
Unrestricted access to Apache HugeGraph
-
CWE-200
Critical
Apache Struts Path traversal (S2-067/CVE-2024-53677, S2-066/CVE-2023-50164)
CVE-2023-50164
CWE-434
Critical
Craft CMS register_argc_argv RCE (CVE-2024-56145)
CVE-2024-56145
CWE-94
Critical
Craft CMS RCE (CVE-2025-32432)
CVE-2025-32432
CWE-470
Critical
CrushFTP Authentication Bypass (CVE-2025-2825)
CVE-2025-2825
CWE-287
Critical
Ingress-Nginx "IngressNightmare" RCE (CVE-2025-1974)
CVE-2025-1974
CWE-653
Critical
Kentico Staging API Authentication Bypass
-
CWE-287
Critical
LLM Command Injection
-
CWE-78
Critical
PAN-OS Management Interface Authentication Bypass (CVE-2025-0108)
CVE-2025-0108
CWE-287
Critical
SAP NetWeaver Visual Composer Unrestricted File Uploading (CVE-2025-31324)
CVE-2025-31324
CWE-434
Critical
Server-Side Request Forgery (Cloud Metadata)
-
CWE-918
Critical
SharePoint "ToolShell" RCE (CVE-2025-49704/CVE-2025-49706/CVE-2025-53770/CVE-2025-53771)
CVE-2025-53771
CWE-287
Critical
Sitecore XM/XP Insecure Deserialization (CVE-2025-27218)
CVE-2025-27218
CWE-502
Critical
ASP.NET ViewState Weak Validation Key
-
CWE-321
Critical
Wing FTP Server RCE (CVE-2025-47812)
CVE-2025-47812
CWE-158
Critical
Citrix NetScaler Memory Disclosure 'Citrix Bleed 2' (CVE-2025-5777)
CVE-2025-5349
CWE-457
Critical
Apache HTTP Server Other Vulnerability (CVE-1999-0067)
CVE-1999-0067
-
Critical
Internet Information Services Other Vulnerability (CVE-1999-0233)
CVE-1999-0233
-
Critical
PHP Other Vulnerability (CVE-1999-0238)
CVE-1999-0238
-
Critical
Internet Information Services Other Vulnerability (CVE-1999-0407)
CVE-1999-0407
-
Critical
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0874)
CVE-1999-0874
CWE-119
Critical
Apache HTTP Server Other Vulnerability (CVE-1999-0926)
CVE-1999-0926
-
Critical
Internet Information Services Permissions, Privileges, and Access Controls Vulnerability (CVE-1999-1011)
CVE-1999-1011
CWE-264
Critical
Oracle HTTP Server Other Vulnerability (CVE-1999-1125)
CVE-1999-1125
-
Critical
Apache HTTP Server Other Vulnerability (CVE-1999-1199)
CVE-1999-1199
-
Critical
Apache HTTP Server Other Vulnerability (CVE-1999-1293)
CVE-1999-1293
-
Critical
Internet Information Services Other Vulnerability (CVE-1999-1376)
CVE-1999-1376
-
Critical
PHP Other Vulnerability (CVE-2000-0059)
CVE-2000-0059
-
Critical
Zope Web Application Server Other Vulnerability (CVE-2000-0062)
CVE-2000-0062
-
Critical
PHP Other Vulnerability (CVE-2000-0967)
CVE-2000-0967
-
Critical
Apache HTTP Server Improper Handling of Case Sensitivity Vulnerability (CVE-2001-0766)
CVE-2001-0766
CWE-178
Critical
Microsoft SQL Server Other Vulnerability (CVE-2002-0721)
CVE-2002-0721
-
Critical
Microsoft SQL Server Other Vulnerability (CVE-2002-1145)
CVE-2002-1145
-
Critical
PostgreSQL Other Vulnerability (CVE-2002-1399)
CVE-2002-1399
-
Critical
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0095)
CVE-2003-0095
CWE-119
Critical
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0096)
CVE-2003-0096
CWE-119
Critical
MySQL Other Vulnerability (CVE-2003-0150)
CVE-2003-0150
-
Critical
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0222)
CVE-2003-0222
CWE-119
Critical
Internet Information Services Other Vulnerability (CVE-2003-0224)
CVE-2003-0224
-
Critical
OpenSSL Double Free Vulnerability (CVE-2003-0545)
CVE-2003-0545
CWE-415
Critical
MySQL Other Vulnerability (CVE-2003-0780)
CVE-2003-0780
-
Critical
Apache HTTP Server CVE-2003-0789 Vulnerability (CVE-2003-0789)
CVE-2003-0789
-
Critical
PHP Other Vulnerability (CVE-2003-0860)
CVE-2003-0860
-
Critical
PHP Other Vulnerability (CVE-2003-0861)
CVE-2003-0861
-
Critical
Apache HTTP Server Other Vulnerability (CVE-2004-0492)
CVE-2004-0492
-
Critical
IBMHttpServer Other Vulnerability (CVE-2004-0492)
CVE-2004-0492
-
Critical
PHP CVE-2004-0542 Vulnerability (CVE-2004-0542)
CVE-2004-0542
-
Critical
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2004-0836)
CVE-2004-0836
CWE-119
Critical
PHP Other Vulnerability (CVE-2004-1018)
CVE-2004-1018
-
Critical
PHP Improper Input Validation Vulnerability (CVE-2004-1019)
CVE-2004-1019
CWE-20
Critical
PHP CVE-2004-1063 Vulnerability (CVE-2004-1063)
CVE-2004-1063
-
Critical
PHP CVE-2004-1064 Vulnerability (CVE-2004-1064)
CVE-2004-1064
-
Critical
PHP Other Vulnerability (CVE-2004-1065)
CVE-2004-1065
-
Critical
phpMyAdmin Other Vulnerability (CVE-2004-1147)
CVE-2004-1147
-
Critical
SugarCRM Other Vulnerability (CVE-2004-1225)
CVE-2004-1225
-
Critical
Oracle Database Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-1363)
CVE-2004-1363
CWE-131
Critical
Oracle Application Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-1363)
CVE-2004-1363
CWE-131
Critical
Oracle Application Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2004-1371)
CVE-2004-1371
CWE-119
Critical
Moodle Other Vulnerability (CVE-2004-2233)
CVE-2004-2233
-
Critical