🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ High Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
High Severity Vulnerabilities
Found
13053 vulnerabilities
at
High
severity.
Vulnerability Name
CVE
CWE
Severity
SharePoint CVE-2020-0980 Vulnerability (CVE-2020-0980)
CVE-2020-0980
-
High
Joomla Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-10238)
CVE-2020-10238
CWE-668
High
Joomla Missing Authorization Vulnerability (CVE-2020-10239)
CVE-2020-10239
CWE-862
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-10241)
CVE-2020-10241
CWE-352
High
ownCloud Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-10252)
CVE-2020-10252
CWE-918
High
WebLogic Other Vulnerability (CVE-2020-10672)
CVE-2020-10672
-
High
WebLogic Other Vulnerability (CVE-2020-10673)
CVE-2020-10673
-
High
Undertow Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-10705)
CVE-2020-10705
CWE-119
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-10705)
CVE-2020-10705
CWE-770
High
PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-10733)
CVE-2020-10733
CWE-426
High
Python Incorrect Type Conversion or Cast Vulnerability (CVE-2020-10735)
CVE-2020-10735
CWE-704
High
Moodle Improper Input Validation Vulnerability (CVE-2020-10738)
CVE-2020-10738
CWE-20
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10802)
CVE-2020-10802
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10804)
CVE-2020-10804
CWE-138
High
Perl Integer Overflow or Wraparound Vulnerability (CVE-2020-10878)
CVE-2020-10878
CWE-190
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10968)
CVE-2020-10968
CWE-502
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10969)
CVE-2020-10969
CWE-502
High
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2020-11027)
CVE-2020-11027
CWE-640
High
WordPress Missing Authentication for Critical Function Vulnerability (CVE-2020-11028)
CVE-2020-11028
CWE-306
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-11057)
CVE-2020-11057
CWE-94
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-11067)
CVE-2020-11067
CWE-502
High
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069)
CVE-2020-11069
CWE-352
High
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2020-11080)
CVE-2020-11080
CWE-400
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11111)
CVE-2020-11111
CWE-502
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11112)
CVE-2020-11112
CWE-502
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11113)
CVE-2020-11113
CWE-502
High
OpenVPN AS Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2020-11462)
CVE-2020-11462
CWE-776
High
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11476)
CVE-2020-11476
CWE-434
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11619)
CVE-2020-11619
CWE-502
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11620)
CVE-2020-11620
CWE-502
High
Sqlite Improper Initialization Vulnerability (CVE-2020-11655)
CVE-2020-11655
CWE-665
High
MySQL Improper Initialization Vulnerability (CVE-2020-11655)
CVE-2020-11655
CWE-665
High
Open Resty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11724)
CVE-2020-11724
CWE-444
High
Rukovoditel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11818)
CVE-2020-11818
CWE-352
High
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11825)
CVE-2020-11825
CWE-352
High
WebLogic Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-11987)
CVE-2020-11987
CWE-918
High
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11993)
CVE-2020-11993
CWE-444
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2020-11996)
CVE-2020-11996
CWE-400
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-12461)
CVE-2020-12461
CWE-138
High
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-12603)
CVE-2020-12603
CWE-400
High
Envoy Proxy Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-12604)
CVE-2020-12604
CWE-119
High
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-12605)
CVE-2020-12605
CWE-400
High
Dolibarr Incorrect Authorization Vulnerability (CVE-2020-12669)
CVE-2020-12669
CWE-863
High
Perl Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-12723)
CVE-2020-12723
CWE-120
High
Cherokee NULL Pointer Dereference Vulnerability (CVE-2020-12845)
CVE-2020-12845
CWE-476
High
Grafana Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-13379)
CVE-2020-13379
CWE-918
High
Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)
CVE-2020-13445
CWE-138
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13587)
CVE-2020-13587
CWE-138
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13588)
CVE-2020-13588
CWE-138
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13589)
CVE-2020-13589
CWE-138
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13590)
CVE-2020-13590
CWE-138
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13591)
CVE-2020-13591
CWE-138
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13592)
CVE-2020-13592
CWE-138
High
Sqlite Use After Free Vulnerability (CVE-2020-13630)
CVE-2020-13630
CWE-416
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654)
CVE-2020-13654
CWE-116
High
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13663)
CVE-2020-13663
CWE-352
High
Drupal Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-13664)
CVE-2020-13664
CWE-138
High
Drupal Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-13670)
CVE-2020-13670
CWE-668
High
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13671)
CVE-2020-13671
CWE-434
High
Drupal Improper Access Control Vulnerability (CVE-2020-13677)
CVE-2020-13677
CWE-284
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13760)
CVE-2020-13760
CWE-352
High
Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)
CVE-2020-13763
CWE-281
High
Sqlite Use After Free Vulnerability (CVE-2020-13871)
CVE-2020-13871
CWE-416
High
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-13934)
CVE-2020-13934
CWE-119
High
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2020-13935)
CVE-2020-13935
CWE-835
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-13950)
CVE-2020-13950
CWE-476
High
Squid NULL Pointer Dereference Vulnerability (CVE-2020-14058)
CVE-2020-14058
CWE-476
High
Atlassian Jira CVE-2020-14167 Vulnerability (CVE-2020-14167)
CVE-2020-14167
-
High
Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)
CVE-2020-14178
-
High
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-14209)
CVE-2020-14209
CWE-434
High
Moodle Incorrect Authorization Vulnerability (CVE-2020-14321)
CVE-2020-14321
CWE-863
High
Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-14322)
CVE-2020-14322
CWE-770
High
PostgreSQL Uncontrolled Search Path Element Vulnerability (CVE-2020-14349)
CVE-2020-14349
CWE-427
High
PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-14350)
CVE-2020-14350
CWE-426
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)
CVE-2020-14384
CWE-400
High
« Previous
1
...
39
40
41
42
43
44
45
46
...
175
Next »
