Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

High Severity Vulnerabilities

Found 12791 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
Chamilo Improper Privilege Management Vulnerability (CVE-2022-27421)
CVE-2022-27421
CWE-269
High
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27426)
CVE-2022-27426
CWE-918
High
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427)
CVE-2022-27427
CWE-94
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-28129)
CVE-2022-28129
CWE-20
High
MediaWiki Release of Invalid Pointer or Reference Vulnerability (CVE-2022-28203)
CVE-2022-28203
CWE-763
High
MediaWiki CVE-2022-28204 Vulnerability (CVE-2022-28204)
CVE-2022-28204
-
High
MediaWiki CVE-2022-28323 Vulnerability (CVE-2022-28323)
CVE-2022-28323
-
High
Ruby Out-of-bounds Read Vulnerability (CVE-2022-28739)
CVE-2022-28739
CWE-125
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981)
CVE-2022-28981
CWE-22
High
Grafana URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29170)
CVE-2022-29170
CWE-601
High
Envoy Proxy Improper Handling of Highly Compressed Data (Data Amplification) Vulnerability (CVE-2022-29225)
CVE-2022-29225
CWE-409
High
Envoy Proxy Use After Free Vulnerability (CVE-2022-29227)
CVE-2022-29227
CWE-416
High
Envoy Proxy Reachable Assertion Vulnerability (CVE-2022-29228)
CVE-2022-29228
CWE-617
High
Drupal Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2022-29248)
CVE-2022-29248
CWE-565
High
Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)
CVE-2022-29885
-
High
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-29933)
CVE-2022-29933
CWE-640
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2022-2048)
CVE-2022-2048
CWE-400
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053)
CVE-2022-2053
CWE-400
High
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2022-2191)
CVE-2022-2191
CWE-404
High
PostgreSQL Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2022-2625)
CVE-2022-2625
CWE-913
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-2986)
CVE-2022-2986
CWE-352
High
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-30522)
CVE-2022-30522
CWE-770
High
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-30556)
CVE-2022-30556
CWE-200
High
Lighttpd Uncontrolled Resource Consumption Vulnerability (CVE-2022-30780)
CVE-2022-30780
CWE-400
High
Play Framework Uncontrolled Resource Consumption Vulnerability (CVE-2022-31018)
CVE-2022-31018
CWE-400
High
Play Framework Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2022-31023)
CVE-2022-31023
CWE-209
High
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050)
CVE-2022-31050
CWE-613
High
Grafana Incorrect Authorization Vulnerability (CVE-2022-31107)
CVE-2022-31107
CWE-863
High
Grafana Improper Verification of Cryptographic Signature Vulnerability (CVE-2022-31123)
CVE-2022-31123
CWE-347
High
Moment.js Other Vulnerability (CVE-2022-31129)
CVE-2022-31129
-
High
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130)
CVE-2022-31130
CWE-522
High
jQuery Validation Other Vulnerability (CVE-2022-31147)
CVE-2022-31147
-
High
XWiki CVE-2022-31166 Vulnerability (CVE-2022-31166)
CVE-2022-31166
-
High
PHP Release of Invalid Pointer or Reference Vulnerability (CVE-2022-31625)
CVE-2022-31625
CWE-763
High
PHP Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-31626)
CVE-2022-31626
CWE-120
High
PHP Out-of-bounds Read Vulnerability (CVE-2022-31630)
CVE-2022-31630
CWE-125
High
ownCloud Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-31649)
CVE-2022-31649
CWE-668
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31778)
CVE-2022-31778
CWE-20
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31779)
CVE-2022-31779
CWE-20
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31780)
CVE-2022-31780
CWE-20
High
osTicket Session Fixation Vulnerability (CVE-2022-31888)
CVE-2022-31888
CWE-384
High
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-32275)
CVE-2022-32275
CWE-22
High
Grafana Improper Authentication Vulnerability (CVE-2022-32276)
CVE-2022-32276
CWE-287
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-32297)
CVE-2022-32297
CWE-138
High
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-32749)
CVE-2022-32749
CWE-754
High
OpenVPN AS Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-33737)
CVE-2022-33737
CWE-532
High
OpenVPN AS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-33738)
CVE-2022-33738
CWE-338
High
Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037)
CVE-2022-34037
CWE-125
High
Oracle JRE Incorrect Conversion between Numeric Types Vulnerability (CVE-2022-34169)
CVE-2022-34169
CWE-681
High
Jenkins Observable Discrepancy Vulnerability (CVE-2022-34174)
CVE-2022-34174
CWE-203
High
Jenkins Incorrect Authorization Vulnerability (CVE-2022-34175)
CVE-2022-34175
CWE-863
High
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2022-34253)
CVE-2022-34253
CWE-91
High
Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-34254)
CVE-2022-34254
CWE-22
High
Magento Incorrect Authorization Vulnerability (CVE-2022-34255)
CVE-2022-34255
CWE-863
High
Skipper Incorrect Authorization Vulnerability (CVE-2022-34296)
CVE-2022-34296
CWE-863
High
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-34750)
CVE-2022-34750
CWE-770
High
Moodle Improper Input Validation Vulnerability (CVE-2022-35650)
CVE-2022-35650
CWE-20
High
Sqlite Improper Validation of Array Index Vulnerability (CVE-2022-35737)
CVE-2022-35737
CWE-129
High
SharePoint CVE-2022-35823 Vulnerability (CVE-2022-35823)
CVE-2022-35823
-
High
RubyGems Improper Authentication Vulnerability (CVE-2022-36073)
CVE-2022-36073
CWE-287
High
XWiki Other Vulnerability (CVE-2022-36090)
CVE-2022-36090
-
High
XWiki Missing Authorization Vulnerability (CVE-2022-36091)
CVE-2022-36091
CWE-862
High
XWiki Improper Authentication Vulnerability (CVE-2022-36092)
CVE-2022-36092
CWE-287
High
XWiki Improper Authentication Vulnerability (CVE-2022-36093)
CVE-2022-36093
CWE-287
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36099)
CVE-2022-36099
CWE-116
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36100)
CVE-2022-36100
CWE-116
High
TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-36104)
CVE-2022-36104
CWE-770
High
Django Download of Code Without Integrity Check Vulnerability (CVE-2022-36359)
CVE-2022-36359
CWE-494
High
Payara Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-37422)
CVE-2022-37422
CWE-22
High
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2022-37783)
CVE-2022-37783
CWE-311
High
Lighttpd NULL Pointer Dereference Vulnerability (CVE-2022-37797)
CVE-2022-37797
CWE-476
High
SharePoint CVE-2022-37961 Vulnerability (CVE-2022-37961)
CVE-2022-37961
-
High
SharePoint CVE-2022-38008 Vulnerability (CVE-2022-38008)
CVE-2022-38008
-
High
SharePoint CVE-2022-38009 Vulnerability (CVE-2022-38009)
CVE-2022-38009
-
High
SharePoint CVE-2022-38053 Vulnerability (CVE-2022-38053)
CVE-2022-38053
-
High