Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

High Severity Vulnerabilities

Found 12791 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
qdPM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-45855)
CVE-2023-45855
CWE-22
High
GibbonEdu Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-45880)
CVE-2023-45880
CWE-22
High
Werkzeug WSGI Out-of-bounds Write Vulnerability (CVE-2023-46136)
CVE-2023-46136
CWE-787
High
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-46242)
CVE-2023-46242
CWE-352
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46243)
CVE-2023-46243
CWE-94
High
XWiki Incorrect Authorization Vulnerability (CVE-2023-46244)
CVE-2023-46244
CWE-863
High
Next.js CVE-2023-46298 Vulnerability (CVE-2023-46298)
CVE-2023-46298
-
High
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46589)
CVE-2023-46589
-
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-46695)
CVE-2023-46695
CWE-770
High
Squid Improper Certificate Validation Vulnerability (CVE-2023-46724)
CVE-2023-46724
CWE-295
High
Squid NULL Pointer Dereference Vulnerability (CVE-2023-46728)
CVE-2023-46728
CWE-476
High
SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-46815)
CVE-2023-46815
CWE-434
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46816)
CVE-2023-46816
CWE-94
High
Squid Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2023-46847)
CVE-2023-46847
CWE-120
High
Squid Incorrect Conversion between Numeric Types Vulnerability (CVE-2023-46848)
CVE-2023-46848
CWE-681
High
OpenVPN AS Divide By Zero Vulnerability (CVE-2023-46849)
CVE-2023-46849
CWE-369
High
Perl Out-of-bounds Write Vulnerability (CVE-2023-47038)
CVE-2023-47038
CWE-787
High
Perl Out-of-bounds Write Vulnerability (CVE-2023-47039)
CVE-2023-47039
CWE-787
High
Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-47444)
CVE-2023-47444
CWE-94
High
CubeCart Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-47675)
CVE-2023-47675
CWE-138
High
XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)
CVE-2023-48240
CWE-918
High
XWiki CVE-2023-48241 Vulnerability (CVE-2023-48241)
CVE-2023-48241
-
High
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-48293)
CVE-2023-48293
CWE-352
High
Squid Out-of-bounds Read Vulnerability (CVE-2023-49285)
CVE-2023-49285
CWE-125
High
Squid Reachable Assertion Vulnerability (CVE-2023-49286)
CVE-2023-49286
CWE-617
High
Squid Use After Free Vulnerability (CVE-2023-49288)
CVE-2023-49288
CWE-416
High
Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-4197)
CVE-2023-4197
CWE-138
High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4221)
CVE-2023-4221
CWE-138
High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4222)
CVE-2023-4222
CWE-138
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223)
CVE-2023-4223
CWE-434
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4224)
CVE-2023-4224
CWE-434
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4225)
CVE-2023-4225
CWE-434
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4226)
CVE-2023-4226
CWE-434
High
Grafana CVE-2023-4399 Vulnerability (CVE-2023-4399)
CVE-2023-4399
-
High
Jboss EAP Improper Initialization Vulnerability (CVE-2023-4503)
CVE-2023-4503
CWE-665
High
OpenSSL CVE-2023-4807 Vulnerability (CVE-2023-4807)
CVE-2023-4807
-
High
Grafana CVE-2023-4822 Vulnerability (CVE-2023-4822)
CVE-2023-4822
-
High
Squid Uncontrolled Recursion Vulnerability (CVE-2023-50269)
CVE-2023-50269
CWE-674
High
XWiki Cleartext Storage of Sensitive Information Vulnerability (CVE-2023-50719)
CVE-2023-50719
CWE-312
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50721)
CVE-2023-50721
CWE-94
High
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-50722)
CVE-2023-50722
CWE-707
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50723)
CVE-2023-50723
CWE-94
High
GeoServer Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-51444)
CVE-2023-51444
CWE-434
High
OpenSSL CVE-2023-5363 Vulnerability (CVE-2023-5363)
CVE-2023-5363
-
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-5379)
CVE-2023-5379
CWE-770
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5539)
CVE-2023-5539
CWE-94
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5540)
CVE-2023-5540
CWE-94
High
Squid Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-5824)
CVE-2023-5824
CWE-755
High
PostgreSQL Integer Overflow or Wraparound Vulnerability (CVE-2023-5869)
CVE-2023-5869
CWE-190
High
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5965)
CVE-2023-5965
CWE-434
High
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5966)
CVE-2023-5966
CWE-434
High
Wordpress Plugin Backup Migration Files or Directories Accessible to External Parties Vulnerability (CVE-2023-6266)
CVE-2023-6266
CWE-552
High
Wordpress Plugin Backup Migration CVE-2023-6271 Vulnerability (CVE-2023-6271)
CVE-2023-6271
-
High
WP Plugin Contact Form 7 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-6449)
CVE-2023-6449
CWE-434
High
Wordpress Plugin Backup Migration Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-7002)
CVE-2023-7002
CWE-138
High
Microsoft SQL Server CVE-2024-0056 Vulnerability (CVE-2024-0056)
CVE-2024-0056
-
High
Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2024-0669)
CVE-2024-0669
CWE-1021
High
PostgreSQL CVE-2024-0985 Vulnerability (CVE-2024-0985)
CVE-2024-0985
-
High
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-10234)
CVE-2024-10234
CWE-707
High
PostgreSQL Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2024-10979)
CVE-2024-10979
CWE-610
High
PHP Out-of-bounds Write Vulnerability (CVE-2024-11233)
CVE-2024-11233
CWE-787
High
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-11234)
CVE-2024-11234
CWE-138
High
PHP Use After Free Vulnerability (CVE-2024-11235)
CVE-2024-11235
CWE-416
High
Drupal Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-11941)
CVE-2024-11941
CWE-835
High
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2024-13009)
CVE-2024-13009
CWE-404
High
Grafana CVE-2024-1442 Vulnerability (CVE-2024-1442)
CVE-2024-1442
-
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2024-1635)
CVE-2024-1635
CWE-400
High
Oracle JRE CVE-2024-20918 Vulnerability (CVE-2024-20918)
CVE-2024-20918
-
High
WebLogic CVE-2024-20927 Vulnerability (CVE-2024-20927)
CVE-2024-20927
-
High
WebLogic CVE-2024-20931 Vulnerability (CVE-2024-20931)
CVE-2024-20931
-
High
Oracle JRE CVE-2024-20932 Vulnerability (CVE-2024-20932)
CVE-2024-20932
-
High
Oracle JRE CVE-2024-20952 Vulnerability (CVE-2024-20952)
CVE-2024-20952
-
High
WebLogic CVE-2024-21006 Vulnerability (CVE-2024-21006)
CVE-2024-21006
-
High
WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2024-21007)
CVE-2024-21007
CWE-306
High
MySQL CVE-2024-21090 Vulnerability (CVE-2024-21090)
CVE-2024-21090
-
High