Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

High Severity Vulnerabilities

Found 12791 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2025-26642)
CVE-2025-26642
CWE-190
High
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2025-27747)
CVE-2025-27747
CWE-822
High
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2025-29087)
CVE-2025-29087
CWE-190
High
Seo Panel Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29451)
CVE-2025-29451
CWE-918
High
Seo Panel Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29452)
CVE-2025-29452
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29457)
CVE-2025-29457
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29458)
CVE-2025-29458
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29459)
CVE-2025-29459
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29460)
CVE-2025-29460
CWE-918
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-29793)
CVE-2025-29793
CWE-502
High
SharePoint Improper Authorization Vulnerability (CVE-2025-29794)
CVE-2025-29794
CWE-285
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-29924)
CVE-2025-29924
CWE-863
High
SharePoint CVE-2025-29976 Vulnerability (CVE-2025-29976)
CVE-2025-29976
-
High
MOVEit Transfer Improper Privilege Management Vulnerability (CVE-2025-2324)
CVE-2025-2324
CWE-269
High
GeoServer Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-30145)
CVE-2025-30145
CWE-835
High
Envoy Proxy CVE-2025-30157 Vulnerability (CVE-2025-30157)
CVE-2025-30157
-
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-30378)
CVE-2025-30378
CWE-502
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-30382)
CVE-2025-30382
CWE-502
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-30384)
CVE-2025-30384
CWE-502
High
Oracle JRE CVE-2025-30749 Vulnerability (CVE-2025-30749)
CVE-2025-30749
-
High
Oracle Database Server Incorrect Authorization Vulnerability (CVE-2025-30751)
CVE-2025-30751
CWE-863
High
WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2025-30762)
CVE-2025-30762
CWE-306
High
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2025-31650)
CVE-2025-31650
CWE-459
High
Drupal Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2025-31674)
CVE-2025-31674
CWE-913
High
Apache Traffic Server Improper Access Control Vulnerability (CVE-2025-31698)
CVE-2025-31698
CWE-284
High
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-32044)
CVE-2025-32044
CWE-200
High
EspoCRM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2025-32390)
CVE-2025-32390
CWE-138
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-32873)
CVE-2025-32873
CWE-770
High
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968)
CVE-2025-32968
CWE-138
High
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-3625)
CVE-2025-3625
CWE-639
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-3638)
CVE-2025-3638
CWE-352
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3641)
CVE-2025-3641
CWE-94
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3642)
CVE-2025-3642
CWE-94
High
Mailman Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-43919)
CVE-2025-43919
CWE-22
High
Mailman Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2025-43920)
CVE-2025-43920
CWE-138
High
Apache Tomcat Improper Handling of Case Sensitivity Vulnerability (CVE-2025-46701)
CVE-2025-46701
CWE-178
High
Craft CMS Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2025-46731)
CVE-2025-46731
CWE-138
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-47163)
CVE-2025-47163
CWE-502
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-47166)
CVE-2025-47166
CWE-502
High
SharePoint Use After Free Vulnerability (CVE-2025-47168)
CVE-2025-47168
CWE-416
High
SharePoint Heap-based Buffer Overflow Vulnerability (CVE-2025-47169)
CVE-2025-47169
CWE-122
High
SharePoint Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-47172)
CVE-2025-47172
CWE-138
High
TYPO3 Unverified Ownership Vulnerability (CVE-2025-47940)
CVE-2025-47940
CWE-283
High
TYPO3 Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-47941)
CVE-2025-47941
CWE-288
High
XWikiplatform CVE-2025-48063 Vulnerability (CVE-2025-48063)
CVE-2025-48063
-
High
MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-48940)
CVE-2025-48940
CWE-22
High
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-48988)
CVE-2025-48988
CWE-770
High
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2025-48989)
CVE-2025-48989
CWE-404
High
Apache Tomcat Untrusted Search Path Vulnerability (CVE-2025-49124)
CVE-2025-49124
CWE-426
High
Apache Tomcat Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-49125)
CVE-2025-49125
CWE-288
High
XWikiplatform Incorrect Privilege Assignment Vulnerability (CVE-2025-49580)
CVE-2025-49580
CWE-266
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49581)
CVE-2025-49581
CWE-94
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49582)
CVE-2025-49582
CWE-357
High
XWikiplatform Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-49584)
CVE-2025-49584
CWE-201
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49585)
CVE-2025-49585
CWE-357
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-49586)
CVE-2025-49586
CWE-863
High
XWikiplatform Insufficient UI Warning of Dangerous Operations Vulnerability (CVE-2025-49587)
CVE-2025-49587
CWE-357
High
Apache HTTP Server Reachable Assertion Vulnerability (CVE-2025-49630)
CVE-2025-49630
CWE-617
High
SharePoint Improper Authorization Vulnerability (CVE-2025-49701)
CVE-2025-49701
CWE-285
High
SharePoint Use After Free Vulnerability (CVE-2025-49703)
CVE-2025-49703
CWE-416
High
SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-49704)
CVE-2025-49704
CWE-94
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-49712)
CVE-2025-49712
CWE-502
High
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2025-49763)
CVE-2025-49763
CWE-400
High
Apache HTTP Server Improper Authentication Vulnerability (CVE-2025-49812)
CVE-2025-49812
CWE-287
High
Next.js Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-49826)
CVE-2025-49826
-
High
Oracle JRE Improper Access Control Vulnerability (CVE-2025-50059)
CVE-2025-50059
CWE-284
High
Oracle JRE CVE-2025-50106 Vulnerability (CVE-2025-50106)
CVE-2025-50106
-
High
AbanteCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-50971)
CVE-2025-50971
CWE-22
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-51991)
CVE-2025-51991
CWE-94
High
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-52434)
CVE-2025-52434
CWE-362
High
Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2025-52520)
CVE-2025-52520
CWE-190
High
Apache HTTP Server Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-53020)
CVE-2025-53020
CWE-401
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2025-53506)
CVE-2025-53506
CWE-400
High
SharePoint Incorrect Conversion between Numeric Types Vulnerability (CVE-2025-53733)
CVE-2025-53733
CWE-681
High
SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-53760)
CVE-2025-53760
CWE-918
High