Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Denial Of Service

This page lists 111 vulnerabilities in this category.

High: 81 Medium: 29 Low: 1
Vulnerability Name
CVE
CWE
Severity
Deserialization of Untrusted Data (Java JSON Deserialization) Jackson
CVE-2017-7525
CWE-502
High
Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296)
CVE-2018-0296
CWE-22
High
Apache mod_rewrite off-by-one buffer overflow vulnerability
CVE-2006-3747
CWE-189
High
Deserialization of Untrusted Data (Java JSON Deserialization) Genson
-
CWE-502
High
ColdFusion AMF Deserialization RCE
CVE-2017-3066
CWE-502
High
JavaMelody XML External Entity (XXE) vulnerability
CVE-2018-15531
CWE-611
High
Apache 2.x version older than 2.2.3
CVE-2006-3747
CWE-189
Medium
Apache httpd remote denial of service
CVE-2011-3192
CWE-399
Medium
PHP4 IMAP module buffer overflow vulnerability
-
CWE-119
Medium
PHP version older than 4.3.8
CVE-2004-0595
CWE-1104
Medium
PHP HTTP POST incorrect MIME header parsing vulnerability
CVE-2002-0717
CWE-20
Medium
Apache version older than 1.3.39
CVE-2007-3304
CWE-79
Medium
Apache 2.x version older than 2.2.8
CVE-2008-0005
CWE-79
Medium
Apache 2.x version older than 2.2.6
CVE-2007-3847
CWE-20
Medium
Apache 2.x version older than 2.0.61
CVE-2007-3847
CWE-701
Medium
nginx range filter integer overflow
CVE-2017-7529
CWE-200
Medium
PHP object deserialization of user-supplied data
-
CWE-20
Medium
Apache version older than 1.3.41
CVE-2007-6388
CWE-79
Medium
GraphQL Alias Overloading Allowed: Potential Denial of Service Vulnerability
-
CWE-400
Medium
Apache 2.x version older than 2.0.49
CVE-2004-0174
CWE-20
Medium
Web Cache Poisoning DoS
-
CWE-400
Medium
Web Cache Poisoning DoS (for javascript)
-
CWE-400
Medium
Node.js Web Application does not handle uncaughtException
-
CWE-248
Medium
Node.js Web Application does not handle unhandledRejection
-
CWE-248
Medium
PHP hangs on parsing particular strings as floating point number
CVE-2010-4645
CWE-189
Medium
GraphQL Circular-Query via Introspection Allowed: Potential DoS Vulnerability
-
CWE-400
Medium
Apache mod_jk access control bypass
CVE-2018-11759
CWE-918
Medium
Unchecked GraphQL Query Length: Potential Denial of Service Vulnerability
-
CWE-400
Medium
GraphQL Array-based Query Batching Allowed: Potential Batching Attack Vulnerability
-
CWE-770
Medium
PHP unserialize() used on user input
-
CWE-20
Medium
PHP preg_replace used on user input
-
CWE-20
Medium
PHP multipart/form-data denial of service
CVE-2009-4017
CWE-400
Medium
Apache 2.x version older than 2.2.9
CVE-2008-2364
CWE-399
Medium
Python object deserialization of user-supplied data
-
CWE-20
Medium
Apache 2.x version older than 2.0.48
CVE-2003-0789
CWE-119
Medium
Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed
-
CWE-16
Low