Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2018-20148)
CVE-2018-20148
CWE-502
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3446)
CVE-2005-3446
-
Critical
Oracle Application Server Other Vulnerability (CVE-2005-3448)
CVE-2005-3448
-
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-20330)
CVE-2019-20330
CWE-502
Critical
Oracle Application Server Other Vulnerability (CVE-2005-3450)
CVE-2005-3450
-
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3444)
CVE-2005-3444
-
Critical
Oracle Application Server Other Vulnerability (CVE-2005-3451)
CVE-2005-3451
-
Critical
Oracle Application Server Other Vulnerability (CVE-2005-3452)
CVE-2005-3452
-
Critical
Oracle Application Server Other Vulnerability (CVE-2005-3453)
CVE-2005-3453
-
Critical
Jetty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7658)
CVE-2017-7658
CWE-444
Critical
Jetty Integer Overflow or Wraparound Vulnerability (CVE-2017-7657)
CVE-2017-7657
CWE-190
Critical
Oracle Database Server CVE-2018-3259 Vulnerability (CVE-2018-3259)
CVE-2018-3259
-
Critical
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-42009)
CVE-2024-42009
CWE-707
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3445)
CVE-2005-3445
-
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3443)
CVE-2005-3443
-
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16943)
CVE-2019-16943
CWE-502
Critical
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-7679)
CVE-2017-7679
CWE-119
Critical
Dolibarr Inadequate Encryption Strength Vulnerability (CVE-2017-7888)
CVE-2017-7888
CWE-326
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2019-8158)
CVE-2019-8158
CWE-91
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-7886)
CVE-2017-7886
CWE-138
Critical
OwnCloud phpinfo Information Disclosure (CVE-2023-49103)
CVE-2023-49103
CWE-200
Critical
IBM WebSEAL CVE-2018-1722 Vulnerability (CVE-2018-1722)
CVE-2018-1722
-
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)
CVE-2019-17267
CWE-502
Critical
WebLogic Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-17195)
CVE-2019-17195
CWE-754
Critical
F5 BIG-IP Request Smuggling (CVE-2023-46747)
CVE-2023-46747
CWE-288
Critical
WebLogic CVE-2019-2856 Vulnerability (CVE-2019-2856)
CVE-2019-2856
-
Critical
Craft CMS RCE (CVE-2023-41892)
CVE-2023-41892
CWE-94
Critical
Improper Authorization in Confluence Server and Data Center (CVE-2023-22518)
CVE-2023-22518
CWE-284
Critical
Broken access control in Confluence Server and Data Center (CVE-2023-22515)
CVE-2023-22515
CWE-284
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3437)
CVE-2005-3437
-
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3438)
CVE-2005-3438
-
Critical
Cisco IOS XE Web UI Authentication Bypass (CVE-2023-20198)
CVE-2023-20198
CWE-287
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3440)
CVE-2005-3440
-
Critical
WordPress Improper Input Validation Vulnerability (CVE-2019-20041)
CVE-2019-20041
CWE-20
Critical
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-42008)
CVE-2024-42008
CWE-707
Critical
Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2019-18801)
CVE-2019-18801
CWE-787
Critical
Squid Missing Authentication for Critical Function Vulnerability (CVE-2019-12524)
CVE-2019-12524
CWE-306
Critical
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-12525)
CVE-2019-12525
CWE-119
Critical
Squid CVE-2019-12523 Vulnerability (CVE-2019-12523)
CVE-2019-12523
-
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-42005)
CVE-2024-42005
CWE-138
Critical
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)
CVE-2019-19849
CWE-502
High
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2020-9481)
CVE-2020-9481
CWE-400
High
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-28651)
CVE-2021-28651
CWE-400
High
MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2736)
CVE-2014-2736
CWE-138
High
MongoDb Insufficient Session Expiration Vulnerability (CVE-2019-2386)
CVE-2019-2386
CWE-613
High
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-9757)
CVE-2020-9757
CWE-138
High
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003003)
CVE-2019-1003003
CWE-613
High
Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28584)
CVE-2021-28584
CWE-22
High
IBM RTC Inadequate Encryption Strength Vulnerability (CVE-2020-4965)
CVE-2020-4965
CWE-326
High
Microsoft SQL Server Elevation of Privilege Vulnerability (CVE-2021-1636)
CVE-2021-1636
-
High
SharePoint CVE-2021-28478 Vulnerability (CVE-2021-28478)
CVE-2021-28478
-
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-2213)
CVE-2015-2213
CWE-138
High
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0958)
CVE-2019-0958
CWE-707
High
Roundcube Multiple Buffer Overflow Vulnerabilities (CVE-2015-2181)
CVE-2015-2181
-
High
Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-28419)
CVE-2021-28419
CWE-138
High
b2evolution Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-28242)
CVE-2021-28242
CWE-138
High
Play Framework Improper Input Validation Vulnerability (CVE-2015-2156)
CVE-2015-2156
CWE-20
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)
CVE-2021-28165
CWE-400
High
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003004)
CVE-2019-1003004
CWE-613
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-28683)
CVE-2021-28683
CWE-476
High
Envoy Proxy Integer Overflow or Wraparound Vulnerability (CVE-2021-28682)
CVE-2021-28682
CWE-190
High
Oracle JRE CVE-2014-2428 Vulnerability (CVE-2014-2428)
CVE-2014-2428
-
High
Oracle JRE CVE-2014-2414 Vulnerability (CVE-2014-2414)
CVE-2014-2414
-
High
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003049)
CVE-2019-1003049
CWE-613
High
Oracle JRE CVE-2014-2423 Vulnerability (CVE-2014-2423)
CVE-2014-2423
-
High
TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355)
CVE-2021-21355
CWE-552
High
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2018-6389)
CVE-2018-6389
CWE-400
High
Oracle JRE CVE-2014-2427 Vulnerability (CVE-2014-2427)
CVE-2014-2427
-
High
PHP Other Vulnerability (CVE-2015-2301)
CVE-2015-2301
-
High
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2020-9484)
CVE-2020-9484
CWE-502
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-0957)
CVE-2019-0957
CWE-20
High
Perl Out-of-bounds Read Vulnerability (CVE-2018-6798)
CVE-2018-6798
CWE-125
High
Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2019-1068)
CVE-2019-1068
-
High
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)
CVE-2021-29047
CWE-287
High
MySQL CVE-2014-6491 Vulnerability (CVE-2014-6491)
CVE-2014-6491
-
High