Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
UAParser.js Other Vulnerability (CVE-2021-27292)
CVE-2021-27292
-
High
GlassFish CVE-2018-3152 Vulnerability (CVE-2018-3152)
CVE-2018-3152
-
High
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117)
CVE-2021-27117
CWE-59
High
Osclass Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-8084)
CVE-2014-8084
CWE-22
High
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116)
CVE-2021-27116
CWE-59
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-1441)
CVE-2015-1441
CWE-138
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-26690)
CVE-2021-26690
CWE-476
High
Lodash Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-8203)
CVE-2020-8203
CWE-1321
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)
CVE-2019-19343
CWE-400
High
Oracle HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-0217)
CVE-2019-0217
CWE-362
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-9705)
CVE-2014-9705
CWE-119
High
Squid Improper Input Validation Vulnerability (CVE-2020-8517)
CVE-2020-8517
CWE-20
High
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-0217)
CVE-2019-0217
CWE-362
High
SharePoint CVE-2021-26420 Vulnerability (CVE-2021-26420)
CVE-2021-26420
-
High
SharePoint CVE-2021-26418 Vulnerability (CVE-2021-26418)
CVE-2021-26418
-
High
Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-8083)
CVE-2014-8083
CWE-138
High
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21380)
CVE-2021-21380
CWE-138
High
Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)
CVE-2020-8162
CWE-434
High
Apache HTTP Server CVE-2019-0215 Vulnerability (CVE-2019-0215)
CVE-2019-0215
-
High
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-8663)
CVE-2020-8663
CWE-400
High
Jenkins Session Fixation Vulnerability (CVE-2021-21671)
CVE-2021-21671
CWE-384
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27890)
CVE-2021-27890
CWE-138
High
silverstripeCMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-9280)
CVE-2020-9280
CWE-434
High
OpenSSL Cryptographic Issues Vulnerability (CVE-2019-1543)
CVE-2019-1543
-
High
e107 Inadequate Encryption Strength Vulnerability (CVE-2021-27885)
CVE-2021-27885
CWE-326
High
Apache Traffic Server Remote DOS Attack (CVE-2021-27737)
CVE-2021-27737
-
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583)
CVE-2015-1583
CWE-352
High
Pega Infinity Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-27654)
CVE-2021-27654
CWE-640
High
Python Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20907)
CVE-2019-20907
CWE-835
High
SharePoint CVE-2019-0585 Vulnerability (CVE-2019-0585)
CVE-2019-0585
-
High
Java Unspesificed Vulnerability (CVE-2018-3149)
CVE-2018-3149
-
High
PHP Other Vulnerability (CVE-2014-8142)
CVE-2014-8142
-
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-27577)
CVE-2021-27577
CWE-444
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-0594)
CVE-2019-0594
CWE-20
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-20187)
CVE-2021-20187
CWE-94
High
Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)
CVE-2021-27358
-
High
PHP Improper Input Validation Vulnerability (CVE-2014-9653)
CVE-2014-9653
CWE-20
High
OpenSSL Improper Input Validation Vulnerability (CVE-2014-3567)
CVE-2014-3567
CWE-20
High
Jenkins Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3666)
CVE-2014-3666
CWE-94
High
PHP Numeric Errors Vulnerability (CVE-2014-3669)
CVE-2014-3669
-
High
PHP Other Vulnerability (CVE-2014-9425)
CVE-2014-9425
-
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-0205)
CVE-2019-0205
CWE-835
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-25122)
CVE-2021-25122
CWE-200
High
Ampache Improper Access Control Vulnerability (CVE-2021-21399)
CVE-2021-21399
CWE-284
High
OpenSSL Integer Overflow or Wraparound Vulnerability (CVE-2021-23840)
CVE-2021-23840
CWE-190
High
Apache Tomcat Improper Certificate Validation Vulnerability (CVE-2018-8034)
CVE-2018-8034
CWE-295
High
Jboss EAP Out-of-bounds Read Vulnerability (CVE-2019-0210)
CVE-2019-0210
CWE-125
High
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5745)
CVE-2020-5745
CWE-707
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850)
CVE-2019-19850
CWE-138
High
PHP Use After Free Vulnerability (CVE-2015-1351)
CVE-2015-1351
CWE-416
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2019-0199)
CVE-2019-0199
CWE-400
High
FrontAccounting Multiple SQL Injection Vulnerabilities (CVE-2014-3973)
CVE-2014-3973
-
High
Sqlite Other Vulnerability (CVE-2019-20218)
CVE-2019-20218
-
High
Underscore.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-23358)
CVE-2021-23358
CWE-94
High
Moodle Credentials Management Errors Vulnerability (CVE-2014-7845)
CVE-2014-7845
-
High
Lodash Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-23337)
CVE-2021-23337
CWE-138
High
IBM WebSEAL Insufficiently Protected Credentials Vulnerability (CVE-2021-20439)
CVE-2021-20439
CWE-522
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-23214)
CVE-2021-23214
CWE-138
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)
CVE-2021-23163
CWE-352
High
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21030)
CVE-2021-21030
CWE-707
High
Apache HTTP Server Use After Free Vulnerability (CVE-2019-0211)
CVE-2019-0211
CWE-416
High
Craft CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-3814)
CVE-2018-3814
CWE-434
High
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3704)
CVE-2014-3704
CWE-138
High
Squid Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-8449)
CVE-2020-8449
CWE-668
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-5504)
CVE-2020-5504
CWE-138
High
osTicket CVE-2018-7195 Vulnerability (CVE-2018-7195)
CVE-2018-7195
-
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-8450)
CVE-2020-8450
CWE-119
High
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-26070)
CVE-2021-26070
CWE-287
High
Joomla Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-26038)
CVE-2021-26038
CWE-754
High
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3834)
CVE-2014-3834
CWE-264
High
ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-7201)
CVE-2018-7201
CWE-1236
High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)
CVE-2014-7984
CWE-264
High
Atlassian Jira CVE-2018-5231 Vulnerability (CVE-2018-5231)
CVE-2018-5231
-
High
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329)
CVE-2021-25329
CWE-502
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-8022)
CVE-2018-8022
CWE-20
High