🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3512)
CVE-2014-3512
CWE-119
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2022-2048)
CVE-2022-2048
CWE-400
High
XWiki Incorrect Use of Privileged APIs Vulnerability (CVE-2022-24821)
CVE-2022-24821
CWE-648
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053)
CVE-2022-2053
CWE-400
High
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-5017)
CVE-2014-5017
CWE-138
High
qdPM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25669)
CVE-2019-25669
CWE-138
High
phpBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-25685)
CVE-2019-25685
CWE-22
High
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2022-2191)
CVE-2022-2191
CWE-404
High
Jboss EAP Other Vulnerability (CVE-2014-3490)
CVE-2014-3490
-
High
MediaWiki CVE-2022-28204 Vulnerability (CVE-2022-28204)
CVE-2022-28204
-
High
markdown-it Inefficient Regular Expression Complexity Vulnerability (CVE-2015-10005)
CVE-2015-10005
CWE-1333
High
Oracle JRE CVE-2020-14593 Vulnerability (CVE-2020-14593)
CVE-2020-14593
-
High
PHP Improper Input Validation Vulnerability (CVE-2015-4605)
CVE-2015-4605
CWE-20
High
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-42040)
CVE-2021-42040
CWE-835
High
PHP Numeric Errors Vulnerability (CVE-2015-4022)
CVE-2015-4022
-
High
PHP Data Processing Errors Vulnerability (CVE-2015-4025)
CVE-2015-4025
-
High
PHP Data Processing Errors Vulnerability (CVE-2015-4026)
CVE-2015-4026
-
High
PHP Data Processing Errors Vulnerability (CVE-2015-4147)
CVE-2015-4147
-
High
Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)
CVE-2021-41824
CWE-1236
High
Ruby CVE-2021-41819 Vulnerability (CVE-2021-41819)
CVE-2021-41819
-
High
Ruby Other Vulnerability (CVE-2021-41817)
CVE-2021-41817
-
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19880)
CVE-2019-19880
CWE-476
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850)
CVE-2019-19850
CWE-138
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)
CVE-2019-19849
CWE-502
High
TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19848)
CVE-2019-19848
CWE-22
High
PHP Improper Input Validation Vulnerability (CVE-2015-4604)
CVE-2015-4604
CWE-20
High
MediaWiki Incorrect Authorization Vulnerability (CVE-2021-41801)
CVE-2021-41801
CWE-863
High
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-42097)
CVE-2021-42097
CWE-352
High
PHP Other Vulnerability (CVE-2015-4644)
CVE-2015-4644
-
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)
CVE-2015-4654
CWE-138
High
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41799)
CVE-2021-41799
CWE-770
High
ownCloud Resource Management Errors Vulnerability (CVE-2015-4717)
CVE-2015-4717
-
High
Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-41773)
CVE-2021-41773
CWE-22
High
concrete5 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4724)
CVE-2015-4724
CWE-138
High
Oracle HTTP Server Other Vulnerability (CVE-2021-41617)
CVE-2021-41617
-
High
Squid Improper Certificate Validation Vulnerability (CVE-2021-41611)
CVE-2021-41611
CWE-295
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-41585)
CVE-2021-41585
CWE-20
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-41524)
CVE-2021-41524
CWE-476
High
SharePoint CVE-2021-41344 Vulnerability (CVE-2021-41344)
CVE-2021-41344
-
High
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41312)
CVE-2021-41312
CWE-287
High
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41307)
CVE-2021-41307
CWE-639
High
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41306)
CVE-2021-41306
CWE-639
High
qdPM Sensitive Information Disclosure Vulnerability (CVE-2015-3881)
CVE-2015-3881
-
High
Sqlite Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-3717)
CVE-2015-3717
CWE-120
High
MySQL CVE-2015-4819 Vulnerability (CVE-2015-4819)
CVE-2015-4819
-
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43559)
CVE-2021-43559
CWE-352
High
Sqlite Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19925)
CVE-2019-19925
CWE-434
High
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3167)
CVE-2015-3167
CWE-200
High
Envoy Proxy Use After Free Vulnerability (CVE-2021-43826)
CVE-2021-43826
CWE-416
High
Envoy Proxy Use After Free Vulnerability (CVE-2021-43825)
CVE-2021-43825
CWE-416
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-43824)
CVE-2021-43824
CWE-476
High
Oracle HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43818)
CVE-2021-43818
CWE-707
High
Next.js CVE-2021-43803 Vulnerability (CVE-2021-43803)
CVE-2021-43803
-
High
Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43798)
CVE-2021-43798
CWE-22
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19923)
CVE-2019-19923
CWE-476
High
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3193)
CVE-2015-3193
CWE-200
High
OpenSSL Other Vulnerability (CVE-2015-3194)
CVE-2015-3194
-
High
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43766)
CVE-2021-43766
CWE-295
High
Lighttpd Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2015-3200)
CVE-2015-3200
CWE-138
High
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498)
CVE-2021-43498
CWE-640
High
MySQL CVE-2020-14678 Vulnerability (CVE-2020-14678)
CVE-2020-14678
-
High
jQuery Validation Other Vulnerability (CVE-2021-43306)
CVE-2021-43306
-
High
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43281)
CVE-2021-43281
CWE-94
High
Moodle Other Vulnerability (CVE-2015-3272)
CVE-2015-3272
-
High
Oracle HTTP Server Uncontrolled Recursion Vulnerability (CVE-2021-42717)
CVE-2021-42717
CWE-674
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3307)
CVE-2015-3307
CWE-119
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3329)
CVE-2015-3329
CWE-119
High
Apache Tomcat Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2021-42340)
CVE-2021-42340
CWE-772
High
Sqlite Use of Uninitialized Resource Vulnerability (CVE-2015-3414)
CVE-2015-3414
CWE-908
High
PHP Use of Uninitialized Resource Vulnerability (CVE-2015-3414)
CVE-2015-3414
CWE-908
High
PHP Improper Resource Shutdown or Release Vulnerability (CVE-2015-3415)
CVE-2015-3415
CWE-404
High
Sqlite Improper Resource Shutdown or Release Vulnerability (CVE-2015-3415)
CVE-2015-3415
CWE-404
High
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)
CVE-2015-3416
CWE-190
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)
CVE-2015-3416
CWE-190
High
Masa CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-42183)
CVE-2021-42183
CWE-22
High
«
1
...
23
24
25
...
200
»