🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-8626)
CVE-2014-8626
CWE-119
High
WebLogic CVE-2022-21441 Vulnerability (CVE-2022-21441)
CVE-2022-21441
-
High
WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-21371)
CVE-2022-21371
CWE-22
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-9115)
CVE-2014-9115
CWE-138
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-9240)
CVE-2014-9240
CWE-138
High
MediaWiki Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2014-9277)
CVE-2014-9277
CWE-138
High
PHP Other Vulnerability (CVE-2014-9425)
CVE-2014-9425
-
High
PHP DEPRECATED: Code Vulnerability (CVE-2014-9426)
CVE-2014-9426
-
High
MySQL CVE-2022-21351 Vulnerability (CVE-2022-21351)
CVE-2022-21351
-
High
Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-8083)
CVE-2014-8083
CWE-138
High
TYPO3 Improper Input Validation Vulnerability (CVE-2014-9509)
CVE-2014-9509
CWE-20
High
PHP Improper Input Validation Vulnerability (CVE-2014-9653)
CVE-2014-9653
CWE-20
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-9705)
CVE-2014-9705
CWE-119
High
WebLogic CVE-2022-21292 Vulnerability (CVE-2022-21292)
CVE-2022-21292
-
High
PHP Other Vulnerability (CVE-2015-0231)
CVE-2015-0231
-
High
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-0241)
CVE-2015-0241
CWE-120
High
PostgreSQL Out-of-bounds Write Vulnerability (CVE-2015-0242)
CVE-2015-0242
CWE-787
High
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-0243)
CVE-2015-0243
CWE-120
High
Collabtive Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2015-0258)
CVE-2015-0258
CWE-434
High
PHP Other Vulnerability (CVE-2015-0273)
CVE-2015-0273
-
High
MySQL CVE-2022-21278 Vulnerability (CVE-2022-21278)
CVE-2022-21278
-
High
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-0292)
CVE-2015-0292
CWE-119
High
MySQL CVE-2015-0411 Vulnerability (CVE-2015-0411)
CVE-2015-0411
-
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-1552)
CVE-2022-1552
CWE-138
High
SharePoint CVE-2022-37961 Vulnerability (CVE-2022-37961)
CVE-2022-37961
-
High
SharePoint CVE-2019-1205 Vulnerability (CVE-2019-1205)
CVE-2019-1205
-
High
SharePoint CVE-2019-1201 Vulnerability (CVE-2019-1201)
CVE-2019-1201
-
High
SharePoint CVE-2022-21837 Vulnerability (CVE-2022-21837)
CVE-2022-21837
-
High
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-23498)
CVE-2022-23498
CWE-200
High
Sqlite Other Vulnerability (CVE-2019-20218)
CVE-2019-20218
-
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2022-23307)
CVE-2022-23307
CWE-502
High
MySQL CVE-2014-6491 Vulnerability (CVE-2014-6491)
CVE-2014-6491
-
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2022-23302)
CVE-2022-23302
CWE-502
High
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)
CVE-2022-23181
CWE-367
High
MySQL CVE-2014-6500 Vulnerability (CVE-2014-6500)
CVE-2014-6500
-
High
WebLogic CVE-2020-14639 Vulnerability (CVE-2020-14639)
CVE-2020-14639
-
High
OpenSSL Cryptographic Issues Vulnerability (CVE-2019-1543)
CVE-2019-1543
-
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-1296)
CVE-2019-1296
CWE-20
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-1295)
CVE-2019-1295
CWE-20
High
Oracle HTTP Server Improper Initialization Vulnerability (CVE-2022-22719)
CVE-2022-22719
CWE-665
High
SharePoint Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-1261)
CVE-2019-1261
CWE-352
High
Next.js CVE-2022-21721 Vulnerability (CVE-2022-21721)
CVE-2022-21721
-
High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)
CVE-2014-7984
CWE-264
High
Twisted Web HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716)
CVE-2022-21716
CWE-120
High
Oracle HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716)
CVE-2022-21716
CWE-120
High
Joomla Improper Authentication Vulnerability (CVE-2014-6632)
CVE-2014-6632
CWE-287
High
Twisted Web HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21712)
CVE-2022-21712
CWE-200
High
Grafana Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-21703)
CVE-2022-21703
CWE-352
High
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2014-7143)
CVE-2014-7143
CWE-295
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-1257)
CVE-2019-1257
CWE-20
High
Joomla Cryptographic Issues Vulnerability (CVE-2014-7228)
CVE-2014-7228
-
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-21664)
CVE-2022-21664
CWE-138
High
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2022-21663)
CVE-2022-21663
CWE-502
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-21661)
CVE-2022-21661
CWE-138
High
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2022-21655)
CVE-2022-21655
CWE-670
High
Moodle Credentials Management Errors Vulnerability (CVE-2014-7845)
CVE-2014-7845
-
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7981)
CVE-2014-7981
CWE-138
High
OpenSSL Incomplete Cleanup Vulnerability (CVE-2022-1473)
CVE-2022-1473
CWE-459
High
Undertow Unchecked Return Value Vulnerability (CVE-2022-1319)
CVE-2022-1319
CWE-252
High
Atlassian Jira CVE-2021-43947 Vulnerability (CVE-2021-43947)
CVE-2021-43947
-
High
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-44967)
CVE-2021-44967
CWE-434
High
Play Framework Improper Input Validation Vulnerability (CVE-2015-2156)
CVE-2015-2156
CWE-20
High
Roundcube Multiple Buffer Overflow Vulnerabilities (CVE-2015-2181)
CVE-2015-2181
-
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-2213)
CVE-2015-2213
CWE-138
High
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)
CVE-2021-4044
CWE-835
High
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-4034)
CVE-2021-4034
CWE-787
High
MediaWiki Uncontrolled Resource Consumption Vulnerability (CVE-2021-46149)
CVE-2021-46149
CWE-400
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-46147)
CVE-2021-46147
CWE-352
High
PHP Other Vulnerability (CVE-2015-2301)
CVE-2015-2301
-
High
PHP Out-of-bounds Read Vulnerability (CVE-2015-2325)
CVE-2015-2325
CWE-125
High
PHP Numeric Errors Vulnerability (CVE-2015-2331)
CVE-2015-2331
-
High
MyBB CVE-2015-2352 Vulnerability (CVE-2015-2352)
CVE-2015-2352
-
High
Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)
CVE-2021-45116
CWE-668
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2021-45115)
CVE-2021-45115
CWE-400
High
Sqlite Other Vulnerability (CVE-2019-19959)
CVE-2019-19959
-
High
«
1
...
25
26
27
...
200
»