🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)
CVE-2021-4104
CWE-502
High
Artifactory Improper Input Validation Vulnerability (CVE-2019-19937)
CVE-2019-19937
CWE-20
High
MediaWiki Incorrect Default Permissions Vulnerability (CVE-2021-44858)
CVE-2021-44858
CWE-276
High
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759)
CVE-2021-44759
CWE-287
High
ownCloud Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-44537)
CVE-2021-44537
CWE-138
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19926)
CVE-2019-19926
CWE-476
High
Django Improper Authentication Vulnerability (CVE-2021-44420)
CVE-2021-44420
CWE-287
High
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-44227)
CVE-2021-44227
CWE-352
High
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-44224)
CVE-2021-44224
CWE-476
High
Resin Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-44138)
CVE-2021-44138
CWE-22
High
Mailman Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2775)
CVE-2015-2775
CWE-22
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-44040)
CVE-2021-44040
CWE-20
High
PHP Other Vulnerability (CVE-2015-2787)
CVE-2015-2787
-
High
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2936)
CVE-2015-2936
-
High
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2937)
CVE-2015-2937
-
High
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2080)
CVE-2015-2080
CWE-200
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)
CVE-2021-4104
CWE-502
High
Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259)
CVE-2022-1259
-
High
Python Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-0391)
CVE-2022-0391
CWE-138
High
Jboss EAP CVE-2022-1259 Vulnerability (CVE-2022-1259)
CVE-2022-1259
-
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0983)
CVE-2022-0983
CWE-138
High
Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)
CVE-2022-0853
CWE-401
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-0819)
CVE-2022-0819
CWE-94
High
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-0813)
CVE-2022-0813
CWE-200
High
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-0778)
CVE-2022-0778
CWE-835
High
PHP Use After Free Vulnerability (CVE-2015-1351)
CVE-2015-1351
CWE-416
High
Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2019-1068)
CVE-2019-1068
-
High
Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573)
CVE-2022-0573
CWE-502
High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2022-0538)
CVE-2022-0538
CWE-502
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-1441)
CVE-2015-1441
CWE-138
High
Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-0391)
CVE-2022-0391
CWE-138
High
Macromedia Dreamweaver remote database scripts
CVE-2004-1893
CWE-200
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583)
CVE-2015-1583
CWE-352
High
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-1814)
CVE-2015-1814
CWE-264
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0335)
CVE-2022-0335
CWE-352
High
SharePoint CVE-2019-1035 Vulnerability (CVE-2019-1035)
CVE-2019-1035
-
High
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269)
CVE-2022-0269
CWE-352
High
SharePoint CVE-2019-1034 Vulnerability (CVE-2019-1034)
CVE-2019-1034
-
High
MySQL CVE-2020-14663 Vulnerability (CVE-2020-14663)
CVE-2020-14663
-
High
SharePoint Improper Certificate Validation Vulnerability (CVE-2019-1006)
CVE-2019-1006
CWE-295
High
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-1789)
CVE-2015-1789
CWE-119
High
YOURLS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0088)
CVE-2022-0088
CWE-352
High
OpenVPN AS Other Vulnerability (CVE-2021-4234)
CVE-2021-4234
-
High
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)
CVE-2021-4229
CWE-829
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4185)
CVE-2021-4185
CWE-835
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4184)
CVE-2021-4184
CWE-835
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4182)
CVE-2021-4182
CWE-835
High
Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-4181)
CVE-2021-4181
CWE-138
High
Oracle Database Server CVE-2019-2516 Vulnerability (CVE-2019-2516)
CVE-2019-2516
-
High
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18573)
CVE-2018-18573
CWE-94
High
PHP Release of Invalid Pointer or Reference Vulnerability (CVE-2022-31625)
CVE-2022-31625
CWE-763
High
Magento Cryptographic Issues Vulnerability (CVE-2019-7886)
CVE-2019-7886
-
High
Magento CVE-2019-7876 Vulnerability (CVE-2019-7876)
CVE-2019-7876
-
High
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)
CVE-2019-9518
CWE-770
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)
CVE-2019-9518
CWE-770
High
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
CVE-2019-9517
CWE-770
High
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
CVE-2019-9517
CWE-770
High
Magento Improper Input Validation Vulnerability (CVE-2019-7885)
CVE-2019-7885
CWE-20
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
CVE-2019-9517
CWE-770
High
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-1492)
CVE-2013-1492
CWE-119
High
Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7890)
CVE-2019-7890
CWE-639
High
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7892)
CVE-2019-7892
CWE-918
High
Envoy Proxy CVE-2023-27496 Vulnerability (CVE-2023-27496)
CVE-2023-27496
-
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-1468)
CVE-2013-1468
CWE-352
High
CubeCart Improper Input Validation Vulnerability (CVE-2013-1465)
CVE-2013-1465
CWE-20
High
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27522)
CVE-2023-27522
-
High
Joomla Other Vulnerability (CVE-2013-1453)
CVE-2013-1453
-
High
Nexus Repository Manager Incorrect Default Permissions Vulnerability (CVE-2019-9630)
CVE-2019-9630
CWE-276
High
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7871)
CVE-2019-7871
CWE-94
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27728)
CVE-2023-27728
CWE-125
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9675)
CVE-2019-9675
CWE-119
High
XWiki CVE-2023-26474 Vulnerability (CVE-2023-26474)
CVE-2023-26474
-
High
XWiki Improper Privilege Management Vulnerability (CVE-2023-26475)
CVE-2023-26475
CWE-269
High
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476)
CVE-2023-26476
CWE-307
High
Magento Cryptographic Issues Vulnerability (CVE-2019-7860)
CVE-2019-7860
-
High
«
1
...
26
27
28
...
200
»