🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Grafana Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-39328)
CVE-2022-39328
CWE-362
High
Dolibarr Incorrect Authorization Vulnerability (CVE-2020-12669)
CVE-2020-12669
CWE-863
High
Lighttpd NULL Pointer Dereference Vulnerability (CVE-2022-37797)
CVE-2022-37797
CWE-476
High
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0050)
CVE-2014-0050
CWE-264
High
Cherokee NULL Pointer Dereference Vulnerability (CVE-2020-12845)
CVE-2020-12845
CWE-476
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13587)
CVE-2020-13587
CWE-138
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36100)
CVE-2022-36100
CWE-116
High
TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-36104)
CVE-2022-36104
CWE-770
High
Django Download of Code Without Integrity Check Vulnerability (CVE-2022-36359)
CVE-2022-36359
CWE-494
High
Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)
CVE-2020-13445
CWE-138
High
Grafana Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-13379)
CVE-2020-13379
CWE-918
High
Perl Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-12723)
CVE-2020-12723
CWE-120
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0185)
CVE-2014-0185
CWE-264
High
PHP Other Vulnerability (CVE-2014-0236)
CVE-2014-0236
-
High
Apache Tomcat Resource Management Errors Vulnerability (CVE-2014-0230)
CVE-2014-0230
-
High
Python Inadequate Encryption Strength Vulnerability (CVE-2014-0224)
CVE-2014-0224
CWE-326
High
Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2014-0224)
CVE-2014-0224
CWE-326
High
OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2014-0224)
CVE-2014-0224
CWE-326
High
Payara Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-37422)
CVE-2022-37422
CWE-22
High
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2022-37783)
CVE-2022-37783
CWE-311
High
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)
CVE-2022-3143
CWE-203
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2022-3358)
CVE-2022-3358
CWE-476
High
WebLogic CVE-2019-2650 Vulnerability (CVE-2019-2650)
CVE-2019-2650
-
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741)
CVE-2022-41741
CWE-787
High
SharePoint CVE-2022-41062 Vulnerability (CVE-2022-41062)
CVE-2022-41062
-
High
ReviveAdserver Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-7149)
CVE-2013-7149
CWE-138
High
Squid Out-of-bounds Read Vulnerability (CVE-2022-41318)
CVE-2022-41318
CWE-125
High
Django Other Vulnerability (CVE-2022-41323)
CVE-2022-41323
-
High
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11993)
CVE-2020-11993
CWE-444
High
Lighttpd Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-41556)
CVE-2022-41556
CWE-401
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41742)
CVE-2022-41742
CWE-787
High
SharePoint CVE-2022-41038 Vulnerability (CVE-2022-41038)
CVE-2022-41038
-
High
WebLogic Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-11987)
CVE-2020-11987
CWE-918
High
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-41927)
CVE-2022-41927
CWE-352
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41928)
CVE-2022-41928
CWE-707
High
XWiki Missing Authorization Vulnerability (CVE-2022-41930)
CVE-2022-41930
CWE-862
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41931)
CVE-2022-41931
CWE-707
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-41934)
CVE-2022-41934
CWE-116
High
MediaWiki Improper Input Validation Vulnerability (CVE-2013-6453)
CVE-2013-6453
CWE-20
High
SharePoint CVE-2022-41061 Vulnerability (CVE-2022-41061)
CVE-2022-41061
-
High
SharePoint CVE-2022-41037 Vulnerability (CVE-2022-41037)
CVE-2022-41037
-
High
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3383)
CVE-2022-3383
-
High
OpenSSL Improper Locking Vulnerability (CVE-2022-3996)
CVE-2022-3996
CWE-667
High
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3384)
CVE-2022-3384
-
High
OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-3602)
CVE-2022-3602
CWE-787
High
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3608)
CVE-2022-3608
CWE-707
High
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-12603)
CVE-2020-12603
CWE-400
High
OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-3786)
CVE-2022-3786
CWE-120
High
MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0001)
CVE-2014-0001
CWE-119
High
WordPress Ultimate Member Plugin Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-3966)
CVE-2022-3966
CWE-22
High
Perl Numeric Errors Vulnerability (CVE-2013-7422)
CVE-2013-7422
-
High
SharePoint CVE-2022-41036 Vulnerability (CVE-2022-41036)
CVE-2022-41036
-
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-7375)
CVE-2013-7375
CWE-138
High
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-40313)
CVE-2022-40313
CWE-707
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-12461)
CVE-2020-12461
CWE-138
High
Oracle Database Server CVE-2019-2776 Vulnerability (CVE-2019-2776)
CVE-2019-2776
-
High
Python Improper Input Validation Vulnerability (CVE-2013-7338)
CVE-2013-7338
CWE-20
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-40407)
CVE-2022-40407
CWE-434
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2020-11996)
CVE-2020-11996
CWE-400
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36099)
CVE-2022-36099
CWE-116
High
WebLogic CVE-2019-2649 Vulnerability (CVE-2019-2649)
CVE-2019-2649
-
High
XWiki Missing Authorization Vulnerability (CVE-2022-41937)
CVE-2022-41937
CWE-862
High
Oracle JRE Incorrect Conversion between Numeric Types Vulnerability (CVE-2022-34169)
CVE-2022-34169
CWE-681
High
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-32749)
CVE-2022-32749
CWE-754
High
Jenkins CVE-2014-2063 Vulnerability (CVE-2014-2063)
CVE-2014-2063
-
High
OpenVPN AS Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-33737)
CVE-2022-33737
CWE-532
High
OpenVPN AS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-33738)
CVE-2022-33738
CWE-338
High
Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037)
CVE-2022-34037
CWE-125
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13760)
CVE-2020-13760
CWE-352
High
ownCloud Other Vulnerability (CVE-2014-2056)
CVE-2014-2056
-
High
Grafana Improper Authentication Vulnerability (CVE-2022-32276)
CVE-2022-32276
CWE-287
High
Drupal Improper Access Control Vulnerability (CVE-2020-13677)
CVE-2020-13677
CWE-284
High
ownCloud Other Vulnerability (CVE-2014-2055)
CVE-2014-2055
-
High
ownCloud Other Vulnerability (CVE-2014-2054)
CVE-2014-2054
-
High
ownCloud Other Vulnerability (CVE-2014-2053)
CVE-2014-2053
-
High
«
1
...
31
32
33
...
200
»