🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
PHP Insufficient Entropy Vulnerability (CVE-2008-2108)
CVE-2008-2108
CWE-331
Critical
PHP Out-of-bounds Write Vulnerability (CVE-2016-7126)
CVE-2016-7126
CWE-787
Critical
PHP Deserialization of Untrusted Data Vulnerability (CVE-2016-7124)
CVE-2016-7124
CWE-502
Critical
WordPress Improper Input Validation Vulnerability (CVE-2008-2392)
CVE-2008-2392
CWE-20
Critical
WebLogic CVE-2021-2064 Vulnerability (CVE-2021-2064)
CVE-2021-2064
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7414)
CVE-2016-7414
CWE-119
Critical
Oracle Application Server CVE-2008-1824 Vulnerability (CVE-2008-1824)
CVE-2008-1824
-
Critical
MySQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6662)
CVE-2016-6662
CWE-264
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7480)
CVE-2016-7480
CWE-119
Critical
b2evolution Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-8901)
CVE-2016-8901
CWE-138
Critical
Joomla Improper Input Validation Vulnerability (CVE-2016-8869)
CVE-2016-8869
CWE-20
Critical
Apache Tomcat CVE-2016-8735 Vulnerability (CVE-2016-8735)
CVE-2016-8735
-
Critical
Internet Information Services Integer Overflow or Wraparound Vulnerability (CVE-2008-1446)
CVE-2008-1446
CWE-190
Critical
Python Improper Input Validation Vulnerability (CVE-2021-29921)
CVE-2021-29921
CWE-20
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-7568)
CVE-2016-7568
CWE-190
Critical
PHP Use After Free Vulnerability (CVE-2016-7479)
CVE-2016-7479
CWE-416
Critical
Oracle Database Server CVE-2008-1821 Vulnerability (CVE-2008-1821)
CVE-2008-1821
-
Critical
Oracle Application Server CVE-2008-1812 Vulnerability (CVE-2008-1812)
CVE-2008-1812
-
Critical
Oracle Database Server CVE-2008-1814 Vulnerability (CVE-2008-1814)
CVE-2008-1814
-
Critical
Oracle Application Server CVE-2008-1814 Vulnerability (CVE-2008-1814)
CVE-2008-1814
-
Critical
Oracle Database Server CVE-2008-1817 Vulnerability (CVE-2008-1817)
CVE-2008-1817
-
Critical
Oracle Database Server CVE-2008-1818 Vulnerability (CVE-2008-1818)
CVE-2008-1818
-
Critical
PHP Improper Input Validation Vulnerability (CVE-2016-7417)
CVE-2016-7417
CWE-20
Critical
LimeSurvey CVE-2008-2570 Vulnerability (CVE-2008-2570)
CVE-2008-2570
-
Critical
WebLogic CVE-2021-2075 Vulnerability (CVE-2021-2075)
CVE-2021-2075
-
Critical
Oracle Database Server CVE-2016-5555 Vulnerability (CVE-2016-5555)
CVE-2016-5555
-
Critical
Liferay DXP Missing Authorization Vulnerability (CVE-2025-43773)
CVE-2025-43773
CWE-862
Critical
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3225)
CVE-2008-3225
CWE-264
Critical
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)
CVE-2008-3232
CWE-94
Critical
WebLogic Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-3257)
CVE-2008-3257
CWE-119
Critical
PHP Use After Free Vulnerability (CVE-2016-5773)
CVE-2016-5773
CWE-416
Critical
PHP Double Free Vulnerability (CVE-2016-5772)
CVE-2016-5772
CWE-415
Critical
PHP Use After Free Vulnerability (CVE-2016-5771)
CVE-2016-5771
CWE-416
Critical
Liferay Portal Missing Authorization Vulnerability (CVE-2025-43773)
CVE-2025-43773
CWE-862
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6288)
CVE-2016-6288
CWE-119
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5770)
CVE-2016-5770
CWE-190
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5769)
CVE-2016-5769
CWE-190
Critical
PHP Double Free Vulnerability (CVE-2016-5768)
CVE-2016-5768
CWE-415
Critical
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-5734)
CVE-2016-5734
CWE-94
Critical
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-5703)
CVE-2016-5703
CWE-138
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2016-5636)
CVE-2016-5636
CWE-190
Critical
phpBB CVE-2008-3224 Vulnerability (CVE-2008-3224)
CVE-2008-3224
-
Critical
PHP Use After Free Vulnerability (CVE-2016-6290)
CVE-2016-6290
CWE-416
Critical
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-6629)
CVE-2016-6629
-
Critical
Artifactory Improper Input Validation Vulnerability (CVE-2016-6501)
CVE-2016-6501
CWE-20
Critical
WebLogic CVE-2021-2108 Vulnerability (CVE-2021-2108)
CVE-2021-2108
-
Critical
WebLogic CVE-2021-2135 Vulnerability (CVE-2021-2135)
CVE-2021-2135
-
Critical
phpMyAdmin Deserialization of Untrusted Data Vulnerability (CVE-2016-6620)
CVE-2016-6620
CWE-502
Critical
Ruby Numeric Errors Vulnerability (CVE-2008-2662)
CVE-2008-2662
-
Critical
Ruby Integer Overflow or Wraparound Vulnerability (CVE-2008-2663)
CVE-2008-2663
CWE-190
Critical
WebLogic CVE-2021-2136 Vulnerability (CVE-2021-2136)
CVE-2021-2136
-
Critical
OpenSSL Use After Free Vulnerability (CVE-2016-6309)
CVE-2016-6309
CWE-416
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6291)
CVE-2016-6291
CWE-119
Critical
SharePoint Resource Management Errors Vulnerability (CVE-2008-3006)
CVE-2008-3006
-
Critical
OpenSSL Out-of-bounds Write Vulnerability (CVE-2016-6303)
CVE-2016-6303
CWE-787
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6296)
CVE-2016-6296
CWE-119
Critical
PHP Use After Free Vulnerability (CVE-2016-6295)
CVE-2016-6295
CWE-416
Critical
Dolphin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3167)
CVE-2008-3167
CWE-94
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2016-6294)
CVE-2016-6294
CWE-125
Critical
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-16510)
CVE-2017-16510
CWE-138
Critical
Joomla Improper Authentication Vulnerability (CVE-2017-16634)
CVE-2017-16634
CWE-287
Critical
TYPO3 Improper Input Validation Vulnerability (CVE-2009-0258)
CVE-2009-0258
CWE-20
Critical
IBM WebSEAL Missing Authorization Vulnerability (CVE-2020-4499)
CVE-2020-4499
CWE-862
Critical
Oracle Database Server CVE-2006-1876 Vulnerability (CVE-2006-1876)
CVE-2006-1876
-
Critical
Oracle Database Server CVE-2006-1875 Vulnerability (CVE-2006-1875)
CVE-2006-1875
-
Critical
Oracle Database Server CVE-2006-1873 Vulnerability (CVE-2006-1873)
CVE-2006-1873
-
Critical
Oracle Database Server CVE-2006-1870 Vulnerability (CVE-2006-1870)
CVE-2006-1870
-
Critical
Oracle Database Server Other Vulnerability (CVE-2006-1869)
CVE-2006-1869
-
Critical
Oracle Database Server Other Vulnerability (CVE-2006-1867)
CVE-2006-1867
-
Critical
Oracle Database Server CVE-2006-1866 Vulnerability (CVE-2006-1866)
CVE-2006-1866
-
Critical
WebLogic Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2018-1000613)
CVE-2018-1000613
CWE-470
Critical
OpenVPN AS Other Vulnerability (CVE-2006-1629)
CVE-2006-1629
-
Critical
Python Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-1000802)
CVE-2018-1000802
CWE-138
Critical
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2018-1000861)
CVE-2018-1000861
CWE-502
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-10094)
CVE-2018-10094
CWE-138
Critical
«
1
...
3
4
5
...
200
»