🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-32779)
CVE-2021-32779
CWE-863
High
OpenSSL Resource Management Errors Vulnerability (CVE-2016-2109)
CVE-2016-2109
-
High
Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2183)
CVE-2016-2183
CWE-200
High
PostgreSQL 7PK - Security Features Vulnerability (CVE-2016-2193)
CVE-2016-2193
-
High
OpenSSL Numeric Errors Vulnerability (CVE-2016-2106)
CVE-2016-2106
-
High
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-2512)
CVE-2016-2512
CWE-707
High
Squid Improper Input Validation Vulnerability (CVE-2016-2569)
CVE-2016-2569
CWE-20
High
Zope Web Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)
CVE-2021-32633
CWE-22
High
Plone CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)
CVE-2021-32633
CWE-22
High
Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-15012)
CVE-2020-15012
CWE-22
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14960)
CVE-2020-14960
CWE-138
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539)
CVE-2016-2539
CWE-352
High
Perl Improper Input Validation Vulnerability (CVE-2016-2381)
CVE-2016-2381
CWE-20
High
WordPress Other Vulnerability (CVE-2016-2221)
CVE-2016-2221
-
High
Oracle Database Server Improper Input Validation Vulnerability (CVE-2016-2381)
CVE-2016-2381
CWE-20
High
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16185)
CVE-2019-16185
CWE-276
High
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16186)
CVE-2019-16186
CWE-276
High
LimeSurvey Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-16187)
CVE-2019-16187
CWE-732
High
Ruby Improper Authentication Vulnerability (CVE-2019-16201)
CVE-2019-16201
CWE-287
High
WebLogic CVE-2020-14883 Vulnerability (CVE-2020-14883)
CVE-2020-14883
-
High
WordPress Other Vulnerability (CVE-2016-2222)
CVE-2016-2222
-
High
Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-32780)
CVE-2021-32780
CWE-754
High
MySQL Numeric Errors Vulnerability (CVE-2016-2105)
CVE-2016-2105
-
High
Squid Improper Input Validation Vulnerability (CVE-2016-2571)
CVE-2016-2571
CWE-20
High
Riot.js Resource Management Errors Vulnerability (CVE-2016-10527)
CVE-2016-10527
-
High
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-1240)
CVE-2016-1240
CWE-20
High
Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-1238)
CVE-2016-1238
CWE-264
High
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10755)
CVE-2016-10755
CWE-138
High
e107 Deserialization of Untrusted Data Vulnerability (CVE-2016-10753)
CVE-2016-10753
CWE-502
High
Osclass Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10751)
CVE-2016-10751
CWE-22
High
PHP Improper Input Validation Vulnerability (CVE-2016-10712)
CVE-2016-10712
CWE-20
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2021-33335)
CVE-2021-33335
CWE-863
High
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-1499)
CVE-2016-1499
CWE-200
High
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400)
CVE-2016-10400
CWE-22
High
PHP Improper Input Validation Vulnerability (CVE-2016-10397)
CVE-2016-10397
CWE-20
High
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10378)
CVE-2016-10378
CWE-138
High
Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-10345)
CVE-2016-10345
CWE-264
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-10162)
CVE-2016-10162
CWE-476
High
PHP Out-of-bounds Read Vulnerability (CVE-2016-10161)
CVE-2016-10161
CWE-125
High
Nginx Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-1247)
CVE-2016-1247
CWE-59
High
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)
CVE-2021-33323
CWE-312
High
OpenSSL Numeric Errors Vulnerability (CVE-2016-2105)
CVE-2016-2105
-
High
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-2041)
CVE-2016-2041
-
High
Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-2098)
CVE-2016-2098
CWE-20
High
Pega Infinity Exposure of Resource to Wrong Sphere Vulnerability (CVE-2019-16387)
CVE-2019-16387
CWE-668
High
Envoy Proxy Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32781)
CVE-2021-32781
CWE-119
High
Nexus Repository Manager Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-16530)
CVE-2019-16530
CWE-434
High
Zope Web Application Server Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2021-32811)
CVE-2021-32811
CWE-915
High
Apache HTTP Server Other Vulnerability (CVE-2021-33193)
CVE-2021-33193
-
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-16869)
CVE-2019-16869
CWE-444
High
PHP Numeric Errors Vulnerability (CVE-2016-1904)
CVE-2016-1904
-
High
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-33203)
CVE-2021-33203
CWE-22
High
Liferay Portal Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-33321)
CVE-2021-33321
CWE-640
High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)
CVE-2019-16891
CWE-502
High
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1950)
CVE-2016-1950
CWE-119
High
MySQL CVE-2020-14828 Vulnerability (CVE-2020-14828)
CVE-2020-14828
-
High
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-1927)
CVE-2016-1927
-
High
Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2021-33322)
CVE-2021-33322
CWE-613
High
Squid Improper Input Validation Vulnerability (CVE-2016-2570)
CVE-2016-2570
CWE-20
High
Squid Improper Input Validation Vulnerability (CVE-2016-2572)
CVE-2016-2572
CWE-20
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-10159)
CVE-2016-10159
CWE-190
High
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2019-15043)
CVE-2019-15043
CWE-306
High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001)
CVE-2019-15001
CWE-94
High
SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-31950)
CVE-2021-31950
CWE-918
High
SharePoint CVE-2021-31963 Vulnerability (CVE-2021-31963)
CVE-2021-31963
-
High
SharePoint CVE-2021-31964 Vulnerability (CVE-2021-31964)
CVE-2021-31964
-
High
Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-15151)
CVE-2020-15151
-
High
TYPO3 Improper Input Validation Vulnerability (CVE-2020-15099)
CVE-2020-15099
CWE-20
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098)
CVE-2020-15098
CWE-502
High
Chamilo Improper Input Validation Vulnerability (CVE-2021-31933)
CVE-2021-31933
CWE-20
High
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)
CVE-2019-15225
CWE-770
High
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2019-15226)
CVE-2019-15226
CWE-400
High
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)
CVE-2021-32027
CWE-119
High
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)
CVE-2021-32027
CWE-119
High
Roundcube Unspesificed Vulnerability (CVE-2019-15237)
CVE-2019-15237
-
High
«
1
...
43
44
45
...
200
»