🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2024-42516)
CVE-2024-42516
CWE-20
High
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2024-41991)
CVE-2024-41991
CWE-1284
High
Django CVE-2024-41990 Vulnerability (CVE-2024-41990)
CVE-2024-41990
-
High
Apache HTTP Server Other Vulnerability (CVE-2004-2343)
CVE-2004-2343
-
High
PostgreSQL Improper Validation of Array Index Vulnerability (CVE-2026-2006)
CVE-2026-2006
CWE-129
High
Django CVE-2024-41989 Vulnerability (CVE-2024-41989)
CVE-2024-41989
-
High
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2489)
CVE-2010-2489
CWE-119
High
Craft CMS Improper Authentication Vulnerability (CVE-2024-41800)
CVE-2024-41800
CWE-287
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-2679)
CVE-2010-2679
CWE-138
High
PostgreSQL Heap-based Buffer Overflow Vulnerability (CVE-2026-2007)
CVE-2026-2007
CWE-122
High
markdown-it Inefficient Regular Expression Complexity Vulnerability (CVE-2026-2327)
CVE-2026-2327
CWE-1333
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2005-0211)
CVE-2005-0211
CWE-119
High
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-29168)
CVE-2026-29168
CWE-770
High
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40898)
CVE-2024-40898
CWE-918
High
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1868)
CVE-2010-1868
CWE-94
High
Next.js Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-46982)
CVE-2024-46982
CWE-639
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2026-28390)
CVE-2026-28390
CWE-476
High
phpBB CVE-2010-1630 Vulnerability (CVE-2010-1630)
CVE-2010-1630
-
High
Envoy Proxy CVE-2024-45810 Vulnerability (CVE-2024-45810)
CVE-2024-45810
-
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-45809)
CVE-2024-45809
CWE-476
High
Craft CMS Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2026-28695)
CVE-2026-28695
CWE-138
High
Envoy Proxy CVE-2024-45807 Vulnerability (CVE-2024-45807)
CVE-2024-45807
-
High
Craft CMS Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2026-28696)
CVE-2026-28696
CWE-639
High
Squid CVE-2024-45802 Vulnerability (CVE-2024-45802)
CVE-2024-45802
-
High
phpMyAdmin Other Vulnerability (CVE-2005-0567)
CVE-2005-0567
-
High
Moodle Incorrect Default Permissions Vulnerability (CVE-2024-45690)
CVE-2024-45690
CWE-276
High
MediaWiki Other Vulnerability (CVE-2005-0535)
CVE-2005-0535
-
High
Craft CMS Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2026-28784)
CVE-2026-28784
CWE-138
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2026-29041)
CVE-2026-29041
CWE-434
High
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-45398)
CVE-2024-45398
CWE-434
High
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-2099)
CVE-2010-2099
CWE-264
High
Oracle Database Server Other Vulnerability (CVE-2005-0297)
CVE-2005-0297
-
High
Serendipity Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1916)
CVE-2010-1916
CWE-264
High
Django CVE-2024-45230 Vulnerability (CVE-2024-45230)
CVE-2024-45230
-
High
Apache Tomcat Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2026-29129)
CVE-2026-29129
CWE-327
High
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1931)
CVE-2010-1931
CWE-138
High
SharePoint CVE-2024-43503 Vulnerability (CVE-2024-43503)
CVE-2024-43503
-
High
SharePoint CVE-2024-43466 Vulnerability (CVE-2024-43466)
CVE-2024-43466
-
High
SharePoint CVE-2024-43464 Vulnerability (CVE-2024-43464)
CVE-2024-43464
-
High
Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43440)
CVE-2024-43440
CWE-22
High
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-43438)
CVE-2024-43438
CWE-639
High
Apache Tomcat Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2026-29146)
CVE-2026-29146
CWE-209
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-43436)
CVE-2024-43436
CWE-138
High
PostgreSQL Other Vulnerability (CVE-2005-0245)
CVE-2005-0245
-
High
e107 Other Vulnerability (CVE-2010-2098)
CVE-2010-2098
-
High
PrestaShop Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-41651)
CVE-2024-41651
CWE-918
High
Joomla Other Vulnerability (CVE-2024-40749)
CVE-2024-40749
-
High
Apache HTTP Server Improper Neutralization of Escape, Meta, or Control Sequences Vulnerability (CVE-2024-47252)
CVE-2024-47252
CWE-150
High
Chamilo NULL Pointer Dereference Vulnerability (CVE-2026-32894)
CVE-2026-32894
CWE-476
High
Apache Traffic Server CVE-2024-38479 Vulnerability (CVE-2024-38479)
CVE-2024-38479
-
High
MediaWiki Other Vulnerability (CVE-2004-1405)
CVE-2004-1405
-
High
Oracle Application Server Other Vulnerability (CVE-2004-1370)
CVE-2004-1370
-
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)
CVE-2024-38477
CWE-476
High
Apache HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2024-38473)
CVE-2024-38473
CWE-116
High
Craft CMS Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2026-32263)
CVE-2026-32263
CWE-470
High
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-38472)
CVE-2024-38472
CWE-918
High
Oracle Application Server CVE-2004-1368 Vulnerability (CVE-2004-1368)
CVE-2004-1368
-
High
Craft CMS Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2026-32264)
CVE-2026-32264
CWE-470
High
Oracle Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2004-1364)
CVE-2004-1364
CWE-22
High
Oracle Application Server Other Vulnerability (CVE-2004-1362)
CVE-2004-1362
-
High
Squid Improper Resource Locking Vulnerability (CVE-2026-32748)
CVE-2026-32748
CWE-413
High
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286)
CVE-2024-38286
CWE-770
High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-32892)
CVE-2026-32892
CWE-138
High
Mailman Other Vulnerability (CVE-2004-1143)
CVE-2004-1143
-
High
Django Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2024-38875)
CVE-2024-38875
CWE-130
High
IBMHttpServer Other Vulnerability (CVE-2004-1082)
CVE-2004-1082
-
High
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3708)
CVE-2010-3708
CWE-20
High
Apache HTTP Server Other Vulnerability (CVE-2004-1082)
CVE-2004-1082
-
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-38276)
CVE-2024-38276
CWE-352
High
Chamilo Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2026-32930)
CVE-2026-32930
CWE-639
High
Moodle Incomplete Cleanup Vulnerability (CVE-2024-38275)
CVE-2024-38275
CWE-459
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2026-32931)
CVE-2026-32931
CWE-434
High
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2026-33001)
CVE-2026-33001
CWE-59
High
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714)
CVE-2010-3714
CWE-264
High
Jenkins Reliance on Reverse DNS Resolution for a Security-Critical Action Vulnerability (CVE-2026-33002)
CVE-2026-33002
CWE-350
High
«
1
...
51
52
53
...
200
»