Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Oracle Database Server Other Vulnerability (CVE-2002-0567)
CVE-2002-0567
-
High
Microsoft SQL Server Other Vulnerability (CVE-1999-1556)
CVE-1999-1556
-
High
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2022-2191)
CVE-2022-2191
CWE-404
High
Oracle HTTP Server Other Vulnerability (CVE-2002-0655)
CVE-2002-0655
-
High
PmWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4453)
CVE-2011-4453
CWE-94
High
Oracle Application Server Other Vulnerability (CVE-2002-0564)
CVE-2002-0564
-
High
PostgreSQL Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2022-2625)
CVE-2022-2625
CWE-913
High
Oracle Application Server Other Vulnerability (CVE-2002-0561)
CVE-2002-0561
-
High
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-32044)
CVE-2025-32044
CWE-200
High
Grafana Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-39328)
CVE-2022-39328
CWE-362
High
MySQL Other Vulnerability (CVE-2000-0148)
CVE-2000-0148
-
High
Oracle Application Server Other Vulnerability (CVE-2002-0559)
CVE-2002-0559
-
High
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3383)
CVE-2022-3383
-
High
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3384)
CVE-2022-3384
-
High
Oracle HTTP Server Other Vulnerability (CVE-2002-0656)
CVE-2002-0656
-
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-40407)
CVE-2022-40407
CWE-434
High
SharePoint CVE-2022-41038 Vulnerability (CVE-2022-41038)
CVE-2022-41038
-
High
Oracle Application Server Other Vulnerability (CVE-2002-0656)
CVE-2002-0656
-
High
OpenSSL Other Vulnerability (CVE-2002-0656)
CVE-2002-0656
-
High
OpenSSL Other Vulnerability (CVE-2002-0655)
CVE-2002-0655
-
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053)
CVE-2022-2053
CWE-400
High
SharePoint CVE-2022-41037 Vulnerability (CVE-2022-41037)
CVE-2022-41037
-
High
SharePoint CVE-2022-41036 Vulnerability (CVE-2022-41036)
CVE-2022-41036
-
High
Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2025-52520)
CVE-2025-52520
CWE-190
High
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-52434)
CVE-2025-52434
CWE-362
High
Oracle JRE CVE-2025-50106 Vulnerability (CVE-2025-50106)
CVE-2025-50106
-
High
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-40313)
CVE-2022-40313
CWE-707
High
OpenSSL Improper Locking Vulnerability (CVE-2022-3996)
CVE-2022-3996
CWE-667
High
WordPress Ultimate Member Plugin Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-3966)
CVE-2022-3966
CWE-22
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-51991)
CVE-2025-51991
CWE-94
High
OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-3786)
CVE-2022-3786
CWE-120
High
Internet Information Services Other Vulnerability (CVE-1999-1233)
CVE-1999-1233
-
High
AbanteCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-50971)
CVE-2025-50971
CWE-22
High
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3608)
CVE-2022-3608
CWE-707
High
OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-3602)
CVE-2022-3602
CWE-787
High
Internet Information Services Other Vulnerability (CVE-1999-0253)
CVE-1999-0253
-
High
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-54417)
CVE-2025-54417
CWE-94
High
Grafana Improper Input Validation Vulnerability (CVE-2022-39306)
CVE-2022-39306
CWE-20
High
SSRF in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-21893)
CVE-2024-21893
CWE-918
High
Python CVE-2022-42919 Vulnerability (CVE-2022-42919)
CVE-2022-42919
-
High
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-3379)
CVE-2011-3379
CWE-94
High
Ghost CMS Theme Path Traversal (CVE-2023-32235)
CVE-2023-32235
CWE-22
High
Grafana Snapshot Authentication Bypass (CVE-2021-39226)
CVE-2021-39226
CWE-287
High
Ivanti EPM SQLi RCE (CVE-2024-29824)
CVE-2024-29824
CWE-89
High
Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805)
CVE-2023-46805
CWE-287
High
Magento Improper Input Validation Vulnerability (CVE-2022-42344)
CVE-2022-42344
CWE-20
High
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-42252)
CVE-2022-42252
-
High
Nexus Repository Manager 3 Path Traversal (CVE-2024-4956)
CVE-2024-4956
CWE-22
High
GeoServer Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-30145)
CVE-2025-30145
CWE-835
High
Apache OFBiz SSRF (CVE-2023-50968)
CVE-2023-50968
CWE-918
High
XWikiplatform Relative Path Traversal Vulnerability (CVE-2025-55748)
CVE-2025-55748
CWE-23
High
Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)
CVE-2024-6387
CWE-362
High
Securepoint UTM (CVE-2023-22620, CVE-2023-22897)
CVE-2023-22897
CWE-863
High
Sitecore Arbitrary File Read (CVE-2024-46938)
CVE-2024-46938
CWE-200
High
Skype for Business SSRF (CVE-2023-41763)
CVE-2023-41763
CWE-918
High
SolarWinds Serv-U Directory Traversal (CVE-2024-28995)
CVE-2024-28995
CWE-22
High
TeamCity Authentication Bypass (CVE-2024-27199)
CVE-2024-27199
CWE-288
High
Envoy Proxy CVE-2025-30157 Vulnerability (CVE-2025-30157)
CVE-2025-30157
-
High
FastAdmin Path Traversal (CVE-2024-7928)
CVE-2024-7928
CWE-22
High
XWiki Platform RCE (CVE-2023-37462)
CVE-2023-37462
CWE-74
High
Qlik Sense Enterprise Auth Bypass (CVE-2023-41266)
CVE-2023-41266
CWE-20
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43288)
CVE-2022-43288
CWE-138
High
MySQL Other Vulnerability (CVE-2002-1374)
CVE-2002-1374
-
High
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43279)
CVE-2022-43279
CWE-138
High
OpenCms Chemistry Solr XML External Entity (XXE) vulnerability (CVE-2023-42346)
CVE-2023-42346
CWE-611
High
OpenCms Chemistry XML External Entity (XXE) vulnerability (CVE-2023-42344)
CVE-2023-42344
CWE-611
High
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3190)
CVE-2011-3190
CWE-264
High
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3192)
CVE-2011-3192
CWE-400
High
Openfire Path Traversal (CVE-2023-32315)
CVE-2023-32315
CWE-22
High
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
CVE-2023-26360
CWE-502
High
Dolibarr Information Disclosure (CVE-2023-33568)
CVE-2023-33568
CWE-552
High
GeoServer SQLi (CVE-2023-25157)
CVE-2023-25157
CWE-89
High
SharePoint CVE-2025-29976 Vulnerability (CVE-2025-29976)
CVE-2025-29976
-
High
MOVEit Transfer Improper Privilege Management Vulnerability (CVE-2025-2324)
CVE-2025-2324
CWE-269
High
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2011-3336)
CVE-2011-3336
CWE-400
High