🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-14720)
CVE-2018-14720
CWE-502
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3438)
CVE-2005-3438
-
Critical
Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-18312)
CVE-2018-18312
CWE-119
Critical
Perl Out-of-bounds Write Vulnerability (CVE-2018-18311)
CVE-2018-18311
CWE-787
Critical
WP Plugin Contact Form 7 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-35489)
CVE-2020-35489
CWE-434
Critical
Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-35527)
CVE-2020-35527
CWE-119
Critical
WordPress Improper Input Validation Vulnerability (CVE-2020-35539)
CVE-2020-35539
CWE-20
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3437)
CVE-2005-3437
-
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3440)
CVE-2005-3440
-
Critical
Oracle Application Server Other Vulnerability (CVE-2005-3448)
CVE-2005-3448
-
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3443)
CVE-2005-3443
-
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3444)
CVE-2005-3444
-
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3445)
CVE-2005-3445
-
Critical
Oracle Application Server Other Vulnerability (CVE-2005-3445)
CVE-2005-3445
-
Critical
Oracle Application Server Other Vulnerability (CVE-2005-3446)
CVE-2005-3446
-
Critical
Oracle Database Server Other Vulnerability (CVE-2005-3446)
CVE-2005-3446
-
Critical
Jboss EAP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-14721)
CVE-2018-14721
CWE-918
Critical
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2018-14719)
CVE-2018-14719
CWE-502
Critical
Oracle Database Server CVE-2006-0287 Vulnerability (CVE-2006-0287)
CVE-2006-0287
-
Critical
Oracle Database Server CVE-2006-0283 Vulnerability (CVE-2006-0283)
CVE-2006-0283
-
Critical
Oracle Database Server CVE-2006-0271 Vulnerability (CVE-2006-0271)
CVE-2006-0271
-
Critical
Oracle Application Server CVE-2006-0273 Vulnerability (CVE-2006-0273)
CVE-2006-0273
-
Critical
Oracle Application Server CVE-2006-0274 Vulnerability (CVE-2006-0274)
CVE-2006-0274
-
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13450)
CVE-2018-13450
CWE-138
Critical
Oracle Application Server CVE-2006-0282 Vulnerability (CVE-2006-0282)
CVE-2006-0282
-
Critical
Oracle Database Server CVE-2006-0282 Vulnerability (CVE-2006-0282)
CVE-2006-0282
-
Critical
Oracle Application Server CVE-2006-0283 Vulnerability (CVE-2006-0283)
CVE-2006-0283
-
Critical
Oracle Database Server CVE-2006-0268 Vulnerability (CVE-2006-0268)
CVE-2006-0268
-
Critical
Oracle Application Server CVE-2006-0284 Vulnerability (CVE-2006-0284)
CVE-2006-0284
-
Critical
Oracle Database Server CVE-2006-0285 Vulnerability (CVE-2006-0285)
CVE-2006-0285
-
Critical
Oracle Application Server CVE-2006-0285 Vulnerability (CVE-2006-0285)
CVE-2006-0285
-
Critical
Oracle Database Server CVE-2006-0286 Vulnerability (CVE-2006-0286)
CVE-2006-0286
-
Critical
Oracle Application Server CVE-2006-0286 Vulnerability (CVE-2006-0286)
CVE-2006-0286
-
Critical
Oracle Application Server CVE-2006-0287 Vulnerability (CVE-2006-0287)
CVE-2006-0287
-
Critical
Oracle Database Server Cryptographic Issues Vulnerability (CVE-2006-0270)
CVE-2006-0270
-
Critical
Oracle Database Server CVE-2006-0267 Vulnerability (CVE-2006-0267)
CVE-2006-0267
-
Critical
GlassFish Use of Hard-coded Credentials Vulnerability (CVE-2018-14324)
CVE-2018-14324
CWE-798
Critical
Oracle Database Server CVE-2006-0257 Vulnerability (CVE-2006-0257)
CVE-2006-0257
-
Critical
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-36326)
CVE-2020-36326
CWE-502
Critical
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2006-0200)
CVE-2006-0200
CWE-134
Critical
PrestaShop CVE-2018-13784 Vulnerability (CVE-2018-13784)
CVE-2018-13784
-
Critical
Oracle HTTP Server Improper Access Control Vulnerability (CVE-2026-21962)
CVE-2026-21962
CWE-284
Critical
MyBB CVE-2006-0218 Vulnerability (CVE-2006-0218)
CVE-2006-0218
-
Critical
Oracle Database Server CVE-2006-0256 Vulnerability (CVE-2006-0256)
CVE-2006-0256
-
Critical
Oracle Database Server CVE-2006-0258 Vulnerability (CVE-2006-0258)
CVE-2006-0258
-
Critical
Oracle Database Server CVE-2006-0266 Vulnerability (CVE-2006-0266)
CVE-2006-0266
-
Critical
Oracle Database Server CVE-2006-0259 Vulnerability (CVE-2006-0259)
CVE-2006-0259
-
Critical
Oracle Database Server CVE-2006-0260 Vulnerability (CVE-2006-0260)
CVE-2006-0260
-
Critical
Oracle Database Server CVE-2006-0261 Vulnerability (CVE-2006-0261)
CVE-2006-0261
-
Critical
Oracle Database Server CVE-2006-0262 Vulnerability (CVE-2006-0262)
CVE-2006-0262
-
Critical
Oracle Database Server CVE-2006-0263 Vulnerability (CVE-2006-0263)
CVE-2006-0263
-
Critical
Oracle Database Server CVE-2006-0265 Vulnerability (CVE-2006-0265)
CVE-2006-0265
-
Critical
MediaWiki Improper Input Validation Vulnerability (CVE-2025-67484)
CVE-2025-67484
CWE-20
Critical
Varnish Cache Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8807)
CVE-2017-8807
CWE-119
Critical
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16780)
CVE-2017-16780
CWE-352
Critical
SharePoint CVE-2021-1716 Vulnerability (CVE-2021-1716)
CVE-2021-1716
-
Critical
PrestaShop Improper Authentication Vulnerability (CVE-2021-21308)
CVE-2021-21308
CWE-287
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21025)
CVE-2021-21025
CWE-91
Critical
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21024)
CVE-2021-21024
CWE-138
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019)
CVE-2021-21019
CWE-91
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21018)
CVE-2021-21018
CWE-138
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21016)
CVE-2021-21016
CWE-138
Critical
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21014)
CVE-2021-21014
CWE-434
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-2641)
CVE-2017-2641
CWE-138
Critical
Apache HTTP Server Improper Authentication Vulnerability (CVE-2017-3167)
CVE-2017-3167
CWE-287
Critical
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169)
CVE-2017-3169
CWE-476
Critical
PHP Other Vulnerability (CVE-2007-0448)
CVE-2007-0448
-
Critical
WebLogic CVE-2017-3248 Vulnerability (CVE-2017-3248)
CVE-2017-3248
-
Critical
Sqlite CVE-2021-20223 Vulnerability (CVE-2021-20223)
CVE-2021-20223
-
Critical
WebLogic CVE-2021-1994 Vulnerability (CVE-2021-1994)
CVE-2021-1994
-
Critical
SharePoint Out-of-bounds Write Vulnerability (CVE-2021-1715)
CVE-2021-1715
CWE-787
Critical
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20032)
CVE-2017-20032
CWE-138
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9582)
CVE-2020-9582
CWE-138
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9548)
CVE-2020-9548
CWE-502
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9576)
CVE-2020-9576
CWE-138
Critical
«
1
...
5
6
7
...
200
»