🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
MySQL CVE-2024-21090 Vulnerability (CVE-2024-21090)
CVE-2024-21090
-
High
Internet Information Services Other Vulnerability (CVE-2001-0902)
CVE-2001-0902
-
High
Next.js Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2026-44575)
CVE-2026-44575
CWE-288
High
Jetty Sensitive Information in Resource Not Removed Before Reuse Vulnerability (CVE-2026-5795)
CVE-2026-5795
CWE-226
High
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
CVE-2024-21490
CWE-1333
High
Internet Information Services Other Vulnerability (CVE-2000-0746)
CVE-2000-0746
-
High
Apache HTTP Server CVE-1999-0236 Vulnerability (CVE-1999-0236)
CVE-1999-0236
-
High
Internet Information Services Other Vulnerability (CVE-1999-0253)
CVE-1999-0253
-
High
MySQL Other Vulnerability (CVE-2000-0148)
CVE-2000-0148
-
High
WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2024-21007)
CVE-2024-21007
CWE-306
High
Joomla Improper Authentication Vulnerability (CVE-2026-48897)
CVE-2026-48897
CWE-287
High
WebLogic CVE-2024-21006 Vulnerability (CVE-2024-21006)
CVE-2024-21006
-
High
Apache HTTP Server Other Vulnerability (CVE-1999-1053)
CVE-1999-1053
-
High
GibbonEdu Deserialization of Untrusted Data Vulnerability (CVE-2024-24725)
CVE-2024-24725
CWE-502
High
Oracle Database Server Other Vulnerability (CVE-2001-0833)
CVE-2001-0833
-
High
Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)
CVE-2011-3629
CWE-326
High
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0349)
CVE-1999-0349
CWE-119
High
Internet Information Services Other Vulnerability (CVE-1999-0412)
CVE-1999-0412
-
High
Python Uncontrolled Recursion Vulnerability (CVE-2026-4224)
CVE-2026-4224
CWE-674
High
axios Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-44490)
CVE-2026-44490
CWE-1321
High
MongoDb Double Free Vulnerability (CVE-2026-4358)
CVE-2026-4358
CWE-415
High
SharePoint CVE-2024-21318 Vulnerability (CVE-2024-21318)
CVE-2024-21318
-
High
Next.js Incorrect Authorization Vulnerability (CVE-2026-44573)
CVE-2026-44573
CWE-863
High
Joomla CVE-2026-48896 Vulnerability (CVE-2026-48896)
CVE-2026-48896
-
High
Drupal Other Vulnerability (CVE-2024-22362)
CVE-2024-22362
-
High
Opencart CVE-2024-21519 Vulnerability (CVE-2024-21519)
CVE-2024-21519
-
High
Caddy Web Server Improper Authentication Vulnerability (CVE-2026-52845)
CVE-2026-52845
CWE-287
High
Microsoft SQL Server Other Vulnerability (CVE-2001-0542)
CVE-2001-0542
-
High
Internet Information Services Improper Input Validation Vulnerability (CVE-2000-0258)
CVE-2000-0258
CWE-20
High
Internet Information Services Other Vulnerability (CVE-2000-1104)
CVE-2000-1104
-
High
Next.js Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2026-45109)
CVE-2026-45109
CWE-288
High
Craft CMS CVE-2024-21622 Vulnerability (CVE-2024-21622)
CVE-2024-21622
-
High
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2011-3336)
CVE-2011-3336
CWE-400
High
Oracle Database Server CVE-2011-2301 Vulnerability (CVE-2011-2301)
CVE-2011-2301
-
High
SharePoint Heap-based Buffer Overflow Vulnerability (CVE-2026-44824)
CVE-2026-44824
CWE-122
High
WebLogic CVE-2024-21183 Vulnerability (CVE-2024-21183)
CVE-2024-21183
-
High
Internet Information Services Other Vulnerability (CVE-2001-0506)
CVE-2001-0506
-
High
WebLogic CVE-2024-21175 Vulnerability (CVE-2024-21175)
CVE-2024-21175
-
High
WebLogic CVE-2024-21182 Vulnerability (CVE-2024-21182)
CVE-2024-21182
-
High
Internet Information Services Permissions, Privileges, and Access Controls Vulnerability (CVE-1999-0777)
CVE-1999-0777
CWE-264
High
Internet Information Services Other Vulnerability (CVE-2001-0507)
CVE-2001-0507
-
High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2026-53435)
CVE-2026-53435
CWE-502
High
Caddy Web Server Improper Input Validation Vulnerability (CVE-2026-45135)
CVE-2026-45135
CWE-20
High
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-22201)
CVE-2024-22201
CWE-770
High
Plone CMS CVE-2024-23756 Vulnerability (CVE-2024-23756)
CVE-2024-23756
-
High
OpenSSL Use After Free Vulnerability (CVE-2026-45447)
CVE-2026-45447
CWE-416
High
Oracle Application Server Other Vulnerability (CVE-2001-0591)
CVE-2001-0591
-
High
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-44492)
CVE-2026-44492
CWE-918
High
phpMyAdmin Other Vulnerability (CVE-2001-0478)
CVE-2001-0478
-
High
axios Unintended Proxy or Intermediary ('Confused Deputy') Vulnerability (CVE-2026-44494)
CVE-2026-44494
CWE-441
High
Drupal Incorrect Authorization Vulnerability (CVE-2011-2726)
CVE-2011-2726
CWE-863
High
Internet Information Services Other Vulnerability (CVE-1999-0450)
CVE-1999-0450
-
High
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21686)
CVE-2024-21686
CWE-707
High
axios Uncontrolled Resource Consumption Vulnerability (CVE-2026-44496)
CVE-2026-44496
CWE-400
High
Oracle Application Server Other Vulnerability (CVE-2000-0169)
CVE-2000-0169
-
High
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21678)
CVE-2024-21678
CWE-707
High
GlassFish CVE-2011-3559 Vulnerability (CVE-2011-3559)
CVE-2011-3559
-
High
SharePoint Heap-based Buffer Overflow Vulnerability (CVE-2026-44819)
CVE-2026-44819
CWE-122
High
Internet Information Services Configuration Vulnerability (CVE-1999-0725)
CVE-1999-0725
-
High
Microsoft SQL Server Other Vulnerability (CVE-2000-0199)
CVE-2000-0199
-
High
Microsoft SQL Server Other Vulnerability (CVE-2000-0202)
CVE-2000-0202
-
High
Atlassian Confluence CVE-2024-21683 Vulnerability (CVE-2024-21683)
CVE-2024-21683
-
High
Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21518)
CVE-2024-21518
CWE-22
High
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-22188)
CVE-2024-22188
CWE-94
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2930)
CVE-2011-2930
CWE-138
High
Oracle Database Server CVE-2011-2253 Vulnerability (CVE-2011-2253)
CVE-2011-2253
-
High
SharePoint CVE-2024-21426 Vulnerability (CVE-2024-21426)
CVE-2024-21426
-
High
GeoServer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-24749)
CVE-2024-24749
CWE-22
High
SharePoint Improper Authorization Vulnerability (CVE-2026-47298)
CVE-2026-47298
CWE-285
High
Oracle Database Server Uncontrolled Resource Consumption Vulnerability (CVE-2026-46835)
CVE-2026-46835
CWE-400
High
Nginx Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
Zope Web Application Server CVE-2011-2528 Vulnerability (CVE-2011-2528)
CVE-2011-2528
-
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2026-42765)
CVE-2026-42765
CWE-476
High
Plone CMS CVE-2011-2528 Vulnerability (CVE-2011-2528)
CVE-2011-2528
-
High
Next.js Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-44579)
CVE-2026-44579
CWE-770
High
«
1
...
73
74
75
...
200
»