🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Known Vulnerabilities
This page lists
14981 vulnerabilities
in this category.
Critical: 1612
High: 4015
Medium: 8569
Low: 783
Information: 2
Vulnerability Name
CVE
CWE
Severity
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-7679)
CVE-2017-7679
CWE-119
Critical
Jetty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7658)
CVE-2017-7658
CWE-444
Critical
axios Unintended Proxy or Intermediary ('Confused Deputy') Vulnerability (CVE-2025-62718)
CVE-2025-62718
CWE-441
Critical
Jetty Integer Overflow or Wraparound Vulnerability (CVE-2017-7657)
CVE-2017-7657
CWE-190
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2006-4482)
CVE-2006-4482
CWE-119
Critical
PHP Other Vulnerability (CVE-2006-4483)
CVE-2006-4483
-
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-64459)
CVE-2025-64459
CWE-138
Critical
PHP Other Vulnerability (CVE-2006-4485)
CVE-2006-4485
-
Critical
PostgreSQL Improper Authentication Vulnerability (CVE-2017-7546)
CVE-2017-7546
CWE-287
Critical
Oracle Database Server CVE-2006-5337 Vulnerability (CVE-2006-5337)
CVE-2006-5337
-
Critical
Oracle Database Server CVE-2006-5339 Vulnerability (CVE-2006-5339)
CVE-2006-5339
-
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9546)
CVE-2020-9546
CWE-502
Critical
OpenVPN AS Improper Authentication Vulnerability (CVE-2020-8953)
CVE-2020-8953
CWE-287
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5365)
CVE-2006-5365
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5366)
CVE-2006-5366
-
Critical
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8165)
CVE-2020-8165
CWE-502
Critical
Drupal Data Processing Errors Vulnerability (CVE-2017-6920)
CVE-2017-6920
-
Critical
Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2017-5983)
CVE-2017-5983
CWE-502
Critical
phpList Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2020-8547)
CVE-2020-8547
CWE-843
Critical
ReviveAdserver Deserialization of Untrusted Data Vulnerability (CVE-2017-5830)
CVE-2017-5830
CWE-502
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5362)
CVE-2006-5362
-
Critical
Apache Tomcat CVE-2017-5651 Vulnerability (CVE-2017-5651)
CVE-2017-5651
-
Critical
Apache Tomcat Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-5648)
CVE-2017-5648
CWE-668
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2017-5645)
CVE-2017-5645
CWE-502
Critical
WebLogic Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5638)
CVE-2017-5638
CWE-755
Critical
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5611)
CVE-2017-5611
CWE-138
Critical
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5539)
CVE-2017-5539
CWE-22
Critical
Drupal CVE-2017-6925 Vulnerability (CVE-2017-6925)
CVE-2017-6925
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5361)
CVE-2006-5361
-
Critical
Oracle Database Server CVE-2006-5341 Vulnerability (CVE-2006-5341)
CVE-2006-5341
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5353)
CVE-2006-5353
-
Critical
Oracle Database Server Other Vulnerability (CVE-2006-5343)
CVE-2006-5343
-
Critical
Oracle Database Server CVE-2006-5344 Vulnerability (CVE-2006-5344)
CVE-2006-5344
-
Critical
Oracle Database Server CVE-2006-5345 Vulnerability (CVE-2006-5345)
CVE-2006-5345
-
Critical
Oracle HTTP Server Other Vulnerability (CVE-2006-5347)
CVE-2006-5347
-
Critical
Oracle HTTP Server Other Vulnerability (CVE-2006-5348)
CVE-2006-5348
-
Critical
Oracle HTTP Server Other Vulnerability (CVE-2006-5349)
CVE-2006-5349
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5354)
CVE-2006-5354
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5360)
CVE-2006-5360
-
Critical
Oracle HTTP Server Other Vulnerability (CVE-2006-5354)
CVE-2006-5354
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5355)
CVE-2006-5355
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5356)
CVE-2006-5356
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5357)
CVE-2006-5357
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5358)
CVE-2006-5358
-
Critical
Oracle Application Server CVE-2006-5359 Vulnerability (CVE-2006-5359)
CVE-2006-5359
-
Critical
ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-2555)
CVE-2016-2555
CWE-138
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-2554)
CVE-2016-2554
CWE-119
Critical
Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-18314)
CVE-2018-18314
CWE-119
Critical
osCommerce Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-6579)
CVE-2023-6579
CWE-138
Critical
MyBB CVE-2011-5133 Vulnerability (CVE-2011-5133)
CVE-2011-5133
-
Critical
Moodle Other Vulnerability (CVE-2023-5550)
CVE-2023-5550
-
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-4093)
CVE-2022-4093
CWE-138
Critical
Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2022-48565)
CVE-2022-48565
CWE-611
Critical
Perl Out-of-bounds Write Vulnerability (CVE-2022-48522)
CVE-2022-48522
CWE-787
Critical
phpMyFAQ Insufficient Session Expiration Vulnerability (CVE-2023-5865)
CVE-2023-5865
CWE-613
Critical
Rukovoditel Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2022-48175)
CVE-2022-48175
CWE-138
Critical
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-48008)
CVE-2022-48008
CWE-434
Critical
Masa CMS Incorrect Authorization Vulnerability (CVE-2022-47002)
CVE-2022-47002
CWE-863
Critical
Sqlite Other Vulnerability (CVE-2022-46908)
CVE-2022-46908
-
Critical
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-45152)
CVE-2022-45152
CWE-918
Critical
Collabtive Improper Privilege Management Vulnerability (CVE-2013-5027)
CVE-2013-5027
CWE-269
Critical
Wordpress Plugin Backup Migration CVE-2023-6553 Vulnerability (CVE-2023-6553)
CVE-2023-6553
-
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-44945)
CVE-2022-44945
CWE-138
Critical
Wordpress Plugin Backup Migration Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2023-6971)
CVE-2023-6971
CWE-829
Critical
Jboss EAP CVE-2022-4492 Vulnerability (CVE-2022-4492)
CVE-2022-4492
-
Critical
Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)
CVE-2022-43138
CWE-269
Critical
Oracle JRE CVE-2013-5810 Vulnerability (CVE-2013-5810)
CVE-2013-5810
-
Critical
Oracle JRE CVE-2013-5809 Vulnerability (CVE-2013-5809)
CVE-2013-5809
-
Critical
Oracle JRE CVE-2013-5806 Vulnerability (CVE-2013-5806)
CVE-2013-5806
-
Critical
Oracle JRE CVE-2013-5805 Vulnerability (CVE-2013-5805)
CVE-2013-5805
-
Critical
TYPO3 Improper Authentication Vulnerability (CVE-2011-4628)
CVE-2011-4628
CWE-287
Critical
Pega Infinity Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-10094)
CVE-2024-10094
CWE-94
Critical
Oracle JRE CVE-2013-5789 Vulnerability (CVE-2013-5789)
CVE-2013-5789
-
Critical
Wordpress Plugin Backup Migration Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-6972)
CVE-2023-6972
CWE-22
Critical
Oracle JRE CVE-2013-5788 Vulnerability (CVE-2013-5788)
CVE-2013-5788
-
Critical
«
1
...
7
8
9
...
200
»