🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23500 vulnerabilities
in this category.
Critical: 1518
High: 12619
Medium: 8575
Low: 784
Information: 4
Vulnerability Name
CVE
CWE
Severity
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-21469)
CVE-2020-21469
CWE-120
High
Python Out-of-bounds Read Vulnerability (CVE-2019-15903)
CVE-2019-15903
CWE-125
High
Varnish Cache Reachable Assertion Vulnerability (CVE-2019-15892)
CVE-2019-15892
CWE-617
High
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4960)
CVE-2011-4960
CWE-138
High
ownCloud Other Vulnerability (CVE-2014-2053)
CVE-2014-2053
-
High
Telerik Web UI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-2217)
CVE-2014-2217
CWE-22
High
Jboss EAP Incorrect Authorization Vulnerability (CVE-2019-14843)
CVE-2019-14843
CWE-863
High
Jenkins CVE-2014-2063 Vulnerability (CVE-2014-2063)
CVE-2014-2063
-
High
PmWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4453)
CVE-2011-4453
CWE-94
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)
CVE-2019-14888
CWE-400
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)
CVE-2019-14888
CWE-400
High
ownCloud Other Vulnerability (CVE-2014-2056)
CVE-2014-2056
-
High
ownCloud Other Vulnerability (CVE-2014-2055)
CVE-2014-2055
-
High
ownCloud Other Vulnerability (CVE-2014-2054)
CVE-2014-2054
-
High
ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2051)
CVE-2014-2051
CWE-94
High
LimeSurvey Improper Input Validation Vulnerability (CVE-2019-15640)
CVE-2019-15640
CWE-20
High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001)
CVE-2019-15001
CWE-94
High
ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2044)
CVE-2014-2044
CWE-94
High
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2019-15043)
CVE-2019-15043
CWE-306
High
Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-1912)
CVE-2014-1912
CWE-119
High
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)
CVE-2019-15225
CWE-770
High
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2019-15226)
CVE-2019-15226
CWE-400
High
Roundcube Unspesificed Vulnerability (CVE-2019-15237)
CVE-2019-15237
-
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4605)
CVE-2011-4605
CWE-264
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4608)
CVE-2011-4608
CWE-264
High
Nexus Repository Manager Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-15588)
CVE-2019-15588
CWE-138
High
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-20491)
CVE-2020-20491
CWE-138
High
Ruby Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16255)
CVE-2019-16255
CWE-94
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17318)
CVE-2019-17318
CWE-138
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17306)
CVE-2019-17306
CWE-94
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17298)
CVE-2019-17298
CWE-138
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17299)
CVE-2019-17299
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17300)
CVE-2019-17300
CWE-94
High
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1576)
CVE-2020-1576
CWE-494
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17301)
CVE-2019-17301
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17302)
CVE-2019-17302
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17303)
CVE-2019-17303
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17304)
CVE-2019-17304
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305)
CVE-2019-17305
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17307)
CVE-2019-17307
CWE-94
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17297)
CVE-2019-17297
CWE-138
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17308)
CVE-2019-17308
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17309)
CVE-2019-17309
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310)
CVE-2019-17310
CWE-94
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17311)
CVE-2019-17311
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17312)
CVE-2019-17312
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17313)
CVE-2019-17313
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17314)
CVE-2019-17314
CWE-22
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17315)
CVE-2019-17315
CWE-915
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17316)
CVE-2019-17316
CWE-915
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17317)
CVE-2019-17317
CWE-915
High
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1595)
CVE-2020-1595
CWE-494
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17296)
CVE-2019-17296
CWE-138
High
Pega Infinity Exposure of Resource to Wrong Sphere Vulnerability (CVE-2019-16387)
CVE-2019-16387
CWE-668
High
Oracle JRE CVE-2014-0448 Vulnerability (CVE-2014-0448)
CVE-2014-0448
-
High
Oracle JRE CVE-2014-0458 Vulnerability (CVE-2014-0458)
CVE-2014-0458
-
High
Oracle JRE CVE-2014-0454 Vulnerability (CVE-2014-0454)
CVE-2014-0454
-
High
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-1967)
CVE-2020-1967
CWE-476
High
Nexus Repository Manager Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-16530)
CVE-2019-16530
CWE-434
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2020-1967)
CVE-2020-1967
CWE-476
High
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5083)
CVE-2011-5083
CWE-264
High
Oracle JRE CVE-2014-0452 Vulnerability (CVE-2014-0452)
CVE-2014-0452
-
High
MySQL NULL Pointer Dereference Vulnerability (CVE-2020-1967)
CVE-2020-1967
CWE-476
High
Oracle JRE CVE-2014-0451 Vulnerability (CVE-2014-0451)
CVE-2014-0451
-
High
Oracle JRE CVE-2014-0446 Vulnerability (CVE-2014-0446)
CVE-2014-0446
-
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17295)
CVE-2019-17295
CWE-138
High
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1757)
CVE-2020-1757
CWE-20
High
Undertow Improper Input Validation Vulnerability (CVE-2020-1757)
CVE-2020-1757
CWE-20
High
Moodle Improper Input Validation Vulnerability (CVE-2020-1756)
CVE-2020-1756
CWE-20
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0046)
CVE-2012-0046
CWE-200
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-16869)
CVE-2019-16869
CWE-444
High
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)
CVE-2019-16891
CWE-502
High
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16993)
CVE-2019-16993
CWE-352
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17292)
CVE-2019-17292
CWE-138
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17293)
CVE-2019-17293
CWE-138
High
«
1
...
169
170
171
...
314
»