Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Missing Update

This page lists 22224 vulnerabilities in this category.

Critical: 1394 High: 12186 Medium: 7891 Low: 749 Information: 4
Vulnerability Name
CVE
CWE
Severity
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
CVE-2022-26137
CWE-180
Critical
Python Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2015-20107)
CVE-2015-20107
CWE-138
Critical
Roundcube Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-44026)
CVE-2021-44026
CWE-138
Critical
MySQL Other Vulnerability (CVE-2003-0150)
CVE-2003-0150
-
Critical
osCommerce Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-27976)
CVE-2020-27976
CWE-138
Critical
Joomla CVE-2021-23127 Vulnerability (CVE-2021-23127)
CVE-2021-23127
-
Critical
Ruby Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-31799)
CVE-2021-31799
CWE-138
Critical
Joomla CVE-2021-23128 Vulnerability (CVE-2021-23128)
CVE-2021-23128
-
Critical
Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)
CVE-2022-43138
CWE-269
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43168)
CVE-2022-43168
CWE-138
Critical
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3065)
CVE-2016-3065
CWE-264
Critical
qdPM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-45856)
CVE-2023-45856
CWE-434
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45134)
CVE-2023-45134
CWE-707
Critical
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8165)
CVE-2020-8165
CWE-502
Critical
PHP Incorrect Conversion between Numeric Types Vulnerability (CVE-2016-3074)
CVE-2016-3074
CWE-681
Critical
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-25315)
CVE-2022-25315
CWE-190
Critical
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-44945)
CVE-2022-44945
CWE-138
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45136)
CVE-2023-45136
CWE-707
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-3078)
CVE-2016-3078
CWE-190
Critical
Ramda Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-42581)
CVE-2021-42581
CWE-1321
Critical
PHP Improper Input Validation Vulnerability (CVE-2015-5589)
CVE-2015-5589
CWE-20
Critical
Dot CMS Other Vulnerability (CVE-2022-26352)
CVE-2022-26352
-
Critical
GibbonEdu CVE-2023-45878 Vulnerability (CVE-2023-45878)
CVE-2023-45878
-
Critical
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46731)
CVE-2023-46731
CWE-94
Critical
Apache Traffic Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-43082)
CVE-2021-43082
CWE-120
Critical
PHP Double Free Vulnerability (CVE-2016-3132)
CVE-2016-3132
CWE-415
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2015-7501)
CVE-2015-7501
CWE-502
Critical
ownCloud Improper Input Validation Vulnerability (CVE-2020-28645)
CVE-2020-28645
CWE-20
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3141)
CVE-2016-3141
CWE-119
Critical
Oracle Database Server CVE-2016-0499 Vulnerability (CVE-2016-0499)
CVE-2016-0499
-
Critical
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42122)
CVE-2022-42122
CWE-138
Critical
concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-22958)
CVE-2021-22958
CWE-918
Critical
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)
CVE-2020-7941
CWE-269
Critical
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-7961)
CVE-2020-7961
CWE-502
Critical
PHP Other Vulnerability (CVE-2015-4116)
CVE-2015-4116
-
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39526)
CVE-2023-39526
CWE-138
Critical
PHP Other Vulnerability (CVE-2015-4600)
CVE-2015-4600
-
Critical
OpenSSL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2022-1292)
CVE-2022-1292
CWE-138
Critical
Jenkins Other Vulnerability (CVE-2021-21689)
CVE-2021-21689
-
Critical
OpenSSL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2022-2068)
CVE-2022-2068
CWE-138
Critical
Grafana Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2021-41244)
CVE-2021-41244
CWE-610
Critical
Jenkins Missing Authorization Vulnerability (CVE-2021-21687)
CVE-2021-21687
CWE-862
Critical
XWiki Inadequate Encryption Strength Vulnerability (CVE-2022-29161)
CVE-2022-29161
CWE-326
Critical
Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492)
CVE-2022-4492
-
Critical
ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-4716)
CVE-2015-4716
CWE-22
Critical
OpenVPN AS Use After Free Vulnerability (CVE-2023-46850)
CVE-2023-46850
CWE-416
Critical
Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3249)
CVE-2015-3249
CWE-119
Critical
Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690 )
CVE-2021-21690
CWE-693
Critical
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2022-40871)
CVE-2022-40871
CWE-276
Critical
Opencart Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3990)
CVE-2014-3990
CWE-611
Critical
WebLogic CVE-2021-2382 Vulnerability (CVE-2021-2382)
CVE-2021-2382
-
Critical
SugarCRM Missing Authorization Vulnerability (CVE-2020-7472)
CVE-2020-7472
CWE-862
Critical
Jboss EAP CVE-2022-4492 Vulnerability (CVE-2022-4492)
CVE-2022-4492
-
Critical
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21691)
CVE-2021-21691
CWE-59
Critical
WebLogic CVE-2021-2394 Vulnerability (CVE-2021-2394)
CVE-2021-2394
-
Critical
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21692 )
CVE-2021-21692
CWE-863
Critical
Rukovoditel Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2022-48175)
CVE-2022-48175
CWE-138
Critical
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21692)
CVE-2021-21692
CWE-22
Critical
Oracle HTTP Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-25236)
CVE-2022-25236
CWE-668
Critical
Telerik Web UI Missing Authorization Vulnerability (CVE-2021-28141)
CVE-2021-28141
CWE-862
Critical
WebLogic CVE-2021-2397 Vulnerability (CVE-2021-2397)
CVE-2021-2397
-
Critical
WebLogic Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-23450)
CVE-2021-23450
CWE-1321
Critical
Oracle HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2022-25235)
CVE-2022-25235
CWE-116
Critical
OpenVPN AS Improper Authentication Vulnerability (CVE-2020-8953)
CVE-2020-8953
CWE-287
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-4643)
CVE-2015-4643
CWE-119
Critical
Envoy Proxy Missing Authentication for Critical Function Vulnerability (CVE-2022-29226)
CVE-2022-29226
CWE-306
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-4093)
CVE-2022-4093
CWE-138
Critical
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-37277)
CVE-2023-37277
CWE-352
Critical
OpenSSL Integer Overflow or Wraparound Vulnerability (CVE-2016-2177)
CVE-2016-2177
CWE-190
Critical
Werkzeug WSGI Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-29361)
CVE-2022-29361
-
Critical
PHP Other Vulnerability (CVE-2015-8876)
CVE-2015-8876
-
Critical
Apache HTTP Server Other Vulnerability (CVE-1999-0067)
CVE-1999-0067
-
Critical
PHP Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-4642)
CVE-2015-4642
CWE-138
Critical
Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2022-48565)
CVE-2022-48565
CWE-611
Critical
OpenSSL Out-of-bounds Write Vulnerability (CVE-2016-2182)
CVE-2016-2182
CWE-787
Critical