🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
Magento CVE-2020-9632 Vulnerability (CVE-2020-9632)
CVE-2020-9632
-
Critical
ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664)
CVE-2018-7664
CWE-138
Critical
ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665)
CVE-2018-7665
CWE-434
Critical
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000362)
CVE-2017-1000362
CWE-200
Critical
PrestaShop Improper Authentication Vulnerability (CVE-2021-21308)
CVE-2021-21308
CWE-287
Critical
Jenkins Missing Authorization Vulnerability (CVE-2021-21685)
CVE-2021-21685
CWE-862
Critical
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-9664)
CVE-2020-9664
CWE-94
Critical
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666)
CVE-2018-7666
CWE-138
Critical
Oracle JRE CVE-2013-0446 Vulnerability (CVE-2013-0446)
CVE-2013-0446
-
Critical
Sqlite CVE-2021-20223 Vulnerability (CVE-2021-20223)
CVE-2021-20223
-
Critical
Sqlite Numeric Truncation Error Vulnerability (CVE-2025-6965)
CVE-2025-6965
CWE-197
Critical
PHP Use After Free Vulnerability (CVE-2017-12932)
CVE-2017-12932
CWE-416
Critical
Oracle JRE Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0422)
CVE-2013-0422
CWE-264
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-11362)
CVE-2017-11362
CWE-119
Critical
Telerik Web UI Improper Input Validation Vulnerability (CVE-2017-11357)
CVE-2017-11357
CWE-20
Critical
Ruby on Rails CVE-2024-28103 Vulnerability (CVE-2024-28103)
CVE-2024-28103
-
Critical
Oracle JRE CVE-2013-0428 Vulnerability (CVE-2013-0428)
CVE-2013-0428
-
Critical
SharePoint CVE-2021-1716 Vulnerability (CVE-2021-1716)
CVE-2021-1716
-
Critical
Oracle JRE CVE-2013-0426 Vulnerability (CVE-2013-0426)
CVE-2013-0426
-
Critical
Oracle JRE CVE-2013-0425 Vulnerability (CVE-2013-0425)
CVE-2013-0425
-
Critical
WebLogic CVE-2021-21350 Vulnerability (CVE-2021-21350)
CVE-2021-21350
-
Critical
PHP Use After Free Vulnerability (CVE-2018-12882)
CVE-2018-12882
CWE-416
Critical
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-10682)
CVE-2017-10682
CWE-138
Critical
phpMyFAQ CVE-2025-59943 Vulnerability (CVE-2025-59943)
CVE-2025-59943
-
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21018)
CVE-2021-21018
CWE-138
Critical
SharePoint Out-of-bounds Write Vulnerability (CVE-2021-1715)
CVE-2021-1715
CWE-787
Critical
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-32615)
CVE-2021-32615
CWE-138
Critical
Sqlite Out-of-bounds Read Vulnerability (CVE-2017-10989)
CVE-2017-10989
CWE-125
Critical
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-59542)
CVE-2025-59542
CWE-707
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019)
CVE-2021-21019
CWE-91
Critical
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-59543)
CVE-2025-59543
CWE-707
Critical
Telerik Web UI Inadequate Encryption Strength Vulnerability (CVE-2017-11317)
CVE-2017-11317
CWE-326
Critical
WebLogic CVE-2021-1994 Vulnerability (CVE-2021-1994)
CVE-2021-1994
-
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-59681)
CVE-2025-59681
CWE-138
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2017-11147)
CVE-2017-11147
CWE-125
Critical
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-9082)
CVE-2026-9082
CWE-138
Critical
Microsoft SQL Server Other Vulnerability (CVE-2002-0721)
CVE-2002-0721
-
Critical
IBMHttpServer Uncontrolled Resource Consumption Vulnerability (CVE-2026-8856)
CVE-2026-8856
CWE-400
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21016)
CVE-2021-21016
CWE-138
Critical
IBMHttpServer Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-8855)
CVE-2026-8855
CWE-94
Critical
b2evolution Improper Input Validation Vulnerability (CVE-2017-1000423)
CVE-2017-1000423
CWE-20
Critical
RubyGems Improper Verification of Cryptographic Signature Vulnerability (CVE-2018-1000076)
CVE-2018-1000076
CWE-347
Critical
Oracle Database Server CVE-2018-3110 Vulnerability (CVE-2018-3110)
CVE-2018-3110
-
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-6376)
CVE-2018-6376
CWE-138
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-12149)
CVE-2017-12149
CWE-502
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-10094)
CVE-2018-10094
CWE-138
Critical
Apache Tomcat Improper Certificate Validation Vulnerability (CVE-2025-66614)
CVE-2025-66614
CWE-295
Critical
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21014)
CVE-2021-21014
CWE-434
Critical
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31982)
CVE-2024-31982
CWE-94
Critical
SharePoint CVE-2021-1707 Vulnerability (CVE-2021-1707)
CVE-2021-1707
-
Critical
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-6308)
CVE-2018-6308
CWE-138
Critical
Oracle JRE CVE-2012-1541 Vulnerability (CVE-2012-1541)
CVE-2012-1541
-
Critical
Jboss EAP CVE-2018-8088 Vulnerability (CVE-2018-8088)
CVE-2018-8088
-
Critical
Oracle JRE CVE-2012-1533 Vulnerability (CVE-2012-1533)
CVE-2012-1533
-
Critical
math.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1001002)
CVE-2017-1001002
CWE-94
Critical
Oracle JRE CVE-2012-1532 Vulnerability (CVE-2012-1532)
CVE-2012-1532
-
Critical
WebLogic CVE-2017-10137 Vulnerability (CVE-2017-10137)
CVE-2017-10137
-
Critical
Oracle JRE CVE-2012-1531 Vulnerability (CVE-2012-1531)
CVE-2012-1531
-
Critical
WebLogic CVE-2020-2884 Vulnerability (CVE-2020-2884)
CVE-2020-2884
-
Critical
Collabtive Improper Privilege Management Vulnerability (CVE-2013-5027)
CVE-2013-5027
CWE-269
Critical
WebLogic CVE-2020-2883 Vulnerability (CVE-2020-2883)
CVE-2020-2883
-
Critical
Apache Tomcat Insecure Default Initialization of Resource Vulnerability (CVE-2018-8014)
CVE-2018-8014
CWE-1188
Critical
WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21347)
CVE-2021-21347
CWE-434
Critical
MediaWiki Improper Input Validation Vulnerability (CVE-2025-67484)
CVE-2025-67484
CWE-20
Critical
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2025-7458)
CVE-2025-7458
CWE-190
Critical
WebLogic CVE-2020-2801 Vulnerability (CVE-2020-2801)
CVE-2020-2801
-
Critical
Ruby Out-of-bounds Write Vulnerability (CVE-2017-11465)
CVE-2017-11465
CWE-787
Critical
Perl Out-of-bounds Write Vulnerability (CVE-2018-6913)
CVE-2018-6913
CWE-787
Critical
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-11174)
CVE-2017-11174
CWE-138
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2017-12933)
CVE-2017-12933
CWE-125
Critical
Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)
CVE-2020-35190
CWE-306
Critical
Oracle JRE CVE-2012-1725 Vulnerability (CVE-2012-1725)
CVE-2012-1725
-
Critical
ProjectSend Improper Input Validation Vulnerability (CVE-2017-9741)
CVE-2017-9741
CWE-20
Critical
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21692)
CVE-2021-21692
CWE-22
Critical
Jboss EAP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-14721)
CVE-2018-14721
CWE-918
Critical
«
1
...
18
19
20
...
313
»