🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
Oracle JRE CVE-2012-1723 Vulnerability (CVE-2012-1723)
CVE-2012-1723
-
Critical
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-9788)
CVE-2017-9788
CWE-20
Critical
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9788)
CVE-2017-9788
CWE-200
Critical
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2018-1000861)
CVE-2018-1000861
CWE-502
Critical
Oracle JRE CVE-2012-1716 Vulnerability (CVE-2012-1716)
CVE-2012-1716
-
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21025)
CVE-2021-21025
CWE-91
Critical
Joomla Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') Vulnerability (CVE-2017-14596)
CVE-2017-14596
CWE-138
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-35169)
CVE-2020-35169
CWE-20
Critical
Oracle Database Server CVE-2017-10282 Vulnerability (CVE-2017-10282)
CVE-2017-10282
-
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35168)
CVE-2020-35168
-
Critical
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0096)
CVE-2003-0096
CWE-119
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35167)
CVE-2020-35167
-
Critical
WebLogic CVE-2018-3197 Vulnerability (CVE-2018-3197)
CVE-2018-3197
-
Critical
Next.js Deserialization of Untrusted Data Vulnerability (CVE-2025-55182)
CVE-2025-55182
CWE-502
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35166)
CVE-2020-35166
-
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-14720)
CVE-2018-14720
CWE-502
Critical
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2003-0095)
CVE-2003-0095
CWE-119
Critical
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2018-14719)
CVE-2018-14719
CWE-502
Critical
Craft CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-37843)
CVE-2024-37843
CWE-138
Critical
WebLogic CVE-2020-2546 Vulnerability (CVE-2020-2546)
CVE-2020-2546
-
Critical
osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14396)
CVE-2017-14396
CWE-138
Critical
Citrix NetScaler Memory Disclosure 'Citrix Bleed' (CVE-2023-4966)
CVE-2023-4966
CWE-119
Critical
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-34187)
CVE-2021-34187
CWE-138
Critical
Roundcube Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2024-37385)
CVE-2024-37385
CWE-138
Critical
CrushFTP Server Unprotected Alternate Channel Vulnerability (CVE-2025-54309)
CVE-2025-54309
CWE-420
Critical
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-53770)
CVE-2025-53770
CWE-502
Critical
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-53835)
CVE-2025-53835
CWE-707
Critical
Jenkins Other Vulnerability (CVE-2021-21697)
CVE-2021-21697
-
Critical
Apache HTTP Server CVE-2024-38476 Vulnerability (CVE-2024-38476)
CVE-2024-38476
-
Critical
Apache HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2024-38475)
CVE-2024-38475
CWE-116
Critical
Apache HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2024-38474)
CVE-2024-38474
CWE-116
Critical
Craft CMS Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-68456)
CVE-2025-68456
CWE-770
Critical
Apache HTTP Server Improper Handling of Case Sensitivity Vulnerability (CVE-2001-0766)
CVE-2001-0766
CWE-178
Critical
Jenkins Other Vulnerability (CVE-2021-21696)
CVE-2021-21696
-
Critical
Oracle JRE CVE-2013-5777 Vulnerability (CVE-2013-5777)
CVE-2013-5777
-
Critical
Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21696 )
CVE-2021-21696
CWE-693
Critical
MySQL Other Vulnerability (CVE-2003-0150)
CVE-2003-0150
-
Critical
Oracle JRE CVE-2017-10285 Vulnerability (CVE-2017-10285)
CVE-2017-10285
-
Critical
Python Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-1000802)
CVE-2018-1000802
CWE-138
Critical
Citrix NetScaler Memory Disclosure 'Citrix Bleed 2' (CVE-2025-5777)
CVE-2025-5349
CWE-457
Critical
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-7489)
CVE-2018-7489
CWE-184
Critical
XWikiplatform Improper Input Validation Vulnerability (CVE-2025-54385)
CVE-2025-54385
CWE-20
Critical
Magento CVE-2020-9631 Vulnerability (CVE-2020-9631)
CVE-2020-9631
-
Critical
GibbonEdu Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2024-24724)
CVE-2024-24724
CWE-138
Critical
Squid Out-of-bounds Write Vulnerability (CVE-2025-54574)
CVE-2025-54574
CWE-787
Critical
SugarCRM Improper Input Validation Vulnerability (CVE-2012-0694)
CVE-2012-0694
CWE-20
Critical
Jenkins Missing Authorization Vulnerability (CVE-2021-21694)
CVE-2021-21694
CWE-862
Critical
Moodle CVE-2025-67856 Vulnerability (CVE-2025-67856)
CVE-2025-67856
-
Critical
Jenkins Improper Authorization Vulnerability (CVE-2021-21693)
CVE-2021-21693
CWE-285
Critical
WebLogic Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2018-1000613)
CVE-2018-1000613
CWE-470
Critical
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14723)
CVE-2017-14723
CWE-138
Critical
Oracle HTTP Server Use of Insufficiently Random Values Vulnerability (CVE-2020-35163)
CVE-2020-35163
CWE-330
Critical
React Deserialization of Untrusted Data Vulnerability (CVE-2025-55182)
CVE-2025-55182
CWE-502
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14242)
CVE-2017-14242
CWE-138
Critical
IBMHttpServer CVE-2012-5955 Vulnerability (CVE-2012-5955)
CVE-2012-5955
-
Critical
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14064)
CVE-2017-14064
CWE-119
Critical
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21691)
CVE-2021-21691
CWE-59
Critical
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-55208)
CVE-2025-55208
CWE-707
Critical
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21024)
CVE-2021-21024
CWE-138
Critical
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-55289)
CVE-2025-55289
CWE-707
Critical
Ruby Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-31799)
CVE-2021-31799
CWE-138
Critical
Python Insufficient Entropy Vulnerability (CVE-2026-7210)
CVE-2026-7210
CWE-331
Critical
Open Resty Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9230)
CVE-2018-9230
CWE-138
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2017-1000158)
CVE-2017-1000158
CWE-190
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9019)
CVE-2018-9019
CWE-138
Critical
XWikiplatform Relative Path Traversal Vulnerability (CVE-2025-55747)
CVE-2025-55747
CWE-23
Critical
PHP Use After Free Vulnerability (CVE-2026-6722)
CVE-2026-6722
CWE-416
Critical
CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035)
CVE-2017-14035
CWE-502
Critical
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34502)
CVE-2024-34502
CWE-352
Critical
WebLogic CVE-2018-3191 Vulnerability (CVE-2018-3191)
CVE-2018-3191
-
Critical
Joomla Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2018-11325)
CVE-2018-11325
CWE-209
Critical
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21690)
CVE-2021-21690
CWE-22
Critical
Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690 )
CVE-2021-21690
CWE-693
Critical
Jenkins Other Vulnerability (CVE-2021-21689)
CVE-2021-21689
-
Critical
Apache Tomcat Improper Neutralization of Escape, Meta, or Control Sequences Vulnerability (CVE-2025-55754)
CVE-2025-55754
CWE-150
Critical
«
1
...
19
20
21
...
313
»