🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
PrestaShop CVE-2023-39529 Vulnerability (CVE-2023-39529)
CVE-2023-39529
-
Critical
PrestaShop Improper Input Validation Vulnerability (CVE-2023-39530)
CVE-2023-39530
CWE-20
Critical
IBM WebSEAL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-3028)
CVE-2016-3028
CWE-138
Critical
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3065)
CVE-2016-3065
CWE-264
Critical
PHP Incorrect Conversion between Numeric Types Vulnerability (CVE-2016-3074)
CVE-2016-3074
CWE-681
Critical
Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2023-3128)
CVE-2023-3128
CWE-290
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-3078)
CVE-2016-3078
CWE-190
Critical
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-17670)
CVE-2019-17670
CWE-918
Critical
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-17669)
CVE-2019-17669
CWE-918
Critical
PHP Double Free Vulnerability (CVE-2016-3132)
CVE-2016-3132
CWE-415
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3141)
CVE-2016-3141
CWE-119
Critical
Opencart Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-40834)
CVE-2023-40834
CWE-307
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-43789)
CVE-2021-43789
CWE-138
Critical
Chamilo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-3533)
CVE-2023-3533
CWE-22
Critical
Chamilo Improper Handling of Case Sensitivity Vulnerability (CVE-2023-3545)
CVE-2023-3545
CWE-178
Critical
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3550)
CVE-2023-3550
CWE-707
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17571)
CVE-2019-17571
CWE-502
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2023-3824)
CVE-2023-3824
CWE-119
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17565)
CVE-2019-17565
CWE-444
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17559)
CVE-2019-17559
CWE-444
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)
CVE-2019-17531
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)
CVE-2019-17531
CWE-502
Critical
Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)
CVE-2019-17444
CWE-521
Critical
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2715)
CVE-2011-2715
CWE-138
Critical
Oracle Database Server CVE-2006-5337 Vulnerability (CVE-2006-5337)
CVE-2006-5337
-
Critical
Oracle Database Server CVE-2006-5335 Vulnerability (CVE-2006-5335)
CVE-2006-5335
-
Critical
Oracle Database Server CVE-2006-3705 Vulnerability (CVE-2006-3705)
CVE-2006-3705
-
Critical
PHP Use After Free Vulnerability (CVE-2016-4473)
CVE-2016-4473
CWE-416
Critical
Apache HTTP Server Other Vulnerability (CVE-2021-42013)
CVE-2021-42013
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2011-3268)
CVE-2011-3268
CWE-119
Critical
Oracle Database Server Improper Input Validation Vulnerability (CVE-2020-1953)
CVE-2020-1953
CWE-20
Critical
PHP Improper Input Validation Vulnerability (CVE-2016-4071)
CVE-2016-4071
CWE-20
Critical
PHP Improper Input Validation Vulnerability (CVE-2016-4072)
CVE-2016-4072
CWE-20
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4073)
CVE-2016-4073
CWE-119
Critical
PHP Numeric Errors Vulnerability (CVE-2016-4344)
CVE-2016-4344
-
Critical
PHP Numeric Errors Vulnerability (CVE-2016-4345)
CVE-2016-4345
-
Critical
PHP Numeric Errors Vulnerability (CVE-2016-4346)
CVE-2016-4346
-
Critical
Oracle JRE CVE-2011-3544 Vulnerability (CVE-2011-3544)
CVE-2011-3544
-
Critical
WordPress CVE-2006-4028 Vulnerability (CVE-2006-4028)
CVE-2006-4028
-
Critical
PHP Improper Input Validation Vulnerability (CVE-2016-4537)
CVE-2016-4537
CWE-20
Critical
Apache Tomcat Other Vulnerability (CVE-2020-1938)
CVE-2020-1938
-
Critical
PHP Improper Input Validation Vulnerability (CVE-2016-4538)
CVE-2016-4538
CWE-20
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4539)
CVE-2016-4539
CWE-119
Critical
PHP Other Vulnerability (CVE-2016-4540)
CVE-2016-4540
-
Critical
PHP Other Vulnerability (CVE-2016-4541)
CVE-2016-4541
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4542)
CVE-2016-4542
CWE-119
Critical
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2006-3738)
CVE-2006-3738
CWE-119
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4543)
CVE-2016-4543
CWE-119
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4544)
CVE-2016-4544
CWE-119
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)
CVE-2019-16335
CWE-502
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)
CVE-2019-16335
CWE-502
Critical
Oracle Application Server Other Vulnerability (CVE-2006-3710)
CVE-2006-3710
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-3708)
CVE-2006-3708
-
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-1944)
CVE-2020-1944
CWE-444
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
CVE-2019-16942
CWE-502
Critical
ownCloud Improper Access Control Vulnerability (CVE-2014-2048)
CVE-2014-2048
CWE-284
Critical
Moodle Improper Input Validation Vulnerability (CVE-2006-4935)
CVE-2006-4935
CWE-20
Critical
Oracle Database Server CVE-2006-5332 Vulnerability (CVE-2006-5332)
CVE-2006-5332
-
Critical
WebLogic CVE-2016-3551 Vulnerability (CVE-2016-3551)
CVE-2016-3551
-
Critical
WebLogic CVE-2016-3586 Vulnerability (CVE-2016-3586)
CVE-2016-3586
-
Critical
osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-42235)
CVE-2021-42235
CWE-138
Critical
GlassFish CVE-2016-3607 Vulnerability (CVE-2016-3607)
CVE-2016-3607
-
Critical
Elgg Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2936)
CVE-2011-2936
CWE-138
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-3690)
CVE-2016-3690
CWE-502
Critical
WordPress CVE-2011-3122 Vulnerability (CVE-2011-3122)
CVE-2011-3122
-
Critical
WordPress CVE-2011-3125 Vulnerability (CVE-2011-3125)
CVE-2011-3125
-
Critical
Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)
CVE-2020-1745
CWE-200
Critical
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3129)
CVE-2011-3129
CWE-264
Critical
Moodle Improper Input Validation Vulnerability (CVE-2006-4936)
CVE-2006-4936
CWE-20
Critical
Contao Deserialization of Untrusted Data Vulnerability (CVE-2014-1860)
CVE-2014-1860
CWE-502
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2006-4482)
CVE-2006-4482
CWE-119
Critical
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4812)
CVE-2006-4812
CWE-94
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)
CVE-2019-17267
CWE-502
Critical
CrushFTP Server Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2023-43177)
CVE-2023-43177
CWE-913
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)
CVE-2019-17267
CWE-502
Critical
«
1
2
3
4
...
313
»