Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Missing Update
This page lists
22224 vulnerabilities
in this category.
Critical: 1394
High: 12186
Medium: 7891
Low: 749
Information: 4
Vulnerability Name
CVE
CWE
Severity
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2025-54905)
CVE-2025-54905
CWE-822
High
Envoy Proxy Use After Free Vulnerability (CVE-2025-54588)
CVE-2025-54588
CWE-416
High
Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-52434)
CVE-2025-52434
CWE-362
High
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-54417)
CVE-2025-54417
CWE-94
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-53836)
CVE-2025-53836
CWE-863
High
SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-53760)
CVE-2025-53760
CWE-918
High
SharePoint Incorrect Conversion between Numeric Types Vulnerability (CVE-2025-53733)
CVE-2025-53733
CWE-681
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2025-53506)
CVE-2025-53506
CWE-400
High
Apache HTTP Server Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-53020)
CVE-2025-53020
CWE-401
High
Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2025-52520)
CVE-2025-52520
CWE-190
High
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-43665)
CVE-2023-43665
CWE-1284
High
Jenkins CVE-2023-43498 Vulnerability (CVE-2023-43498)
CVE-2023-43498
-
High
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.14)
CVE-2017-9066
CWE-918
High
Oracle HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716)
CVE-2022-21716
CWE-120
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2022-23302)
CVE-2022-23302
CWE-502
High
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)
CVE-2022-23181
CWE-367
High
Oracle HTTP Server Improper Initialization Vulnerability (CVE-2022-22719)
CVE-2022-22719
CWE-665
High
SharePoint CVE-2022-21837 Vulnerability (CVE-2022-21837)
CVE-2022-21837
-
High
Next.js CVE-2022-21721 Vulnerability (CVE-2022-21721)
CVE-2022-21721
-
High
Twisted Web HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716)
CVE-2022-21716
CWE-120
High
Twisted Web HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21712)
CVE-2022-21712
CWE-200
High
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-23498)
CVE-2022-23498
CWE-200
High
Grafana Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-21703)
CVE-2022-21703
CWE-352
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-21664)
CVE-2022-21664
CWE-138
High
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2022-21663)
CVE-2022-21663
CWE-502
High
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-21661)
CVE-2022-21661
CWE-138
High
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2022-21655)
CVE-2022-21655
CWE-670
High
MySQL CVE-2022-21600 Vulnerability (CVE-2022-21600)
CVE-2022-21600
-
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2022-23307)
CVE-2022-23307
CWE-502
High
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500)
CVE-2022-23500
CWE-674
High
WebLogic CVE-2022-21441 Vulnerability (CVE-2022-21441)
CVE-2022-21441
-
High
Moment.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-24785)
CVE-2022-24785
CWE-22
High
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277)
CVE-2022-25277
CWE-434
High
Drupal Other Vulnerability (CVE-2022-25275)
CVE-2022-25275
-
High
Drupal Improper Input Validation Vulnerability (CVE-2022-25273)
CVE-2022-25273
CWE-20
High
Drupal Improper Input Validation Vulnerability (CVE-2022-25271)
CVE-2022-25271
CWE-20
High
XWiki Incorrect Use of Privileged APIs Vulnerability (CVE-2022-24821)
CVE-2022-24821
CWE-648
High
Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-24801)
CVE-2022-24801
CWE-444
High
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-24734)
CVE-2022-24734
CWE-94
High
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-23503)
CVE-2022-23503
CWE-94
High
Drupal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-24729)
CVE-2022-24729
CWE-1333
High
CKEditor Other Vulnerability (CVE-2022-24729)
CVE-2022-24729
-
High
Django Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23833)
CVE-2022-23833
CWE-835
High
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-23793)
CVE-2022-23793
CWE-22
High
Next.js User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2022-23646)
CVE-2022-23646
CWE-451
High
XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-23619)
CVE-2022-23619
CWE-640
High
Oracle HTTP Server CVE-2022-21593 Vulnerability (CVE-2022-21593)
CVE-2022-21593
-
High
WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-21371)
CVE-2022-21371
CWE-22
High
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2022-25762)
CVE-2022-25762
CWE-404
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)
CVE-2021-4104
CWE-502
High
OpenVPN AS Other Vulnerability (CVE-2021-4234)
CVE-2021-4234
-
High
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)
CVE-2021-4229
CWE-829
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4185)
CVE-2021-4185
CWE-835
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4184)
CVE-2021-4184
CWE-835
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4182)
CVE-2021-4182
CWE-835
High
Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-4181)
CVE-2021-4181
CWE-138
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)
CVE-2021-4104
CWE-502
High
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269)
CVE-2022-0269
CWE-352
High
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)
CVE-2021-4044
CWE-835
High
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-4034)
CVE-2021-4034
CWE-787
High
MediaWiki Uncontrolled Resource Consumption Vulnerability (CVE-2021-46149)
CVE-2021-46149
CWE-400
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-46147)
CVE-2021-46147
CWE-352
High
Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)
CVE-2021-45116
CWE-668
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2021-45115)
CVE-2021-45115
CWE-400
High
YOURLS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0088)
CVE-2022-0088
CWE-352
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0335)
CVE-2022-0335
CWE-352
High
MySQL CVE-2022-21351 Vulnerability (CVE-2022-21351)
CVE-2022-21351
-
High
Jboss EAP CVE-2022-1259 Vulnerability (CVE-2022-1259)
CVE-2022-1259
-
High
WebLogic CVE-2022-21292 Vulnerability (CVE-2022-21292)
CVE-2022-21292
-
High
MySQL CVE-2022-21278 Vulnerability (CVE-2022-21278)
CVE-2022-21278
-
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-1552)
CVE-2022-1552
CWE-138
High
OpenSSL Incomplete Cleanup Vulnerability (CVE-2022-1473)
CVE-2022-1473
CWE-459
High
Undertow Unchecked Return Value Vulnerability (CVE-2022-1319)
CVE-2022-1319
CWE-252
High
Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259)
CVE-2022-1259
-
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0983)
CVE-2022-0983
CWE-138
High
«
1
...
51
52
53
...
297
»
