🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Invicti vs. Competitors
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
MSSP
Documentation
Vulnerability Database
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23409 vulnerabilities
in this category.
Critical: 1513
High: 12591
Medium: 8518
Low: 783
Information: 4
Vulnerability Name
CVE
CWE
Severity
Envoy Proxy CVE-2024-23324 Vulnerability (CVE-2024-23324)
CVE-2024-23324
-
High
Envoy Proxy Improper Handling of Exceptional Conditions Vulnerability (CVE-2024-23325)
CVE-2024-23325
CWE-755
High
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-23326)
CVE-2024-23326
-
High
Envoy Proxy Detection of Error Condition Without Action Vulnerability (CVE-2024-30255)
CVE-2024-30255
CWE-390
High
Chamilo Incorrect Authorization Vulnerability (CVE-2024-30616)
CVE-2024-30616
CWE-863
High
ZenCart Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2024-5762)
CVE-2024-5762
CWE-829
High
Oracle Database Server Uncontrolled Resource Consumption Vulnerability (CVE-2026-46835)
CVE-2026-46835
CWE-400
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-45809)
CVE-2024-45809
CWE-476
High
Envoy Proxy CVE-2024-45810 Vulnerability (CVE-2024-45810)
CVE-2024-45810
-
High
SharePoint Improper Authorization Vulnerability (CVE-2026-47298)
CVE-2026-47298
CWE-285
High
Next.js Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-46982)
CVE-2024-46982
CWE-639
High
SharePoint Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-47294)
CVE-2026-47294
CWE-138
High
Apache HTTP Server Improper Neutralization of Escape, Meta, or Control Sequences Vulnerability (CVE-2024-47252)
CVE-2024-47252
CWE-150
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2026-47221)
CVE-2026-47221
CWE-476
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2026-47204)
CVE-2026-47204
CWE-476
High
WebLogic CVE-2026-46848 Vulnerability (CVE-2026-46848)
CVE-2026-46848
-
High
Next.js Uncontrolled Recursion Vulnerability (CVE-2024-47831)
CVE-2024-47831
CWE-674
High
Chamilo Deserialization of Untrusted Data Vulnerability (CVE-2024-47886)
CVE-2024-47886
CWE-502
High
Squid CVE-2024-45802 Vulnerability (CVE-2024-45802)
CVE-2024-45802
-
High
Oracle Database Server Uncontrolled Resource Consumption Vulnerability (CVE-2026-46834)
CVE-2026-46834
CWE-400
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-48311)
CVE-2024-48311
CWE-352
High
Ruby Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2026-46727)
CVE-2026-46727
CWE-362
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-45659)
CVE-2026-45659
CWE-502
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-45484)
CVE-2026-45484
CWE-502
High
SharePoint Heap-based Buffer Overflow Vulnerability (CVE-2026-45475)
CVE-2026-45475
CWE-122
High
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2026-45471)
CVE-2026-45471
CWE-822
High
Piwigo Use of Insufficiently Random Values Vulnerability (CVE-2024-48928)
CVE-2024-48928
CWE-330
High
SharePoint CVE-2024-49068 Vulnerability (CVE-2024-49068)
CVE-2024-49068
-
High
SharePoint CVE-2024-49070 Vulnerability (CVE-2024-49070)
CVE-2024-49070
-
High
Envoy Proxy CVE-2024-45807 Vulnerability (CVE-2024-45807)
CVE-2024-45807
-
High
Moodle Incorrect Default Permissions Vulnerability (CVE-2024-45690)
CVE-2024-45690
CWE-276
High
SharePoint Use After Free Vulnerability (CVE-2026-45458)
CVE-2026-45458
CWE-416
High
Moodle Missing Authorization Vulnerability (CVE-2024-43431)
CVE-2024-43431
CWE-862
High
Internet Information Services Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
Nginx Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
Jenkins Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43044)
CVE-2024-43044
CWE-754
High
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-43204)
CVE-2024-43204
CWE-918
High
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-43394)
CVE-2024-43394
CWE-918
High
Apache HTTP Server Use After Free Vulnerability (CVE-2026-48913)
CVE-2026-48913
CWE-416
High
XWiki Missing Authorization Vulnerability (CVE-2024-43401)
CVE-2024-43401
CWE-862
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-43425)
CVE-2024-43425
CWE-94
High
Moodle Improper Validation of Specified Type of Input Vulnerability (CVE-2024-43426)
CVE-2024-43426
CWE-1287
High
Moodle Insufficient Verification of Data Authenticity Vulnerability (CVE-2024-43428)
CVE-2024-43428
CWE-345
High
Joomla Use of Cache Containing Sensitive Information Vulnerability (CVE-2026-48901)
CVE-2026-48901
CWE-524
High
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-45398)
CVE-2024-45398
CWE-434
High
Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43434)
CVE-2024-43434
CWE-22
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-43436)
CVE-2024-43436
CWE-138
High
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-43438)
CVE-2024-43438
CWE-639
High
Joomla Improper Authentication Vulnerability (CVE-2026-48897)
CVE-2026-48897
CWE-287
High
Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43440)
CVE-2024-43440
CWE-22
High
SharePoint CVE-2024-43464 Vulnerability (CVE-2024-43464)
CVE-2024-43464
-
High
SharePoint CVE-2024-43466 Vulnerability (CVE-2024-43466)
CVE-2024-43466
-
High
SharePoint CVE-2024-43503 Vulnerability (CVE-2024-43503)
CVE-2024-43503
-
High
Django CVE-2024-45230 Vulnerability (CVE-2024-45230)
CVE-2024-45230
-
High
Joomla CVE-2026-48896 Vulnerability (CVE-2026-48896)
CVE-2026-48896
-
High
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767)
CVE-2024-49767
CWE-770
High
SharePoint Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2026-45456)
CVE-2026-45456
CWE-843
High
Apache Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-49975)
CVE-2026-49975
CWE-789
High
axios Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-44490)
CVE-2026-44490
CWE-1321
High
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-55885)
CVE-2024-55885
CWE-327
High
phpMyFAQ User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2024-55889)
CVE-2024-55889
CWE-451
High
Next.js Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2026-44575)
CVE-2026-44575
CWE-288
High
Next.js Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2026-44574)
CVE-2026-44574
CWE-288
High
Next.js Incorrect Authorization Vulnerability (CVE-2026-44573)
CVE-2026-44573
CWE-863
High
TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55921)
CVE-2024-55921
CWE-749
High
axios Uncontrolled Resource Consumption Vulnerability (CVE-2026-44496)
CVE-2026-44496
CWE-400
High
axios Unintended Proxy or Intermediary ('Confused Deputy') Vulnerability (CVE-2026-44494)
CVE-2026-44494
CWE-441
High
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55924)
CVE-2024-55924
CWE-352
High
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-44492)
CVE-2026-44492
CWE-918
High
phpMyFAQ Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2024-56199)
CVE-2024-56199
CWE-707
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877)
CVE-2024-55877
CWE-94
High
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-44488)
CVE-2026-44488
CWE-770
High
axios Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2026-44487)
CVE-2026-44487
CWE-201
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-56374)
CVE-2024-56374
CWE-770
High
Perl Out-of-bounds Write Vulnerability (CVE-2024-56406)
CVE-2024-56406
CWE-787
High
«
1
...
74
75
76
...
313
»