www-project-vulnerable-web-applications-directory
The OWASP Vulnerable Web Applications Directory Project (VWAD, https://owasp.org/www-project-vulnerable-web-applications-directory/) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
The individual collections are available via separate tabs on: https://owasp.org/www-project-vulnerable-web-applications-directory/