Vulnerability Name CVE Severity
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31049) CVE-2022-31049
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36107) CVE-2022-36107
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36108) CVE-2022-36108
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-24814) CVE-2023-24814
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47125) CVE-2023-47125
TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668) CVE-2010-3668
TYPO3 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-23504) CVE-2022-23504
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6381) CVE-2007-6381
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3632) CVE-2009-3632
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855) CVE-2009-4855
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662) CVE-2010-3662
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-5103) CVE-2010-5103
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-3583) CVE-2011-3583
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6144) CVE-2012-6144
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842) CVE-2013-1842
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850) CVE-2019-19850
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229) CVE-2020-26229
TYPO3 Inadequate Encryption Strength Vulnerability (CVE-2010-3670) CVE-2010-3670
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2021-32767) CVE-2021-32767
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047) CVE-2022-31047
Typo3 Install Tool publicly accessible
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502) CVE-2022-23502
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050) CVE-2022-31050
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063) CVE-2020-11063
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105) CVE-2022-36105
TYPO3 Other Vulnerability (CVE-2006-0327) CVE-2006-0327
TYPO3 Other Vulnerability (CVE-2006-5069) CVE-2006-5069
TYPO3 Other Vulnerability (CVE-2006-6690) CVE-2006-6690
TYPO3 Other Vulnerability (CVE-2007-1081) CVE-2007-1081
TYPO3 Other Vulnerability (CVE-2009-3630) CVE-2009-3630
TYPO3 Other Vulnerability (CVE-2012-1605) CVE-2012-1605
TYPO3 Other Vulnerability (CVE-2012-3530) CVE-2012-3530
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717) CVE-2008-2717
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714) CVE-2010-3714
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3717) CVE-2010-3717
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146) CVE-2012-6146
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4320) CVE-2013-4320
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7073) CVE-2013-7073
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081) CVE-2013-7081
TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843) CVE-2013-1843
Typo3 Restler 1.7.0 Local File Disclosure
Typo3 sensitive files
TYPO3 Session Fixation Vulnerability (CVE-2010-3671) CVE-2010-3671
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359) CVE-2021-21359
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500) CVE-2022-23500
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663) CVE-2010-3663
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251) CVE-2017-14251
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357) CVE-2021-21357
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661) CVE-2010-3661
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669) CVE-2010-3669
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241) CVE-2020-15241
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338) CVE-2021-21338
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666) CVE-2010-3666
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229) CVE-2021-4229
UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927) CVE-2022-25927
UAParser.js Other Vulnerability (CVE-2020-7793) CVE-2020-7793
UAParser.js Other Vulnerability (CVE-2021-27292) CVE-2021-27292
UAParser.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-7733) CVE-2020-7733
Ubiquiti Unifi Log4Shell RCE CVE-2021-44228
Umbraco CMS local file inclusion
Umbraco CMS remote code execution
Umbraco CMS TemplateService remote code execution CVE-2013-4793
Unauthenticated Access to Sensitive Functions
Unauthenticated Arbitrary File Read vulnerability in VMware vCenter
Unauthenticated OGNL injection in Confluence Server and Data Center CVE-2021-26084
Unauthenticated OGNL injection in Confluence Server and Data Center (CVE-2023-22527) CVE-2023-22527
Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051)
Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1 CVE-2020-0618 CVE-2020-7961
Unauthenticated remote code execution vulnerability in Confluence Server and Data Center CVE-2022-26134
Unauthorized Access to a web app installer
Unchecked GraphQL Query Length: Potential Denial of Service Vulnerability
Uncontrolled format string
Underscore.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-23358) CVE-2021-23358
Undertow Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597) CVE-2021-3597
Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259) CVE-2022-1259