| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26227)
|
CVE-2020-26227
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21340)
|
CVE-2021-21340
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21358)
|
CVE-2021-21358
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21365)
|
CVE-2021-21365
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21370)
|
CVE-2021-21370
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32667)
|
CVE-2021-32667
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32668)
|
CVE-2021-32668
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32669)
|
CVE-2021-32669
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32768)
|
CVE-2021-32768
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31048)
|
CVE-2022-31048
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31049)
|
CVE-2022-31049
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36107)
|
CVE-2022-36107
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36108)
|
CVE-2022-36108
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-24814)
|
CVE-2023-24814
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47125)
|
CVE-2023-47125
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34355)
|
CVE-2024-34355
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668)
|
CVE-2010-3668
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-23504)
|
CVE-2022-23504
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6381)
|
CVE-2007-6381
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3632)
|
CVE-2009-3632
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855)
|
CVE-2009-4855
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662)
|
CVE-2010-3662
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-5103)
|
CVE-2010-5103
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-3583)
|
CVE-2011-3583
CWE-138
|
CWE-138
|
Critical
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6144)
|
CVE-2012-6144
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842)
|
CVE-2013-1842
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850)
|
CVE-2019-19850
CWE-138
|
CWE-138
|
High
|
|
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)
|
CVE-2020-26229
CWE-611
|
CWE-611
|
Low
|
|
TYPO3 Inadequate Encryption Strength Vulnerability (CVE-2010-3670)
|
CVE-2010-3670
CWE-326
|
CWE-326
|
Medium
|
|
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2021-32767)
|
CVE-2021-32767
CWE-532
|
CWE-532
|
Medium
|
|
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)
|
CVE-2022-31047
CWE-532
|
CWE-532
|
Medium
|
|
Typo3 Install Tool publicly accessible
|
CWE-200
|
CWE-200
|
Medium
|
|
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502)
|
CVE-2022-23502
CWE-613
|
CWE-613
|
Medium
|
|
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050)
|
CVE-2022-31050
CWE-613
|
CWE-613
|
High
|
|
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063)
|
CVE-2020-11063
|
|
Low
|
|
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)
|
CVE-2022-36105
CWE-203
|
CWE-203
|
Medium
|
|
TYPO3 Other Vulnerability (CVE-2006-0327)
|
CVE-2006-0327
|
|
Medium
|
|
TYPO3 Other Vulnerability (CVE-2006-5069)
|
CVE-2006-5069
|
|
Low
|
|
TYPO3 Other Vulnerability (CVE-2006-6690)
|
CVE-2006-6690
|
|
High
|
|
TYPO3 Other Vulnerability (CVE-2007-1081)
|
CVE-2007-1081
|
|
High
|
|
TYPO3 Other Vulnerability (CVE-2009-3630)
|
CVE-2009-3630
|
|
Medium
|
|
TYPO3 Other Vulnerability (CVE-2012-1605)
|
CVE-2012-1605
|
|
Medium
|
|
TYPO3 Other Vulnerability (CVE-2012-3530)
|
CVE-2012-3530
|
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717)
|
CVE-2008-2717
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714)
|
CVE-2010-3714
CWE-264
|
CWE-264
|
High
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3717)
|
CVE-2010-3717
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146)
|
CVE-2012-6146
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4320)
|
CVE-2013-4320
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7073)
|
CVE-2013-7073
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)
|
CVE-2013-7081
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843)
|
CVE-2013-1843
|
|
Medium
|
|
Typo3 Restler 1.7.0 Local File Disclosure
|
CWE-22
|
CWE-22
|
High
|
|
Typo3 sensitive files
|
CWE-200
|
CWE-200
|
Low
|
|
TYPO3 Session Fixation Vulnerability (CVE-2010-3671)
|
CVE-2010-3671
CWE-384
|
CWE-384
|
Medium
|
|
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359)
|
CVE-2021-21359
CWE-674
|
CWE-674
|
High
|
|
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500)
|
CVE-2022-23500
CWE-674
|
CWE-674
|
High
|
|
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)
|
CVE-2010-3663
CWE-434
|
CWE-434
|
High
|
|
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251)
|
CVE-2017-14251
CWE-434
|
CWE-434
|
High
|
|
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357)
|
CVE-2021-21357
CWE-434
|
CWE-434
|
High
|
|
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661)
|
CVE-2010-3661
CWE-601
|
CWE-601
|
Medium
|
|
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669)
|
CVE-2010-3669
CWE-601
|
CWE-601
|
Medium
|
|
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241)
|
CVE-2020-15241
CWE-601
|
CWE-601
|
Medium
|
|
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338)
|
CVE-2021-21338
CWE-601
|
CWE-601
|
Medium
|
|
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)
|
CVE-2010-3666
CWE-330
|
CWE-330
|
Medium
|
|
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)
|
CVE-2021-4229
CWE-829
|
CWE-829
|
High
|
|
UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927)
|
CVE-2022-25927
CWE-1333
|
CWE-1333
|
High
|
|
UAParser.js Other Vulnerability (CVE-2020-7793)
|
CVE-2020-7793
|
|
Medium
|
|
UAParser.js Other Vulnerability (CVE-2021-27292)
|
CVE-2021-27292
|
|
High
|
|
UAParser.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-7733)
|
CVE-2020-7733
CWE-400
|
CWE-400
|
Medium
|
|
Ubiquiti Unifi Log4Shell RCE
|
CVE-2021-44228
CWE-78
|
CWE-78
|
High
|
|
Umbraco CMS local file inclusion
|
CWE-98
|
CWE-98
|
High
|
|
Umbraco CMS remote code execution
|
CWE-94
|
CWE-94
|
High
|
|
Umbraco CMS TemplateService remote code execution
|
CVE-2013-4793
CWE-94
|
CWE-94
|
High
|
|
Unauthenticated Access to Sensitive Functions
|
CWE-306
|
CWE-306
|
High
|
|
Unauthenticated Arbitrary File Read vulnerability in VMware vCenter
|
CWE-22
|
CWE-22
|
High
|
