Vulnerabilities - Page 177

Vulnerability Name	CVE CWE	CWE	Severity
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6144)	CVE-2012-6144 CWE-138	CWE-138	Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842)	CVE-2013-1842 CWE-138	CWE-138	High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850)	CVE-2019-19850 CWE-138	CWE-138	High
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)	CVE-2020-26229 CWE-611	CWE-611	Low
TYPO3 Inadequate Encryption Strength Vulnerability (CVE-2010-3670)	CVE-2010-3670 CWE-326	CWE-326	Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2021-32767)	CVE-2021-32767 CWE-532	CWE-532	Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)	CVE-2022-31047 CWE-532	CWE-532	Medium
Typo3 Install Tool publicly accessible	CWE-200	CWE-200	Medium
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502)	CVE-2022-23502 CWE-613	CWE-613	Medium
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050)	CVE-2022-31050 CWE-613	CWE-613	High
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063)	CVE-2020-11063		Low
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)	CVE-2022-36105 CWE-203	CWE-203	Medium
TYPO3 Other Vulnerability (CVE-2006-0327)	CVE-2006-0327		Medium
TYPO3 Other Vulnerability (CVE-2006-5069)	CVE-2006-5069		Low
TYPO3 Other Vulnerability (CVE-2006-6690)	CVE-2006-6690		High
TYPO3 Other Vulnerability (CVE-2007-1081)	CVE-2007-1081		High
TYPO3 Other Vulnerability (CVE-2009-3630)	CVE-2009-3630		Medium
TYPO3 Other Vulnerability (CVE-2012-1605)	CVE-2012-1605		Medium
TYPO3 Other Vulnerability (CVE-2012-3530)	CVE-2012-3530		Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717)	CVE-2008-2717 CWE-264	CWE-264	Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714)	CVE-2010-3714 CWE-264	CWE-264	High
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3717)	CVE-2010-3717 CWE-264	CWE-264	Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146)	CVE-2012-6146 CWE-264	CWE-264	Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4320)	CVE-2013-4320 CWE-264	CWE-264	Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7073)	CVE-2013-7073 CWE-264	CWE-264	Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)	CVE-2013-7081 CWE-264	CWE-264	Medium
TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843)	CVE-2013-1843		Medium
Typo3 Restler 1.7.0 Local File Disclosure	CWE-22	CWE-22	High
Typo3 sensitive files	CWE-200	CWE-200	Low
TYPO3 Session Fixation Vulnerability (CVE-2010-3671)	CVE-2010-3671 CWE-384	CWE-384	Medium
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359)	CVE-2021-21359 CWE-674	CWE-674	High
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500)	CVE-2022-23500 CWE-674	CWE-674	High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)	CVE-2010-3663 CWE-434	CWE-434	High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251)	CVE-2017-14251 CWE-434	CWE-434	High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357)	CVE-2021-21357 CWE-434	CWE-434	High
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661)	CVE-2010-3661 CWE-601	CWE-601	Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669)	CVE-2010-3669 CWE-601	CWE-601	Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241)	CVE-2020-15241 CWE-601	CWE-601	Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338)	CVE-2021-21338 CWE-601	CWE-601	Medium
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)	CVE-2010-3666 CWE-330	CWE-330	Medium
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)	CVE-2021-4229 CWE-829	CWE-829	High
UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927)	CVE-2022-25927 CWE-1333	CWE-1333	High
UAParser.js Other Vulnerability (CVE-2020-7793)	CVE-2020-7793		Medium
UAParser.js Other Vulnerability (CVE-2021-27292)	CVE-2021-27292		High
UAParser.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-7733)	CVE-2020-7733 CWE-400	CWE-400	Medium
Ubiquiti Unifi Log4Shell RCE	CVE-2021-44228 CWE-78	CWE-78	High
Umbraco CMS local file inclusion	CWE-98	CWE-98	High
Umbraco CMS remote code execution	CWE-94	CWE-94	High
Umbraco CMS TemplateService remote code execution	CVE-2013-4793 CWE-94	CWE-94	High
Unauthenticated Access to Sensitive Functions	CWE-306	CWE-306	High
Unauthenticated Arbitrary File Read vulnerability in VMware vCenter	CWE-22	CWE-22	High
Unauthenticated OGNL injection in Confluence Server and Data Center	CVE-2021-26084 CWE-917	CWE-917	High
Unauthenticated OGNL injection in Confluence Server and Data Center (CVE-2023-22527)	CVE-2023-22527 CWE-917	CWE-917	Critical
Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051)	CWE-78	CWE-78	High
Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1	CVE-2020-0618 CVE-2020-7961 CWE-78	CWE-78	High
Unauthenticated remote code execution vulnerability in Confluence Server and Data Center	CVE-2022-26134 CWE-917	CWE-917	High
Unauthorized Access to a web app installer	CWE-200	CWE-200	Medium
Unchecked GraphQL Query Length: Potential Denial of Service Vulnerability	CWE-400	CWE-400	Medium
Uncontrolled format string	CWE-134	CWE-134	High
Underscore.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-23358)	CVE-2021-23358 CWE-94	CWE-94	High
Undertow Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)	CVE-2021-3597 CWE-362	CWE-362	Medium
Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259)	CVE-2022-1259		High
Undertow CVE-2022-2764 Vulnerability (CVE-2022-2764)	CVE-2022-2764		Medium
Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492)	CVE-2022-4492		Critical
Undertow CVE-2023-3223 Vulnerability (CVE-2023-3223)	CVE-2023-3223		High
Undertow Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)	CVE-2021-3859 CWE-668	CWE-668	High
Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)	CVE-2020-1745 CWE-200	CWE-200	Critical
Undertow Improper Input Validation Vulnerability (CVE-2020-1757)	CVE-2020-1757 CWE-20	CWE-20	High
Undertow Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7816)	CVE-2014-7816 CWE-22	CWE-22	Medium
Undertow Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067)	CVE-2018-1067 CWE-113	CWE-113	Medium
Undertow Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-10705)	CVE-2020-10705 CWE-119	CWE-119	High
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559)	CVE-2017-7559 CWE-444	CWE-444	Medium
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)	CVE-2017-12165 CWE-444	CWE-444	High
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)	CVE-2020-10687 CWE-444	CWE-444	Medium
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719)	CVE-2020-10719 CWE-444	CWE-444	Medium

TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6144)

CVE-2012-6144

CWE-138

Medium

TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842)

CVE-2013-1842

CWE-138

High

TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850)

CVE-2019-19850

CWE-138

High

TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)

CVE-2020-26229

CWE-611

Low

TYPO3 Inadequate Encryption Strength Vulnerability (CVE-2010-3670)

CVE-2010-3670

CWE-326

Medium

TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2021-32767)

CVE-2021-32767

CWE-532

Medium

TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)

CVE-2022-31047

CWE-532

Medium

Typo3 Install Tool publicly accessible

CWE-200

Medium

TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502)

CVE-2022-23502

CWE-613

Medium

TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050)

CVE-2022-31050

CWE-613

High

TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063)

CVE-2020-11063

Low

TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)

CVE-2022-36105

CWE-203

Medium

TYPO3 Other Vulnerability (CVE-2006-0327)

CVE-2006-0327

Medium

TYPO3 Other Vulnerability (CVE-2006-5069)

CVE-2006-5069

Low

TYPO3 Other Vulnerability (CVE-2006-6690)

CVE-2006-6690

High

TYPO3 Other Vulnerability (CVE-2007-1081)

CVE-2007-1081

High

TYPO3 Other Vulnerability (CVE-2009-3630)

CVE-2009-3630

Medium

TYPO3 Other Vulnerability (CVE-2012-1605)

CVE-2012-1605

Medium

TYPO3 Other Vulnerability (CVE-2012-3530)

CVE-2012-3530

Medium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717)

CVE-2008-2717

CWE-264

Medium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714)

CVE-2010-3714

CWE-264

High

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3717)

CVE-2010-3717

CWE-264

Medium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146)

CVE-2012-6146

CWE-264

Medium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4320)

CVE-2013-4320

CWE-264

Medium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7073)

CVE-2013-7073

CWE-264

Medium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)

CVE-2013-7081

CWE-264

Medium

TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843)

CVE-2013-1843

Medium

Typo3 Restler 1.7.0 Local File Disclosure

CWE-22

High

Typo3 sensitive files

CWE-200

Low

TYPO3 Session Fixation Vulnerability (CVE-2010-3671)

CVE-2010-3671

CWE-384

Medium

TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359)

CVE-2021-21359

CWE-674

High

TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500)

CVE-2022-23500

CWE-674

High

TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)

CVE-2010-3663

CWE-434

High

TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251)

CVE-2017-14251

CWE-434

High

TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357)

CVE-2021-21357

CWE-434

High

TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661)

CVE-2010-3661

CWE-601

Medium

TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669)

CVE-2010-3669

CWE-601

Medium

TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241)

CVE-2020-15241

CWE-601

Medium

TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338)

CVE-2021-21338

CWE-601

Medium

TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)

CVE-2010-3666

CWE-330

Medium

UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)

CVE-2021-4229

CWE-829

High

UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927)

CVE-2022-25927

CWE-1333

High

UAParser.js Other Vulnerability (CVE-2020-7793)

CVE-2020-7793

Medium

UAParser.js Other Vulnerability (CVE-2021-27292)

CVE-2021-27292

High

UAParser.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-7733)

CVE-2020-7733

CWE-400

Medium

Ubiquiti Unifi Log4Shell RCE

CVE-2021-44228

CWE-78

High

Umbraco CMS local file inclusion

CWE-98

High

Umbraco CMS remote code execution

CWE-94

High

Umbraco CMS TemplateService remote code execution

CVE-2013-4793

CWE-94

High

Unauthenticated Access to Sensitive Functions

CWE-306

High

Unauthenticated Arbitrary File Read vulnerability in VMware vCenter

CWE-22

High

Unauthenticated OGNL injection in Confluence Server and Data Center

CVE-2021-26084

CWE-917

High

Unauthenticated OGNL injection in Confluence Server and Data Center (CVE-2023-22527)

CVE-2023-22527

CWE-917

Critical

Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051)

CWE-78

High

Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1

CVE-2020-0618 CVE-2020-7961

CWE-78

High

Unauthenticated remote code execution vulnerability in Confluence Server and Data Center

CVE-2022-26134

CWE-917

High

Unauthorized Access to a web app installer

CWE-200

Medium

Unchecked GraphQL Query Length: Potential Denial of Service Vulnerability

CWE-400

Medium

Uncontrolled format string

CWE-134

High

Underscore.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-23358)

CVE-2021-23358

CWE-94

High

Undertow Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)

CVE-2021-3597

CWE-362

Medium

Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259)

CVE-2022-1259

High

Undertow CVE-2022-2764 Vulnerability (CVE-2022-2764)

CVE-2022-2764

Medium

Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492)

CVE-2022-4492

Critical

Undertow CVE-2023-3223 Vulnerability (CVE-2023-3223)

CVE-2023-3223

High

Undertow Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)

CVE-2021-3859

CWE-668

High

Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)

CVE-2020-1745

CWE-200

Critical

Undertow Improper Input Validation Vulnerability (CVE-2020-1757)

CVE-2020-1757

CWE-20

High

Undertow Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7816)

CVE-2014-7816

CWE-22

Medium

Undertow Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067)

CVE-2018-1067

CWE-113

Medium

Undertow Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-10705)

CVE-2020-10705

CWE-119

High

Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559)

CVE-2017-7559

CWE-444

Medium

Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)

CVE-2017-12165

CWE-444

High

Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)

CVE-2020-10687

CWE-444

Medium

Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719)

CVE-2020-10719

CWE-444

Medium

Standard & Premium

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities