Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081) CVE-2013-7081 CWE-264 CWE-264 Medium TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843) CVE-2013-1843 Medium Typo3 Restler 1.7.0 Local File Disclosure CWE-22 CWE-22 High Typo3 sensitive files CWE-200 CWE-200 Low TYPO3 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-47936) CVE-2025-47936 CWE-918 CWE-918 Medium TYPO3 Session Fixation Vulnerability (CVE-2010-3671) CVE-2010-3671 CWE-384 CWE-384 Medium TYPO3 Uncaught Exception Vulnerability (CVE-2025-59014) CVE-2025-59014 CWE-248 CWE-248 Low TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359) CVE-2021-21359 CWE-674 CWE-674 High TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500) CVE-2022-23500 CWE-674 CWE-674 High TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663) CVE-2010-3663 CWE-434 CWE-434 High TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251) CVE-2017-14251 CWE-434 CWE-434 High TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357) CVE-2021-21357 CWE-434 CWE-434 High TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2025-47939) CVE-2025-47939 CWE-434 CWE-434 Medium TYPO3 Unverified Ownership Vulnerability (CVE-2025-47940) CVE-2025-47940 CWE-283 CWE-283 High TYPO3 Unverified Password Change Vulnerability (CVE-2025-47938) CVE-2025-47938 CWE-620 CWE-620 Low TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661) CVE-2010-3661 CWE-601 CWE-601 Medium TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669) CVE-2010-3669 CWE-601 CWE-601 Medium TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241) CVE-2020-15241 CWE-601 CWE-601 Medium TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338) CVE-2021-21338 CWE-601 CWE-601 Medium TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-55892) CVE-2024-55892 CWE-601 CWE-601 Medium TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-59013) CVE-2025-59013 CWE-601 CWE-601 Medium TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666) CVE-2010-3666 CWE-330 CWE-330 Medium UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229) CVE-2021-4229 CWE-829 CWE-829 High UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927) CVE-2022-25927 CWE-1333 CWE-1333 High UAParser.js Other Vulnerability (CVE-2020-7793) CVE-2020-7793 Medium UAParser.js Other Vulnerability (CVE-2021-27292) CVE-2021-27292 High UAParser.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-7733) CVE-2020-7733 CWE-400 CWE-400 Medium Ubiquiti Unifi Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High Umbraco CMS local file inclusion CWE-98 CWE-98 High Umbraco CMS remote code execution CWE-94 CWE-94 High Umbraco CMS TemplateService remote code execution CVE-2013-4793 CWE-94 CWE-94 High Unauthenticated Access to Sensitive Functions CWE-306 CWE-306 High Unauthenticated Arbitrary File Read vulnerability in VMware vCenter CWE-22 CWE-22 High Unauthenticated MCP (Model Context Protocol) Server High Unauthenticated OGNL injection in Confluence Server and Data Center CVE-2021-26084 CWE-917 CWE-917 High Unauthenticated OGNL injection in Confluence Server and Data Center (CVE-2023-22527) CVE-2023-22527 CWE-917 CWE-917 Critical Unauthenticated OpenAI API Access Medium Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051) CWE-78 CWE-78 High Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1 CVE-2020-0618 CVE-2020-7961 CWE-78 CWE-78 High Unauthenticated remote code execution vulnerability in Confluence Server and Data Center CVE-2022-26134 CWE-917 CWE-917 High Unauthorized Access to a web app installer CWE-200 CWE-200 Medium Unchecked GraphQL Query Length: Potential Denial of Service Vulnerability CWE-400 CWE-400 Medium Uncontrolled format string CWE-134 CWE-134 High Underscore.js Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-27601) CVE-2026-27601 CWE-770 CWE-770 High Underscore.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-23358) CVE-2021-23358 CWE-94 CWE-94 High Undertow Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597) CVE-2021-3597 CWE-362 CWE-362 Medium Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259) CVE-2022-1259 High Undertow CVE-2022-2764 Vulnerability (CVE-2022-2764) CVE-2022-2764 Medium Undertow CVE-2022-4492 Vulnerability (CVE-2022-4492) CVE-2022-4492 Critical Undertow CVE-2023-3223 Vulnerability (CVE-2023-3223) CVE-2023-3223 High Undertow Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859) CVE-2021-3859 CWE-668 CWE-668 High Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745) CVE-2020-1745 CWE-200 CWE-200 Critical Undertow Improper Input Validation Vulnerability (CVE-2020-1757) CVE-2020-1757 CWE-20 CWE-20 High Undertow Improper Input Validation Vulnerability (CVE-2025-12543) CVE-2025-12543 CWE-20 CWE-20 Critical Undertow Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7816) CVE-2014-7816 CWE-22 CWE-22 Medium Undertow Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067) CVE-2018-1067 CWE-113 CWE-113 Medium Undertow Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-10705) CVE-2020-10705 CWE-119 CWE-119 High Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559) CVE-2017-7559 CWE-444 CWE-444 Medium Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165) CVE-2017-12165 CWE-444 CWE-444 High Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687) CVE-2020-10687 CWE-444 CWE-444 Medium Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719) CVE-2020-10719 CWE-444 CWE-444 Medium Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-20220) CVE-2021-20220 CWE-444 CWE-444 Medium Undertow Incorrect Authorization Vulnerability (CVE-2017-12196) CVE-2017-12196 CWE-863 CWE-863 Medium Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-3888) CVE-2019-3888 CWE-532 CWE-532 Critical Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212) CVE-2019-10212 CWE-532 CWE-532 Critical Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670) CVE-2017-2670 CWE-835 CWE-835 High Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108) CVE-2023-1108 CWE-835 CWE-835 High Undertow Missing Authorization Vulnerability (CVE-2019-10184) CVE-2019-10184 CWE-862 CWE-862 High Undertow Unchecked Return Value Vulnerability (CVE-2022-1319) CVE-2022-1319 CWE-252 CWE-252 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888) CVE-2019-14888 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343) CVE-2019-19343 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629) CVE-2021-3629 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690) CVE-2021-3690 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2022-2053) CVE-2022-2053 CWE-400 CWE-400 High Unfiltered header injection in Apache 1.3.34/2.0.57/2.2.1 CVE-2006-3918 CWE-79 CWE-79 Low 1...196197198199...328 197 / 328
