Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity TorchServe Management API publicly exposed CVE-2023-43654 CWE-200 CWE-200 High Tornado Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-28476) CVE-2020-28476 CWE-444 CWE-444 High Total.js Directory Traversal (CVE-2019-8903) CVE-2019-8903 CWE-22 CWE-22 High Trac CVE-2009-4405 Vulnerability (CVE-2009-4405) CVE-2009-4405 High Trace.axd Detected CWE-215 CWE-215 High Trac Incorrect Default Permissions Vulnerability (CVE-2010-5108) CVE-2010-5108 CWE-276 CWE-276 High Trojan shell script CWE-507 CWE-507 High Twisted Web HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716) CVE-2022-21716 CWE-120 CWE-120 High Twisted Web HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21712) CVE-2022-21712 CWE-200 CWE-200 High Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2014-7143) CVE-2014-7143 CWE-295 CWE-295 High Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2019-12855) CVE-2019-12855 CWE-295 CWE-295 High Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-24801) CVE-2022-24801 CWE-444 CWE-444 High TYPO3 7PK - Security Features Vulnerability (CVE-2016-5091) CVE-2016-5091 High TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-36104) CVE-2022-36104 CWE-770 CWE-770 High TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-26228) CVE-2020-26228 CWE-312 CWE-312 High TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-21339) CVE-2021-21339 CWE-312 CWE-312 High Typo3 core sanitizeLocalUrl() non-persistent cross-site scripting CVE-2015-5956 CWE-79 CWE-79 High TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069) CVE-2020-11069 CWE-352 CWE-352 High TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-41113) CVE-2021-41113 CWE-352 CWE-352 High TYPO3 CVE-2024-25121 Vulnerability (CVE-2024-25121) CVE-2024-25121 High TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849) CVE-2019-19849 CWE-502 CWE-502 High TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-11067) CVE-2020-11067 CWE-502 CWE-502 High TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098) CVE-2020-15098 CWE-502 CWE-502 High TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4875) CVE-2005-4875 CWE-200 CWE-200 High TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355) CVE-2021-21355 CWE-552 CWE-552 High TYPO3 Improper Authentication Vulnerability (CVE-2009-0256) CVE-2009-0256 CWE-287 CWE-287 High TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631) CVE-2009-3631 CWE-94 CWE-94 High TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-23503) CVE-2022-23503 CWE-94 CWE-94 High TYPO3 Improper Input Validation Vulnerability (CVE-2014-9509) CVE-2014-9509 CWE-20 CWE-20 High TYPO3 Improper Input Validation Vulnerability (CVE-2019-11832) CVE-2019-11832 CWE-20 CWE-20 High TYPO3 Improper Input Validation Vulnerability (CVE-2020-15099) CVE-2020-15099 CWE-20 CWE-20 High TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19848) CVE-2019-19848 CWE-22 CWE-22 High TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668) CVE-2010-3668 CWE-138 CWE-138 High TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855) CVE-2009-4855 CWE-138 CWE-138 High TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662) CVE-2010-3662 CWE-138 CWE-138 High TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842) CVE-2013-1842 CWE-138 CWE-138 High TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850) CVE-2019-19850 CWE-138 CWE-138 High TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050) CVE-2022-31050 CWE-613 CWE-613 High TYPO3 Other Vulnerability (CVE-2006-6690) CVE-2006-6690 High TYPO3 Other Vulnerability (CVE-2007-1081) CVE-2007-1081 High TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714) CVE-2010-3714 CWE-264 CWE-264 High Typo3 Restler 1.7.0 Local File Disclosure CWE-22 CWE-22 High TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359) CVE-2021-21359 CWE-674 CWE-674 High TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500) CVE-2022-23500 CWE-674 CWE-674 High TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663) CVE-2010-3663 CWE-434 CWE-434 High TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251) CVE-2017-14251 CWE-434 CWE-434 High TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357) CVE-2021-21357 CWE-434 CWE-434 High UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229) CVE-2021-4229 CWE-829 CWE-829 High UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927) CVE-2022-25927 CWE-1333 CWE-1333 High UAParser.js Other Vulnerability (CVE-2021-27292) CVE-2021-27292 High Ubiquiti Unifi Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High Umbraco CMS local file inclusion CWE-98 CWE-98 High Umbraco CMS remote code execution CWE-94 CWE-94 High Umbraco CMS TemplateService remote code execution CVE-2013-4793 CWE-94 CWE-94 High Unauthenticated Access to Sensitive Functions CWE-306 CWE-306 High Unauthenticated Arbitrary File Read vulnerability in VMware vCenter CWE-22 CWE-22 High Unauthenticated OGNL injection in Confluence Server and Data Center CVE-2021-26084 CWE-917 CWE-917 High Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051) CWE-78 CWE-78 High Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1 CVE-2020-0618 CVE-2020-7961 CWE-78 CWE-78 High Unauthenticated remote code execution vulnerability in Confluence Server and Data Center CVE-2022-26134 CWE-917 CWE-917 High Uncontrolled format string CWE-134 CWE-134 High Underscore.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-23358) CVE-2021-23358 CWE-94 CWE-94 High Undertow CVE-2022-1259 Vulnerability (CVE-2022-1259) CVE-2022-1259 High Undertow CVE-2023-3223 Vulnerability (CVE-2023-3223) CVE-2023-3223 High Undertow Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859) CVE-2021-3859 CWE-668 CWE-668 High Undertow Improper Input Validation Vulnerability (CVE-2020-1757) CVE-2020-1757 CWE-20 CWE-20 High Undertow Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-10705) CVE-2020-10705 CWE-119 CWE-119 High Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165) CVE-2017-12165 CWE-444 CWE-444 High Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670) CVE-2017-2670 CWE-835 CWE-835 High Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108) CVE-2023-1108 CWE-835 CWE-835 High Undertow Missing Authorization Vulnerability (CVE-2019-10184) CVE-2019-10184 CWE-862 CWE-862 High Undertow Unchecked Return Value Vulnerability (CVE-2022-1319) CVE-2022-1319 CWE-252 CWE-252 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888) CVE-2019-14888 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343) CVE-2019-19343 CWE-400 CWE-400 High Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629) CVE-2021-3629 CWE-400 CWE-400 High 1...50515253...169 51 / 169
