Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.5 views

CVE-2022-36105

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication backend and frontend can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd part...

5.3CVSS7.1AI score0.00977EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/16 5:37 p.m.42 views

CVE-2024-39700 Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action

JupyterLab extension template is a copier template for JupyterLab extensions. Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to...

9.9CVSS0.01024EPSS
Exploits3References2
OSV
OSV
added 2024/03/06 11:9 a.m.17 views

BIT-TYPO3-2022-36105

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication backend and frontend can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd part...

5.3CVSS5.3AI score0.00977EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/09/13 5:40 p.m.5 views

CVE-2022-36105 User Enumeration via Response Timing in TYPO3

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication backend and frontend can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd part...

5.3CVSS5.5AI score0.00977EPSS
Exploits0References3
OSV
OSV
added 2022/09/13 5:40 p.m.15 views

CVE-2022-36105 User Enumeration via Response Timing in TYPO3

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication backend and frontend can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd part...

5.3CVSS5.5AI score0.00977EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/09/13 12:0 a.m.3 views

PT-2022-23195 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 7.6.58 ELTS TYPO3 versions prior to 8.7.48 ELTS TYPO3 versions prior to 9.5.37 ELTS TYPO3 versions prior to 10.4.32 TYPO3 versions prior to 11.5.16 Description: It has been discovered that observing response time durin...

5.3CVSS5.1AI score0.00977EPSS
Exploits0References12
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.6 views

Microsoft Visual Studio Code 权限许可和访问控制问题漏洞

Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A vulnerability exists in Microsoft Visual Studio Code due to privilege licensing and access control issues. The following products and versions are affected: .NET Education Bundle SDK Install Tool, .NET...

7.8CVSS7.8AI score0.00491EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/07/13 12:0 a.m.75 views

Security Update for Microsoft Visual Studio Code .NET Install Tool for Extension Authors Extension (July 2021)

The Microsoft Visual Studio Code .NET Install Tool for Extension Authors Extension is prior to version 1.2.0. It is, therefore, affected by an elevation of privilege vulnerability due to inaccurately scoped permissions being set on downloaded .NET install scripts. Note that Nessus has not tested...

7.8CVSS7.6AI score0.00491EPSS
Exploits0References2
Rows per page
Query Builder