Unity Linux 20.1060e / 20.1070e Security Update: pdfbox (UTSA-2026-017627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017627 advisory. In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree...

EUVD-2019-7535

Malware in sbrugna...

Missing Authorization

Overview typo3/cms-recordlist is a Lists database records in the TYPO3 backend module WebList. Affected versions of this package are vulnerable to Missing Authorization for the CSV download process. An attacker can access sensitive information from arbitrary database tables in the user's web...

Linux Distros Unpatched Vulnerability : CVE-2019-16088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. CVE-2019-16088 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2018-11797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page...

CVE-2019-17063

In Snowtide PDFxStream before 3.7.1 for Java, a crafted PDF file can trigger an extremely long running computation because of page-tree mishandling...

Incorrect Authorization

Overview typo3/cms-core is a free open source enterprise content management system. Affected versions of this package are vulnerable to Incorrect Authorization by exposing restricted items in the backend page tree to be viewed by other users, if the mounts pointed to pages restricted for their...

CVE-2024-47780 Information Disclosure in TYPO3 Page Tree

TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected...

CVE-2024-47780 Information Disclosure in TYPO3 Page Tree

TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected...

CVE-2024-47780

TYPO3 CVE-2024-47780 is an information-disclosure vulnerability in the TYPO3 backend page tree. The issue allows backend users to view items for pages they should not access when mounts point to restricted pages or when mounts are absent but pages allow access to “everybody.” The underlying root ...

CVE-2024-47780 Information Disclosure in TYPO3 Page Tree

TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected...

GHSA-RF5M-H8Q9-9W6Q Information Disclosure in TYPO3 Page Tree

Problem Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected users could not manipulate these pages. Solution Upda...

Information Disclosure in TYPO3 Page Tree

Problem Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected users could not manipulate these pages. Solution Upda...

Typo3 Information Disclosure in Page Tree

It has been discovered backend users not having read access to specific pages still could see them in the page tree which actually should be disallowed. A valid backend user account is needed in order to exploit this vulnerability...

GHSA-H934-F4M4-WC8X Typo3 Information Disclosure in Page Tree

It has been discovered backend users not having read access to specific pages still could see them in the page tree which actually should be disallowed. A valid backend user account is needed in order to exploit this vulnerability...

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to backend users without read access being able to see specific pages in the page tree...

GHSA-WVVP-JWF5-QCPC TYPO3 Information Disclosure in Page Tree

It has been discovered backend users not having read access to specific pages still could see them in the page tree which actually should be disallowed. A valid backend user account is needed in order to exploit this vulnerability...

TYPO3 Information Disclosure in Page Tree

It has been discovered backend users not having read access to specific pages still could see them in the page tree which actually should be disallowed. A valid backend user account is needed in order to exploit this vulnerability...

PT-2024-40511 · Packagist · Typo3/Cms-Core

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, so: Software affected versions not specified Description: A security issue allows backend users without read access to specific pages to still view them in the page tree, which should be disallowed...

BIT-2023-44310

Stored cross-site scripting XSS vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's "Name" text...