Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3004

Malicious code in bioql PyPI...

6.4CVSS6.3AI score0.02418EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2022/05/17 5:28 a.m.40 views

TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism

The jumpUrl aka access tracking implementation in tslib/class.tslibfe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified...

7.1CVSS6.8AI score0.24558EPSS
Exploits7References10Affected Software1
ThreatPost
ThreatPost
added 2021/01/27 8:32 p.m.291 views

Remote Attackers Can Now Reach Protected Network Devices via NAT Slipstreaming

Disconnecting devices from the internet is no longer a solid plan for protecting them from remote attackers. A new version of a known network-address translation NAT slipstreaming attack has been uncovered, which would allow remote attackers to reach multiple internal network devices, even if tho...

6.8CVSS0.7AI score0.01323EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2020/01/29 10:9 p.m.148 views

Apple Security Updates Tackle iOS Device Tracking, RCE Flaws

Apple’s latest security fixes, released Tuesday, tackle a wide range of bugs, including several patches for high-risk flaws that could allow for remote code execution RCE. Of particular interest to privacy-minded iPhone 11 users is an iOS 13.3.1 update that allows users to turn off U1...

9.3CVSS0.9AI score0.26869EPSS
Exploits0References10
NVD
NVD
added 2013/03/20 3:55 p.m.23 views

CVE-2013-1843

Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.4CVSS6.5AI score0.02418EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2013/03/20 3:55 p.m.29 views

CVE-2013-1843

Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.4CVSS6AI score0.02418EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/03/20 3:0 p.m.30 views

CVE-2013-1843

Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.4AI score0.02418EPSS
Exploits0References8
Typo3
Typo3
added 2013/03/06 12:0 a.m.27 views

SQL Injection and Open Redirection in TYPO3 Core

It has been discovered that TYPO3 Core is susceptible to SQL Injection and Open Redirection Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.23, 4.6.0 up to 4.6.16, 4.7.0 up to 4.7.8 and 6.0.0 up to 6.0.2 Vulnerability Types: SQL Injection, Open Redirection Overall Severity: High...

7.9AI score
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2013/03/06 12:0 a.m.16 views

typo3 -- Multiple vulnerabilities in TYPO3 Core

Typo Security Team reports: Extbase Framework - Failing to sanitize user input, the Extbase database abstraction layer is susceptible to SQL Injection. TYPO3 sites which have no Extbase extensions installed are not affected. Extbase extensions are affected if they use the Query Object Model and...

0.6AI score
Exploits0References1
Typo3
Typo3
added 2010/10/06 12:0 a.m.34 views

Multiple vulnerabilities in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Remote File Disclosure, Cross-Site Scripting XSS, Privilege Escalation and Denial of Service. Component Type: TYPO3 Core Affected Versions: 4.2.14 and below, 4.3.6 and below, 4.4.3 and below Vulnerability Types: Remote File Disclosure,...

6.4AI score
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2009/08/17 2:56 p.m.13 views

Many Sites Using Flash Cookies to Silently Track Users

A huge number of Web sites are employing a little-known tracking mechanism to gather information on visitors and are failing to disclose the practice in their privacy policies, according to a new paper from a group of university researchers. The technique employs cookies generated by the Adobe...

6.7AI score
Exploits0References3
Typo3
Typo3
added 2009/02/10 12:0 a.m.18 views

Information Disclosure & XSS in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting. Component Type: TYPO3 Core Affected Versions: TYPO3 versions 3.3.x, 3.5.x, 3.6.x, 3.7.x, 3.8.x, 4.0 to 4.0.11, 4.1.0 to 4.1.9, 4.2.0 to 4.2.5, 4.3alpha1 Vulnerability Types: Information...

7AI score
Exploits0Affected Software1
Rows per page
Query Builder