930 matches found
EUVD-2021-17570
Malware in sbrugna...
EUVD-2021-17681
Malware in sbrugna...
EUVD-2018-14283
Malware in sbrugna...
EUVD-2014-2677
Malware in sbrugna...
EUVD-2018-14821
Malware in sbrugna...
EUVD-2025-23996
Malicious code in bioql PyPI...
EUVD-2021-7290
Malicious code in bioql PyPI...
EUVD-2024-26911
Malicious code in bioql PyPI...
EUVD-2021-7344
Malicious code in bioql PyPI...
EUVD-2022-26766
Malicious code in bioql PyPI...
EUVD-2021-7286
Malicious code in bioql PyPI...
EUVD-2021-7336
Malicious code in bioql PyPI...
PT-2025-40037
Possible path traversal vulnerability and denial-of-service in the ComboServlet in Liferay Portal 7.4.0 through 7.4.3.107, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 35, and older...
CVE-2025-43817
Multiple reflected cross-site scripting XSS vulnerabilities in Liferay Portal 7.4.3.74 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.6, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 74 through update 92 allow remote attackers to inject arbitrary web script or HTML via the redirect...
CVE-2025-43812
Summary: CVE-2025-43812 is a cross-site scripting (XSS) vulnerability in Liferay Portal/DXP web content templates. The issue stems from improper validation in the Name field of a web content structure, allowing remote authenticated users to inject arbitrary HTML/JS. Affected products and versions...
Liferay Portal和Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
CVE-2025-43799
Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35, and older unsupported versions does not limit access to APIs before a user has changed their initial password, whi...
Security Bulletin: Multiple vulnerabilities in IBM SDK, Java technology affect IBM Tivoli Composite Application Manager for Transactions (Response Time)
Summary IBM SDK, Java Technology Edition is used by IBM Tivoli Composite Application Manager for Transactions Response Time CVE-2025-21587, CVE-2025-30698, CVE-2025-4447 Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL...
CVE-2025-57176
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption metadata only with file contents...
Liferay has Insecure Default Initialization of Resource issue
In Liferay Portal 7.1.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions, the default membership type of a newly created site is “Open” which allows any registered users to become a member...