CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

ATTACKERKB•added 2026/04/29 7:24 p.m.•1 views

CVE-2018-25315

Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with structured exception handler SEH overwrite and shellcode to achieve code...

8.6CVSS6.7AI score0.00019EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/01/28 12:0 a.m.•4 views

Nidesoft 3GP Video Converter has security vulnerabilities

Nidesoft 3GP Video Converter is a video format conversion tool developed by Nidesoft Corporation. Version 2.6.18 of Nidesoft 3GP Video Converter has a security vulnerability. This vulnerability stems from an overflow in the local stack buffer associated with license registration parameters, which...

8.4CVSS6.2AI score0.00025EPSS

Exploits0References3

Positive Technologies•added 2026/01/28 12:0 a.m.•3 views

PT-2026-5162

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system...

8.4CVSS6.5AI score0.00025EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-30243

Malicious code in bioql PyPI...

5.1CVSS6.3AI score0.0001EPSS

Exploits0References2

RedhatCVE•added 2025/09/21 7:25 p.m.•14 views

CVE-2025-43809

Cross-Site Request Forgery CSRF vulnerability in the server license registration page in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.7, 2023.Q3.1 through 2023.Q3.9, 7.4 GA through update 92, and older unsupported versions allow...

5.1CVSS7AI score0.0001EPSS

Exploits0References1

Github Security Blog•added 2025/09/19 9:31 p.m.•7 views

Liferay Portal Cross-Site Request Forgery (CSRF) vulnerability

5.1CVSS7AI score0.0001EPSS

Exploits0References3Affected Software1

Snyk•added 2025/09/19 9:31 p.m.•4 views

Cross-site Request Forgery (CSRF)

Overview com.liferay.portal:portal-impl is a Portal Impl Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the orderUuid parameter in the server license registration process. An attacker can register a server license without authorization by tricking an...

5.1CVSS6.5AI score0.0001EPSS

Exploits0References2

Snyk•added 2025/09/19 9:31 p.m.•2 views

Cross-site Request Forgery (CSRF)

Overview com.liferay.portal:portal-service is a portal service package for Liferay. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the orderUuid parameter in the server license registration process. An attacker can register a server license without...

5.1CVSS6.5AI score0.0001EPSS

Exploits0References2

OSV•added 2025/09/19 9:31 p.m.•3 views

GHSA-697H-3Q6M-JWP4 Liferay Portal Cross-Site Request Forgery (CSRF) vulnerability

5.1CVSS7AI score0.0001EPSS

Exploits0References2

NVD•added 2025/09/19 8:15 p.m.•3 views

CVE-2025-43809

5.1CVSS0.0001EPSS

Exploits0References1

OSV•added 2025/09/19 8:15 p.m.•4 views

CVE-2025-43809

4.3CVSS6.9AI score0.0001EPSS

Exploits0References1

CVE•added 2025/09/19 7:15 p.m.•12 views

CVE-2025-43809

The CVE-2025-43809 CSRF issue affects Liferay Portal/ Liferay DXP, specifically server license registration via the orderUuid parameter. Affected products/versions include Liferay Portal 7.4.0–7.4.3.111 and older unsupported versions, and Liferay DXP 2023.Q4.0–2023.Q4.7, 2023.Q3.1–2023.Q3.9, plus...

5.1CVSS6.6AI score0.0001EPSS

Exploits0References1Affected Software2

Cvelist•added 2025/09/19 7:15 p.m.•8 views

CVE-2025-43809

5.1CVSS0.0001EPSS

Exploits0References1

Vulnrichment•added 2025/09/19 7:15 p.m.•1 views

CVE-2025-43809

5.1CVSS6.6AI score0.0001EPSS

Exploits0References1

Positive Technologies•added 2025/09/19 12:0 a.m.•4 views

PT-2025-38613

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.9 Liferay DXP versions 2023.Q4.0 through 2023.Q4.7 Liferay Portal 7.4 GA through update 92 Description A Cross-Site Request Forgery CSRF vulnerabili...

5.1CVSS6.7AI score0.0001EPSS

Exploits0References5

Trend Micro Simply Security•added 2023/09/29 12:0 a.m.•30 views

APT34 Deploys Phishing Attack With New Malware

We observed and tracked the advanced persistent threat APT APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to...

6.9AI score

Exploits0

Wordfence Blog•added 2023/06/21 5:15 p.m.•15 views

Wordfence 7.10.0 Released!

Wordfence remains the number one security plugin of choice for website owners serious about protecting their investment and their customers. Our Threat Intelligence team and engineering team stay abreast of the newest threats and ensure that Wordfence is able to protect against them. But keeping ...

6.7AI score

Exploits0

NVD•added 2022/06/17 6:15 p.m.•11 views

CVE-2022-21184

An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

5.9CVSS0.00111EPSS

Exploits0References1

OSV•added 2022/06/17 6:15 p.m.•3 views

CVE-2022-21184

5.9CVSS6.2AI score0.00111EPSS

Exploits0References1