Lucene search
K

13930 matches found

RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.4 views

CVE-2025-62252

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS6.8AI score0.00243EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 9:15 p.m.7 views

CVE-2025-62252

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

4.3CVSS6.7AI score0.00243EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 8:15 p.m.10 views

CVE-2025-62242

Insecure Direct Object Reference IDOR vulnerability with account addresses in Liferay Portal 7.4.3.4 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated users to from one account to view addresses fr...

4.3CVSS6.8AI score0.00175EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/10/13 6:31 p.m.10 views

Liferay Publications is vulnerable to Incorrect Authorization

Insecure direct object reference IDOR vulnerability in Publications in Liferay Portal 7.4.1 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated attackers to view publication comments via the...

5.4CVSS6.8AI score0.0022EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2025/10/13 6:31 p.m.6 views

EUVD-2025-34073

Liferay Publications is vulnerable to Incorrect Authorization...

5.3CVSS6.5AI score0.0022EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/13 5:14 p.m.9 views

CVE-2025-62243

Insecure direct object reference IDOR vulnerability in Publications in Liferay Portal 7.4.1 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated attackers to view publication comments via the...

5.3CVSS0.0022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.8 views

PT-2025-41802

Name of the Vulnerable Software and Affected Versions Liferay DXP versions 2023.Q4.1 through 2023.Q4.5 Description An Insecure Direct Object Reference IDOR issue exists in Liferay DXP that allows authenticated remote users to access shipment addresses from different virtual instances. This occurs...

5.3CVSS6.5AI score0.00249EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/10/10 3:31 p.m.7 views

Liferay Portal is vulnerable to XSS through its workflow process builder

Cross-site scripting XSS vulnerability in workflow process builder in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject arbitrary web script or HT...

5.4CVSS6AI score0.00208EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:31 a.m.21 views

EUVD-2025-32592

The Profile widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, and older unsupported versions uses a user’s name in the “Content-Disposition” header, which allows...

4.8CVSS6.3AI score0.00217EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-4754

Malware in sbrugna...

3.5CVSS7.6AI score0.03646EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-3957

Malware in sbrugna...

8CVSS8AI score0.00478EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-0502

Malware in sbrugna...

4CVSS8AI score0.01279EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-3409

Malware in sbrugna...

6.3CVSS6.4AI score0.01237EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-2691

Malware in sbrugna...

4CVSS6.4AI score0.01729EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-5603

Malware in sbrugna...

4CVSS7.6AI score0.01418EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2015-8240

Malware in sbrugna...

8CVSS7.8AI score0.02731EPSS
Exploits5References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-3322

Malware in sbrugna...

6.5CVSS6.4AI score0.0272EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-6321

Malware in sbrugna...

6.8CVSS6.4AI score0.0151EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-0378

Malware in sbrugna...

4CVSS6.1AI score0.02547EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-4883

Malware in sbrugna...

4CVSS7.9AI score0.02387EPSS
Exploits0References9
Rows per page
Query Builder