1225 matches found
CVE-2025-55749 The XWiki Jetty package (XJetty) allows accessing any application file through URL
XWiki is an open-source wiki software platform. From 16.7.0 to 16.10.11, 17.4.4, or 17.7.0, in an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials...
GHSA-53GX-J3P6-2RW9 XWiki Jetty Package (XJetty) allows accessing any application file through URL
Impact In an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials, like http://myhots/webapps/xwiki/WEB-INF/xwiki.cfg,...
XWiki Jetty Package (XJetty) allows accessing any application file through URL
Impact In an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials, like http://myhots/webapps/xwiki/WEB-INF/xwiki.cfg,...
org.apache.causeway.core:causeway-core-config (=4.0.0-M1), org.apache.causeway.core:causeway-core-interaction (=4.0.0-M1) +105 more potentially affected by CVE-2025-64408 via org.apache.causeway.core:causeway-applib (=4.0.0-M1)
org.apache.causeway.core:causeway-applib MAVEN version =4.0.0-M1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.core:causeway-applib and may be impacted: - org.apache.causeway.core:causeway-core-config =4.0.0-M1 -...
dev.savantly.nexus:nexus-command-webapp (=3.4.0), org.apache.causeway.mavendeps:causeway-mavendeps-webapp (>=2.0.0 <=3.4.0) potentially affected by CVE-2025-64408 via org.apache.causeway.viewer:causeway-viewer-wicket-viewer (>=2.0.0-RC1 <=3.4.0)
org.apache.causeway.viewer:causeway-viewer-wicket-viewer MAVEN version =2.0.0-RC1, =2.0.0, =3.4.0 Source cves: CVE-2025-64408 Source advisory: SNYK:JAVA-ORGAPACHECAUSEWAYVIEWER-14052594...
org.apache.causeway.mavendeps:causeway-mavendeps-webapp (=4.0.0-M1) potentially affected by CVE-2025-64408 via org.apache.causeway.viewer:causeway-viewer-wicket-viewer (=4.0.0-M1)
org.apache.causeway.viewer:causeway-viewer-wicket-viewer MAVEN version =4.0.0-M1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.viewer:causeway-viewer-wicket-viewer and may be impacted: -...
org.apache.causeway.extensions:causeway-extensions-audittrail-applib (=4.0.0-M1), org.apache.causeway.extensions:causeway-extensions-audittrail-persistence-jpa (=4.0.0-M1) +18 more potentially affected by CVE-2025-64408 via org.apache.causeway.core:causeway-core-runtimeservices (=4.0.0-M1)
org.apache.causeway.core:causeway-core-runtimeservices MAVEN version =4.0.0-M1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.core:causeway-core-runtimeservices and may be impacted: -...
CVE-2025-13102
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-13102
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-13102
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-13102
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-13102
CVE-2025-13102 affects Google Chrome on Android and relates to an Inappropriate implementation in WebApp Installs, prior to version 134.0.6998.35. The issue allows a remote attacker to perform a UI spoofing attack via a crafted HTML page. The vulnerability is rated Low severity (CVSS 3.1: 4.3) wi...
EUVD-2025-180544
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-13102
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-13102
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
PT-2025-46936
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 134.0.6998.35 Description An issue exists in WebApp Installs within Google Chrome on Android. A remote attacker could potentially perform UI spoofing by using a specially crafted HTML page. The security severity...
Google Chrome 安全漏洞
Google Chrome is Google's web browser. A security vulnerability exists in Google Chrome versions prior to 134.0.6998.35, which stems from an inadequate validation mechanism for the web application installation process. The vulnerability can be exploited by an attacker to conduct an interface...
EUVD-2006-7168
Malware in sbrugna...
EUVD-2014-9284
Malware in sbrugna...
EUVD-2017-3278
Malware in sbrugna...