4 matches found
CVE-2024-25606
XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older unsupported versions, and Liferay DXP 7.4 before update 4, 7.3 before update 12, 7.2 before fix pack 20, and older unsupported versions allows attackers with permission to deploy widgets/portlets/extensions to obtain sensitive...
CVE-2024-25606
XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older unsupported versions, and Liferay DXP 7.4 before update 4, 7.3 before update 12, 7.2 before fix pack 20, and older unsupported versions allows attackers with permission to deploy widgets/portlets/extensions to obtain sensitive...
CVE-2024-25606
XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older unsupported versions, and Liferay DXP 7.4 before update 4, 7.3 before update 12, 7.2 before fix pack 20, and older unsupported versions allows attackers with permission to deploy widgets/portlets/extensions to obtain sensitive...
OSV-2023-870 Heap-buffer-overflow in icu_74::SimpleDateFormat::subFormat
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62432 Crash type: Heap-buffer-overflow READ 4 Crash state: icu74::SimpleDateFormat::subFormat icu74::SimpleDateFormat::format icu74::SimpleDateFormat::format...