681 matches found
CVE-2024-29182
Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...
Cross site scripting
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. org.xwiki.platform:xwiki-platform-web starting in version 3.1-milestone-2 and prior to version 13.4-rc-1, as well as org.xwiki.platform:xwiki-platform-web-templates prior to versions 14.10.12...
Information disclosure
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.0-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, tags from pages not viewable to the current user are leaked by the tags API. This information can also...
CVE-2023-34466 XWiki Platform's tags on non-viewable pages can be revealed to users
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.0-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, tags from pages not viewable to the current user are leaked by the tags API. This information can also...
GHSA-7F2F-PCV3-J2R7 XWiki Platform's tags on non-viewable pages can be revealed to users
Impact Tags from pages not viewable to the current user are leaked by the tags API. This information can also be exploited to infer the document reference of non-viewable pages. Patches This vulnerability has been patched in XWiki 14.4.8, 14.10.4, and 15.0 RC1. Workarounds There is no workaround...
SUSE CVE-2012-5090
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library...
CVE-2012-5090
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library...
CVE-2012-5090
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library...
CVE-2012-5090
Technical details about CVE-2012-5090 are not publicly available in the provided documents; no concrete affected components, root cause, or fixes are disclosed. Monitor for updates from Oracle/SUSE and NVD.
CVE-2025-22194
CVE-2025-22194 is linked in a connected PTSecurity entry to Apache Struts Deserialization Memory Corruption . The available note indicates a memory corruption issue from deserializing untrusted data in Struts components. The provided sources do not specify affected versions, exploit status, or a ...
CVE-2019-25190
...
CVE-2025-62684
This CVE entry is rejected/not used and does not represent an active vulnerability entry.
MS:35D7273D-3223-4929-95A5-1F297396946C
...
MS:4A4CFA3F-337E-496E-9D32-A143AFCB27F4
...
MS:F400C36B-D4BB-424B-A4A3-C4A837B04FFF
...
MS:307D7002-8956-4B5A-983E-253B786DD96B
...
MS:6C04BC8F-F636-4109-9ABB-CDD1D58B94EF
...
MS:DBFCC6BE-6FAE-4466-BEC7-2FF906AF46C0
...
MS:073BC4F2-E494-4D1C-87D1-6740A717251C
...