Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1891 matches found

Positive Technologies
Positive Technologiesadded 2025/10/14 12:0 a.m.2 views

PT-2025-41896

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 144 Firefox ESR versions prior to 140.4 Thunderbird versions prior to 144 Thunderbird versions prior to 140.4 Description A use-after-free issue exists in the MediaTrackGraphImpl::GetInstance function. This can occur...

10CVSS8.9AI score0.19171EPSS
Exploits2References311
OSV
OSVadded 2025/10/13 9:31 p.m.2 views

GHSA-PFWQ-MR9G-GQ6M Liferay is Vulnerable to Authorization Bypass Through User-Controlled Key

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS6.9AI score0.00052EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2025/10/13 9:31 p.m.5 views

Liferay is Vulnerable to Authorization Bypass Through User-Controlled Key

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS6.9AI score0.00052EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2025/10/13 8:42 p.m.2 views

CVE-2025-62252

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS6.4AI score0.00052EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/13 8:42 p.m.2 views

EUVD-2025-34087

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS6.3AI score0.00052EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/10/13 8:42 p.m.4 views

CVE-2025-62252

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS0.00052EPSS
Exploits0References1
CVE
CVEadded 2025/10/13 8:42 p.m.8 views

CVE-2025-62252

The CVE-2025-62252 issue is an IDOR vulnerability in Liferay Portal 7.4.0–7.4.3.111 and Liferay DXP 2023.Q3.1–Q3.10, 2023.Q4.0–Q4.5, and 7.4 GA–update 92. Affected code path is the _com_liferay_users_admin_web_portlet_UsersAdminPortlet_addUserIds parameter, which can let remote authenticated user...

5.3CVSS6.4AI score0.00052EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichmentadded 2025/10/13 7:32 p.m.3 views

CVE-2025-62241

Insecure Direct Object Reference IDOR vulnerability with shipment addresses in Liferay DXP 2023.Q4.1 through 2023.Q4.5 allows remote authenticated users to from one virtual instance to view the shipment addresses of different virtual instance via the...

5.3CVSS6.3AI score0.00047EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/10/13 12:0 a.m.2 views

PT-2025-41811

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.10 Liferay DXP versions 2023.Q4.0 through 2023.Q4.5 Liferay Portal 7.4 GA through update 92 Description An Insecure Direct Object Reference IDOR iss...

5.3CVSS6.4AI score0.00052EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2025/10/13 12:0 a.m.3 views

PT-2025-41802

Name of the Vulnerable Software and Affected Versions Liferay DXP versions 2023.Q4.1 through 2023.Q4.5 Description An Insecure Direct Object Reference IDOR issue exists in Liferay DXP that allows authenticated remote users to access shipment addresses from different virtual instances. This occurs...

5.3CVSS6.5AI score0.00047EPSS
Exploits0References5
OSV
OSVadded 2025/10/07 7:19 p.m.2 views

CLSA-2025-1759864776 Fix CVE(s): CVE-2025-6020

SECURITY UPDATE: fix privilege escalation in pamnamespace - debian/patches-applied/CVE-2025-6020-pre.patch: prerequisite changes - debian/patches-applied/CVE-2025-6020.patch: enforce proper handling of instance directory symlinks to prevent mounting arbitrary paths - CVE-2025-6020...

7.8CVSS7.3AI score0.00072EPSS
Exploits0References1
Snyk
Snykadded 2025/10/07 2:39 a.m.1 views

Malicious Package

Overview oxrvxxxxxaslllcaj is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-6913

Malware in sbrugna...

4CVSS3.8AI score0.0024EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2011-0889

Malware in sbrugna...

4.3CVSS6.2AI score0.00309EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2011-2615

Malware in sbrugna...

5CVSS6.1AI score0.00492EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2009-0894

Malware in sbrugna...

4CVSS6.4AI score0.00165EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-1703

Malware in sbrugna...

6.1CVSS6.3AI score0.00215EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-15196

Malware in sbrugna...

9.8CVSS9.5AI score0.00775EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2014-5937

Malware in sbrugna...

5.5CVSS3.8AI score0.01239EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2008-3944

Malware in sbrugna...

5CVSS7.8AI score0.00885EPSS
Exploits0References5
Rows per page
Query Builder