Lucene search
K

41 matches found

CNNVD
CNNVD
added 2025/10/13 12:0 a.m.7 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

5.3CVSS6.5AI score0.00243EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-4364

Malware in sbrugna...

5.1CVSS6.4AI score0.01231EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-1243

Malware in sbrugna...

4.3CVSS6.4AI score0.01635EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-7131

Malware in sbrugna...

7.5CVSS6.4AI score0.02287EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2014-8388

Malware in sbrugna...

10CVSS6.1AI score0.05271EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-15699

Malware in sbrugna...

8.8CVSS8.4AI score0.01182EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-9306

Malware in sbrugna...

8.8CVSS8.6AI score0.04098EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-0653

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00471EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-0723

Malicious code in bioql PyPI...

9CVSS8.9AI score0.00558EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-33411

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00367EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/06/16 2:13 p.m.3 views

CVE-2025-3594

Path traversal vulnerability with the downloading and installation of Xuggler in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.4 GA, 7.3 GA through update 34, and older unsupported versions allows remote attackers to 1 add files to arbitrary locations on the server and 2 download and...

8.6CVSS7.9AI score0.00576EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:0 a.m.10 views

CVE-2024-25605

The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions grants guest users view permission to web content templates by default, which allows remote attacke...

5.3CVSS7AI score0.00481EPSS
Exploits0References1
0day.today
0day.today
added 2025/01/21 12:0 a.m.161 views

LibreNMS Authenticated Remote Code Execution Exploit

An authenticated attacker can create dangerous directory names on the system and alter sensitive configuration parameters through the web portal. Those two defects combined then allows to inject arbitrary OS commands inside shellexec calls, thus achieving arbitrary code execution. This module...

7.6AI score0.06933EPSS
Exploits4
Github Security Blog
Github Security Blog
added 2024/12/18 12:31 a.m.32 views

Liferay Portal and Liferay DXP have Cross-site Scripting vulnerability in edit Service Access Policy page

Cross-site scripting XSS vulnerability in the edit Service Access Policy page in Liferay Portal 7.0.0 through 7.4.3.87, and Liferay DXP 7.4 GA through update 87, 7.3 GA through update 29, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via a crafted...

4.8CVSS5.8AI score0.00265EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2024/02/21 3:15 a.m.16 views

CVE-2024-26266

Multiple stored cross-site scripting XSS vulnerabilities in Liferay Portal 7.2.0 through 7.4.3.13, and older unsupported versions, and Liferay DXP 7.4 before update 10, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allow remote authenticated users to inject arbitrary...

5.4CVSS7.5AI score0.00558EPSS
Exploits0References1
OSV
OSV
added 2024/02/20 5:15 a.m.8 views

CVE-2022-45320

Liferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix pack 19, 7.3 before update 6, and 7.4 before update 16 allow remote authenticated users to become the owner of a wiki page by editing the wiki page...

6.3CVSS6.1AI score0.00479EPSS
Exploits0References1
NCSC
NCSC
added 2023/10/19 12:0 a.m.6 views

Vulnerabilities fixed in Liferay Portal and DXP

Liferay has fixed vulnerabilities in Portal and DXP. A malicious party could exploit the vulnerabilities to perform of cross-site scripting XSS attacks. Such attacks can lead to execution of script code in the context of the victim's browser, or access sensitive data in the context of the browser...

9.6CVSS6.3AI score0.02261EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2023/10/17 12:8 p.m.4 views

CVE-2023-42627

Multiple stored cross-site scripting XSS vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, and Liferay DXP 7.3 update 33 and earlier, and 7.4 before update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a 1...

9.6CVSS5.8AI score0.02261EPSS
Exploits1References2
NCSC
NCSC
added 2023/03/30 12:0 a.m.5 views

Vulnerabilities fixed in Forcepoint Cloud Security Gateway

Forcepoint has fixed vulnerabilities in the Login Portal of Cloud Security Gateway and underlying tooling such as Web Security Gateway and Email Security Gateway. An unauthenticated malicious party could exploit the vulnerabilities to launch a Cross-Site Scripting attack. Such an attack typically...

6.1CVSS6.5AI score0.00353EPSS
Exploits0
OSV
OSV
added 2018/08/16 7:29 p.m.3 views

CVE-2018-1712

IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3 is vulnerable to Server Side Request Forgery. An attacker, using specially crafted input parameters can trick the server into making potentially malicious calls within the trusted network. IBM X-Force ID: 146370...

9.9CVSS5.8AI score0.00713EPSS
Exploits0References2
Rows per page
Query Builder