Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:31 a.m.8 views

CVE-2019-16914

An XSS issue was discovered in pfSense through 2.4.4-p3. In servicescaptiveportalmac.php, the username and delmac parameters are displayed without sanitization...

6.1CVSS6AI score0.02004EPSS
Exploits0References1
Snyk
Snyk
added 2025/09/19 9:31 p.m.2 views

Cross-site Request Forgery (CSRF)

Overview com.liferay.portal:portal-service is a portal service package for Liferay. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the orderUuid parameter in the server license registration process. An attacker can register a server license without...

5.1CVSS6.5AI score0.00169EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/09/19 9:31 p.m.5 views

com.liferay.faces:liferay-faces-alloy (>=3.0.1-ga2 <=3.0.2-ga3), com.liferay.faces:liferay-faces-bridge-impl (>=3.0.0-ga1 <=3.0.5-ga6) +37 more potentially affected by CVE-2025-43809 via com.liferay.portal:portal-service (>=6.0.2 <=6.0.6)

com.liferay.portal:portal-service MAVEN version =6.0.2, =3.0.1-ga2, =3.0.0-ga1, =3.0.0-ga1, =6.0.2, =6.0.2, =6.0.2, =6.0.2, =6.0.2, =7.7.36, =7.0.0, =1.4.5.1, =0.6.0, =0.7.0, =2.4, =2.4-RC1 - org.aperteworkflow.contrib:liferay-6.0-document-provider =1.1.1 and more Source cves: CVE-2025-43809 Sour...

5.1CVSS5.8AI score0.00169EPSS
Exploits0
CVE
CVE
added 2025/04/07 4:23 p.m.49 views

CVE-2025-3426

The CVE-2025-3426 entry describes lack of reverse engineering protections in Philips IntelliSpace Portal binaries, enabling discovery of hardcoded credentials. Affected products are IntelliSpace Portal 12 and earlier and Advanced Visualization Workspace 15. Technical details from connected source...

7.2CVSS7.6AI score0.00144EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/28 12:0 a.m.8 views

PT-2025-9115 · Dario Health · Dario Health Portal Service Application

Name of the Vulnerable Software and Affected Versions: Dario Health portal service application affected versions not specified Description: The issue allows an attacker to obtain sensitive information through a cross-site scripting XSS attack. Recommendations: At the moment, there is no informati...

7.1CVSS5.9AI score0.00276EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2023/04/16 2:2 p.m.5 views

au.com.permeance:liferay-clojure-integration (=0.1), br.com.thiagomoreira.liferay.plugins.bootstrap-jumbotron-app:bootstrap-jumbotron-app (>=1.0.0 <=1.0.1) +101 more potentially affected by CVE-2021-33990 via com.liferay.portal:portal-service (>=6.0.2 <=6.2.4)

com.liferay.portal:portal-service MAVEN version =6.0.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.0 - br.com.thiagomoreira.liferay.plugins.lorem-ipsum-button-app:hooks =1.0.0 - br.com.thiagomoreira.liferay.plugins.lorem-ipsum-button-app:lorem-ipsum-button-app =1.0.0 -...

9.8CVSS7.2AI score0.11915EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2022/05/17 3:5 a.m.8 views

au.com.permeance:liferay-clojure-integration (=0.1), br.com.thiagomoreira.liferay.plugins.bootstrap-jumbotron-app:bootstrap-jumbotron-app (>=1.0.0 <=1.0.1) +94 more potentially affected by CVE-2010-5327 via com.liferay.portal:portal-service (>=5.2.3 <=6.2.1)

com.liferay.portal:portal-service MAVEN version =5.2.3, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.0 - br.com.thiagomoreira.liferay.plugins.lorem-ipsum-button-app:hooks =1.0.0 - br.com.thiagomoreira.liferay.plugins.lorem-ipsum-button-app:lorem-ipsum-button-app =1.0.0 -...

8.8CVSS7.2AI score0.02711EPSS
Exploits0
OSV
OSV
added 2021/01/14 8:15 p.m.1 views

DEBIAN-CVE-2021-21261

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. This sandbox-escape bug is present in versio...

8.8CVSS8.6AI score0.0057EPSS
Exploits0References1
Veracode
Veracode
added 2020/06/01 3:17 a.m.10 views

Open Redirection

portal-service is vulnerable to open redirection. The vulnerability exists as the library does not properly validate some specially constructed domain names, allowing an attacker to redirect users to other malicious site using this flaw...

5.2AI score
Exploits0
Veeam
Veeam
added 2020/05/07 12:0 a.m.82 views

How to Adjust the Veeam Service Provider Console Web UI Session Timeout

Purpose This article documents how to modify the Veeam Service Provider Console configuration to adjust the Web UI timeout. The default Web UI timeout is 1 hour, and tokens are good for up to 48 hours. Solution Tip: Use the copy button in the text blocks below to simplify specifying which file to...

6.8AI score
Exploits0Affected Software1
Veracode
Veracode
added 2019/03/12 2:7 a.m.17 views

Cross-Site Scripting (XSS)

portal-service is vulnerable to cross-site scripting XSS. The library does not sanitize the Public Render Parameter prp value, allowing the attacker to inject arbitrary script through it...

6.1CVSS6AI score0.00669EPSS
Exploits1References1Affected Software1
Veeam
Veeam
added 2018/11/15 12:0 a.m.18 views

Veeam Availability Console U1 Cumulative Patch 1850

Challenge Veeam Availability Console U1 Cumulative Patch 1850. This update supersedes Veeam Availability Console U1 Cumulative Patch 1824. Cause Please confirm you are running version 2.0.2.1750 or later prior to installing this cumulative patch 1850. You can check this under Windows Programs and...

7AI score
Exploits0Affected Software1
Rows per page
Query Builder