CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

79 matches found

RedhatCVE•added 2026/02/04 3:15 a.m.•6 views

CVE-2025-6596

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/portlets.Js, resources/skins.Vector.Legacy.Js/portlets.Js. This issue affects Vecto...

5.2AI score0.00021EPSS

Exploits0References1

NVD•added 2026/02/02 11:16 p.m.•1 views

CVE-2025-6596

0.00021EPSS

Exploits0References1

OSV•added 2026/02/02 11:16 p.m.•0 views

UBUNTU-CVE-2025-6596

5.8AI score0.00021EPSS

Exploits0References5

ATTACKERKB•added 2026/02/02 10:58 p.m.•1 views

CVE-2025-6596

5.3AI score0.00021EPSS

Exploits0References2Affected Software1

Veracode•added 2025/11/25 8:1 a.m.•3 views

Open Redirect

liferay-portal is vulnerable to an Open Redirect vulnerability. The vulnerability is due to multiple settings portlets failing to validate user-supplied redirect parameters, where the System Settings, Instance Settings, and Site Settings portlets blindly trust values passed via their respective...

6.1CVSS7.4AI score0.00058EPSS

Exploits0References5Affected Software2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-0435

Malware in sbrugna...

7.5CVSS6.4AI score0.01409EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-0885

Malware in sbrugna...

4.3CVSS6.4AI score0.00236EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-4062

Malware in sbrugna...

6.5CVSS6.6AI score0.0022EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-3417

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00078EPSS

Exploits0References5

OSV•added 2025/08/22 9:31 p.m.•1 views

GHSA-W3CR-3XW2-RP78 Liferay Portal users are able to add system admin portlets to pages

Liferay Portal versions 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows admin users of a virtual instance to add pages that are not in the...

6.7CVSS6.5AI score0.00055EPSS

Exploits0References6

RedhatCVE•added 2025/05/23 4:8 a.m.•7 views

CVE-2023-47321

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control via the "Porlet Deployer" which allows administrators to deploy .WAR portlets...

4.9CVSS6.8AI score0.00267EPSS

Exploits1

RedhatCVE•added 2025/05/23 3:37 a.m.•5 views

CVE-2023-28679

Jenkins Mashup Portlets Plugin 1.1.2 and earlier provides the "Generic JS Portlet" feature that lets a user populate a portlet using a custom JavaScript expression, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...

5.4CVSS5.3AI score0.13157EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:31 p.m.•4 views

CVE-2021-21649

Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Configure permission...

5.4CVSS5.4AI score0.00188EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:30 a.m.•4 views

CVE-2019-10347

Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system...

8.8CVSS6.5AI score0.00078EPSS

Exploits0References1

Github Security Blog•added 2023/12/13 3:30 p.m.•20 views

Broken access control in Silverpeas

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control via the "Porlet Deployer" which allows administrators to deploy .WAR portlets...

4.9CVSS7AI score0.00267EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2023/12/13 2:15 p.m.•0 views

CVE-2023-47321

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control via the "Porlet Deployer" which allows administrators to deploy .WAR portlets...

4.9CVSS5.8AI score0.00267EPSS

Exploits1References3

Prion•added 2023/12/13 2:15 p.m.•17 views

Improper access control

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control via the "Porlet Deployer" which allows administrators to deploy .WAR portlets...

3.3CVSS7.1AI score0.00267EPSS

Exploits1References2Affected Software1

CNNVD•added 2023/12/13 12:0 a.m.•1 views

Silverpeas Security Vulnerabilities

Silverpeas is an open source business collaboration platform. The platform includes applications for project management, blogs, forums, and document management. A security vulnerability exists in Silverpeas Core version 6.3.1, which stems from the vulnerability of the Porlet Deployer to incorrect...

4.9CVSS6.8AI score0.00267EPSS

Exploits1References3