CVE-2025-43802

CVE-2025-43802 is a stored XSS vulnerability in Liferay Portal/DXP where an attacker can inject arbitrary script via the externalReferenceCode parameter on the /o/c/ API. Affected: Liferay Portal 7.4.3.51–7.4.3.109 and Liferay DXP 2023.Q3.1–2023.Q3.4, plus older 7.4/7.3 updates listed in the inta...

CVE-2025-43802

Stored cross-site scripting XSS vulnerability in a custom object’s /o/c/ API endpoint in Liferay Portal 7.4.3.51 through 7.4.3.109, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 update 51 through update 92, and 7.3 update 33 through update 35. allows remote attackers to inject arbitrary web...

PT-2025-37774

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.51 through 7.4.3.109 Liferay DXP versions 2023.Q3.1 through 2023.Q3.4 Liferay DXP 7.4 update 51 through update 92 Liferay DXP 7.3 update 33 through update 35 Description: A stored cross-site scripting XSS...

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

CVE-2025-58642

creationtimestamp| type| source ---|---|--- 2025-09-03 17:32:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxx5z3f4nx2j 2025-09-03 20:30:29+00:00| seen| https://gist.github.com/Darkcrai86/b270f0a3b53e6d39444f931752c48b15...

CGA-4522-V9Q4-H938

Bulletin has no description...

CGA-9MWF-WJHR-G2X3

Bulletin has no description...

CVE-2024-56496

creationtimestamp| type| source ---|---|--- 2025-08-22 14:52:22+00:00| seen| MISP/24306fae-b16b-4478-9297-d2973cdb583c...

CGA-54R5-FGQV-FRPH

Bulletin has no description...

CGA-3X98-FMRF-W23J

Bulletin has no description...

CGA-55H7-M735-X7VX

Bulletin has no description...

TPM 2.0 Reference Code Vulnerability – Discrete TPMs - Lenovo Support US

No description provided...

TPM 2.0 Reference Code Vulnerability – Discrete TPMs - Lenovo Support US

No description provided...

MINI-63V8-38C8-356Q

Bulletin has no description...

Intel 2025.1 IPU – 13th and 14th Generation Processors Security Update

Intel has informed HP a potential security vulnerability in some 13th and 14th Generation Intel® Core™ Processors, which might allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. Intel has released updates to mitigate the...

CVE-2022-42128

The Hypermedia REST APIs module in Liferay Portal 7.4.1 through 7.4.3.4, and Liferay DXP 7.4 GA does not properly check permissions, which allows remote attackers to obtain a WikiNode object via the WikiNodeResource.getSiteWikiNodeByExternalReferenceCode API...

CGA-GJ35-9VM9-J3JG

Bulletin has no description...

CGA-H2H3-HF35-RQ5V

Bulletin has no description...

CGA-CG9W-H7PR-9649

Bulletin has no description...

Security update for microcode_ctl

This update for microcodectl fixes the following issues: CVE-2024-31068: Improper Finite State Machines FSMs in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. bsc1237096 CVE-2024-36293: A potential security vulnerabilit...