Lucene search
+L

13939 matches found

EUVD
EUVD
added 2025/10/20 7:56 a.m.6 views

EUVD-2025-35042

An unrestricted upload of file with dangerous type vulnerability in the upload file function of Galaxy Software Services Corporation Vitals ESP Forum Module through 1.3 version allows remote authenticated users to execute arbitrary system commands via a malicious file...

9.3CVSS7AI score0.00462EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.6 views

CVE-2025-62252

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS6.8AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 9:15 p.m.12 views

CVE-2025-62252

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

4.3CVSS6.7AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 8:15 p.m.10 views

CVE-2025-62242

Insecure Direct Object Reference IDOR vulnerability with account addresses in Liferay Portal 7.4.3.4 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated users to from one account to view addresses fr...

4.3CVSS6.8AI score0.00175EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/10/13 6:31 p.m.11 views

Liferay Publications is vulnerable to Incorrect Authorization

Insecure direct object reference IDOR vulnerability in Publications in Liferay Portal 7.4.1 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated attackers to view publication comments via the...

5.4CVSS6.8AI score0.00225EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2025/10/13 6:31 p.m.8 views

EUVD-2025-34073

Liferay Publications is vulnerable to Incorrect Authorization...

5.3CVSS6.5AI score0.00225EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/13 5:14 p.m.11 views

CVE-2025-62243

Insecure direct object reference IDOR vulnerability in Publications in Liferay Portal 7.4.1 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote authenticated attackers to view publication comments via the...

5.3CVSS0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.11 views

PT-2025-41802

Name of the Vulnerable Software and Affected Versions Liferay DXP versions 2023.Q4.1 through 2023.Q4.5 Description An Insecure Direct Object Reference IDOR issue exists in Liferay DXP that allows authenticated remote users to access shipment addresses from different virtual instances. This occurs...

5.3CVSS6.5AI score0.00254EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/10/10 3:31 p.m.8 views

Liferay Portal is vulnerable to XSS through its workflow process builder

Cross-site scripting XSS vulnerability in workflow process builder in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject arbitrary web script or HT...

5.4CVSS6AI score0.00208EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:31 a.m.21 views

EUVD-2025-32592

The Profile widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, and older unsupported versions uses a user’s name in the “Content-Disposition” header, which allows...

4.8CVSS6.3AI score0.00217EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2009-1997

Malware in sbrugna...

6.5CVSS6.3AI score0.02314EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2010-4230

Malware in sbrugna...

6CVSS6AI score0.03139EPSS
Exploits0References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-4369

Malware in sbrugna...

4CVSS6.3AI score0.02329EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-2025

Malware in sbrugna...

5CVSS6.1AI score0.01487EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-2012

Malware in sbrugna...

4CVSS6.4AI score0.01632EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-5840

Malware in sbrugna...

4CVSS6.4AI score0.01501EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-17853

Malware in sbrugna...

8.8CVSS8.7AI score0.01393EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-3353

Malware in sbrugna...

6.8CVSS6.4AI score0.01061EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-2413

Malware in sbrugna...

6.1CVSS6.3AI score0.00792EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-4377

Malware in sbrugna...

3.5CVSS6.4AI score0.00965EPSS
Exploits0References6
Rows per page
Query Builder