Lucene search
K

8 matches found

Securelist
Securelist
added 2025/09/05 9:0 a.m.11 views

IT threat evolution in Q2 2025. Non-mobile statistics

IT threat evolution in Q2 2025. Non-mobile statistics IT threat evolution in Q2 2025. Mobile statistics The statistics in this report are based on detection verdicts returned by Kaspersky products unless otherwise stated. The information was provided by Kaspersky users who consented to sharing...

10CVSS9.6AI score0.99359EPSS
Exploits45
OSV
OSV
added 2025/08/23 3:30 a.m.2 views

GHSA-H4M4-XP33-37MJ Liferay Portal vulnerable to Reflected XSS with the referer and forward parameter

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated...

6.9CVSS5.2AI score0.00181EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/21 8:23 p.m.11 views

CVE-2025-43747

A server-side request forgery SSRF vulnerability exists in the Liferay DXP 2025.Q2.0 through 2025.Q2.3 due to insecure domain validation on analytics.cloud.domain.allowed, allowing an attacker to perform requests by change the domain and bypassing the validation method, this insecure validation i...

4.8CVSS0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/19 6:13 p.m.2 views

CVE-2025-43737

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8 and 2025.Q1.0 through 2025.Q1.15 allows a remote authenticated user to inject JavaScript code via comliferayjournalwebportletJournalPortletbackURL parameter...

5.1CVSS5.7AI score0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/24 12:0 a.m.9 views

PT-2024-5211 · Telerik · Telerik Report Server

Name of the Vulnerable Software and Affected Versions: In Progress Telerik Report Server versions prior to 2024 Q2 10.1.24.709 Description: The issue is related to an insecure deserialization vulnerability in the Telerik Report Server, which can be exploited to allow a remote attacker to execute...

9.9CVSS7.9AI score0.01997EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.3 views

PT-2024-37876 · National Instruments · Ni Veristand

Name of the Vulnerable Software and Affected Versions: NI VeriStand versions 2024 Q2 and prior Description: The issue is related to missing authorization checks when accessing File Transfer resources, potentially leading to information disclosure or remote code execution. Recommendations: For NI...

9.8CVSS7.9AI score0.00954EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.4 views

PT-2024-29683 · Progress · Telerik Reporting

Name of the Vulnerable Software and Affected Versions: In Progress Telerik Reporting versions prior to 2024 Q2 18.1.24.2.514 Description: A code execution attack is possible by a local threat actor through an insecure deserialization vulnerability, allowing for potential exploitation...

7.8CVSS7.7AI score0.00286EPSS
Exploits0References3
MSRC
MSRC
added 2020/07/15 5:0 p.m.21 views

Top MSRC 2020 Q2 Security Researchers Announced – Congratulations!

We are excited to announce the top contributing researchers for the 2020 Second Quarter Q2! Congratulations to all the researchers who continue to rock the leaderboard, and a big thank you to everyone for your contribution to securing our customers and the ecosystem. The top three researchers of...

2.9AI score
Exploits0
Rows per page
Query Builder