Lucene search
K

377 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27724

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-33375

Malicious code in bioql PyPI...

3.7CVSS6.2AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 3:19 a.m.7 views

CVE-2025-43777

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 exposes "Internal Server Error" in the response body when a...

5.1CVSS6.8AI score0.00216EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2011-3744

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error...

5CVSS6AI score0.01372EPSS
Exploits1References2
OSV
OSV
added 2025/09/09 3:30 a.m.3 views

GHSA-9VWQ-J6GQ-W9XH Liferay Portal exposes 500 status when attempting login with a deleted client secret

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 exposes "Internal Server Error" in the response body when a...

5.1CVSS6.9AI score0.00216EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/09/09 3:30 a.m.8 views

Liferay Portal exposes 500 status when attempting login with a deleted client secret

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 exposes "Internal Server Error" in the response body when a...

5.3CVSS6.9AI score0.00216EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/09/09 3:15 a.m.3 views

CVE-2025-43777

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 exposes "Internal Server Error" in the response body when a...

5.3CVSS5.8AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 3:15 a.m.7 views

CVE-2025-43777

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 exposes "Internal Server Error" in the response body when a...

5.3CVSS0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/09 3:0 a.m.2 views

CVE-2025-43777

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 exposes "Internal Server Error" in the response body when a...

5.1CVSS6.4AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 3:0 a.m.21 views

CVE-2025-43777

CVE-2025-43777 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP versions 2025.Q1.0–2025.Q2.9 (and earlier 2024.Q1.1–2024.Q4.7, 2024.Q2.0–2024.Q2.13, 2024.Q3.0–2024.Q3.13). The issue: an Internal Server Error is exposed in the login response when a request uses a deleted Client Secret. Root ...

5.3CVSS6.4AI score0.00216EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/09/09 3:0 a.m.8 views

CVE-2025-43777

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 exposes "Internal Server Error" in the response body when a...

5.1CVSS0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.6 views

PT-2025-36566

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.0 through 7.4.3.132 Liferay DXP versions 2024.Q1.1 through 2024.Q1.19 Liferay DXP versions 2024.Q2.0 through 2024.Q2.13 Liferay DXP versions 2024.Q3.0 through 2024.Q3.13 Liferay DXP versions 2024.Q4.0 through...

5.1CVSS6.5AI score0.00216EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.3 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

5.3CVSS6.5AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/15 11:42 p.m.19 views

CVE-2025-55194

Part-DB is an open source inventory management system for electronic components. Prior to version 1.17.3, any authenticated user can upload a profile picture with a misleading file extension e.g., .jpg.txt, resulting in a persistent 500 Internal Server Error when attempting to view or edit that...

5.7CVSS7AI score0.00324EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/13 10:46 p.m.30 views

CVE-2025-55194 Part-DB Persistent Denial of Service via Uncaught Exception from Misleading File Extension in Avatar Upload

Part-DB is an open source inventory management system for electronic components. Prior to version 1.17.3, any authenticated user can upload a profile picture with a misleading file extension e.g., .jpg.txt, resulting in a persistent 500 Internal Server Error when attempting to view or edit that...

5.7CVSS0.00324EPSS
Exploits1References3
OSV
OSV
added 2025/08/13 10:46 p.m.18 views

CVE-2025-55194 Part-DB Persistent Denial of Service via Uncaught Exception from Misleading File Extension in Avatar Upload

Part-DB is an open source inventory management system for electronic components. Prior to version 1.17.3, any authenticated user can upload a profile picture with a misleading file extension e.g., .jpg.txt, resulting in a persistent 500 Internal Server Error when attempting to view or edit that...

5.7CVSS6.7AI score0.00324EPSS
Exploits1References5
Veracode
Veracode
added 2025/07/21 5:40 a.m.5 views

Denial Of Service (DoS)

github.com/filebrowser/filebrowser is vulnerable to Denial of Service DoS. The vulnerability is due to the server loading entire file content into memory without size checks during read operations on the /files/file-name endpoint, which allows an attacker to upload a large file and trigger...

8.7CVSS6.1AI score0.00348EPSS
Exploits1References4Affected Software2
GithubExploit
GithubExploit
added 2025/07/08 10:31 p.m.450 views

Exploit for CVE-2025-49132

CVE-2025-49132-poc I made this poc for CVE-2025-49132https...

10CVSS7.9AI score0.13105EPSS
Exploits28
RedhatCVE
RedhatCVE
added 2025/05/23 9:34 a.m.4 views

CVE-2024-22725

Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...

6.1CVSS5.7AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:7 a.m.11 views

CVE-2023-5617

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered...

5.3CVSS6.9AI score0.00376EPSS
Exploits0
Rows per page
Query Builder