Lucene search
K

9 matches found

OSV
OSV
added 2025/09/09 9:30 p.m.3 views

GHSA-X5FW-8XGX-Q6C9 Liferay Portal is vulnerable to XSS attack through its search bar portlet

A reflected cross-site scripting XSS vulnerability in Liferay Portal 7.4.3.110 through 7.4.3.128, and Liferay DXP 2024.Q3.1 through 2024.Q3.8, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.12 allows remote attackers to inject arbitrary web script or HTML via the URL in search bar...

5.3CVSS5.4AI score0.00216EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/12/05 6:15 a.m.3 views

CVE-2022-47531

An issue was discovered in Ericsson Evolved Packet Gateway EPG versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell...

8.8CVSS7.5AI score0.00969EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/03/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2022-31678

VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure...

9.1CVSS7.1AI score0.08085EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.2 views

SUSE CVE-2019-10207

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the syste...

5.3CVSS5.9AI score0.00881EPSS
Exploits1References16
RedHat Linux
RedHat Linux
added 2023/01/31 1:18 p.m.4 views

bootstrap: XSS in the data-target attribute

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...

6.1CVSS6.6AI score0.04293EPSS
Exploits2References4
CNNVD
CNNVD
added 2021/04/27 12:0 a.m.6 views

Shibboleth 代码问题漏洞

Shibboleth is an open source SAML protocol Web Single Sign-On system for Windows based platforms from Shibboleth, UK. A security vulnerability exists in Shibboleth Service Provider 3.x series versions prior to 3.2.2, which is prone to a NULL pointer dereference flaw involving the session recovery...

7.5CVSS7.2AI score0.02EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2020/07/30 12:0 a.m.5 views

PT-2020-14784 · Ripe Ncc · Ripe Ncc Rpki Validator

Name of the Vulnerable Software and Affected Versions: RIPE NCC RPKI Validator versions 3.x through 3.1-2020.07.06.14.28 Description: An issue was discovered in the X509-based RPKI certificate-tree validation procedure, where missing validation checks on CRL presence or CRL staleness allow remote...

7.5CVSS7.5AI score0.00744EPSS
Exploits0References5
OSV
OSV
added 2017/05/03 5:59 a.m.5 views

CVE-2017-7430

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework...

6.1CVSS5.8AI score0.01023EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2016/01/03 5:59 a.m.1 views

CVE-2015-5035

Cross-site scripting XSS vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-5036...

5.4CVSS5.7AI score0.00657EPSS
Exploits0References3
Rows per page
Query Builder