Lucene search
K

204 matches found

CVE
CVE
added 2025/11/05 2:46 p.m.14 views

CVE-2025-52602

CVE-2025-52602 affects HCL BigFix Query WebUI Query, where an HTTP GET endpoint may disclose discoverable data such as group names and active user names/IDs via the /api/v1/query endpoint. This exposure could enable targeted phishing or social engineering. The available connected documents confir...

4.2CVSS5.9AI score0.00151EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/10/30 12:0 a.m.12 views

VulnCheck KEV: CVE-2021-4461

Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...

9.3CVSS5.8AI score0.00602EPSS
In wildExploits0References119
Snyk
Snyk
added 2025/10/13 9:31 p.m.4 views

Authorization Bypass Through User-Controlled Key

Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the comliferayusersadminwebportletUsersAdminPortletaddUserIds parameter. An attacker can assign an organizatio...

5.3CVSS6.9AI score0.00243EPSS
Exploits0References2
CVE
CVE
added 2025/10/13 8:42 p.m.16 views

CVE-2025-62252

The CVE-2025-62252 issue is an IDOR vulnerability in Liferay Portal 7.4.0–7.4.3.111 and Liferay DXP 2023.Q3.1–Q3.10, 2023.Q4.0–Q4.5, and 7.4 GA–update 92. Affected code path is the _com_liferay_users_admin_web_portlet_UsersAdminPortlet_addUserIds parameter, which can let remote authenticated user...

5.3CVSS6.4AI score0.00243EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/10/13 8:42 p.m.10 views

CVE-2025-62252

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS0.00243EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.7 views

PT-2025-41811

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.10 Liferay DXP versions 2023.Q4.0 through 2023.Q4.5 Liferay Portal 7.4 GA through update 92 Description An Insecure Direct Object Reference IDOR iss...

5.3CVSS6.4AI score0.00243EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-6580

Malware in sbrugna...

5.3CVSS5.2AI score0.01924EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-1749

Malware in sbrugna...

4.3CVSS6.4AI score0.0068EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-1136

Malware in sbrugna...

5CVSS6.4AI score0.01678EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2000-0085

Malware in sbrugna...

5CVSS6.4AI score0.0137EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-1079

Malware in sbrugna...

4.3CVSS4.8AI score0.00897EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-1999-1289

Malware in sbrugna...

4.6CVSS6.4AI score0.00484EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-1999-1023

Malware in sbrugna...

1.2CVSS6.4AI score0.00336EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2023-12363

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00921EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-27652

Malicious code in bioql PyPI...

4.6CVSS5.1AI score0.0029EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11148

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.0026EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-46920

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.0055EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30233

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00205EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-3740

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/29 12:0 a.m.9 views

CVE-2025-55795

The openml/openml.org web application version v2.0.20241110 uses incremental user IDs and insufficient email ownership verification during email update workflows. An authenticated attacker controlling a user account with a lower user ID can update their email address to that of another user with ...

0.00281EPSS
Exploits1References3
Rows per page
Query Builder