Lucene search
K

1225 matches found

CVE
CVE
added 2025/12/01 8:9 p.m.53 views

CVE-2025-55749

XWiki Jetty package (XJetty) exposes a context that allows static access to files under webapp/, leading to information disclosure of potentially credential-bearing files. Affected versions are 16.7.0–16.10.11, 17.4.4, and 17.7.0. The issue is fixed in 16.10.11, 17.4.4, and 17.7.0. Connected data...

8.7CVSS6.5AI score0.01378EPSS
In wildExploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/12/01 6:59 p.m.9 views

XWiki Jetty Package (XJetty) allows accessing any application file through URL

Impact In an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials, like http://myhots/webapps/xwiki/WEB-INF/xwiki.cfg,...

8.7CVSS7AI score0.01378EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2025/12/01 6:59 p.m.4 views

GHSA-53GX-J3P6-2RW9 XWiki Jetty Package (XJetty) allows accessing any application file through URL

Impact In an instance which is using the XWiki Jetty package XJetty, a context is exposed to statically access any file located in the webapp/ folder. It allows accessing files which might contains credentials, like http://myhots/webapps/xwiki/WEB-INF/xwiki.cfg,...

8.7CVSS6.9AI score0.01378EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2025/11/19 10:46 a.m.7 views

org.apache.causeway.extensions:causeway-extensions-audittrail-applib (=4.0.0-M1), org.apache.causeway.extensions:causeway-extensions-audittrail-persistence-jpa (=4.0.0-M1) +18 more potentially affected by CVE-2025-64408 via org.apache.causeway.core:causeway-core-runtimeservices (=4.0.0-M1)

org.apache.causeway.core:causeway-core-runtimeservices MAVEN version =4.0.0-M1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.core:causeway-core-runtimeservices and may be impacted: -...

6.3CVSS5.8AI score0.09442EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/19 10:46 a.m.5 views

org.apache.causeway.mavendeps:causeway-mavendeps-webapp (=4.0.0-M1) potentially affected by CVE-2025-64408 via org.apache.causeway.viewer:causeway-viewer-wicket-viewer (=4.0.0-M1)

org.apache.causeway.viewer:causeway-viewer-wicket-viewer MAVEN version =4.0.0-M1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.viewer:causeway-viewer-wicket-viewer and may be impacted: -...

6.3CVSS5.8AI score0.09442EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/19 10:46 a.m.5 views

dev.savantly.nexus:nexus-command-webapp (=3.4.0), org.apache.causeway.mavendeps:causeway-mavendeps-webapp (>=2.0.0 <=3.4.0) potentially affected by CVE-2025-64408 via org.apache.causeway.viewer:causeway-viewer-wicket-viewer (>=2.0.0-RC1 <=3.4.0)

org.apache.causeway.viewer:causeway-viewer-wicket-viewer MAVEN version =2.0.0-RC1, =2.0.0, =3.4.0 Source cves: CVE-2025-64408 Source advisory: SNYK:JAVA-ORGAPACHECAUSEWAYVIEWER-14052594...

6.3CVSS5.8AI score0.09442EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/19 10:46 a.m.9 views

org.apache.causeway.core:causeway-core-config (=4.0.0-M1), org.apache.causeway.core:causeway-core-interaction (=4.0.0-M1) +105 more potentially affected by CVE-2025-64408 via org.apache.causeway.core:causeway-applib (=4.0.0-M1)

org.apache.causeway.core:causeway-applib MAVEN version =4.0.0-M1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.core:causeway-applib and may be impacted: - org.apache.causeway.core:causeway-core-config =4.0.0-M1 -...

6.3CVSS5.8AI score0.09442EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/19 9:10 a.m.6 views

CVE-2025-13102

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.4AI score0.00163EPSS
Exploits0References1
NVD
NVD
added 2025/11/14 3:15 a.m.3 views

CVE-2025-13102

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00163EPSS
Exploits0References2
OSV
OSV
added 2025/11/14 3:15 a.m.3 views

CVE-2025-13102

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/14 2:29 a.m.4 views

EUVD-2025-180544

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.9AI score0.00163EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/11/14 2:29 a.m.5 views

CVE-2025-13102

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.4AI score0.00163EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/11/14 2:29 a.m.5 views

CVE-2025-13102

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

6AI score0.00163EPSS
Exploits0References2
CVE
CVE
added 2025/11/14 2:29 a.m.424 views

CVE-2025-13102

CVE-2025-13102 affects Google Chrome on Android and relates to an Inappropriate implementation in WebApp Installs, prior to version 134.0.6998.35. The issue allows a remote attacker to perform a UI spoofing attack via a crafted HTML page. The vulnerability is rated Low severity (CVSS 3.1: 4.3) wi...

4.3CVSS6AI score0.00163EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/11/14 2:29 a.m.5 views

CVE-2025-13102

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00163EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.5 views

PT-2025-46936

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 134.0.6998.35 Description An issue exists in WebApp Installs within Google Chrome on Android. A remote attacker could potentially perform UI spoofing by using a specially crafted HTML page. The security severity...

4.3CVSS6.5AI score0.00163EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is Google's web browser. A security vulnerability exists in Google Chrome versions prior to 134.0.6998.35, which stems from an inadequate validation mechanism for the web application installation process. The vulnerability can be exploited by an attacker to conduct an interface...

4.3CVSS6.1AI score0.00163EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-1824

Malware in sbrugna...

4.3CVSS6.4AI score0.01022EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-1173

Malware in sbrugna...

4.3CVSS6.4AI score0.01569EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-1431

Malware in sbrugna...

4.3CVSS6.4AI score0.02474EPSS
Exploits0References10
Rows per page
Query Builder