Vulnerability DB | Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

M

Insertion of Sensitive Information into Log FileCVE-2025-62262

Affects com.liferay:com.liferay.portal.security.ldap.impl | Versions [,4.0.54)

Has fix

MavenPublished 30 Oct 2025

M

Open RedirectCVE-2025-62253

Affects com.liferay:com.liferay.layout.admin.web | Versions [,5.0.157)

Has fix

MavenPublished 30 Oct 2025

M

Cleartext Storage of Sensitive InformationCVE-2025-62261

Affects com.liferay.portal:com.liferay.portal.impl | Versions [,93.0.0)

Has fix

MavenPublished 30 Oct 2025

M

Missing Authentication for Critical FunctionCVE-2025-62259

Affects com.liferay.portal:com.liferay.portal.impl | Versions [,97.0.0)

Has fix

MavenPublished 30 Oct 2025

M

Session FixationCVE-2025-12390

Affects org.keycloak:keycloak-services | Versions [,26.0.0)

Has fix

MavenPublished 30 Oct 2025

H

Command InjectionCVE-2025-64140

Affects org.jenkins-ci.plugins:azure-cli | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cleartext Transmission of Sensitive InformationCVE-2025-64144

Affects io.jenkins.plugins:byteguard-build-actions | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cleartext Transmission of Sensitive InformationCVE-2025-64143

Affects com.openshift.jenkins:openshift-pipeline | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cross-site Request Forgery (CSRF)CVE-2025-64141

Affects org.jenkins-ci.plugins:nexus-task-runner | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Missing AuthorizationCVE-2025-64142

Affects org.jenkins-ci.plugins:nexus-task-runner | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Missing AuthorizationCVE-2025-64139

Affects org.jenkins-ci.plugins:windocks-start-container | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

H

XML External Entity (XXE) InjectionCVE-2025-64134

Affects org.jenkins-ci.plugins:jdepend | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cleartext Transmission of Sensitive InformationCVE-2025-64147

Affects org.jenkins-ci.plugins:curseforge-publisher | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cross-site Request Forgery (CSRF)CVE-2025-64133

Affects jp.ikedam.jenkins.plugins:extensible-choice-parameter | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cross-site Request Forgery (CSRF)CVE-2025-64138

Affects org.jenkins-ci.plugins:windocks-start-container | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

H

Insecure Default Initialization of ResourceCVE-2025-64135

Affects io.jenkins.plugins:eggplant-runner | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cleartext Transmission of Sensitive InformationCVE-2025-64145

Affects io.jenkins.plugins:byteguard-build-actions | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cleartext Transmission of Sensitive InformationCVE-2025-64146

Affects org.jenkins-ci.plugins:curseforge-publisher | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Missing AuthorizationCVE-2025-64132

Affects io.jenkins.plugins:mcp-server | Versions [,0.86.v7d3355e6a_a_18)

Has fix

MavenPublished 30 Oct 2025

M

Missing AuthorizationCVE-2025-64137

Affects org.jenkins-ci.plugins:themis | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cross-site Request Forgery (CSRF)CVE-2025-64136

Affects org.jenkins-ci.plugins:themis | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Cross-site Request Forgery (CSRF)CVE-2025-64149

Affects org.jenkins-ci.plugins:publish-to-bitbucket | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Missing AuthorizationCVE-2025-64150

Affects org.jenkins-ci.plugins:publish-to-bitbucket | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

M

Missing AuthorizationCVE-2025-64148

Affects org.jenkins-ci.plugins:publish-to-bitbucket | Versions [0,]

Has fix

MavenPublished 30 Oct 2025

H

Replay AttackCVE-2025-64131

Affects org.jenkins-ci.plugins:saml | Versions [,4.583.585.v22ccc1139f55)

Has fix

MavenPublished 30 Oct 2025

H

Allocation of Resources Without Limits or ThrottlingCVE-2025-62260

Affects com.liferay:com.liferay.portal.vulcan.impl | Versions [,5.0.104)

Has fix

MavenPublished 30 Oct 2025

H

Cross-site Request Forgery (CSRF)CVE-2025-62258

Affects com.liferay:com.liferay.headless.discovery.web | Versions [0,]

Has fix

MavenPublished 29 Oct 2025

H

Untrusted Search PathCVE-2025-49124

Affects org.apache.tomcat:tomcat | Versions [9.0.23,9.0.106)[10.1.0,10.1.42)[11.0.0-M1,11.0.8)

Has fix

MavenPublished 29 Oct 2025

H

Untrusted Search PathCVE-2025-49124

Affects org.apache.tomcat:tomcat-catalina | Versions [9.0.23,9.0.106)[10.1.0,10.1.42)[11.0.0-M1,11.0.8)

Has fix

MavenPublished 29 Oct 2025

H

Untrusted Search PathCVE-2025-49124

Affects org.apache.tomcat.embed:tomcat-embed-core | Versions [9.0.23,9.0.106)[10.1.0,10.1.42)[11.0.0-M1,11.0.8)

Has fix

MavenPublished 29 Oct 2025

Product

Partners
Developers & Devops Features
Enterprise Features
Pricing
Test with GitHub
Test with CLI
API status

Resources

Vulnerability DB
Blog
Documentation
FAQs

Company

About
Jobs
Contact
Legal terms
Privacy
Press kit
Events

Contact us

Support
Report a new vuln

Find us online

Track our development

© 2026 Snyk Ltd.