Vulnerability DB | Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

M

Arbitrary File UploadCVE-2021-33990

Affects com.liferay.portal:portal-service | Versions [,6.2.5)

Has fix

MavenPublished 23 Oct 2025

L

Missing AuthorizationCVE-2025-62247

Affects com.liferay:com.liferay.search.experiences.service | Versions [0,]

Has fix

MavenPublished 23 Oct 2025

L

Predictable Seed in Pseudo-Random Number Generator (PRNG)CVE-2025-62710

Affects org.sakaiproject.scheduler:scheduler-component-shared | Versions [0,]

Has fix

MavenPublished 23 Oct 2025

L

Predictable Seed in Pseudo-Random Number Generator (PRNG)CVE-2025-62710

Affects org.sakaiproject.kernel:sakai-kernel-impl | Versions [0,]

Has fix

MavenPublished 23 Oct 2025

H

Files or Directories Accessible to External PartiesCVE-2025-11965

Affects io.vertx:vertx-web | Versions [,4.5.22)[5.0.0.CR1,5.0.5)

Has fix

MavenPublished 23 Oct 2025

L

Cross-site Scripting (XSS)CVE-2025-11966

Affects io.vertx:vertx-web | Versions [,4.5.22)[5.0.0.CR1,5.0.5)

Has fix

MavenPublished 23 Oct 2025

H

Improper Verification of Cryptographic SignatureCVE-2025-53057

Affects org.graalvm.sdk:graal-sdk | Versions [,17.0.17)[21.0.0,21.0.9)

Has fix

MavenPublished 22 Oct 2025

M

Improper Input ValidationCVE-2025-61748

Affects org.graalvm.sdk:graal-sdk | Versions [,21.0.9)

Has fix

MavenPublished 22 Oct 2025

M

Origin Validation ErrorCVE-2025-62250

Affects com.liferay:com.liferay.portal.cluster.multiple | Versions [,5.0.35)

Has fix

MavenPublished 22 Oct 2025

M

Cross-site Scripting (XSS)CVE-2025-62249

Affects com.liferay.portal:com.liferay.portal.impl | Versions [0,]

Has fix

MavenPublished 22 Oct 2025

H

Improper Isolation or CompartmentalizationCVE-2025-57738

Affects org.apache.syncope.fit:syncope-fit-build-tools | Versions [,3.0.14)[4.0.0,4.0.2)

Has fix

MavenPublished 21 Oct 2025

H

Improper Isolation or CompartmentalizationCVE-2025-57738

Affects org.apache.syncope.core:syncope-core-provisioning-java | Versions [,3.0.14)[4.0.0,4.0.2)

Has fix

MavenPublished 21 Oct 2025

H

Improper Isolation or CompartmentalizationCVE-2025-57738

Affects org.apache.syncope.core:syncope-core-persistence-api | Versions [,3.0.14)[4.0.0,4.0.2)

Has fix

MavenPublished 21 Oct 2025

H

Improper Isolation or CompartmentalizationCVE-2025-57738

Affects org.apache.syncope.core:syncope-core-spring | Versions [,3.0.14)[4.0.0,4.0.2)

Has fix

MavenPublished 21 Oct 2025

M

SQL InjectionCVE-2025-56316

Affects net.mingsoft:ms-mcms | Versions [,6.0.2)

Has fix

MavenPublished 20 Oct 2025

M

Cross-site Request Forgery (CSRF)CVE-2025-47410

Affects org.apache.geode:geode-web | Versions [,1.15.2)

Has fix

MavenPublished 20 Oct 2025

C

Improper Certificate ValidationCVE-2025-62371

Affects org.opensearch.dataprepper.plugins:kafka-plugins | Versions [,2.12.2)

Has fix

MavenPublished 19 Oct 2025

C

Improper Certificate ValidationCVE-2025-62371

Affects org.opensearch.dataprepper.plugins:geoip-processor | Versions [,2.12.2)

Has fix

MavenPublished 19 Oct 2025

C

Improper Certificate ValidationCVE-2025-62371

Affects org.opensearch.dataprepper.plugins:opensearch | Versions [,2.12.2)

Has fix

MavenPublished 19 Oct 2025

M

Cross-site Request Forgery (CSRF)CVE-2025-41254

Affects org.springframework:spring-websocket | Versions [,6.2.12)

Has fix

MavenPublished 17 Oct 2025

H

Expression Language InjectionCVE-2025-41253

Affects org.springframework.cloud:spring-cloud-gateway-server | Versions [,4.2.6)[4.3.0,4.3.2)

Has fix

MavenPublished 16 Oct 2025

M

CRLF InjectionCVE-2025-59419

Affects io.netty:netty-codec-smtp | Versions [,4.1.128.Final)[4.2.0.Alpha1,4.2.7.Final)

Has fix

MavenPublished 16 Oct 2025

M

Incorrect Permission Assignment for Critical ResourceCVE-2025-62251

Affects com.liferay:com.liferay.site.navigation.menu.item.asset.vocabulary | Versions [,1.0.23)

Has fix

MavenPublished 16 Oct 2025

M

Directory TraversalCVE-2025-11849

Affects org.zwobble.mammoth:mammoth | Versions [,1.11.0)

Has fix

MavenPublished 16 Oct 2025

M

Cross-site ScriptingCVE-2024-44088

Affects org.apache.geode:geode-web-api | Versions [,1.15.2)

Has fix

MavenPublished 15 Oct 2025

C

Improper Verification of Cryptographic SignatureCVE-2025-55039

Affects org.apache.spark:spark-network-common_2.13 | Versions [,3.4.4)[3.5.0,3.5.2)

Has fix

MavenPublished 15 Oct 2025

C

Improper Verification of Cryptographic SignatureCVE-2025-55039

Affects org.apache.spark:spark-network-common_2.12 | Versions [,3.4.4)[3.5.0,3.5.2)

Has fix

MavenPublished 15 Oct 2025

M

Incorrect AuthorizationCVE-2025-62243

Affects com.liferay:com.liferay.change.tracking.web | Versions [,2.0.121)

Has fix

MavenPublished 14 Oct 2025

M

Authorization Bypass Through User-Controlled KeyCVE-2025-62244

Affects com.liferay:com.liferay.change.tracking.web | Versions [,2.0.120)

Has fix

MavenPublished 14 Oct 2025

M

Authorization Bypass Through User-Controlled KeyCVE-2025-62242

Affects com.liferay:com.liferay.account.api | Versions [,18.2.0)

Has fix

MavenPublished 14 Oct 2025

Product

Partners
Developers & Devops Features
Enterprise Features
Pricing
Test with GitHub
Test with CLI
API status

Resources

Vulnerability DB
Blog
Documentation
FAQs

Company

About
Jobs
Contact
Legal terms
Privacy
Press kit
Events

Contact us

Support
Report a new vuln

Find us online

Track our development

© 2026 Snyk Ltd.