Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Cross-site Scripting (XSS)CVE-2025-43811
Affects com.liferay:com.liferay.item.selector.web | Versions [7.0.35,7.0.52)
Has fix
MavenPublished 1 Oct 2025
  • M
Cross-site Scripting (XSS)CVE-2025-43815
Affects com.liferay:com.liferay.product.navigation.control.menu.web | Versions [6.0.80,6.0.83)
Has fix
MavenPublished 1 Oct 2025
  • H
XML InjectionCVE-2025-59952
Affects io.minio:minio | Versions [7.0.0,8.6.0)
Has fix
MavenPublished 30 Sept 2025
  • M
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')CVE-2025-56769
Affects cn.hutool:hutool-extra | Versions [,5.8.40)
Has fix
MavenPublished 29 Sept 2025
  • H
Improper Input ValidationCVE-2025-48392
Affects org.apache.iotdb:iotdb-core | Versions [1.3.3,2.0.5)
Has fix
MavenPublished 28 Sept 2025
  • M
Cross-site Scripting (XSS)CVE-2025-4760
Affects org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.rest.api.publisher.v1.common | Versions [,9.31.117)
Has fix
MavenPublished 26 Sept 2025
  • M
Cross-site Scripting (XSS)CVE-2025-4760
Affects org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.api | Versions [,9.31.117)
Has fix
MavenPublished 26 Sept 2025
  • C
Deserialization of Untrusted DataCVE-2025-48459
Affects org.apache.iotdb:iotdb-confignode | Versions [1.0.0,2.0.5)
Has fix
MavenPublished 26 Sept 2025
  • M
Missing Release of Memory after Effective LifetimeCVE-2025-43816
Affects com.liferay:com.liferay.portal.vulcan.impl | Versions [,5.0.115)
Has fix
MavenPublished 26 Sept 2025
  • M
User Interface (UI) Misrepresentation of Critical InformationCVE-2024-6429
Affects org.wso2.identity.apps:identity-apps-core | Versions [,2.4.4)
Has fix
MavenPublished 26 Sept 2025
  • M
Authorization Bypass Through User-Controlled KeyCVE-2025-43810
Affects com.liferay.commerce:com.liferay.commerce.service | Versions [,11.0.164)
Has fix
MavenPublished 26 Sept 2025
  • M
Incorrect AuthorizationCVE-2025-43806
Affects com.liferay:com.liferay.batch.engine.api | Versions [,24.1.0)
Has fix
MavenPublished 26 Sept 2025
  • M
Incorrect AuthorizationCVE-2025-43806
Affects com.liferay:com.liferay.headless.batch.engine.impl | Versions [,4.0.52)
Has fix
MavenPublished 26 Sept 2025
  • M
Incorrect AuthorizationCVE-2025-43806
Affects com.liferay:com.liferay.batch.engine.service | Versions [,4.0.102)
Has fix
MavenPublished 26 Sept 2025
  • M
Improper Handling of Insufficient Permissions or PrivilegesCVE-2025-58457
Affects org.apache.zookeeper:zookeeper | Versions [3.9.0, 3.9.4)
Has fix
MavenPublished 26 Sept 2025
  • M
Insufficient Session ExpirationCVE-2025-43819
Affects com.liferay:com.liferay.saml.impl | Versions [,5.0.51)
Has fix
MavenPublished 25 Sept 2025
  • M
Symlink FollowingCVE-2025-59343
Affects org.webjars.npm:tar-fs | Versions [0,]
Has fix
MavenPublished 25 Sept 2025
  • M
Cross-site Scripting (XSS)CVE-2025-43802
Affects com.liferay:com.liferay.portal.tools.service.builder | Versions [,1.0.471)
Has fix
MavenPublished 24 Sept 2025
  • M
SQL InjectionCVE-2025-10473
Affects com.ruoyi:ruoyi-generator | Versions [0,]
Has fix
MavenPublished 24 Sept 2025
  • H
Denial of Service (DoS)CVE-2025-43796
Affects com.liferay:com.liferay.portal.vulcan.api | Versions [8.0.2,40.2.0)
Has fix
MavenPublished 24 Sept 2025
  • H
Denial of Service (DoS)CVE-2025-43796
Affects com.liferay:com.liferay.portal.vulcan.impl | Versions [5.0.7,5.0.105)
Has fix
MavenPublished 24 Sept 2025
  • M
Improper AuthorizationCVE-2025-10384
Affects com.ruoyi:ruoyi-admin | Versions [0,]
Has fix
MavenPublished 24 Sept 2025
  • H
Incorrect AuthorizationCVE-2025-59714
Affects edu.internet2.middleware.grouper:grouper | Versions [5.17.1,5.20.5)
Has fix
MavenPublished 24 Sept 2025
  • M
Insertion of Sensitive Information Into Sent DataCVE-2025-43814
Affects com.liferay:com.liferay.portal.security.audit.event.generators.user.management | Versions [,5.0.13)
Has fix
MavenPublished 24 Sept 2025
  • M
HTTP Request SmugglingCVE-2025-59822
Affects org.http4s:http4s-ember-core_sjs1_2.12 | Versions [,0.23.31)
Has fix
MavenPublished 24 Sept 2025
  • M
HTTP Request SmugglingCVE-2025-59822
Affects org.http4s:http4s-ember-core_2.12 | Versions [,0.23.31)[1.0.0-M2,1.0.0-M45)
Has fix
MavenPublished 24 Sept 2025
  • M
HTTP Request SmugglingCVE-2025-59822
Affects org.http4s:http4s-ember-core_native0.4_2.12 | Versions [,0.23.31)
Has fix
MavenPublished 24 Sept 2025
  • M
HTTP Request SmugglingCVE-2025-59822
Affects org.http4s:http4s-ember-core_native0.4_3 | Versions [,0.23.31)[1.0.0-M37,1.0.0-M45)
Has fix
MavenPublished 24 Sept 2025
  • M
HTTP Request SmugglingCVE-2025-59822
Affects org.http4s:http4s-ember-core_sjs1_3 | Versions [,0.23.31)[1.0.0-M24,1.0.0-M45)
Has fix
MavenPublished 24 Sept 2025
  • M
HTTP Request SmugglingCVE-2025-59822
Affects org.http4s:http4s-ember-core_native0.4_2.13 | Versions [,0.23.31)[1.0.0-M24,1.0.0-M45)
Has fix
MavenPublished 24 Sept 2025