Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-42131 |
|
Vulnerability in liferay (CVE-2022-42131)
vulnerability in liferay (CVE-2022-42131). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42132 |
|
Information Disclosure in liferay (CVE-2022-42132)
vulnerability in liferay (CVE-2022-42132). Confidential information can be exposed externally.
|
| CVE-2022-42129 |
|
Vulnerability in liferay (CVE-2022-42129)
vulnerability in liferay (CVE-2022-42129). Risk of unauthorized operations or information disclosure. Exploitable via ``formInstanceRecordId``.
|
| CVE-2022-42130 |
|
Vulnerability in liferay (CVE-2022-42130)
vulnerability in liferay (CVE-2022-42130). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42125 |
|
Path Traversal in path-traversal (CVE-2022-42125)
path traversal in path-traversal (CVE-2022-42125). Data can be tampered with by attackers.
|
| CVE-2022-42128 |
|
Vulnerability in liferay (CVE-2022-42128)
vulnerability in liferay (CVE-2022-42128). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42127 |
|
Vulnerability in liferay (CVE-2022-42127)
vulnerability in liferay (CVE-2022-42127). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42126 |
|
Vulnerability in liferay (CVE-2022-42126)
vulnerability in liferay (CVE-2022-42126). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42123 |
|
Path Traversal in path-traversal (CVE-2022-42123)
path traversal in path-traversal (CVE-2022-42123). Data can be tampered with by attackers.
|
| CVE-2022-42124 |
|
Vulnerability in liferay (CVE-2022-42124)
vulnerability in liferay (CVE-2022-42124). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42119 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42119)
cross-site scripting in liferay (CVE-2022-42119). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42118 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42118)
cross-site scripting in liferay (CVE-2022-42118). Risk of unauthorized operations or information disclosure. Exploitable via ``tag``.
|
| CVE-2022-42120 |
|
SQL Injection in c (CVE-2022-42120)
SQL injection in c (CVE-2022-42120). Successful exploitation can lead to full system takeover. Exploitable via ``namespace``.
|
| CVE-2022-42121 |
|
SQL Injection in sqli (CVE-2022-42121)
SQL injection in sqli (CVE-2022-42121). Successful exploitation can lead to full system takeover.
|
| CVE-2022-42122 |
|
SQL Injection in sqli (CVE-2022-42122)
SQL injection in sqli (CVE-2022-42122). Successful exploitation can lead to full system takeover. Exploitable via ``title``.
|
| CVE-2022-38901 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-38901)
cross-site scripting in liferay (CVE-2022-38901). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42117 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42117)
cross-site scripting in liferay (CVE-2022-42117). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42112 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42112)
cross-site scripting in liferay (CVE-2022-42112). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42116 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42116)
cross-site scripting in liferay (CVE-2022-42116). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42115 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42115)
cross-site scripting in liferay (CVE-2022-42115). Risk of unauthorized operations or information disclosure. Exploitable via ``Label``.
|
| CVE-2022-42114 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42114)
cross-site scripting in liferay (CVE-2022-42114). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42113 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42113)
cross-site scripting in liferay (CVE-2022-42113). Risk of unauthorized operations or information disclosure. Exploitable via ``redirect``.
|
| CVE-2022-38902 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-38902)
cross-site scripting in liferay (CVE-2022-38902). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28980 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-28980)
cross-site scripting in liferay (CVE-2022-28980). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-38512 |
|
Vulnerability in liferay (CVE-2022-38512)
vulnerability in liferay (CVE-2022-38512). Confidential information can be exposed externally.
|
| CVE-2022-28981 |
|
Path Traversal in path-traversal (CVE-2022-28981)
path traversal in path-traversal (CVE-2022-28981). Confidential information can be exposed externally. Exploitable via ``parameter``.
|
| CVE-2022-28977 |
|
Open Redirect in liferay (CVE-2022-28977)
vulnerability in liferay (CVE-2022-28977). Risk of unauthorized operations or information disclosure. Exploitable via ``FORWARD_URL``.
|
| CVE-2022-39975 |
|
Vulnerability in liferay (CVE-2022-39975)
vulnerability in liferay (CVE-2022-39975). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28978 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-28978)
cross-site scripting in liferay (CVE-2022-28978). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28979 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-28979)
cross-site scripting in liferay (CVE-2022-28979). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28982 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-28982)
cross-site scripting in liferay (CVE-2022-28982). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26596 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26596)
cross-site scripting in liferay (CVE-2022-26596). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26597 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26597)
cross-site scripting in liferay (CVE-2022-26597). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26593 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26593)
cross-site scripting in liferay (CVE-2022-26593). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26595 |
|
Vulnerability in liferay (CVE-2022-26595)
vulnerability in liferay (CVE-2022-26595). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26594 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26594)
cross-site scripting in liferay (CVE-2022-26594). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-25146 |
|
Vulnerability in csrf (CVE-2022-25146)
vulnerability in csrf (CVE-2022-25146). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38265 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38265)
cross-site scripting in liferay (CVE-2021-38265). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38269 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38269)
cross-site scripting in liferay (CVE-2021-38269). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38267 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38267)
cross-site scripting in liferay (CVE-2021-38267). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38264 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38264)
cross-site scripting in liferay (CVE-2021-38264). Risk of unauthorized operations or information disclosure. Exploitable via ``keywords``.
|
| CVE-2021-38263 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38263)
cross-site scripting in liferay (CVE-2021-38263). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38266 |
|
Vulnerability in liferay (CVE-2021-38266)
vulnerability in liferay (CVE-2021-38266). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38268 |
|
Vulnerability in liferay (CVE-2021-38268)
vulnerability in liferay (CVE-2021-38268). Data can be tampered with by attackers.
|
| CVE-2020-7961 KEV |
|
[KEV] Unsafe Deserialization in liferay (CVE-2020-7961)
vulnerability in liferay (CVE-2020-7961). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-29049 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-29049)
cross-site scripting in liferay (CVE-2021-29049). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29052 |
|
Vulnerability in liferay (CVE-2021-29052)
vulnerability in liferay (CVE-2021-29052). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29051 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-29051)
cross-site scripting in liferay (CVE-2021-29051). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29048 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-29048)
cross-site scripting in liferay (CVE-2021-29048). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29043 |
|
Vulnerability in liferay (CVE-2021-29043)
vulnerability in liferay (CVE-2021-29043). Confidential information can be exposed externally.
|