Latest CVE Feed
-
7.5
HIGHCVE-2025-3586
In Liferay Portal 7.4.3.27 through 7.4.3.42, and Liferay DXP 2024.Q1.1 through 2024.Q1.20, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 27 through update 42 (Liferay PaaS, and Liferay Self-Hosted), the Objects module does not res... Read more
- Published: Sep. 01, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Authentication
-
5.1
MEDIUMCVE-2025-44017
"Gunosy" App contains a vulnerability where sensitive information may be included in the application's outbound communication. If a user accesses a crafted URL, an attacker may obtain the JWT (JSON Web Token).... Read more
Affected Products :- Published: Sep. 02, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Information Disclosure
-
5.9
MEDIUMCVE-2025-36133
IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the contai... Read more
Affected Products : app_connect_enterprise_certified_container- Published: Sep. 01, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Information Disclosure
-
8.7
HIGHCVE-2025-57799
StreamVault is a multi-platform video parsing and downloading tool. Prior to version 250822, after logging into the StreamVault-system, an attacker can modify certain system parameters, construct malicious commands, execute command injection attacks again... Read more
Affected Products :- Published: Sep. 01, 2025
- Modified: Sep. 02, 2025
- Vuln Type: Injection