| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed |
| Stored cross-site scripting (XSS) vulnerability in the manage vocabulary page in Liferay Portal 7.4.2 through 7.4.3.87, and Liferay DXP 7.4 before update 88 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Vocabulary's 'description' text field. |
| Stored cross-site scripting (XSS) vulnerability in the Wiki widget in Liferay Portal 7.1.0 through 7.4.3.87, and Liferay DXP 7.0 fix pack 83 through 102, 7.1 fix pack 28 and earlier, 7.2 fix pack 20 and earlier, 7.3 update 33 and earlier, and 7.4 before update 88 allows remote attackers to inject arbitrary web script or HTML into a parent wiki page via a crafted payload injected into a wiki page's ‘Content’ text field. |
| Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data. |
