0.0
CVE-2025-57719 -
Not used
2.3
CVE-2025-43733 -
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious payload is then reflected and executed within the user…
5.9
CVE-2025-41242 - CVE-2025-41242: Path traversal vulnerability on non-compliant Servlet containers
Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: * the application is deployed as a WAR or with an embedded Servlet container * the Se…
7.1
CVE-2025-47206 - File Station 5
An out-of-bounds write vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later
7
CVE-2025-5296 -
CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that could cause arbitrary data to be written to protected locations, potentially leading to escalation of privilege, arbitrary file corruption, exposure of application and system information or persistent…
8.7
CVE-2025-6625 -
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device.
5.9
CVE-2025-57703 - Reflected Cross-site Scripting in DIAEnergie
DIAEnergie - Reflected Cross-site Scripting
5.9
CVE-2025-57702 - Reflected Cross-site Scripting in DIAEnergie
DIAEnergie - Reflected Cross-site Scripting
5.9
CVE-2025-57701 - Reflected Cross-site Scripting in DIAEnergie
DIAEnergie - Reflected Cross-site Scripting
7
CVE-2025-57700 - Stored Cross-site Scripting in DIAEnergie
DIAEnergie - Stored Cross-site Scripting