CVE-2025-3526 – Liferay Portal SessionClicks HTTP Session Memory Consumption Denial-of-Service (DoS)

June 16, 2025

CVE ID : CVE-2025-3526

Published : June 16, 2025, 3:15 p.m. | 3 hours, 6 minutes ago

Description : SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to denial-of-service (DoS) conditions via crafted HTTP requests.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3594 – Liferay Portal Xuggler Path Traversal Remote File Inclusion

Next Article CVE-2025-48976 – Apache Commons FileUpload Denial of Service (DoS) Vulnerability

Highlights

CVE-2025-30419 – NI Circuit Design Suite SymbolEditor Out-of-Bounds Read Vulnerability

May 15, 2025

CVE ID : CVE-2025-30419

Published : May 15, 2025, 5:15 p.m. | 2 hours, 45 minutes ago

Description : There is a memory corruption vulnerability due to an out of bounds read in GetSymbolBorderRectSize() when using the SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Citrix waarschuwt voor misbruik van kritiek lek in NetScaler ADC en Gateway

June 26, 2025

Intehill 13.4″ 4K+ Touchscreen Portable Monitor U13ZT Review

June 17, 2025

AI updates from the past week: OpenAI Codex adds internet access, Mistral releases coding assistant, and more — June 6, 2025

June 6, 2025

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

This is Microsoft’s canceled Windows-based Surface Duo — the dual-screen Windows Phone from 2018 that we never got

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

This is Microsoft’s canceled Windows-based Surface Duo — the dual-screen Windows Phone from 2018 that we never got

Looking for an Ubuntu Manual? Try This Book

CVE-2025-3526 – Liferay Portal SessionClicks HTTP Session Memory Consumption Denial-of-Service (DoS)

Why the tech industry needs to stand firm on preserving end-to-end encryption

Is your phone spying on you? | Unlocked 403 cybersecurity podcast (S2E5)

Build an enterprise synthetic data strategy using Amazon Bedrock

CVE-2025-46628 – Tenda RX2 Pro Remote Root Shell Access Vulnerability

MediaAI.art – Turn Photos into Art & AI Videos

Want AI to work for your business? Then privacy needs to come first

CVE-2025-30419 – NI Circuit Design Suite SymbolEditor Out-of-Bounds Read Vulnerability

Citrix waarschuwt voor misbruik van kritiek lek in NetScaler ADC en Gateway

Intehill 13.4″ 4K+ Touchscreen Portable Monitor U13ZT Review

AI updates from the past week: OpenAI Codex adds internet access, Mistral releases coding assistant, and more — June 6, 2025

CVE-2025-3526 – Liferay Portal SessionClicks HTTP Session Memory Consumption Denial-of-Service (DoS)

Related Posts