CVE-2026-23869

A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...

React Server Components are Vulnerable to RCE

Impact There is an unauthenticated remote code execution vulnerability in React Server Components. We recommend upgrading immediately. The vulnerability is present in versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 of: react-server-dom-webpack react-server-dom-parcel react-server-dom-turbopack Patche...

CVE-2025-55182

CVE-2025-55182 is a pre-auth remote code execution vulnerability in React Server Components (versions 19.0.0, 19.1.0, 19.1.1, 19.2.0) affecting react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The issue arises from unsafe deserialization of payloads in HTTP reque...

CVE-2019-9758

An issue was discovered in LabKey Server 19.1.0. The display name of a user is vulnerable to stored XSS that can execute on administrators from security/permissions.view, security/addUsers.view, or wiki/Administration/page.view in the admin panel, leading to privilege escalation...

CVE-2019-5032

An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

PT-2024-3073 · Oracle · Oracle Hospitality Simphony

Name of the Vulnerable Software and Affected Versions: Oracle Hospitality Simphony versions 19.1.0 through 19.5.4 Description: The issue is related to insufficient input validation in the Simphony Enterprise Server component. It allows a low-privileged attacker with network access via HTTP to...

PT-2023-9067 · Oracle · Oracle Hospitality Simphony

Name of the Vulnerable Software and Affected Versions: Oracle Hospitality Simphony versions 19.1.0 through 19.5.4 Description: The issue is related to insufficient input validation in the Simphony Enterprise Server component. It allows an unauthenticated attacker with network access via HTTP to...

PT-2023-9068 · Oracle · Oracle Hospitality Simphony

Name of the Vulnerable Software and Affected Versions: Oracle Hospitality Simphony versions 19.1.0 through 19.5.4 Description: The issue is related to insufficient input validation in the Simphony Enterprise Server component of Oracle Hospitality Simphony, allowing a remote attacker to execute...

CVE-2019-9926

An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability...

Cross site request forgery (csrf)

An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability...

CVE-2019-9926

An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability...

CVE-2019-5032

An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

Out-of-bounds

An exploitable out-of-bounds read vulnerability exists in the Number record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

CVE-2019-5032

An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

Aspose Aspose.Cells Number record parser code execution vulnerability

Aspose Aspose.Cells is an Excel spreadsheet programming API Application Programming Interface from Aspose Australia.Number record parser is one of the number record parser. A code execution vulnerability exists in the Number record parser in Aspose Aspose.Cells version 19.1.0, which can be...