Lucene search
K

10 matches found

GithubExploit
GithubExploit
added 2025/12/12 9:54 p.m.413 views

Exploit for CVE-2025-55183

React Server Components Security Lab CVE-2025-55183 & CVE-202...

7.5CVSS6.6AI score0.65592EPSS
Exploits13
NCSC
NCSC
added 2025/12/12 10:46 a.m.10 views

Vulnerabilities fixed in React Server Components

Meta has fixed vulnerabilities in React Server Components Parcel, Turbopack and Webpack Specifically for versions 19.0.2, 19.1.3 and 19.2.2. The vulnerabilities are related to insecure deserialization of HTTP request payloads, which can lead to Denial-of-Service attacks and server hangs. This...

7.5CVSS7.2AI score0.65592EPSS
Exploits13References4
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.7 views

Node.js React Server Components Denial of Service (CVE-2025-67779)

Multiple Node.js React Server Components packages are affected by a denial of service vulnerability. The following Node.js packages and versions are affected: - react-server-dom-webpack 19.0.2, 19.1.3, 19.2.2 - react-server-dom-parcel 19.0.2, 19.1.3, 19.2.2 - react-server-dom-turbopack 19.0.2,...

7.5CVSS6.2AI score0.1888EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2025/12/11 11:36 p.m.7 views

CVE-2025-67779

It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19.0.2, 19.1.3 and 19.2.2 are affected, allowing unsafe deserialization of payloads from HTTP requests...

7.5CVSS6.4AI score0.1888EPSS
Exploits3References2
CVE
CVE
added 2025/12/11 11:36 p.m.29 views

CVE-2025-67779

CVE-2025-67779 describes a denial-of-service vulnerability in React Server Components caused by an incomplete fix for unsafe deserialization. The issue allows crafted HTTP payloads to Server Function endpoints to trigger an infinite loop, tying up CPU and potentially making the server unresponsiv...

7.5CVSS6.4AI score0.1888EPSS
Exploits3References2Affected Software1
CNVD
CNVD
added 2020/07/20 12:0 a.m.1 views

Cisco SD-WAN vManage Software XML External Entity Injection Vulnerability

Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. An XML external entity injection vulnerability exists in the Web UI in Cisco SD-WAN vManage Software versions 19.2.2 and earlier, which stems from the program's failure to...

7.3CVSS7.3AI score0.01281EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/17 12:0 a.m.3 views

Cisco SD-WAN vManage Software Cross-Site Scripting Vulnerability

Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. A cross-site scripting vulnerability exists in the web management interface in Cisco SD-WAN vManage Software versions 19.2.2 and earlier, which stems from the program failing...

6.4CVSS6.7AI score0.00819EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/20 12:0 a.m.2 views

Cisco SD-WAN Solution vManage Cross-Site Scripting Vulnerability

Cisco SD-WAN Solution is a set of network extension solutions from Cisco. vManage is a network management system. A cross-site scripting vulnerability exists in the Web UI in Cisco SD-WAN Solution vManage Releases prior to 19.2.2, which stems from the program failing to adequately validate...

5.5CVSS6.7AI score0.00805EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/19 12:0 a.m.1 views

Cisco SD-WAN Solution Buffer Overflow Vulnerability (CNVD-2020-19235)

Cisco SD-WAN Solution is a set of network extension solutions from Cisco. A buffer overflow vulnerability exists in Cisco SD-WAN Solution Releases prior to 19.2.2, which stems from a failure to adequately validate input. A local attacker could exploit this vulnerability by sending specially craft...

7.1CVSS6.8AI score0.00727EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/19 12:0 a.m.2 views

Cisco SD-WAN Solution Command Injection Vulnerability (CNVD-2020-19236)

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco. the CLI is a command line interface. A command injection vulnerability exists in the CLI in versions prior to Cisco SD-WAN Solution Release 19.2.2, which stems from the program failing to adequately perform input...

7.8CVSS7.6AI score0.00557EPSS
Exploits0References1
Rows per page
Query Builder