Lucene search
K

485 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-49005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. In Next.js App Router from 15.3.0 to before 15.3.3 and Vercel CLI from 41.4.1 to 42.2.0, ...

3.7CVSS7.2AI score0.00403EPSS
Exploits1References2
NVD
NVD
added 2025/08/14 7:15 a.m.42 views

CVE-2025-8949

A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function getpingappstat of the file pingresponse.cgi of the component httpd. The manipulation of the argument pingipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The...

9.8CVSS0.00858EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/13 12:0 a.m.1 views

INSTAR 2K+和INSTAR 4K 安全漏洞

INSTAR 2K+ and INSTAR 4K are both webcams from INSTAR, a German company. A security vulnerability exists in INSTAR 2K+ and INSTAR 4K version 3.11.1 Build 1124, which originates in the Backend IPC Server component could lead to a denial of service attack...

8.7CVSS7.4AI score0.06397EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/27 4:14 p.m.15 views

CVE-2025-34136

An SQL injection vulnerability exists in Commvault 11.32.0 - 11.32.93, 11.36.0 - 11.36.51, and 11.38.0 - 11.38.19 Web Server component that allows a remote, unauthenticated attacker to perform SQL Injection. The vulnerability impacts systems where the CommServe and Web Server roles are installed...

6.9CVSS7.5AI score0.00464EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/25 12:0 a.m.3 views

PT-2025-30892 · Commvault · Commvault

Name of the Vulnerable Software and Affected Versions: Commvault versions 11.32.0 through 11.32.93 Commvault versions 11.36.0 through 11.36.51 Commvault versions 11.38.0 through 11.38.19 Description: An SQL injection vulnerability exists in the Web Server component that could allow a remote,...

6.9CVSS7.1AI score0.00464EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/15 12:0 a.m.1 views

PT-2025-29646

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 8.0.0 through 8.0.42 Oracle MySQL versions 8.4.0 through 8.4.5 Oracle MySQL versions 9.0.0 through 9.3.0 Description A vulnerability exists in the Server: DDL component of Oracle MySQL Server. This vulnerability allows a...

7.5CVSS5AI score0.01226EPSS
Exploits2References310
Veracode
Veracode
added 2025/07/04 5:36 a.m.7 views

Cache Poisoning

Next.js is vulnerable to cache poisoning. The vulnerability is due to HTML page requests returning a React Server Component RSC payload under certain conditions, which allows an attacker to poison the cache if the CDN does not correctly differentiate between RSC and HTML content...

3.7CVSS6AI score0.00403EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2025/07/03 9:15 p.m.5 views

CVE-2025-49005

Next.js is a React framework for building full-stack web applications. In Next.js App Router from 15.3.0 to before 15.3.3 and Vercel CLI from 41.4.1 to 42.2.0, a cache poisoning vulnerability was found. The issue allowed page requests for HTML content to return a React Server Component RSC payloa...

3.7CVSS0.00403EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/03 9:1 p.m.11 views

CVE-2025-49005 Next.js cache poisoning due to omission of Vary header

Next.js is a React framework for building full-stack web applications. In Next.js App Router from 15.3.0 to before 15.3.3 and Vercel CLI from 41.4.1 to 42.2.0, a cache poisoning vulnerability was found. The issue allowed page requests for HTML content to return a React Server Component RSC payloa...

3.7CVSS0.00403EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/07/03 9:1 p.m.3 views

CVE-2025-49005 Next.js cache poisoning due to omission of Vary header

Next.js is a React framework for building full-stack web applications. In Next.js App Router from 15.3.0 to before 15.3.3 and Vercel CLI from 41.4.1 to 42.2.0, a cache poisoning vulnerability was found. The issue allowed page requests for HTML content to return a React Server Component RSC payloa...

3.7CVSS6.8AI score0.00403EPSS
Exploits1References5
CVE
CVE
added 2025/07/03 9:1 p.m.125 views

CVE-2025-49005

Next.js CVE-2025-49005 affects Next.js App Router (versions 15.3.0 to before 15.3.3) and Vercel CLI (41.4.1 to 42.2.0). A cache poisoning vulnerability could cause HTML requests to return a React Server Component payload under certain conditions. When deployed on Vercel, impact is limited to the ...

3.7CVSS6.3AI score0.00403EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2025/07/03 9:1 p.m.7 views

CVE-2025-49005 Next.js cache poisoning due to omission of Vary header

Next.js is a React framework for building full-stack web applications. In Next.js App Router from 15.3.0 to before 15.3.3 and Vercel CLI from 41.4.1 to 42.2.0, a cache poisoning vulnerability was found. The issue allowed page requests for HTML content to return a React Server Component RSC payloa...

3.7CVSS7.1AI score0.00403EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.4 views

PT-2025-27835

Name of the Vulnerable Software and Affected Versions: Next.js versions 15.3.0 through 15.3.2 Vercel CLI versions 41.4.1 through 42.1.0 Description: A cache poisoning issue was found in Next.js App Router and Vercel CLI, allowing page requests for HTML content to return a React Server Component R...

3.7CVSS7.2AI score0.00403EPSS
Exploits1References14
vulnersOsv
vulnersOsv
added 2025/06/10 9:30 a.m.4 views

ai.tripl:arc-jupyter_2.11 (>=0.0.13 <=0.0.14), ai.tripl:arc-kafka-pipeline-plugin_2.11 (>=1.0.0 <=1.4.0) +224 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.11 (>=2.0.0 <=2.4.1)

org.apache.kafka:kafka2.11 MAVEN version =2.0.0, =0.0.13, =1.0.0, =1.14.0, =2.8.0, =3.0.0-M1 - com.daasyyds.presto:daasyyds-hive-connector-patch =0.276.1-202209.1 and more Source cves: CVE-2025-27819 Source advisory: OSV:GHSA-MCWH-C9PG-XW43...

7.5CVSS6.4AI score0.00871EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:53 a.m.9 views

CVE-2024-24683

Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the...

6.5CVSS6.8AI score0.01239EPSS
Exploits0References1
OSV
OSV
added 2025/05/11 7:15 p.m.3 views

CVE-2025-4544

A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument defmax/deftime/deftcpmax/deftcptime/defudpmax/defudptime/deficmpmax leads to...

7.2CVSS5.9AI score0.0654EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/04/14 12:0 a.m.3 views

PT-2025-18458

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue has been resolved in the Linux kernel, specifically in the ksmbd component. The problem occurs when the ksmbd connection is referenced after the ksmbd server threa...

7.8CVSS6.6AI score0.00153EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2012-0087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown...

4CVSS5.9AI score0.03006EPSS
Exploits0References2
OSV
OSV
added 2024/11/21 1:16 p.m.6 views

CLSA-2024-1732195001 krb5: Fix of CVE-2024-26462

CVE-2024-26462: Fix memory leak vulnerability in src/kdc/ndr.c...

5.5CVSS6.7AI score0.00437EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.3 views

MiroTalk 安全漏洞

MiroTalk is a simple, secure, and fast real-time video conferencing software by the individual developer Miroslav Pejic. A security vulnerability exists in MiroTalk that stems from incorrect access control in the app/src/server.js component...

7.5CVSS6.8AI score0.00648EPSS
Exploits0References4
Rows per page
Query Builder