1185 matches found
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell – Advanced Discovery & Exploitation Framework An...
Exploit for Deserialization of Untrusted Data in Facebook React
next88 - React Server Components RCE Scanner High-performance...
Exploit for Deserialization of Untrusted Data in Facebook React
react2shell-scanner A command-line tool for detecting CVE-202...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Exploitation Tool A comprehensive security res...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell A scanner for detecting and exploiting Next.js...
Exploit for Deserialization of Untrusted Data in Facebook React
react2shell-C...
Exploit for Deserialization of Untrusted Data in Facebook React
⚡ CVE-2025-55182 – Auto Exploit Toolkit Precision Engine...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182-poc-tool A powerful exploit tool for detecting...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Advanced Scanner A comprehensive command-line...
Exploit for Deserialization of Untrusted Data in Facebook React
Chain Reaction High-Performance Rust Scanner for React Serv...
Exploit for CVE-2025-55182
React2Shell Scanner High Fidelity Detection & Exploitation To...
Server-Side Request Forgery (SSRF)
Astro is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insecure and unsanitized use of the x-forwarded-proto and x-forwarded-port headers when constructing URLs, which allows an attacker to manipulate these headers to bypass protected routes, poison caches, trigger...
CVE-2025-64525
Astro is a web framework. In Astro versions 2.16.0 up to but excluding 5.15.5 which utilizeon-demand rendering, request headers x-forwarded-proto and x-forwarded-port are insecurely used, without sanitization, to build the URL. This has several consequences, the most important of which are:...
EUVD-2025-175298
Astro vulnerable to URL manipulation via headers, leading to middleware and CVE-2025-61925 bypass...
CVE-2025-64525
Summary: Astro 2.16.0 to before 5.15.5 is vulnerable to header-based URL manipulation due to insecure use of unsanitized x-forwarded-proto and x-forwarded-port when building URLs. What’s affected: Astro’s server-side URL construction path uses the header values to compose the request URL in code ...
CVE-2025-64525 Astro: URL manipulation via unsanitized headers leads to path-based middleware protections bypass, potential SSRF/cache-poisoning, CVE-2025-61925 bypass
Astro is a web framework. In Astro versions 2.16.0 up to but excluding 5.15.5 which utilizeon-demand rendering, request headers x-forwarded-proto and x-forwarded-port are insecurely used, without sanitization, to build the URL. This has several consequences, the most important of which are:...
PT-2025-46860
Name of the Vulnerable Software and Affected Versions Astro versions 2.16.0 through 5.15.4 Description Astro, a web framework, contains a flaw in its on-demand rendering feature where the x-forwarded-proto and x-forwarded-port request headers are used without proper sanitization when constructing...
CVE-2025-54858
When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End o...
EUVD-2025-34632
When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End o...
CVE-2025-61935 BIG-IP Advanced WAF and ASM vulnerability
When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...