Lucene search
K

19 matches found

Snyk
Snyk
added 2026/04/08 9:10 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview next is a react framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the createMap, createSet, and extractIterator functions in packages/react-server/src/ReactFlightReplyServer.js. An attacker can crash the server by...

8.7CVSS5.8AI score0.01551EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2026/04/06 8:52 p.m.2 views

CVE-2026-35394 Mobile Next has Arbitrary Android Intent Execution via mobile_open_url

Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls...

8.3CVSS6.2AI score0.00387EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28584

Name of the Vulnerable Software and Affected Versions @mobilenext/mobile-mcp versions prior to 0.0.49 Description The @mobilenext/mobile-mcp server contains a Path Traversal vulnerability in the mobile save screenshot and mobile start screen recording tools. The saveTo and output parameters are...

8.1CVSS6AI score0.00489EPSS
Exploits1References10
Snyk
Snyk
added 2025/12/12 12:3 a.m.7 views

Deserialization of Untrusted Data

Overview next is a react framework. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to unsafe deserialization of payloads from HTTP requests to Server Function endpoints. An attacker can cause the server process to enter an infinite loop and hang,...

8.7CVSS6.9AI score0.65592EPSS
Exploits13References2
GithubExploit
GithubExploit
added 2025/12/04 11:4 a.m.186 views

Exploit for CVE-2025-55182

CVE-2025-55182 React2Shell Detection Tool Detection tools for...

10CVSS7AI score0.99562EPSS
Exploits372
CNNVD
CNNVD
added 2025/10/12 12:0 a.m.3 views

IBM Engineering Requirements Management DOORS Next 安全漏洞

IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A security vulnerability exists in IBM Engineering Requirements Managemen...

6.5CVSS6.2AI score0.00279EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/12 12:0 a.m.8 views

IBM Engineering Requirements Management DOORS Next 安全漏洞

IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A security vulnerability exists in IBM Engineering Requirements Managemen...

3.5CVSS6.2AI score0.00166EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-1999-1372

Malware in sbrugna...

7.2CVSS6.4AI score0.00411EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2025/08/29 12:31 p.m.10 views

@anjy7/navbar-cms (=0.0.5), @contentql/core (>=0.1.2 <=0.3.5) +14 more potentially affected by CVE-2025-4643 via @payloadcms/next (>=3.0.0-alpha.46 <=3.44.0-internal.6b79dc2)

@payloadcms/next NPM version =3.0.0-alpha.46, =0.1.2, =0.1.0, =3.2.0, =0.2.0, =0.1.0, =0.1.4, =1.0.0, =0.0.5, =0.0.1, =0.0.9-alpha.52, =0.0.5, =3.0.0-beta.3, =0.0.3, =1.0.0 and more Source cves: CVE-2025-4643 Source advisory: OSV:GHSA-5V66-M237-HWF7...

6.3CVSS5.7AI score0.00484EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/05/09 12:0 a.m.9 views

Vulnerability of software for managing IBM Engineering Requirements Management DOORS: Next, a vulnerability related to insufficient protection of registration data, which allows attackers to disclose protected information.

The vulnerability of the IBM Engineering Requirements Management DOORS Next software lies in the insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information remotely...

7.8CVSS5.4AI score0.00442EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2025/03/05 12:0 a.m.5 views

openSUSE Security Advisory (SUSE-SU-2025:0764-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.8AI score0.01193EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.4 views

IBM Engineering Requirements Management DOORS Next Code Issue Vulnerability

IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A code issue vulnerability exists in IBM Engineering Requirements...

8.2CVSS7AI score0.00678EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/26 12:0 a.m.27 views

EulerOS Virtualization 3.0.6.6 : net-snmp (EulerOS-SA-2023-2400)

According to the versions of the net-snmp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in net-snmp. A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds...

8.8CVSS6.8AI score0.01299EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/07/01 12:0 a.m.3 views

Net-SNMP 代码问题漏洞

Net-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices, computer devices, UPS devices, and more. A code issue vulnerability exists in Net-SNMP that stems from a misformatted OID in GET-NEXT of nsVacmAccessTable that could resul...

6.5CVSS7AI score0.01105EPSS
Exploits0References19
OSV
OSV
added 2022/01/28 11:9 p.m.15 views

GHSA-WR66-VRWM-5G5X Denial of Service Vulnerability in next.js

Impact Vulnerable code could allow a bad actor to trigger a denial of service attack for anyone running a Next.js app at version = 12.0.0, and using i18n functionality. - Affected: All of the following must be true to be affected by this CVE - Next.js versions above v12.0.0 - Using next start or ...

5.9CVSS7AI score0.02153EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2018/10/15 9:43 p.m.5 views

@nteract/commuter (=5.6.9), @nteract/play (=1.6.8) +4 more potentially affected by CVE-2018-18282 via next (>=7.0.0 <=7.0.1)

next NPM version =7.0.0, =7.0.0, =0.30.0, =2.0.0, =0.1.1, =0.1.4 Source cves: CVE-2018-18282 Source advisory: OSV:GHSA-QW96-MM2G-C8M7...

6.1CVSS6.3AI score0.0103EPSS
Exploits0
Prion
Prion
added 2018/02/27 9:29 p.m.18 views

Directory traversal

AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f substring in a URI...

5CVSS7.5AI score0.10516EPSS
Exploits2References1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.23 views

CVE-1999-1391

Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions...

6.6AI score0.00411EPSS
Exploits0References4
NVD
NVD
added 1990/10/03 4:0 a.m.16 views

CVE-1999-1391

Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions...

7.2CVSS0.00411EPSS
Exploits0References4
Rows per page
Query Builder