15 matches found
CVE-2026-27979
Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 16.1.7, a request containing the next-resume: 1 header corresponding with a PPR resume request would buffer request bodies without consistently enforcing maxPostponedStateSize in...
CVE-2026-27979 Next.js: Unbounded postponed resume buffering can lead to DoS
Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 16.1.7, a request containing the next-resume: 1 header corresponding with a PPR resume request would buffer request bodies without consistently enforcing maxPostponedStateSize in...
CVE-2026-27979 Next.js: Unbounded postponed resume buffering can lead to DoS
Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 16.1.7, a request containing the next-resume: 1 header corresponding with a PPR resume request would buffer request bodies without consistently enforcing maxPostponedStateSize in...
EUVD-2026-12692
Next.js: Unbounded postponed resume buffering can lead to DoS...
Next.js: Unbounded postponed resume buffering can lead to DoS
Summary A request containing the next-resume: 1 header corresponding with a PPR resume request would buffer request bodies without consistently enforcing maxPostponedStateSize in certain setups. The previous mitigation protected minimal-mode deployments, but equivalent non-minimal deployments...
EUVD-2023-59973
Malicious code in bioql PyPI...
CVE-2023-53353
In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: postpone memmgr IDR destruction to hprivrelease The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffe...
XWiki () Has been postponed
...
XWiki () Has been postponed
...
CVE-2024-9325 Intelbras InControl incontrol-service-watchdog.exe unquoted search path
A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files x86\Intelbras\Incontrol Cliente\incontrolwebcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to...
nekkyo-singapore.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1137943 Security Researcher g0bl1nsec Helped patch 3754 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting nekkyo-singapore.com...
DNSSEC Keysigning Ceremony Postponed Because of Locked Safe
Interesting collision of real-world and Internet security: The ceremony sees several trusted internet engineers a minimum of three and up to seven from across the world descend on one of two secure locations -- one in El Segundo, California, just south of Los Angeles, and the other in Culpeper,...
onkes-fritsching.de XSS vulnerability
Open Bug Bounty ID: OBB-677057 Description| Value ---|--- Affected Website:| onkes-fritsching.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
buscaoposiciones.com XSS vulnerability
Open Bug Bounty ID: OBB-629754 Description| Value ---|--- Affected Website:| buscaoposiciones.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
thelegacy.de XSS vulnerability
Open Bug Bounty ID: OBB-318592 Description| Value ---|--- Affected Website:| thelegacy.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...