NPM: Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting

NPM: Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting vulnerability discovered by ? in WordPress Npm next versions = 13.4.6, 15.5.16...

NPM: Next.js has cross-site scripting in beforeInteractive scripts with untrusted input

NPM: Next.js has cross-site scripting in beforeInteractive scripts with untrusted input vulnerability discovered by ? in WordPress Npm next versions = 13.0.0, 15.5.16...

NPM: Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades

NPM: Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades vulnerability discovered by ? in WordPress Npm next versions = 13.4.13, 15.5.16...

CVE-2025-48953

Umbraco is an ASP.NET content management system CMS. Starting in version 14.0.0 and prior to versions 15.4.2 and 16.0.0, it's possible to upload a file that doesn't adhere with the configured allowable file extensions via a manipulated API request. The issue is patched in versions 15.4.2 and...

org.keycloak:keycloak-guides (>=16.0.0 <=16.1.1), org.keycloak:keycloak-guides-maven-plugin (>=16.0.0 <=16.1.1) +3 more potentially affected by CVE-2024-9666 via org.keycloak:keycloak-quarkus-server (>=16.0.0 <=16.1.1)

org.keycloak:keycloak-quarkus-server MAVEN version =16.0.0, =16.0.0, =16.0.0, =16.0.0, =16.0.0, =16.0.0, =16.1.1 Source cves: CVE-2024-9666 Source advisory: OSV:GHSA-JGWC-JH89-RPGQ...

PT-2023-23114 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 16.0 through 16.0.5 GitLab EE versions 16.1 through 16.1.0 Description: A sensitive information leak issue has been discovered, allowing access to titles of private issues and merge requests. Recommendations: For GitLab EE...

CVE-2020-27729

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, an undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI...

Format string

In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel TMM to restart, resulting in a...

Visual Studio 2019 Security Update (16.11.54)

This security update applies to all editions of Visual Studio 2019 between versions 16.0.0 and 16.11.53, and will update client machines to version 16.11.54. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in orde...