Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
next next vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2022-24858
next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks option...
Nextauth.js Next-auth
668
VMScore
CVE-2018-17137
Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow malicious users to bypass intended access restrictions.
Prezi Next 1.3.101.11
NA
CVE-2023-45768
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Stephanie Leary Next Page plugin <= 1.5.2 versions.
Stephanieleary Next Page
383
VMScore
CVE-2021-21310
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. In next-auth before version 3.3.0 there is a token verification vulnerability. Implementations using the Prisma database adapter in conjunction with the Email provider are impacted. Implem...
Nextauth.js Next-auth
NA
CVE-2023-48309
NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an in...
Nextauth.js Next-auth
2 Github repositories
NA
CVE-2023-27490
NextAuth.js is an open source authentication solution for Next.js applications. `next-auth` applications using OAuth provider versions before `v4.20.1` have been found to be subject to an authentication vulnerability. A bad actor who can read traffic on the victim's network ...
Nextauth.js Next-auth
NA
CVE-2023-39507
Improper authorization in the custom URL scheme handler in "Rikunabi NEXT" App for Android prior to ver. 11.5.0 allows a malicious intent to lead the vulnerable App to access an arbitrary website.
Recruit Rikunabi Next
445
VMScore
CVE-2022-31093
NextAuth.js is a complete open source authentication solution for Next.js applications. In affected versions an attacker can send a request to an app using NextAuth.js with an invalid `callbackUrl` query parameter, which internally is converted to a `URL` object. The URL instanti...
Nextauth.js Next-auth
383
VMScore
CVE-2022-31127
NextAuth.js is a complete open source authentication solution for Next.js applications. An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauthsigninprovider) that contains some malicious HTML, tricki...
Nextauth.js Next-auth
552
VMScore
CVE-1999-1468
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
Sgi Irix 4.0
Sgi Irix 3.3.2
Sgi Irix 3.3.1
Sgi Irix 3.3.3
Next Next 2.1
Next Next 2.0
Sgi Irix 3.3
Sun Sunos 4.1psr A
Sun Sunos 4.0.3
Cray Unicos 6.0e
Cray Unicos 6.0
Sun Sunos 4.1
Sun Sunos 4.0.3c
Sun Sunos 4.1.1
Cray Unicos 6.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »