Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
next vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-35924
NextAuth.js is a complete open source authentication solution for Next.js applications. `next-auth` users who are using the `EmailProvider` either in versions before `4.10.3` or `3.29.10` are affected. If an attacker could forge a request that sent a comma-separated list of email...
Nextauth.js Next-auth
NA
CVE-2023-39507
Improper authorization in the custom URL scheme handler in "Rikunabi NEXT" App for Android prior to ver. 11.5.0 allows a malicious intent to lead the vulnerable App to access an arbitrary website.
Recruit Rikunabi Next
383
VMScore
CVE-2022-31127
NextAuth.js is a complete open source authentication solution for Next.js applications. An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauthsigninprovider) that contains some malicious HTML, tricki...
Nextauth.js Next-auth
NA
CVE-2022-31186
NextAuth.js is a complete open source authentication solution for Next.js applications. An information disclosure vulnerability in `next-auth` before `v4.10.2` and `v3.29.9` allows an attacker with log access privilege to obtain excessive information such as an identity provider&...
Next-auth Nextauth.js
NA
CVE-2023-48309
NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an in...
Nextauth.js Next-auth
2 Github repositories
NA
CVE-2023-27490
NextAuth.js is an open source authentication solution for Next.js applications. `next-auth` applications using OAuth provider versions before `v4.20.1` have been found to be subject to an authentication vulnerability. A bad actor who can read traffic on the victim's network ...
Nextauth.js Next-auth
312
VMScore
CVE-2017-1546
IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted s...
Ibm Rational Doors Next Generation 6.0
Ibm Rational Doors Next Generation 6.0.2
Ibm Rational Doors Next Generation 6.0.3
Ibm Rational Doors Next Generation 6.0.4
Ibm Rational Requirements Composer 4.0
Ibm Rational Requirements Composer 4.0.7
Ibm Rational Requirements Composer 5.0
Ibm Rational Requirements Composer 5.0.1
Ibm Rational Requirements Composer 5.0.2
Ibm Rational Doors Next Generation 6.0.1
312
VMScore
CVE-2017-1127
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sess...
Ibm Rational Requirements Composer 4.0
Ibm Rational Requirements Composer 4.0.0
Ibm Rational Doors Next Generation 5.0.2
Ibm Rational Doors Next Generation 6.0.0
Ibm Rational Doors Next Generation 6.0.1
Ibm Rational Doors Next Generation 6.0.2
Ibm Rational Requirements Composer 4.0.0.2
Ibm Rational Requirements Composer 4.0.2
Ibm Rational Doors Next Generation 5.0
Ibm Rational Doors Next Generation 5.0.1
Ibm Rational Requirements Composer 4.0.3
Ibm Rational Requirements Composer 4.0.4
Ibm Rational Requirements Composer 4.0.5
Ibm Rational Requirements Composer 4.0.6
Ibm Rational Requirements Composer 4.0.7
Ibm Rational Requirements Composer 4.0.0.1
Ibm Rational Requirements Composer 4.0.1
Ibm Rational Doors Next Generation 6.0
Ibm Rational Doors Next Generation 5.0.0
552
VMScore
CVE-1999-1468
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
Next Next 2.0
Sgi Irix 3.3.3
Next Next 2.1
Sgi Irix 3.3
Sgi Irix 3.3.1
Sgi Irix 3.3.2
Sgi Irix 4.0
Cray Unicos 6.0e
Sun Sunos 4.1.1
Cray Unicos 6.1
Sun Sunos 4.0.3
Sun Sunos 4.0.3c
Sun Sunos 4.1
Cray Unicos 6.0
Sun Sunos 4.1psr A
312
VMScore
CVE-2019-10325
A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and previous versions allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages.
Jenkins Warnings Next Generation
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »