Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
next vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-7467
AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f substring in a URI.
Axxonsoft Next -
5.4
CVSSv3
CVE-2016-6055
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...
Ibm Rational Requirements Composer 4.0.1
Ibm Rational Requirements Composer 4.0.2
Ibm Rational Requirements Composer 4.0.3
Ibm Rational Requirements Composer 4.0.4
Ibm Rational Doors Next Generation 6.0.0
Ibm Rational Doors Next Generation 6.0.2
Ibm Rational Requirements Composer 4.0.5
Ibm Rational Requirements Composer 4.0.7
Ibm Rational Doors Next Generation 5.0
Ibm Rational Doors Next Generation 5.0.0
Ibm Rational Doors Next Generation 5.0.1
Ibm Rational Doors Next Generation 5.0.2
Ibm Rational Doors Next Generation 6.0.1
Ibm Rational Requirements Composer 4.0.6
4.3
CVSSv3
CVE-2016-6060
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547.
Ibm Rational Doors Next Generation 5.0
Ibm Rational Doors Next Generation 5.0.1
Ibm Rational Doors Next Generation 6.0.0
Ibm Rational Requirements Composer 4.0.3
Ibm Rational Requirements Composer 4.0.5
Ibm Rational Doors Next Generation 6.0.1
Ibm Rational Doors Next Generation 6.0.2
Ibm Rational Requirements Composer 4.0.1
Ibm Rational Requirements Composer 4.0.2
Ibm Rational Requirements Composer 4.0.7
Ibm Rational Doors Next Generation 5.0.0
Ibm Rational Doors Next Generation 5.0.2
Ibm Rational Requirements Composer 4.0.4
Ibm Rational Requirements Composer 4.0.6
5.4
CVSSv3
CVE-2017-1546
IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted s...
Ibm Rational Doors Next Generation 6.0
Ibm Rational Doors Next Generation 6.0.2
Ibm Rational Doors Next Generation 6.0.3
Ibm Rational Doors Next Generation 6.0.4
Ibm Rational Requirements Composer 4.0
Ibm Rational Requirements Composer 4.0.7
Ibm Rational Requirements Composer 5.0
Ibm Rational Requirements Composer 5.0.1
Ibm Rational Requirements Composer 5.0.2
Ibm Rational Doors Next Generation 6.0.1
9.1
CVSSv3
CVE-2022-35924
NextAuth.js is a complete open source authentication solution for Next.js applications. `next-auth` users who are using the `EmailProvider` either in versions before `4.10.3` or `3.29.10` are affected. If an attacker could forge a request that sent a comma-separated list of email...
Nextauth.js Next-auth
6.1
CVSSv3
CVE-2022-29214
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implementing an OAuth 1 provider. Versions 3.29.3 and 4.3.3 contain a patch for this iss...
Nextauth.js Next-auth
7.5
CVSSv3
CVE-2022-31093
NextAuth.js is a complete open source authentication solution for Next.js applications. In affected versions an attacker can send a request to an app using NextAuth.js with an invalid `callbackUrl` query parameter, which internally is converted to a `URL` object. The URL instanti...
Nextauth.js Next-auth
6.1
CVSSv3
CVE-2022-31127
NextAuth.js is a complete open source authentication solution for Next.js applications. An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauthsigninprovider) that contains some malicious HTML, tricki...
Nextauth.js Next-auth
3.3
CVSSv3
CVE-2022-31186
NextAuth.js is a complete open source authentication solution for Next.js applications. An information disclosure vulnerability in `next-auth` before `v4.10.2` and `v3.29.9` allows an attacker with log access privilege to obtain excessive information such as an identity provider&...
Next-auth Nextauth.js
5.3
CVSSv3
CVE-2023-48309
NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an in...
Nextauth.js Next-auth
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »