Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
next vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-7467
AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f substring in a URI.
Axxonsoft Next -
4
CVSSv2
CVE-2016-6060
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547.
Ibm Rational Doors Next Generation 5.0
Ibm Rational Doors Next Generation 5.0.1
Ibm Rational Doors Next Generation 6.0.0
Ibm Rational Requirements Composer 4.0.3
Ibm Rational Requirements Composer 4.0.5
Ibm Rational Doors Next Generation 6.0.1
Ibm Rational Doors Next Generation 6.0.2
Ibm Rational Requirements Composer 4.0.1
Ibm Rational Requirements Composer 4.0.2
Ibm Rational Requirements Composer 4.0.7
Ibm Rational Doors Next Generation 5.0.0
Ibm Rational Doors Next Generation 5.0.2
Ibm Rational Requirements Composer 4.0.4
Ibm Rational Requirements Composer 4.0.6
3.5
CVSSv2
CVE-2016-6055
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...
Ibm Rational Requirements Composer 4.0.1
Ibm Rational Requirements Composer 4.0.2
Ibm Rational Requirements Composer 4.0.3
Ibm Rational Requirements Composer 4.0.4
Ibm Rational Doors Next Generation 6.0.0
Ibm Rational Doors Next Generation 6.0.2
Ibm Rational Requirements Composer 4.0.5
Ibm Rational Requirements Composer 4.0.7
Ibm Rational Doors Next Generation 5.0
Ibm Rational Doors Next Generation 5.0.0
Ibm Rational Doors Next Generation 5.0.1
Ibm Rational Doors Next Generation 5.0.2
Ibm Rational Doors Next Generation 6.0.1
Ibm Rational Requirements Composer 4.0.6
3.5
CVSSv2
CVE-2017-1546
IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted s...
Ibm Rational Doors Next Generation 6.0
Ibm Rational Doors Next Generation 6.0.2
Ibm Rational Doors Next Generation 6.0.3
Ibm Rational Doors Next Generation 6.0.4
Ibm Rational Requirements Composer 4.0
Ibm Rational Requirements Composer 4.0.7
Ibm Rational Requirements Composer 5.0
Ibm Rational Requirements Composer 5.0.1
Ibm Rational Requirements Composer 5.0.2
Ibm Rational Doors Next Generation 6.0.1
NA
CVE-2023-45768
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Stephanie Leary Next Page plugin <= 1.5.2 versions.
Stephanieleary Next Page
NA
CVE-2023-39507
Improper authorization in the custom URL scheme handler in "Rikunabi NEXT" App for Android prior to ver. 11.5.0 allows a malicious intent to lead the vulnerable App to access an arbitrary website.
Recruit Rikunabi Next
NA
CVE-2023-27490
NextAuth.js is an open source authentication solution for Next.js applications. `next-auth` applications using OAuth provider versions before `v4.20.1` have been found to be subject to an authentication vulnerability. A bad actor who can read traffic on the victim's network ...
Nextauth.js Next-auth
NA
CVE-2023-48309
NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an in...
Nextauth.js Next-auth
2 Github repositories
7.5
CVSSv2
CVE-2018-17137
Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow malicious users to bypass intended access restrictions.
Prezi Next 1.3.101.11
5
CVSSv2
CVE-2022-31093
NextAuth.js is a complete open source authentication solution for Next.js applications. In affected versions an attacker can send a request to an app using NextAuth.js with an invalid `callbackUrl` query parameter, which internally is converted to a `URL` object. The URL instanti...
Nextauth.js Next-auth
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »