VulnScope — package-centric CVE lookup

Search

1,991 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH8.6CVE-2026-11527Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument i…6/14/2026
HIGH7.8Vim is an open source, command line text editor.6/11/2026
HIGH7.8Vim is an open source, command line text editor.6/11/2026
HIGH8.2Vim is an open source, command line text editor.6/11/2026
HIGH7.5Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied i…6/9/2026
LOW3.7Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provid…6/9/2026
HIGH7.5Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause…6/9/2026
HIGH7.5Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen str…6/9/2026
LOW3.7Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup…6/9/2026
HIGH7.5Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with…6/9/2026
HIGH7.4Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentic…6/9/2026
HIGH7.5Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frame…6/9/2026
HIGH8.1Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap…6/9/2026
HIGH8.0MariaDB: unsafe usage of `wsrep_sst_receive_address` values on the joiner side6/7/2026
HIGH8.0MariaDB: wsrep SST unsafe parameter handling on the donor side (rsync)6/7/2026
HIGH8.0MariaDB: wsrep SST unsafe parameter handling on the donor side6/7/2026
HIGH7.5Apache HTTP Server: mod_http2 denial of service6/3/2026
LOW3.17-Zip is a file archiver with a high compression ratio.5/29/2026
HIGH8.87-Zip is a file archiver with a high compression ratio.5/28/2026
HIGH7.1EPSS 0.06%A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes.5/27/2026
HIGH8.0EPSS 0.01%A flaw was found in Samba’s certificate auto-enrollment Group Policy handling.5/27/2026
HIGH8.2EPSS 0.23%A flaw was found in libgnutls.5/26/2026
HIGH8.2EPSS 0.05%A flaw was found in gnutls.5/26/2026
HIGH7.1EPSS 0.04%A flaw was found in gnutls.5/26/2026
HIGH8.5EPSS 0.39%A flaw was found in the Samba printing subsystem.5/26/2026

Page 1 of 80Next →