VulnScope — package-centric CVE lookup

Search

4,262 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

CRITICAL10.0CVE-2026-42960EPSS 0.03%NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section.5/20/2026
HIGH7.5EPSS 0.06%NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a cras…5/20/2026
HIGH7.5EPSS 0.06%NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID…5/20/2026
MEDIUM5.3EPSS 0.06%NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negati…5/20/2026
MEDIUM5.3EPSS 0.05%NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade res…5/20/2026
HIGH7.5EPSS 0.07%NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of inc…5/20/2026
HIGH7.8EPSS 0.00%In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`).5/20/2026
HIGH7.5EPSS 0.02%NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could e…5/20/2026
CRITICAL9.8EPSS 0.32%NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and…5/20/2026
MEDIUM5.3EPSS 0.06%NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--e…5/20/2026
LOW3.7EPSS 0.04%Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in s…5/20/2026
MEDIUM5.5EPSS 0.02%Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a ma…5/20/2026
MEDIUM6.3EPSS 0.01%Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, re…5/20/2026
HIGH8.1EPSS 0.06%Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is no…5/20/2026
MEDIUM4.8EPSS 0.01%Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforc…5/20/2026
HIGH8.8EPSS 0.01%libheif is a HEIF and AVIF file format decoder and encoder.5/19/2026
MEDIUM6.5EPSS 0.05%libheif is a HEIF and AVIF file format decoder and encoder.5/19/2026
MEDIUM6.5EPSS 0.06%libheif is a HEIF and AVIF file format decoder and encoder.5/19/2026
CRITICAL9.8EPSS 0.10%NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least one client-controlled NGINX variable (fo…5/19/2026
HIGH7.8EPSS 0.01%The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a gr…5/19/2026
MEDIUM6.5EPSS 0.01%Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering.5/19/2026
HIGH7.5EPSS 0.49%A flaw was found in gnutls.5/18/2026
MEDIUM5.4LIBPNG is a reference library for use in applications that process PNG (Portable Network Graphics) raster image files.5/16/2026
HIGH7.0EPSS 0.02%Vim is an open source, command line text editor.5/15/2026
—EPSS 0.01%Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructio…5/15/2026

← PrevPage 3 of 171Next →