VulnScope — package-centric CVE lookup

Search

4,262 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH8.8CVE-2026-6638EPSS 0.02%PostgreSQL REFRESH PUBLICATION allows SQL injection via table name5/14/2026
HIGH8.8CVE-2026-6637EPSS 0.04%PostgreSQL refint allows stack buffer overflow and SQL injection5/14/2026
MEDIUM4.3EPSS 0.03%PostgreSQL pg_restore_attribute_stats accepts values that cause query planning to read past end of stats array5/14/2026
HIGH7.5EPSS 0.02%PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion5/14/2026
MEDIUM6.5EPSS 0.08%PostgreSQL discloses MD5-hashed passwords via covert timing channel5/14/2026
HIGH8.8EPSS 0.05%PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory5/14/2026
HIGH7.2EPSS 0.03%PostgreSQL pg_createsubscriber allows SQL injection via subscription name5/14/2026
HIGH8.8EPSS 0.05%PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice5/14/2026
MEDIUM4.3EPSS 0.03%PostgreSQL timeofday() can disclose portions of server memory5/14/2026
HIGH8.8EPSS 0.07%PostgreSQL server undersizes allocations, via integer wraparound5/14/2026
MEDIUM5.4EPSS 0.03%PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege5/14/2026
MEDIUM6.5EPSS 0.07%NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability5/13/2026
—EPSS 0.90%NGINX ngx_http_rewrite_module vulnerability5/13/2026
MEDIUM4.8EPSS 0.04%NGINX ngx_http_charset_module vulnerability5/13/2026
MEDIUM5.8EPSS 0.02%NGINX ngx_http_proxy_v2_module vulnerability5/13/2026
MEDIUM4.8EPSS 0.04%NGINX ngx_http_ssl_module vulnerability5/13/2026
MEDIUM6.5EPSS 0.03%NGINX ngx_quic_module vulnerability5/13/2026
MEDIUM5.3EPSS 0.08%Successfully using libcurl to do a transfer over a specific HTTP proxy (`proxyA`) with **Digest** authentication and then changing the prox…5/13/2026
MEDIUM5.3When curl is told to use the Certificate Status Request TLS extension, often referred to as *OCSP stapling*, to verify that the server cert…5/13/2026
MEDIUM5.3EPSS 0.02%When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first hos…5/13/2026
HIGH7.5EPSS 0.01%Using libcurl, when a custom `Host:` header is first set for an HTTP request and a second request is subsequently done using the same *easy…5/13/2026
MEDIUM5.9EPSS 0.03%curl might erroneously pass on credentials for a first proxy to a second proxy.5/13/2026
HIGH7.5EPSS 0.02%libcurl might in some circumstances reuse the wrong connection for SMB(S) transfers.5/13/2026
MEDIUM6.5EPSS 0.04%libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTP(S) request after a Negotiate-authenti…5/13/2026
MEDIUM5.9EPSS 0.01%A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool.5/13/2026

← PrevPage 4 of 171Next →