VulnScope — package-centric CVE lookup

Search

19,490 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

MEDIUM4.9CVE-2026-11789A flaw was found in 389 Directory Server.6/9/2026
MEDIUM5.9CVE-2026-11788A flaw was found in 389 Directory Server.6/9/2026
MEDIUM5.0A flaw was found in 389 Directory Server.6/9/2026
LOW1.9A flaw was found in 389 Directory Server.6/9/2026
MEDIUM4.3A flaw was found in 389 Directory Server.6/9/2026
MEDIUM5.3Spring MVC and WebFlux applications are vulnerable to Multipart request smuggling attacks.6/9/2026
LOW3.7A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero-argument method invocation, even within res…6/9/2026
MEDIUM5.3Applications which accept user-supplied Spring Expression Language (SpEL) expressions may be vulnerable to a Denial of Service (DoS) attack…6/9/2026
LOW3.7Applications may be vulnerable to a Regular Expression Denial of Service (ReDoS) attack if an attacker is able to provide a pattern which i…6/9/2026
MEDIUM4.8Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL.6/9/2026
MEDIUM5.9Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arb…6/9/2026
MEDIUM4.2A Spring MVC or Spring WebFlux application which configures a mapping for "/**" where the view name is not explicitly specified allows an a…6/9/2026
MEDIUM5.9Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static resources.6/9/2026
MEDIUM5.9Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources.6/9/2026
MEDIUM5.9Spring WebFlux applications are vulnerable to Denial of Service (DoS) attacks when processing multipart requests.6/9/2026
MEDIUM4.2A WebFlux application with a compromised subdomain (for example, compromised via cross-site scripting (XSS)) is vulnerable to an escalation…6/9/2026
MEDIUM4.8IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, which may be possible to exploit in comb…6/9/2026
MEDIUM4.5A security vulnerability has been detected in tmux up to 3.6a.6/9/2026
MEDIUM5.4Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a…6/9/2026
MEDIUM5.3Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer p…6/9/2026
MEDIUM4.3Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via…6/9/2026
LOW3.1Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compr…6/9/2026
LOW3.1Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had comp…6/9/2026
MEDIUM4.3Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin…6/9/2026
LOW3.1Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utili…6/9/2026

← PrevPage 3 of 780Next →