VulnScope — package-centric CVE lookup

Search

250 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.5CVE-2025-67639EPSS 0.04%Jenkins has a CSRF vulnerability on the login form12/10/2025
LOW2.7EPSS 0.01%Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions12/10/2025
LOW3.7EPSS 0.01%Keycloak unable to restrict access to the admin console12/2/2025
LOW3.7EPSS 0.05%NutzBoot vulnerable to deserialization12/1/2025
LOW2.8EPSS 0.01%Mustangproject allows exfiltrating files via XXE attacks11/28/2025
LOW3.7EPSS 0.03%WSO2's Input Validation Management Service contains Observable Discrepancy when Multi-Attribute Login is enabled9/26/2025
LOW3.7EPSS 0.13%xxl-job has Inadequate Encryption Strength7/18/2025
LOW3.3EPSS 0.14%Jenkins User1st uTester Plugin vulnerability exposes unencrypted token to authenticated users7/9/2025
LOW3.1EPSS 0.12%Jenkins Testsigma Test Plan vulnerability exposes API keys via job configuration form7/9/2025
LOW3.5EPSS 0.15%XXL SSO is vulnerable to an Open Redirect through malicious manipulation of the redirect_url argument6/26/2025
LOW3.1EPSS 0.08%Spring Framework DataBinder Case Sensitive Match Exception5/16/2025
LOW2.7EPSS 0.12%The lesscss script service allows cache clearing without programming right4/29/2025
LOW3.8EPSS 0.09%Solr script service doesn't take dropped programming right into account4/29/2025
LOW2.7EPSS 0.50%Apereo CAS has inefficient regular expression complexity4/27/2025
LOW3.1EPSS 0.09%Jenkins Zoho QEngine Plugin Displays Unmasked API Keys3/19/2025
LOW3.3EPSS 0.11%Snowflake JDBC Driver client-side encryption key in DEBUG logs3/13/2025
LOW3.8EPSS 0.20%Keycloak allows cross-site scripting (XSS)2/18/2025
LOW2.6EPSS 0.12%Jenkins Zoom Plugin is Missing Password Field Masking2/4/2025
LOW3.7EPSS 0.14%Spring LDAP data exposure vulnerability12/4/2024
LOW2.7EPSS 0.17%Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path11/25/2024
LOW3.7EPSS 1.2%Eclipse Jetty URI parsing of invalid authority10/14/2024
LOW3.1EPSS 0.56%Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks10/14/2024
LOW3.1EPSS 0.07%Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials9/26/2024
LOW3.3EPSS 0.10%Apache Hadoop: Temporary File Local Information Disclosure9/25/2024
LOW3.1EPSS 0.32%Apache Druid: Users can provide MySQL JDBC properties not on allow list9/17/2024

← PrevPage 2 of 10Next →