VulnScope — package-centric CVE lookup

MEDIUM6.5CVE-2019-5786⚠ KEVEPSS 89.9%chromium - security update9/2/2020

HIGH8.8⚠ KEVEPSS 93.7%Command Injection in Kylin7/27/2020

CRITICAL9.8⚠ KEVEPSS 94.5%Improper Privilege Management in Tomcat6/15/2020

HIGH7.5⚠ KEVEPSS 94.3%Directory traversal attack in Spring Cloud Config6/5/2020

MEDIUM6.9⚠ KEVEPSS 34.7%Potential XSS vulnerability in jQuery4/29/2020

HIGH8.8⚠ KEVEPSS 94.4%Nexus Repository Manager 3 - Remote Code Execution4/14/2020

HIGH7.5⚠ KEVEPSS 94.5%Improper Input Validation in Apache Solr2/12/2020

CRITICAL9.9⚠ KEVEPSS 94.4%Remote Code Execution Vulnerability in NPM mongo-express12/30/2019

HIGH7.2⚠ KEVEPSS 93.1%lucene-solr - security update8/1/2019

HIGH8.1⚠ KEVEPSS 94.4%Apache Struts vulnerable to remote command execution (RCE) due to improper input validation10/18/2018

CRITICAL10.0⚠ KEVEPSS 94.3%Apache Struts vulnerable to remote arbitrary command execution due to improper input validation10/18/2018

CRITICAL9.8⚠ KEVEPSS 94.3%Spring Data Commons remote code injection vulnerability10/17/2018

HIGH8.1⚠ KEVEPSS 94.2%When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server10/17/2018

HIGH8.1⚠ KEVEPSS 94.3%REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering10/16/2018