VulnScope — package-centric CVE lookup

Search

1,218 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.1CVE-2026-44070EPSS 0.12%An unbounded memory reallocation in the charset conversion code in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to c…5/21/2026
LOW3.9EPSS 0.01%An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information,…5/21/2026
LOW3.7EPSS 0.04%Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in s…5/20/2026
LOW3.5EPSS 0.03%GitHub CLI: GitHub Actions log output in `gh run view` allows terminal escape sequence injection5/19/2026
LOW3.1Strawberry GraphQL: Default GraphiQL may expose HTTP headers in URLs5/19/2026
LOW3.5EPSS 0.01%Open WebUI: Read-Only Users Can Toggle Note Pin Status via Incorrect Permission Check (Write via Read-Only Access)5/14/2026
LOW3.1EPSS 0.04%Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised t…5/14/2026
LOW3.1EPSS 0.03%Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer proc…5/14/2026
LOW3.1EPSS 0.04%Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromise…5/14/2026
LOW3.1EPSS 0.03%Insufficient policy enforcement in AI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer p…5/14/2026
LOW3.1EPSS 0.03%Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the…5/14/2026
LOW3.1EPSS 0.04%Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer proc…5/14/2026
LOW3.1EPSS 0.03%Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perfor…5/14/2026
LOW3.1EPSS 0.03%Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer proces…5/14/2026
LOW3.1EPSS 0.03%Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had…5/14/2026
LOW2.5EPSS 0.02%libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel.5/14/2026
LOW3.1dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction5/14/2026
LOW2.5dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled5/14/2026
LOW2.7EPSS 0.09%Synapse pagination Denial of Service5/14/2026
LOW3.7EPSS 0.10%Apache Tomcat: AJP secret compared in non-constant time5/12/2026
LOW3.8EPSS 0.04%Vulnerability in Wikimedia Foundation MediaWiki.5/11/2026
LOW3.7EPSS 0.01%Next.js's Middleware / Proxy redirects can be cache-poisoned5/11/2026
LOW3.7EPSS 0.01%Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting5/11/2026
LOW3.7EPSS 0.06%bettercap Has an Integer Coercion Error in modules/mysql_server/mysql_server.go5/11/2026
LOW3.7EPSS 0.02%bettercap Has an Integer Coercion Error in the ippReadChunkedBody Function5/11/2026

← PrevPage 4 of 49Next →