VulnScope — package-centric CVE lookup

Search

31,316 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.1CVE-2026-3553Incorrect Authorization in GitLab6/13/2026
HIGH8.7CVE-2026-10087Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab6/13/2026
HIGH7.5File Browser has incorrect access control for public directory shares via rule path rebasing6/12/2026
HIGH7.5Netty is a network application framework for development of protocol servers and clients.6/12/2026
HIGH7.5Netty is a network application framework for development of protocol servers and clients.6/12/2026
HIGH7.5Netty is a network application framework for development of protocol servers and clients.6/12/2026
HIGH7.5Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts.6/12/2026
HIGH7.7Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)6/12/2026
LOW3.7Tornado has out-of-bounds memory access via C extension6/12/2026
HIGH8.1Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasource base URL6/12/2026
HIGH7.5Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of webhook and automation schema6/12/2026
CRITICAL9.0Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign6/12/2026
HIGH7.2GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page6/12/2026
HIGH7.7Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection6/12/2026
HIGH8.7Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab6/12/2026
HIGH7.5Allocation of Resources Without Limits or Throttling in GitLab6/12/2026
LOW3.7Authorization Bypass Through User-Controlled Key in GitLab6/12/2026
HIGH8.7Authorization Bypass Through User-Controlled Key in GitLab6/12/2026
HIGH8.8In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize arbitrary types defined in…6/12/2026
HIGH8.8Use after free in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruptio…6/11/2026
HIGH8.3Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote atta…6/11/2026
LOW3.1Inappropriate implementation in Passwords in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised…6/11/2026
HIGH8.3Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the…6/11/2026
HIGH8.3Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer p…6/11/2026
HIGH8.3Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer proc…6/11/2026

Page 1 of 1253Next →