VulnScope — package-centric CVE lookup

Search

54,101 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

MEDIUM5.4CVE-2026-6269Incorrect Authorization in GitLab6/13/2026
LOW3.1CVE-2026-3553Incorrect Authorization in GitLab6/13/2026
MEDIUM6.5Allocation of Resources Without Limits or Throttling in GitLab6/13/2026
MEDIUM4.3Improper Restriction of Rendered UI Layers or Frames in GitLab6/13/2026
HIGH8.7Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab6/13/2026
HIGH7.5File Browser has incorrect access control for public directory shares via rule path rebasing6/12/2026
MEDIUM6.8File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope6/12/2026
MEDIUM6.5File Browser has a DoS Vulnerability via Public Login API6/12/2026
MEDIUM6.9Netty is a network application framework for development of protocol servers and clients.6/12/2026
HIGH7.5Netty is a network application framework for development of protocol servers and clients.6/12/2026
HIGH7.5Netty is a network application framework for development of protocol servers and clients.6/12/2026
HIGH7.5Netty is a network application framework for development of protocol servers and clients.6/12/2026
MEDIUM4.8Netty is a network application framework for development of protocol servers and clients.6/12/2026
MEDIUM5.3Netty is a network application framework for development of protocol servers and clients.6/12/2026
MEDIUM6.7A flaw was found in QEMU's virtio-blk device.6/12/2026
MEDIUM5.3OpenTelemetry-cpp is the C++ implementation of OpenTelemetry.6/12/2026
MEDIUM6.5Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint6/12/2026
MEDIUM6.5Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint6/12/2026
MEDIUM5.4Fabric.js improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization6/12/2026
MEDIUM5.3Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations.6/12/2026
MEDIUM5.9Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks.6/12/2026
HIGH7.5Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts.6/12/2026
HIGH7.7Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)6/12/2026
LOW3.7Tornado has out-of-bounds memory access via C extension6/12/2026
MEDIUM5.9gorest InMemorySecret2FA race condition allows process crash via concurrent map access (CWE-362)6/12/2026

Page 1 of 2165Next →