VulnScope — package-centric CVE lookup

Search

29,404 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH8.8CVE-2026-12020Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption…6/11/2026
HIGH8.3CVE-2026-12019Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised…6/11/2026
HIGH8.8Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privi…6/11/2026
HIGH8.3Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the rendere…6/11/2026
HIGH8.3Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a s…6/11/2026
HIGH8.8Use after free in Media in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruptio…6/11/2026
HIGH8.1Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially expl…6/11/2026
HIGH8.3Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer pr…6/11/2026
HIGH8.3Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer…6/11/2026
HIGH8.3Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who h…6/11/2026
HIGH8.3Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer pr…6/11/2026
HIGH8.8Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafte…6/11/2026
HIGH7.3Vim is an open source, command line text editor.6/11/2026
HIGH7.5Vim is an open source, command line text editor.6/11/2026
HIGH7.3Vim is an open source, command line text editor.6/11/2026
HIGH8.2MessagePack's LZ4 decompression may fail with AccessViolationException after dereferencing memory from bad input6/11/2026
HIGH7.2GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection6/11/2026
HIGH7.5Russh SSH message fields were decoded through allocation-first parsers before field-specific bounds6/11/2026
HIGH8.0AWS Advanced Go Wrapper has Privilege Escalation in Aurora PostgreSQL instance6/11/2026
HIGH7.1WsgiDAV encoded dot segments can escape filesystem share roots6/11/2026
HIGH7.6An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base).6/11/2026
CRITICAL9.8CodeIgniter4 has a validation bypass when uploading file extensions via `ext_in` rule6/11/2026
HIGH8.1Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in `keras/src/utils/fil…6/11/2026
CRITICAL9.1Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token6/11/2026
HIGH7.5@grpc/grpc-js: A malformed request can cause a server crash6/11/2026

← PrevPage 2 of 1177Next →