VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

5,301 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

HIGH8.0CVE-2026-55225Strimzi: Cross-namespace privilege escalation via `Kafka.spec.entityOperator`2026/6/18
HIGH7.5HAPI FHIR: Incomplete fix for CVE-2026-45367: DSTU2 FHIRPathEngine.matches() missing RegexTimeout protection allows ReDoS2026/6/17
HIGH7.5handlebars.java FileTemplateLoader Path Traversal2026/6/17
HIGH7.6LangChain4j: SQL injection via metadata filters in langchain4j-mariadb and langchain4j-pgvector2026/6/17
CRITICAL9.1Apache DolphinScheduler: The `/v2` experimental interface lacks permission checks2026/6/17
CRITICAL9.8Apache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure2026/6/17
HIGH8.6Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument i…2026/6/14
HIGH7.5Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion2026/6/12
HIGH7.5Netty: Wrapping plain trust manager silently disables hostname verification2026/6/12
HIGH7.5Netty: Unbounded pre-allocation in RedisArrayAggregator from RESP array length2026/6/12
HIGH7.2GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page2026/6/12
HIGH7.8Vim is an open source, command line text editor.2026/6/11
HIGH7.8Vim is an open source, command line text editor.2026/6/11
HIGH8.2Vim is an open source, command line text editor.2026/6/11
HIGH7.2GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection2026/6/11
HIGH7.5Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion2026/6/11
HIGH7.5Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator2026/6/11
HIGH7.5Acknowledgement extension out of memory2026/6/10
HIGH8.0Jenkins: Stored XSS vulnerability in node offline cause description2026/6/10
CRITICAL9.8GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.2026/6/10
HIGH8.1In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization2026/6/10
CRITICAL9.8Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification.2026/6/9
HIGH7.5Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied i…2026/6/9
HIGH7.5Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause…2026/6/9
HIGH7.5Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen str…2026/6/9

第 1 / 213 頁下一頁 →