搜尋

1,751 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

CRITICAL9.1CVE-2026-46621Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection2026/5/27
CRITICAL9.8CVE-2026-46562Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override2026/5/27
CRITICAL9.1CVE-2026-44632Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`2026/5/27
CRITICAL9.0CVE-2026-4408EPSS 0.39%A flaw was found in Samba.2026/5/26
CRITICAL9.8CVE-2026-3593EPSS 0.04%A use-after-free vulnerability exists within the DNS-over-HTTPS implementation.2026/5/20
LOW3.7CVE-2026-45232EPSS 0.04%Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in s…2026/5/20
CRITICAL9.6CVE-2026-2587GlassFish's gadget handler is vulnerable to RCE2026/5/19
CRITICAL9.8CVE-2026-45083EPSS 0.05%Goobi viewer - Core: Unauthenticated Solr Streaming Expression Proxy2026/5/13
CRITICAL9.1CVE-2026-33117EPSS 0.03%Security feature bypass vulnerability in Azure Key Vault Keys library for Java2026/5/12
CRITICAL9.1CVE-2026-43515EPSS 0.10%Apache Tomcat - Security constraints not correctly applied2026/5/12
LOW3.7CVE-2026-43514EPSS 0.10%Apache Tomcat - AJP secret compared in non-constant time2026/5/12
CRITICAL9.8CVE-2026-43512EPSS 0.14%Apache Tomcat - Digest authenticator will authenticate any unknown user2026/5/12
CRITICAL9.8CVE-2026-41293EPSS 0.25%Apache Tomcat - HTTP/2 request headers not validated2026/5/12
CRITICAL9.1CVE-2026-45091EPSS 0.01%sealed-env: TOTP secret embedded in unseal token payload (enterprise mode)2026/5/12
CRITICAL9.1CVE-2026-27478EPSS 0.03%Unity Catalog has a JWT Issuer Validation Bypass tht Allows Complete User Impersonation2026/5/11
CRITICAL9.8CVE-2026-42010EPSS 0.13%A flaw was found in gnutls.2026/5/7
CRITICAL9.1CVE-2026-40982EPSS 0.14%Spring Cloud Config vulnerable to Path Traversal2026/5/7
CRITICAL9.1CVE-2026-42555EPSS 0.30%Valtimo has SpEL injection via StandardEvaluationContext that allows Remote Code Execution by admin users2026/5/6
LOW3.7CVE-2026-44242EPSS 0.05%Micronaut has Unbounded `bundleCache` in `ResourceBundleMessageSource` that Allows Memory Exhaustion via `Accept-Language` Header2026/5/6
CRITICAL9.1CVE-2026-40010EPSS 0.11%Apache Wicket has a Session Fixation issue2026/5/6
CRITICAL9.0CVE-2026-44221EPSS 0.01%ArcadeDB vulnerable to cross-database authorization bypass and unsecured newly-created databases2026/5/5
CRITICAL9.8CVE-2026-28780EPSS 0.02%Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()2026/5/5
LOW2.4CVE-2026-42188EPSS 0.03%Geyser Vulnerable to Server-Side Request Forgery (SSRF) via Player Head Texture URL in Geyser2026/5/5
CRITICAL10.0CVE-2026-7411EPSS 0.13%Eclipse BaSyx Java Server SDK vulnerable to Path Traversal2026/5/5
CRITICAL9.0CVE-2026-41901EPSS 0.10%Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns2026/5/4

第 1 / 71 頁下一頁 →