VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

84 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

HIGH8.8CVE-2026-42271⚠ KEVEPSS 4.1%LiteLLM: Authenticated command execution via MCP stdio test endpoints2026/4/25
CRITICAL9.8⚠ KEVEPSS 56.9%LiteLLM has SQL Injection in Proxy API key verification2026/4/24
CRITICAL9.8⚠ KEVEPSS 80.7%Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass2026/4/8
HIGH8.8⚠ KEVEPSS 83.5%Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans2026/4/7
—⚠ KEVEPSS 23.9%Trivy ecosystem supply chain was briefly compromised in github.com/aquasecurity/trivy2026/3/30
CRITICAL9.8⚠ KEVEPSS 24.0%Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint2026/3/17
HIGH8.8⚠ KEVEPSS 32.7%Langflow CORS misconfiguration enables Account Takeover and RCE2025/12/6
HIGH8.2⚠ KEVEPSS 81.4%GeoServer is vulnerable to Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature2025/11/25
HIGH8.0⚠ KEVEPSS 0.60%Git allows arbitrary code execution through broken config quoting2025/7/8
CRITICAL9.8⚠ KEVEPSS 92.7%Langflow Unauth RCE2025/6/17
HIGH8.1⚠ KEVEPSS 70.8%freetype - security update2025/3/11
CRITICAL9.8⚠ KEVEPSS 94.1%Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT2025/3/10
CRITICAL9.8⚠ KEVEPSS 93.7%XWiki Platform allows remote code execution as guest via SolrSearchMacros request2025/2/20
CRITICAL9.8⚠ KEVEPSS 94.4%Remote Code Execution (RCE) vulnerability in geoserver2024/7/1
CRITICAL9.1⚠ KEVEPSS 93.9%Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.2024/7/1
CRITICAL9.8⚠ KEVEPSS 94.3%Apache HugeGraph-Server: Command execution in gremlin2024/4/22
CRITICAL9.8⚠ KEVEPSS 94.5%Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE2024/1/24
CRITICAL10.0⚠ KEVEPSS 94.4%Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack2023/10/27
MEDIUM5.3⚠ KEVEPSS 94.4%nghttp2 - security update2023/10/10
CRITICAL9.8⚠ KEVEPSS 94.0%Improper Control of Generation of Code ('Code Injection') in jai-ext2023/9/19
HIGH8.8⚠ KEVEPSS 93.3%thunderbird - security update2023/9/12
CRITICAL9.8⚠ KEVEPSS 94.4%Apache RocketMQ may have remote code execution vulnerability when using update configuration function2023/7/6
HIGH8.6⚠ KEVEPSS 94.4%Administration Console authentication bypass in openfire xmppserver2023/5/23
HIGH8.9⚠ KEVEPSS 84.0%Apache Superset: Session validation vulnerability when using provided default SECRET_KEY2023/4/24
HIGH7.5⚠ KEVEPSS 93.9%ZK Framework vulnerable to malicious POST2022/8/27

第 1 / 4 頁下一頁 →