搜尋

82 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

CRITICAL9.6CVE-2026-45321⚠ KEVEPSS 17.1%Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys2026/5/12
HIGH8.8CVE-2026-34197⚠ KEVEPSS 83.5%Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans2026/4/7
CRITICAL9.9CVE-2025-68613⚠ KEVEPSS 65.8%n8n Vulnerable to Remote Code Execution via Expression Injection2025/12/22
CRITICAL10.0CVE-2025-55182⚠ KEVEPSS 84.5%React Server Components are Vulnerable to RCE2025/12/3
HIGH8.2CVE-2025-58360⚠ KEVEPSS 81.4%GeoServer is vulnerable to Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature2025/11/25
CRITICAL9.8CVE-2025-11953⚠ KEVEPSS 27.9%@react-native-community/cli has arbitrary OS command injection2025/11/3
HIGH7.5CVE-2025-54313⚠ KEVEPSS 14.7%eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, napi-postinstall have embedded malicious code2025/7/19
HIGH8.0CVE-2025-48384⚠ KEVEPSS 0.60%Git allows arbitrary code execution through broken config quoting2025/7/8
MEDIUM5.3CVE-2025-31125⚠ KEVEPSS 83.2%Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query2025/3/31
HIGH8.1CVE-2025-27363⚠ KEVEPSS 70.8%freetype - security update2025/3/11
CRITICAL9.8CVE-2025-24813⚠ KEVEPSS 94.1%tomcat9 - security update2025/3/10
CRITICAL9.8CVE-2025-24893⚠ KEVEPSS 93.7%XWiki Platform allows remote code execution as guest via SolrSearchMacros request2025/2/20
CRITICAL9.8CVE-2024-36401⚠ KEVEPSS 94.4%Remote Code Execution (RCE) vulnerability in geoserver2024/7/1
CRITICAL9.1CVE-2024-38475⚠ KEVEPSS 93.9%Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.2024/7/1
CRITICAL9.8CVE-2024-27348⚠ KEVEPSS 94.3%Apache HugeGraph-Server: Command execution in gremlin2024/4/22
CRITICAL9.8CVE-2024-23897⚠ KEVEPSS 94.5%Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE2024/1/24
CRITICAL10.0CVE-2023-46604⚠ KEVEPSS 94.4%Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack2023/10/27
MEDIUM5.3CVE-2023-44487⚠ KEVEPSS 94.4%github.com/nghttp2/nghttp2 has HTTP/2 Rapid Reset2023/10/10
HIGH8.8CVE-2023-5217⚠ KEVEPSS 5.0%Electron affected by libvpx's heap buffer overflow in vp8 encoding2023/9/28
CRITICAL9.8CVE-2022-24816⚠ KEVEPSS 94.0%Improper Control of Generation of Code ('Code Injection') in jai-ext2023/9/19
HIGH8.8CVE-2023-4863⚠ KEVEPSS 93.3%libwebp: OOB write in BuildHuffmanTable2023/9/12
CRITICAL9.8CVE-2023-33246⚠ KEVEPSS 94.4%Apache RocketMQ may have remote code execution vulnerability when using update configuration function2023/7/6
HIGH8.6CVE-2023-32315⚠ KEVEPSS 94.4%Administration Console authentication bypass in openfire xmppserver2023/5/23
CRITICAL9.6CVE-2022-4135⚠ KEVEPSS 0.08%Heap buffer overflow in GPU2022/11/25
HIGH7.5CVE-2022-36537⚠ KEVEPSS 93.9%ZK Framework vulnerable to malicious POST2022/8/27

第 1 / 4 頁下一頁 →