VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

645 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

CRITICAL9.8CVE-2026-45447Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification.2026/6/9
LOW3.7Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provid…2026/6/9
CRITICAL9.1Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fi…2026/6/9
LOW3.7Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup…2026/6/9
CRITICAL9.1Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex…2026/6/9
CRITICAL9.0EPSS 0.39%A flaw was found in Samba.2026/5/26
CRITICAL9.8EPSS 0.04%A use-after-free vulnerability exists within the DNS-over-HTTPS implementation.2026/5/20
CRITICAL10.0EPSS 0.03%NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section.2026/5/20
CRITICAL9.8EPSS 0.32%NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and…2026/5/20
LOW3.7EPSS 0.04%Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in s…2026/5/20
CRITICAL9.8EPSS 0.10%NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least one client-controlled NGINX variable (fo…2026/5/19
CRITICAL9.8EPSS 0.13%A flaw was found in gnutls.2026/5/7
CRITICAL9.8EPSS 0.02%Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()2026/5/5
LOW3.7EPSS 0.02%A flaw was found in gnutls.2026/4/30
CRITICAL9.1EPSS 0.10%A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow du…2026/4/30
LOW3.7EPSS 0.04%A flaw was found in gnutls.2026/4/30
CRITICAL9.8EPSS 0.07%PJSIP is a free and open source multimedia communication library written in C.2026/4/21
CRITICAL9.8EPSS 0.02%Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption2026/4/16
LOW2.9EPSS 0.01%libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.2026/4/16
CRITICAL9.8EPSS 0.02%Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs2026/4/8
CRITICAL9.1EPSS 0.03%Botan is a C++ cryptography library.2026/4/7
CRITICAL9.8EPSS 0.01%Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platfor…2026/4/7
CRITICAL9.1EPSS 0.02%PJSIP is a free and open source multimedia communication library written in C.2026/3/31
LOW3.3EPSS 0.01%An incomplete fix for CVE-2024-36137 leaves `FileHandle.chmod()` and `FileHandle.chown()` in the promises API without the required permissi…2026/3/30
LOW3.3EPSS 0.01%A flaw in Node.js Permission Model filesystem enforcement leaves `fs.realpathSync.native()` without the required read permission checks, wh…2026/3/30

第 1 / 26 頁下一頁 →