搜尋

87 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

LOW3.7CVE-2026-45232EPSS 0.04%Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in s…2026/5/20
LOW3.7CVE-2026-3832EPSS 0.02%A flaw was found in gnutls.2026/4/30
LOW3.7CVE-2026-5419EPSS 0.04%A flaw was found in gnutls.2026/4/30
LOW3.3CVE-2026-21716EPSS 0.01%An incomplete fix for CVE-2024-36137 leaves `FileHandle.chmod()` and `FileHandle.chown()` in the promises API without the required permissi…2026/3/30
LOW3.3CVE-2026-21715EPSS 0.01%A flaw in Node.js Permission Model filesystem enforcement leaves `fs.realpathSync.native()` without the required read permission checks, wh…2026/3/30
LOW3.7CVE-2026-28753EPSS 0.03%NGINX ngx_mail_proxy_module vulnerability2026/3/24
LOW2.2CVE-2026-28422EPSS 0.01%Vim is an open source, command line text editor.2026/2/27
LOW2.9CVE-2026-23553EPSS 0.03%In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run.2026/1/28
LOW2.5CVE-2026-24515EPSS 0.01%In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.2026/1/23
LOW3.1CVE-2025-12817EPSS 0.06%PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege2025/11/13
LOW3.6CVE-2025-61985EPSS 0.06%ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.2025/10/6
LOW3.6CVE-2025-61984EPSS 0.01%ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leadi…2025/10/6
LOW3.1CVE-2025-8713EPSS 0.05%PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table2025/8/14
LOW3.7CVE-2025-49087EPSS 0.43%In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaint…2025/7/20
LOW3.6CVE-2025-27613EPSS 0.04%git - security update2025/7/10
LOW2.5CVE-2025-6170EPSS 0.04%A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files.2025/6/16
LOW3.7CVE-2025-23165EPSS 0.56%In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocate…2025/5/19
LOW2.5CVE-2024-58251EPSS 0.04%In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequ…2025/4/23
LOW3.3CVE-2025-46394EPSS 0.07%In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.2025/4/23
LOW3.8CVE-2025-32728EPSS 0.23%openssh - security update2025/4/10
LOW2.9CVE-2025-31160EPSS 0.02%atop - security update2025/3/26
LOW3.4CVE-2025-0167EPSS 0.33%When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to…2025/2/5
LOW3.6CVE-2024-37372EPSS 0.07%The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not al…2025/1/9
LOW3.4CVE-2024-11053EPSS 1.4%When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host t…2024/12/11
LOW3.7CVE-2024-10977EPSS 0.34%PostgreSQL libpq retains an error message from man-in-the-middle2024/11/14

第 1 / 4 頁下一頁 →