VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

2,548 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

HIGH8.6CVE-2026-11527Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument i…2026/6/14
HIGH7.8Vim is an open source, command line text editor.2026/6/11
HIGH7.8Vim is an open source, command line text editor.2026/6/11
HIGH8.2Vim is an open source, command line text editor.2026/6/11
CRITICAL9.8GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.2026/6/10
CRITICAL9.8Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification.2026/6/9
HIGH7.5Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied i…2026/6/9
LOW3.7Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provid…2026/6/9
HIGH7.5Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause…2026/6/9
HIGH7.5Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen str…2026/6/9
CRITICAL9.1Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fi…2026/6/9
LOW3.7Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup…2026/6/9
HIGH7.5Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with…2026/6/9
HIGH7.4Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentic…2026/6/9
HIGH7.5Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frame…2026/6/9
HIGH8.1Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap…2026/6/9
CRITICAL9.1Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex…2026/6/9
HIGH8.0MariaDB: unsafe usage of `wsrep_sst_receive_address` values on the joiner side2026/6/7
CRITICAL9.8MariaDB: Argument injection in CONNECT REST Xcurl on Windows via unsanitized URL2026/6/7
CRITICAL9.8MariaDB: mysql_real_escape_string() incorrectly handled big52026/6/7
HIGH8.0MariaDB: wsrep SST unsafe parameter handling on the donor side (rsync)2026/6/7
HIGH8.0MariaDB: wsrep SST unsafe parameter handling on the donor side2026/6/7
HIGH7.5Apache HTTP Server: mod_http2 denial of service2026/6/3
LOW3.17-Zip is a file archiver with a high compression ratio.2026/5/29
HIGH8.87-Zip is a file archiver with a high compression ratio.2026/5/28

第 1 / 102 頁下一頁 →