VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

4,429 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

CRITICAL9.0CVE-2026-55203HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allo…2026/6/18
CRITICAL9.8python-statemachine SCXML <data expr> Eval Injection2026/6/18
CRITICAL9.1Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content-Length headers with differing value…2026/6/17
CRITICAL9.1Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, fo…2026/6/17
CRITICAL9.3Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak2026/6/17
CRITICAL9.1Apache Airflow SFTP provider: Path traversal in SFTPHook.retrieve_directory2026/6/17
CRITICAL9.1Apache DolphinScheduler: The `/v2` experimental interface lacks permission checks2026/6/17
CRITICAL9.8Apache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure2026/6/17
CRITICAL9.6Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a…2026/6/17
CRITICAL9.8Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API2026/6/16
CRITICAL9.1vLLM: OpenAI auth bypass2026/6/16
CRITICAL9.6Langflow: Unauthenticated RCE in Shareable Playgrounds2026/6/16
CRITICAL9.1Mitigation bypass in the DOM: Security component.2026/6/16
CRITICAL9.1Same-origin policy bypass in the Networking: Cookies component.2026/6/16
CRITICAL9.6Sandbox escape due to incorrect boundary conditions in the Networking component.2026/6/16
CRITICAL9.6Sandbox escape in the DOM: Navigation component.2026/6/16
CRITICAL9.6Sandbox escape in the DOM: Workers component.2026/6/16
CRITICAL9.1Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery.2026/6/15
CRITICAL9.1Socket versions before 2.041 for Perl have an out-of-bounds heap read.2026/6/15
CRITICAL9.6Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the rendere…2026/6/11
CRITICAL9.1Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token2026/6/11
CRITICAL9.8GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.2026/6/10
CRITICAL9.8Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification.2026/6/9
CRITICAL9.1Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fi…2026/6/9
CRITICAL9.3In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the…2026/6/9

第 1 / 178 頁下一頁 →