搜尋

24,184 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

MEDIUM5.3CVE-2026-47676Hono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths2026/6/4
MEDIUM5.3CVE-2026-47674Hono: IP Restriction bypasses static deny rules for non-canonical IPv62026/6/4
MEDIUM4.3CVE-2026-47675Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection2026/6/4
MEDIUM4.8CVE-2026-47673Hono: JWT middleware accepts any Authorization scheme, not only Bearer2026/6/4
MEDIUM5.9CVE-2026-48681OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.2026/6/4
MEDIUM6.5CVE-2026-49144EPSS 0.02%browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server2026/6/3
MEDIUM5.4CVE-2026-33244EPSS 0.03%React Router has stored XSS via unescaped Location header in prerendered redirect HTML2026/6/3
LOW3.7CVE-2026-44546daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processi…2026/6/3
MEDIUM6.3CVE-2026-49943EPSS 0.04%CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS_PATH mask matching implementation i…2026/6/2
LOW3.3CVE-2026-10528EPSS 0.01%A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11.2026/6/2
LOW3.3CVE-2026-10298EPSS 0.01%A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2.2026/6/1
MEDIUM4.3CVE-2026-46605EPSS 0.06%Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incomplete authorization during destination removal2026/6/1
MEDIUM6.1CVE-2026-42253EPSS 0.17%Apache ActiveMQ, Apache ActiveMQ Web: HTTP Response Header Injection via JMS Message Properties2026/6/1
MEDIUM5.9CVE-2026-49270EPSS 0.09%Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Durable Subscription Disclosure via Crafted BrokerInfo (OpenWire)2026/6/1
MEDIUM4.3CVE-2026-10294EPSS 0.03%A vulnerability has been found in PackageKit up to 1.3.5.2026/6/1
MEDIUM4.3CVE-2026-45729EPSS 0.03%Thor Vector Graphics (ThorVG) is a production-ready vector graphics engine.2026/6/1
MEDIUM5.0CVE-2026-10275EPSS 0.06%A flaw has been found in OpenSC up to 0.26.1.2026/6/1
MEDIUM5.5CVE-2025-60495EPSS 0.01%A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of GPAC Project/MP4Box before 26.02.0 allows a…2026/6/1
MEDIUM5.5CVE-2025-60486EPSS 0.01%A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a…2026/6/1
MEDIUM5.5CVE-2025-60485EPSS 0.01%A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of GPAC Project/MP4Box before 26.02.0 allows att…2026/6/1
MEDIUM5.5CVE-2025-60483EPSS 0.01%A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before…2026/6/1
MEDIUM5.5CVE-2025-60481EPSS 0.01%A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 allows attacker…2026/6/1
MEDIUM5.5CVE-2025-55664EPSS 0.01%A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of S…2026/6/1
CRITICAL9.6CVE-2026-47428Vitest browser mode serves unsanitized otelCarrier query parameter as inline script2026/6/1
CRITICAL9.8CVE-2026-47429When Vitest UI server is listening, arbitrary file can be read and executed2026/6/1

第 1 / 968 頁下一頁 →