VulnScope — 以套件為主體的 CVE 查詢工具- CRITICAL9.8CVE-2020-1938⚠ KEVEPSS 94.5%Improper Privilege Management in Tomcat
- HIGH7.5⚠ KEVEPSS 94.3%Directory traversal attack in Spring Cloud Config
- MEDIUM6.9⚠ KEVEPSS 34.7%Potential XSS vulnerability in jQuery
- HIGH8.8⚠ KEVEPSS 94.4%Nexus Repository Manager 3 - Remote Code Execution
- CRITICAL9.8⚠ KEVEPSS 94.4%libphp-phpmailer - security update
- HIGH7.5⚠ KEVEPSS 94.5%Improper Input Validation in Apache Solr
- CRITICAL9.8⚠ KEVEPSS 94.1%opensmtpd - security update
- CRITICAL9.9⚠ KEVEPSS 94.4%Remote Code Execution Vulnerability in NPM mongo-express
- HIGH7.2⚠ KEVEPSS 93.1%lucene-solr - security update
- CRITICAL10.0⚠ KEVEPSS 68.8%firefox-esr - security update
- HIGH8.8⚠ KEVEPSS 84.3%thunderbird - security update
- HIGH7.8⚠ KEVEPSS 89.6%Apache HTTP Server Privilege Escalation Vulnerability
- HIGH8.1⚠ KEVEPSS 94.4%Apache Struts vulnerable to remote command execution (RCE) due to improper input validation
- CRITICAL10.0⚠ KEVEPSS 94.3%Apache Struts vulnerable to remote arbitrary command execution due to improper input validation
- CRITICAL9.8⚠ KEVEPSS 94.3%Spring Data Commons remote code injection vulnerability
- HIGH8.1⚠ KEVEPSS 94.2%When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server
- HIGH8.1⚠ KEVEPSS 94.3%REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering
- HIGH7.8⚠ KEVEPSS 35.9%roundcube - security update
- CRITICAL9.8⚠ KEVEPSS 94.2%samba - security update
- HIGH7.8⚠ KEVEPSS 92.9%ghostscript - security update