搜尋

25,550 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

HIGH7.5CVE-2026-34077React Router vulnerable to Denial of Service via reflected user input in single-fetch2026/6/4
HIGH7.6CVE-2026-45337Better Auth: Device authorization approve and deny accept any authenticated session while the user code is pending2026/6/4
HIGH7.5CVE-2026-44496Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection2026/6/4
HIGH7.5CVE-2026-44488Allocation of Resources Without Limits or Throttling in Axios2026/6/4
HIGH7.5CVE-2026-44486Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection2026/6/4
HIGH8.8CVE-2026-49143EPSS 0.15%browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler2026/6/3
HIGH7.5CVE-2026-42342EPSS 0.05%React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint2026/6/3
HIGH8.1CVE-2026-42211EPSS 0.25%React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE2026/6/3
HIGH8.0CVE-2026-33245EPSS 0.03%React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets2026/6/3
LOW3.7CVE-2026-44546daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processi…2026/6/3
HIGH7.5CVE-2026-50031ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages.2026/6/3
LOW3.3CVE-2026-10528EPSS 0.01%A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11.2026/6/2
LOW3.3CVE-2026-10298EPSS 0.01%A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2.2026/6/1
HIGH8.8CVE-2026-49157EPSS 0.06%Apache ActiveMQ: Authenticated low-privilege Web users retain Jolokia broker-management capability by default2026/6/1
HIGH8.1CVE-2026-42588EPSS 0.06%Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Remote Code Execution via Jolokia addNetworkConnector2026/6/1
HIGH8.8CVE-2026-45505EPSS 0.10%Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Jolokia `addNetworkConnector` Discovery Wrapper Bypass2026/6/1
HIGH7.8CVE-2026-43958EPSS 0.01%A flaw was found in rrdcached, a component of rrdtool.2026/6/1
HIGH7.8CVE-2026-46243EPSS 0.02%In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key…2026/6/1
HIGH7.8CVE-2026-10118EPSS 0.07%A flaw was found in Poppler's Splash backend.2026/6/1
HIGH8.1CVE-2026-47412praisonai-platform: Any workspace member can delete the entire workspace via DELETE /workspaces/{id}2026/6/1
HIGH8.3CVE-2026-47415praisonai-platform: Issue endpoints accept any issue_id without workspace ownership check, cross-workspace read/update/delete IDOR2026/6/1
CRITICAL9.6CVE-2026-47413praisonai-platform: Any workspace member can add arbitrary user as owner via POST /workspaces/{id}/members2026/6/1
HIGH8.1CVE-2026-47417praisonai-platform: Comment endpoints accept any issue_id without workspace ownership check, cross-workspace comment read and post IDOR2026/6/1
HIGH8.1CVE-2026-47418praisonai-platform: Project endpoints accept any project_id without workspace ownership check, cross-workspace read/update/delete IDOR2026/6/1
CRITICAL9.6CVE-2026-47428Vitest browser mode serves unsanitized otelCarrier query parameter as inline script2026/6/1

第 1 / 1022 頁下一頁 →