VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

1,210 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

LOW2.0CVE-2026-46549NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation2026/5/21
LOW3.7EPSS 0.05%A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file opera…2026/5/21
LOW3.7EPSS 0.12%A missing break statement in DSI OpenSession processing in Netatalk 1.5.0 through 4.4.2 causes a DSIOPT_ATTNQUANT switch case to fall throu…2026/5/21
LOW3.7EPSS 0.14%Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error condit…2026/5/21
LOW3.7EPSS 0.16%Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFY_SOURCE, which disables built-in buffer overflow detection at runtime, potentially…2026/5/21
LOW3.1EPSS 0.04%A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no…2026/5/21
LOW3.1EPSS 0.04%An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote…2026/5/21
LOW3.1EPSS 0.11%A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service…2026/5/21
LOW3.0EPSS 0.03%Netatalk 2.2.1 through 4.4.2 calls system() after a failed chdir() without properly handling the error condition, which allows a local priv…2026/5/21
LOW3.1EPSS 0.12%An unbounded memory reallocation in the charset conversion code in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to c…2026/5/21
LOW3.9EPSS 0.01%An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information,…2026/5/21
LOW3.7EPSS 0.04%Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in s…2026/5/20
LOW3.5EPSS 0.03%GitHub CLI: GitHub Actions log output in `gh run view` allows terminal escape sequence injection2026/5/19
LOW3.1Strawberry GraphQL: Default GraphiQL may expose HTTP headers in URLs2026/5/19
LOW3.5EPSS 0.01%Open WebUI: Read-Only Users Can Toggle Note Pin Status via Incorrect Permission Check (Write via Read-Only Access)2026/5/14
LOW3.1EPSS 0.04%Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised t…2026/5/14
LOW3.1EPSS 0.03%Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer proc…2026/5/14
LOW3.1EPSS 0.04%Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromise…2026/5/14
LOW3.1EPSS 0.03%Insufficient policy enforcement in AI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer p…2026/5/14
LOW3.1EPSS 0.03%Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the…2026/5/14
LOW3.1EPSS 0.04%Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer proc…2026/5/14
LOW3.1EPSS 0.03%Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perfor…2026/5/14
LOW3.1EPSS 0.03%Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer proces…2026/5/14
LOW3.1EPSS 0.03%Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had…2026/5/14
LOW2.5EPSS 0.02%libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel.2026/5/14