VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

1,446 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

LOW3.3CVE-2026-35346EPSS 0.01%coreutils' comm utility silently corrupts data by performing lossy UTF-8 conversion on all output lines2026/4/22
LOW3.3EPSS 0.01%uutils coreutils has an Unchecked Return Value Issue2026/4/22
LOW3.3EPSS 0.01%uutils coreutils has an Issue With its Always-Incorrect Control Flow Implementation2026/4/22
LOW3.3EPSS 0.02%uutils coreutils' mktemp utility doesn't properly handle an empty TMPDIR environment variable2026/4/22
LOW2.5EPSS 0.01%A flaw was found in nano.2026/4/22
LOW3.7EPSS 0.07%Spring Security Vulnerable to User Attribute Enumeration when Using DaoAuthenticationProvider2026/4/22
LOW2.9EPSS 0.02%Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Securi…2026/4/21
LOW3.7EPSS 0.07%Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Librar…2026/4/21
LOW3.7EPSS 0.04%Vulnerability in Oracle Java SE (component: Libraries).2026/4/21
LOW2.9EPSS 0.02%Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Securi…2026/4/21
LOW2.7EPSS 0.01%Langflow has an Information Leak through Incomplete API Key Redaction2026/4/20
LOW3.7EPSS 0.11%Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=12026/4/18
LOW3.5EPSS 0.01%libgphoto2 is a camera access and control library.2026/4/18
LOW2.4EPSS 0.01%libgphoto2 is a camera access and control library.2026/4/18
LOW3.5EPSS 0.01%libgphoto2 is a camera access and control library.2026/4/18
LOW3.1EPSS 0.03%langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding2026/4/16
LOW3.7EPSS 0.03%ApostropheCMS: User Enumeration via Timing Side Channel in Password Reset Endpoint2026/4/16
LOW3.1EPSS 0.01%Weblate: Improper access control for pending tasks in API2026/4/16
LOW2.9EPSS 0.01%libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.2026/4/16
LOW3.1EPSS 0.01%Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer…2026/4/15
LOW3.1EPSS 0.01%Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the ren…2026/4/15
LOW3.5EPSS 0.04%DbGate has cross site scripting via the SVG Icon String Handler component2026/4/13
LOW3.7EPSS 0.01%phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals()2026/4/10
LOW3.3EPSS 0.01%In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is exe…2026/4/10
LOW3.5EPSS 0.03%OpenStack Keystone: Restricted application credentials can create EC2 credentials2026/4/10