VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

15,701 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

HIGH7.5CVE-2026-44892Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size2026/6/8
HIGH7.5CVE-2026-44890Netty has Unbounded Direct Memory Consumption in its RedisDecoder2026/6/8
HIGH7.5Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays2026/6/8
HIGH8.1Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking2026/6/8
MEDIUM5.4Authlib OAuth 2.0 has Open Redirect in Authorization API that allows attacker-controlled redirect_uri through unsupported response_type2026/6/8
MEDIUM4.3MariaDB server is a community developed fork of MySQL server.2026/6/7
MEDIUM6.3MariaDB server is a community developed fork of MySQL server.2026/6/7
HIGH8.0MariaDB server is a community developed fork of MySQL server.2026/6/7
—MariaDB server is a community developed fork of MySQL server.2026/6/7
—MariaDB server is a community developed fork of MySQL server.2026/6/7
HIGH8.0MariaDB server is a community developed fork of MySQL server.2026/6/7
HIGH8.0MariaDB server is a community developed fork of MySQL server.2026/6/7
MEDIUM5.0MariaDB server is a community developed fork of MySQL server.2026/6/7
MEDIUM4.3Bugsink: DOS using large numbers of event tags2026/6/5
MEDIUM4.3Bugsink: Project scoping missing in sourcemap and debug-file lookup2026/6/5
LOW3.1Bugsink: Issue bulk actions can affect another project’s issue if its UUID is known2026/6/5
LOW3.1Bugsink: Issue event views can show an event from another project if its UUID is known2026/6/5
CRITICAL9.1NASA AMMOS Instrument Toolkit: Path traversal resulting in arbitrary file append (can be triggered over the network by unauthenticated attacker)2026/6/5
HIGH8.3praisonai-platform: Agent endpoints accept any agent_id without workspace ownership check, cross-workspace read/update/delete IDOR2026/6/5
—Vantage6: 2FA can be circumvented with hacked email access2026/6/5
—Vantage6: No limit on emails sent for password/MFA reset2026/6/5
MEDIUM6.5Authorization Bypass in SearchModelVersions in mlflow/mlflow2026/6/5
MEDIUM6.5Apache Airflow: revoke_token() unreachable in FabAuthManager / KeycloakAuthManager logout path2026/6/5
HIGH7.3Apache Airflow: Arbitrary import in custom deadline-reference deserialization2026/6/5
HIGH8.8Apache Airflow: Authenticated RCE via XCom PATCH endpoint — XComUpdateBody missing FORBIDDEN_XCOM_KEYS validator2026/6/5

← 上一頁第 3 / 629 頁下一頁 →