VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

1,226 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

LOW1.8CVE-2026-48617A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation.2026/6/18
LOW2.2BBOT: Symlink-Following Arbitrary Write via github_workflows Module2026/6/18
LOW3.1BBOT: Server-Side Request Forgery (SSRF) in docker_pull module via WWW-Authenticate realm parsing2026/6/18
LOW3.7Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets.2026/6/17
LOW3.7Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring,…2026/6/17
LOW2.2Pi Agent: Race condition in Pi auth.json writes could expose stored credentials2026/6/17
LOW3.1Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage…2026/6/17
LOW2.5Pi Agent: Potential XSS in HTML session exports via Markdown URL sanitization bypass2026/6/16
LOW3.7Starlette: Unvalidated request path concatenated into authority poisons request.url.hostname2026/6/15
LOW3.7python-multipart: Negative Content-Length in parse_form buffers the entire body in memory2026/6/15
LOW3.7python-multipart: Semicolon treated as querystring field separator enables parameter smuggling2026/6/15
LOW3.7python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters2026/6/15
LOW3.1React Router: Potential CSRF via PUT/PATCH/DELETE document requests2026/6/15
LOW3.2@babel/core: Arbitrary File Read via sourceMappingURL Comment2026/6/15
LOW3.7Tornado has out-of-bounds memory access via C extension2026/6/12
LOW3.1Inappropriate implementation in Passwords in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised…2026/6/11
LOW3.1Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the rende…2026/6/11
MEDIUM6.5Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery.2026/6/10
LOW3.5Papra HTTP redirect bypass can lead to SSRF via webhook delivery system2026/6/10
LOW3.7Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provid…2026/6/9
LOW3.7Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup…2026/6/9
LOW3.3A heap buffer overflow flaw was found in 389 Directory Server.2026/6/9
LOW1.9A flaw was found in 389 Directory Server.2026/6/9
LOW3.7A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero-argument method invocation, even within res…2026/6/9
LOW3.7Applications may be vulnerable to a Regular Expression Denial of Service (ReDoS) attack if an attacker is able to provide a pattern which i…2026/6/9

第 1 / 50 頁下一頁 →