VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

1,434 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

LOW3.1CVE-2026-8568EPSS 0.03%Insufficient policy enforcement in AI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer p…2026/5/14
LOW3.1EPSS 0.03%Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the…2026/5/14
LOW3.1EPSS 0.04%Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer proc…2026/5/14
LOW3.1EPSS 0.03%Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perfor…2026/5/14
LOW3.1EPSS 0.03%Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer proces…2026/5/14
LOW3.1EPSS 0.03%Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had…2026/5/14
LOW2.5EPSS 0.02%libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel.2026/5/14
LOW3.1dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction2026/5/14
LOW2.5dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled2026/5/14
LOW2.7EPSS 0.09%Synapse pagination Denial of Service2026/5/14
LOW3.7EPSS 0.10%Apache Tomcat - AJP secret compared in non-constant time2026/5/12
LOW3.8EPSS 0.04%Vulnerability in Wikimedia Foundation MediaWiki.2026/5/11
LOW3.7EPSS 0.01%Next.js's Middleware / Proxy redirects can be cache-poisoned2026/5/11
LOW3.7EPSS 0.01%Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting2026/5/11
LOW3.7EPSS 0.06%bettercap Has an Integer Coercion Error in modules/mysql_server/mysql_server.go2026/5/11
LOW3.7EPSS 0.02%bettercap Has an Integer Coercion Error in the ippReadChunkedBody Function2026/5/11
LOW3.8EPSS 0.02%Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()2026/5/9
LOW3.0EPSS 0.01%In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing.2026/5/8
LOW3.3EPSS 0.01%OSGeo GDAL vulnerable to out-of-bounds read2026/5/7
LOW3.7EPSS 0.04%nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)2026/5/7
LOW3.5EPSS 0.04%Magic Wormhole: receive, with --output pointing at an existing directory can be path-traversed2026/5/6
LOW3.7EPSS 0.05%Micronaut has Unbounded `bundleCache` in `ResourceBundleMessageSource` that Allows Memory Exhaustion via `Accept-Language` Header2026/5/6
LOW3.1EPSS 0.01%Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in s…2026/5/6
LOW3.1EPSS 0.03%Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a…2026/5/6
LOW3.1EPSS 0.04%Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised th…2026/5/6