VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

523 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

LOW3.7CVE-2025-11143EPSS 0.14%org.eclipse.jetty:jetty-http has different parsing of invalid URIs2026/3/5
LOW3.7EPSS 0.01%Django has a Race Condition vulnerability2026/3/3
LOW3.1EPSS 0.01%Keycloak REST Services has a WebAuthn Attestation Statement Verification Bypass2026/2/27
LOW3.3EPSS 0.01%Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner2026/2/27
LOW3.1EPSS 0.04%wger: IDOR via user-unscoped cache keys on routine API actions exposes workout data2026/2/26
LOW3.8EPSS 0.03%Keycloak: Missing Check on Disabled Client for Docker Registry Protocol2026/2/19
LOW3.7EPSS 0.16%Apache Tomcat - Security constraint bypass with HTTP/0.92026/2/17
LOW3.7EPSS 0.02%LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages2026/2/11
LOW2.5EPSS 0.01%Apache Shiro Affected by an Observable Timing Discrepancy Vulnerability2026/2/10
LOW2.7EPSS 0.01%Keycloak Server-Side Request Forgery (SSRF) vulnerability2026/2/2
LOW2.7EPSS 0.01%Keycloak Admin API allows an administrator with limited privileges to retrieve sensitive custom attributes2026/2/2
LOW3.2EPSS 0.01%Llama Stack exposes secret in initialization log2026/1/30
LOW3.1EPSS 0.02%Keycloak's missing timestamp validation allows attackers to extend SAML response validity periods2026/1/26
LOW3.7EPSS 0.04%Apache Karaf Decanter has Deserialization of Untrusted Data in its Log Socket Collector2026/1/26
LOW3.7EPSS 0.07%FastAPI Api Key has a timing side-channel in verify_key that allows statistical key validity detection2026/1/21
LOW2.7EPSS 0.01%Keycloak Admin REST API exposes backend schema and rules2026/1/21
LOW3.1EPSS 0.01%Keycloak does not validate and update refresh token usage atomically2026/1/21
LOW3.7EPSS 0.01%Keycloak has an improper input validation vulnerability2026/1/15
LOW2.5EPSS 0.01%Weblate command-line client susceptible to SSL verification skip2026/1/12
LOW3.3EPSS 0.01%AcademySoftwareFoundation OpenColorIO has an out-of-bounds vulnerability2026/1/11
LOW3.3EPSS 0.01%LIEF is vulnerable to segmentation fault2026/1/10
LOW3.5EPSS 0.04%Jenkins has a CSRF vulnerability on the login form2025/12/10
LOW2.7EPSS 0.01%Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions2025/12/10
LOW3.7EPSS 0.01%Keycloak unable to restrict access to the admin console2025/12/2
LOW3.6EPSS 0.02%Spotipy has a XSS vulnerability in its OAuth callback server2025/12/1