VulnScope — 以套件為主體的 CVE 查詢工具- CRITICAL9.8CVE-2020-1938⚠ KEVEPSS 94.5%Improper Privilege Management in Tomcat
- HIGH7.5⚠ KEVEPSS 94.3%Directory traversal attack in Spring Cloud Config
- MEDIUM6.9⚠ KEVEPSS 34.7%Potential XSS vulnerability in jQuery
- HIGH8.8⚠ KEVEPSS 94.4%Nexus Repository Manager 3 - Remote Code Execution
- CRITICAL9.8⚠ KEVEPSS 99.7%libphp-phpmailer - security update
- HIGH7.5⚠ KEVEPSS 98.6%Improper Input Validation in Apache Solr
- CRITICAL9.8⚠ KEVEPSS 94.1%opensmtpd - security update
- CRITICAL9.9⚠ KEVEPSS 84.8%Remote Code Execution Vulnerability in NPM mongo-express
- HIGH7.2⚠ KEVEPSS 83.5%lucene-solr - security update
- CRITICAL10.0⚠ KEVEPSS 55.9%firefox-esr - security update
- HIGH8.8⚠ KEVEPSS 38.0%thunderbird - security update
- HIGH7.8⚠ KEVEPSS 65.0%Apache HTTP Server Privilege Escalation Vulnerability
- HIGH8.1⚠ KEVEPSS 100.0%Apache Struts vulnerable to remote command execution (RCE) due to improper input validation
- CRITICAL10.0⚠ KEVEPSS 100.0%Apache Struts vulnerable to remote arbitrary command execution due to improper input validation
- CRITICAL9.8⚠ KEVEPSS 95.6%Spring Data Commons remote code injection vulnerability
- HIGH8.1⚠ KEVEPSS 99.6%When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server
- HIGH8.1⚠ KEVEPSS 99.5%REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering
- HIGH7.8⚠ KEVEPSS 42.8%roundcube - security update
- CRITICAL9.8⚠ KEVEPSS 99.4%samba - security update
- HIGH7.8⚠ KEVEPSS 97.0%ghostscript - security update