VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

3,479 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

MEDIUM5.3CVE-2026-47707Strawberry GraphQL's Bypass of MaxAliasesLimiter via Fragment Spreads leading to GraphQL Alias Amplification2026/6/4
MEDIUM5.3Strawberry GraphQL has a Circular Fragment Reference DOS2026/6/4
MEDIUM6.1WebOb: Location header normalization during redirect leads to open redirect - again2026/6/4
MEDIUM6.5EPSS 0.02%browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server2026/6/3
MEDIUM5.5Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands2026/6/3
MEDIUM5.5Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend2026/6/3
MEDIUM6.3malla: Stored XSS via Meshtastic node names in multiple frontend pages2026/6/3
MEDIUM6.4AIOHTTP is Vulnerable to Deserialization of Untrusted Data2026/6/3
MEDIUM5.4EPSS 0.03%React Router has stored XSS via unescaped Location header in prerendered redirect HTML2026/6/3
MEDIUM5.3Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware2026/6/3
MEDIUM4.3Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie2026/6/3
MEDIUM5.3Potential exposure of private data via whitespace padding in Vary header2026/6/3
MEDIUM6.1OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables.2026/6/2
MEDIUM6.5praisonai-platform: Any workspace member can rewrite workspace name, description, and settings via PATCH /workspaces/{id}2026/6/1
MEDIUM6.5EPSS 0.05%Apache Airflow: Rendered template truncation bypasses nested sensitive-key masking2026/6/1
MEDIUM5.9EPSS 0.02%Apache Airflow: JWT cookie missing Secure flag in JWTRefreshMiddleware behind HTTPS-terminating proxy2026/6/1
MEDIUM6.5EPSS 0.04%Apache Airflow: Incomplete Redaction of Sensitive Fields in Connection Extra API Response2026/6/1
MEDIUM6.5praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership2026/5/29
MEDIUM5.5PraisonAI CLI automatically resolves @url mentions in prompt text and can read loopback URLs into model context2026/5/29
MEDIUM5.5PraisonAI spider_tools SSRF protection bypass via alternate loopback host encodings2026/5/29
MEDIUM6.5BoxLite has a Timeout Bypass Vulnerability2026/5/29
MEDIUM6.5zeroconf has unbounded DNS record cache that allows LAN-local memory exhaustion via multicast flood2026/5/29
MEDIUM6.5zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion2026/5/29
MEDIUM6.5zeroconf has unbounded recursion in DNS compression-pointer decoder that allows LAN-local denial of service2026/5/29
MEDIUM5.3EPSS 0.06%ExifReader is vulnerable to denial of service via unbounded decompression of image metadata2026/5/29

← 上一頁第 2 / 140 頁下一頁 →