VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

5,030 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

MEDIUM6.3CVE-2026-47721FUXA's scheduler API missing admin check enables operator-to-admin escalation via scheduled device actions2026/6/8
MEDIUM5.3FUXA has SQL Injection in its TDengine DAQ connector via backslash bypass of escapeTdString2026/6/8
MEDIUM5.4Authlib OAuth 2.0 has Open Redirect in Authorization API that allows attacker-controlled redirect_uri through unsupported response_type2026/6/8
MEDIUM4.3MariaDB server is a community developed fork of MySQL server.2026/6/7
MEDIUM6.3MariaDB server is a community developed fork of MySQL server.2026/6/7
MEDIUM5.0MariaDB server is a community developed fork of MySQL server.2026/6/7
MEDIUM4.3Bugsink: DOS using large numbers of event tags2026/6/5
MEDIUM4.3Bugsink: Project scoping missing in sourcemap and debug-file lookup2026/6/5
MEDIUM6.0NocoDB: Postgres SQL Injection in Formula `ARRAYSORT`2026/6/5
MEDIUM6.1MCP Server Kubernetes: kubectl-generic flag injection enables Kubernetes bearer token exfiltration2026/6/5
MEDIUM6.5MLflow authenticated users can enumerate any registered model versions due to lack of per-model permissions checks2026/6/5
MEDIUM6.5Apache Airflow: revoke_token() unreachable in FabAuthManager / KeycloakAuthManager logout path2026/6/5
MEDIUM4.3Apache Airflow: per-DAG RBAC bypass on /ui/partitioned_dag_runs endpoints2026/6/5
MEDIUM6.5Apache Airflow: Arbitrary File Read via Log Symlink following in FileTaskHandler2026/6/5
MEDIUM5.3Hono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths2026/6/4
MEDIUM5.3Hono: IP Restriction bypasses static deny rules for non-canonical IPv62026/6/4
MEDIUM4.3Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection2026/6/4
MEDIUM4.8Hono: JWT middleware accepts any Authorization scheme, not only Bearer2026/6/4
MEDIUM5.3Strawberry GraphQL's Bypass of MaxAliasesLimiter via Fragment Spreads leading to GraphQL Alias Amplification2026/6/4
MEDIUM5.3Strawberry GraphQL has a Circular Fragment Reference DOS2026/6/4
MEDIUM6.1WebOb: Location header normalization during redirect leads to open redirect - again2026/6/4
MEDIUM4.7A vulnerability has been found in Streamlit up to 1.53.0.2026/6/4
MEDIUM6.5EPSS 0.02%browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server2026/6/3
MEDIUM5.5Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands2026/6/3
MEDIUM5.5Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend2026/6/3

← 上一頁第 2 / 202 頁下一頁 →