VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

58,899 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

MEDIUM6.9CVE-2026-50560Netty is a network application framework for development of protocol servers and clients.2026/6/12
HIGH7.5Netty is a network application framework for development of protocol servers and clients.2026/6/12
HIGH7.5Netty is a network application framework for development of protocol servers and clients.2026/6/12
HIGH7.5Netty is a network application framework for development of protocol servers and clients.2026/6/12
MEDIUM4.8Netty is a network application framework for development of protocol servers and clients.2026/6/12
MEDIUM5.3Netty is a network application framework for development of protocol servers and clients.2026/6/12
MEDIUM6.7A flaw was found in QEMU's virtio-blk device.2026/6/12
MEDIUM5.3OpenTelemetry-cpp is the C++ implementation of OpenTelemetry.2026/6/12
MEDIUM5.4Fabric.js improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization2026/6/12
MEDIUM5.3Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations.2026/6/12
MEDIUM5.9Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks.2026/6/12
HIGH7.5Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts.2026/6/12
HIGH8.1Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasource base URL2026/6/12
HIGH7.5Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of webhook and automation schema2026/6/12
CRITICAL9.0Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign2026/6/12
—Budibase: Unvalidated VectorDB Host Parameter Enables SSRF2026/6/12
MEDIUM6.5Budibase: Unanchored Regex in `matchers.ts` Allows CSRF Bypass via Query String Injection in Budibase Worker2026/6/12
MEDIUM6.5GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution2026/6/12
HIGH7.2GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page2026/6/12
HIGH7.7Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection2026/6/12
—Budibase: SSRF via User-Controlled queryId in Automation Execute Query Step2026/6/12
MEDIUM6.7LangGraph has NoSQL parameter injection in MongoDBSaver, allowing cross-tenant state access2026/6/12
—2026/6/12
—2026/6/12
MEDIUM6.5A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library (gst-plugins-bad).2026/6/12

第 1 / 2356 頁下一頁 →