VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

9,987 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

HIGH8.1CVE-2026-48152Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasource base URL2026/6/12
HIGH7.5Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of webhook and automation schema2026/6/12
CRITICAL9.0Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign2026/6/12
HIGH7.2GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page2026/6/12
HIGH7.7Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection2026/6/12
HIGH7.3Vim is an open source, command line text editor.2026/6/11
HIGH7.5Vim is an open source, command line text editor.2026/6/11
HIGH7.2GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection2026/6/11
HIGH7.1WsgiDAV encoded dot segments can escape filesystem share roots2026/6/11
CRITICAL9.1Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token2026/6/11
HIGH7.5@grpc/grpc-js: A malformed request can cause a server crash2026/6/11
HIGH7.5@grpc/grpc-js: An incoming malformed compressed message can cause a client or server crash2026/6/11
HIGH8.8OpenZeppelin Contracts Wizard has Code Injection in Generated Hardhat and Foundry Tests via Unsanitized opts.name / opts.uri2026/6/11
HIGH8.1Litestar has HTML Injection Through its CSRF Token2026/6/10
HIGH7.5Acknowledgement extension out of memory2026/6/10
HIGH8.0Jenkins: Stored XSS vulnerability in node offline cause description2026/6/10
HIGH8.1In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization2026/6/10
CRITICAL9.8Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification.2026/6/9
HIGH7.5Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied i…2026/6/9
HIGH7.5Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause…2026/6/9
HIGH7.5Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen str…2026/6/9
CRITICAL9.1Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fi…2026/6/9
HIGH7.5Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with…2026/6/9
HIGH7.4Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentic…2026/6/9
HIGH7.5Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frame…2026/6/9

第 1 / 400 頁下一頁 →