搜尋

74,887 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

HIGH7.8CVE-2026-10118EPSS 0.07%A flaw was found in Poppler's Splash backend.2026/6/1
MEDIUM5.5CVE-2025-60495EPSS 0.01%A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of GPAC Project/MP4Box before 26.02.0 allows a…2026/6/1
MEDIUM5.5CVE-2025-60486EPSS 0.01%A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a…2026/6/1
MEDIUM5.5CVE-2025-60485EPSS 0.01%A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of GPAC Project/MP4Box before 26.02.0 allows att…2026/6/1
MEDIUM5.5CVE-2025-60483EPSS 0.01%A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before…2026/6/1
MEDIUM5.5CVE-2025-60481EPSS 0.01%A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 allows attacker…2026/6/1
MEDIUM5.5CVE-2025-55664EPSS 0.01%A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of S…2026/6/1
—CVE-2026-47191kas checks out SHA-like git branches as valid commits2026/6/1
HIGH8.1CVE-2026-47412praisonai-platform: Any workspace member can delete the entire workspace via DELETE /workspaces/{id}2026/6/1
HIGH8.3CVE-2026-47415praisonai-platform: Issue endpoints accept any issue_id without workspace ownership check, cross-workspace read/update/delete IDOR2026/6/1
CRITICAL9.6CVE-2026-47413praisonai-platform: Any workspace member can add arbitrary user as owner via POST /workspaces/{id}/members2026/6/1
MEDIUM6.5CVE-2026-47411praisonai-platform: Any workspace member can rewrite workspace name, description, and settings via PATCH /workspaces/{id}2026/6/1
HIGH8.1CVE-2026-47417praisonai-platform: Comment endpoints accept any issue_id without workspace ownership check, cross-workspace comment read and post IDOR2026/6/1
HIGH8.1CVE-2026-47418praisonai-platform: Project endpoints accept any project_id without workspace ownership check, cross-workspace read/update/delete IDOR2026/6/1
—CVE-2026-47425rattler has an entry-point path traversal in noarch:python install (arbitrary file write)2026/6/1
CRITICAL9.6CVE-2026-47428Vitest browser mode serves unsanitized otelCarrier query parameter as inline script2026/6/1
CRITICAL9.8CVE-2026-47429When Vitest UI server is listening, arbitrary file can be read and executed2026/6/1
HIGH8.2CVE-2026-47423DOMPurify XSS via selectedcontent re-clone2026/6/1
HIGH7.1CVE-2026-48119Nezha's authenticated agents can forge service-monitor results for other users' services2026/6/1
—CVE-2026-10532EPSS 0.09%Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core (HardenedObjectInputStream (logback-core) modules) allo…2026/6/1
MEDIUM4.3CVE-2026-9807EPSS 0.01%Incorrect Authorization in GitLab2026/6/1
MEDIUM6.5CVE-2026-49095EPSS 0.04%Improper Input Validation in Kibana Fleet Leading to Privilege Escalation2026/6/1
MEDIUM6.5CVE-2026-49094EPSS 0.04%Uncontrolled Resource Consumption in Kibana Leading to Denial of Service2026/6/1
MEDIUM6.3CVE-2026-49093EPSS 0.03%Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access2026/6/1
MEDIUM5.4CVE-2026-42401EPSS 0.02%Improper Neutralization of Input During Web Page Generation in Kibana Leading to Stored HTML Injection2026/6/1

← 上一頁第 2 / 2996 頁下一頁 →