VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

52,189 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

MEDIUM6.5CVE-2026-48147Budibase: Unanchored Regex in `matchers.ts` Allows CSRF Bypass via Query String Injection in Budibase Worker2026/6/12
MEDIUM6.5CVE-2025-58175GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution2026/6/12
HIGH7.2GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page2026/6/12
HIGH7.7Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection2026/6/12
MEDIUM6.7LangGraph has NoSQL parameter injection in MongoDBSaver, allowing cross-tenant state access2026/6/12
MEDIUM4.3Improper Neutralization of Substitution Characters in GitLab2026/6/12
MEDIUM6.5Server-Side Request Forgery (SSRF) in GitLab2026/6/12
HIGH8.7Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab2026/6/12
HIGH7.5Allocation of Resources Without Limits or Throttling in GitLab2026/6/12
HIGH8.7Authorization Bypass Through User-Controlled Key in GitLab2026/6/12
MEDIUM4.3Incorrect Authorization in GitLab2026/6/12
MEDIUM5.3Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not encrypt secrets from POST config.xml submissions before storing them in job con…2026/6/12
MEDIUM4.3Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not ensure that the "from" parameter in the "Delegate to servlet container" securit…2026/6/12
MEDIUM4.3Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine o…2026/6/12
MEDIUM4.3A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking…2026/6/12
MEDIUM4.3Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkin…2026/6/12
MEDIUM4.3Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkin…2026/6/12
HIGH8.8In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize arbitrary types defined in…2026/6/12
MEDIUM6.5A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library (gst-plugins-bad).2026/6/12
HIGH8.8Use after free in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruptio…2026/6/11
HIGH8.3Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote atta…2026/6/11
MEDIUM5.3Out of bounds read in VideoCapture in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the GPU process t…2026/6/11
HIGH8.3Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the…2026/6/11
HIGH8.3Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer p…2026/6/11
HIGH8.3Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer proc…2026/6/11

← 上一頁第 2 / 2088 頁下一頁 →