搜尋

1,879 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

LOW3.1CVE-2026-48851EPSS 0.03%PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between prox…2026/5/25
LOW3.7CVE-2026-48847EPSS 0.07%Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session…2026/5/25
LOW3.5CVE-2026-48832EPSS 0.03%action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability.2026/5/24
LOW2.0CVE-2026-46549NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation2026/5/21
LOW3.7CVE-2026-7837EPSS 0.05%A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file opera…2026/5/21
LOW3.7CVE-2026-44075EPSS 0.12%A missing break statement in DSI OpenSession processing in Netatalk 1.5.0 through 4.4.2 causes a DSIOPT_ATTNQUANT switch case to fall throu…2026/5/21
LOW3.7CVE-2026-44074EPSS 0.14%Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error condit…2026/5/21
LOW3.7CVE-2026-44071EPSS 0.16%Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFY_SOURCE, which disables built-in buffer overflow detection at runtime, potentially…2026/5/21
LOW3.1CVE-2026-44057EPSS 0.04%A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no…2026/5/21
LOW3.1CVE-2026-7836EPSS 0.04%An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote…2026/5/21
LOW3.1CVE-2026-7835EPSS 0.11%A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service…2026/5/21
LOW3.0CVE-2026-44072EPSS 0.03%Netatalk 2.2.1 through 4.4.2 calls system() after a failed chdir() without properly handling the error condition, which allows a local priv…2026/5/21
LOW3.1CVE-2026-44070EPSS 0.12%An unbounded memory reallocation in the charset conversion code in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to c…2026/5/21
LOW3.9CVE-2026-44069EPSS 0.01%An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information,…2026/5/21
LOW3.7CVE-2026-45232EPSS 0.04%Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in s…2026/5/20
LOW3.5CVE-2026-45803EPSS 0.03%GitHub CLI: GitHub Actions log output in `gh run view` allows terminal escape sequence injection2026/5/19
LOW3.1CVE-2026-45739Strawberry GraphQL: Default GraphiQL may expose HTTP headers in URLs2026/5/19
LOW3.5CVE-2026-45781EPSS 0.01%MCP Registry: OCI validator skips ownership check on upstream rate limits2026/5/19
LOW3.8CVE-2026-45683EPSS 0.01%OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure2026/5/18
LOW3.5CVE-2026-2728EPSS 0.00%Duplicate Advisory: LibreNMS affected by an authenticated Cross-site Scripting vulnerability on the showconfig page2026/5/18
LOW3.5CVE-2026-6333EPSS 0.03%Mattermost doesn't validate the Host header when constructing response URLs for custom slash command2026/5/18
LOW3.1CVE-2026-4286EPSS 0.03%Mattermost doesn't check if {{team_id}} was being changed when updating playbooks2026/5/18
LOW3.1CVE-2026-6334EPSS 0.03%Mattermost doesn't enforce client identity binding during the OAuth authorization code redemption flow2026/5/18
LOW3.7CVE-2026-4273EPSS 0.03%Mattermost doesn't validate that the RefreshedToken differs from the original invite token during remote cluster invite confirmation2026/5/18
LOW3.8CVE-2026-3495EPSS 0.03%Mattermost doesn't escape some variables that could contain malicious content during error page composition2026/5/18