VulnScope — package-centric CVE lookup

Search

71 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH8.8CVE-2026-34197⚠ KEVEPSS 83.5%Authenticated Apache ActiveMQ Broker and Apache ActiveMQ users could perform RCE via Jolokia MBeans4/7/2026
HIGH8.2⚠ KEVEPSS 81.4%GeoServer is vulnerable to Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature11/25/2025
HIGH8.0⚠ KEVEPSS 0.60%Git allows arbitrary code execution through broken config quoting7/8/2025
HIGH8.1⚠ KEVEPSS 70.8%freetype - security update3/11/2025
CRITICAL9.8⚠ KEVEPSS 94.1%tomcat10 - security update3/10/2025
CRITICAL9.8⚠ KEVEPSS 93.7%XWiki Platform allows remote code execution as guest via SolrSearchMacros request2/20/2025
CRITICAL9.8⚠ KEVEPSS 94.4%Remote Code Execution (RCE) vulnerability in geoserver7/1/2024
CRITICAL9.1⚠ KEVEPSS 93.9%Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.7/1/2024
CRITICAL9.8⚠ KEVEPSS 94.3%Apache HugeGraph-Server: Command execution in gremlin4/22/2024
CRITICAL9.8⚠ KEVEPSS 94.5%Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE1/24/2024
CRITICAL10.0⚠ KEVEPSS 94.4%Apache ActiveMQ is vulnerable to Remote Code Execution10/27/2023
MEDIUM5.3⚠ KEVEPSS 94.4%nghttp2 - security update10/10/2023
CRITICAL9.8⚠ KEVEPSS 94.0%Improper Control of Generation of Code ('Code Injection') in jai-ext9/19/2023
HIGH8.8⚠ KEVEPSS 93.3%thunderbird - security update9/12/2023
CRITICAL9.8⚠ KEVEPSS 94.4%Apache RocketMQ may have remote code execution vulnerability when using update configuration function7/6/2023
HIGH8.6⚠ KEVEPSS 94.4%Administration Console authentication bypass in openfire xmppserver5/23/2023
HIGH7.5⚠ KEVEPSS 93.9%ZK Framework vulnerable to malicious POST8/27/2022
HIGH8.8⚠ KEVEPSS 93.5%Apache Spark UI can allow impersonation if ACLs enabled7/19/2022
CRITICAL9.8⚠ KEVEPSS 94.4%Deserialization of Untrusted Data in Liferay Portal5/24/2022
HIGH8.1⚠ KEVEPSS 85.3%Elasticsearch Improper Access Control vulnerability5/17/2022
—⚠ KEVEPSS 92.3%Improper Access Control in Elasticsearch5/14/2022
CRITICAL9.8⚠ KEVEPSS 94.3%Improper Access Control in Apache Shiro5/14/2022
CRITICAL9.8⚠ KEVEPSS 94.3%Improper Input Validation in Apache ActiveMQ5/14/2022
HIGH8.1⚠ KEVEPSS 94.4%tomcat7 - security update5/14/2022
HIGH7.5⚠ KEVEPSS 39.7%Jenkins discloses project names via fingerprints5/13/2022

Page 1 of 3Next →