VulnScope — package-centric CVE lookup

Search

5,054 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.7CVE-2026-42770Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup…6/9/2026
LOW3.3A heap buffer overflow flaw was found in 389 Directory Server.6/9/2026
LOW1.9A flaw was found in 389 Directory Server.6/9/2026
CRITICAL9.3In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the…6/9/2026
CRITICAL9.8In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE The…6/9/2026
CRITICAL9.1Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex…6/9/2026
CRITICAL9.1EPSS 0.40%Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks.6/9/2026
LOW3.7A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero-argument method invocation, even within res…6/9/2026
LOW3.7Applications may be vulnerable to a Regular Expression Denial of Service (ReDoS) attack if an attacker is able to provide a pattern which i…6/9/2026
CRITICAL9.6Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform…6/9/2026
LOW3.1Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compr…6/9/2026
LOW3.1Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had comp…6/9/2026
LOW3.1Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utili…6/9/2026
LOW3.1Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to l…6/9/2026
CRITICAL9.6Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via…6/9/2026
CRITICAL9.6Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape…6/9/2026
CRITICAL9.6Use after free in CameraCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox…6/9/2026
CRITICAL9.6Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via…6/9/2026
CRITICAL9.6Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a…6/9/2026
CRITICAL9.6Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox es…6/9/2026
CRITICAL9.8Apache HTTP Server: Heap Underflow in `ap_regname` via Signed Char Overflow6/8/2026
CRITICAL9.1Apache HTTP Server: mod_dav_fs protected directory access6/8/2026
CRITICAL9.8Apache HTTP Server: mod_ldap per-dir use-after-free6/8/2026
CRITICAL9.8In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extract_kvec_to_sg Patch se…6/8/2026
CRITICAL9.8MariaDB: Argument injection in CONNECT REST Xcurl on Windows via unsanitized URL6/7/2026

← PrevPage 2 of 203Next →