VulnScope — package-centric CVE lookup

Search

1,234 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.1CVE-2026-7937EPSS 0.02%Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a m…5/6/2026
LOW3.1EPSS 0.03%Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the ren…5/6/2026
LOW3.7EPSS 0.02%Flowise: Bcrypt Password Hash Exposure5/6/2026
LOW3.4EPSS 0.00%Paramiko rsakey.py allows the SHA-1 algorithm5/6/2026
LOW2.4EPSS 0.03%Geyser Vulnerable to Server-Side Request Forgery (SSRF) via Player Head Texture URL in Geyser5/5/2026
LOW3.7EPSS 0.06%Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams5/5/2026
LOW2.3EPSS 0.01%Incus has an OVN TLS Verification that Accepts Peer-Supplied Roots5/4/2026
LOW2.5EPSS 0.01%mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.5/4/2026
LOW3.7EPSS 0.04%mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.5/4/2026
LOW3.7EPSS 0.04%In mutt before 2.3.2, the imap_auth_gss security level is mishandled.5/4/2026
LOW3.7EPSS 0.04%mutt before 2.3.2 does not check for '\0' in url_pct_decode.5/4/2026
LOW3.7EPSS 0.04%mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest.5/4/2026
LOW3.7EPSS 0.04%mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest.5/4/2026
LOW3.7EPSS 0.02%A flaw was found in gnutls.4/30/2026
LOW3.7EPSS 0.04%A flaw was found in gnutls.4/30/2026
LOW3.7EPSS 0.07%xxl-job has a Resource Injection issue4/29/2026
LOW3.1EPSS 0.01%Insufficient validation of untrusted input.4/28/2026
LOW3.1EPSS 0.03%Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cr…4/28/2026
LOW3.7EPSS 0.06%Spring gRPC AuthenticationException messages are reflected to remote client4/28/2026
LOW3.7EPSS 0.01%A security vulnerability has been detected in Cesanta Mongoose up to 7.20.4/25/2026
LOW2.2EPSS 0.05%Cloudflare has SSRF via redirect following through its image-binding-transform endpoint (incomplete fix for GHSA-qpr4)4/23/2026
LOW3.2EPSS 0.02%uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6.4/23/2026
LOW3.3EPSS 0.01%uutils coreutils has an Incorrect Provision of Specified Functionality Issue in its cut Utility4/22/2026
LOW3.3EPSS 0.01%uutils coreutils has an Incorrect Provision of Specified Functionality Issue4/22/2026
LOW3.3EPSS 0.02%uutils coreutils has an Incorrect Short Circuit Evaluation Issue4/22/2026

← PrevPage 5 of 50Next →