VulnScope — package-centric CVE lookup

Search

126 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.5CVE-2025-2699EPSS 0.10%GetmeUK ContentTools Cross-Site Scripting (XSS)3/24/2025
LOW3.3EPSS 0.01%Mattermost Desktop App allows the bypass of Transparency, Consent, and Control (TCC) via code injection3/17/2025
LOW3.9EPSS 0.11%MongoDB Shell may be susceptible to control character Injection via shell output2/27/2025
LOW2.7EPSS 0.75%Matrix IRC Bridge allows IRC command injection to own puppeted user2/25/2025
LOW3.5EPSS 0.21%Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit11/15/2024
LOW3.7EPSS 0.03%ReDoS vulnerability in vue package that is exploitable through inefficient regex evaluation in the parseHTML function10/15/2024
LOW3.3EPSS 0.05%ReLaXed Cross-site Scripting vulnerability9/27/2024
LOW2.5EPSS 0.36%Mattermost Desktop App fails to sufficiently configure Electron Fuses9/16/2024
LOW3.7EPSS 0.36%Mattermost Desktop App fails to safeguard screen capture functionality9/16/2024
LOW3.1EPSS 0.08%CKEditor4 low-risk cross-site scripting (XSS) vulnerability linked to potential domain takeover8/21/2024
LOW3.1EPSS 0.16%The fuels-ts typescript SDK has no awareness of to-be-spent transactions7/30/2024
LOW3.7EPSS 0.07%@jmondi/url-to-png enables capture screenshot of localhost web services (unauthenticated pages)7/15/2024
LOW2.0EPSS 0.36%Undici vulnerable to data leak when using response.arrayBuffer()7/9/2024
LOW3.8EPSS 0.03%Mattermost Desktop App allows for bypassing TCC restrictions on macOS6/14/2024
LOW2.3EPSS 0.43%@strapi/plugin-content-manager leaks data via relations via the Admin Panel6/12/2024
LOW3.5EPSS 0.14%vxe-table Cross-site Scripting vulnerability5/24/2024
LOW2.6EPSS 0.07%CSRF in firebase-tools emulator suite in github.com/firebase/firebase-tools5/2/2024
LOW2.6EPSS 0.07%Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect4/4/2024
LOW3.9EPSS 0.20%Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline4/4/2024
LOW2.3EPSS 0.09%Session Token in URL in directus3/12/2024
LOW3.9EPSS 0.28%Undici proxy-authorization header not cleared on cross-origin redirect in fetch2/16/2024
LOW3.5EPSS 0.03%lambda-middleware Inefficient Regular Expression Complexity vulnerability2/12/2024
LOW3.7EPSS 0.06%google-translate-api-browser Server-Side Request Forgery (SSRF) Vulnerability11/27/2023
LOW3.9EPSS 0.12%Undici's cookie header not cleared on cross-origin redirect in fetch10/16/2023
LOW3.5EPSS 0.36%matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms8/4/2023

← PrevPage 4 of 6Next →