VulnScope — package-centric CVE lookup

Search

616 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.6CVE-2025-61984EPSS 0.01%ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leadi…10/6/2025
LOW2.5EPSS 0.12%DataChain Vulnerable to Deserialization of Untrusted Data from Environment Variables10/2/2025
LOW3.1EPSS 0.02%Django vulnerable to partial directory traversal via archives10/1/2025
LOW3.7EPSS 0.03%WSO2's Input Validation Management Service contains Observable Discrepancy when Multi-Attribute Login is enabled9/26/2025
LOW3.1EPSS 0.05%PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table8/14/2025
LOW3.7EPSS 0.43%In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaint…7/20/2025
LOW3.7EPSS 0.13%xxl-job has Inadequate Encryption Strength7/18/2025
LOW3.6EPSS 0.04%git - security update7/10/2025
LOW3.3EPSS 0.14%Jenkins User1st uTester Plugin vulnerability exposes unencrypted token to authenticated users7/9/2025
LOW3.1EPSS 0.12%Jenkins Testsigma Test Plan vulnerability exposes API keys via job configuration form7/9/2025
LOW3.5EPSS 0.06%Transformers's Improper Input Validation vulnerability can be exploited through username injection7/7/2025
LOW3.5EPSS 0.15%XXL SSO is vulnerable to an Open Redirect through malicious manipulation of the redirect_url argument6/26/2025
LOW3.3EPSS 0.15%pywasm3 has Improper Restriction of Operations within the Bounds of a Memory Buffer6/19/2025
LOW2.5EPSS 0.04%A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files.6/16/2025
LOW3.7EPSS 0.11%Gradio CORS Origin Validation Bypass Vulnerability5/29/2025
LOW2.6EPSS 0.18%Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching5/28/2025
LOW3.7EPSS 0.56%In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocate…5/19/2025
LOW3.1EPSS 0.08%Spring Framework DataBinder Case Sensitive Match Exception5/16/2025
LOW2.8EPSS 0.06%OpenStack Ironic fails to restrict paths used for file:// image URLs5/8/2025
LOW2.7EPSS 0.12%The lesscss script service allows cache clearing without programming right4/29/2025
LOW3.8EPSS 0.09%Solr script service doesn't take dropped programming right into account4/29/2025
LOW2.7EPSS 0.50%Apereo CAS has inefficient regular expression complexity4/27/2025
LOW2.9EPSS 0.06%markdownify allows large headline prefixes such as <h9999999>, which causes memory consumption4/27/2025
LOW2.5EPSS 0.04%In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequ…4/23/2025
LOW3.3EPSS 0.07%In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.4/23/2025

← PrevPage 5 of 25Next →