VulnScope — package-centric CVE lookup

Search

616 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.4CVE-2024-6971EPSS 0.03%Lord of Large Language Models (LoLLMs) Server path traversal vulnerability in lollms_file_system.py10/11/2024
LOW3.7EPSS 0.16%Gradio performs a non-constant-time comparison when comparing hashes10/10/2024
LOW2.7EPSS 0.21%open-webui allows enumeration of file names and traversal of directories by observing the error messages10/9/2024
LOW2.9EPSS 0.01%Race condition could lead to WebAssembly control-flow integrity and type safety violations10/9/2024
LOW3.7EPSS 0.24%Django allows enumeration of user e-mail addresses10/8/2024
LOW3.5EPSS 0.17%Inefficient Regular Expression Complexity in langflow9/27/2024
LOW3.1EPSS 0.07%Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials9/26/2024
LOW3.3EPSS 0.10%Apache Hadoop: Temporary File Local Information Disclosure9/25/2024
LOW3.1EPSS 0.32%Apache Druid: Users can provide MySQL JDBC properties not on allow list9/17/2024
LOW3.7EPSS 0.22%druid-pac4j, Apache Druid extension, has Padding Oracle vulnerability9/17/2024
LOW3.5EPSS 0.34%Composio Path Traversal vulnerability9/16/2024
LOW3.5EPSS 0.13%Aim Stored XSS through TEXT EXPLORER9/16/2024
LOW3.3EPSS 0.10%A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used.9/7/2024
LOW3.6EPSS 0.13%Flask-AppBuilder's login form allows browser to cache sensitive fields9/4/2024
LOW3.7EPSS 0.15%LTI 1.3 Grade Pass Back Implementation has Missing Authorization Vulnerability8/30/2024
LOW2.8EPSS 0.06%freewvs vulnerable to denial of service through large files8/30/2024
LOW2.8EPSS 0.17%freewvs's nested directory structure can interrupt scan8/30/2024
LOW3.0EPSS 0.16%biscuit-java vulnerable to public key confusion in third party block7/31/2024
LOW3.1EPSS 0.26%Ankitects Anki LaTeX Blocklist Bypass vulnerability7/22/2024
LOW3.8EPSS 0.03%[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS`7/19/2024
LOW3.7EPSS 1.2%Apache CXF allows unrestricted memory consumption in CXF HTTP clients7/19/2024
LOW2.5EPSS 0.03%Sentry's Python SDK unintentionally exposes environment variables to subprocesses7/18/2024
LOW3.7EPSS 1.4%Apache StreamPipes potentially allows creation of multiple identical accounts7/17/2024
LOW2.9EPSS 0.22%A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used.7/10/2024
LOW3.1EPSS 0.21%Exposure of secrets through system log in Jenkins Structs Plugin6/26/2024

← PrevPage 7 of 25Next →