VulnScope — package-centric CVE lookup

Search

307 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH7.8CVE-2025-41244⚠ KEVEPSS 0.53%open-vm-tools - security update9/29/2025
CRITICAL9.8⚠ KEVEPSS 1.5%Google Chromium V8 Type Confusion Vulnerability9/24/2025
CRITICAL9.1⚠ KEVEPSS 72.2%Magento Community Edition Improper Input Validation vulnerability9/9/2025
CRITICAL9.8⚠ KEVEPSS 94.4%Argument Injection in PHP-CGI8/11/2025
HIGH8.8⚠ KEVEPSS 0.25%Apple Multiple Products Buffer Overflow Vulnerability7/30/2025
HIGH7.4⚠ KEVEPSS 0.14%Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability7/22/2025
HIGH7.5⚠ KEVEPSS 14.7%eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, napi-postinstall have embedded malicious code7/19/2025
CRITICAL9.8⚠ KEVEPSS 58.9%Livewire is vulnerable to remote command execution during component property update hydration7/17/2025
HIGH8.8⚠ KEVEPSS 0.25%chromium - security update7/15/2025
HIGH8.0⚠ KEVEPSS 0.60%Git allows arbitrary code execution through broken config quoting7/8/2025
HIGH8.1⚠ KEVEPSS 1.6%chromium - security update6/30/2025
HIGH7.8⚠ KEVEPSS 57.3%Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability6/30/2025
CRITICAL9.8⚠ KEVEPSS 92.7%Langflow Unauth RCE6/17/2025
HIGH8.8⚠ KEVEPSS 3.8%Google Chromium V8 Out-of-Bounds Read and Write Vulnerability6/3/2025
CRITICAL9.9⚠ KEVEPSS 90.5%roundcube - security update6/2/2025
MEDIUM5.3⚠ KEVEPSS 33.1%Craft CMS stores arbitrary content provided by unauthenticated users in session files5/8/2025
CRITICAL10.0⚠ KEVEPSS 93.1%Craft CMS Allows Remote Code Execution4/25/2025
CRITICAL9.9⚠ KEVEPSS 93.5%Remote code execution in Wazuh server in github.com/wazuh/wazuh4/22/2025
CRITICAL10.0⚠ KEVEPSS 62.8%Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability4/16/2025
CRITICAL9.0⚠ KEVEPSS 78.9%yiisoft/yii2 Mishandles the Attaching of Behavior Defined by a `__class` Array Key4/10/2025
MEDIUM5.3⚠ KEVEPSS 94.5%[20230201] - Core - Improper access check in webservice endpoints4/3/2025
MEDIUM5.3⚠ KEVEPSS 83.2%Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query3/31/2025
CRITICAL10.0⚠ KEVEPSS 0.21%Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability3/11/2025
HIGH8.1⚠ KEVEPSS 70.8%freetype - security update3/11/2025
CRITICAL9.8⚠ KEVEPSS 94.1%Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT3/10/2025

← PrevPage 2 of 13Next →