CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 120315 筆結果
«« 第一頁 « 上一頁 第 1 / 16 頁 下一頁 »
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2017-1002150 python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection 6.1 0.81% 2017-09-14 2026-06-16
CVE-2017-1002151 Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization 7.5 1.06% 2017-09-14 2026-06-16
CVE-2017-1002153 Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission. 7.5 1.14% 2017-10-06 2026-06-16
CVE-2018-1002150 Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1. 9.1 1.67% 2018-04-04 2026-06-16
CVE-2017-1002152 Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles. 6.1 0.78% 2019-01-10 2026-06-16
CVE-2017-1002157 modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution. 9.8 2.80% 2019-01-10 2026-06-16
CVE-2021-3410 A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context. 7.8 0.56% 2021-02-23 2026-06-17
CVE-2021-3496 A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file. 7.8 1.06% 2021-04-22 2026-06-17
CVE-2021-3508 A flaw was found in PDFResurrect in version 0.22b. There is an infinite loop in get_xref_linear_skipped() in pdf.c via a crafted PDF file. 5.5 0.76% 2021-04-28 2026-06-17
CVE-2021-32613 In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. 5.5 1.16% 2021-05-14 2026-06-16
CVE-2021-30469 A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. 5.5 0.70% 2021-05-26 2026-06-16
CVE-2021-30470 A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow. 5.5 0.69% 2021-05-26 2026-06-16
CVE-2021-30471 A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow. 5.5 0.73% 2021-05-26 2026-06-16
CVE-2021-30472 A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value. 7.8 0.76% 2021-05-26 2026-06-16
CVE-2021-32614 A flaw was found in dmg2img through 20170502. fill_mishblk() does not check the length of the read buffer, and copy 0xCC bytes from it. The length of the buffer is controlled by an attacker. By providing a length smaller than 0xCC, memcpy reaches out of the malloc'ed bound. This possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution. 7.1 0.91% 2021-05-26 2026-06-16
CVE-2021-3486 GLPi 9.5.4 does not sanitize the metadata. This way its possible to insert XSS into plugins to execute JavaScript code. 6.1 1.39% 2021-05-26 2026-06-17
CVE-2021-32490 A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences. 7.8 0.91% 2021-06-24 2026-06-16
CVE-2021-32491 A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences. 7.8 0.88% 2021-06-24 2026-06-16
CVE-2021-32492 A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences. 7.8 0.93% 2021-06-24 2026-06-16
CVE-2021-32493 A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences. 7.8 1.00% 2021-06-24 2026-06-16
«« 第一頁 « 上一頁 第 1 / 16 頁 下一頁 »
cvelogic Threat Intelligence