MiracleLinux 9 : golang-1.19.10-1.el9, go-toolset-1.19.10-1.el9 (AXSA:2023-6174:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6174:04 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary...

TencentOS Server 3: go-toolset:rhel8 (TSSA-2023:0177)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0177 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Security Bulletin: IBM Storage Ceph is vulnerable to Injection in Golang (CVE-2023-29405)

Summary Golang is used by IBM Storage Ceph in Grafana. CVE-2023-29405 This bulletin identifies the steps to take to address the vulnerability in Golang Vulnerability Details CVEID:CVE-2023-29405 DESCRIPTION: The go command may execute arbitrary code at build time when using cgo. This may occur wh...

Alibaba Cloud Linux 3 : 0055: go-toolset:rhel8 (ALINUX3-SA-2023:0055)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0055 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-29402: The go command may generat...

CVE-2025-29405

creationtimestamp| type| source ---|---|--- 2025-03-19 07:56:49+00:00| seen| https://gist.github.com/bGl1o/19a141ee6e899884fa85f3a52898bcc6 2025-03-19 20:29:46+00:00| seen| https://t.me/cvedetector/20658...

CVE-2025-29405

An arbitrary file upload vulnerability in the component /admin/template.php of emlog pro 2.5.0 and pro 2.5. allows attackers to execute arbitrary code via uploading a crafted PHP file...

Linux Distros Unpatched Vulnerability : CVE-2023-29405

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The go command may execute arbitrary code at build time when using cgo. This may occur when running go get on a malicious module, or when running any other...

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available...

Important: Red Hat Security Advisory: Updated rhceph-5.3 container image and security update

Updated rhceph-5.3 container image is now available in the Red Hat Ecosystem Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available...

CVE-2023-29405 affecting package golang for versions less than 1.21.6-1

CVE-2023-29405 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...

CVE-2023-29405 affecting package golang for versions less than 1.21.6-1

CVE-2023-29405 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...

EulerOS 2.0 SP10 : golang (EulerOS-SA-2023-2786)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization...

Oracle TimesTen 18.x < 18.1.4.39.0, 22.x < 22.1.1.18.0 Multiple Vulnerabilities (October 2023 CPU)

The version of Oracle TimesTen installed on the remote host is 18.x prior to 18.1.4.39.0 or 22.x prior to 22.1.1.18.0. It is, therefore, affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory: - Security-in-Depth issue in the TimesTen In-Memory Database product of...

CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...

Security Bulletin: Multiple vulnerabilities affect IBM Db2® REST

Summary IBM has released the below fix for IBM Db2® REST in response to multiple vulnerabilities found in multiple components. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-29402 DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrary code on the...

Security Bulletin: IBM Storage Protect Server is susceptible to numerous vulnerabilities due to Golang Go (CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29406, CVE-2023-29400, CVE-2023-24540, CVE-2023-24539, X-Force 250518)

Summary Golang Go is used by the IBM Storage Protect Server OSSM component. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2023-29403 DESCRIPTION: Golang Go could allow a local authenticated attacker to gain elevated privileges on the system,...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2842)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2859)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2810)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...