Lucene search
K

48 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 8 : git-lfs-3.4.1-2.el8 (AXSA:2024-8248:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8248:04 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of...

7.5CVSS7.1AI score0.91969EPSS
Exploits1References5
F5 Networks
F5 Networks
added 2025/07/16 7:39 p.m.10 views

K000152608: Golang vulnerabilities CVE-2023-39320, CVE-2023-39323, CVE-2023-45289, and CVE-2024-24788

Security Advisory Description CVE-2023-39320 The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command...

9.8CVSS7.7AI score0.01762EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: git-lfs (TSSA-2024:0231)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0231 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.2AI score0.91969EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.17 views

Alibaba Cloud Linux 3 : 0100: go-toolset:rhel8 (ALINUX3-SA-2024:0100)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0100 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-45288: An attacker may cause an...

7.5CVSS7.5AI score0.91969EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0165: git-lfs (ALINUX3-SA-2024:0165)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0165 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-45288: An attacker may cause an...

7.5CVSS7.5AI score0.91969EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-45289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive heade...

4.3CVSS6.8AI score0.0108EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/10/25 12:0 a.m.31 views

openSUSE Security Advisory (SUSE-SU-2024:3755-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.91969EPSS
Exploits2References15
OSV
OSV
added 2024/10/24 7:54 a.m.20 views

SUSE-SU-2024:3755-1 Security update for go1.21-openssl

This update for go1.21-openssl fixes the following issues: - CVE-2024-24791: Fixed denial of service due to improper 100-continue handling bsc1227314 - CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip bsc1225973 - CVE-2024-24790: Fixed unexpected behavior from ...

9.8CVSS8.4AI score0.91969EPSS
Exploits2References23
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/02 9:52 a.m.16 views

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Golang Go sensitive information disclosure vulnerabilitiy( CVE-2023-45289)

Summary Potential Golang Go sensitive information disclosure vulnerabilitiyCVE-2023-45289 has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-45289 DESCRIPTION:...

4.3CVSS7.8AI score0.0108EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2024/09/06 12:0 a.m.29 views

openSUSE Security Advisory (SUSE-SU-2024:3089-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.91969EPSS
Exploits2References15
OpenVAS
OpenVAS
added 2024/09/04 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2024:3089-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.91969EPSS
Exploits2References15
Tenable Nessus
Tenable Nessus
added 2024/08/29 12:0 a.m.14 views

Amazon Linux 2 : docker (ALASDOCKER-2024-045)

The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2024-045 advisory. When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an...

9.8CVSS7AI score0.01952EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/24 11:2 a.m.34 views

Security Bulletin: Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to Go vulnerabilities CVE-2023-45290, CVE-2024-24783, CVE-2024-24785, CVE-2023-45289, CVE-2024-24784 & CVE-2024-24788

Summary Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to denial of service and remote code execution due to Go vulnerabilities CVE-2023-45290, CVE-2024-24783, CVE-2024-24785, CVE-2023-45289, CVE-2024-24784 & CVE-2024-24788. These have been remediated. Vulnerability Details...

7.5CVSS8.7AI score0.01165EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/16 12:0 a.m.19 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2024-1934)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward...

7.5CVSS7.7AI score0.91969EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/07/16 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1934)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.91969EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/07/16 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1961)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.91969EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/07/10 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-6886-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.91969EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.39 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Go vulnerabilities (USN-6886-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6886-1 advisory. It was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes...

9.8CVSS7.6AI score0.91969EPSS
Exploits1References10
Ubuntu
Ubuntu
added 2024/07/09 12:12 p.m.73 views

USN-6886-1: Go vulnerabilities

It was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

9.8CVSS7.3AI score0.91969EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/07/01 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1856)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.4AI score0.01165EPSS
Exploits0References2
Rows per page
Query Builder