Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7147 matches found

Github Security Blog
Github Security Blogadded 2026/04/14 1:11 a.m.2 views

gdown Affected by Arbitrary File Write via Path Traversal in gdown.extractall

Summary The gdown library tested on v5.2.1 is vulnerable to a Path Traversal attack within its extractall functionality. When extracting a maliciously crafted ZIP or TAR archive, the library fails to sanitize or validate the filenames of the archive members. This allow files to be written outside...

7.8CVSS6AI score0.00105EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/14 12:0 a.m.2 views

PT-2026-32968

Impact This vulnerability impacts users of zarf package inspect sbom or zarf package inspect documentation on untrusted packages. Patches 4793, now fixed in version v0.74.2 Workarounds Avoid inspecting unsigned packages Description The package inspect sbom and package inspect documentation...

7.1CVSS5.9AI score0.00053EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/04/14 12:0 a.m.5 views

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2026-429:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-429:01 advisory. cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive CVE-2025-61731 net/url: Incorrect parsing of IPv6 host literals in net/url...

7.8CVSS5.9AI score0.00044EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/04/13 7:23 p.m.2 views

CVE-2026-33704

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user including students can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are...

8.8CVSS6AI score0.00305EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/04/13 5:44 p.m.0 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

7.8CVSS5.9AI score0.00006EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2026/04/13 5:44 p.m.2 views

Important: Red Hat Security Advisory: golang security update

An update for golang is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS5.8AI score0.00044EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/04/13 4:34 p.m.4 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

7.8CVSS5.9AI score0.00006EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2026/04/13 4:34 p.m.3 views

Important: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has...

7.8CVSS5.8AI score0.00044EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/04/13 4:31 p.m.1 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

7.8CVSS5.9AI score0.00006EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2026/04/13 4:31 p.m.2 views

Important: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.8CVSS5.8AI score0.00044EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/04/13 4:26 p.m.3 views

Important: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. ...

7.8CVSS7.1AI score0.00044EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/04/13 4:26 p.m.0 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

7.8CVSS7.2AI score0.00006EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2026/04/13 4:21 p.m.1 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

7.8CVSS7.2AI score0.00006EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2026/04/13 4:21 p.m.2 views

Important: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS7.1AI score0.00044EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/04/13 10:25 a.m.4 views

Important: Red Hat Security Advisory: golang security update

An update for golang is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS7.1AI score0.00044EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/04/13 10:25 a.m.2 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

7.8CVSS7.2AI score0.00006EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2026/04/13 9:59 a.m.2 views

Important: Red Hat Security Advisory: golang security update

An update for golang is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS7.1AI score0.00044EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/04/13 9:59 a.m.1 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

7.8CVSS7.2AI score0.00006EPSS
Exploits0References8
OSV
OSVadded 2026/04/13 5:42 a.m.1 views

BIT-LOGSTASH-2026-33466 Improper Limitation of a Pathname to a Restricted Directory in Logstash Leading to Arbitrary File Write

Improper Limitation of a Pathname to a Restricted Directory CWE-22 in Logstash can lead to arbitrary file write and potentially remote code execution via Relative Path Traversal CAPEC-139. The archive extraction utilities used by Logstash do not properly validate file paths within compressed...

9.8CVSS6.5AI score0.00597EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/13 12:0 a.m.2 views

PT-2026-32434

Improper Limitation of a Pathname to a Restricted Directory CWE-22 in Logstash can lead to arbitrary file write and potentially remote code execution via Relative Path Traversal CAPEC-139. The archive extraction utilities used by Logstash do not properly validate file paths within compressed...

8.1CVSS6.5AI score0.00597EPSS
Exploits0References3
Rows per page
Query Builder