Lucene search
K

2023 matches found

RedHat Linux
RedHat Linux
added 2019/06/18 5:21 p.m.137 views

Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.1CVSS6.7AI score0.02346EPSS
Exploits1References2
Securelist
Securelist
added 2019/05/23 10:0 a.m.3223 views

IT threat evolution Q1 2019

Targeted attacks and malware campaigns Go Zebrocy Zebrocy was first observed being used as a Sofacy backdoor in 2015. However, the collection of cases where this tool has been used mean that we consider it a subset of activity in its own right. On the basis of this threat actor's past behaviour, ...

7.2CVSS7.8AI score0.96274EPSS
Exploits13
OSV
OSV
added 2019/05/22 5:29 p.m.3 views

DEBIAN-CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

5.9CVSS7.2AI score0.02002EPSS
Exploits2References1
NVD
NVD
added 2019/05/13 5:29 a.m.33 views

CVE-2019-11888

Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges...

9.8CVSS9.3AI score0.02688EPSS
Exploits0References1
OSV
OSV
added 2019/05/06 4:29 p.m.4 views

UBUNTU-CVE-2019-3564

Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift...

7.5CVSS7.1AI score0.01994EPSS
Exploits0References5
OSV
OSV
added 2019/04/24 9:29 p.m.2 views

UBUNTU-CVE-2017-18367

libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument...

7.5CVSS7.1AI score0.0245EPSS
Exploits0References5
Kitploit
Kitploit
added 2019/04/19 10:19 p.m.184 views

mongoBuster - Hunt Open MongoDB Instances

Hunt Open MongoDB instances! Features Worlds fastest and most efficient scanner Uses Masscan . Scans entire internet by default, So fire the tool and chill. Hyper efficient - Uses Go-routines which are even lighter than threads. Pre-Requisites - Go language sudo apt install golang Masscan sudo ap...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2019/03/15 12:0 a.m.2 views

Google Go CRLF Injection Vulnerability

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. A CRLF injection vulnerability exists in net/http in Google Go version 1.11.5, which can be exploited by remote attackers to manipulate HTTP headers and attack an internal host...

6.1CVSS7.3AI score0.02346EPSS
Exploits1References1
Hacker One
Hacker One
added 2019/03/09 2:1 p.m.12 views

50m-ctf: `Cody trolled us all` h1-702 CTF write-up

Premise I use not to play CTF challenges because they usually absorb me entirely. I cannot think of anything else but "I want that flag!". That said, this is going to be a long story: no princess, no dragoons, only a tweet. https://twitter.com/Hacker0x01/status/1100543680383832065 Level 0 - Nothi...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2019/03/08 12:0 a.m.4 views

PT-2019-19768 · Google · Go

Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.12.2 Description: The issue is related to the misuse of certain LoadLibrary functionality in Go on Windows, leading to DLL injection. Recommendations: For Go versions prior to 1.12.2, update to version 1.12.2 or later t...

7.8CVSS7.7AI score0.03326EPSS
Exploits1References12
BDU FSTEC
BDU FSTEC
added 2019/02/19 12:0 a.m.4 views

The vulnerability of the Go programming language’s crypto module, which allows a hacker to trigger a service failure

The vulnerability of the Go programming language’s crypto module exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.2AI score0.04326EPSS
Exploits0References5Affected Software3
Kitploit
Kitploit
added 2019/02/13 12:53 p.m.220 views

CDF - Crypto Differential Fuzzing

CDF is a tool to automatically test the correctness and security of cryptographic software. CDF can detect implementation errors, compliance failures, side-channel leaks, and so on. CDF implements a combination of unit tests with "differential fuzzing", an approach that compares the behavior of...

7AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2019/01/24 5:29 a.m.25 views

CVE-2019-6486

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service CPU consumption or possibly conduct ECDH private key recovery attacks...

8.2CVSS7.1AI score0.04326EPSS
Exploits0References2
NVD
NVD
added 2019/01/24 5:29 a.m.20 views

CVE-2019-6486

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service CPU consumption or possibly conduct ECDH private key recovery attacks...

8.2CVSS8.3AI score0.04326EPSS
Exploits0References12
Prion
Prion
added 2019/01/24 5:29 a.m.22 views

Command injection

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service CPU consumption or possibly conduct ECDH private key recovery attacks...

6.4CVSS7.9AI score0.04326EPSS
Exploits0References12Affected Software3
Cvelist
Cvelist
added 2019/01/24 5:0 a.m.26 views

CVE-2019-6486

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service CPU consumption or possibly conduct ECDH private key recovery attacks...

8AI score0.04326EPSS
Exploits0References12
n0where
n0where
added 2019/01/22 3:47 a.m.326 views

Flexible and Powerful Reverse Proxy: Modlishka

Modlishka is a flexible and powerful reverse proxy, that will take your phishing campaigns to the next level. It was realeased with an aim to: help penetration testers to carry out an effective phishing campaign and reinforce the fact that serious threat can arise from phishing. show current 2FA...

1.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/12/18 9:48 p.m.12 views

Sofacy Russia-Linked APT Debuts Fresh Zebrocy Variant

The Zebrocy trojan – a custom downloader malware used by Russia-linked APT Sofacy a.k.a. APT28, Fancy Bear or Sednit – has a new variant. While it’s functionally much the same as its other versions, the new code was written using the Go programming language. The similarities between the new paylo...

0.2AI score
Exploits0References3
ArchLinux
ArchLinux
added 2018/12/18 12:0 a.m.55 views

[ASA-201812-11] go: multiple issues

Arch Linux Security Advisory ASA-201812-11 ========================================== Severity: High Date : 2018-12-18 CVE-ID : CVE-2018-16873 CVE-2018-16874 CVE-2018-16875 Package : go Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-835 Summary ======= The package g...

8.1CVSS1.2AI score0.66252EPSS
Exploits0References14
NVD
NVD
added 2018/12/14 2:29 p.m.24 views

CVE-2018-16875

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients a...

7.8CVSS6.5AI score0.06325EPSS
Exploits0References9
Rows per page
Query Builder