CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/08/26 12:0 a.m.•4 views

Alibaba Cloud Linux 3 : 0141: go-toolset:an8 (ALINUX3-SA-2025:0141)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0141 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-4674: The go command may execute unexpecte...

8.6CVSS7.5AI score0.00022EPSS

Tenable Nessus•added 2025/08/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-4674

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in...

8.6CVSS6.8AI score0.00022EPSS

Microsoft CVE•added 2024/06/30 2:0 p.m.•2 views

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example cgo can execute a gcc program from an untrusted download).

...

7.5CVSS8AI score0.00137EPSS

Exploits0

OpenVAS•added 2024/03/13 12:0 a.m.•24 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1335)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.00123EPSS

Tenable Nessus•added 2024/03/12 12:0 a.m.•40 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-1214)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...

7.5CVSS7AI score0.00123EPSS

OpenVAS•added 2024/03/12 12:0 a.m.•26 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1214)

7.5CVSS6.7AI score0.00123EPSS

Tenable Nessus•added 2024/03/12 12:0 a.m.•29 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-1313)

7.5CVSS7AI score0.00123EPSS

Tenable Nessus•added 2024/03/07 12:0 a.m.•41 views

Oracle Linux 9 : golang (ELSA-2024-1131)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1131 advisory. 1.20.12-1 - Rebase to 1.20.12 - Fix CVE-2023-45285 CVE-2023-39326 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.5CVSS7.2AI score0.00123EPSS

Tenable Nessus•added 2024/03/07 12:0 a.m.•25 views

AlmaLinux 9 : golang (ALSA-2024:1131)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1131 advisory. - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network th...

OSV•added 2024/03/06 11:5 a.m.•23 views

BIT-GOLANG-2021-3115

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo for example, cgo can execute a gcc program from an untrusted download...

7.5CVSS8.2AI score0.00137EPSS

Exploits0References6

Tenable Nessus•added 2024/02/22 12:0 a.m.•38 views

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2024:0887)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0887 advisory. golang: net/http/internal: Denial of Service DoS via Resource Consumption via HTTP requests CVE-2023-39326 golang: cmd/go: Protocol Fallback when fetching...

Tenable Nessus•added 2024/02/20 12:0 a.m.•74 views

RHEL 8 : go-toolset:rhel8 (RHSA-2024:0887)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0887 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang:...

7.5CVSS7.2AI score0.00123EPSS

Exploits0References7

Tenable Nessus•added 2023/12/13 12:0 a.m.•35 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.21 (SUSE-SU-2023:4709-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4709-1 advisory. - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or...

Tenable Nessus•added 2023/12/12 12:0 a.m.•27 views

Exploits0References11

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.20 (SUSE-SU-2023:4708-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4708-1 advisory. - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or...

Tenable Nessus•added 2023/12/08 12:0 a.m.•28 views

Exploits0References11

Golang 1.20.x < 1.20.12, 1.21.x < 1.21.5 Multiple Vulnerabilities

The version of Golang running on the remote host is prior to 1.20.12 or 1.21.x prior to 1.21.5. It is, therefore, is affected by multiple vulnerabilities : - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from t...