Lucene search
+L

51 matches found

Redos
Redos
added 2026/07/10 12:0 a.m.5 views

ROS-20260710-73-0031

The vulnerability of the Go programming language is related to the incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.4CVSS6.1AI score0.00292EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/06/05 12:3 p.m.30 views

image-builder security update

An update is available for image-builder. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A local binary for building customized OS artifacts such as VM images a...

10CVSS6.7AI score0.01945EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2026/06/04 12:43 p.m.3 views

net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...

5.3CVSS6.1AI score0.0037EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

quic-go 安全漏洞

Quic-go is a implementation of the QUIC protocol and RFC 9000 protocol in Go, developed by Lucas Clemente. Versions of quic-go prior to 0.59.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of size constraints on the decoded trailer fields in the HTTP/3...

7.5CVSS5.3AI score0.00279EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/03 7:49 a.m.19 views

Important: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.5CVSS5.9AI score0.00621EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.6 views

The vulnerability of the Go programming language, which comes with unlimited resource distribution, allows attackers to cause service failures.

The vulnerability of the Go programming language is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS5.8AI score0.00621EPSS
Exploits0References7Affected Software28
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Golang-1.19, Golang-1.23

Canceling a query for example, by canceling the context passed to one of the query methods during a call to the Scan method of the returned Rows can lead to unexpected results if other queries are being executed in parallel. This can cause a race condition, which may overwrite the expected result...

7CVSS6.7AI score0.00355EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.20 views

RHEL 9 : grafana-pcp (RHSA-2026:19351)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19351 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References6
Redos
Redos
added 2026/05/07 12:0 a.m.11 views

ROS-20260507-73-0012

Vulnerability in golang related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS5.8AI score0.00615EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go; this vulnerability arises from parsing email addresses according to RFC 5322. Pathological inputs may...

7.5CVSS5.8AI score0.00798EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.11 views

RHCOS 4 : OpenShift Container Platform 4.8.15 (RHSA-2021:3820)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3820 advisory. - jenkins: improper permission checks allow canceling queue items and aborting builds CVE-2021-21670 - jenkins: session fixation...

7.5CVSS7.2AI score0.06975EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.11 views

RHCOS 4 : OpenShift Container Platform 4.6.6 (RHSA-2020:5159)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5159 advisory. - golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs CVE-2020-16845 Note that Nessus has not tested...

7.5CVSS5.9AI score0.0473EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/30 3:3 a.m.14 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References8
Redos
Redos
added 2026/04/30 12:0 a.m.5 views

ROS-20260430-73-0016

Vulnerability in golang related to errors in certificate authentication procedure. The vulnerability can be exploited remotely...

8.8CVSS5.3AI score0.0034EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/13 9:59 p.m.9 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS5.8AI score0.00459EPSS
Exploits2References8
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from improper context tracking in JavaScript template literals. This can lead to content...

6.1CVSS7.1AI score0.0029EPSS
Exploits0References4
Redos
Redos
added 2026/03/27 12:0 a.m.20 views

ROS-20260327-73-0016

Vulnerability in golang related to access control flaws. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.5CVSS5.9AI score0.00728EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/18 10:44 a.m.8 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS6.6AI score0.00459EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2026-1606)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion.CVE-2025-58185 When Conn.Handshake fai...

7.5CVSS5.9AI score0.00526EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.10 views

AlmaLinux 9 : osbuild-composer (ALSA-2026:3753)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3753 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: archive/zip: Excessive CPU...

10CVSS7.2AI score0.01945EPSS
Exploits4References6
Rows per page
Query Builder