4558 matches found
CVE-2025-61731
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
CVE-2025-61731
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
AZL-78935 CVE-2025-61731 affecting package golang 1.25.7-1
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
UBUNTU-CVE-2025-61731
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
CVE-2025-61731
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
EUVD-2025-206447
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
CVE-2025-61731 Arbitrary file write using cgo pkg-config directive in cmd/go
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
CVE-2025-61731 Arbitrary file write using cgo pkg-config directive in cmd/go
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path. Go Vulnerability Report: Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive i...
GO-2026-4339 Arbitrary file write using cgo pkg-config directive in cmd/go
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
CVE-2026-0905
CVE-2026-0905: Insufficient policy enforcement in the Network component of Google Chrome/Chromium before 144.0.7559.59 could let an attacker with access to a network log file potentially obtain sensitive information. Affected software includes Chrome/Chromium builds; CVSS 3.1 metrics indicate Net...
CVE-2026-0905
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. Chromium security severity: Medium...
MiracleLinux 9 : skopeo-1.16.1-1.el9 (AXSA:2024-9102:06)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9102:06 advisory. containers/image: digest type does not guarantee valid type CVE-2024-3727 golang: net: malformed DNS message can cause infinite loop CVE-2024-24788...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the checkJdbcConnParams and decode functions. An attacker can access sensitive information, such as plaintext passwords, by causing a Base64 decoding failure, which results in the...