Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21 matches found

Nuclei
Nucleiadded 2 days ago61 views

Gogs <= 0.13.3 - Remote Code Execution

Gogs self-hosted Git service versions 0.13.3 and earlier contain a critical symlink bypass vulnerability that circumvents the fix for CVE-2024-55947. Authenticated users can exploit improper symbolic link handling in the PutContents API to overwrite files outside the repository by committing a...

8.8CVSS7.7AI score0.75675EPSS
Exploits17References4
GithubExploit
GithubExploitadded 2026/04/12 12:6 p.m.122 views

Exploit for Path Traversal in Gogs

Gogs CVE-2025-8110 RCE Exploit An automated Python exploit fo...

8.8CVSS7.4AI score0.17737EPSS
Exploits14
GithubExploit
GithubExploitadded 2026/04/11 10:22 p.m.99 views

Exploit for CVE-2025-81110

CVE-2025-81110-PoC Improper Symbolic link handling in the PutC...

6AI score
Exploits1
Snyk
Snykadded 2026/02/06 6:52 p.m.4 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the PutContents function accessible via the /repos/:owner/:repo/contents/ endpoint. A user with read permissions can modify repository contents via git push. Remediation Upgrade gogs.io/gogs/internal/osutil to...

7.1CVSS5.5AI score0.00019EPSS
Exploits0References2
Snyk
Snykadded 2026/02/06 6:52 p.m.2 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the PutContents function accessible via the /repos/:owner/:repo/contents/ endpoint. A user with read permissions can modify repository contents via git push. Remediation Upgrade gogs.io/gogs/internal/database to...

7.1CVSS5.5AI score0.00019EPSS
Exploits0References2
Snyk
Snykadded 2026/02/06 6:52 p.m.3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the PutContents function accessible via the /repos/:owner/:repo/contents/ endpoint. A user with read permissions can modify repository contents via git push. Remediation Upgrade...

7.1CVSS5.5AI score0.00019EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalogadded 2026/01/12 12:0 a.m.9 views

Gogs Path Traversal Vulnerability

Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that could allow for code execution...

8.8CVSS7.5AI score0.17737EPSS
In wildExploits14
SUSE CVE
SUSE CVEadded 2026/01/06 12:28 a.m.2 views

SUSE CVE-2025-8110

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

8.8CVSS7.1AI score0.17737EPSS
Exploits14References2
Veracode
Veracodeadded 2025/12/11 7:31 p.m.3 views

Improper Symbolic Link Handling

Gogs is vulnerable to Improper Symbolic Link Handling. The vulnerability is due to the PutContents API not properly validating or restricting symbolic links, which allows an attacker to manipulate file paths and execute code locally on the system...

8.8CVSS7.5AI score0.17737EPSS
Exploits14References10Affected Software1
RedhatCVE
RedhatCVEadded 2025/12/11 2:0 p.m.1 views

CVE-2025-8110

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

8.7CVSS7AI score0.17737EPSS
Exploits14References1
GithubExploit
GithubExploitadded 2025/12/11 10:37 a.m.167 views

Exploit for CVE-2025-8110

CVE-2025-8110 Improper Symbolic link handling in the PutCont...

8.7CVSS6.7AI score0.17737EPSS
Exploits14
The Hacker News
The Hacker Newsadded 2025/12/11 10:30 a.m.3 views

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 CVSS score: 8.7, is a case of file overwrite in the file updat...

8.8CVSS8.3AI score0.75675EPSS
Exploits17
Snyk
Snykadded 2025/12/10 3:31 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via improper handling of symbolic links in the PutContents API. If open registration is enabled, an attacker can execute arbitrary code on the system by uploading files that exploit symbolic link traversal. This...

8.8CVSS8.7AI score0.75675EPSS
Exploits17References2
Snyk
Snykadded 2025/12/10 3:31 p.m.1 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via improper handling of symbolic links in the PutContents API. If open registration is enabled, an attacker can execute arbitrary code on the system by uploading files that exploit symbolic link traversal. This...

8.8CVSS8.7AI score0.75675EPSS
Exploits17References2
Snyk
Snykadded 2025/12/10 3:31 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via improper handling of symbolic links in the PutContents API. If open registration is enabled, an attacker can execute arbitrary code on the system by uploading files that exploit symbolic link traversal. This...

8.8CVSS8.6AI score0.75675EPSS
Exploits17References2
Github Security Blog
Github Security Blogadded 2025/12/10 3:31 p.m.4 views

Gogs vulnerable to a bypass of CVE-2024-55947

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

8.8CVSS7AI score0.17737EPSS
Exploits14References12Affected Software1
OSV
OSVadded 2025/12/10 3:31 p.m.1 views

GHSA-MQ8M-42GH-WQ7R Gogs vulnerable to a bypass of CVE-2024-55947

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

8.7CVSS6.9AI score0.17737EPSS
Exploits14References13
OSV
OSVadded 2025/12/10 2:16 p.m.1 views

CVE-2025-8110

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

8.8CVSS6.9AI score0.17737EPSS
Exploits14References9
VulnCheck KEV
VulnCheck KEVadded 2025/12/10 12:0 a.m.1 views

VulnCheck KEV: CVE-2025-8110

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

8.8CVSS5.8AI score0.17737EPSS
In wildExploits14References7
CNNVD
CNNVDadded 2025/12/10 12:0 a.m.2 views

Gogs 安全漏洞

Gogs Go Git Service is a self-service Git hosting service based on the Go language by the Gogs team, which supports creating and migrating public/private repositories, adding and removing repository collaborators, and so on. A security vulnerability exists in Gogs, which stems from the mishandlin...

8.8CVSS8AI score0.17737EPSS
Exploits14References1
Rows per page
Query Builder