Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

Positive Technologies
Positive Technologiesadded 2026/04/08 12:0 a.m.1 views

PT-2026-31469

UAC Unix-like Artifacts Collector before 3.3.0-rc1 contains a command injection vulnerability in the placeholder substitution and command execution pipeline where the run command function passes constructed command strings directly to eval without proper sanitization. Attackers can inject shell...

8.5CVSS6.2AI score0.0002EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2026/02/13 4:35 p.m.6 views

CVE-2026-26226 beautiful-mermaid < 0.1.3 SVG Attribute Injection

beautiful-mermaid versions prior to 0.1.3 contain an SVG attribute injection issue that can lead to cross-site scripting XSS when rendering attacker-controlled Mermaid diagrams. User-controlled values from Mermaid style and classDef directives are interpolated into SVG attribute values without...

5.3CVSS5.5AI score0.00033EPSS
Exploits0References4
OSV
OSVadded 2024/12/18 12:0 p.m.4 views

RUSTSEC-2024-0432 Malicious plugin names, recipients, or identities can cause arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the rage CLI through an attacker-controlled recipient or identity string, or an attacker-controlled plugin name via the -j flag. On UNIX systems, a directory...

7.3AI score
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/05/14 12:0 a.m.16 views

Rocky Linux 9 : grafana-pcp (RLSA-2024:1502)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:1502 advisory. - A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled...

7.5CVSS7.8AI score0.01379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/05/08 12:0 a.m.15 views

Oracle Linux 9 : grafana-pcp (ELSA-2024-2569)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2569 advisory. 5.1.1-2 - fix CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

7.5CVSS8.1AI score0.01379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/04/30 12:0 a.m.12 views

RHEL 9 : grafana-pcp (RHSA-2024:2569)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2569 advisory. grafana-pcp is an open source Grafana plugin for PCP. Security Fixes: grafana-pcp: golang-fips/openssl: Memory leaks in code encrypting and decryptin...

7.5CVSS8.2AI score0.01379EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2024/04/26 8:17 p.m.3 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01379EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2024/04/03 12:0 a.m.21 views

RHEL 9 : Red Hat build of MicroShift 4.14.19 (RHSA-2024:1566)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1566 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the ed...

7.5CVSS8.1AI score0.01379EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/04/03 12:0 a.m.15 views

AlmaLinux 8 : grafana (ALSA-2024:1646)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:1646 advisory. - A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled...

7.5CVSS7.8AI score0.01379EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2024/04/02 7:34 p.m.2 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01379EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2024/03/26 12:0 a.m.20 views

Oracle Linux 9 : grafana-pcp (ELSA-2024-1502)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1502 advisory. 5.1.1-2 - Rebuild with latest version of golang - resolves CVE-CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linu...

7.5CVSS8.1AI score0.01379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/03/25 12:0 a.m.27 views

RHEL 9 : grafana (RHSA-2024:1501)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1501 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana:...

7.5CVSS8.2AI score0.01379EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/03/22 12:0 a.m.26 views

AlmaLinux 9 : golang (ALSA-2024:1462)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1462 advisory. - A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled...

7.5CVSS7.8AI score0.01379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/03/22 12:0 a.m.19 views

Oracle Linux 8 : go-toolset:ol8 (ELSA-2024-1472)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1472 advisory. - Fix CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

7.5CVSS8.1AI score0.01379EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/03/21 12:16 p.m.29 views

CVE-2024-1394 Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS6.8AI score0.01379EPSS
Exploits0References46
Tenable Nessus
Tenable Nessusadded 2024/03/21 12:0 a.m.24 views

Oracle Linux 9 : golang (ELSA-2024-1462)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1462 advisory. - Fix CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

7.5CVSS8.1AI score0.01379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/03/21 12:0 a.m.21 views

RHEL 8 : go-toolset:rhel8 (RHSA-2024:1472)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1472 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang-fips/openssl: Memory...

7.5CVSS8.2AI score0.01379EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/03/21 12:0 a.m.18 views

RHEL 9 : golang (RHSA-2024:1462)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1462 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: golang-fips/openssl: Memory leaks in code encrypting and...

7.5CVSS8.2AI score0.01379EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2024/03/20 6:1 p.m.48 views

CVE-2024-1394

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.6AI score0.01379EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2020/09/29 8:46 p.m.0 views

cpio: improper input validation when writing tar header fields leads to unexpected tar generation

It was discovered cpio does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to...

7.3CVSS7.2AI score0.00032EPSS
Exploits1References4
Rows per page
Query Builder