CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-2567

Malware in sbrugna...

7.5CVSS6.8AI score0.00147EPSS

Exploits0References58

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-13036

Malware in sbrugna...

4.7CVSS6AI score0.0002EPSS

Exploits1References15

Tenable Nessus•added 2025/03/04 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2020-16845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. CVE-2020-16845 Note...

7.5CVSS6.8AI score0.00147EPSS

Exploits0References3

Tenable Nessus•added 2024/06/03 12:0 a.m.•25 views

RHEL 6 : tar (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: null-pointer dereference in paxdecodeheader in...

7.5CVSS6.9AI score0.14261EPSS

Exploits4References5

Tenable Nessus•added 2024/05/11 12:0 a.m.•27 views

RHEL 6 : tar (Unpatched Vulnerability)

6.4AI score0.14261EPSS

Exploits5References6

Tenable Nessus•added 2024/05/11 12:0 a.m.•13 views

RHEL 5 : tar (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - GNU Tar through 1.30, when --sparse is used,...

6.3AI score0.14261EPSS

Exploits4References2

Tenable Nessus•added 2023/09/07 12:0 a.m.•29 views

Oracle Linux 7 : docker-cli / docker-engine (ELSA-2020-5823)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5823 advisory. - Address CVE-2020-16845 - update to 19.03.11 for CVE-2020-13401 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes CVE-2019-5736 - Address CVE-2020-16845 ...

9.3CVSS7AI score0.59178EPSS

Exploits33References2

SUSE CVE•added 2023/02/15 3:55 a.m.•4 views

SUSE CVE-2020-16845

Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...

5.3CVSS7.1AI score0.00147EPSS

Exploits0References8

Tenable Nessus•added 2022/11/15 12:0 a.m.•38 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Go vulnerability (USN-5725-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5725-1 advisory. Diederik Loerakker, Jonny Rhea, Ral Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker cou...

7.5CVSS6.9AI score0.00147EPSS

Exploits0References2

OpenVAS•added 2022/05/17 12:0 a.m.•25 views

openSUSE: Security Advisory for tar (SUSE-SU-2022:1548-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS5.7AI score0.004EPSS

Exploits1References2

OSV•added 2022/05/05 2:45 p.m.•5 views

SUSE-SU-2022:1548-1 Security update for tar

This update for tar fixes the following issues: - CVE-2021-20193: Fixed a memory leak in readheader in list.c bsc1181131. - CVE-2019-9923: Fixed a null-pointer dereference in paxdecodeheader in sparse.c bsc1130496. - CVE-2018-20482: Fixed infinite read loop in sparsedumpregion in sparse.c...

7.5CVSS4.8AI score0.004EPSS

Exploits1References8

Tenable Nessus•added 2021/11/29 12:0 a.m.•24 views

Debian DLA-2830-1 : tar - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2830 advisory. An infinite loop when --sparse is used with file shrinkage during read access was fixed in the GNU tar archiving utility. For Debian 9 stretch, this problem has been fixed ...

4.7CVSS6.4AI score0.0002EPSS

Exploits1References6

IBM Security Bulletins•added 2021/02/26 2:33 p.m.•30 views

Security Bulletin: IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-16845)

Summary IBM Cloud Private is vulnerable to a Go vulnerability Vulnerability Details CVEID: CVE-2020-16845 DESCRIPTION: Go Language is vulnerable to a denial of service, caused by an infinite read loop in ReadUvarint and ReadVarint in encoding/binary. By sending a specially-crafted input, a remote...

7.5CVSS0.6AI score0.00147EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2021/02/04 9:36 p.m.•46 views

Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC.

Summary Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC. Vulnerability Details CVEID: CVE-2020-7919 DESCRIPTION: Go is vulnerable to a denial of service. By sending a malformed X.509 certificate, a remote attacker could exploit this...

7.8CVSS0.7AI score0.18682EPSS

Exploits9Affected Software1

OpenVAS•added 2021/01/19 12:0 a.m.•12 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1073)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.50822EPSS

Exploits3References2

IBM Security Bulletins•added 2020/10/08 1:53 a.m.•31 views

Security Bulletin: API Connect is vulnerable to denial of service (CVE-2020-16845)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-16845 DESCRIPTION: Go Language is vulnerable to a denial of service, caused by an infinite read loop in ReadUvarint and ReadVarint in encoding/binary. By sending a specially-crafted input, a...

7.5CVSS1.1AI score0.00147EPSS

Exploits0Affected Software1

Tenable Nessus•added 2020/08/31 12:0 a.m.•153 views

Oracle Linux 7 : coredns / cri-o / cri-tools / etcd / flannel / kata / kata-agent / kata-image / kata-ksm-throttler / kata-proxy / kata-runtime / kata-shim / kubernetes / kubernetes-cni / kubernetes-cni-plugins / kubernetes-dashboard / olcne / yq (ELSA-2020-5828)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5828 advisory. - Address CVE-2020-16845 - Address CVE-2020-16845 cri-tools - Address CVE-2020-16845 etcd - Address CVE-2020-16845 - Address CVE-2020-16845 - Address...

7.5CVSS6.9AI score0.00147EPSS

Exploits0References2

OpenVAS•added 2020/08/31 12:0 a.m.•18 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2020-1852)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.00147EPSS

Exploits0References2

Tenable Nessus•added 2020/08/28 12:0 a.m.•24 views

EulerOS 2.0 SP8 : golang (EulerOS-SA-2020-1852)

According to the version of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid...

7.5CVSS6.9AI score0.00147EPSS

Exploits0References2