Lucene search
K

215 matches found

Positive Technologies
Positive Technologies
added 2025/02/05 12:0 a.m.4 views

PT-2025-5822 · Bolt · Bolt

Name of the Vulnerable Software and Affected Versions: bolt affected versions not specified Description: The issue concerns a malicious module that attempts to take advantage of confusion with the github.com/boltdb/bolt module, acting as a typosquat. Recommendations: At the moment, there is no...

6.9AI score
Exploits0References1
Packet Storm
Packet Storm
added 2024/05/20 12:0 a.m.351 views

Backdrop CMS 1.27.1 Remote Command Execution

Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution RCE Date: 04/27/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.27.1/backdrop.zip Version: latest Tested on: MacOS import os impor...

7.4AI score
Exploits0
OSV
OSV
added 2024/03/06 10:55 a.m.35 views

BIT-GOLANG-2023-29404 Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS9.1AI score0.01837EPSS
Exploits0References9
OSV
OSV
added 2024/03/06 10:55 a.m.28 views

BIT-GOLANG-2023-29405 Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS9AI score0.01728EPSS
Exploits0References9
Code423n4
Code423n4
added 2023/10/20 12:0 a.m.34 views

Malicious Module can change the policy commit of a Gnosis Safe console Account

Lines of code Vulnerability details Impact The overall design of the Gnosis safe allows for the addition of a Module, modules are smart contracts that extend the ability of the Gnosis safe, which means that a module can be setup in such a way that it can perform actions that is meant to improve t...

7.3AI score
Exploits0
Veracode
Veracode
added 2023/07/10 12:2 a.m.33 views

Arbitrary Code Execution

go is vulnerable to Arbitrary Code Execution. The vulnerability may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code because arguments for a number of flags which are non-optional are incorrectly considered optional, allowing...

9.8CVSS7.3AI score0.01837EPSS
Exploits0References10Affected Software3
Veracode
Veracode
added 2023/07/10 12:1 a.m.36 views

Argument Injection

go is vulnerable to Argument Injection. Running "go get" or any intrusted code on a malicious module may execute arbitrary code at build time...

9.8CVSS7.7AI score0.01728EPSS
Exploits0References10Affected Software3
RedhatCVE
RedhatCVE
added 2023/06/26 6:17 p.m.76 views

CVE-2023-29405

A flaw was found in golang. The go command may execute arbitrary code at build time when using cgo. This can occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This can be triggered by linker flags, specified via a "cgo LDFLAGS"...

7.5CVSS9.3AI score0.01728EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2023/06/26 6:17 p.m.44 views

CVE-2023-29404

A flaw was found in golang. The go command may execute arbitrary code at build time when using cgo. This can occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This can be triggered by linker flags, specified via a "cgo LDFLAGS"...

7.5CVSS9.4AI score0.01837EPSS
Exploits0References7
NVD
NVD
added 2023/06/08 9:15 p.m.18 views

CVE-2023-29404

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS9.7AI score0.01837EPSS
Exploits0References8
NVD
NVD
added 2023/06/08 9:15 p.m.27 views

CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS9.7AI score0.01728EPSS
Exploits0References8
OSV
OSV
added 2023/06/08 9:15 p.m.2 views

DEBIAN-CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7.9AI score0.01728EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.7 views

AZL-37337 CVE-2023-29404 affecting package golang for versions less than 1.21.6-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS7.3AI score0.01837EPSS
Exploits0References1
Prion
Prion
added 2023/06/08 9:15 p.m.31 views

Command injection

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

7.5CVSS9.5AI score0.01728EPSS
Exploits0References7Affected Software2
Prion
Prion
added 2023/06/08 9:15 p.m.34 views

Command injection

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

7.5CVSS9.6AI score0.01837EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2023/06/08 9:15 p.m.6 views

UBUNTU-CVE-2023-29404

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS7AI score0.01837EPSS
Exploits0References8
Cvelist
Cvelist
added 2023/06/08 8:19 p.m.33 views

CVE-2023-29405 Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.9AI score0.01728EPSS
Exploits0References7
OSV
OSV
added 2023/06/08 8:19 p.m.27 views

CVE-2023-29405 Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7.4AI score0.01728EPSS
Exploits0References11
CVE
CVE
added 2023/06/08 8:19 p.m.560 views

CVE-2023-29405

CVE-2023-29405 affects the Go toolchain when using cgo with the go command. The vulnerability arises from how linker flags are parsed in #cgo LDFLAGS, where flags containing embedded spaces can be smuggled through LDFLAGS sanitization, and this only affects the gccgo workflow. The impact is poten...

9.8CVSS9.6AI score0.01728EPSS
Exploits0References8Affected Software1
AlpineLinux
AlpineLinux
added 2023/06/08 8:19 p.m.62 views

CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS9.8AI score0.01728EPSS
Exploits0
Rows per page
Query Builder