Lucene search
K

207 matches found

Amazon
Amazon
added 2026/02/05 12:0 a.m.8 views

Medium: cni-plugins

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS7.5AI score0.01945EPSS
Exploits2
OSV
OSV
added 2026/01/31 8:43 a.m.6 views

BIT-GOLANG-2025-68119 Unexpected code execution when invoking toolchain in cmd/go

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

7CVSS7.8AI score0.00335EPSS
Exploits0References5
OSV
OSV
added 2026/01/28 8:16 p.m.6 views

AZL-75698 CVE-2025-68119 affecting package golang for versions less than 1.24.12-1

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

7CVSS6.4AI score0.00335EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 8:16 p.m.8 views

CVE-2025-68119

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

7CVSS0.00335EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/28 8:16 p.m.8 views

CVE-2025-68119

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

7CVSS7.5AI score0.00335EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/28 7:30 p.m.24 views

CVE-2025-68119 Unexpected code execution when invoking toolchain in cmd/go

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

0.00335EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/28 7:30 p.m.4 views

CVE-2025-68119 Unexpected code execution when invoking toolchain in cmd/go

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

6.4AI score0.00335EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/01/28 7:30 p.m.5 views

CVE-2025-68119

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

7CVSS9AI score0.00335EPSS
Exploits0
CVE
CVE
added 2026/01/28 7:30 p.m.48 views

CVE-2025-68119

CVE-2025-68119 describes local code execution and arbitrary-file writes when downloading/building modules with malicious version strings in environments where external VCS tools are present. Specifically: on systems with Mercurial (hg), downloading modules from non-standard sources (e.g., custom ...

7CVSS7.8AI score0.00335EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/01/28 7:7 p.m.6 views

GO-2026-4338 Unexpected code execution when invoking toolchain in cmd/go

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

7CVSS6.3AI score0.00335EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.6 views

openSUSE 16 Security Update : go1.25 (openSUSE-SU-2026:20085-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20085-1 advisory. Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the...

10CVSS8.8AI score0.01945EPSS
Exploits2References19
OSV
OSV
added 2026/01/22 3:53 p.m.3 views

SUSE-SU-2026:20132-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

10CVSS7.7AI score0.01945EPSS
Exploits2References14
OSV
OSV
added 2026/01/22 3:49 p.m.5 views

OPENSUSE-SU-2026:20085-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

10CVSS6.4AI score0.01945EPSS
Exploits2References13
OSV
OSV
added 2026/01/22 12:53 p.m.3 views

OPENSUSE-SU-2026:20077-1 Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

10CVSS6.4AI score0.01945EPSS
Exploits2References13
SUSE Linux
SUSE Linux
added 2026/01/22 12:14 p.m.4 views

Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. CVE-2025-68119: cmd/go: unexpected code execution when invoking...

7.6CVSS6.4AI score0.01945EPSS
Exploits2References26
OSV
OSV
added 2026/01/22 12:13 p.m.2 views

SUSE-SU-2026:0219-1 Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

10CVSS6.4AI score0.01945EPSS
Exploits2References14
SUSE Linux
SUSE Linux
added 2026/01/22 12:13 p.m.4 views

Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. CVE-2025-68119: cmd/go: unexpected code execution when invoking...

7.6CVSS6.4AI score0.01945EPSS
Exploits2References26
OSV
OSV
added 2026/01/22 12:12 p.m.3 views

SUSE-SU-2026:0218-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

10CVSS7.7AI score0.01945EPSS
Exploits2References14
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.13 views

Golang 1.25.x < 1.25.6 Multiple Vulnerabilities

The version of Golang running on the remote host is 1.25.x prior to 1.25.6. It is, therefore, affected by multiple vulnerabilities as referenced in advisory. - bypass of flag sanitization can lead to arbitrary code execution. CVE-2025-61731 - unexpected code execution when invoking toolchain...

10CVSS8AI score0.01945EPSS
Exploits2References13
Packet Storm News
Packet Storm News
added 2026/01/13 12:0 a.m.6 views

KryptoPilot: An Open-World Knowledge-Augmented LLM Agent for Automated Cryptographic Exploitation

Capture-the-Flag CTF competitions play a central role in modern cybersecurity as a platform for training practitioners and evaluating offensive and defensive techniques derived from real-world vulnerabilities. Despite recent advances in large language models LLMs, existing LLM-based agents remain...

7AI score
Exploits0
Rows per page
Query Builder