Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
BIT-golang-2025-68119
  • Bitnami/golang
 Unexpected code execution when invoking toolchain in cmd/go yesterday
  • Fix available
  • Severity - 7.0 (High)
BIT-golang-2025-61731
  • Bitnami/golang
 Arbitrary file write using cgo pkg-config directive in cmd/go yesterday
  • Fix available
  • Severity - 7.8 (High)
BIT-golang-2025-61730
  • Bitnami/golang
 Handshake messages may be processed at the incorrect encryption level in crypto/tls yesterday
  • Fix available
  • Severity - 6.2 (Medium)
BIT-joomla-2025-63083
  • Bitnami/joomla
 Joomla! Core - [20260102] - XSS vector in the pagebreak plugin yesterday
  • Fix available
  • Severity - 5.9 (Medium)
BIT-golang-2025-61728
  • Bitnami/golang
 Excessive CPU consumption when building archive index in archive/zip yesterday
  • Fix available
  • Severity - 6.5 (Medium)
BIT-joomla-2025-63082
  • Bitnami/joomla
 Joomla! Core - [20260101] - Inadequate content filtering for data URLs yesterday
  • Fix available
  • Severity - 5.9 (Medium)
BIT-golang-2025-61726
  • Bitnami/golang
 Memory exhaustion in query parameter parsing in net/url yesterday
  • Fix available
  • Severity - 7.5 (High)
BIT-mastodon-2026-23964
  • Bitnami/mastodon
 Mastodon has insufficient access control to push notification settings yesterday
  • Fix available
  • Severity - 6.5 (Medium)
BIT-discourse-2026-23743
  • Bitnami/discourse
 Discourse allows permalinks to restricted resources to leak resource slugs to unauthorized users yesterday
  • Fix available
  • Severity - 6.9 (Medium)
BIT-gitea-2026-20912
  • Bitnami/gitea
 Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure 2 days ago
  • Fix available
  • Severity - 9.1 (Critical)
BIT-gitea-2026-20904
  • Bitnami/gitea
 Gitea: Broken access control in OpenID visibility toggle enables cross-user visibility changes 2 days ago
  • Fix available
  • Severity - 6.5 (Medium)
BIT-gitea-2026-20897
  • Bitnami/gitea
 Gitea Git LFS Lock Deletion Broken Access Control (Cross-Repo IDOR) 2 days ago
  • Fix available
  • Severity - 9.1 (Critical)
BIT-gitea-2026-20888
  • Bitnami/gitea
 Gitea Pull Requests Auto-Merge: Read-Only Users Can Cancel Scheduled Auto-Merge via Web Endpoint (Authorization Bypass) 2 days ago
  • Fix available
  • Severity - 4.3 (Medium)
BIT-gitea-2026-20883
  • Bitnami/gitea
 Gitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information Disclosure 2 days ago
  • Fix available
  • Severity - 6.5 (Medium)
BIT-gitea-2026-20800
  • Bitnami/gitea
 Notification API Leaks Private Repository Issue Titles After Collaborator Permission Revocation 2 days ago
  • Fix available
  • Severity - 6.5 (Medium)
BIT-gitea-2026-20750
  • Bitnami/gitea
 Gitea Organization Projects Cross-Organization Authorization Bypass via Project ID (IDOR) 2 days ago
  • Fix available
  • Severity - 9.1 (Critical)
Load more...