Vulnerability Database
Blog
FAQ
Vulnerability Library
search
All ecosystems
66750
AlmaLinux
2297
Alpine
3242
Android
773
CRAN
3
crates.io
1198
Debian
9431
GitHub Actions
11
Go
1626
Hackage
14
Hex
23
Linux
13573
Maven
3938
npm
12309
NuGet
510
OSS-Fuzz
2962
Packagist
2221
Pub
6
PyPI
10911
Rocky Linux
980
RubyGems
722
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-m9xq-6h2j-65r2
Go/github.com/gomarkdown/markdown
Out-of-bounds Read while parsing citations
See details.
2023-09-22T19:59:49Z
Fix available
GHSA-x4hh-vjm7-g2jv
Go/github.com/contribsys/faktory
Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input
See details.
2023-09-20T22:51:09Z
Fix available
GHSA-364c-vvqx-446c
Go/github.com/schollz/croc/v9
Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device
See details.
2023-09-20T06:30:50Z
No fix available
GHSA-7g3v-4ggr-xvjf
Go/github.com/schollz/croc/v9
Croc may expose secret to local users
See details.
2023-09-20T06:30:50Z
No fix available
GHSA-7mp6-929p-pqhj
Go/github.com/schollz/croc/v9
Croc requires senders to provide local IP addresses in cleartext
See details.
2023-09-20T06:30:50Z
No fix available
GHSA-8c8w-f7wp-2jr2
Go/github.com/schollz/croc
Sender can cause a receiver to overwrite files during ZIP extraction in Croc
See details.
2023-09-20T06:30:50Z
No fix available
GHSA-hp56-xvf4-g6wr
Go/github.com/schollz/croc/v9
Cros secrets may be disclosed to untrusted relay
See details.
2023-09-20T06:30:50Z
No fix available
GHSA-ppjh-xp5v-46wc
Go/github.com/schollz/croc/v9
Croc sender may send dangerous new files to receiver
See details.
2023-09-20T06:30:50Z
No fix available
GHSA-vpjc-4jcv-jc29
Go/github.com/nats-io/nats-server
NATS nats-server allows directory traversal via unintended path to a management action
See details.
2023-09-19T03:30:34Z
Fix available
GHSA-2g7r-9xq5-c6hv
Go/github.com/usememos/memos
Cross-Site Request Forgery (CSRF) in usememos/memos
See details.
2023-09-18T06:30:14Z
Fix available
GHSA-v84f-6r39-cpfc
Go/github.com/hashicorp/vault
Go/github.com/hashicorp/vault
Go/github.com/hashicorp/vault
HashiCorp Vault Improper Input Validation vulnerability
See details.
2023-09-15T00:30:29Z
Fix available
GO-2023-2048
Go/github.com/cyphar/filepath-securejoin
Paths outside of the rootfs could be produced on Windows
See details.
2023-09-13T19:45:03Z
Fix available
GO-2023-2024
Go/github.com/libp2p/go-libp2p
libp2p nodes vulnerable to OOM attack
See details.
2023-09-13T16:37:01Z
Fix available
GO-2023-2052
Go/github.com/gofiber/fiber/v2
IsFromLocal local address check can be circumvented in github.com/gofiber/fiber/v2
See details.
2023-09-12T17:31:22Z
Fix available
GHSA-j7hp-h8jx-5ppr
crates.io/libwebp-sys2
crates.io/libwebp-sys
npm/electron
npm/electron
npm/electron
npm/electron
npm/electron
NuGet/SkiaSharp
Go/github.com/chai2010/webp
libwebp: OOB write in BuildHuffmanTable
2.80.0
2.80.1
2.80.2
2.80.3
2.80.4
2.88.0
2.88.1
...
2023-09-12T15:30:20Z
Fix available
GHSA-p45j-vfv5-wprq
Go/github.com/rancher/rke2
Go/github.com/rancher/rke2
Go/github.com/rancher/rke2
Go/github.com/rancher/rke2
Go/github.com/rancher/rke2
RKE2 supervisor port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack
See details.
2023-09-11T13:47:16Z
Fix available
Load more...
Go - OSV