Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-3g2j-vm47-x4mj
  • Go/lxd
 LXD vulnerable to a local privilege escalation through custom storage volumes 3 hours ago
  • No fix available
  • Severity - 8.6 (High)
GHSA-pm3x-jrhh-qcr7
  • Go/github.com/authzed/spicedb
 SpiceDB WriteRelationships fails silently if payload is too big 3 hours ago
  • Fix available
  • Severity - 2.7 (Low)
GHSA-6jqf-mv7m-3q7p
  • Go/github.com/filebrowser/filebrowser/v2
 File Browser has risk of HTTP Request/Response smuggling through vulnerable dependency 4 hours ago
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-6cqf-cfhv-659g
  • Go/github.com/filebrowser/filebrowser
  • Go/github.com/filebrowser/filebrowser/v2
 File Browser is Vulnerable to Insecure Direct Object Reference (IDOR) in Share Deletion Function 4 hours ago
  • Fix available
  • Severity - 7.2 (High)
GHSA-7wq2-32h4-9hc9
  • Go/github.com/aws/aws-advanced-go-wrapper/awssql
 AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance 4 hours ago
  • Fix available
  • Severity - 8.0 (High)
GO-2025-4116
  • Go/golang.org/x/crypto
 Potential denial of service in golang.org/x/crypto/ssh/agent 5 hours ago
  • Fix available
GHSA-56mx-8g9f-5crf
  • Go/github.com/lxc/incus/v6
  • Go/github.com/lxc/incus
 Incus vulnerable to local privilege escalation through custom storage volumes 10 hours ago
  • No fix available
  • Severity - 8.6 (High)
GHSA-mhjq-8c7m-3f7p
  • Go/github.com/milvus-io/milvus
 Milvus Proxy has a Critical Authentication Bypass Vulnerability 11 hours ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-88h9-77c7-p6w4
  • Go/github.com/evervault/evervault-go
 Evervault Go SDK: Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted Enclaves yesterday
  • Fix available
  • Severity - 8.7 (High)
GHSA-vjrc-mh2v-45x6
  • Go/github.com/oauth2-proxy/oauth2-proxy/v7
 OAuth2-Proxy is vulnerable to header smuggling via underscore leading to potential privilege escalation yesterday
  • Fix available
  • Severity - 8.5 (High)
GHSA-vwq2-jx9q-9h9f
  • Go/github.com/charmbracelet/soft-serve
 Soft Serve is vulnerable to SSRF through its Webhooks 3 days ago
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-46xp-26xh-hpqh
  • Go/github.com/kubevirt/kubevirt
 KubeVirt Vulnerable to Arbitrary Host File Read and Write 6 days ago
  • Fix available
  • Severity - 8.5 (High)
GHSA-fv2r-r8mp-pg48
  • Go/github.com/charmbracelet/soft-serve
 Soft Serve does not sanitize ANSI escape sequences in user input 06 Nov
  • Fix available
  • Severity - 4.6 (Medium)
GHSA-2r4r-5x78-mvqf
  • Go/github.com/kubevirt/kubevirt
 KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes 06 Nov
  • Fix available
  • Severity - 5.0 (Medium)
GHSA-7xgm-5prm-v5gc
  • Go/github.com/kubevirt/kubevirt
 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes 06 Nov
  • No fix available
  • Severity - 6.9 (Medium)
GHSA-9m94-w2vq-hcf9
  • Go/github.com/kubevirt/kubevirt
 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation 06 Nov
  • Fix available
  • Severity - 5.3 (Medium)
Load more...