Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-4jmp-x7mh-rgmr
  • Go/github.com/babylonlabs-io/finality-provider
 Finality Provider vulnerable to anti-slashing bypassing due to misconfiguration 4 hours ago
  • No fix available
  • Severity - 8.7 (High)
GHSA-4jj9-cgqc-x9h5
  • Go/github.com/neuvector/neuvector
 NeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM) 4 hours ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-7v39-2hx7-7c43
  • Go/github.com/weaviate/weaviate
 Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip 5 hours ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-hmmh-292h-3364
  • Go/github.com/weaviate/weaviate
 Weaviate OSS has path traversal vulnerability via the Shard Movement API 5 hours ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-fw33-qpx7-rhx2
  • Go/github.com/gardener/gardenctl-v2
 gardenctl is vulnerable to Command Injection when used with non‑POSIX shells yesterday
  • Fix available
  • Severity - 8.0 (High)
GHSA-g754-hx8w-x2g6
  • Go/github.com/quic-go/quic-go
 quic-go HTTP/3 QPACK Header Expansion DoS yesterday
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-5xpq-2vmc-5cqp
  • Go/github.com/1Panel-dev/1Panel
 1Panel contains a cross-site request forgery (CSRF) vulnerability in the panel name management functionality 2 days ago
  • No fix available
  • Severity - 5.1 (Medium)
GHSA-wrvc-x3wf-j5f5
  • Go/github.com/1Panel-dev/1Panel
 1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality 2 days ago
  • No fix available
  • Severity - 7.0 (High)
GHSA-8jqm-8qm3-qgqm
  • Go/github.com/xyproto/algernon
 Algernon Cross-Site Scripting vulnerability 2 days ago
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-rpr2-4hqj-hc4q
  • Go/github.com/1Panel-dev/1Panel
 1Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality 2 days ago
  • No fix available
  • Severity - 7.0 (High)
GHSA-f4cf-9rvr-2rcx
  • Go/github.com/zitadel/zitadel
 Zitadel Discloses the Total Number of Instance Users 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-wqv2-4wpg-8hc9
  • Go/miniflux.app/v2
 Miniflux has an Open Redirect via protocol-relative redirect_url 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-mq8m-42gh-wq7r
  • Go/gogs.io/gogs
 Gogs vulnerable to a bypass of CVE-2024-55947 2 days ago
  • No fix available
  • Severity - 8.7 (High)
GHSA-mjcp-gpgx-ggcg
  • Go/github.com/opentofu/opentofu
 OpenTofu incorrectly validates excluded subdomain constraint in conjunction with TLS certificates containing wildcard SANs 3 days ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-jv3w-x3r3-g6rm
  • Go/github.com/containernetworking/plugins
 CNA Plugins Portmap nftables backend can intercept non-local traffic 3 days ago
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-4r66-7rcv-x46x
  • Go/github.com/siyuan-note/siyuan/kernel
 SiYuan vulnerable to RCE via zip slip and Command Injection via PandocBin 3 days ago
  • No fix available
  • Severity - 8.6 (High)
Load more...