Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-g9vw-6pvx-7gmw
  • Go/github.com/envoyproxy/envoy
 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults 14 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-p768-c3pr-6459
  • Go/go.temporal.io/server
 Temporal OSS Server Vulnerable to Allocation of Resources Without Limits or Throttling 16 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-2gcv-3qpf-c5qr
  • Go/github.com/chaos-mesh/chaos-mesh
 Chaos Controller Manager is vulnerable to OS command injection 19 hours ago
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-2gg8-85m5-8r2p
  • Go/github.com/chaos-mesh/chaos-mesh
 Chaos Mesh's Chaos Controller Manager is Missing Authentication for Critical Function 19 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-369h-6j28-wwcg
  • Go/github.com/chaos-mesh/chaos-mesh
 Chaos Controller Manager is vulnerable to OS command injection 19 hours ago
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-xv9f-728h-9jgv
  • Go/github.com/chaos-mesh/chaos-mesh
 Chaos Controller Manager is vulnerable to OS command injection 19 hours ago
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-3vcm-c42p-3hhf
  • Go/github.com/mattermost/mattermost/server/v8
  • Go/github.com/mattermost/mattermost-server
 Mattermost Missing Authorization vulnerability 19 hours ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-jxmr-2h4q-rhxp
  • Go/github.com/SpectoLabs/hoverfly
 WebSocket endpoint `/api/v2/ws/logs` reachable without authentication even when --auth is enabled 5 days ago
  • Fix available
  • Severity - 7.8 (High)
GHSA-r4h8-hfp2-ggmf
  • Go/github.com/SpectoLabs/hoverfly
 Hoverfly is vulnerable to Remote Code Execution through an insecure middleware implementation 5 days ago
  • No fix available
  • Severity - 9.8 (Critical)
GHSA-rf24-wg77-gq7w
  • Go/github.com/knadh/listmonk
 listmonk: CSRF to XSS Chain can Lead to Admin Account Takeover 6 days ago
  • No fix available
  • Severity - 8.6 (High)
GHSA-93mf-426m-g6x9
  • Go/github.com/coredns/coredns
 CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion 6 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-p46v-f2x8-qp98
  • Go/github.com/prest/prest/v2
 pREST has a Systemic SQL Injection Vulnerability 08 Sep
  • No fix available
  • Severity - 9.3 (Critical)
GO-2025-3916
  • Go/github.com/suyuan32/simple-admin-core
 simple-admin-core SQL Injection vulnerability in github.com/suyuan32/simple-admin-core 08 Sep
  • Fix available
GO-2025-3917
  • Go/github.com/neuvector/neuvector
 NeuVector has an insecure password storage vulnerable to rainbow attack in github.com/neuvector/neuvector 08 Sep
  • No fix available
GO-2025-3918
  • Go/github.com/neuvector/neuvector
 NeuVector admin account has insecure default password in github.com/neuvector/neuvector 08 Sep
  • No fix available
GO-2025-3919
  • Go/github.com/neuvector/neuvector
 NeuVector process with sensitive arguments lead to leakage in github.com/neuvector/neuvector 08 Sep
  • No fix available
Load more...