Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-2mj3-6grc-px38
  • Go/github.com/elastic/beats
  • Go/github.com/elastic/beats/v7
 Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration 2 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-fj69-23m4-ccvv
  • Go/github.com/elastic/beats
  • Go/github.com/elastic/beats/v7
 Elasticsearch Packetbeat has Excessive Allocation of Memory and CPU via Malicious IPv4 Fragments 2 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-3g75-q268-r9r6
  • Go/github.com/aws/amazon-s3-encryption-client-go/v3
 Amazon S3 Encryption Client has a Key Commitment Issue 2 days ago
  • Fix available
  • Severity - 6.0 (Medium)
GHSA-f6mr-38g8-39rg
  • Go/github.com/ollama/ollama
 Ollama Platform has missing authentication enabling attackers to perform model management operations 2 days ago
  • No fix available
  • Severity - 9.3 (Critical)
GHSA-j5vq-62gr-8v3r
  • Go/github.com/mattermost/mattermost-plugin-calls
 Mattermost fails to check Websocket request for proper UTF-8 format potentially crashing Calls plug-in 3 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-x3r8-2hmh-89f5
  • Go/github.com/mattermost/mattermost
  • Go/github.com/mattermost/mattermost-server
  • Go/github.com/mattermost/mattermost/server/v8
 Mattermost has an Invite Token Replay Vulnerability via Channel Membership Manipulation 3 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-gmx5-frv9-9m9f
  • Go/github.com/mattermost/mattermost-plugin-calls
 Mattermost has CSRF vulnerability via Calls Widget page 3 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-jf5h-xfw4-p8gp
  • Go/github.com/mattermost/mattermost
  • Go/github.com/mattermost/mattermost-plugin-github
  • Go/github.com/mattermost/mattermost/server/v8
 Mattermost GitHub Plugin Bot Identity Validation Bypass Allows Arbitrary GitHub Reaction Injection 3 days ago
  • Fix available
  • Severity - 3.0 (Low)
GHSA-q66g-q98c-q454
  • Go/github.com/mattermost/mattermost
  • Go/github.com/mattermost/mattermost/server/v8
 Mattermost has missing redirect URL validation 3 days ago
  • Fix available
  • Severity - 3.1 (Low)
GHSA-cfpf-hrx2-8rv6
  • Go/github.com/expr-lang/expr
 Expr has Denial of Service via Unbounded Recursion in Builtin Functions 4 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-c623-f998-8hhv
  • Go/github.com/emiago/sipgo
 SIPGO is Vulnerable to Response DoS via Nil Pointer Dereference 4 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-wh6m-h6f4-rjf4
  • Go/github.com/abhinavxd/libredesk
 Libredesk has Improper Neutralization of HTML Tags in a Web Page 4 days ago
  • Fix available
  • Severity - 7.3 (High)
GO-2025-4239
  • Go/github.com/altcha-org/altcha-lib-go
 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay in github.com/altcha-org/altcha-lib-go 4 days ago
  • Fix available
GO-2025-4240
  • Go/k8s.io/kubernetes
 Half-blind Server Side Request Forgery in kube-controller-manager through in-tree Portworx StorageClass in k8s.io/kubernetes 4 days ago
  • Fix available
GHSA-6gvq-jcmp-8959
  • Go/github.com/altcha-org/altcha-lib-go
  • Hex/altcha
  • Maven/org.altcha:altcha
  • Packagist/altcha-org/altcha
  • PyPI/altcha
  • ... 2 more
 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay 5 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GO-2025-4161
  • Go/github.com/VictoriaMetrics/VictoriaMetrics
 VictoriaMetrics' Snappy Decoder DoS Vulnerability is Causing OOM in github.com/VictoriaMetrics/VictoriaMetrics 5 days ago
  • Fix available
Load more...