Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
go vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-27294
dp-golang is a Puppet module for Go installations. before 1.2.7, dp-golang could install files — including the compiler binary — with the wrong ownership when Puppet was run as root and the installed package was On macOS: Go version 1.4.3 up to and including 1.21rc3, ...
NA
CVE-2023-50658
The jose2go component prior to 1.6.0 for Go allows malicious users to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
NA
CVE-2024-27359
Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements E...
NA
CVE-2024-25124
Fiber is a web framework written in go. Prior to version 2.52.1, the CORS middleware allows for insecure configurations that could potentially expose the application to multiple CORS-related vulnerabilities. Specifically, it allows setting the Access-Control-Allow-Origin header t...
NA
CVE-2024-22852
D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows malicious users to enable telnet service via a specially crafted payload.
Dlink Go-rt-ac750 Firmware 101b03
NA
CVE-2024-22853
D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote malicious users to obtain root access via a telnet session.
Dlink Go-rt-ac750 Firmware 101b03
NA
CVE-2023-47353
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows malicious users to force the download of arbitrary files.
Imoulife Imou Go 1.0.11
NA
CVE-2024-24579
stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive t...
Anchore Stereoscope
NA
CVE-2024-23840
GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. `goreleaser release --debug` log shows secret values used in the in the custom publisher. This vulnerability is fixed in 1.24.0.
Goreleaser Goreleaser 1.23.0
NA
CVE-2023-6697
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...
Wpgmaps Wp Go Maps
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »