Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-36568
Unsanitized input in the query parser in github.com/revel/revel before v1.0.0 allows remote malicious users to cause resource exhaustion via memory allocation.
Revel Revel
NA
CVE-2023-52139
Misskey is an open source, decentralized social media platform. Third-party applications may be able to access some endpoints or Websocket APIs that are incorrectly specified as [kind](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/b...
Misskey Misskey
4.6
CVSSv2
CVE-2021-29606
TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of `Split_V`(https://github.com/tensorflow/tensorflow/blob/c59c37e7b2d563967da813fa50fe20b21f4da683/tensorflow/li...
5
CVSSv2
CVE-2021-23409
The package github.com/pires/go-proxyproto prior to 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.
Go-proxyproto Project Go-proxyproto
5
CVSSv2
CVE-2020-7711
This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
Goxmldsig Project Goxmldsig
NA
CVE-2019-25073
Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote malicious users to read files outside of the intended directory.
Goa.design Goa
5
CVSSv2
CVE-2020-7731
This affects all versions <0.7.0 of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
Gosaml2 Project Gosaml2
NA
CVE-2023-31062
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 up to and including 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by se...
Apache Inlong
4
CVSSv2
CVE-2021-29499
SIF is an open source implementation of the Singularity Container Image Format. The `siftool new` command and func siftool.New() produce predictable UUID identifiers due to insecure randomness in the version of the `github.com/satori/go.uuid` module used as a dependency. A patch ...
7.5
CVSSv2
CVE-2021-21403
In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.
Kongchuanhujiao Project Kongchuanhujiao
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »