Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github.com vulnerabilities and exploits
(subscribe to this query)
9.6
CVSSv3
CVE-2023-52139
Misskey is an open source, decentralized social media platform. Third-party applications may be able to access some endpoints or Websocket APIs that are incorrectly specified as [kind](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/b...
Misskey Misskey
7.8
CVSSv3
CVE-2021-29606
TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of `Split_V`(https://github.com/tensorflow/tensorflow/blob/c59c37e7b2d563967da813fa50fe20b21f4da683/tensorflow/li...
7.5
CVSSv3
CVE-2020-36568
Unsanitized input in the query parser in github.com/revel/revel before v1.0.0 allows remote malicious users to cause resource exhaustion via memory allocation.
Revel Revel
7.5
CVSSv3
CVE-2021-23409
The package github.com/pires/go-proxyproto prior to 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.
Go-proxyproto Project Go-proxyproto
7.5
CVSSv3
CVE-2020-7711
This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
Goxmldsig Project Goxmldsig
7.5
CVSSv3
CVE-2019-25073
Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote malicious users to read files outside of the intended directory.
Goa.design Goa
9.8
CVSSv3
CVE-2023-31062
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 up to and including 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by se...
Apache Inlong
7.5
CVSSv3
CVE-2021-29499
SIF is an open source implementation of the Singularity Container Image Format. The `siftool new` command and func siftool.New() produce predictable UUID identifiers due to insecure randomness in the version of the `github.com/satori/go.uuid` module used as a dependency. A patch ...
7.5
CVSSv3
CVE-2020-7731
This affects all versions <0.7.0 of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
Gosaml2 Project Gosaml2
5.5
CVSSv3
CVE-2021-29544
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee04...
Google Tensorflow
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »