| CVE-2025-68121 |
critical |
10.0 |
10.0 |
|
|
|
17d ago |
Unexpected session resumption in crypto/tls |
| CVE-2015-5740 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
Request smuggling due to improper header parsing in net/http |
| CVE-2015-5739 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
Request smuggling due to improper header parsing in net/http |
| CVE-2023-29403 |
critical |
— |
9.5 |
|
|
|
3y ago |
RHSA-2023:3922: go-toolset:rhel8 security update (Critical) |
| CVE-2025-22871 |
critical |
9.1 |
9.1 |
|
|
|
10mo ago |
Moderate: git-lfs security update |
| CVE-2025-22873 |
low |
— |
2.5 |
|
|
|
4mo ago |
It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. This escape o… |
| CVE-2020-0601 |
unknown |
— |
2.5 |
|
|
|
4y ago |
Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by usin… |
| CVE-2021-27919 |
low |
— |
2.5 |
|
|
|
5y ago |
archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any fi… |
