CVE Daily
← All tags

Tag: Go

All CVEs associated with "Go". Page 13/13 • 1450 CVEs.

Subscribe CVEs: RSS for “Go”  ·  RSS (High+Critical only)

About “Go”

A curated feed of “Go”-related CVEs appears below. We currently track 1450 CVEs for this tag (all time). In the last 365 days, 476 were published. Average CVSS is 6.9 (all time; 6.8 over 365d), and 53% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-918 - Server-Side Request Forgery (SSRF).

In our taxonomy this topic maps to a LOW impact class. Language runtimes and libraries cascade through dependency graphs. Upgrade runtime and toolchain, pin versions, rebuild images, and enable SAST or DAST and linters. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2006-03-10
Medium

CVE-2006-1151

Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject arbitrary web script or HTML via the go parameter.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-1152

PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the…

CVSS: 5.0 CWE: N/A View on NVD
2006-01-09
High

CVE-2006-0144

The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that p…

CVSS: 7.5 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
2005-12-14
High

CVE-2005-4227

Multiple "potential" SQL injection vulnerabilities in DCP-Portal 6.1.1 might allow remote attackers to execute arbitrary SQL commands via (1) the password and username parameters in advertiser.php, (…

CVSS: 7.5 CWE: N/A View on NVD
2005-11-03
High

CVE-2005-3483

Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2005-08-17
Low

CVE-2005-2602

Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks.

CVSS: 2.6 CWE: N/A View on NVD
2002-10-04
High

CVE-2002-0958

Cross-site scripting vulnerability in browse.php for PHP(Reactor) 1.2.7 allows remote attackers to execute script as other users via the go parameter in the comments section.

CVSS: 7.5 CWE: N/A View on NVD
2000-10-20
Medium

CVE-2000-0724

The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files.

CVSS: 6.2 CWE: N/A View on NVD
2000-06-19
Medium

CVE-2000-0620

libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop.

CVSS: 5.0 CWE: N/A View on NVD
1999-12-12
Low

CVE-1999-1009

The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.

CVSS: 2.6 CWE: N/A View on NVD