Lucene search
K

1244 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Amazon Linux 2023 : ecs-init (ALAS2023-2026-1906)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1906 advisory. Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus ha...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : aspnetcore-runtime-9.0, aspnetcore-runtime-dbg-9.0, aspnetcore-targeting-pack-9.0 (ALAS2023-2026-1868)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1868 advisory. Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Improper link resolution before file access 'link following' in .NET allows an...

7.8CVSS5.8AI score0.0243EPSS
Exploits0References8
Amazon
Amazon
added 2026/06/22 12:0 a.m.14 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

5.9AI score0.00412EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.11 views

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1837)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1837 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.0032EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.23 views

Amazon Linux 2023 : jq, jq-devel (ALAS2023-2026-1860)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1860 advisory. jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow CVE-2026-49839 Tenable has extracted the preceding description block directly from the tested product security advisor...

7.1CVSS6AI score0.00165EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.11 views

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1881)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1881 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl CVE-2026-31709 Tenable has extracted the preceding description...

8.8CVSS6.6AI score0.00259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1878)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1878 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6.2AI score0.00939EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.13 views

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1863)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1863 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 In the Linux kernel, the following vulnerability has...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

Amazon Linux 2023 : freerdp, freerdp-devel, freerdp-libs (ALAS2023-2026-1822)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1822 advisory. FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because...

9.8CVSS6.5AI score0.03453EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

Amazon Linux 2023 : python3-mako (ALAS2023-2026-1846)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1846 advisory. Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.gettemplate is vulnerable to path traversal when a URI starts with // e.g., //../../../secret.txt. The root cause is an...

8.7CVSS5.9AI score0.00361EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.17 views

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1839)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1839 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.0032EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : mariadb-connector-c, mariadb-connector-c-config, mariadb-connector-c-devel (ALAS2023-2026-1873)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1873 advisory. An application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injection...

9.8CVSS5.9AI score0.00419EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2023 : perl-DBI, perl-DBI-tests (ALAS2023-2026-1850)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1850 advisory. DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of t...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.10 views

Amazon Linux 2023 : python3-click (ALAS2023-2026-1854)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1854 advisory. Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account. CVE-2026-72...

7.2CVSS6.1AI score0.0081EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.10 views

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1893)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1893 advisory. A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A remote attacker could send a specially crafted HTTP/2 request that triggers disproportionately...

7.5CVSS6.2AI score0.00815EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : mariadb114, mariadb114-backup, mariadb114-client-utils (ALAS2023-2026-1845)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1845 advisory. During the SST the donor node is interpolating parameters that the joiner sent into the command line. Not all parameters were properly validated which could allow a malicious joiner to execute...

9.8CVSS6.3AI score0.00567EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.12 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1882)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1882 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: mm: fix VA-range sanity check CVE-2023-53989 In the Linux kernel, the following vulnerability has been resolved:...

9.8CVSS6.7AI score0.00554EPSS
Exploits13References180
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1862)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1862 advisory. Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip...

8.8CVSS7.8AI score0.00917EPSS
Exploits1References26
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

Amazon Linux 2023 : soci-snapshotter (ALAS2023-2026-1884)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1884 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an...

9.6CVSS6.9AI score0.00939EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.13 views

Amazon Linux 2023 : mariadb114, mariadb114-backup, mariadb114-client-utils (ALAS2023-2026-1827)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1827 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable...

6.5CVSS6.8AI score0.00303EPSS
Exploits1References6
Rows per page
Query Builder