Lucene search
K

801 matches found

Amazon
Amazon
added 2022/12/14 12:0 a.m.4 views

Medium: kernel

Issue Overview: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver, resulting in a PCIe link disconnect. CVE-2022-3169 Affected Packages: kernel Note:...

5.5CVSS6.5AI score0.03651EPSS
Exploits0
Amazon
Amazon
added 2022/12/08 12:0 a.m.4 views

Important: kernel-livepatch-4.14.290-217.505

Issue Overview: A use-after-free flaw was found in route4change in the net/sched/clsroute.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem. CVE-2022-2588 Affected Packages:...

7.8CVSS6.8AI score0.06214EPSS
Exploits7
Amazon
Amazon
added 2022/10/24 12:0 a.m.4 views

Medium: java-1.8.0-amazon-corretto

Issue Overview: 2023-05-11: CVE-2022-21618 and CVE-2022-39399 have changed status to NOT AFFECTED for this package and have been removed from this advisory. Title: Improve NTLM support writeSecurityBuffer writes a serialized security buffer to be used for NTLM auth. One of the fields that are...

5.3CVSS7.2AI score0.02376EPSS
Exploits0
Amazon
Amazon
added 2022/10/11 12:0 a.m.7 views

Medium: containerd, docker

Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: containerd, docker Note: This advisory is applicabl...

7.5CVSS6.9AI score0.02513EPSS
Exploits0
OSV
OSV
added 2022/07/19 8:15 p.m.5 views

ALPINE-CVE-2022-34266

The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service application crash, a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset function within...

5.5CVSS6.9AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2022/07/19 8:15 p.m.0 views

UBUNTU-CVE-2022-34266

The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service application crash, a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset function within...

5.5CVSS6.7AI score0.00253EPSS
Exploits0References3
Amazon
Amazon
added 2022/07/15 12:0 a.m.8 views

Important: kernel-livepatch-5.10.112-108.499

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. CVE-2022-1966 Affected Packages: kernel-livepatch-5.10.112-108.499 Issue...

6.8AI score
Exploits5
Amazon
Amazon
added 2022/07/15 12:0 a.m.5 views

Important: kernel-livepatch-5.10.109-104.500

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. CVE-2022-1966 Affected Packages: kernel-livepatch-5.10.109-104.500 Issue...

6.8AI score
Exploits5
Amazon
Amazon
added 2022/07/15 12:0 a.m.10 views

Important: kernel-livepatch-5.10.118-111.515

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. CVE-2022-1966 Affected Packages: kernel-livepatch-5.10.118-111.515 Issue...

6.8AI score
Exploits5
Amazon
Amazon
added 2022/06/09 12:0 a.m.6 views

Medium: containerd

Issue Overview: A bug was found in containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API. This can cause containerd to consume all available memory on the computer, denying service to...

5.5CVSS6.9AI score0.00377EPSS
Exploits0
Amazon
Amazon
added 2022/04/27 12:0 a.m.3 views

Medium: containerd, docker

Issue Overview: A flaw was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when...

5.9CVSS6.9AI score0.00492EPSS
Exploits0
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.7 views

Amazon Linux 安全漏洞

Amazon Linux AMI is an application. A supported and maintained Linux image provided by Amazon Web Services for the Amazon Elastic Compute Cloud Amazon EC2. A security vulnerability exists in Amazon Linux 1 and Amazon Linux 2 that stems from an incomplete fix in the log4j-cve-2021-44228-hotpatch...

10CVSS7.4AI score0.99999EPSS
Exploits348References3
Amazon
Amazon
added 2022/04/19 12:0 a.m.5 views

Important: kernel

Issue Overview: Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel CVE-2022-20368 A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality. This flaw allows a local user to crash or escalate their privileges on the system...

7.8CVSS5.4AI score0.05524EPSS
Exploits3
Amazon
Amazon
added 2022/01/28 12:0 a.m.3 views

Important: kernel

Issue Overview: An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information. The issue results from no...

7.8CVSS6.6AI score0.09808EPSS
Exploits6
Amazon
Amazon
added 2022/01/28 12:0 a.m.11 views

Medium: kernel

Issue Overview: A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is not protected by lock-in vtioctl KDSETMDE. The highest threat from this vulnerability is to data confidentiality...

7CVSS6.7AI score0.00364EPSS
Exploits1
Amazon
Amazon
added 2021/12/18 12:0 a.m.7 views

Medium: kernel-livepatch-4.14.246-187.474

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-4.14.246-187.474 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-4.14.246-187.474 or yum update --advisory ALAS2LIVEPATCH-2021-072 to update your system. New...

4.4CVSS7AI score0.0052EPSS
Exploits1
Amazon
Amazon
added 2021/12/18 12:0 a.m.3 views

Medium: kernel-livepatch-4.14.252-195.481

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-4.14.252-195.481 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-4.14.252-195.481 or yum update --advisory ALAS2LIVEPATCH-2021-070 to update your system. New...

4.4CVSS7AI score0.0052EPSS
Exploits1
Amazon
Amazon
added 2021/12/18 12:0 a.m.5 views

Medium: kernel-livepatch-4.14.252-195.483

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-4.14.252-195.483 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-4.14.252-195.483 or yum update --advisory ALAS2LIVEPATCH-2021-069 to update your system. New...

4.4CVSS7AI score0.0052EPSS
Exploits1
Amazon
Amazon
added 2021/11/18 12:0 a.m.6 views

Medium: docker

Issue Overview: Lack of content verification in Docker-CE Also known as Moby versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing...

6.5CVSS6.8AI score0.0247EPSS
Exploits0
Amazon
Amazon
added 2021/11/18 12:0 a.m.7 views

Medium: containerd

Issue Overview: A flaw was found in containerd. Credentials may be leaked during an image pull. CVE-2020-15157 Affected Packages: containerd Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for t...

6.1CVSS6.8AI score0.02209EPSS
Exploits1
Rows per page
Query Builder