Lucene search
K

9394 matches found

Amazon
Amazon
added 2025/11/10 12:0 a.m.10 views

Low: lz4

Issue Overview: No CVE associated with this advisory Affected Packages: lz4 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update lz4 or yum update --advisory...

5.8AI score
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.5 views

Low: lz4

Issue Overview: No CVE associated with this advisory Affected Packages: lz4 Issue Correction: Run dnf update lz4 --releasever 2023.9.20251110 or dnf update --advisory ALAS2023-2025-1266 --releasever 2023.9.20251110 to update your system. More information on how to update your system can be found ...

6.5AI score
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.3 views

Important: webkitgtk4

Issue Overview: The issue was addressed with improved memory handling. This issue is fixed in Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash. CVE-2025-43272 A correctness issue was address...

9.8CVSS6AI score0.00952EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr CVE-2022-50516 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon Linux 2 AL2...

5.5CVSS6.6AI score0.00155EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr CVE-2022-50516 In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible double unlock when moving a directory CVE-2023-53626 Affected...

7.8CVSS6.5AI score0.00202EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.3 views

Medium: tomcat

Issue Overview: Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage...

5.3CVSS6.9AI score0.01139EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.9 views

Important: runfinch-finch

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

7.5CVSS8.8AI score0.00626EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.3 views

Important: amazon-ecr-credential-helper

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

7.5CVSS8.8AI score0.00626EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.6 views

Important: amazon-ecr-credential-helper

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

7.5CVSS8.8AI score0.00626EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.5 views

Important: kernel-livepatch-6.12.48-67.114

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-39955 Affected Packages: kernel-livepatch-6.12.48-67.114 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS7.8AI score0.00144EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.4 views

Important: kernel-livepatch-6.1.153-175.280

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-39955 Affected Packages: kernel-livepatch-6.1.153-175.280 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS7.8AI score0.00144EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.9 views

Medium: fontforge

Issue Overview: FontForge v20230101 was discovered to contain a memory leak via the component DlgCreate8. CVE-2025-50949 Affected Packages: fontforge Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

6.5CVSS7.4AI score0.00239EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/10 12:0 a.m.5 views

Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2025-009 (ALASGIMP-2025-009)

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2GIMP-2025-009 advisory. GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers t...

7.8CVSS7.9AI score0.00452EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/10 12:0 a.m.8 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-114 (ALASKERNEL-5.4-2025-114)

The version of kernel installed on the remote host is prior to 5.4.301-221.445. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-114 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of...

5.5CVSS6.7AI score0.00274EPSS
Exploits1References80
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.6 views

Amazon Linux 2023 : libnvsdm (ALAS2023NVIDIA-2025-249)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-249 advisory. NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalatio...

7CVSS6.2AI score0.00224EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.2 views

Amazon Linux 2023 : kmod-nvidia-latest-dkms (ALAS2023NVIDIA-2025-253)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-253 advisory. NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalatio...

7CVSS6.2AI score0.00224EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.4 views

Amazon Linux 2023 : kmod-nvidia-open-dkms (ALAS2023NVIDIA-2025-252)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-252 advisory. NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalatio...

7CVSS6.2AI score0.00224EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.10 views

Amazon Linux 2023 : nvidia-xconfig (ALAS2023NVIDIA-2025-241)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-241 advisory. NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalatio...

7CVSS6.2AI score0.00224EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.10 views

Amazon Linux 2023 : nvidia, nvidia-fabric-manager (ALAS2023NVIDIA-2025-248)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-248 advisory. NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalatio...

7CVSS6.2AI score0.00224EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.6 views

Amazon Linux 2023 : nvidia-modprobe (ALAS2023NVIDIA-2025-244)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-244 advisory. NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalatio...

7CVSS6.2AI score0.00224EPSS
Exploits0References14
Rows per page
Query Builder