Lucene search
K

9378 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.9 views

CVE-2022-34266

The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service application crash, a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset function within...

5.5CVSS6.8AI score0.0125EPSS
Exploits1References1
Amazon
Amazon
added 2025/05/13 12:0 a.m.7 views

Medium: nodejs22

Issue Overview: An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITEDBCONFIGLOOKASIDE component CVE-2025-29088 Affected Packages: nodejs22 Issue Correction: Run dnf update nodejs22 --releasever 2023.7.20250512 to update your system. New Packages: aarch64: ...

7.5CVSS8.9AI score0.00169EPSS
Exploits0
Amazon
Amazon
added 2025/05/13 12:0 a.m.3 views

Medium: openvpn

Issue Overview: OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase CVE-2025-2704 Affected Packages: openvpn Issue Correction: Run dnf update openvpn...

7.5CVSS6.9AI score0.00784EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.8 views

Amazon Linux 2 : jetty (ALAS-2025-2855)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2855 advisory. For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On...

3.6CVSS6.8AI score0.00963EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.17 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2025-099)

The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-099 advisory. A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users d...

7.8CVSS6.3AI score0.01028EPSS
Exploits1References58
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.7 views

Amazon Linux 2023 : kmod-nvidia-open-dkms (ALAS2023NVIDIA-2025-069)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-069 advisory. NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code...

7.8CVSS7.4AI score0.002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.7 views

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2025-968)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-968 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which...

9.1CVSS7.3AI score0.00724EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.13 views

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-091)

The version of kernel installed on the remote host is prior to 5.10.236-228.935. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-091 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if...

7.8CVSS6.6AI score0.00274EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.10 views

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-071)

The version of kernel installed on the remote host is prior to 5.15.180-123.192. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.15-2025-071 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit...

7.8CVSS6.4AI score0.00274EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.6 views

Amazon Linux 2023 : nvidia-open (ALAS2023NVIDIA-2025-061)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-061 advisory. NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code...

7.8CVSS7.4AI score0.002EPSS
Exploits0References4
Amazon
Amazon
added 2025/05/13 12:0 a.m.3 views

Medium: pcs

Issue Overview: Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrar...

5.4CVSS7AI score0.00476EPSS
Exploits0
Amazon
Amazon
added 2025/05/13 12:0 a.m.15 views

Medium: pcs

Issue Overview: Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrar...

5.4CVSS6.9AI score0.00476EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.7 views

Amazon Linux 2023 : javapackages-bootstrap (ALAS2023-2025-970)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-970 advisory. Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted inpu...

4.3CVSS6.5AI score0.01249EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.6 views

Amazon Linux 2023 : openvpn, openvpn-devel (ALAS2023-2025-967)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-967 advisory. OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...

7.5CVSS6.5AI score0.00784EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.8 views

Amazon Linux 2023 : gnuplot-common, gnuplot-latex, gnuplot-minimal (ALAS2023-2025-960)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-960 advisory. A flaw was found in GNUPlot. A segmentation fault via IOstrinitstaticinternal may jeopardize the environment. CVE-2025-3359 Tenable has extracted the preceding description block directly from the tested...

6.2CVSS6.1AI score0.00181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.21 views

Amazon Linux 2023 : lemon, sqlite, sqlite-analyzer (ALAS2023-2025-971)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-971 advisory. SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such ...

7.3CVSS6.5AI score0.00425EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.6 views

Amazon Linux 2023 : kmod-nvidia-latest-dkms (ALAS2023NVIDIA-2025-070)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-070 advisory. NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code...

7.8CVSS7.4AI score0.002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.12 views

Amazon Linux 2023 : nvidia-persistenced (ALAS2023NVIDIA-2025-060)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-060 advisory. NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code...

7.8CVSS7.4AI score0.002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.7 views

Amazon Linux 2 : edk2 (ALAS-2025-2852)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2852 advisory. EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this...

4.6CVSS6AI score0.00214EPSS
Exploits0References4
Amazon
Amazon
added 2025/05/13 12:0 a.m.6 views

Medium: gnuplot

Issue Overview: A flaw was found in GNUPlot. A segmentation fault via IOstrinitstaticinternal may jeopardize the environment. CVE-2025-3359 Affected Packages: gnuplot Issue Correction: Run dnf update gnuplot --releasever 2023.7.20250512 or dnf update --advisory ALAS2023-2025-960 --releasever...

6.2CVSS6.7AI score0.00181EPSS
Exploits0
Rows per page
Query Builder