Lucene search
K

9378 matches found

Amazon
Amazon
added 2025/05/13 12:0 a.m.8 views

Important: tomcat

Issue Overview: Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException...

7.5CVSS6.9AI score0.66933EPSS
Exploits5
Amazon
Amazon
added 2025/05/13 12:0 a.m.5 views

Important: kmod-nvidia-latest-dkms

Issue Overview: NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

7.8CVSS7.5AI score0.002EPSS
Exploits0
Amazon
Amazon
added 2025/05/13 12:0 a.m.3 views

Medium: nodejs22

Issue Overview: An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITEDBCONFIGLOOKASIDE component CVE-2025-29088 Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of service via the setupLookaside function...

5.6CVSS6.1AI score0.00169EPSS
Exploits0
Amazon
Amazon
added 2025/05/13 12:0 a.m.3 views

Important: nvidia-open

Issue Overview: NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

7.8CVSS7.5AI score0.002EPSS
Exploits0
Amazon
Amazon
added 2025/05/13 12:0 a.m.12 views

Medium: edk2

Issue Overview: EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability. CVE-2024-38797...

4.6CVSS6.8AI score0.00214EPSS
Exploits0
Amazon
Amazon
added 2025/05/13 12:0 a.m.4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails CVE-2022-49168 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon Linux ...

7.8CVSS6.6AI score0.00274EPSS
Exploits0
Amazon
Amazon
added 2025/05/13 12:0 a.m.4 views

Important: sqlite

Issue Overview: SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908 Affected Packages: sqlite Issue Correction: Run dn...

7.3CVSS8.8AI score0.00425EPSS
Exploits1
Amazon
Amazon
added 2025/05/13 12:0 a.m.16 views

Low: jetty

Issue Overview: For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a...

3.6CVSS6.7AI score0.00963EPSS
Exploits1
Amazon
Amazon
added 2025/05/13 12:0 a.m.6 views

Low: jetty

Issue Overview: For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a...

3.6CVSS6.9AI score0.00963EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.7 views

Amazon Linux 2023 : elfutils, elfutils-default-yama-scope, elfutils-devel (ALAS2023-2025-969)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-969 advisory. A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function libdwthreadtail in the library libdwalloc.c of the component eu-readelf...

7.8CVSS5.1AI score0.00614EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.10 views

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2025-965)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-965 advisory. Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a...

9.8CVSS7.8AI score0.66933EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.11 views

Amazon Linux 2023 : libnvidia-nscq (ALAS2023NVIDIA-2025-067)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-067 advisory. NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code...

7.8CVSS7.4AI score0.002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.10 views

Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2025-966)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-966 advisory. An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITEDBCONFIGLOOKASIDE component CVE-2025-29088 Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0...

5.6CVSS6.4AI score0.00169EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.14 views

Amazon Linux AMI : kernel (ALAS-2025-1977)

The version of kernel installed on the remote host is prior to 4.14.355-196.643. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1977 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fai...

7.8CVSS6.5AI score0.00274EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.8 views

Amazon Linux 2023 : cuda-compat-12-8 (ALAS2023NVIDIA-2025-072)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-072 advisory. NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code...

7.8CVSS7.4AI score0.002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.12 views

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2025-963)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-963 advisory. In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead...

7.5CVSS6.6AI score0.00527EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.21 views

Amazon Linux 2 : kernel (ALAS-2025-2854)

The version of kernel installed on the remote host is prior to 4.14.355-277.643. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2854 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit...

7.8CVSS6.4AI score0.00274EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.9 views

Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2025-964)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-964 advisory. Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a...

9.8CVSS7.8AI score0.66933EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.5 views

Amazon Linux 2023 : cuda-drivers (ALAS2023NVIDIA-2025-071)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-071 advisory. NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code...

7.8CVSS7.4AI score0.002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.10 views

Amazon Linux 2023 : libsoup3, libsoup3-devel (ALAS2023-2025-961)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-961 advisory. A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times i...

7.5CVSS6.5AI score0.00637EPSS
Exploits0References8
Rows per page
Query Builder